Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi guys,When the Dynamic Split Tunneling Include feature is configured to inject /32 IPs based on the DNS lookups of the FQDN, how ASA knows what was the DNS response if the lookups never traverse the tunnel? Is there some sort of DNS sniffing on you...
Hi guys, We got this:We want to understand when the switch marks MAC "flap"? Is there some sort of timer? It s normal for the MAC address to be learned on one port and then another, but I get it's when MAC moves very quickly back switch generates th...
Hi guys, Is there a limit on how many prefix lists you can attach per one sequence number on route map for a single match?route-map TEST, permit, sequence 6Match clauses:ip address prefix-lists: PL1 PL2 PL3 PL4 PL5 PL6 >>> how many (if there is a lim...
Hi guys, ASA and AnyConnect are new to me. There is a requirement to inject dynamic IP address(s) based on the DNS lookups for a specific website via the AnyConnect tunnel. What above-mentioned technics is the best for this? Thanks,myky
When following this link:https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/215383-asa-anyconnect-dynamic-split-tunneling.html#anc14Let's say we use split-tunnels and want to include any domain example.com inside th...
Hi David, Thanks for your response!We got: C9500-48Y4C, version 17.03.03We know why we got flaps as there was constant failover from active to passive box (Meraki MXs). It's a separate issue, for now, I just wanted to understand how those messages g...
@balaji.bandi @MHM Cisco World thanks! @MHM Cisco World that is certainly a valid option but we don't have much room between seq numbers (let's say) and also there is a lot of other stuff configured.
