Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a PIX with multiple interfaces. Obviously there is an Inside, which is 10.x.x.x and the Outside faces the Internet. PAT is being done with a "nat (inside) 1 10.0.0.0" command and a "global 1 interface" on Outside. There are also DMZ's on two...
I have 2 6500 running in VSS. Connected to it is one 4500 with PAgP port-channel with 4 links(no problems)I also have a 4948 with 2 GB links in a PAgP MEC coming back to the VSS pair, machines connected to this switch are the ones having issues.When...
Yeah good call.Just to be sure, even with the NAT-control off I will still need to put statics in for anything needing to be access from the DMZ, correct?As in a "static(inside,dmz) 10.1.1.101 10.1.1.101"
allow any other acl and restrict to certain ports then denyaccess-list dmz_acl deny ip ho 192.168.1.101 host 192.168.1.50 access-list dmz_acl permit tcp host 192.168.1.101 any (access to any one of the millions of IP's that could be the Internet)-KSI...
Ok yeah this is what I was expecting. I was just hoping there was some special trick for "no nat-control" to exist on one interface(DMZ) while a NAT/Global was tied to a different one(Outside).So if I do not NAT to the DMZ and all the Inside hosts k...
So after some more digging I see that there was a port(not sure whats connected to it yet) on an access switch connected to the 4500's causing major STP topology changes(every few seconds_.. I shut the port down.. now the changes have subsided and MA...
Currently I am confident in the IOS version, switch hardware and configuration of the VSS bundle... I set it up from a blank set of 6500's so I know exactly what they are configured(not) for. Also, I have a 4500 that is connected to it with the exa...
