Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello everyone.I'm currently setting up a FMC and while attempting to use external authentication via LDAP, for some reason the FMC is not querying properly.Basically whenever I attempt the test the query, it only finds user machines and groups CNs ,...
Hello everyone. I'm new to NX-OS and there are a couple differences in order to filter management traffic. Has anyone already filtered ssh inbound access based on source IP subnet? I dont want to tweak any other CoPP parameters, just inbound ssh sess...
Dear team, I'm experiencing some odd behavior on my FTD devices.I currently have a couple VPNs setup with different partners and all for the same purpose: getting the traffic to get to a VIP on my F5 device and, futhermore, get to the app servers. Al...
Dear team, I'm currently experiencing some odd behavior on my iBGP routing and could use some assistance. The goal is to reach i.j.114.170 from every router. I'm attaching a drawing with all my routers as they are connected.Below are the troubleshoot...
Hello everyone. I'm currently in a scenario that made me think if it would work. My firewall is a VPN hub to several partners that peer with me with private IP addresses. So far, i've managed to do not let any partner private subnet overlap, but righ...
The user is just a member of domain users.The problem is that whenever the FMC queries the Active Directory Tree, its looking for groups instead of users.Does anyone has experiencing this issue before?
That was not the case. I've actually managed to fix it. The partner was trying to establish 2 VPN tunnels with the same interesting traffic. Although only one came up, when matching the traffic with the crypto maps, the firewalls was going crazy (mos...
Indeed the next-hop-self fixed the issue. I did not notice (and either was aware) that the next hop advertised from eBGP peering would be maintained on an iBGP advertising. With the next-hop-self, now the routers on the other data centers are able to...
