I have a customer with a pretty straight forward setup:
-2821 edge router
-6513 sup720 6548 blades
-ASA 5525x (915) pair
-2821 edge router
-4506 sup 6 4648 blades
-ASA 5520 (915)pair
Site 1 and site 2 are connected via a one gig dot1q provider link. The 2821 routers have internet connections at the respective sites and announce a /24 to the internet via BGP and recieve a default only. Same VLAN on the inside connects the ASA to the 4500 and 6513. iBGP mesh is pinned up on a l2 vlan that connects the ASAs outside to the edge routers
When I started this project they had the 5520s at site 2 running 822. They wanted to migrate to a routing protocol, upgrade
to the 25x as the main firewall at site #1 and use the 5520 at site two as a backup on 915
-Enabled eigrp and removed all static routes 5520s (822) 4506 and 6513
-Change went fine
-Redistribute static default on the 5520 to the rest inside
-implemented 25x (915) at site #1 and powered down 20
-After this change the 25x would loose adjacentcy to the 4506 during the night time bandwidth seemed way lower
than during day
-During the day 7:30am to 10pm the adj was stable and it would only be the 4506 to the ASA
-Logs and debugs indicated lost hellos and dead time expired.
-Troubleshot this with several TAC engineers and they increased the dead timer to 30 sec on the ASA
-This stablized it (I did not like this fix because we did not find the packet loss)
-Implemented Cisco IPS on 25x
-Exact same issue came back
-SSL security event fired when the adj went down destination was a citrix goto assist thing expresscity.com
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...