Moronic Monday! Networking

---

• Moronic Monday!
• RIPE runs out of IPv4
• Python for Network Engineers, Free Course (Starts on Dec 3rd)
• GitHub for config, notes, snippets?
• How to do dot1x Monitor Mode on Nexus 9K
• Anyone have experience using radius realm's?
• Network as Code
• Your Wise Advice for a New Network Setup for a Mixed Use Space/Business
• Does L2 Subinterfaces exist?
• Question regarding some network problem and an anomaly.
• are there any compatibility issues using Finisar (FTLX1471D3BCL) 10G SM optics in cisco catalysts?
• WTH is happening with my VOIP phone traffic
• VTP server not primary?
• Confused by prosumer gear: What really is PVID and why is it not the same as an untagged interface?
• Question on SFP modules
• Help fixing HP NC552SFP
• Python and Netmiko
• Need Help - Att 1GB Fiber connection - not getting full speeds
• Aruba 8325 - VmWare - Windows Server - ECN problems
• How to connect to specific NAS ?
• Din L3 Switch
• Usg vs er-10x
• Played with routing, ended up with a multicast mess
• Aruba Clearpass Device Fingerprinting - can this work over internet?

Moronic Monday! Posted: 24 Nov 2019 05:04 PM PST It's Monday, you've not yet had coffee and the week ahead is gonna suck. Lets open the floor for a weekly Stupid Questions Thread, so we can all ask those questions we're too embarassed to ask! Post your question - stupid or otherwise - here to get an answer. Anyone can post a question and the community as a whole is invited and encouraged to provide an answer. Serious answers are not expected. submitted by /u/AutoModerator [link] [comments]

RIPE runs out of IPv4 Posted: 25 Nov 2019 10:44 AM PST https://www.ripe.net/publications/news/about-ripe-ncc-and-ripe/the-ripe-ncc-has-run-out-of-ipv4-addresses submitted by /u/vom513 [link] [comments]

Python for Network Engineers, Free Course (Starts on Dec 3rd) Posted: 25 Nov 2019 03:17 PM PST About once a quarter, we run a free Python for Network Engineer's Course. The course covers Python fundamentals, but from a Network Engineer's perspective. This generally implies the exercises, and examples are much more oriented towards networking. The course is delivered via email and consists of videos, exercises, and additional content. The course uses Python3.6 and the weekly syllabus is as follows: Week1 - Why Python, the Python Interpreter Shell, and Strings Week2 - Numbers, Files, Lists, and Linters Week3 - Conditionals and Loops Week4 - Dictionaries, Exceptions, and Regular Expressions Week5 - Functions and the Python Debugger Week6 - Netmiko Basics Week7 - Jinja2 Basics, Introduction to YAML and JSON, Complex Data Structures Week8 - Libraries, Package Installation, and Virtual Environments ​ A bit about me...I am long-time network engineer, CCIE (emeritus) in routing and switching. I also am the creator of the Netmiko library and work quite a bit on the NAPALM project. I now work full-time on teaching Network Automation. If you are interested in signing-up, see: https://pynet.twb-tech.com/email-signup.html submitted by /u/ktbyers [link] [comments]

GitHub for config, notes, snippets? Posted: 25 Nov 2019 01:42 AM PST I've explored github and gitpages and have been storing notes in markdown there. I need some place to note down my scripts and configs. A resource that I can access from anywhere without fuss. I can't seem to organize them properly though. Anyone has ideas, suggestions, samples/urls to share of their accounts? submitted by /u/r0ck32768 [link] [comments]

How to do dot1x Monitor Mode on Nexus 9K Posted: 25 Nov 2019 03:43 PM PST As title says, I'm looking to enable dot1x on our Nexus 9K (don't ask, I didn't choose them at access layer) switches that act as radius clients for ISE 2.4. I've read that monitor mode is the way to go when starting these deployments so you gain visibility before making decisions on who/how to restrict access. The problem is my code of NX-OS (7.0.3) doesn't run MAB so I have no fallback if say the device has no supplicant. Or do I? Other than upgrading to code 9.x that has the MAB feature is there any other way I could run this deployment in monitor mode? Only think I can think of is just not running dot1x on ports for sure don't have modern day supplicants. Thanks! submitted by /u/s1nsp4wn [link] [comments]

