Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi guys, Just interested in what the industry are doing with regard to OTV DCI technology now with the advent of VXLAN and also Cisco dropping OTV from the new CCIE DC blueprint ? CheersTony
Hi all,
Cannot get the the vpn ikev2 to authicate using certificates.
Get the following debug
(96): IKEv2-PROTO-5: (96): SM Trace-> SA: I_SPI=0EB92F8B306D2B27 R_SPI=2EE5B0F380F21D2D (R) MsgID = 00000000 CurState: INIT_DONE Event: EV_DONEIKEv2-...
Hi everyone,
I just wanted to clarify some of the crypto requirements for setting up a l2l vpn.
1. Trustpoint - doeas a trustpoint need only contain an identity / general certificate or is a CA certiifcate required as well ?
2 Trustpoint - does the...
Hi everyone,have this issue with root bridge on on a vlan being learnt incorrectly by itself from another vlan.The topology is this 6513 vlan 10 interface f4/10 Dell 5316 interface g11 vlan 1 vlan 20 interface f4...
Hi all,I know it seems basic, but I wanted to add static routes to be advertised from the route-reflector to the client peers. The client peer recieves the route but points the destination back to the reflector!First I'll start with the correct way r...
Hi GioGonza,
thanks very much for the explanations
just to be clearer on the CA certificates side of things.
In the configuration the CA cert would have to be associated to a trustpoint yes ?
As the CA cert could be associated to a different tr...
Hi Reza,Inherited issue. The ports are set to access. The servers are regular Windows servers (2008).I agree would have been a better configured setup done that way with an etherchanel. Also I noted that the interfaces on the Dell are set to untagged...
HI Jon,yes thats correct, config moved to rrDoes this not show a recursive lookup? sh ip ro vrf test 172.21.0.0/24 is subnetted, 1 subnetsS 172.21.1.0 [1/0] via 172.28.10.2 ==================== reachable by this address ...
Ok thanks Vinod,I think my point was more from a security perspective that monitoring different equipment in less or more secure zones should be on the same network management network.CheersTony
