About communication.boy

communication.boy · 02-22-2014

When ordering Cisco ASA and SSL VPN we need to put extra SKUs which are highly priced . Lets say I want to add a 100 user SSL VPN ( web based ) licnese to my ASA 5515 then the price would go way high .Someone told me that if I go with a fortigate dev...

communication.boy · 11-08-2013

Network DiagramConfig of BranchIOS Version(C2801-ADVIPSERVICESK9-M), Version 12.4(15)T7,Physical Interfaceinterface Vlan220ip address 10.152.1.202 255.255.255.252no ip redirectsno ip unreachablesno ip proxy-arpno ip route-cache cefno ip route-cacheTu...

communication.boy · 08-27-2013

We have a 4948 switch having IOS cat4500-ipbasek9-mz.150-2.SG7.bin . Even if ports are in administravelty shutdown status , physically the port shows amber light all the time .Is this a physical hardware issue or IOS bug ?

communication.boy · 08-15-2013

We can create an HTTP Inspect policy map and under the parameters configure it in such a way that it should spoof the HTTP Banner however when it comes to HTTPS server ASA doesnt support HTTPS filtering therefore we wont be able to spoof the header ...

communication.boy · 08-13-2013

I am having a web servers configured and cisco has a total of 6500 signatures in database . I was wondering if someone has a sample or best practises document which points out specific signatures we should enable for web servers . Once that is done I...

communication.boy · 11-08-2013

Thanks , with phase 1 I was still using one single physical interface to source 2 tunnels but with that the ipsec algo must be running different way Thanks a lot

communication.boy · 11-08-2013

Thanks Marcin , works like a charm The other customer never had this problem , they were running 1700 , IOS 12.3 running DMVPN Phase 1 with shared ipsec profiles but I never used shared keyword after profile name , maybe something new because of new...

communication.boy · 11-08-2013

Thanks Marcin If I am having the encryption policies correct then it shoulndt be a problem but considering this a IOS level programing limitation I thought of giving it a try , i used same policy and the result was same .interface Tunnel220 ip addre...

communication.boy · 07-29-2013

Here is a revised diagram . Even though WAN 1 has tunnels to other branches I have removed link in this latest diagram as it will create confusion and those tunnels are not related to this problem .Branch communicates to WAN 2 using tunnelBranch comm...

communication.boy · 05-31-2013

Thanks but this only shows tcp connections . Looks like simillar to netstat command in linux/windows but I am looking for something simillar to show control-plane host open ports where it list all UDP and TCP services .

Member Since	‎06-22-2007 03:21 AM
Date Last Visited	‎08-18-2017 04:03 AM
Posts	134
Total Helpful Votes Received	1

User Statistics

User Activity

SSL VPN - Fortigate Vs Cisco

IPSEC and Tunnel Protection

4948 Switch and Amber Light

ASA HTTP Parameters

IPS Signatures for Web server

Re: IPSEC and Tunnel Protection

IPSEC and Tunnel Protection

IPSEC and Tunnel Protection

Re: Inter and Intra routing

Switch open ports