Anyone have experience using radius realm's? Posted: 25 Nov 2019 01:58 PM PST I am working on setting up a VPN concentrator(Cisco ASA). I want to setup a realm to select the tunnel group(for example vpn.companyx.com#tunnelname/nosplit(group-policy)). I've seen this in production once, but was not involved in the implementation. Not sure if anyone is running this out in the wild I posted last week about dynamic split tunneling and didn't get much of a how to. I'm thinking the group policies should be handled dynamically via authentication. I'm currently using LDAP but I'm finding radius to be far more extensible. ​ Thought's appreciated submitted by /u/brew87 [link] [comments]

Network as Code Posted: 24 Nov 2019 11:20 PM PST submitted by /u/eleitl [link] [comments]

Your Wise Advice for a New Network Setup for a Mixed Use Space/Business Posted: 25 Nov 2019 03:56 PM PST Hi, I'm setting up a completely new network for a business with between 5-23 staff and potentially up to 50 visitors for large projects and keen for your wisdom on network setup. Floor Plan The floor is approx. 200sqm with all spaces divided with full wall to ceiling height walls and doors between. Network/Comms Room that can accomodate multiple racks and commodity PCS. Into this room, comes 1 Fibre Connection directly from the street (as yet undecided/determined connection rate) and all ethernet from the following, with 23 ethernet cables in total: 4 Offices - with 3-4 Cat6 ethernet points per office. 1 Reception - 2 Cat6 ethernet points. 1 Open Plan Area - 1 Cat6 ethernet point and HDMI for a profector (from wall to ceiling mount). Wifi will be only network/internet access here and should be able to accomodate up to 50 clients. 1 Printer Room - 2 ethernet points. ​ Client/User Activities Depending on the client, day of week, etc, these will be a mix of: Coworking/collaborative work between contractors and staff, and of course between themselves - across entire floor, sometimes per office (and open or isolated network eg subnet). Courses and small conferences in the Open Plan Area (as per above - using Wifi - up to 50 clients). Ad hoc call centre operations over VOIP for promotional and product support campaigns - using ethernet in the largest office. ​ Core IT Services for Staff and Contractors All services will be run by staff, but there may be clients who will be given part control of their own services eg creating their own local storage for sharing files within an office. Network Management for Internet and LAN. Hosting of Web Sites/Apps, Email, and Files. Printer Management. ​ Specific Requirements Local configuration - no cloud management - but preferably having a local management dashboard/interface, and if not, the ability to install one or interface via another box. Network isolation by office - some collaboration will require this - and at other times all office ethernet connections will be on the same network. Wifi - some groups/contractors will require and ndividual SSID and key - Cisco's Catalyst 9130 looks perfect? VPN and all common remote connection protocol support. Minimum recognised support/security vendor reputation (contractors and clients collaborating in the spaces will at times vary from designers to bank and government contractors). ​ My Quick Thoughts My local IT provider has suggested a Cisco Meraki all-in-one router/switch, but I've read many poor reviews about Meraki (including in this sub), and it appears to require cloud configuration, which I don't want. I've considered PFSense or OPNsense boxes as they provide highly granular settings and extensibility, but am unsure of what hardware would be best for them, and whether it may best to run a bigger brand name for, say the edge router and place a pfsense/opnsense box behind it as firewall. Preferably I want to put everything in a single 42U rack to begin with and as the business grows, seperate out internal and external network gear across a few other racks. Apologies if I've used any terms incorrectly or formatted thi badly - my network experience has been setting up web and email servers (*bsds and linux) in a small startup, in the cloud, but not an office setup and one with such mixed use requirements. I have the time and budget to learn, there will be enough network expertise to run everything locally, and preferably use the network setup in a training capacity for courses in the future. I am open to your ideas and wisdom! submitted by /u/rddr1 [link] [comments]

Does L2 Subinterfaces exist? Posted: 25 Nov 2019 08:08 AM PST I have heard about L2 and L3 interfaces, and I've also heard about subinterfaces. All my Google search only points to L3 subinterfaces. Is there anything like L2 subinterfaces and if it does exist, how is it even configured and what does it do? submitted by /u/cereal_killer_69 [link] [comments]

