Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I have an ipsec route based site to site VPN however the ipsec SA's look incorrect and only include a subset of routes passing across it. We have a hub and spoke setup, the hub site has one route based VPN to our remote office (Spoke A), traffic p...
Hi,
I am having a weird issue where traceroutes show the second response on windows and the second & third on *nix as a * but only for the first hop. I don't know how to explain it or what might be causing it.
Pings to the same hosts are continu...
Hi,
I have recently implemented a new ASA5508-X replacing our old 5510. Our carrier delivers over a C2960-CG.
When I connect the ASA to the C2960-CG we get extremely slow speeds in a single direction. This changes as we change the speed/duplex. ...
Hi,
I'm looking at a topology where I have a layer 3 core switch that hosts a SVI for each vlan. I have many 'LAN' vlans where I have computers, voice, wifi etc then I have a number of DMZ vlans also with SVI's on the core switch but I want to use ...
Hi, I have setup a PBR to route traffic matching an ACL to a second interface. The problem I have is when running debug policy-map I get
pbr: First matching rule from ACL(9)
pbr: route map route-xxx, sequence 10, permit; proceed with policy routin...
Thanks @Karsten Iwen we did supply the two subnets we wanted to utilize over the network. I know they are using a Fortinet device of some kind but not sure if they are using policy-based or route based. I'll contact them next week to follow up an ens...
Thank you very much llkin for taking the time to assist. I have modified the icmp unreachable rate and this has fixed the issue (albeit just a cosmetic issue).
I found
icmp unreachable rate-limit 1 burst-size 1
in the config and replaced it with
...
Hi llkin, Yes 172.27.2.1 is the ASA (SVI interface on gi1/2.300). It is always consistent from both the SVI interfaces on the VLANs or even when I made a direct test interface. It is consistent when pinging anything as well, internal hosts or interne...
Hi,
Topology is very simple, its a SMB network.
ASA acting as Layer 3, gi1/1 is connected to a switch and has a few sub interfaces on it for the vlans (only 4).
I have noticed that this even occurs when I connect a laptop directly into a ASA p...
I have since ruled out a hardware port issue on the ASA by moving my outside config to another port and I still see the same results. I have also swapped the cable although we know the old one was good and still no change.
