I just arrived to this company as a network administrator.
I have a scenario that moves too fast. We are 400 users and we are using 3 different gateways for 3 networks (WiFi, guests and Main).
For our main network we're using Microsoft TMG (way ...
I have been looking a lot for a answer to this question and I just found concepts rather than configurations.
I need to remove this line from the ASA configuration:
route outside 0.0.0.0 0.0.0.0 190.181.X.X 1
I am actually using this interface t...
I have been struggling with an ASA for weeks now because of very particular requirements. Our offices have just started using AnyConnect as a main VPN Client. Everything was working ok.
But now I have a group of Apple clients that will ...
I am facing a really simple but tricky scenario. My ISP is giving me 2 public IP addresses, both in the same network. They also gave me the default gateway which of course is in the same network too.
I need both ip addresses fully opera...
I was looking information about the order in which the router processes packets. If the router had statements to forward packets from a specific IP address, what statement will be processed first?
Let's suppose the router has the following stat...
Thanks for the answer,
So there is no way to make this U-turn in ASA? (attached)
The VPN clients redirects ALL the traffic through the VPN, and I need them to use the edge-router to browse the internet.
That worked perfectly!
Although I have a really weird issue now. When I share internet from an iPhone (hotspot) and use the AnyConnect client, even if I have split tunnel configure and the "Allow LAN access" checked, the traffic is redirecte...
As un update, I have tried this change:
group-policy DefaultRAGroup attributes dns-server value 10.100.1.9 vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn split-tunnel-policy tunnelall tunnel-group DefaultRAGroup general-attributes address-pool...
It was a requirement for some developers inside the company. Some traffic from specific applications and hosts should use the second public IP address to reach the internet.
ACLs and PAT helped a bit, then route maps were helping too. Then it go...