Question regarding some network problem and an anomaly. Posted: 25 Nov 2019 03:26 PM PST My office have a serious network problem. My fiber connection and LAN connection fluke report are just terrible. As such whenever we do video conferencing via Skype for business app it is an utter nightmare. A connection before the VC could commence is really a trial and error of several calls. So we tried to switch to Google hangout. With Google hangout we do have somewhat okay connection. We don't have to make so much calls. The VC quality is bad and the video is lossy. Why is there such differences ?. It is really bugging me. I ask network experts at my company and he didn't knew either. Is it cause of the fundamental architecture of the software. If so why? I know it doesn't matter as long as VC capabilities could work but I really wanted to know why one works better than the other. P/S: I thought this had to do with the use of TCP and UDP but that sounds stupid right. Cause both of them uses mixture of TCP and UDP, right? submitted by /u/akubas86 [link] [comments]

are there any compatibility issues using Finisar (FTLX1471D3BCL) 10G SM optics in cisco catalysts? Posted: 25 Nov 2019 02:50 PM PST My vendors are quoting $2,300 for ONE 10G single mode cisco brand transciever. I can get Finisar optics from amazon for 100 times less (~$26) for one. Was wondering if there is any issues with using Finisar on a C6800-32P10G linecard in a C6800XL chassis with sup-2T? I checked and couldn't find Finisar in the cisco compatibility matrix for 3rd party optics ​ anyone with experience with Finisar? did you have any issues? ​ thanks submitted by /u/nok4us [link] [comments]

WTH is happening with my VOIP phone traffic Posted: 25 Nov 2019 11:01 AM PST I'll start by begging forgiveness for the wall of text that is about to occur but I am seriously scratching my head over this problem and would appreciate any advice on what to try next. Please let me know if there's a more suitable sub for this post - I may end up taking this to the Meraki subreddit if it seems like this issue is something funky with Meraki in particular. The basics: I am troubleshooting an issue with our VOIP phones and I have encountered some behavior while making packet captures that I am unable to explain. I'm the one-man sysadmin for my company managing a network infrastructure of 9 Meraki MS-250 switches and a Meraki MX100 firewall. I'm not a dedicated networking guy but I've had a fair bit of experience troubleshooting network issues in the last 10 years, albeit largely self-taught. This problem has me seriously stumped. While I have some backup in the form of an MSP, their networking guys are even more puzzled about this than I am (which is not a shock for this MSP, but that's a different post). The short version is that at random, VOIP phones will stop passing traffic on their connected switchport in one direction only. They appear to receive packets, but anything they send (and they do appear to send packets still) does not pass beyond the connected port on the switch. I can't figure out why this is happening. Background: The issue we are troubleshooting is that a each day a small, random selection of our 120-ish VOIP phones (mostly Cisco 8841 with some Yealink CP960) lose connection to our cloud VOIP provider (Jive). The issue occurs with between 5-10% of phones every 24H, at seemingly random times. The Jive deployment is new, and the issue has been present since we went live. We previously had around 80 Cisco 8841 phones connected to an on-premise Cisco Call manager server without any issues. Switchports are configured as access ports (VLAN 1) with a voice VLAN (150). Most ports have an access policy using 802.1X against an on-premises RADIUS server (voice VLAN clients are set to bypass authentication - yes, I know this is not ideal for security), but some are using MAC whitelisting. The problem has occurred with both policy types. Some phones have Windows clients connected via the pass-through port on the phone, and these devices continue to have normal network connectivity on VLAN1 even when the phone itself loses connectivity. Crucially, nothing about the switch config or access policies config was changed during the new deployment, and the network works for the phones exactly as designed during normal operation. I've been working with Jive support for almost 2 weeks now. We learned early on that when a particular phone goes offline, it also stops responding to ICMP PING or connections to its web interface. Jive have therefore asked me to perform a number of traffic captures to help in diagnostics. This is where I start seeing behavior that I can't explain: When I run a packet capture via the Meraki console on the switchport that the phone is connected to, the resulting capture (analyzed in Wireshark) shows that the phone is sending SIP registration packets but not receiving any reply. A corresponding capture on the uplink port to our edge firewall, run at the same time, does NOT show these packets reaching the uplink port (and therefore not reaching the firewall or the WAN). When a phone is online, packets are detected in traces run on the uplink port as would be expected. I have even tried running a trace on the uplink port of the same switch the phone is connected to, with the same results - as if the packets are not being passed beyond the connected port interface. If I run a constant PING test from another workstation on the network (even one on the same VLAN). the packet capture from the switchport shows the 'offline' phone receiving the request and sending ICMP replies, but those replies do not reach the other workstation (the PING test shows "Request timed out" and packet captures on that workstation confirm no reply packets are received). Again, captures run on uplink ports do not show the reply packets. When a phone is working normally, I can ping it just fine. Similar to 2, if I use the PING test on the Tools tab of the switch in the Meraki console to test connectivity to the phone, no response is received. However, using the Ping test on the phone's Client page of the console, a response is received (though I understand from some research that the Client page may be sending ARP PING instead of ICMP which may be complicating matters). Over the last 2 weeks while we have been troubleshooting this issue it has occurred on more than 50 phones across all 9 of our switches. In every case, the port does not show any error state or have any log entries that would indicate why it was not passing traffic (such as access policy failures, STP blocking, etc). I am at a loss to explain why the packets would be visible on the connected port but not anywhere else, when no error state seems to exist on the port. In every case, a straight reboot of the phone resolves the issue temporarily, but it will eventually recur, sometimes in as little as a day. Have I reached the point where my basics of networking knowledge falls down and I'm missing something obvious to the trained eye? Have I inadvertently discovered that Meraki is somehow awful in this use case for some reason? Am I going insane? I've opened a case with Meraki support but haven't had a reply yet. If anyone here can suggest what I should try next in terms of diagnostics, I'm all ears. submitted by /u/Trelfar [link] [comments]

