Networking is Cool Networking

---

• Networking is Cool
• Fiber Connection/Adapter
• Verizon Fios Business Static IPs
• Palo Alto Third Party Support - GoldSeal Support?
• Question About Hard Resetting Modem w/Ubiquiti Access points on Office Network
• PPP and VPN
• Cisco VDC
• Limited access over a VPN tunnel to and from AWS
• Transit/Management VLAN Question
• Do Net Engineers need to know Python in depth?
• Question about Cisco QoS
• Cisco IP/SLA configuration on cEdge devices
• GNS3 or Cisco CML
• BAS Switch
• ASA MAC addresses collection
• How to test UDP packet loss from Windows to VPN gateway

Networking is Cool Posted: 13 Jan 2021 12:21 PM PST Working a little over 1.5 years as a network analyst, and Im really enjoying my job. Got a new manager who is mad technical, getting projects thrown my way to actually do network related work and feel like I have some autonomy to make design decisions. Studying and actually enjoying learning instead of it feeling like a chore or pointless. I just feel super optimistic, lucky and wanted to share. This is such an awesome field. Networking is cool. submitted by /u/RJ45-220V [link] [comments]

Fiber Connection/Adapter Posted: 13 Jan 2021 09:16 AM PST Can anyone help to identify these exact connector types on this one Cisco 6500 switch? https://1drv.ms/u/s!AmPyrdPKrQrcge9r4l6AxH8s200HFg?e=CVLgn6 https://1drv.ms/u/s!AmPyrdPKrQrcge9s0lJDDeje4DlfIA?e=WMl2FM I need to move this connection into a new Juniper switch with different fiber connectors which I'm fairly confident are LC Duplex connectors. https://1drv.ms/u/s!AmPyrdPKrQrcge9uw2YzY25Q4HXuPg?e=Fo7Azc https://1drv.ms/u/s!AmPyrdPKrQrcge9tr1wTXBDocu7AxA?e=BWSB0c Once I'm able to confidently identify these connectors I'll be looking for an adapter if it's possible. submitted by /u/fuzbuster83 [link] [comments]

Verizon Fios Business Static IPs Posted: 13 Jan 2021 11:15 AM PST Random question... Anyone aware of how Verizon Fios delivers Static IPs on the routers they deliver to customers? I'm walking into a situation totally blind... someone else ordered a block of 13 statics from Fios. Trying to plan ahead here for setup. Are all 13 public static IP's available to assign directly to my devices if I plug my devices into the LAN connections on the Fios router? Any insight is greatly appreciated! Thanks submitted by /u/gord1020 [link] [comments]

Palo Alto Third Party Support - GoldSeal Support? Posted: 13 Jan 2021 08:54 AM PST Has anyone ever used GoldSeal Support for their Palo Alto devices? Our VAR is pushing it and it's cheaper and seems to be better than going with directly to Palo Alto support services. https://www.goldseal.support/paloalto.html https://i.imgur.com/15ZRbz2.png submitted by /u/InternetStranger4You [link] [comments]

Question About Hard Resetting Modem w/Ubiquiti Access points on Office Network Posted: 13 Jan 2021 06:57 AM PST First off, please delete if not allowed, but this is a question about our office network. ​ I have been in charge of our company's basic IT/Helpdesk duties for about a year, and I've been asked to do some work on our network in the vein of blacklisting timewasting sites etc. I have very basic networking knowledge, and have only ever worked on my home network prior to this (I have a PiHole on my home network and have set up SMB shares in the past, so i understand the basic terminology). The office has an arris dg1670a modem, and Ubiquity access points. It seems to be a fairly simple network setup from what I can tell. We do not have any servers, and the only clients on the network are standard desktop users over ethernet and wifi for mobile devices. I cannot access the admin settings of the router, as the previous IT Director set up a different password and never told anyone. I know how to hard reset the router to reset it to the original credentials, and plan to do this soon. I understand that the Ubiquiti access points also serve a similar function to a wireless router. My questions are as follows: If I am only hard resetting the modem, and the APs are wired to our switch by ethernet, will the APs continue to function as normal? Or is there something different about the setup and connection process that I will need to enable in the router settings? Being that I've never performed a reset like this on a network this large, are there any other settings i should make sure to review or enable/disable to make sure the network is optimized? The network seems very simple and straightforward to me, but I wanted to bounce these questions off of folks with more experience. Screwing this up would obviously not look good for me so any help is appreciated! submitted by /u/Pumpkinmatrix [link] [comments]

