Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello all, hoping someone can give a quick bit of advice...I have 20 dispersed sites each with 5Mb leased lines, and a central hub site with a 100Mb uplink to a top tier service provider. All of the remote sites talk to each other through the hub. Th...
Hello all,As most people know, the football (soccer) World Cup is upon us, and will surely cause havoc for corporate networks evereywhere... and mine is no exception.I know how QoS works very well on the ASA, but I need to do something about streamin...
Hello all,I have 2 sites connected to a central hub via VPN. I need the 2 remote sites to talk to each other. This all works correctly by hairpinning on the outside interface of the hub, except that the SA between remote site A and the hub does not g...
Hi all, I have a quick questions to ask that Im hoping someone will have a quick answer to..I won't go in to the details of why this is required, but just want to know if it's possible (Im designing an optimised WAN VPN solution for a client using on...
Hello all, very quick one for you:I want to create a L2L tunnel that allows all traffic in one direction for management purposes, and just port 80 traffic back in the other direction.I'm guessing this isn't possible with just the match access-lists (...
Anyone have any experience with this kind of setup, or any idea what the performance impact should be assuming 50ms latency between all remote sites and the hub? I understand that the decryption and encryption on the hub will add some delay, but I wo...
Hi, yes I had just figured this out and was coming back to update... The configs i had posted above I had modified as each config is actually around 1000 -2000 lines long. I had not realised I had posted the ACL's incorrectly.The network is actually ...
Any other ideas on what could stopping the traffic going out over the second VPN from the hub site?Is there anything else I can do on the hub to see what's happening? All devices have sysopt connection permit-vpn on so guessing it wont be an access-l...
I have removed that line of config and all still works as before. Strange as I had always needed this in the past to allow RA VPN users to hairpin back out to other remote subnets...Here's the SA's, looks just the same as before with decaps at hub bu...
