Update on Cybrary Customer Service Issue (I Was Wrong) Networking |
- Update on Cybrary Customer Service Issue (I Was Wrong)
- Director of IT applauded after ransomware encryption. Wuh?
- Anyone use GTT Communication for fiber?
- What is the difference between a BVI interface and a bundle-Ether interface?
- How do people QoS/throttling guest wireless?
- The vFlow v0.6.5 has been released!
- Hey guys need some help with isolating IP addresses(noob)
- redundant links between stack, layer 2 loops
- Unable to access Juniper Jweb from fxp0, but can on ge-0/0/0?
- Paloalto Auth Profile
- HP qinq enable and qinq transperent-vlan vlan-id questions
- 48 Port Access Switch with POE with Fan PSU to IO
- Cisco 819 seemingly blocking random services
- Noob Query about Fibre to Ethernet media converter.
- Learning other technologies/trends while studying towards a goal(CCIE)
- Assign VPN Pool From ISE
- Dell N series Switches CLI vs GUI
- How can I make a vlan ACL on a ProCurve 3500?
- LAN Switching Issue
- Higher learning Question
- Is it possible to damage switch by connecting non-poe device to passive poe port?
- Hi guys (Noob query ports)
- Seeking advice on Cisco IOS update
- Nat on asa
| Update on Cybrary Customer Service Issue (I Was Wrong) Posted: 30 Aug 2018 07:46 AM PDT Okay, admitting you are wrong on the internet feels lousy but it is the right thing to do even if this doesn't get a lot of views. I posted about Cybrary having "predatory" business practices when it came to cancellation of their Insider Pro Program. I admit this was a pretty big exaggeration fueled by frustration more than anything else. The practices were not predatory but rather that they were unclear. I received this email today from Trevor, the president of Cybrary:
After reading this it is pretty clear that the way I interpreted the initial conversation I had was off and a bit quick to jumping to conclusions. It's nice seeing the president of a company give such great attention to a customer service issue and stay on the front lines as well. That earns my respect. It also appears that whatever miscommunication happened probably won't happen again. Please don't discredit Cybrary because of my misleading previous post. Thank you. [link] [comments]  |
| Director of IT applauded after ransomware encryption. Wuh? Posted: 29 Aug 2018 05:54 PM PDT My small company (250 employees) was recently taken down by ransomware that encrypted all our mission critical data. I'm down the hierarchy but know that we've been completely immobilized and they're bringing in an outside firm to help salvage our business. Our CEO had all employees stand and applaud the Director of IT for all the work being done to fix it. Shouldn't he be accountable for our lack of data redundancy plan and overall network security? [link] [comments]  |
| Anyone use GTT Communication for fiber? Posted: 30 Aug 2018 12:39 PM PDT Anyone use GTT Communication for fiber? We are looking to switch from Comcast for to GTT for a 500mb circuit in San Jose. I've heard some good things and some bad things. [link] [comments]  |
| What is the difference between a BVI interface and a bundle-Ether interface? Posted: 30 Aug 2018 11:46 AM PDT |
| How do people QoS/throttling guest wireless? Posted: 30 Aug 2018 07:27 AM PDT I'm having trouble finding the best way to QoS/Throttle our public wireless. We're a school district in a hub and spoke topology and are Cisco based for switching/routing and Fortinet for wireless. Each site has a Catalyst 3850 core stack that feeds back to our central 9410R core at the primary site. We pipe our outbound traffic through a bridged content filter (for CIPA compliance) into a edge 3850 switch with an ASA 5525X sitting between outbound and inbound VLANs on it. I've wasted countless hours trying to get the QoS rules on my Fortinet wireless controllers to work and have given up at this point (don't but Fortinet wireless, the OS is a dumpster fire.) Now I have to decide where I want to try to police my connection on my switches or ASA. Each site has it's own subnet and our guest wireless is always on 10.XXX.224.0/19. I'm thinking about throttling guest connections down to 10mbps max. My gut is to do it on our ASA but I don't know how to achieve it since I'm not super well verse with ASA service policies. [link] [comments]  |