VTP server not primary? Posted: 25 Nov 2019 10:47 AM PST Hi Reddit, I've seen the message a few times in the last year (different companies) and I know of the fix for it, my question is how does it get into this state? Occasionally I'll see this when creating a new VLAN "VTP VLAN configuration not allowed when device is not the primary server for vlan database." We'll have 2 switches running as the VTP server, i'm wondering if they see each other as Server and don't want to overwrite each other until the command "vtp primary vlan" command is ran. submitted by /u/tylervalo [link] [comments]

Confused by prosumer gear: What really is PVID and why is it not the same as an untagged interface? Posted: 25 Nov 2019 08:32 AM PST I had an issue at a call last week: SonicWall not talking to some devices on a new vlan. Switching was Prosafe, the managed switches offering from Netgear. The setup: A dedicated port on the SonicWall (HA stack), X2, was connected to the prosafe, 5/g11 & 5/g12. Vlan 3 was untagged, all other vlans were not participating. Sonicwall setup with the 10.1.3.1/24 address, providing DHCP, etc. Symptoms: SOME devices on 10.1.3.0/24 were working PERFECTLY fine. Others just weren't. All devices were statically addressed (DHCP was just there for convenience), IPs and masks were correct. No problems with MAC addresses. I mean the problem "felt" like there was a half-down etherchannel somewhere. Through troubleshooting, I found that DHCP was leaking into vlan 1. Solution: On the switch, I changed the PVID of the ports (that were correctly set to Untagged-vlan-3) from 1 to 3. That's it. ...why? I feel like an idiot asking: I'm not new to networking by any means; I've got nearly two decades working with Cisco/HP[E]/Aruba/Juniper/etc. I'll admit to having only passing familiarity with prosumer switching. What the hell is a PVID and why didn't it work to set vlan 3 to untagged on that port? It should have been doing nothing but talking vlan3, as no other vlans were configured on that port. Why was a PVID setting causing DHCP to leak? Why were some devices on vlan 3 working without issue, and others not? Google so far as lead me to forum threads in which people who don't know what a vlan tag is disagree with each other, confuse each other, and fizzle out when the OP does something random that ends up fixing their issue. So what, technically, is PVID, why is it separate, and how does it work with tagging? submitted by /u/porkchopnet [link] [comments]

Question on SFP modules Posted: 25 Nov 2019 10:19 AM PST submitted by /u/haxelhimura [link] [comments]

Help fixing HP NC552SFP Posted: 25 Nov 2019 10:12 AM PST Hi Does anyone have an idea how I can identify the inductor marked on the attached image (good inductor)? I'd like to try and repair a 10G network card. https://www.dropbox.com/s/hg4uo0gjxn3ro8p/good_inductor.jpg?dl=0 ​ I'll attach 2 more images, 1 NIC has the broken inductor and the other one is good, maybe it helps something https://www.dropbox.com/s/j8p6xvutbkgtr4l/both_nics.jpg?dl=0 https://www.dropbox.com/s/zux895d6p9jggw5/both_nics_zoom.jpg?dl=0 submitted by /u/m1a9r8k3 [link] [comments]

