Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Strangest thing. I have applied the access lists and can see that in CLI, but ASDM isnt displaying them.in CLI:access-group inside_access_in in interface insideBut ASDM doesnt display the interface under "Firewall - Access Rules"Cisco Adaptive Secur...
Hello,I am having a hard time getting tunnel failover working. My setup is illustrated below:I derive my default route on the border routers. The 6513 peers with the 7206's using BGP to get the default route from each ISP into the core. On the co...
I am working on setting up dynamic redundancy between two ISP's. I do not have a /24 block assigned so BGP peering is not an option. The site is remote and I dont have the ability to easily change the way things are connected. Here is the architec...
Hello all,I just migrated so,me 3560e switchports to a 4507R+E with a SUP7e running IOS-XE. Everything works except pinging other subnets from the console connection. This switch is trunked to a 6513 and is not doing any layer3. There is one vlan ...
Hello all,I have DS3's to two different providers. Each is hosted on its own 7206. The 7206's are connected to each other and both connections to the internet route traffic in and out just fine. Failover between the two is working as well. The is...
I have the same question. Cyber Insurance performed a scan and says the Nexus openssh version should be upgraded or patched to address DDOS vulnerabilities.
In my case this was a quick fix because no RJ45 1G SFP's were on hand but there were excess twinax cables available. We are ordering those now. Other than support issues, if they work I dont see why we shouldnt use them.
Not entirely true. On Nexus I'm using the 10G twinax running at 1G. I used the "service unsupported-transceiver" command on the interface and it came right up. So far no issues. I know this isnt fiber so it may not apply.
I worked some more on this. I discovered that there were a few different traffic flows that were initiating the tunnel on my secondary link. One was syslog traffic destined for the headend, the other was a ping being run from a host at the headend...
I have considered setting this up diferently. There is a design for my scenario (dual ISP's, no BGP peering, No HA) where two interfaces are configured as outside interfaces, one connected to each ISP. This would make HA available but I would stil...
