Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All, I'm sure there is a simple answer i am missing here, so hopefully I am enlightened quickly! We have an Cisco ASA5516-X on site which the outside interface is a private IP on a /30. This goes to a router that pushes to a core network and strai...
Hi All, I've come across a minor issue on our network which is something that hadn't crossed my mind when configuring our multihomed BGP environment.I am learning a destination from our least preferred peer, within a /24 subnet. I am learning the sam...
Hello all,
Hoping someone can provide some suggestions on t-shooting an issue i'm seeing in my network.
Some configuration insight, my gateway (172.16.0.10 is a router that also has 10.10.10.192/26 configured on another interface (10.10.10.253). Th...
Hello all..
I have a HA pair of 5516's. For historic informational purposes: these have been on the same firmware and utilizing hairpin NAT without issues for 18months+
Recently in doing some network changes, I applied PBR to the inside interface t...
Sorry maybe I didn't explain sufficiently in the OP. The routers do not do any NAT - essentially forget the router's exist.The firewall has it's outside interface as a private IP. I had then configured a NAT rule on the firewall that NAT's the interf...
There 's no ACL's on path either, so no issue there.I do control the other device, the remote device doesn't see a reply to it's VPN requests. It's config is below:nat (any,any) source static <local subnet> <local subnet> destination static <remote s...
Hello, There's nothing in the way to restrict the ports - on both ASA's its also ticked to bypass interface ACL's for inbound sessions.One thing I have noticed with debugging on the local side, I am seeing the below message: 7Mar 06 201915:27:1571000...
Thanks for the reply.Sorry, I should elaborate a bit more. These peerings are downloading the full internet routing table and there are about 4000 prefix differences, where a more specific subnet is being learnt from the least preferred transit, judg...
Hi Rick,
Thanks for the additional response. After spending a large amount of time t-shooting, getting captures etc and finding absolutely no rhyme or reason, I arranged a maintenance window and tore down my entire config and rebuilt it, with no top...
