Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I am performing a POC config for a project I am working on. I have configured a ZBF and it works as intended with one exception, traffic in from the Internet is not inheritly blocked, I think, to the self zone. In the below config I am allowing ICMP ...
I am using a bgp config similar to the below. Works perfect for specifying one route to be preferable for specific source/destination traffic. However, if the preferred route route detects a link failover it will failover, but it will not fail back a...
I am looking into the possibility of configuring a SIP trunk on a Cisco 1900 Series Router. The router does not have the IP telephony license, but it does have the security bundle. I do not need the router to do any telephony other than simply routin...
I need to capture Netflow v9 and NSEL traffic. Ergo IOS netflow traffic, and ASA netflow traffic (NSEL). I am trying various netflow caputiring tools right now, but they are paid for offerings that do far more than what I am really looking to do. I s...
Below is the config I wrote up. Basically, I have an admin user previously defined with priv level 15, and a new user as defined below. I want the new user to be able to VPN in using the IPsec tunnel, but I do not want the admin to VPN in. How would ...
No frustration, just lacked the right configuration. Yes, a Palo Alto or ASA would make this far easier but that's neither here nor there. I simply needed to confirm the exact steps to limit traffic to the self zone effentiently but now I do without ...
I appended the below to my configuration I posted in my original post. This seems to work and block traffic the self zone. Is there anything about the below you might change? Since I'm defining traffic for self to inspect I do need to add other inspe...
All good, and thanks! I ended up using the below. Your advice did help. I was trying to use a distribute list but couldn't get it working exactly as I needed. Instead I used the additional route map like you suggested, just that I used a deny. The be...
My issue is weight that I set works fine when everything is up. If I failover from the MPLS to the ME and reinstate the MPLS connection the preference does not take affect. I have to reload BGP on EDGE1 and 2 and I do not understand why. BGP should u...
I figured out the route issue, but the preferred route still isn't coming back once I failover and back. I everything is working except the fact I need to restart BGP for it to apply a preference or weight again after failover and failback.
Missing ...
