Thanks, PJ.
Will lab it again tomorrow morning and try and find where I went wrong with my config. From: Pieter-Jan Nefkens [mailto:[email protected]] Sent: 11 December 2010 06:52 PM To: Johan Bornman Cc: 'Tyson Scott'; 'OSL Security' Subject: Re: [OSL | CCIE_Security] vRack Johan, Is cat3 on the same ip subnet? It appears that vlan2 is in 6.6.2 network, so it's logical that the mac address of any other network (10.1.1.x) is on the default gateway and not the mac address of the device PJ On 11 dec 2010, at 17:39, Johan Bornman wrote: .1 - ASA Inside .8 - IPS Management int .100 - ACS Can't check the NAT config, lost the config between rack sessions. The NAT statements were easy so I don't think they were a problem. From: Tyson Scott [mailto:[email protected]] Sent: 11 December 2010 06:30 PM To: 'Johan Bornman'; 'OSL Security' Subject: RE: [OSL | CCIE_Security] vRack Which device is that MAC? Do you possibly have some misconfigured NAT statements. Regards, Tyson Scott - CCIE #13513 R&S, Security, and SP Managing Partner / Sr. Instructor - IPexpert, Inc. Mailto: [email protected] Telephone: +1.810.326.1444, ext. 208 Live Assistance, Please visit: www.ipexpert.com/chat eFax: +1.810.454.0130 IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, Audio Tools, Online Hardware Rental and Classroom Training for the Cisco CCIE (R&S, Voice, Security & Service Provider) certification(s) with training locations throughout the United States, Europe, South Asia and Australia. Be sure to visit our online communities at www.ipexpert.com/communities and our public website at www.ipexpert.com <http://www.ipexpert.com/> From: [email protected] [mailto:[email protected]] On Behalf Of Johan Bornman Sent: Saturday, December 11, 2010 7:21 AM To: 'OSL Security' Subject: [OSL | CCIE_Security] vRack Hi, I can't connect (ping) between the ASA, IPS and ACS server. I have this output from CAT3 and CAT4: Cat3#sh arp Protocol Address Age (min) Hardware Addr Type Interface Internet 10.1.1.8 0 0011.9368.8270 ARPA Vlan2 Internet 10.1.1.1 0 0011.9368.8270 ARPA Vlan2 Internet 6.6.2.15 - 0018.b974.3fc1 ARPA Vlan2 Internet 10.1.1.100 0 0011.9368.8270 ARPA Vlan2 The mac addresses are the same for the IPS, ASA and ACS server. Is this a vRack issue? Johan _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com --- Nefkens Advies Enk 26 4214 DD Vuren The Netherlands Tel: +31 183 634730 Fax: +31 183 690113 Cell: +31 654 323221 Email: [email protected] Web: http://www.nefkensadvies.nl/
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
