Moronic Monday! Networking |
- Moronic Monday!
- Cisco FTD future
- Best "alternatives" to putty?
- Cisco 2960-X/plus EoS?
- Objections to training?
- WLC 8540 SSO Failover random
- Default route fail-over between BGP peers? (BFD questions)
- Anybody using the Spamhaus DROP, EDROP or BCL service with BGP?
- Step by step to diagnose a network problem?
- Firewall upgrade from ASA 5505
- Induce SSID Switch in clients via NAC.
- Help: Purchasing a small business firewall - what to do with fiber
- Monitoring latency between 2 routers with PRTG
- LTE router pre-shared-key
- Using Ntop to export/alert when new users join a Network
- Metadata tags for networking sharepoint
- Cisco RV130 - Not allowing 255.255.0.0 DHCP ranges
- Draytek LAN -> LAN rules not working
- Portforwading with the same Port number to the same router on 2 different WAN interfaces
- Unifi L2TP unable to route/connect to connected switch?
Posted: 02 Feb 2020 05:04 PM PST It's Monday, you've not yet had coffee and the week ahead is gonna suck. Lets open the floor for a weekly Stupid Questions Thread, so we can all ask those questions we're too embarassed to ask! Post your question - stupid or otherwise - here to get an answer. Anyone can post a question and the community as a whole is invited and encouraged to provide an answer. Serious answers are not expected. [link] [comments] |
Posted: 03 Feb 2020 07:53 AM PST Hi, I heard some rumour cisco is going to develope a new NGFW (real unified image) and drop the firepower NGFW slowly. Does anybody know if this is true or just total shit talk? [link] [comments] |
Posted: 03 Feb 2020 11:02 AM PST Hello all! I currently use SecureCRT from VanDyke to facilitate in telnet/SSH sessions. However, the licensing structure is very draconian and instead of just buying licenses for the new version I'd thought I'd reach out and see what you all are are using. I do like Solar-Putty... its a nice interface but does lack some of the more powerful scripting/integrations that SecureCRT has. What are you all using??? [link] [comments] |
Posted: 03 Feb 2020 02:40 PM PST I know the 2960-X series switches have no announced EoS date but I have a significant number of switches in this category that I know will catch us off guard when announced. The release dates for 2960+, 2960-X(R) are all in Q2 2013. Any educated guesses out there when we should expect these to go EOS? Best I can tell is a lot of people assume "this year". Anyone have anything more than a guess? [link] [comments] |
Posted: 03 Feb 2020 09:56 AM PST Hi all, I'm working to put together a training plan for a team. We're expecting to get a bunch of objections from management. What are some of the objections you've heard in your career? We're trying to be well prepared with responses to each of the objections. At a minimum we're expecting these objections:
If you have any other objections to add to the list, I'm keen to read them. Feel free to include responses as well. Hopefully there are some other people in /r/networking that will benefit from this. Thanks! [link] [comments] |
Posted: 03 Feb 2020 07:13 AM PST Hi all, i have 2 WLC in sso with Release software 8.7.106.0. For the same client i have others 2 WLC (that are used for testing) in sso with the same release software. The WLC are in 2 different datacenter and the following prerequisites are respected: · RTT Latency < 80 ms · Bandwidth ≥ 60 Mbps · MTU 1500 bytes The only difference beetween the 2 WLC of prodcution and 2 WLC of test are that they are linked on different switch, but same model (juniper). We have random reboot of primary WLC and so, the backup become primary. Someone have any idea on this issue? thanks [link] [comments] |
Default route fail-over between BGP peers? (BFD questions) Posted: 03 Feb 2020 11:01 AM PST Good morning! I just wanted to get some peoples opinions on what they would do/try in my situation to see if there's a better way to be doing this. I have an office site that has two routers, we will call them B1 and B2. These routers are connected to each other and running ibgp between them. B1 is also peered via ebgp with our ISP1, and getting a default route from the bgp peering. B2 is then also peered with ISP2 which is an IPVPN/L3VPN connection; also peered with ISP2 is our datacenter which is sending a default route into the "mpls" for other sites to use as backup internet. So pretty simple multihome setup: B1 connected to ISP1 and getting default via BGP, B2 connected to "MPLS" and getting default route from datacenter via BGP. But, right now failover is set up doing an IP SLA with a static route out to ISP 1. I inherited this network a couple years ago and I have been going through and slowly updating/optimizing/fixing all the patchwork routing - and this month is FailOver-January. Is there a better way to be doing this? I was thinking BFD (assuming the DIA ISP supports it). But I have a few questions about BFD: 1) does BFD need to be configured on just the ISP1/Primary peer session, or on both? 2) if both does the multihome being on two different routers cause issues? 3) Is there an issue doing BFD on a peering with the ISP2 doing IPVPN when the peering is with the ISP but default is coming from the remote datacenter (2 hops away)? If BFD isn't the cream dream here, what else do people recommend? I can't get access to my networking lab for a couple weeks so hand jamming configs in excel for testing fun once I get back into an office. [link] [comments] |
