About mdzaf

mdzaf · 07-07-2025

Hi, I have Anyconnect on Cisco FTD. It is integrated with Microsoft AD via LDAP and i do LDAP attribute mapping based on AD group and FTD policy so different user have different privileges. I need to setup to this user 2FA with DUO so i installed Duo...

mdzaf · 07-03-2025

Hi, I have dmvpn network with 2 hubs and spokes. Spokes have 2 separate mgre tunnel to the each hub (primary and secondary). For routing i am using eigrp.On the Primary Hub i see route to the network which is network between secondary hub and spokes ...

mdzaf · 06-13-2025

Hello, I have dmvpn with hub and spoke topology. I route all traffic from spoke to HUB. So i have phsyical wan interface in vrf internet, point tunnel interface source vrf Internet, and have default route in that vrf internet. When i test speed it is...

mdzaf · 07-07-2025

Hi, on primary tunnel going to hub1 i dont modify delay. I modify and make delay higher on secondary tunnel. So spoke always use route to DC network advertise by hub1 because it has lower cost. When hub1 failed, or wan connection on hub1 failed, eigr...

mdzaf · 07-07-2025

Hi, There is no chance that spoke1 have health want to hub1 and spoke2 have healt wan to hub2 (i mean spoke have 2 tunnel but with modification of delay on spokes i always choose primary hub1 from all spokes, Spokes have only 1 phsyical wan). If w...

mdzaf · 07-07-2025

Hi, I configure on Dialer interface mtu 1492 and 1592 mss. Also i configure on tunnel ip mtu 1380 and tcp mss 1340. For now it seems to fit and dont have anymore fragments and reasembled packets. Thank you

mdzaf · 07-07-2025

Hi, Hubs is connected to the different ISP. It is connected via LAN. If communication from spokes over HUB1 goes down (device stopped or ISP), everything move through HUB2. I solved on the way creating prefix list for tunnel network, and with distrib...

mdzaf · 07-07-2025

Hi, Thank you for your answer. I add this also in authproxy config file. I tried to add this in realm as directory, but when i test some user communication it doesnt pass test. A tried from CLI test aaa ... and i get message "ERROR: Authentication Re...

Member Since	‎06-13-2025 08:19 AM
Date Last Visited	‎07-07-2025 02:25 AM
Posts	18
Total Helpful Votes Received	2

User Statistics

User Activity

FTD-AnyconnectLDAP-DUO

primary hub in dmvpn learn route to tunn network hubsecondary-spokes

Slow traffic speed on spoke over dmvpn when using Dailer/pppoe

Re: primary hub in dmvpn learn route to tunn network hubsecondary-spok

Re: primary hub in dmvpn learn route to tunn network hubsecondary-spok

Re: Slow traffic speed on spoke over dmvpn when using Dailer/pppoe

Re: primary hub in dmvpn learn route to tunn network hubsecondary-spok

Re: FTD-AnyconnectLDAP-DUO