Juan Porras Rojas

Member Since: May 18, 2008

English
Juan Porras Rojas commented on Send ASA5505 logs to Kiwi syslog server in Firewalling 1 year ago

Hi Shaun,Can you paste the output of "show run logging"?Thanks.__ __Pablo

Juan Porras Rojas commented on Site-to-Site VPN cannot UP in VPN 1 year ago

Hi Kevin,Your ACL statements for NAT and interesting traffic need a little tweaking:On site A you...

Juan Porras Rojas commented on Configuring port triggering on the ASA 5505 in Firewalling 1 year ago

Hi,Unfortunately Pre-8.3 code you can't create a port trigger for a range of ports, the only...

Juan Porras Rojas commented on ASA 5505 - Access Rule issue in WAN, Routing and Switching 5 years ago

Hi Marco, I tried this on my ASA but had no problems at all,ASA(config)# show run access-listaccess...

Juan Porras Rojas commented on ACE with SSL with One ARM deployment in Application Networking 5 years ago

Cody,When dealing with virtualization ACE hardware resources are allocated to individual contexts...

Juan Porras Rojas commented on ACE - 4710 : NAT return traffic in Application Networking 5 years ago

Hi Thibault,I don't think you want to NAT the returning traffic from your servers with a different...

Juan Porras Rojas commented on ACE with SSL with One ARM deployment in Application Networking 5 years ago

Hi Cody,Did you already assign the resources for the Context in question?Is HTTP working fine?__...

Juan Porras Rojas commented on ACE class-map match url syntax in Application Networking 5 years ago

Adam, Shday,My bad please try config below:rserver redirect OWA  webhost-redirection https://%h/owa...

Juan Porras Rojas commented on ACE class-map match url syntax in Application Networking 5 years ago

Adam and Shday,I'll give you a hand on this =)Adam we can solve your problem only if you're doing...

Juan Porras Rojas commented on ACE backup-server and sticky in Application Networking 5 years ago

Hi Danilo,If your primary rserver goes down the sticky entries associated with that server will be...

Juan Porras Rojas commented on CCSP / CCNP Security in Certifications 5 years ago

Rodrigo,This information may help you."To address your concerns regarding the CCSP to CCNP Security...

Juan Porras Rojas commented on CCSP Security...Half way through and Cisco changes things again. What to do. in Certifications 5 years ago

Hi all,I think this post comes to clear the air and bring the peace back to the galaxy "To address...

Juan Porras Rojas commented on CSS11501S-C-K9 in Other Data Center Subjects 5 years ago

Hi Edmundo,Welcome!What exactly you mean by performance? LB performance, CPU performance?Perhaps...

Juan Porras Rojas commented on Configure 2811 terminal server in Remote Access 5 years ago

Hi Bruce,I'm pretty sure this post should help to get you on the right track.https://supportforums....

Juan Porras Rojas commented on Configure 2811 terminal server in Remote Access 5 years ago

Hi Bruce,I'm pretty sure this post should help to get you on the right track.https://supportforums....

Juan Porras Rojas commented on Need help with initial ACE 4710 config in Application Networking 5 years ago

Sweeeet! Great to hear the info was useful to get things on the right track Have a nice one!__ __...

Juan Porras Rojas commented on ACE failover and preempt in Application Networking 5 years ago

Glad to help buddy Have a great one!__ __Pablo

Juan Porras Rojas commented on CSS Service Down - Why? in Application Networking 5 years ago

Glad you upgraded... a reboot would've been just a temporary solution when it comes to keepalive...

Juan Porras Rojas commented on CSS Service Down - Why? in Application Networking 5 years ago

Hi,When you say "I can reach it fine directly and from the CSS." I'm assuming you mean ICMP reach...

Juan Porras Rojas commented on Need help with initial ACE 4710 config in Application Networking 5 years ago

Dave,Yup the configuration lines on the module and the appliance are indentical, I think more of...

Juan Porras Rojas commented on Need help with initial ACE 4710 config in Application Networking 5 years ago

Morning Dave,Gotcha, you're looking for something like thishttp://docwiki.cisco.com/wiki/...

Juan Porras Rojas commented on ACE failover and preempt in Application Networking 5 years ago

Hi Niklas,Sorry I overlooked the part where you mentioned tracking was required.Yup this possible,...

Juan Porras Rojas commented on CSM-SSL, can't import certificate in Application Networking 5 years ago

Awesome! Glad to be of help =)Have a good one!__ __Pablo

Juan Porras Rojas commented on Need help with initial ACE 4710 config in Application Networking 5 years ago

Hi Dave,If you have a one-armed design then you require Source NAT to get things workingpolicy-map...

Juan Porras Rojas commented on CSM-SSL, can't import certificate in Application Networking 5 years ago

Hmmm weird,Are you using the quit command after copying/pasting public and private key?SSLM-1(...

