Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi!I am about to perform a backup/restore upgrade to 3.4 using new VMs, and then configure the network devices to use the new deployment.It is a deployment with 18 PSN nodes.The eval licenses (100 endpoints) will be enough to do some testing.But ther...
I want to send all logs regarding Administrator logins, and what changes they have made, to a remote log server.If I choose category "Administrative and Operational Audit" I get way too much information.When an administrator is logged in and clicks o...
Hi,
What is the status on this bug?
It is marked with status "Fixed", but there isn't any information about how to implement a fix.Contrary to the status flag, the "Known fixed releases" has the counter 0.The description says that "All patches and re...
I saw a strange beaviour in the ACE30 today.We are configuring most of our VIP:s with "loadbalance vip icmp-reply active" and I haven't thought about it that much.I just assumed it would do what the command says.Today an Intel tech called and said th...
Hi,I am interested in using E-DI to automate checks and configurations in our network.But when I read the documents about the latest release 2.2 it seems that the list of supported IOS versions isn't updated.Could it be that there is no interest from...
Hi Jorge,Yes, I know that it is disabled in this version. And I want it disabled.But my test earlier in this thread shows that clients still can do a rehandshake.You haven't mentioned that part.Is this command just there to enable/disable the ACE it...
Thank you for your answer.Our running version is A5(2.0). It should have rehandshake disabled by default.Here are the outputs from some commands:ACE# sh run | i rehandGenerating configuration....ACE# sh parameter-map SSL_TERMINATION Parameter-map : S...
Hi,I am in the same situation.Someone has done a security vulnerability scan and claims that a VIP in the ACE is vulnerable to "SSL/TLS Renegotiation DoS".I have confirmed that rehandshake isn't enabled either globally in the context or in a ssl para...
Hello,Here is the multimatch configuration.There are 74 classes inside the multi-match. And all are configured in the same way.I include only one (with a fake name) to prevent me from inventing 74 fake names.policy-map multi-match PRODUCTION class A...
