Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hopefully this is an easy question but I am having a heck of a time finding an answer.We have multiple CSS 11500 clusters. We have found that on all of them, if you try to open a session on any port to an IP address on the backend of the CSS, the CS...
Does anyone know if UC or SAN certificates are supported on the 11500? I've heard that wildcard certs can be used but those are a little different. Are they supported but you just can't create the CSR on the 11500 itself and need to import it along...
Is it possible to create a neighbor relationship between an ASA and a router on the external interface? I would like to have the ASA receive the default route from our external DS3 router so that I can reroute to our secondary provider should an out...
I'm trying to find out if it is possible for two VPN clients tunneled to the same PIX can talk directly. I am aware that in version 7 code they added a new command to allow IPSEC traffic to both enter and leave the same interface. However, all the ...
Thanks for your reply Marvin.We actually use ACLs already - primarily for purposes of allowing backend servers to reach load-balanced services on the CSS they sit behind or for reverse proxy services. I have tried specifically blocking access to ba...
Thanks for your reply and I apologize for not responding sooner - I've been out on vacation. There is no mask configured under content rules.Also, we have a very large environment and have 5 different sets of CSS content switches. Every single one ...
I know this thread is old but I am very curious if you found an answer to this. I am in the exact same situation and have verified and reverified everything based on every ounce of documentation I can find. This is driving me crazy so if you found ...
As long as the IP's are usable it shouldn't matter. The reason it is so common to see people only use IP's that exist on the external subnet is because that is often the only usable (public) IP's they CAN use. Otherwise if you have multiple subnets...
What pieces would you like to see? It is a fairly sizable production environment. Assume that I am very competent and experienced and simple mistakes won't be made. The main thing I am trying find out is whether or not anyone has actually seen it ...
