Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello,I had a quick question. So currently we have a tunnel-group-name condition configured on ISE so whoever connects to this vpn tunnel-group then gets a permit ip any any DACL.If split-tunnelling is used which is evaluated first? Im assuming the D...
Hi Guys,I have a scenario regarding PBR/Route-Maps. We have a scenario where we have an ASA which the core switch is pointing to as the default route.Unfortunately we have server subnets that need access to the internet via the FTD instead of ASA. No...
I have found a fix for this. First made sure all routing was okay between all subnets noticed I had some issues. After that I applied the below: ip access-list extended SERVER_INTERNET_FTDdeny ip 10.30.0.0 0.1.255.255 10.0.0.0 0.255.255.255 deny ip 1...
Hi!, Thanks so much. Glad to know this is a viable solution. Regarding your 2nd point. You are correct i indeed forgot to add the static routes from the ISP and FTD router back to the server subnets which ill rectify. In this lab its okay but In rea...
