FCC Has Announced Supply Chain Reimbursement Program Rules and Filing Window for Huawei and ZTE Gear Networking |
- FCC Has Announced Supply Chain Reimbursement Program Rules and Filing Window for Huawei and ZTE Gear
- Netbox greenfield deployment question...
- Flat to Vlan question Pfsense and SG500x
- Agentless, certificate-less, transparent SSL content filtering?!
- Strange disservices with FireEye and FortiGate
- Meraki MR33 & 36 - Mesh or other deployment for seamless roaming in 3 storey building?
- Tool to Scan Network for Vulnerable CPE?
- Cisco branded Finisar transceivers ?
- Aruba VPN heartbeat issue
- Collapsed Spine for DCI with AnyCast?
- Multicast VRF with one single different channel stream
- Cisco ISR4331/K9 - How to connect to another Speed.
- Is there a difference between cat 6 and cat 6a keystone (punch down) patch panels.
- Cable Management between racks
- What type of internet circuit(s) do you use for your UC environment?
- Any good YouTube channels/videos/playlists on ACI networking?
- Virtual Machine for VPN Connections to Client Sites?
- Cisco Catalyst Virtual Stackwise Breakage Triggered By Unknown Reason
- Dell PowerConnect 5500 Series switch question? VLAN Static Routes?
- wifi network monitoring tool for windows?
- Strange Issue with ISP Connection
- Advice for upcoming comms room re-patching project
- LAG vs. one single port
- How to send and receive multicast on two laptops?
| FCC Has Announced Supply Chain Reimbursement Program Rules and Filing Window for Huawei and ZTE Gear Posted: 29 Sep 2021 09:34 AM PDT Here's an article summarizing the details: If you'd like to read the official FCC text you can find that here: https://www.fcc.gov/document/fcc-announces-supply-chain-reimbursement-program-filing-window Relevant details are:
[link] [comments]  |
| Netbox greenfield deployment question... Posted: 29 Sep 2021 08:52 AM PDT If you were starting a new Netbox ( https://github.com/netbox-community/netbox ) deployment today, would you start with 3.x instead of 2.x? We are a saltstack/nagios+prometheus shop and are very interested in available integrations and plugins, however we foresee 2-3 months of initial data entry work for a new network we are building before we can even think about new integrations. It seems like the 3.x series is moving along nicely and plugins/integrations are catching up fairly quickly -- but we're not tied into the Netbox community and we've never used it before other than general testing... Anyone have any thoughts? [link] [comments]  |
| Flat to Vlan question Pfsense and SG500x Posted: 29 Sep 2021 01:43 PM PDT Hey all, I am trying to move away from a flat network to vlans but ran into some issues the first time I tried this. Current network is one flat 192.168.x.x address space. There is a LAN interface connected to my L3 switch. I added new vlans on the switch, created a new_LAN interface on pfsense and assigned a vlaned interface from the switch to the pfsense router. New vlans are 10.10.x.x/24 with a /30 address for that vlan interface to the new_LAN interface on the pfsense. Thanks to a fellow Redditor for pointing out my switch could not do a routed interface I am able to talk between the new vlans but no Internet access. Also how do the old and new networks to talk? I assumed I needed to add some rules at the firewall level which I did. But all of the traffic is going out the default route on the switch which is the old 192.168.x.x network which is a problem for the new vlans. I've looked this up a bit and there was a thread about creating policies on the switch that specify which route a vlan should take. Is that my only option at this point? [link] [comments]  |
| Agentless, certificate-less, transparent SSL content filtering?! Posted: 29 Sep 2021 11:35 AM PDT Back in 2014 I used to manage a bespoke SSL Inspection content filter, which we provided as a service to thousands of schools in the UK. The only catch? A root CA had to be deployed by the schools IT staff in advance. It was your bog-standard MITM as a service :) For years, at subsequent jobs I've touted to many a director that filtering the content on an SSL protected website is not possible without a CA. Everytime it would just revert to me saying the same thing: "I can stop them from going to pornhub, but not searching Google images for 'Boobs', not unless we roll out a certificate". With the surge in BYOD, getting people to install this certificate, or agent or whateve, is becoming harder and harder, and guest WiFi is a whole different beast. The compromise has always been DNS filtering, or forcing safesearch etc However, all this to say, I was having this exact same conversation with a colleague today - and he disagreed with me, having even claimed to have seen a product offering agentless, certificate-less SSL content inspection. He didn't recall what the product was, or where he'd seen it and I can't find anything online (outside of some fringe DPI based stuff). This violates my very understanding of how SSL works, and if true, surely the entire planet is screwed as suddenly you can just use this tech to catch people's bank pins in transmission?! I'm not crazy right? Or is there some magical tech that appeared without me noticing? [link] [comments]  |
| Strange disservices with FireEye and FortiGate Posted: 29 Sep 2021 11:13 AM PDT Hello to all engineers, I would like to submit to you a rather particular situation to which I cannot find a solution. I have a rather small network where in site A there is a LAN / 24 populated by physical PCs and VDI; the VDI reside in site B, which is equally large. Site A and Site B firewalls are FortiGate v6.2.7 and do not suffer from any particular problems. The FireEye is not in my management and the technician is investigating any scheduled jobs and errors, but until now he warns that everything is ok. If there is no saturation, RAM / CPU overload of the network devices, but if switching on the node to which FireEye is not connected the problem is solved, what can be the reason for the inefficiencies? What analyzes can I carry out? How would you behave? I can't reproduce it on command. Thank you associates! [link] [comments]  |
