Monthly Archives: March 2012

IP Helper Address on the ASA

In a branch office environment, it is often desirable to backhaul DHCP requests to a centralized DHCP server. DHCP request are initially sent to a broadcast address and therefore do not typically get forwarded through a router or other layer … Continue reading

Posted in CCIE Security, Certification, Network, Security, Technology | Tagged , , , | 12 Comments

IP Fragmentation and MTU

Earlier this week, someone asked me a simple question about the “Fragment Offset” in an IP Packet Header. I have to admit that my understanding this field was slightly incorrect. Before I come clean with my misinterpretation, I wanted to … Continue reading

Posted in Network, Technology | Tagged , | 6 Comments

Classifying IPSec Traffic for Hierarchical Priority Queuing with the ASA

This past weekend I wrote an article that demonstrated the use of hierarchical priority queuing with the ASA. The last example in that article showed that this qos method properly with the IPSec encapsulated traffic as well. Today’s article started … Continue reading

Posted in CCIE Security, Certification, Network, Security, Technology | Tagged , , , , | 1 Comment

How to Implement Priority Queuing on the ASA

Last week, I wrote about one of the typical scenarios that we run into with ASA implementation. As described here, that scenario is one in which the ASA can transmit traffic at 100Mb/s (or 1000Mb/s), but our service provider dropped … Continue reading

Posted in Network, Security, Technology | Tagged , , , | 3 Comments

QoS Challenges with VPNs

Something that comes up regularly are questions regarding QoS on VPN’s. There are several challenges related to QoS in the typical Internet connected environments that I come in contact with. These challenges are not really a result of the VPN … Continue reading

Posted in CCIE Security, Certification, Security, Technology | Tagged , , | 1 Comment