Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a 4 site VPN setup using a Hub and Spoke topology allowing PPTP connections to site A (Hub site) configured and working well. I am able to get to each site from site A and am able to get into site A using a pptp connection.The sites are addre...
I have two questions concerning ACL's used in the Crypto map statements:1. Do both VPN devices have to have the same ACE's within the ACL? I know that without the second ACE site B below will not see udp traffic as interesting but will the vpn tunn...
I have a 4 site hub and spoke vpn setup. Whenever more than one site established a connection I receive the following error during a debug:IPSEC(validate_proposal_request): proposal part #1, (key eng. msg.) dest= 24.153.172.114, src= 24.153.252.102...
I have configured a site to site vpn using a hub and spoke topology with 4 sites. A tunnel is succesfully established between the hub and each of the hub sites individually. The problem is I receive the following error message when the second tunne...
I have setup a site to site vpn using pix 501 ver 6.3 using IPSEC. I have configured the devices remotely using SSH. My question is this. Is there a way to test the vpn remotely? It seems as though since I am connected to the devices via SSH that...
If I am understanding your question correctly you want to know if the value of 3 means traffic will be dropped less. My understanding is that a value of 1 means it will be dropped less. Furthermore, with a class of 5 it should be Expited Forwardin...
I use a perl module called Net::Telnet::Cisco. This module will allow you to issue any command to a cisco device. Simply type the appropriate command based on OS and it will work.I use this to manage our network consisting of 90 Cisco devices. I u...
I have never used it however, this is how I understand it to be configured:1. Decide which router will be the AVG and assign the highest priority to this router interface. router(config-if)#glbp 1 priority 200 router2(config-if)#glbp 1 priority ...
Access-lists can be applied in each direction. The direction is from the routers perspective. Therefore "IN" means coming into the router interface and "OUT" means leaving the router interface. When you apply an acl to an interface it is applied i...
Since you have 3550's you should be able to use the following command to obtain the port a certain MAC address was learned on:switch1#trace mac mac-address-machine-1 mac-address-machine-2Where mac-address-machine-1 and mac-address-machine-2 are in th...