| The vFlow v0.6.5 has been released! Posted: 30 Aug 2018 11:54 AM PDT https://github.com/VerizonDigital/vflow High-performance, scalable and reliable IPFIX, sFlow and Netflow collector (written in pure Golang). Features
https://github.com/VerizonDigital/vflow/releases/download/v0.6.5/vflow-0.6.5-x86_64.deb https://github.com/VerizonDigital/vflow/releases/download/v0.6.5/vflow-0.6.5-x86_64.rpm [link] [comments]  |
| Hey guys need some help with isolating IP addresses(noob) Posted: 30 Aug 2018 01:57 PM PDT I recently got a business internet with 5 static IP addresses, from my knowledge the only way to isolate the static ip address is to buy a switcher(dont know which kind managed/unmanaged) and from there i need 5 routers to connect to the switcher so each router gives off a different IP through the configuration. This is the end goal of what I am trying to do 5 routers giving 5 different IP's. if there is another way can someone explain it to me Did I get this right or am I in the wrong here? some help would be appreciated. Edit: IP addresses are attained online through their software they said by assigning mac addresses to different ports or routers not sure. I need to make a call again and record it. [link] [comments]  |
| redundant links between stack, layer 2 loops Posted: 30 Aug 2018 09:51 AM PDT So I have 3750g stack pair acting as core with 4 stack pair of 3750 48 ps as aggregate stack pair. Can I run two layer 2 trunk links between each of the stack switch to the agg stacks ? so My setup will look like ; Core stack sw 1 gig1/0/1 <- Layer 2 trunk-> Agg stack sw 1 Gig 1/0/1 Core stack SW 2 gig 2/0/1 <- Layer 2 trunk-> Agg stack SW 2 Gig 2/0/1 Will this setup cause layer 2 issues ? Thanks. [link] [comments]  |
| Unable to access Juniper Jweb from fxp0, but can on ge-0/0/0? Posted: 30 Aug 2018 12:55 PM PDT Im new to Juniper and trying to configure Jweb access on a vSRX. I've enabled fxp0 and assigned it an IP and enabled HTTP web-management. The IP is on the same subnet as the rest of my IP's on my network. (No security zone assignment as that is not possible on fxp0). I tried to load the Jweb page via internet explorer but it wont come up. When I tried to assign the IP address to interface ge-0/0/0 and put that interface in the trust zone and assigned it the web management IP, I can successfully load the internet explorer page. Why wont fxp0 load Jweb but the ge-0/0/0 will? [link] [comments]  |
| Posted: 30 Aug 2018 12:51 PM PDT We want people to be able to sign into captive portal with user@domain.com or just user. We've tried all sorts of combinations with the modifiers and domain, but haven't had it work both ways. We've had it work with one setup where it let them log in both ways, but would only see the user's AD groups if they signed in as user@domain.com. When they signed in as just user, it let them in but didn't see their AD groups. Anyone here have this working this way? LDAP [link] [comments]  |
| HP qinq enable and qinq transperent-vlan vlan-id questions Posted: 30 Aug 2018 12:46 PM PDT Hello, I have some qustions about q in q in HP switches In the following config int gig 1/0/5 description# NNI_XXX port link-type trunk port trunk permit vlan 1404 1406 1413 3879 qinq enable qinq transparent-vlan 3879 So what is the difference between vlan 3879 and the other vlans I mean in Cisco when you are doing qinq you have s-tag (vlan in access mode and switchport mode qinq tunnel on the egde interface) but in this case I have several vlans and doing qinq? How is that working? I read a lot in HP forums but it is still unclear for me... [link] [comments]  |
| 48 Port Access Switch with POE with Fan PSU to IO Posted: 30 Aug 2018 11:41 AM PDT I've been searching for 4 access 48 port switches with POE with fans PSU to IO. I've checked with Dell but they say they don't have any with PSU to IO. I'm waiting for Cisco's response but they taking longer than usual. Any idea? [link] [comments]  |
