Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Dear All, I want to know what process will happen if i make a connection to server using https where the certificate is not trusted? I know there is digital signature on the certificate that need to be checked if we made https request to the server. ...
Hello All,I have problem with reverse route injection in IPSec scenario, just say i have a topology like this (i will post full topology and configuration later, sorry for that)(LAN)-----(VPN_HO) -----(ISP)----- (VPN_BRANCH)-----(LAN)VPN running succ...
Dear All,i currently have a big problem with inter-interface routing within ASA. If you could please take a look at my topology.My big problem is i can't ping from .82 which is R1 to 172.20.0.161 (ASA outside interface), i created a scenario when the...
Hi, could someone tell me if Cisco WAAS can be used for branch to branch optimization? Is this supported? My customer wants it this way so in the topology it will become full mesh implementation. Thanks RegardsAlkuin Melvin
Hi, i want to ask the function of smtp authentication in ironport. Is it used to authenticate with the exchange server or per client using LDAP? When i configure the smtp authentication, is it used for incoming or outgoing connection ? Thanks.Regards...
Dear Marius,So it is the limitation from ASA all this time. Yes, anyway we have changed the topology into one leg scenario and it works great. And just for information, we have tried the inter interface routing in a real life situation but we still c...
Hi Julio,Below is the output and from that we can see everything is up and allowed.ciscoasa# packet-tracer input outside icmp 172.20.0.82 8 0 172.20.0.161Phase: 1Type: ACCESS-LISTSubtype: Result: ALLOWConfig:Implicit RuleAdditional Information:MAC Ac...
Hello Julio,I have the GNS3 working for this lab scenario and no inspect ICMP on ASA by default. Below is the result for packet tracer : * Routing failed to locate next-hop for icmp from outside: 172.20.0.161/0 to outside : 192.168.10.10/0ASA Config...
It seems the available option for now is to configure the tcp state bypass on ASA because we do not have any router to put into. I have tried to configure the tcp state bypass but the traffic still do not pass through. Below is the configuration for ...
The source ip address is 172.20.0.82 which is R1 and destination ip address is 172.20.0.161 which is outside interface of ASA. On ASA i created a static route for network 172.20.0.82/28 will be forwarded to 172.20.0.162 which is R2 interface that is ...
