About qubenetworks

qubenetworks · 08-21-2009

Hi all, today we had a failover event on a pair of asa5505's running 7.2(4). The standby took over fine and no impact was seen to traffic, strangely, after 58 minutes the primary came back and took over. Running show fail on both units gives the corr...

qubenetworks · 02-02-2009

Hi all, I have a problem with an ASA (5520 8.0(4)) failing to work with a port based acl for remote clients. I have a simple one line acl for the split traffic, if I permit IP the tunnel works fine, if I lock it down to TCP 3389 then rdp will not wor...

qubenetworks · 08-29-2008

Hi All, I have 2 css11503's in one armed active/passive mode. I have applied ssl certs on both boxes, one of them gives me the message that key and file are not valid (works fine on primary), I've done a show ssl file and the cert in question is ther...

qubenetworks · 08-06-2008

Hi all, I have 2 css11503's in active/passive redundancy config. When using the commit_redundConfig command the ssl does not copy across correctly. I have cleared the standby box and started again, but with no luck. The config guides I have found off...

qubenetworks · 09-06-2007

Hi, we recently set up a l2l vpn between a pix 515e running 7.0(5) and a netscreen 5XT. The standy pix reports attempts to send an IKE packet from standby unit, it is now crashing 3 -4 times a day, I feel the 2 issues must be related but am at a loss...

qubenetworks · 01-06-2010

We've seen this before when moving firewalls, if you can co-ordinate with your ISP to do a 'clear ip arp xxx.xxx.xxx.xxx' for the problem address' on the upstream layer 3 device it should clear the issue, if they dont maybe you could ask them to redu...

qubenetworks · 08-24-2009

Hi Mike, thanks for the tip, afraid the output gives nothing useful on the active and a 'hello not heard from mate' on the standby - once again seeming to indicate the active unit stopped processing IP packets. The customers traffic is quite low and ...

qubenetworks · 02-03-2009

Many thanks, that has cleared it up for me, interestingly the port based acl does seem to work on the webvpn.

qubenetworks · 09-01-2008

Thanks Giles, I opened a TAC case and finally got it resolved, I had to import a different file, copy that to the corrupt one (in llama)::ap_file copy c:/CertStore/ssl/good.pem c:/CertStore/ssl/bad.pembackout of llama and I could then delete the fil...

qubenetworks · 08-13-2008

Thanks,got the boxes set up in active passive mode, in a one arm bandit type config, thats all fine, I just cant find anything anywhere that tells me if I have to set up the ssl part seperately on both boxes, coming to the conclusion I will have to d...

Member Since	‎07-20-2007 03:45 AM
Date Last Visited	‎04-05-2019 06:12 AM
Posts	13

User Statistics

User Activity

asa5505 failover - then inconsistent state times in sh fail

ASA 5520 8.0(4) port based vpn acl not working

CSS11503 - Won't delete ssl cert file

css 11503 ssl in box to box redundancy

standby pix crashes frequently after creating vpn to netscreen 5XT

Re: Network Trouble

Re: asa5505 failover - then inconsistent state times in sh fail

Re: ASA 5520 8.0(4) port based vpn acl not working

Re: CSS11503 - Won't delete ssl cert file

Re: css 11503 ssl in box to box redundancy