About ahmad82pkn

ahmad82pkn · 08-03-2024

Hi Team.I have a host on LAN that is trying to build IPSEC VPN with remote site.I am using Dynamic PAT for all traffic.I believe it should work.But interestingly, I see all traffic getting NAT but not UDP 500.Any idea why? Ideally i want UDP 500 and ...

ahmad82pkn · 08-01-2024

Hi Guys, I am tasked to design a network. And looking for some guidance.Two FTD ( Not in HA ) Standalone with 1 ISP Link connected on each with static default route.Two Core SwitchesEach Core Switch connected with Both FTD with Layer 3 linksBoth Core...

ahmad82pkn · 07-23-2024

Cisco ASA question2 Questions:1-why cant i see interface eth1/2 and 1/3 in output?2-Also, how to find out which ports are part of port-channel?fw# show int ip briefInterface IP-Address OK? Method Status ProtocolInternal-Data0/0 unassigned YES unset u...

ahmad82pkn · 02-25-2018

Hi, Using BGP Maximum-Prefix Feature I can controlland generate a warning If my router is receiving high number of prefix than configured. Is there any way to do reverse? I mean to generate a warning message if my router is advertising X number...

ahmad82pkn · 07-26-2017

Hi, We are having some weird issue, where throughput is very low 2MB/sec between two hosts over the Single Model Fiber WAN link. On investigation, its found that our carrier port is configured as 10G/Auto negotiate and negotiating in 10G and my side...

ahmad82pkn · 08-03-2024

I think, I have found the problem.NAT is working fine as per Packet tracer after clearing connection in FTD.Why SRX not able to build VPN and not showing nat in show conn command is probably due to below misconfig.SRX has this config.set security ike...

ahmad82pkn · 08-03-2024

You are correct.First let me clarify. There was existing connection in Show conn | include IPThat is why packet trace was not showing correct information and going to fast path..Clearing Conn entry . I can see its now doing proper NAT in packet trace...

ahmad82pkn · 08-03-2024

But why all other ports are natting with my existing NAT statement and not only 500 and 4500?

ahmad82pkn · 08-03-2024

nat (Guest,outside) source dynamic Guest_Subnet interfaceI dont want to create static NAT. As I dont have any Public IP other than WAN Interface with public IP.Thats what I have

ahmad82pkn · 08-01-2024

Hi Giuseppe,I see what you are saying. And this way My Core will be able to find suitable exit path based on E1 Metric advertised as you suggested.But how return traffic path from FTD back to Core 1 will be decided?Like How FTD 1 will know it needs t...

Member Since	‎01-14-2009 05:52 AM
Date Last Visited	‎07-25-2024 05:42 AM
Posts	467
Total Helpful Votes Received	28

User Statistics

User Activity

FTD NAT Issue on UDP port 500

Need Advise for OSPF Failover Design

unable to see interface in ASA and Ports part of Port-channel

BGP Maximum-Prefix Feature

Throughput and dup acks

Re: FTD NAT Issue on UDP port 500

Re: FTD NAT Issue on UDP port 500

Re: FTD NAT Issue on UDP port 500

Re: FTD NAT Issue on UDP port 500

Re: Need Advise for OSPF Failover Design