Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi. I'd appreciate any information or experience you may have in the following scenario.
If you have 3 Anycast RPs that have an equal routing metric from a host that wishes to join a multicast source, how does OSPF load balancing impact this solut...
Our current project involves integrating a couple of systems between two seperate networks. These networks are owned by independant parties, and there is some address space overlap. Can implementing NAT on the firewall alone solve this issue, or do...
I've been wrestling with this for awhile. I only have visibility on my end as the Juniper firewall is owned by another entity. The VPN was set up and working at one point. I could initiate a ping from my side, miss first ping while tunnel establis...
Hi! I've configured a DMZ on my ASA 5510 using ASDM 6.4.The DMZ has a security level of 25. I added an ACL to allow the servers in the DMZ to communicate to a couple of our backend databases on our internal network over SQL ports.My problem is that...
As Jouni also demonstrated, the Permit IP any any (Jouni was specific to the interface address range) allows the traffic out to the internet. This rule is at the end, and processed last, so if the traffic was destined to one of your internal address...
Mark,My workaround has been to first put in Deny statements for each network in security level above the DMZ. Then add a Permit IP any any below those . This will have the same effect, and you can punch holes by adding your specific Permit statemen...
Thank you for the clarification. If the following circumstance presents itself, are we again looking at NAT on both ends? Or is this true only if the same networks need to communicate --but if only the 10.100.1.x needs to communicate with both, the...
Okay, I have configured the VPN with a filter. Now my packet trace does just about the same thing, although an ACL lookup fails instead of a VPN lookup.The packet trace goes as follows...Route lookup checkAccess-list lookup checkIP options lookup ch...
Thanks for the reply.I originally attempted to accomplish this with filters, but couldnt get the tunnel to come up at all. I'm not familiar with how Juniper handles VPN. So if the crypto map matches on each end (Which you mentioned the Juniper will...