| Cisco 819 seemingly blocking random services Posted: 30 Aug 2018 11:23 AM PDT I have a Cisco 819 with a Verizon Sim card in it and have it setup to be transparent to handoff to a Meraki network. We seem to hav e connection to the site and I am able to vpn in but some web pages are not working, and external services, like slack and socket comms seem to be not working. For instance, I can go to bing.com and search and that works, but can't go to some URL's like yahoo.com. I am able to ping yahoo.com, get DNS resolution, and then I tried to use that IP the site still times out. Doesn't appear to be a DNS issue. Wondering if anyone here can help me out and check over my config to see if maybe its something in here doing it? The only thing that changed at this site was moving over to this box instead of using an USB stick modem in the MX. Thanks Current configuration : 8936 bytes ! ! Last configuration change at 17:54:40 UTC Thu Aug 30 2018 by admin ! version 15.6 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption service internal ! hostname yourname ! boot-start-marker boot-end-marker ! ! logging buffered 51200 warnings ! no aaa new-model ethernet lmi ce ! crypto pki trustpoint TP-self-signed-1840704989 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1840704989 revocation-check none rsakeypair TP-self-signed-1840704989 ! ! crypto pki certificate chain TP-self-signed-1840704989 certificate self-signed 01 ##### quit ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ip dhcp excluded-address 10.10.10.1 ! ip dhcp pool ccp-pool import all network 10.0.0.0 255.255.255.0 default-router 10.10.10.1 lease 0 2 ! ! ! ip domain name yourdomain.com ip name-server 8.8.8.8 ip inspect WAAS flush-timeout 10 ip cef no ipv6 cef ! ! flow record nbar-appmon match ipv4 source address match ipv4 destination address match application name collect interface output collect counter bytes collect counter packets collect timestamp absolute first collect timestamp absolute last ! ! flow monitor application-mon cache timeout active 60 record nbar-appmon ! parameter-map type inspect global max-incomplete low 18000 max-incomplete high 20000 nbar-classify ! ! ! ! multilink bundle-name authenticated ! ! chat-script lte "" "AT!CALL" TIMEOUT 20 "OK" ! ! ! ! ! license udi pid C819HG-LTE-MNA-K9 sn FTX2137Z05V ! ! object-group service INTERNAL_UTM_SERVICE ! object-group network Others_dst_net any ! object-group network Others_src_net any ! object-group service Others_svc ip ! object-group network Web_dst_net any ! object-group network Web_src_net any ! object-group service Web_svc ip ! object-group network local_cws_net ! object-group network local_lan_subnets any ! object-group network vpn_remote_subnets any ! username admin privilege 15 secret 5 password ! redundancy notification-timer 120000 ! ! ! ! ! controller Cellular 0 lte sim data-profile 1 attach-profile 1 slot 0 lte modem link-recovery rssi onset-threshold -110 lte modem link-recovery monitor-timer 20 lte modem link-recovery wait-timer 10 lte modem link-recovery debounce-count 6 no cdp run ! ! class-map type inspect match-any INTERNAL_DOMAIN_FILTER match protocol msnmsgr match protocol ymsgr class-map type inspect match-any Others_app match protocol https match protocol smtp match protocol pop3 match protocol imap match protocol sip match protocol ftp match protocol dns match protocol icmp class-map type inspect match-any Web_app match protocol http class-map type inspect match-all Others match class-map Others_app match access-group name Others_acl class-map type inspect match-all Web match class-map Web_app match access-group name Web_acl ! policy-map type inspect LAN-WAN-POLICY class type inspect Web inspect class type inspect Others inspect class type inspect INTERNAL_DOMAIN_FILTER inspect class class-default drop log ! zone security LAN zone security WAN zone security VPN zone security DMZ zone-pair security LAN-WAN source LAN destination WAN service-policy type inspect LAN-WAN-POLICY ! ! ! ! ! ! ! ! ! ! ! interface Loopback1 description ### always-on interface ### ip address 1.2.3.9 255.255.255.255 ip nat inside ip virtual-reassembly in ! interface Cellular0 ip address negotiated no ip unreachables ip nat outside ip virtual-reassembly in encapsulation slip load-interval 30 dialer in-band dialer idle-timeout 0 dialer string lte dialer string ltescript dialer watch-group 1 async mode interactive ! interface Cellular1 no ip address encapsulation slip ! interface FastEthernet0 no ip address ! interface FastEthernet1 no ip address ! interface FastEthernet2 no ip address ! interface FastEthernet3 no ip address ! interface GigabitEthernet0 no ip address shutdown duplex auto speed auto ! interface Serial0 no ip address shutdown clock rate 2000000 ! interface Vlan1 description $ETH_LAN$ ip address 