Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hey all,We stumbled upon two EIGRP problems today after updating our core 6500s from SXH to SXI:1- It seems the EIGRP router id auto selection logic has changed: we have a couple of loopback interfaces configured on our cores, lo0 being our main one ...
In IOS, is it possible to list the esp SA's encryption keys that were negotiated by isakmp for a ipsec tunnel? I've search the CLI options but it doesn't seem to be possible...I'm trying to diagnose what is happening inside a ipsec tunnel with a sni...
Has anyone seen documentation about what to do on Catalysts 500 to comply with DST 2007?The latest IOS release's release notes for it (12.2(25)SEG) mention?CSCse78963The switch now accurately generates timestamps (such as in system error messages) wh...
Hi,The docs seem unclear about this, so I'd apreciate if someone can confirm:Does switching from pvst to rstp induce any port flapping on the local switch or temporary topology changes? I guess in other words:Will switching from stp to rstp flush the...
Hi all,We have an ASA (7.0) that denies icmp type 9 packets (router advertisements) sent to the the 255.255.255.255 broadcast address on the inside interface eventhough we have a icmp permit entry corresponding to the source of the icmp broadcast. I...
Yeah, looking further, it seems that it probably was that we added the other loopback afterwards (although years ago). We have rebooted those cores a few times since, which means that we would have had router-id collisions for a while, however we wou...
Don't believe the rx/tx load value: older IOSes on CBS3020 have a known bug (sorry don't have the bugid at hand) where the interface bandwidth is incorrectly reported as 10mbps instead of 1gig. See from your own output:leolaohoo wrote:3020#sh int gi ...
You're pretty much stuck with the same problem as active FTP was before the ftp fixup / inspect was availible...If you NAT your networks (to a single address) to go out on the internet, you can only do a static to one host, thus only one pc will be a...
You won't be able to get FTPS working in active mode without opening and/or static natting as the inspect ftp engine can't read the PORT commands (ssl encrypted) and thus can't open the temporary states for the data connection...
