Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hey folks,
In my company we're using DMVPN to connect a lot of branches to our headquarter.
It usually works as expected, but there are some branches connected to a provider router which is using a private network to connect us. So NAT is in place....
Dear guys,
Our DMVPN network is built by two Hubs in our HQ and small branches with one or two routers. Sometimes there are firewall(s).
Two networks for DMVPN:
First hub: 10.4.1.0/24
Second hub: 10.5.1.0/24
Branches with just one router are co...
Hey together,
Situation:
Site-to-Site VPN with NAT between two ASAs
My SAP colleagues asked me to build a vpn to a partner of them.
Private ip (server sap) - NAT (our public space) - VPN - Partner (their public range) - NAT to their local private i...
Hey together,
I bought some WS-C2960X-48LPS-L & WS-C2960X-24PS-L running 15.2(2)E7.
I built a default configuration for each type of model.
Amongst other things, I configured vlan 101 to use it for mgt stuff via usual uplink. Of course I configu...
Hey guys,
I was searching for best practics regarding ip cache timeouts, but I didn't find something.
Independently which system (ASA, Switch or Router), what did you configure for ip flow cache active timeoutes and ip flow cache inactive timeoutes...
Issue has been solved.It was because of NAT and public ips.We needed to use two public ip addresses per internet connection to have one NAT session for each router.Same for backup. So each router have a reserved public ip on each internet connection ...
It was a firmware bug.The router was delivered with a newer and not recommended firmware (forgot which one).After a downgrade, the issue has been solved.Now the router uses the recommended firmware.
I figured out the issue.
Depending on the firmware version of the ASA the configuration is different.
On older versions you needed to configure a rule which allows traffic from your public IP to your internal private ip.
In newer versions you n...
I figured out the issue.
Depending on the firmware version of the ASA the configuration is different.
On older versions you needed to configure a rule which allows traffic from your public IP to your internal private ip.
In newer versions you n...
Thanks for your answer.
There is a rule on the outside interface, allowing remote Public subnet to our public subnet (permit ip from 217.7.130.224/27 to 194.59.23.32/27)
Is that what you mean?