Juan Porras Rojas commented on CSM-SSL, can't import certificate in Application Networking 5 years ago

Hey Buddy,My best guess according to your description is that the keys on your ACE modules were...

Juan Porras Rojas commented on What do I need for Cisco ASA Specialist? in Certifications 5 years ago

Hi Todd,Perhaps you can clear up a couple of questions...What's going to happen with this...

Juan Porras Rojas commented on ACE failover and preempt in Application Networking 5 years ago

Hi Niklas,Yes you can achieve this on the ACE if you disable preemption from FT groups so that when...

Juan Porras Rojas commented on CCSP Security...Half way through and Cisco changes things again. What to do. in Certifications 5 years ago

Marcos,Totally agree with you! Cisco has a tendence to renew their certifications but at the same...

Juan Porras Rojas commented on CSS - Sticky via HTTP Header in Application Networking 5 years ago

Hi Norberto,Sure the CSM is also able to stick clients based on HTTP header, here is a config...

Juan Porras Rojas commented on Unable to ping VIP and VIP not in ARP in Application Networking 5 years ago

Sweeet! Glad to help =)__ __Pablo

Juan Porras Rojas commented on CSS - Sticky via HTTP Header in Application Networking 5 years ago

Hi Norberto,This is a basic configuration for stickiness based on HTTP headers.sticky http-header...

Juan Porras Rojas commented on Unable to ping VIP and VIP not in ARP in Application Networking 5 years ago

Jeff,Your VIP should be a /32 mask IP and that's the default on the ACE, try to rewrite your VIP...

Juan Porras Rojas commented on Unidirectional / Variable NAT on ASA in Firewalling 5 years ago

Hi Walter,I think what you need here is NAT exemption which allows a connection through the...

Juan Porras Rojas commented on Unable to ping VIP and VIP not in ARP in Application Networking 5 years ago

Jeff,Can you get a full show running from the Admin context (showing interface config), also get...

Juan Porras Rojas commented on Unable to ping VIP and VIP not in ARP in Application Networking 5 years ago

Hi Jeff,Seems like you didn't apply the ACL to permit the traffic to flow through the ACE, the ping...

Juan Porras Rojas commented on ACE Sticky Question in Application Networking 5 years ago

Hi John,This configuration would only work only if you're doing SSL offloading on the ACE, you don'...

Juan Porras Rojas commented on ACE VIP & ACL in Application Networking 5 years ago

Hi Ivan,Agree with you about the L7 inspection but in this case we're just doing L3 inspection so...

Juan Porras Rojas commented on SSL/TLS Handshake Failure with SSL Termination in Application Networking 5 years ago

Hi,The configuration looks in good shap, the only thing that seems to be misconfigured is the PAT...

Juan Porras Rojas commented on Strange Issue with ACE Cookie Stickiness - HTTP 503 Service Unavailable in Application Networking 5 years ago

Hi,As UHansen1976 mentioned this kind of issues are most of the times related to parse-length...

Juan Porras Rojas commented on ACE VIP & ACL in Application Networking 5 years ago

Hi,I think the easier way that you can do this is using a HTTP class-map (regardless of the load...

Juan Porras Rojas commented on ACE rediction in Application Networking 5 years ago

Hi Denis,Sorry that was supposed tobe a match-any class-map type as "ABC" is I copied it wrong when...

Juan Porras Rojas commented on CSS service IP replying rather than VIP IP in Application Networking 5 years ago

Hi,If the group addition took care of the problem then I would suspect a routing issue, you're...

Juan Porras Rojas commented on ACE rediction in Application Networking 5 years ago

Hi Denis,Thanks for clearing that up.Attached is the configuration example, I tried to keep it as...

Juan Porras Rojas commented on CSS service IP replying rather than VIP IP in Application Networking 5 years ago

Hi,Does the connection work if you suspend ws06_13 and bring up only ws07_13?Do the routes look the...

Juan Porras Rojas commented on ACE rediction in Application Networking 5 years ago

Denis,Gotcha, I'll send you a config sample in a bit.Something that just popped-up to my mind is...

Juan Porras Rojas commented on ACE rediction in Application Networking 5 years ago

Hi Denis,I can give you a hand with this config but first, do you have a copy of the current config...

Juan Porras Rojas commented on Ace - Two-way SSL configuration in Application Networking 5 years ago

Hi Luc,Unfortunately the ACE can't do such a thing, when it comes to client authentication the...

Juan Porras Rojas commented on ASA 5505 - wont boot in Other Network Infrastructure Subjects 5 years ago

Hi Jamie,Has the ASA booted up correctly at any point since you got it? If you type boot into the...

Juan Porras Rojas commented on SSL proxy using p12 certificate file in Application Networking 5 years ago

James/Chris,Just to clarify the ACE does support PKCS12 from the very beginning either on the APP...

Bio












Juan Porras Rojas's Stats

Points227
Discussion started 0
Answers marked as Correct 22
Endorsed 0
Content Rated 3