Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi. I could use some help getting SRTP working on the WAN call legs of SIP trunks between two two CUBE virtual routers (c8000v with Network Advantage licenses, and IOS-XE v17.10.01a). Note that I would rather not use SRTP on the internal call legs b...
I am attempting to perform simple ACL-based packet filtering on a Cisco ESS3300-based (ruggedized) switch that is running IOS-XE version 17.06.02 (network-advantage feature set). The switch allows me to configure SVIs, and performs inter-VLAN routin...
I'm looking for ideas on where my TCP handshakes might be going in this lab topology:
[Web client] --> [3650 switch & VLAN11] --> [4451 NAT router/dot1q 11 bridge domain/BDI 11] --> [Web server]
The 4451-x is running IOS XE Version 16.06.05 (IP Base)...
The Cisco NTP Best Practices White Paper and DISA STIGs recommend setting the NTP source address to a loopback interface (e.g. "ntp source loopback0").But this only seems to work if the requesting (NTP client) router is the default gateway for the NT...
Hello. Bottom line is I'd like to speed up multicast convergence after topology changes in the network pictured below.Here is an overview of the situation:Two VLANS/subnets, with a pair of 3560 multilayer switches configured as ip (and multicast) ro...
I now have a workaround for this issue. I simply replaced the NAT pool in the "ip nat inside" command with the outside interface name. Specifically:
OLD non-working commands:
ip nat pool BDI11_NAT_POOL 128.244.210.252 128.244.210.252 netmask 255.25...
Georg:
Thanks for taking a look. ZONE_INTERNAL is VLAN3, where the web client resides. A separate route map governs NAT for VLAN3 traffic to all other WAN destinations (i.e. another NAT outside interface).
The rest of the config is sensitive, and ...
Michel:Thanks for the response. Actually, I understand what kind of routing workarounds could allow NTP to function in spite of this "best practice." But I am mystified as to why a Cisco "NTP best practice" paper (http://www.cisco.com/en/US/tech/tk...