10.0.0.1 255.255.255.0 ip nat inside ip virtual-reassembly in ip tcp adjust-mss 1452 ! ip forward-protocol nd ip http server ip http access-class 23 ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ! ! ip nat inside source static 10.0.0.2 interface Cellular0 ip route 0.0.0.0 0.0.0.0 Cellular0 ! ip access-list extended NAT permit ip 10.0.0.0 0.0.0.255 any ip access-list extended Others_acl permit object-group Others_svc object-group Others_src_net object-group Others_dst_net ip access-list extended Web_acl permit object-group Web_svc object-group Web_src_net object-group Web_dst_net ip access-list extended nat-list permit ip object-group local_lan_subnets any ! dialer watch-list 1 ip 5.6.7.8 0.0.0.0 dialer watch-list 1 delay route-check initial 60 dialer watch-list 1 delay connect 1 dialer-list 1 protocol ip permit ipv6 ioam timestamp ! access-list 23 permit 10.10.10.0 0.0.0.127 access-list 23 permit 10.0.0.0 0.0.0.255 ! control-plane ! ! ! mgcp behavior rsip-range tgcp-only mgcp behavior comedia-role none mgcp behavior comedia-check-media-src disable mgcp behavior comedia-sdp-force disable ! mgcp profile default ! ! ! ! ! ! ! line con 0 login local no modem enable line aux 0 line 2 no activation-character no exec transport preferred none transport input all stopbits 1 line 3 script dialer lte no exec rxspeed 100000000 txspeed 50000000 line 8 no exec rxspeed 100000000 txspeed 50000000 line vty 0 4 access-class 23 in privilege level 15 login local transport input telnet ssh line vty 5 15 access-class 23 in privilege level 15 login local transport input telnet ssh ! scheduler allocate 20000 1000 ! ! ! ! ! ! end [link] [comments]  |
| Noob Query about Fibre to Ethernet media converter. Posted: 30 Aug 2018 06:19 AM PDT Needing to convert a fibre to ethernet (well forced to for various reasons). Been given one of these TP Link boxes by the cabling guys as standard and wondering exactly if there's any caveats \ gotchas I need to be wary of? https://www.tp-link.com/us/products/details/cat-43_MC100CM.html I'm assuming these things have no logic at all and it's just a straight what comes in goes out the other end. Specifically in terms of VLANs but I assume in general it's just what comes in goes out the other end? [link] [comments]  |
| Learning other technologies/trends while studying towards a goal(CCIE) Posted: 29 Aug 2018 08:45 PM PDT As many of you probably already know , studying for certification such as the CCIE is no joke when it comes to time management. Its not uncommon to see people putting 20-30 hours worth of study time a week towards the cert. I'm soon heading down this track as well since i want a deep understanding of how all the core network protocols work and also obtain that number.. That being said, i realize networking isn't just routing and switching anymore. There's a lot of other technologies that have or are becoming a requirement for a network engineer to know in order to stay competitive in this field such as AWS,NGFW,Load balancers,Python,and SDN. My question is , how do you learn all these other technologies while also studying for difficult goal such as the CCIE? Should i put those other things on pause? Or should i stop studying for my CCIE and learn those other technologies first? Maybe i should try learning them all once? [link] [comments]  |
| Posted: 30 Aug 2018 03:39 AM PDT I have a 2130 firepower box, and I have 3 local pool IP's (staff, student, admin) for anyconnect. When a user authenticates, I want to get the ISE server to determine the name of the local pool to be used, depending on the AD group of the user. This then sends a radius message to the ASA, with instructions of what pool of IP addresses the client should be allocated an IP address from, based on the pool name (determined by ISE). The ISE server is setup to get this working already, just with ASA's. The radius attribute in ISE is set to "Radius-Cisco VPN 3000/ASA/PIX7.x" to get it working. An example of what I'm talking about is shown in a forum post by another user below, when ACS was the main product before ISE. However, how do I configure the firepower side for this, and is this radius attribute still the same one I need to configure on the ISE server for the firepower boxes to work? [link] [comments]  |
