About jgardner150

jgardner150 · 03-21-2019

Hello Community! I have had an established fully functional site running an ISR1100 with SDWAN. Just last week I lost tunnels on my MPLS connection and even though I have full connectivity (can ping all other edges, no firewalls in path, MPLS circuit...

jgardner150 · 01-21-2019

Hello community, I have a question regarding underlay network routing (VPN0) and how it affects control connections and ultimately ability to build IPsec tunnels. Explanation of my current setup: I currently have MPLS, Biz-Internet, & LTE connectio...

jgardner150 · 01-11-2019

Got a two part question today... 1. I have seen lots of mention of VPN512 (management VPN) in documentation and presentations, but I have yet to see a practical use demonstrated. Does anyone have thoughts on best practice to use this / are people a...

jgardner150 · 01-02-2019

In my deployment I have a production VPN (VPN1) and a guest VPN (VPN2). I want to allow my guest network to talk to specific devices on my production network for the purposes of wireless screen casting. My preference is to keep the traffic local in e...

jgardner150 · 10-10-2018

Quick question about the system IP address assigned to each vEdge router and vSmart controller in a deployment. I get that the main purpose is to act as a unique router ID, but I've noticed that their documentation is using ip addresses like 1.1.1.1 ...

jgardner150 · 07-29-2019

Do you know if there are any plans to allow multiple instances of the ASA on the firepower 4100 platform specifically? I currently have ASA on a set of 4110's in multi-context mode, but there are some ASA features that are only supported in single mo...

jgardner150 · 04-15-2019

Do you have a valid NTP server configured & is it accessible on VPN0? Time being off can cause this issue and has bit me in the past.

jgardner150 · 04-04-2019

Just wanted to closes the loop on this since I worked with TAC and got some help. Appears I am hitting this bug CSCvp12683. This happens randomly after reboot and usually can be corrected by flapping the link. I am still working this with them to get...

jgardner150 · 01-23-2019

Update on this. So it appears that the reboot is not putting it in a good state, just so happens that 8.8.8.8 worked after a reload: TEST-CE1#ping 8.8.8.8 source 192.168.1.201 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 8.8.8.8, ...

jgardner150 · 01-22-2019

@ekhabaro & @David Aicher Thank you for the replies and the explanation. The "max-control-connections 0" makes complete sense to me now. In my case I do have connectivity to the internet via my MPLS path and I'm adding the second default route to all...

Member Since	‎06-26-2007 02:11 PM
Date Last Visited	‎09-11-2019 02:07 AM
Posts	50
Total Helpful Votes Received	37

User Statistics

User Activity

cEdge - Logs or debug for IPsec connection attempts

SD-WAN – VPN0 routing & control connections

SD-WAN -- Management VPN 512 / Config Backups

SD WAN - ZBFW routing between zones

System IP Address - Should I use RFC1918 VS unique facticious IP addresses

Re: FTD Multi-instance Capability on Firepower 4100 and 9300 Series Appliances

Re: vEdge onboarding , "ERR_CERT_VER_FAIL" in vBond

Re: cEdge - Logs or debug for IPsec connection attempts

Re: SD-WAN – VPN0 routing & control connections

Re: SD-WAN – VPN0 routing & control connections