Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi Guys,Perhaps I can research this over and would find an answer, but this is kinda urgent. Hopefully someone can help me, and then I'll make further research afterwards.Here's the scenario:We have set of PC's who will be connecting either RA IPsec ...
Hi guys,As part of our PCI compliance, we were required to add a line to all of our ACLs in our ASA 5520 running version 8.2(3). Though there is an implicit deny all, we had to add a line to deny from any source to any destination. We had no problems...
Hi All,I'm not sure if this is the right venue. But hopefully someone can help me.How will I know if my catalyst and Nexus switch supports Ethertype 0x05ff. This is for the beacon probes sent out by our ESX Servers.We will be using Nexus 3048 and we ...
Hi All,I'm not sure if this is the right venue. But hopefully someone can help me.How will I know if my catalyst and Nexus switch supports Ethertype 0x05ff. This is for the beacon probes sent out by our ESX Servers.We will be using Nexus 3048 and we ...
Hi GuysHope you can help me with this. This is kinda weird.In our company, we have our agent's tools going over mpls vpn. Our client recently changed the IP of their servers to 2.2.2.2 (IP has been changed). When I check the dns records using client'...
thanks. we don't have custom access rules on any interface. we were also able to test and the vpn connection is using ssl vpn(clientless using web browser) and it worked.so if it's using ssl vpn on a web browser, let say there are custom access-rules...
apparently, when we apply the deny statement on the NAT acl, the NAT policy is removed on the running config. When you add it to the running config, it doesn't add the command. We have to remove the deny statement on the NAT ACL before the ASA can ac...
okay. so my question goes like, does the class-default inspect ipsec remote access or ssl vpn remote access? just like icmp, by default, it's not inspected so if you don't tweak the class-default, it wouldn't allow icmp on the data plane, right? the ...
thanks for this Jouni. I was able to read that document earlier when I was skimming through google search. I can't find it back though. Please share with me once you're able to locate it so I can share it with my colleagues. Thanks.
