It so strange because if just noticed that the hits on my access-list is not incrementing. Appreciate if someone could enlighten me on this. Im not sure if this is a bug or i did a mistake during my upgrade process.
Please paste your ACL with its ACEs in its respective order and let us check. You may have an ACE at the beginning that already permits/denies the traffic that are supposed to be permitted/denied in your specific ACE
If none of them increments, either it is not set for an interface with access-group "aclname" in interface "ifname" or your network statements are incomplete
HT1-BlockBusterNATIP is the global entry of the NAT for 192.168.212.0. First of all, you have to make sure that a host in 192.168.212.0 is trying to reach 10.0.0.0 network.
But here is an inconsistency. The NAT statement 212 has the HT1-BlockBusterNATIP in internet interface, but no static route exists for 10.0.0.0/22, and if firewall is learning a default route via OSPF from a neighbour which is not in internet interface, that would prevent 212 translation to occur. A route statement like following may resolve the issue.
But first, please run the following command and save its output to a txt file
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :