Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a situation were we require asymmetrical routing. I have turned on TCP-State-Bypass and if I do a show conn I can see the connection with a B flagTCP OUTSIDE 10.10.20.15:1157 INSIDE 192.168.135.15:80, idle 0:00:12, bytes 564, flags UIOBHowever...
There are a lot of ways to do this but I am looking for ideas on a "best practices" way to accomplish this. Situation: We have approximately 800 users and 50 VPN's that are in use 24x7 and extremely critical (emergency service personel). We have 2 pr...
reat now I have packets flowing but I had do to some extra stuff and I am not sure why I had to do this extra stuff. I am using ASDM 6.4 and IOS ASA 8.4(2) just to clarifyI could not get it to work by just using ASDM and adding a Service Policy Rule....
Ok I have isolated it to this. It builds a tcp state bypass connection on each firewall as long as the packet is coming from the outside. When a packet hits the firewall from the inside there is no building of the tcp bypass connection.I build this i...
Ok Let me see if this clears things up. I have created a better diagram of the designMost of the users enter through the outside address b to get to the Web-APP. This works well. Straight in and out. The issue is with users who must enter through out...
Your posts have been extremely helpful. I am using a simulator to test this prior to implementing it in production so I can easily make changes and test different things. I think I have the issue surrounded, now if I can just get it to work.Here is w...
Still an issue. Something is wrong but I can't see itthis is what I have, trying to keep it simple, this is a proof of concept lab environment prior to moving it to productionclass-map global-class-tcp=state-bypass match anypolicy-map global-policy ...
