Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
When ordering Cisco ASA and SSL VPN we need to put extra SKUs which are highly priced . Lets say I want to add a 100 user SSL VPN ( web based ) licnese to my ASA 5515 then the price would go way high .Someone told me that if I go with a fortigate dev...
Network DiagramConfig of BranchIOS Version(C2801-ADVIPSERVICESK9-M), Version 12.4(15)T7,Physical Interfaceinterface Vlan220ip address 10.152.1.202 255.255.255.252no ip redirectsno ip unreachablesno ip proxy-arpno ip route-cache cefno ip route-cacheTu...
We have a 4948 switch having IOS cat4500-ipbasek9-mz.150-2.SG7.bin . Even if ports are in administravelty shutdown status , physically the port shows amber light all the time .Is this a physical hardware issue or IOS bug ?
We can create an HTTP Inspect policy map and under the parameters configure it in such a way that it should spoof the HTTP Banner however when it comes to HTTPS server ASA doesnt support HTTPS filtering therefore we wont be able to spoof the header ...
I am having a web servers configured and cisco has a total of 6500 signatures in database . I was wondering if someone has a sample or best practises document which points out specific signatures we should enable for web servers . Once that is done I...
Thanks , with phase 1 I was still using one single physical interface to source 2 tunnels but with that the ipsec algo must be running different way Thanks a lot
Thanks Marcin , works like a charm The other customer never had this problem , they were running 1700 , IOS 12.3 running DMVPN Phase 1 with shared ipsec profiles but I never used shared keyword after profile name , maybe something new because of new...
Thanks Marcin If I am having the encryption policies correct then it shoulndt be a problem but considering this a IOS level programing limitation I thought of giving it a try , i used same policy and the result was same .interface Tunnel220
ip addre...
Here is a revised diagram . Even though WAN 1 has tunnels to other branches I have removed link in this latest diagram as it will create confusion and those tunnels are not related to this problem .Branch communicates to WAN 2 using tunnelBranch comm...
Thanks but this only shows tcp connections . Looks like simillar to netstat command in linux/windows but I am looking for something simillar to show control-plane host open ports where it list all UDP and TCP services .