Python and Netmiko Posted: 25 Nov 2019 06:00 AM PST Hi all, I am using Python to automate switch firmware upgrades and have run into an issue almost immediately. I am new to python, see my script below. It actually works very well, logs in, copies, firmware, reboots. The issue I get stuck with is line 7. It waits there and times out with a"Search pattern never detected in send_command_expect:". I basically want it to skip looking for the search pattern and go straight to the next line after it has input "y". Because the switch reboots it'll never come back and match any "search pattern". How would I go about doing that? Thanks from netmiko import ConnectHandler from time import sleep device = ConnectHandler(device_type="hp_procurve",ip="192.168.101.3", username="manager", password="1234") output = device.send_command("copy tftp flash 192.168.101.80 YA_16_04_0016.swi primary", expect_string=r"Continue [y/n]?") output = device.send_command("y", delay_factor=2) output = device.send_command("boot system flash primary", expect_string=r"Continue [y/n]?") output = device.send_command("y") device.disconnect() submitted by /u/RealiNveiN [link] [comments]

Need Help - Att 1GB Fiber connection - not getting full speeds Posted: 25 Nov 2019 01:26 PM PST Hey guys, My customer recently upgraded from a ATT 100M fiber to a 1000M Fiber connection, we have found that the cisco 1921 onsite with SFP modules can not handle the full 1000M bandwidth. We have a Cienna 3930 handoff that has 1GB and 10GB connectivity options. What is your recommended setup to achieve full 1000m Bandwidth and why (assuming we get even close to the provision speeds - i expect around 900+M and we are getting no more then 400M currently), no NATing, DHCP, or firewall is needed, we already have sonicwall 2650's onsite, so router needs to be in passthrough basically to convert 255.255.255.252 to 255.255.255.224 IP block ​ Please assist. My director left company Last Fri and now I am tasked with solving all issues submitted by /u/Orm1server [link] [comments]

Aruba 8325 - VmWare - Windows Server - ECN problems Posted: 25 Nov 2019 06:41 AM PST Networkers! We have just deployed 4 new Aruba 8325 switches in our data center, and we are facing some issues. Here is the setup: 2 x 8325 switches in Computer Room 1 - connected with a 2 x 100G LAG (running VSX) 2 x 8325 switches in Computer Room 2 - connected with a 2 x 100G LAG (running VSX) The "switch clusters" in Computer Room 1 & 2 is connected with 4 x 10G interfaces, bundled together in one LAG. In the Computer Room 1 we have multiple ESX(VmWare hosts redundantly connected to the two 8325s. They are connected with 25G interfaces (DAC). Problem What we have found is that moving data between the Windows Server guests (Windows Server 2012+) is very slow (20-50MB/s). Moving data between the Linux servers is as fast as expected. vSAN and vMotion is also running without any problems. Previously the same ESX/VmWare hosts were connected to old 5412 switchs with 10G interfaces. We never had performance issues in that environment. Our VmWare team has been troubleshooting all weekend with WmWare, Dell, Microsoft and Mellanox. So far it seems the the slow speed between the Windows servers is caused by the ECN feature. If we disable ECN on the Windows Servers, the speed is as expected. We have contacted Aruba support and asked them to investigate this, and they are currently analyzing our logs. I can also see that it's possible to create some kind of ACL to detect ECN in the 8325 switches. Not really sure how that works. It seems that it might be used together with QoS in some way... Or maybe it can be used to "strip" the ECN info. Interested to hear if any of you have had similar problems on this (or other) switching platforms. And of course if you have found any solutions (other than disabling ECN on the Windows Server guest). /Kenneth submitted by /u/gregersenk [link] [comments]

How to connect to specific NAS ? Posted: 25 Nov 2019 12:05 PM PST Hi all, i'm developer and i created a front-end to managed freeradius server. To connect a customer we create vlans in mikrotik routerboard and cisco switch then we create pppoe server and assign to the vlan. Is there a entry in freeradius database like radcheck or radreply to assign a username to specific NAS ? submitted by /u/marsalans [link] [comments]

Din L3 Switch Posted: 25 Nov 2019 07:34 AM PST I'm looking for a fairly cheap DIN mounted L3 switch. Needs: OSPF, Static L3 interfaces, minimum 6-8 ports, minimum Fast Ethernet, 24-48vDC. Wants: Gig ethernet, central management, well known brand, harsh environment ready, SFP uplinks. Thanks for any ideas. submitted by /u/KillingRyuk [link] [comments]

