Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi, I would like to enable smartlog on a WS-C2960X-48LPS-L switch (so I can capture ARP inspection & DHCP snooping packets) but the commands don't seem to be present. It's running IOS 15.2(3r)e1,(fc1) with a LAN Base license. I've tried creating a fl...
Hi,I've got a switch with the following AAA config, which let's me log in via SSH with local accounts as expected.aaa new-model
!
aaa group server tacacs+ TACGRP
server name tac1
server name tac2
ip tacacs source-interface Vlan1
!
aaa authentication ...
Hi,
I can’t seem to get the below to work, so hopefully someone can help. The ASA has 4 live interfaces as below.
1. Outside (security 0)
2. Inside (one sub interface, security 100)
- inside_11_infrastructure
- - PAT’d to the outside interface (wo...
Hi,
I have DHCP snooping enabled but have a few questions.
sh ip dhcp snooping statistics det Packets Processed by DHCP Snooping = 551 Packets Dropped Because ... Received on untrusted ports = 526
1. How...
Hi,
Using an ASA 5512-x running 9.3(3). I have Anyconnect VPN configured to PAT the remote access subnet to one of the inside interfaces (due to internal routing restrictions).
For example...
Remote subnet: 192.168.10.0/24
Internal subnet: 192.168.1....
The issue was with the 'aaa authorization exec default local' command already being present on this device.I guess it makes sense, because by default VTY lines use the default authorization list for authorization, so when a user logs in via VTY it tr...
I still don't understand this, weren't both NAT's static?
nat (Lab_13_LAN,inside_11_infrastructure) static interface service tcp 3389 3389 (not working)
nat (Lab_13_LAN,inside_11_infrastructure) static x.x.x.251 service tcp 3389 3389 (working)
In ter...
That works, config below. Can you explain to me why I can't use the ASA's interface IP?
Also, why wasn't I able to capture traffic for port 3389 on the ASA with the previous config? It was as if the traffic wasn't getting there at all, probably rela...
