Hi all,I'm having an issue setting up an L2TPv3 tunnel between two routers. The routers are both 4431-SEC/K9's running 17.9.4a and have AppX licences loaded and in use:ISR_4400_Application (ISR_4400_Application):Description: AppX License for Cisco IS...
Hi all,We have a global NAC setup, using ISE3.1 and Cisco 9200/9300 switches, with physical ports configured with a priority of dot1x/mab, but with an order of mab/dot1x. This is due to a set of security audit requirements for granular mab ACLs kicki...
Hi all,First off, yes this is about BGP on an ASA so it kinda fits between the routing community and firewall community but, as the key issue is BGP, I thought routing was a better choice I have a very simple scenario - I have an ASA [9.16(3)] runnin...
Hi there,We've got a pair of CSRv's (v17.3.4a) running in AWS on c4.2xlarge instances but the CPU's are running a tad hot (75% sustained during the work day due to high IPSEC loads but well within their licenses, but the underlying AWS instances have...
Hi all,I've got an ISR4331 running 12.16.4 set up to be our office edge device running NAT overload to the ISP (using VRF-aware NAT) and ZBF inside-out with a match-any that includes UDP and ICMP (and other stuff above of course). It works perfectly ...
Ok, we have success and partly it's my fault by omission...Thanks to MHM for mentioning Firewalls and Rich, "show platform hardware qfp active statistics drop" was my best friend...---------------------------------------------------------------------...
The L2TP/Xconnect commands are enabled with the AppX - As Rich said we also have the Sec licence loaded and in-use:ISR_4400_Security (ISR_4400_Security):Description: Security License for Cisco ISR 4400 SeriesStatus: IN USEISR_4400_Application (ISR_44...
Yes, all interfaces are up. It looks like the xconnect just isn't moving the traffic.I'm going to GNS3 the setup with the same configuration cut'n'paste on 8000v's running the same 17.9.4a code (nearest I can get to a 4431 in GNS3) and if it works th...
So to ensure the sub-interfaces connected to each vlan are UP and working properly and the hosts are live, I removed the xconnect and added an ip address (being the other end's host IP) to each sub-interface. Both routers can ping their hosts fine on...
