Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm preparing to do a UCS upgrade from 1.3(1n) to 2.0. In reading all of the release notes I have two things that I need a little clarification on.#1. FCOE VLAN ID. I understand that this can no longer overlap with an ethernet vlan ID. The curren...
I have a couple of ASA clusters. To make the firewall policy easier to read I use the "name" command to associate names to IP's and then use the names in the firewall rulebase. Whenever the ASA sends logs to syslog it is sending that actual text na...
I have 2 ACE 4710 appliances that I will be load balancing. I am currently trying to decide between deploying them in Layer 2 Bridge Mode or Layer 3 Routed Mode. I will have my various security zones broken down into virtual contexts and the vlans ...
I have a question about NAC & Windows Logon. I currently have a Cisco 3560 as the Network Access Device. Cisco ACS Solution Engine is running 4.1.1.23(3) for my ACS Server. I'm doing internal posture for Active Directory Auth, and External Posture...
I have a Cisco ASA 5520 with a DMZ and an inside interface. The security policy is setup to permit IP ANY from host on DMZ to host on inside. The host on the DMZ is initiating communication on UDP port 2114 which is a challenge response authenticat...
I was able to fix the logon to windows issue by changed the timers on the switch for the 802.1x authentications, quit timer, and tx timer. Does this normally need changed from default?Kevin
Try the line:http 0.0.0.0 0.0.0.0 EDNUplinkAlso, I think that telnet is only allowed on the outside interface if it comes through a vpn tunnel. It requires encryption to be used on the outside interface and should show up in the logs as such with de...
Have you considered EZVPN with no split tunneling? 5520 as the EZVPN Server and 5505 as the EZVPN client. Then you can tunnel all through the 5520 including outbound traffic.You will also need your NAT statement for the 5505 internal subnet and on ...
