Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Some ISP's may block (seen in Bangladesh and China) ESP. Or you might suspect that the ISP limits the BW for ESP. But you dont see the same for AnyConnect clients or vpn tunnels using NAT-Traversal.
Normally NAT-T is auto negotiated, and this is in g...
Monitoring the ASA memory usage, when its configured in context mode can apparently not be done though the admin context using snmp.
The workaround is pretty simple. You use the http interface to get the information you want.
Then you will need to im...
In short it compresses the access-list. The only real impact for you is that you no longer will see the full acl when using the command "show access-list" (not that same as "show run access-list") And will not be able to fetch acl hit counts from Cis...
More than one place to check:
1. Check that you are running an ASA version that supports separate route tables (VRF Lite like routing)
If you do then make sure you have this enabled on the management interface
interface Management0/0 management-only
...
If its a per-interface acl then you can assign it to more than one interface
Example that will apply the same acl to two interfacesaccess-group NAME in interface vlan1access-group NAME in interface vlan2
Example that will move the acl to the new inte...