About LordBoBCUP

LordBoBCUP · 08-13-2021

Hi,I have an ipsec route based site to site VPN however the ipsec SA's look incorrect and only include a subset of routes passing across it. We have a hub and spoke setup, the hub site has one route based VPN to our remote office (Spoke A), traffic p...

LordBoBCUP · 03-11-2019

Hi, I am having a weird issue where traceroutes show the second response on windows and the second & third on *nix as a * but only for the first hop. I don't know how to explain it or what might be causing it. Pings to the same hosts are continu...

LordBoBCUP · 02-19-2019

Hi, I have recently implemented a new ASA5508-X replacing our old 5510. Our carrier delivers over a C2960-CG. When I connect the ASA to the C2960-CG we get extremely slow speeds in a single direction. This changes as we change the speed/duplex. ...

LordBoBCUP · 11-22-2018

Hi, I'm looking at a topology where I have a layer 3 core switch that hosts a SVI for each vlan. I have many 'LAN' vlans where I have computers, voice, wifi etc then I have a number of DMZ vlans also with SVI's on the core switch but I want to use ...

LordBoBCUP · 09-26-2018

Hi, I have setup a PBR to route traffic matching an ACL to a second interface. The problem I have is when running debug policy-map I get pbr: First matching rule from ACL(9) pbr: route map route-xxx, sequence 10, permit; proceed with policy routin...

LordBoBCUP · 08-13-2021

Thanks @Karsten Iwen we did supply the two subnets we wanted to utilize over the network. I know they are using a Fortinet device of some kind but not sure if they are using policy-based or route based. I'll contact them next week to follow up an ens...

LordBoBCUP · 03-20-2019

Thank you very much llkin for taking the time to assist. I have modified the icmp unreachable rate and this has fixed the issue (albeit just a cosmetic issue). I found icmp unreachable rate-limit 1 burst-size 1 in the config and replaced it with ...

LordBoBCUP · 03-17-2019

Hi llkin, Yes 172.27.2.1 is the ASA (SVI interface on gi1/2.300). It is always consistent from both the SVI interfaces on the VLANs or even when I made a direct test interface. It is consistent when pinging anything as well, internal hosts or interne...

LordBoBCUP · 03-14-2019

Hi, Topology is very simple, its a SMB network. ASA acting as Layer 3, gi1/1 is connected to a switch and has a few sub interfaces on it for the vlans (only 4). I have noticed that this even occurs when I connect a laptop directly into a ASA p...

LordBoBCUP · 02-20-2019

I have since ruled out a hardware port issue on the ASA by moving my outside config to another port and I still see the same results. I have also swapped the cable although we know the old one was good and still no change.

Member Since	‎01-18-2015 06:37 PM
Date Last Visited	‎08-18-2021 12:04 AM
Posts	42

User Statistics

User Activity

ASA VTI - incorrect ipsec SA

ASA Dropping Second Traceroute packets, first succeeds.

ASA 5508-X & C2960-CG slow single direction

Cisco L3 Switch and ASA between vlans

ASA 5508-X PBR Wrong Interface Selection

Re: ASA VTI - incorrect ipsec SA

Re: ASA Dropping Second Traceroute packets, first succeeds.

Re: ASA Dropping Second Traceroute packets, first succeeds.

Re: ASA Dropping Second Traceroute packets, first succeeds.

Re: ASA 5508-X & C2960-CG slow single direction