Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I am working on a project where we need to implement a FW on a PE Router as a Managed FW for our corporate users.The proposed design is as follows:1. On the FW Side: a. The FW will be deployed in off-path mode where the customer VLAN will be assi...
Hi,I have a PBR and NAT configuration in one of the core switch interfaces as follows:!interface Vlan22 ip address 172.24.22.251 255.255.255.0 standby 22 ip 172.22.254 standby 22 priority 110 standby 22 preempt ip policy route-map PROXY ip nat insid...
Hi,I have a case where there are 2 ASA Firewalls, 2 Switches, and 2 Routers... The routers are connected to the WAN.I need to connect the 2 Routers to the 2 switches in full-mesh topology and all will be part of the same subnet. However, I also would...
Hi,I have a customer who has multiple internet connections with multiple ISPs and would like to implement load balancing between his different links. I know there should be a kind of ISP coordination for BGP routing; but can somebody assist me with t...
Dear All,I have 2 branch routers being configured for site-to-site VPN, but the tunnel is not coming!I ran debug and I am attaching herwith the output for your kind review and recommendation. I am also attaching here the configs of the 2 branch route...
Hi,Thanks for your confirmation.Why are you recommending avoiding BVI configuration is it about complexity or is there any limitation in BVI?Regards,Haitham
Hi Guru,Thanks for your feedback.So, in case of going for BGP dual homing what kind of coordination needs to take place between the ISPs themselves after purchasing the public IP block? I am not sure if there is a regulation in my country for ISPs to...
Hi,I am sorry maybe in the config which I sent the crypto map was not applied but I figured out that the problem is related to XAUTH, so after applying the keyword NO-XUATH after the crypto isakmp key command it worked.Regards,Haitham
Hi Joe,Yes it worked perfectly...So, what is the need for NO-XAUTH here, I have configured multiple site-to-site VPNs without using this keyword?!Is it because I am configuring remote access VPN on the HQ router?Regards,Haitham
Hi Rohit,Thank you so much, you were absolutely right. The accounting problem was due to the bug CSCsg97429 and the problem was resolved after applying the patch: applAcs-4.1.1.23.1.zipThanks,Haitham
