Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi there. I would like to get expertise about
IP prefix-list
to define remote VPN users.
Currently, 10.1.2.0/24 is for remote VPN subnet.
OSPF route table has 10.1.2.x/32. Belows are examples for remote VPN routes (/32)
10.1.2.91/32, 10.1.2.1...
We have three AnyConnect Profiles (3 of Tunnel Groups - i.e A, B, C). A and B AnyConnect Tunnel Group are tied to backend RADIUS servers for authentication. I just followed below AnyConnect doc with MFA. Now Azure MFA works fine for Tunnel Group C (S...
(Update 3/13) - I added "import ipv4 unicast map cff-internal-routemap" under one of VRFs interface with a prefix-list and route-map in order to redistribute OSPF into vrf enabled bgp. I see a little progress, but I am still not able to redistribute...
Hi, I have two ASAs. (9.6.(1) and 9.4.(2)11). According to the article, I can see only three versions of ASA affected by this bug. Then can I ignore this bug since my ASAs do not have below versions? or do you recommend to upgrade ASA? Thanks.
...
Good morning. I do understand the direction of acl in/out. Here is the example. I am doing on Nexus 1k which is same rule applied.
ACL in/out direction and interface
When you apply an ACL "in", the router examines all traffic it RECEIVES on the int...
(Updated) It is possible to use multiple IdP from ASA including Azure AD (same Identifier), however to use a same SAML server, it is required to use a SAME SAML Sign Certificate which I was able to do from Azure Portal. Basically, I imported/exporte...
I have a same issue. However, I found an interesting stuff. After the configuration, I was able to see syslogs from Solarwind Orion, but not from Kiwi syslog server (I am pulling to two servers). If you don't see any log shipped from the ASR, try it...
It works. thanks. I was confused.
port-profile type vethernet 218Vlanswitchport mode accessswitchport access vlan 218ip port access-group test2 inno shutdownstate enabledvmware port-group
ip access-list test2 permit ip 10.200.218.0/24 host 10.200...
