Network scanner that always runs? Does it exist? Networking |
- Network scanner that always runs? Does it exist?
- WatchGuard firewall — what are the benefits of Secondary IPs used in (External) Interface
- P2P with POE Passthrough
- Anyconnect Issue from Mac
- Sophos XG Firmware Updates
- What information do you out in your exec banners?
- VPN tunnel is up, but it's not passing traffic.
- Using extraip.com with fortinet
- Top-of-Rack Access in Spine-Leaf DC designs
- Suggestions for an SD-WAN provider to replace Meraki
- Cisco UCS FI and 5548 MTU
| Network scanner that always runs? Does it exist? Posted: 26 Apr 2020 11:11 AM PDT I'm looking for a program that continuously scans a set of subnets for any open TCP/UDP ports (at a low/configurable rate) or ICMP messages (any and all) - and feeds it to either something parse-able or something like an SQL. Google has delivered NMAP and a "super elite port scanners". I suspect NMAP might be a bit overkill and aggressive and still needs programming to deal with (which is fine). Or has anyone seen script/source(s) (of basically any language) that would go a long way to get there? This is to detect misconfigurations and such. It does not need any detection of what actually runs there. Even half-way suggestions are welcome. [link] [comments]  |
| WatchGuard firewall — what are the benefits of Secondary IPs used in (External) Interface Posted: 26 Apr 2020 12:01 PM PDT I'm moving (replicating) the server/RDS from one site to another. Both sites have a WatchGuard firewall, but only one has secondary IPs added to one of the external interfaces (leased line). All this was configured by someone before my time and I'm learning from back to front 😋😎 Different things such as BOVPNs use different IP and not the primary IP. I use the primary IP for the management. At the new site, can I assign the primary IP to everything? (Not like I have a choice) I guess I'm just not 100% sure about the benefits of having additional external IPs other than separating traffic. Also, can I just move all those additional IPs from one watchguard to another? The first watchguard won't need them anymore. Not sure how that works with the ISP provider either... both sites have a leased line provided by the same ISP. [link] [comments]  |
| Posted: 26 Apr 2020 02:02 PM PDT Does anyone have a recommendation for a good, solid Point to Point device w/ POE Pass-through to go less than 1 Mile? My go-to is Cambium, but they don't have anything other than 250Km P2P devices from what I can tell. Ubiquiti is a bit "consumer-grade" in this department. On the pass-through, POE 802.3at Class 3 (11.0w) is possible, but Class 4 (17.0w) is preferred. [link] [comments]  |
| Posted: 26 Apr 2020 09:45 AM PDT \*To begin with, for the VMware stuff I am talking about, I do not use hostnames for the browser connections, and connect with the actual ip, (i.e.* https://192.168.1.36/ui).\** I read reddit all the time for help on issues, but I rarely post, but I'm at a stopping point. I really need help and google/reddit/everything else aren't doing anything. A couple of years ago I migrated our corporate environment from an ASA 5510 to a Cisco Firepower 2110 with FMC. We've always used Anyconnect as the client obviously. I run a couple of Mac's, (and am the only user in the company that does, the rest of my IT Team use Windows), and Anyconnect has run flawlessly for years. Yesterday, during the middle of a VMware migration, (we setup a new VMware cluster and installation and I was migrating all the VM's from the old hosts to the new), I plugged my Macbook into my wired connection and my connection through the VPN went screwy. I all of a sudden could not access my ILO screen's, the VMware host screen's or any other intranet site at work, (FMC, Cisco Wireless Controller, Sharepoint, our time and attendance, etc). Regular internet traffic was still working. Obviously, I checked the status of the Anyconnect client, (it had reconnected). I began really testing this, so, as stated above I connect with IP addresses, not hostnames for VMware, so, I assumed this was not a DNS issue, but still tested that. I can ping everything, via IP address or hostname. It all works. I can RDP across Anyconnect, (which is how I finished the migration btw), I can telnet and SSH to all devices, including my VMware ESX systems. I can browse to the intranet to a non port 80 or 443 address through a web-browser, (i.e. the vSphere Server Appliance configuration page is at https://xxx.xxx.xxx.xxx:5480 and that works flawlessly). So, everything works, except port 80 and 443 from ANY WEB BROWSER. I tried Safari, Edge Chromium, Google Chrome, Firefox, I even installed Tor and that didn't work. If I do a portscan on one of my devices, 80 and 443 show as open. If I run my windows 10 VM on Parallels, and connect through the Anyconnect VPN, it works fine. My other Mac works fine, this is clearly a problem with my primary Mac only. Things I have done: A) Create a new location in network preferences B) Checked the routing tables, (though, everything else works, why would this not be right?) C) Delete and re-add Wifi D) Delete NetworkInterfaces.plist, com.apple.wifi.message-tracer.plist, E) Uninstall and re-install Anyconnect. Also, remove the Anyconnect configuration files, and profile F) Rebooted a million times G) Googled. Alot. Again the action that caused this was simply plugging an ethernet cable in while I was connected to the VPN over WiFi. Any suggestions? My good friend and fellow Network Admin/Manager suggested I wipe and start over with the Mac. Well, with the whole work from home thing, my time machine backups are not current. Also, WHY is that always a solution? I have thought about calling Cisco and/or Apple, but I have a feeling they will point at each other and not help. Although my inclination is to call Cisco first if it comes to that. [link] [comments]  |
