Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Six months ago, we kicked off an Internal vulnerability scanner (IVS) and the CPU on a couple dozen SG300 switches pegged at 100% and stayed that way. We could SSH into them, but they wouldn't reboot when issuing the command, so we needed to walk bra...
We have an ASA at a branch site connected to an Internet broadband connection. This ASA can successfully query the ISP's DNS servers when doing things like ping hostname or traceroute hostname.
This ASA establishes an IPsec tunnel (L2L) back to the ...
A year ago I setup an ASA5515x to act as our VPN concentrator with 2 factor authentication using Device Certificates and User Credentials. This worked well for the year until the certificate for the ASA expired. I issued a new certificate from our MS...
I picked up a used ASA5505 off of eBay to use in a lab environment to test the 8.3 changes before applying the update to our production units. This unit faithfully boots the 7.2(5) code, but any version above it hangs at Booting. It did boot up 8.3 i...
I have an SG300-52 in the field and the site recently picked up some VOIP phones. I currently have the followingExisting VLAN2 = Data networkCreated VLAN3 = Voice networkUnder voice VLAN properties I set the Voice VLAN ID=3 and enabled Auto Voice VLA...
Hi Rahul,
Thank you for confirming what I suspected.
We came up with a solution. Since ASA tries each DNS server in order, we specified our internal DNS servers first and the public DNS servers second. When the IPsec tunnel is down, the internal DNS...
I see you resurrected a 3 year old post, but I figured I could offer a suggestion.
Check for a duplex mismatch between your uplinks.
What are you using to determine throughput, an Internet speed test on a PC or are you looking at the throughput das...
Hi Marvin, You were spot on with your suggestion. I already had IPsec configured but it suddenly stopped working with the new certificate. I discovered I needed to associate ikev2 to the new Trustpoint. I couldn't find where to do it in ASDM, so comm...
Hi Marvin, Thank you for responding. You may be on to something with enabling IPsec.Rather than creating a new profile can I enable it on the existing profile but still leave SSL as the primary protocol under the server list entry in the Client Profi...
Hello, Thank you for replying. As mentioned, these laptops are primarily on the road, so they won't be able to pick up a GPO policy until they connect. Is there a way to toggle to SSL from within the client? Editing the profile by hand requires admin...
