Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are changing ISPs and the Class C public subnet used for NATing and the outside of our ASA will no longer be used (by us). We actually have 3 Class C subnets for Internet traffic. There is an appliance used as the gateway of ASA's outs...
What are the pro/cons to using Easyvpn in network-extention mode with split-tunneling as opposed to using a regular site-to-site vpn connection. We have about 70 remote offices with Pix 501s already setup with site-to-site and will be replaceing the...
I have seen in a manual that you can use "interface (interface name)" as the source/destination in an ACL on the ASA. When would you do this? What exactly does it buy you i.e. what does it really give access to? Exmpleaccess-list dmz permit tcp in...
If I change the bandwidth statement on an interface (serial subinterface), do I have to bounce the interface/subinterface for eigrp to start using the new value for route calculations? Thanks
I have noticed that connections going from one dmz to another have two entries in the ASA log, one "inbound" and one "outbound". I did not remember seeing this when we had a Pix. Did I just miss it before or is this a new feature with the ASA.
Thank everyone for the examples. I understand why you would use this as the destination especially if you were using DSL where the outside interface could change. But using it as the source still has me stumped. The reason I ask it that we are movi...
Thank You. That example with "interface as the destination I understand, but where would you use the "interface" parameter as the source such as on a dmz.Exampleaccess-list DMZ-to-Lan permit tcp interface dmz 10.x.x.x eq ldap Thanks Joel
Thanks again. On a side note about the BVI, if I am going to employ QOS over this link using and trusting dscp markings, would I then activate it on the bvi and not the serial interface or do I have to use COS and the layer 2 serial interface.
My subinterface has a bvi associated with it. No bandwidth was coded for this bvi so it must have initially used the bandwidth from the subinterface associated with it. When I changed the bandwidth on the subinterface it did not update the bvi bandw...
