Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a couple questions about route tagging. I don't currently use it but it may help with some issues. As I understand it:
BGP tags routes "automagically" with the AS numberEIGRP does not tag routes unless explicitly told toOSPF does not tag rou...
I have been investigating using CDA to get IP->User mapping, to allow us to write User/Group rules on the ASA firewalls. My server engineers do not want to apply the patches and especially the registry changes on our domains controllers. We were als...
I have been tasked with getting so that our ASA rules have visibility to what user is hitting a rule (not necessarily to enforce rules that way, yet). I am not sure where to even start this process.I see the "Identity Options" policiy in CSM, which ...
We are trying to restructure our edge network. The ASA with NATs is currently on a natural /24, as is its upstream router. We are trying to change the ASA and router to reside on a /28 that is part of the existing /24. In so doing we have added ro...
We have a few APs - CAP3502 and LAP1242s for the most part - whose H-REAP "Native Vlan" doesn't match the switchport's native vlan. It appears that the switchport native vlan is what gets used for the AP for DHCP (it gets an AP IP address from that ...
Karsten, one thing we'll want is to test first, of course - do you happen to know if I can then specify "Any" for User/Group in a rule, and have the UserID and/or Group be in the log messages? Thanks again.
Karsten, thanks. Those look like good links (they *work*, for sure...;^) and will be useful. I'll come back and mark this Correct as soon as I read them.Thanks again.
