Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Below is output from a config running on my VPN router (ip removed for security purposes).crypto map NMI-VPN isakmp-profile NMI-ISAKMPcrypto map NMI-VPN 10 ipsec-isakmp set peer X.X.X.X set transform-set AES-SHA set isakmp-profile NMI-ISAKMP match ad...
Hello all - This is just a general question... is there a good way to organize the ASA's access rule list to increase its efficiency? Maybe by service or hit count (Top 10). I am using the Cisco ASDM 6.2 to manage our ASA 5520. Looking at it looks...
Hello all,A server on vlan 51 will only issue IP addresses on vlan 51. The subinterfaces on the router have the command ip helper-addess with the IP address of the DHCP server. From the switch I can ping the DHCP server and ping all subnets under t...
Hello Cisco Support Community,I have an ASA 5520 in my company which does all our NAT and Firewall access control. Currently there is a rule in place to allow an incomming connection on port 2222 from a specific ip address to allow access to a web a...
Hello All,I was hired on with a state.. Now its been awhile but I can't remember how subinterfaces and VLANS all tie together!Now correct me where I'm wrong (please), but VLANS are created on switches first correct? When you create a VLAN on a switc...
The NAT that is occuring is a destination NAT you could say. When a request is made from an Outside Global address to a Inside Global address the ACE will take that Inside Global address and NAT it to an Inside Local address, say an internal servers...
As I said your config and setup all looks correct so there is no problem in that area. You should now move on to testing if its the Te1/15 port that is causing the problem. Do you have any GigEthernet ports on your 6500? If so do as I suggested......
Run these two commands to verify your config. It should list something similiar to below.show vlan access-map CAPTURE_TRAFFIC !Vlan access-map "CAPTURE_TRAFFIC" 10
match: ip address ALL_TRAFFIC
action: forward capture!show vlan fil...
Why don't you setup a monitor session to monitor the vlan or interface you want and send it to two separate interfaces, the 10Gi and Sniffer? On the Sniffer box, if you are using WireShark, you can setup capture filters to limit what you want to see...
I know this goes without saying but it seems like you have a spanning tree issue!Try doing a show spanning-tree summary and look for the following differences on the 6509 and 3560.EtherChannel misconfig guard is enabledExtended system ID ...
