ASA's are ok as long as you stick to the command line. Once you touch the web config everything goes to hell. I learned my lesson the hard way and ever since insist on turning it off. If a client wants to use it, I won't touch it.
> On Jun 13, 2015, at 11:51 PM, Ken Hohhof <[email protected]> wrote: > > There are certainly reasons to hate Cisco, but their hardware is generally > very reliable, and used Cisco becomes much more affordable at 2 points in its > life cycle – when they get swapped out for the next generation, and when > EOS/EOL gets announced. Also the used equipment has often spent its entire > life in a datacenter on an equipment lease. I am about to install my first > 7301 as a BGP router, I think these may lead a tougher life since some were > probably installed at customer prem by carriers for metro Ethernet service. > > One place I won’t go is their security (ASA) product line. Seems well built > with good performance numbers, but apparently it’s a bitch to configure them, > or else my customers hire incompetent Cisco experts. Every time they mess > with the VPN config it breaks something, they blame the ISP, and it’s never > the ISP’s fault. > > > From: Mike Hammett > Sent: Saturday, June 13, 2015 10:26 PM > To: [email protected] > Subject: Re: [AFMUG] Cisco pissing me off > > I would love to blow up every piece of Cisco everything. Cisco has no place > in any of these networks. However, it's not my switch. ;-) > > > > ----- > Mike Hammett > Intelligent Computing Solutions > http://www.ics-il.com > > From: "Sean Heskett" <[email protected]> > To: [email protected] > Sent: Saturday, June 13, 2015 5:49:58 PM > Subject: Re: [AFMUG] Cisco pissing me off > > Why on earth would you use a Cisco anything when they hate WISPs > > We have completely removed all Cisco from our network > > 2 cents > > -Sean > >> On Saturday, June 13, 2015, Mike Hammett <[email protected]> wrote: >> This should be a trivial Cisco switch question. Apparently I don't use these >> turds enough to remember everything. >> >> show config says: >> >> interface FastEthernet0/3 >> switchport access vlan 777 >> switchport mode access >> speed 100 >> duplex full >> no cdp enable >> ! >> >> However, when trying to convert it to a tagged port with the following >> commands, it doesn't change. >> >> config terminal >> int Fa0/3 >> switchport mode trunk >> switchport trunk allowed vlan 777 >> >> No errors, just no change. I even tried just setting the description. Same >> result. >> >> I also tried removing the vlan via: >> >> interface FastEthernet 0/3 >> no switchport mode access >> no switchport access vlan 777 >> >> >> >> ----- >> Mike Hammett >> Intelligent Computing Solutions >> http://www.ics-il.com > >
