Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
HiI'm playing around with IPSec site to site VPN's using certificates.I load the CA root certificate onto each ASA and then enroll manually for an Identity certificate. I have a Win2008 CA and I use the Advanced Certificate request then IPSec (Offli...
Hi On http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/qa_cisco_catalyst_6500_series_16port_10gigabit_ethernet_module.html it states that if you put the 16 port card into performance mode only 4 ports are useable. If I read correctly...
HiI have a customer who requires to identify and police traffic on egress on a 3560 trunk link. I cannot use ingress classifications because we do not know what route the traffic will take yet. The egress interface connects to multipoint wireless e...
HiI'm trying to find out the options for authenticating remote users via IMEI and MISDN values via ACS 5.3I'm unfamiliar with the Radius attribute options here and what kind of request/response we can utilise. Also previously I could define IP pools...
HiI've added a new subnet to an ACL for l2l VPN traffic. I am not in control of the other end but the 3rd party assures me their acl matches. However the new traffic does not cross the VPN.When I do a packet tracer on the new subnet traffic I see t...
Success.
I created a copy of the IPSec certificate as a Win2003 certificate
In the Subject name tab choose Supply in request
In the Extensions tab Highlight Application Policies - Edit - Add and select IP Security tunnel termination.
Now select that...
Actually I think I've just managed to get the new template published and available in the certsrv webpage by using the Windows Server 2003 Enterprise option when duplicating the IPSec template. I think I was using the Windows Server 2008 Enterprise ...
Thanks again JP.
I did manage to copy the existing IPSec template and include IP security tunnel termination as a certificate purpose. That looks promising as a solution.
However, I'm still having trouble getting the certificate template to be off...
Thank you for the input JP.
I'm using the IPSec (offline request) cert template which seems to be much the same as the IPSec one. Am I wrong? Is there a significant difference between these templates?
The reason I don't use the IPSec template is ...
Many thanks Reza.It seems strange to me that the 16 port card must be put in non-oversubscribed (performance) mode but the 8 port can be used in 2:1 oversubscribed mode. So we are better off using a cheaper 8 port card if we deploy the VSL on it.I'm...
