Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello you guysNeed your help. I have an ACE architecture based on source-nat but I want to have the real source IP info on the destination real server. For HTTP packets I can set up x-forwarded-for, but is there a way to do the same for other TCP pro...
Hello to you allI have a very big ACL I want to implement (over 1000 lines), and I´m trying to minimize the impact and latency an ACL this size would bring to the network, so I wanted to group my networks and services into different object and servic...
Hello to you allI need your help. I´m trying to create a sticky group applied to my auth serverfarm based on the calling-station-id attribute, but for some reason when I apply the configs, I get not replies from my rservers. I´ve checked the radius s...
Hello to you allI have a Cisco ACE 20, and I´m trying to set up a serverfarm for my radius server to load balance ldap udp accounting packets. The ACE has an LDAP authentication probe but I see no native way of setting up an LDAP accounting probe, wi...
Good day to you allI need a little help on how to configure igmp snooping on a 3560.I have a pure L2 switching network and 2 hosts on the same vlan that want to communicate a protocol between each other using multicast packets.I wanted to configure i...
AjayThank you for the reply.I'm aware that x-forwarded-for is for HTTP only, that was why I was asking for a equivalent: some protocol, script, trick that can manipulate the TCP header in order to help me identify the real source IP address (?)
JouniForss Thank your for your feedback, and I've read before Cisco's best practices regarding ACLs. My particular doubt is more specific about the engine/process of FWSM when processing an ACL entry regarding its source IP, destination IP and port w...
turbo_engine26Thank you very much. That´s what I wanted to know.Do you know of any cisco document where that information is described? The part you mentioned "if the source doesn't exist in this entry, it of course will skip it and there will be...
turbo_engine26Thank you for your feedback. My question was not so much how the appliance will work in terms of checking for matches, but more in how it will work when a source does not correspond to the packet.An ACL is composed by 3 parameters, a So...
