Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Up until a few hours ago I was able to ssh to my pix firewall and login with my tacacs account. It mysteriously stopped working. My account isn't locked and I can ssh to the standby ip address (the failover pix) and log in via tacacs (proves routin...
I'm setting up a new TACACS server and would like to use a wildcard ip address in the client configuration rather than enter all 242 devices (or import them in). Is there a reason why I shouldn't do this?
Does anyone have any experience with using 2 MPLS carriers for load balancing. We'd like to have a primary MPLS network with ATT and then a backup MPLS network with MCI. But rather than use MCI strictly for backup we'd like to load balance traffic ...
I have 2 PIX firewalls that I am removing and replacing with a router (2811) that has 2 FE ports on it. We're trying to merge networks, but still need to route our traffic and do some static NATting. I'm pretty PIX illiterate, but I'll show you the c...
I have 2 PIX firewalls that I am removing and replacing with a router (2811) that has 2 FE ports on it. We're trying to merge networks, but still need to route our traffic and do some static NATting. I'm pretty PIX illiterate, but I'll show you the...
This is access from the inside. It is possible that the pix is having interface problems, but it's also very coincidental. I look into that.And no, I don't see any attempts on the TACACS server from that pix.Could there be something else stopping T...
We plan to use BGP and have 2 CE devices (Cisco 3845). Initially we thought we'd have 1 CE connect to 1 MPLS Provider, but don't know how we would we load balance. From reading the this it's an interesting concept (and may be somewhat easier to con...
Thanks for the reply. This router's FE0/0 will connect directly to one of our core switches and we'll use eigrp to propogate the 10.x.x.x routes that way. They also have a core switch and will have to put a route statement on those as well.
I believe that the DCA on/DTPC off config was not tested by Cisco. Until they finally admitted their problems they truly believed that having both on worked just fine.The design flaw comes when clients create a coverage hole. Meaning they may be nea...
