I have a ASA5500 that used to be the core router/firewall and I am in the process of moving the non internet facing routing/firewall away from it.
I have come across an issue with, what seems to be a asym routing problem
vlan67 is my WAN vlan - basically a bonded pair of ports on a switch to a L2 connection between site)
I am using OSPF and vlan67 192.168.67.0/24 is area 0.0.0.0 at the other end is pair of routers handling OSPF and routing in that DC
at my DC with the ASA I have
vlan 68 - this is my internal vlan 192.168.68.0/24 which is the interconnect with my main DC internal routers again with OSPF
ASA5500 -> 192.168.68.1 -> router A 192.168.68.2
router A is the DGW for network 192.168.69.0/24 and publishes this via 192.168.68.0/24 network
The 192.168.69.0/24 is a management network .. I have VMWare VC here and other managemen box and iLo, Dracs etc....
I also tried to place the management port of the ASA5500 on here so 192.168.69.254 (&192.168.69.253 ... its a cluster)
I have a tftp server on 192.168.69.7 when I am on console on the ASA5500 and run copy running tftp://192.168.69.7/<filename> it sometimes fails.
it seems like it wants to send via OSPF route... so it has 2 paths to 192.168.69.0/24 1 via the direct connect management 0/0 (I tried this as a vlan on off one of the 1G ports as well) and 1 via 192.168.68.2
That really should be a problem I did think, but I saw no errors in the log I saw no packets on the 192.168.69.0 network ! the tftp would fail ... or work with an empty file
The other annoying thing is that the VC 192.168.69.200 couldn't connect to any esxh hosts in the second data center. I believe the path was
(other DC) 192.168.17.2 -> 192.168.17.1 (ASA5500) 192.168.69.254 -> 192.168.69.200 the ASA knows about the directly connect path and i think its having issues with that. But again no error messages in the log !
So I am stuck ... I do have plans on bring the WAN interface over to router A, but I want to make sure its an issue with ASA5500 and I would like to understand what the issue is... Why did the tftp fail !
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.