Hi Folks,
I have a pair of Cisco 2901s that I use as terminal servers to provide console access to a devices in a data center. This works fine for everything except for my ASA firewalls.
When I connect to the ASAs, it seems that a stream of inpu...
Hi folks, I have a pair of wlc 5508, configured as a HA pair. I want to upgrade the FUS to ver 1.9. Is it necessary to break the HA pair, and upgrade each wlc individually?
Hi Folks,I have a wireless network that uses ACS 5.2 to handle authentication. The ACS is integrated with an Active Directory LDAP server (my_ldap) and is working correctly at the moment. The authentication flow looks like this: - User tries to ...
Hi Folks,I have a strange issue with a new VPN connection and would appreciate any help.I have a pair of Cisco asa 5540s configured as a failover pair (code version 8.2(5)). I have recently added 2 new L2L VPNs - both these VPNs are sourced from t...
Hi Folks,I have a pair of WLC 5508s deployed on my LAN in an active-standby pair, and a WLC 2504 deployed in my DMZ as a guest Anchor.I have configured a WLAN (guest) for webauth. The guest WLAN is anchored to the 2504 in the DMZ, and webauth is ...
Hi Rick,Thanks for this. I cleared down the SA, turned on ISAKMP debugging,and put two captures on the isp interface (one checking for any traffic from the peer, and one checking for any isakmp traffic). When the customer tried to access DMZ211 ...
Hi Rick,I think those hits were caused by the packet-tracer command. I just cleared the counters on access-list VPN_2 and checked the status of the VPN - there was no ISAKMP SA for VPN2 (I presume it timed out due to inactivity). I called the ...
Hi Rick,There isn't a specific entry in ACL nonatdmz144 for 192.168.1.0/24, but the first entry in that ACL covers the 192.168.0.0/16 subnet, so I would expect 192.168.1.0/24 to be included with that?It's correct that traffic to dmz144 is working (fr...