PPP and VPN Posted: 13 Jan 2021 06:55 AM PST Hi! So I am having trouble understanding PPP and VPN. As I first understood it PPP is used to have a secure layer 2 connection between routers(replacement for HDLC). If thats the case I began to think of a scenario. Lets say that I have two sites, site A and site B. Would it be smart to use PPP over VPN to make the connection extra secure? Doing a google search I got confusing answers. It seemed that PPP is used for connecting sites to(????), but VPN is the better alternative(????). Right now I am really confused, so if someone can clearify abit I would really appreciate it. submitted by /u/DiiBBz [link] [comments]

Cisco VDC Posted: 13 Jan 2021 11:15 AM PST If I had physical hosts plugged into a switch but i wanted to split half of those physical hosts.. esxi.. bare metal etc into a VDC with the same vlan ID as the hosts in the other VDC. if we setup proper routing statements would it be possible for those two vdc's to communicate with each other? or in other words for those hosts in each vdc be able to communicate with each other. Could they even have overlapping IP's? maybe there isn't enough info here.. let me know and I can help clarify submitted by /u/killer_carlson [link] [comments]

Limited access over a VPN tunnel to and from AWS Posted: 13 Jan 2021 07:01 AM PST Hi, I've got a weird one. The short of it is, we have a VPN tunnel from our office to a demo environment in AWS. It's a pretty basic setup. We've used the built-in utility on our SonicWALL to configure the VPN. On the Amazon side of things, we have a public and private subnet. Security groups are allowing all access from our LAN on both subnets. Firewall rules are on the SonicWALL to allow all traffic from our AWS subnet. In AWS, I can ping any service that should be pingable, like our firewall or a NAS device. In AWS, I can verify open ports to any port that should be open, like 80 on a NAS or our management port on the SonicWALL. On the LAN, I can ping any service that should be pingable, like the servers we've deployed. On the LAN, I can't verify open ports to any port that should be open, like RDP. In AWS, even though I can ping and test ports, if I try to browse to the management interface of a service (like the NAS), I get "connection reset". Likewise, I can't browse shares or join the domain. I've tried: Recreating the tunnel both manually and with the utility. Setting up AWS is a pretty common thing for us, so I have our base environment setup with Cloud Formation. Disabling firewalls on Windows Servers (temporarily and even though basic services like the NAS don't work, either). Creating a new instance in AWS without any of our stuff on it. Can't join the domain or browse to the NAS or management IP of the SonicWALL. Verified ACLs and security groups in AWS are allowing things. Disabling security services on the SonicWALL one-by-one (and re-enabled) to test. Enlisted our firewall management company to take a look. They say there's no traffic coming into the SonicWALL except for my pings. Turned on logging on my VPC to Cloud Watch. It's reporting these connections, like 3389, as being accepted in both directions. It's also worth noting that this was working before Christmas. It's a demo environment, so no one's really been using it. I guess I just don't understand enough about networking to know how a port could be open, but just time out. It's like the second half of the TCP handshake is being blocked coming back to AWS, but there aren't any firewall rules to justify this behavior. ​ Thanks and sorry for the wall of text! submitted by /u/jackmusick [link] [comments]

Transit/Management VLAN Question Posted: 13 Jan 2021 03:04 PM PST Heya, Was wondering if anyone has advice for implementing transit VLANS. Currently, we have a setup where each site has a L3 head switch and then has static routes back to our distro switch. I am wanting to validate that best practices have the transit VLAN between the L3 Switch and Distro Switch look something like 192.168.1.0/30, giving me just the 2 usable in that network. To clarify the L3 Switch and Distro would share the Transit and the Management VLAN built out on the L3 Switch side would point to the transit for all traffic leaving the site?(as well as any other VLAN built out on the L3 Switch) ---- Please validate or correct --- ​ If you give examples it helps my brain! Thanks in advance! submitted by /u/GroeSD [link] [comments]

Do Net Engineers need to know Python in depth? Posted: 12 Jan 2021 11:36 PM PST Do you actually need to be able to compile your own module? Or can you get away with just knowing modules like Netmiko/NAPALM and how to create a basic script with them? submitted by /u/Fragrant_Prize5790 [link] [comments]