Anybody using the Spamhaus DROP, EDROP or BCL service with BGP? Posted: 03 Feb 2020 07:31 AM PST As the title asks, anybody using the Spamhaus DROP, EDROP or BCL service with BGP? I'm wondering what your experiences have been and how quick they are to add prefixes responsible for SPAM and botnets. More info - https://www.spamhaus.org/bgpf/ [link] [comments] |
Step by step to diagnose a network problem? Posted: 03 Feb 2020 04:00 PM PST This is a question that always gets asked on interviews. I'm a junior in the networking world and am curious how more senior guys tackle this problem. Scenario: You have an end user who says the "internet is down" or the "internet is slow". Where do you start? What are the steps you go about addressing this? [link] [comments] |
Firewall upgrade from ASA 5505 Posted: 03 Feb 2020 10:53 AM PST Afternoon all. I've been reading over the threads in the past year or so and the recommendations vary a lot. Basics for the facility:
I've looked at a few brands including the pfSense SG3100, Fortigate 60E, SonicWall TZ350, etc. Is there any reason to choose one or the other? Also, I saw where Cisco may have released the 55XX's successor in the FRP 1000 series. Is that true or should I just ignore those (Cisco doesn't seem to be recommended anymore)? I've had to update a few items on the ASA 5505, and the guy who did it previously literally followed the absolute basic "here's how" guide. I'm not under a pricing restriction, but it looks like most of the entry-level items now run ~500 without client restrictions. [link] [comments] |
Induce SSID Switch in clients via NAC. Posted: 03 Feb 2020 08:46 AM PST We're trying to solve an issue with our corp/guest wifi. For reasons outside of my control, we have to allow userID/password access to wifi. This however allows people to connect their personal devices to the corp wireless. We're in the process of rolling out EMM, and Forescout. Has anyone come up with a method to force non-EMM users, (or anyone for that matter), to be moved from one SSID to another? We'd like to have it so that if you're not enrolled in EMM, then you get kicked off corp and presented with our captive portal for guest. [link] [comments] |
Help: Purchasing a small business firewall - what to do with fiber Posted: 03 Feb 2020 10:56 AM PST We have a small group here, less than 15 users. Currently we run from comcast modem via fiber to our netgear switch - ethernet to each workstation. Works great but we want to increase security. The firewalls im seeing online that fits our needs do not have a fiber port - so whats the best option for us? looking at this https://www.amazon.com/Sonicwall-01-SSC-6942-TZ105-Secure-Firewall/dp/B009Z7US24 and this https://www.amazon.com/FG-60E-BDL-FortiGate-Generation-Appliance-FortiGuard/dp/B01LWQ03EI?th=1 [link] [comments] |
Monitoring latency between 2 routers with PRTG Posted: 03 Feb 2020 10:48 AM PST Hello, I want to set up latency monitoring between routers on our network. All of our routers at each site connect using an L2 service provided by our ISP. The goal is to be able to provide reports on our latency between our corporate office location and our satellite offices. [link] [comments] |
Posted: 03 Feb 2020 10:45 AM PST I'm trying to update our LTE router configs to strengthen the PSKs used in our DMVPN setup. I'm not super familiar with LTE router configs and I wanted a second (actually 3rd/4th at the point) set of eyes to make sure I'm interpreting this correctly. Here is the sanitized config from one of our DMVPN routers: I see two places where there are PSKs defined: One here:
And the other here:
It seems that the first key is being referenced here:
But I don't see anywhere else in the config referencing the other ones. I suspect that these are not being used and can thus be removed from the config. Can somebody help me confirm that? What is the purpose of that section? [link] [comments] |
Using Ntop to export/alert when new users join a Network Posted: 03 Feb 2020 10:01 AM PST Hi all, Just wondering if anyone is familar enough with ntop to help me out. At the moment I have ntopng running on a Pi 3b+ thats connected via ethernet to my router and im using the web browser within the pi to access ntop (wish I could use my computer, but for some reason cannot). Either way, does anyone know how to set up some form of alert so that when an individual joins/connects to the network, I am told (either through a log export ideally, or an email or other alert form) what the device name is, mac address, time since etc etc., essentially all the info that is located under the 'device' tab of ntop. Thanks, [link] [comments] |
