Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I occasionally have a requirement to suspend a service urgently. The application team wants all traffic to stop immediately and all current flows terminated. The service runs with approximately 600 active SSL connections and these can take a ver...
Hi,Is it possible to apply a PVLAN configuration on a 6500 and have the interface on the FWSM configured as a promiscuous interface.I found an old thread that said it couldn't be done, but that it might in the future.The etherchannel interface betwee...
I have a script that will be used for more than one service and am trying to configure a global keepalive using type script. The command is accepted by the CLI without any errors, but the configuration doesn't change. I can configure all other keep...
Can anyone confirm if there is an issue having two pairs of content switches (11500s) on the same subnet? The circuit addressing, interface redundancy and VIPs all use the same subnet. Wondering if there would be any issues with the redundancy, arp...
I need help understanding service failure and the action taken by the CSS to rebalance the traffic.I am working on a project to replace a non-Cisco load balancer that works by receiving each packet and forwarding it to all of the web servers. The we...
Would this be applicable in the following scenario?The content rule is a layer 5 rule (advanced-balance ssl, application ssl) and there are three services. If one of the services is suspended, and the content rule has the flow-reset-reject command co...
Gilles,To confirm your statement. Are you saying that an IPsec tunnel cannot be routed through the CSS even when it is only being routed and not part of any content rule / group / flow?While I'm asking, is this true of the ACE products as well?Thank...
Thank you. That got it working. I'm surprised that there is no configuration required on the sup card or FWSM to get this working. Meaning I didn't have to assign it as a promiscuous port.Are there any parameters to configure at the FWSM? What if...
Does the following look familiar? This is from a 3640 running 12.3(9) that is connecting to another 3640 12.2(19a). Have heard about slight differences in IOS having trouble establishing ISAKMP properly. The suggestion for this problem was to set ...
