You get to find out only until this happens to YOU. We have a core firewall w/ over 70 static routes, route-maps, NAT configs that were just gone w/out an option to recover. Anybody has a work around to apply static routes via CLI directly?
I need assistance with Anyconnect VPN for remote users. Im able to connect to the internal services by creating a NAT Exception "Static". But traffic destine to the internet is getting blocked by phase either 3 or 4 depending on the changes i've made...
Hi,
I'm trying to come up with a solution where if traffic that is not being sent to the to proxy and going to port 80 and 443 to send the traffic to the my next-hop which in this is case is my default route.
Example; I have a default route to go...
I purchased a 5520 with an SSM20. Since day one the configuration "Default" has been blocking traffic from INSIDE to OUTSIDE>. After doing some reasearch i thought that i was getting blocked by the SSM20 but that has been cleared and HW-module module...
Marvin, Any thoughts on FMC 6.6 ? It appears that the FMC is reaching out to the url via IPv6. However, there isn’t an option to disable IPv6. Best regards,
I believe I ran into your issue last night. If that happens again double check your service-policy thru CLI
1. Class map "match address"
2. policy-map - apply your class and any other parameters
3. policy-map should be in your service-policy...
I...
NTA shows high bandwidth utilization because the tunnel its self as far as bandwidth is doing 8kbps or 10kbps... if you show your stats with show interfaces tun 0 you can see that the interfa e has a high utilization of 193/255. A bandwidth statement...
Thank you for the info - Let me add that we are running DMVPN and unfortunately the route-base policy is not working. I think this is because of the NHRP but no one has been able to confirm that’s the case.
Yes, it appears that my old Verizon router is not properly NATing my traffic from the INSIDE network. After doing dynamic "PAT" NATing on the ASA i was successfully able to reach the internet. Which is a good reason why i got the ASA... to learn it i...
