Collin Clark

Member Since: Sep 17, 2009

User Badges:
  • Purple, 4500 points or more

English
Collin Clark commented on Linux or Windows for Radius ? Or even straight LDAP ? in LAN, Switching and Routing 1 week ago

Windows can sync, but the servers must be setup that way. Just installing NPS will not be enough. I...

Collin Clark commented on Linux or Windows for Radius ? Or even straight LDAP ? in LAN, Switching and Routing 1 week ago

Most devices do not support direct LDAP authentication so be careful about selecting that option....

Collin Clark commented on VSS switchover outage time in WAN, Routing and Switching 1 week ago

This should help- https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500...

Collin Clark commented on ACL duplicates in case of explicit deny in Firewalling 1 week ago

Correct. Higher security zones can talk to lower ones (with or without an ACL). From lower security...

Collin Clark commented on ACL duplicates in case of explicit deny in Firewalling 2 weeks ago

By applying the ruleset both inbound and outbound to the interface you're essentially doubling it....

Collin Clark commented on fragment packets in WAN, Routing and Switching 3 weeks ago

Resolve what issue? You can either allow fragmentation or allow TCP windowing to do it's job.

Collin Clark commented on LDAP for 2960 switches in Network Management 3 weeks ago

I don't believe direct LDAP authentication is supported on Catalyst switches.

Collin Clark commented on Cisco iWAN and APIC EM in WAN, Routing and Switching 3 weeks ago

I don't think it is. APIC-EM is a good tool at helping to configure IWAN (along with Prime Infra)....

Collin Clark commented on MTU Increase on Cisco 3650 in WAN, Routing and Switching 3 weeks ago

I misread your model. 3650's do not require a reload, the 3560's do.

Collin Clark commented on Routing between 2 IPSEC VPN in VPN 3 weeks ago

Yes it is possible. See Figure30 in the following link- http://www.cisco.com/c/en/us/td/docs/ios/...

Collin Clark commented on Async modem NM-8AM-V2 - no modem found in Other Network Infrastructure Subjects 3 weeks ago

VP- They should be showing up as lines and not modems. If you do a "show line" you should see an...

Collin Clark commented on QoS for Routing Protocols on Transit L2 Switch in LAN, Switching and Routing 3 weeks ago

You should configure QoS for the transit traffic. The quick and dirty way would be to just enable...

Collin Clark commented on MTU Increase on Cisco 3650 in WAN, Routing and Switching 3 weeks ago

That command alone should not cause any issues. Do note that a reboot of the switch is necessary to...

Collin Clark commented on Sending Logs in Other Network Infrastructure Subjects 3 months ago

You just need to define both of the syslog servers logging host 192.168.12.9logging host 10.3.3.12

Collin Clark commented on Question about ASA ACL Redirect to Firepower in Firewalling 3 months ago

You will need to define both directions in the ACL. Even though the ASA is stateful, the traffic...

Collin Clark commented on How I can cross check IOS image for any known bugs. in Firewalling 3 months ago

Check out the Bug Toolkit- https://bst.cloudapps.cisco.com/bugsearch/?referring_site=bstib

Collin Clark commented on Replacement for Cisco AS5400 in Other Service Provider Subjects 3 months ago

There isn't one that I know of and probably never will be. Dial up is legacy and it would be a...

Collin Clark commented on Replacement for Cisco AS5400 in Other Service Provider Subjects 3 months ago

Yes you can.  http://www.cisco.com/c/en/us/tech/dial-access/asynchronous-connections/t...

Collin Clark commented on this host: secondary - failed in Firewalling 3 months ago

Can you post the failover portion of your config, the results of a show failover, and a show...

Collin Clark commented on Upgrade plain old ASA5512X's and ASA5515X's to FirePower in Firewalling 3 months ago

JB-  IMO the upgrade kit is the way to go (and is what Cisco suggests). Per the ordering guide-...

Collin Clark commented on 2 DMVPN Tunnels with MPLS in WAN, Routing and Switching 3 months ago

Run a routing protocol (EIGRP or iBGP is suggested) and let the routing protocol handle the...

Collin Clark commented on ASA Automatically Blacklist from a list of IPs? in Firewalling 3 months ago

If I had to do it, I would more than likely use the ASA's REST API. There are a couple of examples...

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

Cisco3650# debug ip http secure-server Cisco3650# configuration terminal CIsco3650(config)# logging...

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

Going off the top of my head... debug ip http logging buff 50000 loggiing buff 7

Collin Clark commented on Suggestion for the most suitable part number. in LAN, Switching and Routing 3 months ago

Take a look at the 4500-X. https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-4500...

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

Can you debug https and try and connect then post the results?

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

When you browse to the switches IP address you get Page cannot be found or 505 error?