Usg vs er-10x Posted: 25 Nov 2019 04:51 AM PST I am in need of some advice, opinions, and thoughts. Apparently I have become the IT department for a small business so this is my first setup. I have to supply internet/wifi to 3 or 4 buildings on one property which I am going to do mostly with direct burial cat6. For a total of 4 access points and one direct to PC connection in one of the buildings The problem I'm running into is I'm new to this and ubiquiti makes a very appealing system that it feels like I have a grasp on. My issue is I'm torn between a USG with a unify 8-60w switch or just a er-10x. Side question. Do I need a cloud key to access the interface with the usg or can I do that through the switch? submitted by /u/expansion369 [link] [comments]

Played with routing, ended up with a multicast mess Posted: 25 Nov 2019 01:42 AM PST I'm trying to learn about L3 switch routing. I thought I had great success today, but it turns out I only traded one problem for another. I'll describe the environment: I have an HP Aruba 3810 and a sizable number of VLANs, though the ones of importance are VLANs 2, 10, and 1000. The latter (1000) has a domain controller and a 40GbE NAS which I want the devices on VLANs 2 and 10 to communicate with, but I don't want devices on VLAN 2 to be able to communicate directly with VLAN 10 devices and vice versa. Nor do I want any of the other VLANs to cross-communicate. To reiterate, 2 can talk to 1000 and vice-versa, 10 can talk to 1000 and vice-versa, but 2 may not talk to 10 or vice versa. And the rest of the VLANs keep to themselves. Anyway, I managed to discover how to do that quite successfully! I found the relevant commands (see below) and set the workstations to use the 3810M as their gateway, and voila! All seemed to be great... ...except for a new problem. That problem: _All_ VLANs are now getting multicast/IGMP/mDNS traffic from _all_ other VLANs. For example, my environment is all Macs, and in Finder it'll list nearby devices found via Bonjour/MDNS. And I've now got machines on exclusively VLAN1 that are seeing Bonjour/MDNS announcements from machines on other VLANs 2, 5, 10, 50, you name it. I didn't change _a thing_ on any of the other VLANs or the workstations on them. The machines on those other VLANs aren't even using the 3810M as their gateway. I haven't the faintest idea why this is happening and I don't even know where to _begin_ diagnosing this. Heck, the Multicast and Routing guide for the 3810M is 460 pages. Someone throw me a bone? In case it helps, here's a truncated version of my config file, mainly containing the parts relevant to routing. I'd appreciate it if someone would tell me where I went stupid in this, if I have. ​ igmp filter-unknown-mcast igmp lookup-mode ip ip access-list extended "OnlyVLAN02-and-1000" 1 permit ip 10.2.0.0 0.0.255.255 0.0.0.0 255.255.255.255 2 permit ip 10.0.0.0 0.0.255.255 0.0.0.0 255.255.255.255 exit ip access-list extended "OnlyVLAN10-and-1000" 1 permit ip 10.10.0.0 0.0.255.255 0.0.0.0 255.255.255.255 2 permit ip 10.0.0.0 0.0.255.255 0.0.0.0 255.255.255.255 exit ip dns server-address priority 1 1.1.1.1 ip route 0.0.0.0 0.0.0.0 10.0.1.1 metric 250 ip routing vlan 1 no ip address ip igmp ip igmp version 3 exit vlan 2 ip access-group "OnlyVLAN02-and-1000" out ip address 10.2.1.241 255.255.0.0 ip igmp ip igmp version 3 exit vlan 5 no ip address ip igmp ip igmp version 3 exit vlan 10 ip access-group "OnlyVLAN10-and-1000" out ip address 10.10.1.241 255.255.0.0 ip igmp ip igmp version 3 exit vlan 50 name "VLAN50" no ip address ip igmp ip igmp version 3 voice exit vlan 1000 ip address 10.0.1.241 255.255.0.0 ip igmp ip igmp version 3 exit submitted by /u/XStylus [link] [comments]

Aruba Clearpass Device Fingerprinting - can this work over internet? Posted: 25 Nov 2019 05:21 AM PST I am hoping to setup a single Aruba Clearpass instance hosted in a remote colo. The idea was that this would provide RADIUS authentication, to an Aruba Mobility Master, also in that same colo. We then have several local networks, each with a mixture of wired/wireless devices. I'd also like to do device fingerprinting for devices in each local network However, how exactly does device fingerprinting work if your'e not on the same Layer 2 network? submitted by /u/victorhooi [link] [comments]

You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States