Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a few questions about Nexus ITD.1. Can I have ITD running on multiple Nexus 7000 chassis at multiple data centers all active? Seems like I could since it is stateless, but this does raise other questions (see below).2. Does ITD provide true co...
I have a multi-context firewall configured and have recently lost the ability to log into the admin context cluster IP. I can still log into the physical interface IP of each firewall. I receive the below log message. I have two clusters and one of t...
I've been trying to find a way to have an ASA advertise static and dynamic NAT through a dynamic routing protocol without luck. There appeared to be a way to use static routes along with NAT to do it with 8.2 and earlier, but I don't think that works...
Does anyone have a configuration example for enabling LISP in extended mode for only IGP assist? This would be without a mapping database. I am only asking for the LISP configuration that would allow the injection of the /32 route into EIGRP when a V...
When users authenticate to AD through ISE for SSLVPN connections, the ASA lists the users as being in domain \LOCAL. The \LOCAL\User + IP address can now be passed to Context Directory Agent and be available for Identity-based firewalls. The problem ...
Previously it worked like this:L3 roaming with concentrator = non-encrypted tunnel to MXVPN tunnel data to concentrator = encrypted tunnel to MXAt some point Meraki changed it to this:L3 roaming with concentrator = encrypted tunnel to MXVPN tunnel da...
I changed to IKEv1 and it is stable now. When I configured the ASA for v1, it said one side had to be responder only. The Palo was set to responder only. I wonder if Setting the Palo to responder only with IKEv2 would have worked also. I couldn’t tes...
Did you ever find the cause of this issue? I am seeing a similar issue between a Palo Alto firewall and ASA firewall. The difference being that we are doing NAT-T and it doesn't look like you are. Thank you,Mark
Akmal, Did you get this working? I believe I am currently running into the same issue and it looks like we have the same settings configured. The majority of IKEv2 rekeys happen without a problem, but I see an issue with it every few days and the tun...
My customer just ran into the same issue. WSA S695 was purchased, but now they want to connect to 10G. WSA S695F would have been the correct model to order. Is the official answer that you cannot upgrade the ports on the WSA S695 to 10G?
