Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hey folks!
I was in our datacenter earlier this week, and noticed that there was an amber light above PS0, which is the left power supply. I log into the firewall, and perform a 'show environment'. I will paste the output below. It shows me that th...
Hey folks!
This weekend I will be replacing the primary ASA in my H/A pair of 5585Xs. What I mean by primary, is when I originally configured H/A, this unit was marked as the primary unit, and the other was the secondary. Is there anyone here who w...
Hey all, Somewhat of a silly question when it comes to identity NAT rules, which cause the ASA to use NAT divert instead of the routing rable. How does the ASA determine the next-hop IP address in this scenario? We currently are dual homing our ASA t...
take a look at the configuration below on one of my 2nd edge router: ================================================================= access-list 10 remark Offset listaccess-list 10 permit 0.0.0.0 255.255.255.255router eigrp 100default-metric 100000...
Hello,
I'm running to a really strange issue with static NAT on my ASA. We are essentially accepting external connections into our reverse proxy via 443. Let me show you two NAT lines that should do the SAME EXACT THING, but for some reason, they don...
So let's say SOMETHING goes wrong, and the blank config overwrites my production config. In theory, all I SHOULD have to do would be to break the H/A pair, and reboot the Secondary (With the production config), and it should come back up with the ori...
Thanks again. I've read horror stories about some engineers doing this incorrectly, and results in the RMA unit overwriting the current active unit with a blank configuration.
That would be a nightmare.
Thanks for the reply! So just to make sure, I don't have to change anything with the failover configuration, and when I add the new RMA unit, it will take the current "Secondary-Active" configuration, and apply it to itself? The Secondary-Active unit...
Fantastic, Peter. Thank you very much for this response. One last question for you. If my ASR 1 config has the same "default-metric" as my ASR 2 config, would I simply only need to increase the value of the default-metric on ASR 2 so my downstream de...
Peter, Thanks so much for your post. I will either do a match all or match only the default, using the 255.255.255.255, or 0.0.0.0, respectivley. I did have a quick question on method #3, using the prefix list to set a metric. I see that in your refe...
