About stuart_jones

stuart_jones · 02-08-2021

Hi all,While running a packet capture on an access switch for a device (10.1.1.1) I blocked it's internet access on the FTD (4125) as it was trying to reach 50.1.1.1.I did this by blocking all traffic for 10.1.1.1 through the FTD with a "Block with R...

stuart_jones · 08-24-2020

Hi all, During a recent core swap out we experienced some routed traffic being black holed. This happened when the layer 2 connections were brought up on the new core and was resolved when the layer 3 interfaces were brought up to form the OSPF neigh...

stuart_jones · 03-26-2020

Hi all,I know this is a common thread but I'm being pressed to get this sorted ASAP. A new interface, Outside2, to send all traffic of which the vast majority goes down a VPN to a web proxy. There are three VPNs in total. I changed the interface the ...

stuart_jones · 10-25-2019

Hi all,I'm trying to connect a WS-C6509-E, 1000BaseLH GBIC, to C9300-24T, 1000BaseLX SFP, using a single mode fibre.However, the link is not even coming up as connected. All the basic physical checks have been done.This isn't the first time this issu...

stuart_jones · 10-17-2019

Hi all, There are two core routers with equal cost paths to them from the distribution switches. One core router needs to be taken down. If this is done gracefully how quickly will the distribution switches change its preferred route to use the other...

stuart_jones · 08-25-2020

Hi Giuseppe,Thanks for your reply.As I replied to Jon the static routes go back to both cores. You're right that we shouldn't use static default routes on the distributions. This is our legacy network which we're looking to move away from so that wil...

stuart_jones · 08-25-2020

Hi Jon,Thanks for your reply.The two static routes point to the P2P OSPF SVIs on the core 1 and core 2 of which the core 1 SVI was down. As the distribution SVI came up with the port channel the static route would have become a valid route again?

stuart_jones · 05-12-2020

It turns out the above was suffice but the DNS being used on site was pointing to the old ISP which was blocking the IP address of the new ISP.Making the above changes and changing the DNS to Google resolved the issue.

stuart_jones · 04-01-2020

Hi Crisitan,It will dual run for a short period then be shutdown. I wasn't aware a NAT statement would cause the ASA to bypass the RIB.There isn't a NAT rule in for the VPN to the web proxy. Am I right in thinking VPNs don't require a NAT rule given ...

stuart_jones · 10-25-2019

Rather embarrassingly this was just a polarity issue.The perils of working remotely!Thanks all for your responses regardless.

Member Since	‎08-25-2017 07:49 AM
Date Last Visited	‎03-26-2021 12:03 AM
Posts	16

User Statistics

User Activity

Firepower allowing packets through despite block with reset rule

OSPF behaviour during core change

ASA 5515 ISP Migration

Connecting a WS-C6509-E to C9300-24T

Ospf Convergence between two equal cost routes

Re: OSPF behaviour during core change

Re: OSPF behaviour during core change

Re: ASA 5515 ISP Migration

Re: ASA 5515 ISP Migration

Re: Connecting a WS-C6509-E to C9300-24T