AWS to ASA VPN Issues

I needed to build a VPN tunnel from Threat Defence to AWS, which seemed to work fine. Until the VPN had been up for an hour that is…
After an hour, I was getting reports of tunnel traffic dropping out. This happened regularly every hour.
After a few hours of watching debugs and discussions with TAC, the answer presented itself.

High CPU in Firepower

I use Firepower Management Center quite a bit. Recently, I started getting health monitoring alerts telling me that CPU was at a critically high level.
These alerts were spamming me every 5 minutes for a few hours. One of our ASA’s running Firepower Services was having a bad time.

BGP With a Service Provider

So you want to peer with a service provider. Never done it before? Overwhelmed? Don’t know where to start? If this sounds familiar, then this article is for you!
We’re going to have a look at the process of peering with an ISP. We’re not going to look too deeply into the technical details. Rather, we’ll focus more on the process.

vPC and LAG Convergence

A new Nexus release brings two new features, called vPC Fast Convergence and LACP Convergence.
There wasn’t a lot of information readily available, so I’m going to share what I’ve learned here. I’d like to take a moment to thank Amith Ronad from Cisco for helping me to understand these features.

Dynamic Routing and FEX

A few weeks ago I was working on a customer’s network when I found an OSPF problem. For some reason, an ASA wouldn’t peer with a Nexus switch. To make it a bit weirder, the problem only happened on the default VRF, and only with OSPFv3. On the Nexus side, I could see the ASA neighbour, but it was stuck in INIT. On the ASA side, I couldn’t see the neighbour at all.