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

And this command too please. show ip http server secure status

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

Strange. Can you try this command from configuration mode? sw(config)# crypto key generate rsa

Collin Clark commented on How do I get a switch out of eigrp stub mode? in LAN, Switching and Routing 3 months ago

You have the IP Base license which restricts EIGRP to operate in stub mode. You will have to...

Collin Clark commented on Cisco 3850 switch, if IOS boot fails at startup does it boot up to other ios in LAN, Switching and Routing 3 months ago

If you have more than IOS image in flash then you need to specify which one to boot. If it fails to...

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

Good. Do you see SSH keys from the following command? show crypto key rsa mypubkey

Collin Clark commented on L3 etherchannel Problem in LAN, Switching and Routing 3 months ago

Did you create the port-channel interface or did you let the channel-group command create it?

Collin Clark commented on Cisco 3850 switch, if IOS boot fails at startup does it boot up to other ios in LAN, Switching and Routing 3 months ago

It will do that automatically. If you type 'show run | i boot' does it show only the new IOS image...

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

Try this- access-list 1 permit host xxx.xxx.198.134

Collin Clark commented on I can ping sites but not browse the Internet in Firewalling 3 months ago

Your NAT interfaces are backwards. Should be object network obj_any nat (inside,outside) dynamic...

Collin Clark commented on Cisco 3850 switch, if IOS boot fails at startup does it boot up to other ios in LAN, Switching and Routing 3 months ago

Have you set the boot statement? boot system flash:/ios_file.name

Collin Clark commented on Apply service policy inbound or outbound? in Firewalling 3 months ago

Without actually seeing the policy, I would say the best place to apply would be internet facing...

Collin Clark commented on IOS ACL to restrict DNS except to OpenDNS in Other Security Subjects 3 months ago

Updated ACL w/ Karsten's IP's/Protocols. I would put that on the firewall or the internet edge- ip...

Collin Clark commented on IOS ACL to restrict DNS except to OpenDNS in Other Security Subjects 3 months ago

Interesting reads. Thanks!

Collin Clark commented on Pull switch config from Nexus 9000 in LAN, Switching and Routing 3 months ago

Why not have the switch automatically backup it's config to the server? archive log config...

Collin Clark commented on NX7K ACL Configuration in WAN, Routing and Switching 3 months ago

I would specifically allow BGP first, then block, then permit. object-group network BGP_LOCAL_IP...

Collin Clark commented on IOS ACL to restrict DNS except to OpenDNS in Other Security Subjects 3 months ago

Karsten- Why TCP? Typically only zone transfers use TCP....or is Cisco doing something different...

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

You have the crypto image, so you are good there. Lets get HTTP working then we'll move over to...

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

It just alerting you that the command will change allowing for both IPv4 and IPv6. What does your...

Collin Clark commented on NAT Overload from Multiple Inside VRFs in WAN, Routing and Switching 3 months ago

It sounds like you are not sharing any routes between the VRF's. The CONTRACTOR and GUEST need to...

Collin Clark commented on Restricted Web GUI Access & Login Reset on Cisco 3650 in LAN, Switching and Routing 3 months ago

1. ip http authentication local     ip http access-class [ACL number [same as your vty acl]] e.g ip...

Collin Clark commented on Cisco ASA Upgrading the Firepower module in Firewalling 3 months ago

I use the scheduler in FPM to upgrade the sensors. I set it for after hours upgrade and It's worked...

Collin Clark commented on ASA5520 Restrict Users based on LDAP/AD group to certain ACL's or IP Pool? in Remote Access 3 months ago

Yeah, that's not a problem. Easiest way (IMO) is to map LDAP group to ASA Group Policy. http://www....

Bio

First things first: Please, please do not use the services of Presidio Solutions. They are unprofessional and unethical, from the top down. Never have I been treated so poorly as I have with this company. Email me and I would love to give you the details. If I have provided any help to you through the Support Forums, then please, use any other partner than Presidio.

I have been working in IT since 1997 and working with Cisco products since 2000. I have held a variety of jobs from Helpdesk to Senior Network Engineer. I like working with Cisco because they are a market leader and an innovator in the networking field. They develop products and technologies that lead all of IT to the future. There are not a lot of other companies that do that and I'm lucky to have been exposed to Cisco and to have the opportunity to work with them.

User Badges:
  • Badge.
    Purple
    4500 points or more
  • Badge.
    Community Spotlight Award

    Doc/Video January 2014

  • Badge.
    Community Spotlight Award

    Questions Answered December 2013

  • Badge.
    Cisco Designated VIP

    2011 LAN

Collin Clark's Stats

Points5637
Discussion started 50
Answers marked as Correct 548
Endorsed 3
Content Rated 104
Website: