Recent content by burtsbees

What's wrong with Feature Navigator? It tells you what is required... How much flash/DRAM do you have, and what IOS are you trying to load? If you can't beat 'em, try, try again!

show run but scrub your IP addresses, etc we'll start from there normally, it would be ip http authentication local and you would use the same username and pw that you used to ssh, assuming you're not using TACACS If you can't beat 'em, try, try again!

First, if you have any questions about how ASA ACLs are processed, there are a few other things you can look at: 1. hits on the ACL 2. the packet-tracer command---be sure to add the "detail" or "d" keyword at the end to get the most out of it. I am not sure what you mean by stating that the...

1. You need inside NAT (on vlan interface) 2. You need an acl for NAT If you can't beat 'em, try, try again!

Also, another thought...any recent java updates? Have you tried a different browser? If you can't beat 'em, try, try again!

That is logging into the telephony web GUI. I mean the router, like ssh access---can you login to the router via ssh? If so, if you posted a scrubbed config, that would def help. If you can't beat 'em, try, try again!

What equipment do you have? I would first separate them into their own VLANs (6, one each for BMS, CCTV,access control, fire alarm, admin & guest network). Start there---how many hosts would be in each VLAN? The would answer whether or not to do a layer 3 switch or router on a stick. Layer 3...

Been a while Andy...how's things? If you can't beat 'em, try, try again!

How do you normally log into the router? Is it set for "login local", TACACS, what? If you can't beat 'em, try, try again!

Got a scrubbed config? Are the users in the same VLAN or different VLANs? Did this work before? If you can't beat 'em, try, try again!

SamBones nailed it. Here's more, if you have time to read: https://www.digitalocean.com/community/tutorials/understanding-the-ssh-encryption-and-connection-process If you can't beat 'em, try, try again!

Wondering why you didn't go with B2B IPSEC VPN's for the third parties and throw incoming traffic into whatever VRF... ip access-list extended IP-Options-and-Powerball deny ip any any winning-powerball-ticket permit ip any any option any-options ! class-map ACL-Options-and-Powerball match...

Don't you just love speech-to-text/autofill? ip access-list extended IP-Options-and-Powerball deny ip any any winning-powerball-ticket permit ip any any option any-options ! class-map ACL-Options-and-Powerball match access-group name IP-Options-and-Powerball ! policy-map CoPP-POLICY class...

What's the question? Routing? Like Jeter said, you'll need to NAT/PAT ip access-list extended IP-Options-and-Powerball deny ip any any winning-powerball-ticket permit ip any any option any-options ! class-map ACL-Options-and-Powerball match access-group name IP-Options-and-Powerball ...

Have you tried creating a network-object with the FQDN? Also, for an easy ACL, you can create a port-service object group. ip access-list extended IP-Options-and-Powerball deny ip any any winning-powerball-ticket permit ip any any option any-options ! class-map ACL-Options-and-Powerball...