I have a somewhat silly question. I have a multiple context mode setup
here with the admin context and a second context called edge. In the
system context space, I configure failover and also use the command prompt
hostname context priority state.
If I SSH to the admin context then changeto
Oh - to confuse me more, when I SSH directly to the admin context it looks
as I would expect - ASA/admin/pri/act#
So I am really wondering why when I SSH directly to the admin context I get
the full string but when I SSH to a user context I don't.
On Thu, Dec 12, 2013 at 1:23 PM, Joe Astorino
Joe
I guess the reason is you don't really let your customers know about your
physical ASA setup. Same stuff as the ability to hide physical interface
capabilities and even their names.
Regards,
Piotr Kaluzny : Sr Instructor : iPexpert http://www.ipexpert.com
CCIE # 25665 :: Security
*::
Say we have a hierarchical DMVPN environment. We have a west region
consisting of a hub and 2 spokes, an east region with a hub and 2 spokes
and a central hub tying it all together. The west and east hubs would each
have 2 tunnel interfaces - tunnel0 facing their local region and tunnel1
facing
Let me state: I have no idea.
But two questions:
1) What do the packet captures say?
2) My *guess* would be that Spoke 1 gets a redirect from W-hub to C-hub
once it forwards the packet. Then Spoke 1 will get another redirect when it
sends another packet to C-Hub and the final redirect would be
1) no captures. At this stage it is purely educational and for my amusement
2) based on the dissection of several LIVE! presentations, articles, blogs
and documentation I can almost assure that spoke 1 gets only the 1 redirect
back that essentially tells it you need to resolve the NBMA address of
1) That was a hint ;-)
On Thu, Dec 12, 2013 at 3:29 PM, Joe Astorino joeastorino1...@gmail.comwrote:
1) no captures. At this stage it is purely educational and for my
amusement
2) based on the dissection of several LIVE! presentations, articles, blogs
and documentation I can almost assure
I think I might have it! When central hub gets the packet on tunnel and
switches it back out the same interface it came in, the central hub sends
NHRP redirect back to THE SOURCE not back to west hub
Sent from my iPad
On Dec 12, 2013, at 6:47 PM, Marko Milivojevic mar...@ipexpert.com wrote:
OK,
I have labbed this up pretty extensively tonight , and looked at a lot of
packet capture and I think I have my answer.
So to give a little background, I was monitoring NHRP traffic indication
packets (redirects, specifically nhrp.hdr.op.type == 8 in wireshark) being
sent and received by the