A friend just emailed me this joke and I've been laughing like a stupid for an hour so I figured I'll post it 5 Routers walk into a bar.... Who gets the car keys?.......THE DESIGNATED ROUTER!!!! LOL
Hi Anke,This is doable with your ACE but depends on how the restricted URL looks like, for the intenal clients we just need to "filter" their access by adding the internal subnets on an ACL fashion.This is an example I came up with, give it a try and...
Hi Nishchay,What do you mean by dropping packets? The capture doesn't tell much as it seems it was taken from the client side. Is the status of both servers operational? I've come up with a config sample that you could try, I made some modifications ...
Hi Wes,Do you have a sketch of your current setup? I feel there's a switching connectivity issue behind this; more than an ACE issue, that ping test you're doing will only be generating routed traffic through the ACE which will only need your interfa...
Dave,I don't see a problem with your new design; just keep in mind you'll be moving to what's called a "routed" mode so the DMZ-ACE needs to be configured with an IP from the internal VLAN, you can either configure the current connection between the ...
Hi Dave,Personally I don't see any flaw on doing this. Assuming that currently your SMTP traffic is flowing from the ASA outside-> inside interface -> to the internal-ACE VIP and from there to your servers, if this is the case, then moving your excha...