Profile cover photo
Profile photo
Kyler Middleton
44 followers
44 followers
About
Posts

Post has attachment
Cisco ASA - L2L VPN Filters
Hey all, Suppose you have a Cisco ASA with a L2L VPN to an  untrusted partner, and you have a requirement that large swaths of the network are included in the crypto map to this partner. However, you want to only permit particular ports, to particular hosts...

Post has attachment
Cisco ASA - Strong SuiteB Encryption - ECDHE
Hey all! So you have Cisco ASAs that handle your client remote access, and you want to be sure you're using the strongest technical security you can configure. Cisco ASAs make this pretty easy to do, but you need to be aware of a few things: This change is ...

Post has attachment
DMVPN with FVRF (Front Door VRF)
Hey all!  I'm building up my iWan skills, and in the most recent CVD (Cisco Validated Design) for iWan, Cisco recommends setting up an FVRF (Front Door VRF) for each internet connection you have at a site.  FVRFs allow your WAN routing to exist in a separat...
DMVPN with FVRF (Front Door VRF)
DMVPN with FVRF (Front Door VRF)
systems-co.blogspot.com

Post has attachment
Cisco Routers: Easy Hair-Pin NAT for Internal Guest Network
Hey all!  Recently I've been pouring myself into one particular configuration issue that is remarkably hard to solve on Cisco's IOS platform: Hairpin NAT.  I've been tasked with designing a complete architecture for almost 20 sites. They want DMZs, Guest ne...

Post has attachment
Cisco Routers: Easy Hair-Pin NAT for Internal Guests
Hey all!  Recently I've been pouring myself into one particular configuration issue that is remarkably hard to solve on Cisco's IOS platform: Hairpin NAT.  I've been tasked with designing a complete architecture for almost 20 sites. They want DMZs, Guest ne...

Post has attachment
GNS3: Redundant Phase 2 (P2P) DMVPN with Certificate Authentication
I was recently tasked with converting a VPN WAN mesh with 19
nodes on ASAs over to routers. The client initially wanted statically defined
VPNs, similar to what they were used to in the ASA scheme. However, that is a
lot of keys and configurations. Thankful...

Post has attachment
Dynamic Group Policy Assignment (Cisco ASA, Windows Radius, Cisco DAP, AnyConnect)
I had the opportunity to set up automatic group-policy assignment on a Cisco ASA from a Windows Radius server. Requirements 1. Use Radius/AD credentials and user accounts 2. Ease of use for network personnel in order to quickly troubleshoot 3. Simple, exten...

Post has attachment
Cisco 3850: Converged Access - Wired & Wireless
I've recently had the chance to set up a few WLCs (Wireless Lan Controller) for clients. SiteA is a stack of five 3850 switches. Site B has an MDF of one 3850 and an IDF of one 3850, so I had to set up one MC (Mobility Controller) and one MA (Mobility Agent...

Post has attachment
I'm An Engineer (I Think)
I spend a great deal of time thinking about where my career is headed. Am I making the right decisions, what steps are required to get to the 'next level,' etc. It's symptomatic of my age - the late 20-something disease of 'careers are hard.' How Did I Even...

Post has attachment
CCIE R/Sv5 Failed - And Not Going Back
Since I passed the CCIE Route/Switch written exam eight months ago, I've been studying at least two hours six days a week. On the weekends I've tried to set aside more time, sometimes a lot more - around six to eight hours of studying. I also work as a netw...
Wait while more posts are being loaded