Question about Cisco QoS Posted: 13 Jan 2021 02:13 PM PST I've never had to worry about QoS before, so i'm not really familiar with it. Default has always worked for us in the past. But we're now deploying a bunch of non-cisco phones and i've been told i need to put new QoS policies on our switches to make Cisco trust their dscp markings. My question is when i put these policies out and add them to the switch interfaces that have the non-cisco devices attached, do i have to worry about anything in between that doesn't actually have the phones directly connected, but is just passing the traffic along? I'm assuming, possibly incorrectly, that once the traffic is trusted and prioritized on the interface connected to the device, the rest of the network will trust that classification when the traffic passes through. submitted by /u/Joranthalus [link] [comments]

Cisco IP/SLA configuration on cEdge devices Posted: 13 Jan 2021 01:22 PM PST I know with Cisco SDWAN gear and with vManage you get some really nice stats. However, we're looking at reporting out of some older snmp-based network management systems while also working with newer NMS's. On our older Cisco gear, we use Cisco IP/SLA Jitter probes to report on Jitter, packet loss and latency. I had heard that if you configure IP/SLA probes on Cisco XE (used to be called cEdge) devices, you lose automation and go back to having to manually configure your cEdges. Is this the case? Or can you set up CLI templates you can push to a group of cEdges, providing they are all talking to the same responder? Anyone doing Cisco IP/SLA probes on their new gear so they can integrate them with existing snmp tools? submitted by /u/someotherbruce [link] [comments]

GNS3 or Cisco CML Posted: 13 Jan 2021 12:18 AM PST Hi, I'm looking to build a virtual lab to test scenario's/upgrades for our datacenter setup (3 fortigate firewall stacks, 10 switch stacks cisco/arista/Mellanox/HP/Lenovo). I have already started setting up a GNS server, while I discovered Cisco CML. I gave it a test drive and seem pretty neat, and seems to have most features GNS has. So no I'm a bit undecided which route to go. Is there any reason not to go for CML? CML seems a lot more user friendly than GNS, but I'm afraid it has limited support for non-cisco devices, especially stuff like Mellanox and Lenovo. Thanks! submitted by /u/mitch2k [link] [comments]

BAS Switch Posted: 12 Jan 2021 08:33 PM PST We have a large BAS install where all devices will be static IP and we will need 2 48 port switches We have narrowed it down to these three - we will have one spare switch in the rack but functionally a unmanaged switch would work. The folks here convinced me we may as well go managed. With the budget these are the options i see, do you have a recommendation? We are not network admins. The web GUI will be used if we ever want to check in on them and not the console port (almost certainly). Beyond troubleshooting features we won't need to configure them much it's a simple network with 60 or so devices Ubiquiti edge switch 48 lite HP 1920s 48 port Cisco SG220 48 port Those are all around the same price - and we are leaning towards the HP submitted by /u/tkst3llar [link] [comments]

ASA MAC addresses collection Posted: 13 Jan 2021 01:16 AM PST We are providing over 100 ASAs to our customer so our network can be connected to theirs. We will be configuring and managing these firewalls. A problem with this is that the customer requires the MAC address of the ASA so they can provide us an IP address from their network (idk if they are using the MAC to authenticate us or something). This will require me opening up, powering on, and collecting the MAC address of the interface we will be plugging into the customer's network as the box of the ASA only provides one MAC address and none of the interfaces match to this MAC (I'm assuming this is the MAC of the device itself). Any recommended solutions for this? I was thinking I could assign a locally administered MAC address to the interface when it comes to building them so I can provide a list of MAC addresses to the customer straight away and there's no need to unbox them to get the MAC. submitted by /u/Slight-Letterhead-27 [link] [comments]

How to test UDP packet loss from Windows to VPN gateway Posted: 12 Jan 2021 07:27 PM PST User with Cisco AnyConnect connecting to the ASA via ssl vpn have connectivity issues. Only few users in a particular country has the issue(not china). We have users connecting from all over Asia without any issue. Now because we use DTLS, I suspect due to congestion/throttling, UDP is being dropped by the ISP. A simple ping test won't cut. Can't have iperf. Is there anything we can ask ask the user to check so that we can see whether UDP is being dropped? Installing 3rd party applications on the users laptop might not be approved. submitted by /u/sec_admin [link] [comments]

You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion.. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States