Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have the below topology. What I'm trying to do is forward traffic coming from 192.168.1.73 destined for 192.168.1.222 port 53 to 10.1.5.1. Ideally, I'd like the firewall to keep the source IP intact on the request. When 192.168.1.73 sends a reques...
I'm trying to find a way to drop any traffic that is not sourced correctly. I have a router that has a cellular connection via a carrier (AT&T/Verizon). AT&T isn't picky about incorrectly sourced traffic. However, Verizon is and after so many source ...
Below is the topology I have. From server1, I'm able to SSH to the VLAN2 IP of sw1. However, when I create a VLAN3 interface and assign an IP to it, I'm no longer able to SSH to the VLAN2 IP of sw1. I'm still able to reach it via ICMP, though. SSH/IC...
I have a C891F-K9 router running 15.3(3)M5. I have no SSH/Telnet access and am only able to access it via SNMP. On a device similar to it, I'm trying to enable Telnet by sending SNMP requests to it to tell it to copy a file into its running configura...
I've got an NCS 55A2 router running 6.5.1. The Ubuntu server is running 18.04.02 LTS. I'm trying to SSH from the router to the server, but it keeps failing. Below are the error messages I'm seeing on both sides.---router---
ssh_xr[68394]: %SECURITY-S...
Is it correct to say that if an ASA-K9 was ordered, you could still run FTD? In this scenario, you wouldn't have been able to order the URL Filtering license, because that option would only prompt for an NGFW-K9. However, I'm assuming if you decided ...
Marvin, Does that mean that the ASA-K9 PIDs are incapable of running FTD whereas the NGFW-K9 PIDs can run either ASA or FTD? I've been looking at a Firepower 1010 and trying to understand the difference between FPR1010-ASA-K9 and FPR1010-NGFW-K9. I'...
Thanks Georg. Not sure why it never occurred to me to use the ZBF, especially since it was already in place. I don't believe the ACL you provided would work given it wouldn't allow the IPSEC tunnel to build. EIGRP only occurs within the tunnel, not o...
Thanks for the response, Paul. However, this solution won't work. Once I implemented it, it breaks the tunnel. I can't reach the Tunnel50 IP via ICMP, EIGRP adjacency goes down, and I'm no longer receiving any routes in the red VRF.<Default route is ...
It would seem that routing between VLANs is still allowed as long as there are VLAN interfaces configured. no ip routing seems to only disable dynamic routing. I'm not sure this is true. You said you tested in a virtual environment and I've done so...
