About dan.shalinsky

dan.shalinsky · 04-22-2008

Hi,We're getting the error below (about 3000 per day) on an ASA5520 (7.2.2) when it receives L2L VPN traffic from a PIX-525 (6.3(5)140):%ASA-4-402120: IPSEC: Received an ESP packet (SPI= 0xB8EE870D, sequence number= 0x534B0) from 10.10.50.4 (user= 10...

dan.shalinsky · 03-27-2008

We're attempting to implement a pair of CSS's using redundant ASR and GSLB where the CSS's act as DNS servers. But I'm not sure if the 2 features are compatible. The CSS's answer DNS queries to their direct interface but not the redundant interface...

dan.shalinsky · 11-27-2007

Hi all:Pretty basic question here. This Cisco doc (http://cisco.com/en/US/products/hw/contnetw/ps792/prod_bulletin09186a008007ca4c.html#wp41419) suggests the following CSS topology for ASR: "two links are used for redundant interswitch communication...

dan.shalinsky · 04-03-2007

Is it possible to NAT to 1 of 2 different inside destination IP's based solely on the external source IP address?There is something similar described but it doesn't work:access-list WEB permit tcp host 10.1.2.1 209.165.201.11 255.255.255.255 eq 80acc...

dan.shalinsky · 03-19-2005

We're doing a PIX to PIX VPN using 2 525s. The VPN is working, but we're seeing poor performance (only 2.4mbps) and what I believe are a significant number of errors. Also, I think that there may be a packet size problem as the largest packet that ...

dan.shalinsky · 03-27-2008

Well, not the answer I was hoping for but many thanks for confirming this. I will look into the GSS as well.best regards,Dan

dan.shalinsky · 03-27-2008

This is exactly it. 7.20 documentation (http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/css11500series/v7.20/configuration/advanced/guide/VIPRedun.html#wp1067528) shows "dns-server" variable at the end of "ip redundant-int...

dan.shalinsky · 03-27-2008

We are using rule-based GSLB. If I direct DNS queries to the VLAN ip address, I receive an answer. But if I query the VRRP ip (redundant-interface IP), then I get no response. The documentation for "show redundant-interfaces" mentions that I should...

dan.shalinsky · 11-29-2007

Posting a follow-up answer to my question. I believe that redundant links per chassis is not the optimum design because you would need to running spanning-tree. In fact, it's recommended to configure port-fast on the Catalyst port and disable bridg...

dan.shalinsky · 04-04-2007

Hi David:Sorry, I think I still wasn't clear on my scenario. I want to redirect to one of two different inside servers but based on which source IP.Two outside source IPs: 10.1.1.1 and 10.1.1.2Both connecting to 172.16.0.1 on port 80If 10.1.1.1 conn...

Member Since	‎07-28-2004 09:28 AM
Date Last Visited	‎03-01-2019 02:02 AM
Posts	38

User Statistics

User Activity

ASA to PIX VPN Error 402120

CSS redundant interface and DNS server

CSS ASR - Number of GE links

Destination NAT based on source IP?

PIX to PIX VPN Errors

Re: CSS redundant interface and DNS server

Re: CSS redundant interface and DNS server

Re: CSS redundant interface and DNS server

Re: CSS ASR - Number of GE links

Re: Destination NAT based on source IP?