Hi Everybody,   currently I'm working on implement policies according to the CPPr but a couple of questions comes to my mind:   1. Is there any standard to start policing the Management traffic (SSH, SNMP, Telnet, etc)?? 2. How can I identify the current rates for the management protocols in order to Policy them??   I understand how the MQC works and for sure understand the the CPPr optiones and benefits but I cannot find a way to start using it in my network or tuning it for my needs.   Kind Regards,   Jose-Manuel Cortes  ... View more

Hi everyone, I'm working on the configuration of IP DHCP snooping and DAI on some of the customer´s branch offices, I've found a lot of information in guides and blogs and so but my deployment is quite different of the traditional approaches that those guides show. I have a Metro-E connecting some 3850 Switches in Stack that work as the core switches for each branch office. Those switches are the DHCP servers as well for each location. I totally understand DHCP snooping and how to configure it in all my Access switches (typically 2960 and 3560), my question is regarding the utilization of the following two commands into my Core Switch and if I should configure this one with DHCP Snooping ( I think I should).  1. ip dhcp snooping information option allow-untrusted As I understand this command is used into the switches in order to permit the packets with option-82 enabled in any untrusted port. So I need it because at the core I will received a bunch of packets with this option because of the Access Switches. 2. ip dhcp relay information trust-all I've read that this command is usually used in IOS routers (where the DHCP service is configured) in order to allow any packet with the very same option 82. In my case, as there is no router and the Core Switch is the DHCP server should I use both commands or with the 1.  would be enough?? please justify your answer in order to totally understand these features.   Best Regards, ... View more

Hi everyone,   I'm facing some issues with a customer where the Skype app is not working proplerly. Sometimes they cannot even connect to the service. They are using automatic proxy detection features with a wpad.dat file that controls if the traffic is or not sent by the proxies and which proxy should be used based on the IP address of the host. When some user runs skype app on his computer I can see some requests directed to the WSA and some others sent directly to the ASA (this one drops these connections). At the end the app could either connect or not is random. Somebody could give me some heads up about some workaround to allow the app through the WSA (Maybe I'm missing something) Thanks in advance   Best Regards, Jose. ... View more

Hi everyone, I'm facing some issues with a customer where the Skype app is not working proplerly. Sometimes they cannot even connect to the service. They are using automatic proxy detection features with a wpad.dat file that controls if the traffic is or not sent by the proxies and which proxy should be used based on the IP address of the host. When some user runs skype app on his computer I can see some requests directed to the WSA and some others sent directly to the ASA (this one drops these connections). At the end the app could either connect or not is random. Somebody could give me some heads up about some workaround to allow the app through the WSA (Maybe I'm missing something) Thanks in advance   Best Regards, Jose. ... View more

Hi everybody, I have some brand new C170 appliances and I was trying to create a cluster but it seems to be that the command is not available via CLI. I have configured clusters in the lab environment using the Virtual Appliances but it happens to be that I need a CM feature key (according to the research I've done). Could someboy answer me some questions like: What is this feature key the guides talk about? How do I get a CM feautre key? Does it have a part number? How do I install it? How do I know if it is or it is not enabled in my system? Thanks in advance, Jose M. Cortes H. ... View more