| Dell N series Switches CLI vs GUI Posted: 30 Aug 2018 09:33 AM PDT I was checking the settings on the CLI and i don't see the settings of the stack ports, but when i use show switch stack-ports , it shows the stack ports. I checked in GUI the ports are set to stack port. Isn't that it suppose to have some lines about the stack ports? [link] [comments]  |
| How can I make a vlan ACL on a ProCurve 3500? Posted: 30 Aug 2018 08:50 AM PDT Hi all, it's been many moons since my Cisco classes and I haven't had to deal with router configs in a bit... Our core ProCurve 3500 is a L3 switch that routes all production traffic out to the internet, as well as between vlans. It knows of 3 vlans (vlan 10,20,30). I am wanting to add a guest wireless network that will go out a separate connection (it will leave via a comcast modem, not thru this L3 device and our primary broadband). I'm thinking i need to add something like Vlan 222 (random number) to all necessary switches (and tag the uplinks) as well as this core 3500. I'd set the gateway of Vlan 222 to point to the Comcast router. But what do I need to enter to deny ALL traffic on Vlan 222 to vlans 10,20,30, as well as vice versa? I want this guest vlan to be completely separate technically from the production network. I know that an out of band wiring scheme would be best, but due to the complexity of my building, that may be more labor and $ than allowed. [link] [comments]  |
| Posted: 30 Aug 2018 08:50 AM PDT Hello, I am facing an issue where a few of my Dell and 1 Adtrane switches are losing management connectivity. The management IP stops pinging and only a reboot revives it. However the strange part is the switches continue to work and pass traffic, it just appears to be the management IP on the switch. I am going to update firmware later this week to see if that fixes it. I find it odd its multiple switches though and different vendors. It just used to be the old Adtrane switch but now its spread to the Dell switches. I thought maybe it would be a duplicate IP on the network detected but I have not looked into that yet. Any thoughts or suggestions or need more information? [link] [comments]  |
| Posted: 30 Aug 2018 08:36 AM PDT I'm a sysadmin but wanted to brush up on my switch and routing skills. We're an HP shop and I can't get my head around properly vlanning and routing with the switches. The location my employer provides for classes is New horizons. Does anyone have any recommended classes to take? They mainly offer Cisco and the commands don't seem that far off. Either that or any good book suggestions? [link] [comments]  |
| Is it possible to damage switch by connecting non-poe device to passive poe port? Posted: 30 Aug 2018 08:29 AM PDT I accidentaly connected an old x200 laptop to passive 24V poe enabled port on 16 port unifi switch for ~1 minute. Laptop's NIC is probably fried, i didn't check it yet, but i was unable to connect it to network. My question is if i could have damaged switch too. [link] [comments]  |
| Posted: 30 Aug 2018 06:24 AM PDT Hi guys I been working as a DC Engineer for the past year, am currently doing my CCNA with aspirations to go into a 3rd line Networking position just to give abit of context. Is there Common ports to unblock to allow network functionality? that is always part of your procedure when configuring a ASA/Firewall, I'm trying to get good habits in now in the sims before real world application. Much Appreciated and Thanks for the help. [link] [comments]  |
| Seeking advice on Cisco IOS update Posted: 30 Aug 2018 05:34 AM PDT Hello, today i got couple switches and now i looking to update them but i got confised. From SW1 i got: System image file is "flash:/c3750-advipservicesk9-mz.122-46.SE/c3750-advipservicesk9-mz.122-46.SE.bin" From SW2 i got: System image file is "flash:/c3750-advipservicesk9-mz.122-46.SE/c3750-advipservicesk9-mz.122-46.SE.bin" But at Cisco site there is no "Advanced IP Service" version under latest firmware. Am i missing something? [link] [comments]  |
| Posted: 30 Aug 2018 05:24 AM PDT NAT on ASA is not my strongest suit. I have an ASA 5510. If I want to allow whole bunch of public IPs from different ranges to single inside host, i would need allow inbound ACL and nat correct? If I have let's say 10 IPs to allow, I would need 10 nat statements? Also, these would be restricted inbound to particular port numbers [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment