Francesco Molino

This user profile is private

This user will need to follow you before you can view personal information about the user
English
Francesco Molino commented on Iwan simulation in WAN, Routing and Switching 1 day ago

I'm using Virl essentially and I use sometimes virl images into GNS3 or more often only use L2 and...

Francesco Molino commented on Iwan simulation in WAN, Routing and Switching 1 day ago

Hi Here the link of isrv: https://software.cisco.com/download/release.html?mdfid=286308662&...

Francesco Molino commented on ISE 2.0 - EAP-TLS user certificate auto enrollment issue over the wifi in AAA, Identity and NAC 1 week ago

Hi First of all, regarding windows GPO for user certificate auto enrollment, there are a lot of...

Francesco Molino commented on VPN trafic does not hit cryptomap in VPN 1 week ago

you're welcome

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 1 week ago

Hi Perfect, it was a duplicate then no need of it anymore. The issue was solved by moving all...

Francesco Molino commented on (QoS/CoS) What is the most Current, 'Best Practice' for 'identifying' and 'marking' egress traffic (Video, Data) from/through an access layer 2 switch? in Network Management 1 week ago

You're welcome. Here is the link to download the file from my dropbox in case the attachment won't...

Francesco Molino commented on EoMPLS question in MPLS 1 week ago

You're welcome sarahr202 !!

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 1 week ago

Hey Can you send me by email your exact config please I'm gonna do a quick lab to reproduce your...

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 1 week ago

Can you share the output of packet-tracer with detailled keyword at the end for both public ip with...

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 1 week ago

Moving the dynamic nat will help to work with the ip 2. This is what I wanted to do some we are...

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 1 week ago

Hi  Did that came up after a reboot?  It's normal that your ip on internet is .2 because the...

Francesco Molino commented on Default Routing vs redistributed routing on DMVPN HUB routers in WAN, Routing and Switching 2 weeks ago

Hi I made a very quick drawing to show you what the design would be on the hub side. Regarding...

Francesco Molino commented on VPN trafic does not hit cryptomap in VPN 2 weeks ago

Ok let me know as soon as you did the change. don't forget to clear your crypto ipsec to force it...

Francesco Molino commented on VPN + DNAT in LAN, Switching and Routing 2 weeks ago

you're very welcome

Francesco Molino commented on ISE 2.0 - EAP-TLS user certificate auto enrollment issue over the wifi in AAA, Identity and NAC 2 weeks ago

Hi  The other solution would be to do byod with 2 ssids or to deploy certificates through gpo for...

Francesco Molino commented on Cannot configuring NAT using outside interface ip to Two different dmz servers in Firewalling 2 weeks ago

You're very welcome  Please don't forget to rate and mark as correct answer if this answered your...

Francesco Molino commented on Default Routing vs redistributed routing on DMVPN HUB routers in WAN, Routing and Switching 2 weeks ago

You can keep only 1 interface on the firewall and do some route leaking, like you said on your vrf...

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 2 weeks ago

Through this forum you can send me a private message if you go to your profile and message. 

Francesco Molino commented on Default Routing vs redistributed routing on DMVPN HUB routers in WAN, Routing and Switching 2 weeks ago

Your wan interface had public ip (it'll be used to build up all vpn tunnels + for internet access...

Francesco Molino commented on (QoS/CoS) What is the most Current, 'Best Practice' for 'identifying' and 'marking' egress traffic (Video, Data) from/through an access layer 2 switch? in Network Management 2 weeks ago

Hi  The qos configuration depends on the switch model.  First of all, yes all cisco phones are...

Francesco Molino commented on ISE 2.0 - EAP-TLS user certificate auto enrollment issue over the wifi in AAA, Identity and NAC 2 weeks ago

Hi  You're trying to download a certificate on a ssid that's configured to grant access only to...

Francesco Molino commented on Default Routing vs redistributed routing on DMVPN HUB routers in WAN, Routing and Switching 2 weeks ago

Hi Let me recap to be sure I get what you're trying to achieve.  You want that all spokes access...

Francesco Molino commented on Unable to log into redundant switch_ssh: connect to host xx.xxx.x.15 port 22: Connection refused in WAN, Routing and Switching 2 weeks ago

Hi  With the config it could be easier.  This error can occur if : - ssh is disabled  - transport...

Francesco Molino commented on VPN + DNAT in LAN, Switching and Routing 2 weeks ago

Hi  To achieve this task (if I understood correctly), you'll need to use ip nat outside command....

Francesco Molino commented on Cannot configuring NAT using outside interface ip to Two different dmz servers in Firewalling 2 weeks ago

Have you changed then with the after-auto keyword line the previous one? 

Francesco Molino commented on Cannot configuring NAT using outside interface ip to Two different dmz servers in Firewalling 2 weeks ago

For dynamic nat, it's better doing that way then you're sure it'll be the last statement will hit...

Francesco Molino commented on Cannot configuring NAT using outside interface ip to Two different dmz servers in Firewalling 2 weeks ago

Ok now this is clear.  Remove the nat: No nat (dmz-egov,outside) source dynamic dmz-egov_network...

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 2 weeks ago

Ok we will try. I'm in EST timezone 

Francesco Molino commented on Cannot configuring NAT using outside interface ip to Two different dmz servers in Firewalling 2 weeks ago

I'm sorry I don't get what you said.  Can you do the packet tracer matching this traffic and paste...

Francesco Molino commented on Cannot configuring NAT using outside interface ip to Two different dmz servers in Firewalling 2 weeks ago

This message appears if interfaces is down and/or if your default route is not existing. Like...

Francesco Molino commented on Cannot configuring NAT using outside interface ip to Two different dmz servers in Firewalling 2 weeks ago

I don't see this nat on your config. Can you apply it and do a packet-tracer? packet-tracer input ...

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 2 weeks ago

Are you able to do a teamviewer? If Yes, ping me by private chat and we'll figure it out.

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 2 weeks ago

It looks good. Can you redo the packet tracer: packet-tracer input outside tcp 3.3.3.3 12345...

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 2 weeks ago

Hi  Could you share your config please? On the nat statement I see the object CentroValle_1930 for...

Francesco Molino commented on ASA 5580 port forwarding new problem in Firewalling 2 weeks ago

Hi Can you paste your acl config? Packet-tracer is saying that ACL is dropping that traffic. Thanks...

Francesco Molino commented on VPN trafic does not hit cryptomap in VPN 2 weeks ago

You're managing both ASA? If Yes, can you adapt your ACL to the other end with same object groups...

Francesco Molino commented on Iwan simulation in WAN, Routing and Switching 2 weeks ago

Yes APIC-EM can be in a VM: http://www.cisco.com/c/en/us/td/docs/cloud-systems-management/...

Francesco Molino commented on VPN trafic does not hit cryptomap in VPN 2 weeks ago

Hi Most of the time this error means an issue with crypto ACL. Have you validated with the end peer...

Francesco Molino commented on DMVPN with HSRP on Cisco 4431 in WAN, Routing and Switching 2 weeks ago

Hi I guess you want to use HSRP on your WAN interfaces to terminate your VPN right? Personally, I...

Francesco Molino commented on Cannot configuring NAT using outside interface ip to Two different dmz servers in Firewalling 2 weeks ago

Hi 172.16.1.1 is the IP assigned to your outside interface that's why you get this error message....

Francesco Molino commented on VPN trafic does not hit cryptomap in VPN 2 weeks ago

Now with this capture is clear. I'm sorry I didn't pay attention to your interfaces. The subnet 192...

Francesco Molino commented on NAT from Outside Global to VRF Lite in WAN, Routing and Switching 2 weeks ago

Ok then as I said on my first post the config was ok except the nat you corrected.  The route-map...

Francesco Molino commented on Iwan simulation in WAN, Routing and Switching 2 weeks ago

Your can check ISRv as well. But honestly I recommend Virl or found a way (workaround) on GNS3.

Francesco Molino commented on NAT from Outside Global to VRF Lite in WAN, Routing and Switching 2 weeks ago

I review your config and don't know if it's complete or if you have hidden something. Can you...

Francesco Molino commented on VPN trafic does not hit cryptomap in VPN 2 weeks ago

Hi  The config looks like correct. Your packet-tracer doesn't have a destination ip in the subnet...

Francesco Molino commented on Cannot configuring NAT using outside interface ip to Two different dmz servers in Firewalling 2 weeks ago

Hi  Here is an example to do the nat statement for dmz1. As nat ports are not contiguous, you'll...

Francesco Molino commented on Iwan simulation in WAN, Routing and Switching 2 weeks ago

Hi  You can use cisco Virl (that's a tool like gns3 but more advanced) and you'll be able to use...

Francesco Molino commented on Can't ping or connect to port 443 on external interface in Firewalling 2 weeks ago

Hi  Can you share your config on text file (don't forget to remove all confidential stuff)? Have...

Francesco Molino's Stats

Points1582
Discussion started 0
Answers marked as Correct 212
Endorsed 0
Content Rated 10