Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
If this has been asked before I apologize however my searches didnt find any answers:
I have a AIR-LAP-1242N-A-K9 with BootIOS 12.4.23.0, IOS 12.4(23c)JA10 and software version 7.0.252.0 connecting to controller 4402 (I know its old)...This AP will ...
Hello everyone - I probably should know this answer, however I'm not 100%. If I change the ID cert (trust point) of the external interface to use a "newer" certificate while there are AnyConnect clients connected, will the sessions be terminated? I b...
Hi everyone and thank you in advance for your assistance.I have a legal requirement to allow access to a given set of WAN sites while blocking all other WAN sites. Yes these are MPLS sites, however its a meshed and there are no plans to "segment" th...
My apologies in advance if this has already been answered.I have to limit a particular site from reaching other sites via our WAN cloud. I believe the easiest is to "white list" the nets that are allowed and allow the implicit deny all take care of ...
Hello everyone please forgive my ignorance, I feel like I should know this information.Please refer to the attached PDF for network details. My scenarioIn this given region, we have PTP links for backup access via another site for our MPLS WAN. We ...
Hi everyone - After further discussion with my security team, they are in agreement that a "no return path" is sufficient. We understand that this is not optimal and a firewall is honestly the best option, however we do not have that option at eithe...
Richard - wouldnt the lack of a return path to the original network aid us here? Assuming a 2,4,6 client tries to RDP to a server the returning packet would time out as there would be no return path from the core switch, correct?
Hi everyone - I didnt even think about prefix list and blocking the routes from appearing in the routing tables. We are using BGP globally on our WAN into each sites core.We do not default route to the WAN only our local firewalls for internet acces...