Metadata tags for networking sharepoint Posted: 03 Feb 2020 09:30 AM PST Hey all, I work for a large corporation on the network infrastructure team that currently has very poor documentation procedures. As a company we recently went to the newer version of sharepoint and I have taken it upon myself to try to get the documentation up to snuff. That said, I want to make a flat documentation structure backed with metadata so that it's easy for people to upload their data without having to drill down into a folder structure and eventually become disorganized and also so things are also easier to find. Now to the question: does anyone currently use a flat documentation structure with metadata for network documentation? If so, would you be able to share the structure and categories that you use for your metadata please? I'm currently planning ours out and can't decide what the most efficient metadata tags would be and am looking for ideas and inspiration. Thanks! [link] [comments] |
Cisco RV130 - Not allowing 255.255.0.0 DHCP ranges Posted: 02 Feb 2020 08:21 PM PST I am working to make my AV Control network more robust by replacing consumer grade routers with business class hardware. Disclaimer, I am not a networking professional and am self taught via this forum, YouTube etc. My current setup is as follows: Cisco SG300 switches (all linked via trunks) running 4x VLANs:
I am adding a Cisco RV130 Router/Gateway to serve DHCP and Gateway server for 3x VLANs (via LAN4 as a Trunk to a Trunk port on the SG300) The current parameters for each VLAN are:
For VLAN 1, I am using a 255.255.0.0 subnet as each device type is on its own octet i.e.
This has all been working well for me, however if I setup VLAN 1 as 255.255.0.0, the RV130 will refuse to allow me to setup other VLANS on 192.168.x.x as it claims the interface is already in use. I am assuming this is because 192.168.3.1 on 255.255.0.0 could allow for 192.168.3.1 - 192.168.255.255 , even though I've only set it to issue DHCP addresses to the 192.168.3.100 - 192.168.3.200 range. My current work around is to use my existing TP-Link router for 192.168.3.1 255.255.0.0 and the Cisco RV130 for the other VLANs, but the whole point of this exercise is to have one device to manage all DHCP for all VLANs. Any guidance would be appreciated on the best way to make this happen. [link] [comments] |
Draytek LAN -> LAN rules not working Posted: 03 Feb 2020 02:47 AM PST I have 3 lans configured on my draytek firewall. Lan 2 and 3 are in their own vlan and I have inter-lan routing enabled. When I set the default mode to allow and don't create any rules, hosts in lan 2 can communicate with hosts in lan 3 and vice versa as intended. However, If I create a rule to block all traffic from lan3 to lan2, traffic is still being passed. If I change the default mode to block and then create a rule to allow traffic across the 2 lans, traffic remains blocked. It appears as though the rules have zero effect and aren't getting applied. Edit: The default block/allow mode is a firewall setting rather than a rule set, it must be set to either block or allow and whichever one it is set to , the rules do not work [link] [comments] |
Portforwading with the same Port number to the same router on 2 different WAN interfaces Posted: 02 Feb 2020 08:23 PM PST Hi all, Just wondering if this is possible on cisco.. doesn't seem to have worked for me. I am trying to do some Portforwading with the same Port number to the same router on 2 different WAN interfaces. ip nat inside source static tcp 192.168.0.252 50000 interface Cellular0 50000 ip nat inside source static tcp 192.168.0.252 50000 interface Dialler2 50000 ==> not working, as cisco does not allow me to have 2 similar port numbers. So I can only have one of the above, not both. However, I would need both working as this is a failover config. Thanks so much all. [link] [comments] |
Unifi L2TP unable to route/connect to connected switch? Posted: 03 Feb 2020 03:11 AM PST I've just set up my UDM, and have L2TP working, but I can't for the life of me communicate with a portion of my LAN (that sits on a Dell PowerConnect 6248). I suspect Static Routes or Firewall, but really have no idea. My LAN sits on 192.168.1.0/24 and is a Corporate network without VLAN, my L2TP is configured as 192.168.2.0/29. When I connect to the VPN, I get one of the 6x 192.168.2.x addresses, which is great. Connected to my UDM;
I can connect to the Cisco Switch, Raspberry Pi and Hue Bridge, but not the Dell switch (or anything hanging off it) when connected to the VPN. Naturally, connected to the Dell switch is the bulk of the stuff I need to talk to. What could be missing? [link] [comments] |
You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States |
No comments:
Post a Comment