Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Dear Community We have just setup a new C1113-8P Router in our Testlab and are trying to get internet access without success. Here is our running-config: no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug dat...
Dear community I'm trying to realize a Site to Client (Remote Access) VPN Solution based on IKEv2 with Preshared Key Auth. The router is a C867 model with IOS Version 15.1(4r)M3 installed. However I can't find any best practices on the internet at al...
Dear Community We are using tacacs+ for aaa purposes. Currently each user has to submit their own username and password to connect to our switches. Once they are authenticated, they will have immediately access to the enable prompt. Now we would like...
Hello all
We have an ASA 5505 (V9.1) with sec+ and a Cisco WS-2960X-24TS-L.
3 VLAN's have been created on the ASA and the Switch. We made a NAT on the ASA for the public IP.
As of now, we are able to connect to the outside world directly on the ins...
Still no success with dns Here are my zone based policies: class-map type inspect match-all SELF_OUTSIDE
match access-group name SELF_OUTSIDE_acl
class-map type inspect match-any OUTSIDE_SELF_app
match protocol https
match protocol ssh
class-map t...
Here is the current running-config: no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
platform qfp utilization monitor...
Thank you for your answer. I've implemented your configuration. Unfortunately the issue remains the same. I'm able to ping lets say 8.8.8.8 However DNS resolution is not possible at all with applied Zone Based Firewall: TST-RO-001#ping google.com% Un...
Here is our full running-config: no service padservice tcp-keepalives-inservice tcp-keepalives-outservice timestamps debug datetime localtimeservice timestamps log datetime localtimeservice password-encryptionplatform qfp utilization monitor load 80n...
Hi thank you for your answer. NAT is working now. I've implemented the correct ACL 180. Now I would like to active Zone Based Firewall but can't get it to work properly. We would only like to allow ICMP, SSH and HTTPS access to the router SELF from O...
