Indeed, but i wonder if the same can be possible on an ASR1001X router for example: keeping this timer for return packets. why ? well, because of Cisco :-) and in particular Cisco WebEx. WebEx by default tries to connect to UDP/9000, but how do i need to match the return traffic if i need to pass the traffic through an ACL on an Internet Border router (before the firewall) ?? Of course, i can open ALL UDP/9000 source traffic, or i can try to limit this to Cisco WebEx server sources only, but it would be great if i did not have to do this manually, but that the router would allow automatic UDP return traffic to the same source port, if the reply comes within 20 seconds or so. ... View more

Hi Guys, I´d like to expand the question... I`m using in an ACL on an IOS-Device (15.5.3) an object-group Service in the ACE - but in comparison to an ASA when issuing the "Show ip access-list" Output, not each Service Statement is showing up! Is there something I`ve done wrong or I´ve forgotten in my config? OR is this not possible at all?!   e.g.   IOS: object-group service OBJ-SERVICE_TEST-IOS tcp-udp eq 102 ! ip access-list extended ACL_TEST-IOS permit object-group OBJ-SERVICE_TEST-IOS any any ! IOS#sh ip access-lists ACL_TEST-IOS Extended IP access list ACL_TEST-IOS    10 permit object-group OBJ-SERVICE_TEST-IOS any any (10 matches)       +++ ONLY ONE LINE   ASA: object-group service OBJ-SERVICE_TEST-ASA tcp-udp port-object eq 102 ! access-list TEST_ACL-ASA extended permit object-group OBJ-SERVICE_TEST-ASA any4 any4 ! ASA# sh access-list access-list TEST_ACL-ASA line 1 extended permit object-group OBJ-SERVICE_TEST-ASA any4 any4 (hitcnt=10) access-list TEST_ACL-ASA line 1 extended permit tcp any4 any4 eq 102 (hitcnt=5) access-list TEST_ACL-ASA line 1 extended permit udp any4 any4 eq 102 (hitcnt=5) +++ AN ENTRY ALSO FOR EACH SERVICE - TCP/UDP +++   gr, Dan ... View more

Were you able to verify ntp authentication? I'm having the exact same concern. ... View more

Hi Kevin, We at Onyx Beacon find your question really interesting, which is why we would like to provide an interesting use case where the bluetooth radio in a Wireless access point would come in handy. The use case is dedicated to asset tracking projects that can assist employees/managers to have a broad overview of their infrastructure on premise. With the bluetooth radio in the AP you can constantly monitor the region and report back to a backend system that can share more comprehensive information on what's happening in your facilities. If you'd like to find out more about this type of implementation, feel free to reach out and we can have a more detailed conversation. Looking forward to hearing from you, Razvan. ... View more

This is the management port meant only to manage the switch. For details see below http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/int_hw_components/configuration_guide/b_int_3se_3850_cg/b_int_3se_3850_cg_chapter_0100.html HTH Madhu ... View more

The command "show tcp" shows you the windows-sizes for the actual connections on the router. ... View more

That's correct - the physical parent interface does not have a nameif, IP address or security level (either explicit or derived). Your subinterfaces can be any mix of security levels - all the same, all different or however you need. ... View more