| Posted: 26 Apr 2020 03:30 PM PDT Are there any other XG users here who are as nervous as me when it comes to updating firmware? Maybe I've just been unlucky but we've had two different XG210 rev3 units "shit the bed" when it comes to updating them over the past 12 months. One occured on Tuesday last week, rebooted the unit so it had a fresh boot and then downloaded the firmware within the management interface and told it to apply and reboot. Well it never came back, and after waiting two days on Sophos support we finally got an RMA agreed and a new unit is going to be with us some time next week - that in itself is a bit frustrating given we have the all bells and whistles support. Just so happens we had spare kit available at this site because we can't seem to rely on Sophos turning things around quickly. I've got another to update this week, just nervous to push the button. I probably manage close to 50 firewalls and they're a mixture of vendors but I've never seen such issues with other vendors equipment. [link] [comments]  |
| What information do you out in your exec banners? Posted: 26 Apr 2020 01:00 PM PDT We all know about MOTD/login banners and the legal notices that usually go in there. But I've actually never used the third banner; exec. The only information that I've come up with that you could put in are: * Connected devices - Saves you from looking at CDP/LLDP neighbors. * Important uplinks on the device. * Jokes What information do you put in your exec-banners? [link] [comments]  |
| VPN tunnel is up, but it's not passing traffic. Posted: 25 Apr 2020 10:20 PM PDT This issue is driving me up the walls. I'm here to use the reddit hive mind to see if I can find a solution. I have two ASAs. One in the US and one in Europe. Tunnel is up. Both phase one and Phase 2. I also see SAs built. show crypto ipsec sa peer x.x.x.125 shows details for the SAs built. The problem is that I can't ping across. Not just ping, any traffic. When I do a packet capture on the outside interface of both FWs, I see esp (proto-50) packets leaving US, hit, EU and leave EU but never get back to the US. I can show you output of capture if you need it. What's strange is that this starts working randomly for like a day or so and then goes back down for a day or so. Additional information is that the US ASA has several other tunnels that are working with no issues. Has anyone had anything like this? edit: one more thing. One packet out of like 100 gets through. smokeping (from US) to a host on the other side of the tunnel. https://i.imgur.com/xV8II57.png smokeping to the outside interface of the ASA is pure green. edit 2: going to bed. I will reply to all of you tomorrow. Thank god this is not a customer impacting issue. [link] [comments]  |
| Using extraip.com with fortinet Posted: 26 Apr 2020 09:56 AM PDT Until today I've been using a pfsense router but decided to switch to fortigate, however until now I am unable to get my extraip.com tunnel working, I've followed the guide at: But I am unable to get it to work, anyone who had experience in setting this up? [link] [comments]  |
| Top-of-Rack Access in Spine-Leaf DC designs Posted: 25 Apr 2020 10:54 PM PDT Hi guys - so most spine-leaf architectural depictions that I've seen in vendor documentation, marketing materials, and educational resources are two-tier models, with access switches connecting to every core switch in typical Clos fabric. However, it seems to me that if you're using top-of-rack switches in the access layer, the L1 infrastructure required would get a bit out of control... If we're looking at a medium-to-large sized DC, wouldn't it make more sense to design a 3-tier model where every TOR switch connects to 2+ EOR switches, and then those EOR switches connect to all the core switches in the Clos Fabric? You could still scale-out at the access layer installing additional EOR switches if needed. If what I'm saying DOES make sense, then why isn't this sort of design commonly depicted? I mean, I know not every deployment will use managed TOR switches; some will have EOR only, others will have FEX (though isn't Cisco sunsetting it?), but my impression has always been that TOR tends to be the preferred design choice these days, at least in pods where do you don't have a bunch of large blade servers. [link] [comments]  |
| Suggestions for an SD-WAN provider to replace Meraki Posted: 26 Apr 2020 12:29 AM PDT Hi all. We're currently rocking Meraki MX appliances for our SD-WAN deployment, consisting of 2 data centres and multiple remote branches of varied size. We have a mixture of P2P Ethernet circuits and public internet circuits. While Meraki has served us well, they are now holding up our IPv6 deployment due to their lack of v6 forwarding capabilities. We're tired of waiting for them to pull their thumbs out so I'm starting to see what else is on the market before our Meraki subscription is due for renewal. Do any of you have recommendations for another vendor we should be considering. I'm not particularly clued up on the competition if I'm honest. [link] [comments]  |
| Posted: 25 Apr 2020 07:49 PM PDT We have a Cisco UCS setup with a pair of FI's and a pair of 5548. MTU is set to 9000 on FI's by using QoS and also followed the below commands to set the jumboframe on 5548's: switch(config)#policy-map type network-qos jumbo switch(config-pmap-nq)#class type network-qos class-default switch(config-pmap-c-nq)#mtu 9216 switch(config-pmap-c-nq)#exit switch(config)#system qos switch(config-sys-qos)#service-policy type network-qos jumbo After all this, I used sh queuing interface eth 1/17 to veirfy and I do get the following which confirms the MTU = 9216 RX Queuing qos-group 0 q-size: 469760, q-size-40g: 0, HW MTU: 9216 (9216 configured) Here's the question: When I issue the command to check on the port-channel MTU size, I still see 1500 on the port-channel, sh interface port-channel 101 port-channel101 is up vPC Status: Up, vPC number: 101 Hardware: Port-Channel, address: 0005.73f2.eda8 (bia 0005.73f2.eda8) Description: To FI-A MTU 1500 bytes, BW 40000000 Kbit,, BW 40000000 Kbit, DLY 10 usec Why is it still showing 1500? I thought the MTU setting should be global? Thanks!! [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking news, blogs and discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment