Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,I have a very specific requirement as so:When a object-group of Source IPs accesses Webserver_1, permit without NATWhen a object-group of Source IPs accesses Webserver_2, permit without NATWhen anyone else accesses Webserver_1, then permit without...
I'm ordering new FPR4110s to replace me ASA5585x HA pair which is currently running 9.6(4)25. When ordering the FPR4110, i have the option of getting it with FXOS 2.2 (with ASA 9.8.2 image) or FXOS 2.0 (with ASA 9.6.2 image).I want to be able to cop...
Hi,I'm using a policer within a class on an egress WAN interface of a remote site router.The policer guarantees a minimum of 1Mbps of interesting traffic using bandwidth 1024.The policer also remarks to default for any traffic exceeding this amount.D...
I have the following policy applied on a 1941:policy-map QOS_OUT class HTTPS bandwidth 1024 police 1024000 192000 384000 conform-action set-dscp-transmit af31 exceed-action set-dscp-transmit default violate-action set-dscp-transmit 0 fair-queue cl...
I get the same issue. Packet capture also proves that the proxy is sending back a 407 with Proxy-Authenticate using NTLM, but Anyconnect keeps trying BASIC auth.Tried on:4.10.010754.10.040654.10.06079I'll raise a case and see what TAC say.
The remarking will occur on egress however, what i mean is that will the remarked packet add to the queue-depth of the HTTPS queue or the class-default queue.
The problem i'm seeing with FQ is that with a queue-limit of 256 packets, the per-flow Q size is 64 packets.This is not enough for, lets say, a simple TCP file upload as packets start to tali-drop pretty much immediately.I could increase this but i'm...
Thanks for your help Joseph,So you would recommend getting rid of WRED or FQ for class-default? If i should get rid of FQ, do i need to amend my max thresholds for WRED?