| Meraki MR33 & 36 - Mesh or other deployment for seamless roaming in 3 storey building? Posted: 29 Sep 2021 09:25 AM PDT Hi! I have a Meraki MR33 and MR36. I want to create a seamless SSID for a 3 storey building so that WiFi is strong throughout. I'll be running a pair of consumer power rails to connect the AP on the 3rd floor to the Meraki MS. What's the best approach to achieve a seamless WiFi network where devices will auto switch to the strongest AP on the same SSID? PS: I'm aware of Meraki mesh capabilities, but this seems to be for a scenario where ethernet is not available in the remote location. This will be my default if I can find no other good solution. Thanks! [link] [comments]  |
| Tool to Scan Network for Vulnerable CPE? Posted: 29 Sep 2021 07:59 AM PDT Does anyone know of an open source project or tool to scan networks for known CPE vulnerabilities? For example, I would like to find any vulnerable home wifi routers in the network that might be used to source or amplify DDoS attacks. I did some searching and couldn't find anything that really fit the bill or that wasn't targeted as a commercial product at enterprise networks. [link] [comments]  |
| Cisco branded Finisar transceivers ? Posted: 29 Sep 2021 07:16 AM PDT I've found some weird transceivers which are CISCO Branded but when checking the firmware they are Finisar. When checking the transceiver via a Nexus switch they report part number: FTL410QE2C-C1 Which is a Finisar model, but they are branded as CISCO QSFP-40G-SR4 (Which usually we expect AFBR-79EIPZ-CS2 or similar) When checking the CISCO label, the only difference is that the serial numbers use different prefixes and the construction is slightly different. Has anybody seen something like this or knows what they are? To me they seem like Finisar transceivers sold by CISCO, but I don't really know. They also don't report TX and RX power, they just report N/A. Could they be different manufacturer transceivers or just counterfeit ones? (Even if for a counterfeit maybe would make much sense to use high quality after market transceivers like finisar) Thanks! [link] [comments]  |
| Posted: 29 Sep 2021 03:58 PM PDT I'm stuck. Clients are doing cert auth and can download the VIA profile. The network tab of the VIA client shows it receives an inner IP, but what is odd is the VPN Packets Sent/Received shows most often 0/and some quantity received. So it appears the controller sends to the client but the client is not sending a reply. Wireshark says the client is pinging the controller but no response seen. We're using ECDSA, Suite B for auth. Sometimes the client shows it sent data but nothing received. If I remove the ECDSA (Which used to work) and go with User/pass auth and a more basic encryption, hash, and DH group 14 it stays online just fine. So its not network but it's perplexing why it can't send when using the more secure configuration. Any suggestions? [link] [comments]  |
| Collapsed Spine for DCI with AnyCast? Posted: 29 Sep 2021 07:42 AM PDT So I'm probably way in over my head, but I'm trying to design a DCI VXLAN deployment so that we can do same-subnet failovers between our prod environment and our DR environment. Basically instead of start-up scripts having to change IPs when a server fails over, I'd like to rely on AnyCast to allow me to have the same IPs in both places. The kicker is that I'm trying to do this with only a single pair of Nexus 9k's in each DC - essentially a "collapsed spine" that connects directly to our UCS and SAN environments. Is this even possible? I'm completely new to VXLAN and while I generally understand how it works after reviewing basic documentation, I can't seem to find documentation for this particular scenario (although I have found reddit/Cisco forum posts that are similar). The basic topology would be a pair of 9k's in each data center with UCS and FI downstream, and some sort of WAN connectivity upstream (this hasn't been decided yet). Basically just assume the 9k's will be able to route to one another. Any assistance with just getting started would be greatly appreciated. So would a "no that's not possible, don't even try." And yes I KNOW I'm going to get a ton of "you shouldn't be extending L2 across DC's" - well I don't have a choice because this is what the company wants. Worst case I'll use xconnect. It's going to make me cringe but ya know what, it works :) I have the topology setup in CML because I was going to try to have DCNM build the fabric for me, but it doesn't have a template that matches what I'm trying to do unfortunately. Thanks! [link] [comments]  |
| Multicast VRF with one single different channel stream Posted: 29 Sep 2021 03:47 AM PDT Hi, We having a multicast vrf with a single RP point (provided by the IPTV provider) where we want to import a single IPTV channel from a different source (other provider). Kind regards, Michiel [link] [comments]  |
| Cisco ISR4331/K9 - How to connect to another Speed. Posted: 29 Sep 2021 11:14 AM PDT I have a Cisco ISR4331 that I use as a jumpbox to troubleshoot other switches and routers. I can connect to other Cisco switches no problem but when I am trying to connect to another vendor switch/router since the speed is different all I get is gibberish. From my regular lixus box I type the following Telnet hostname(Cisco ISR4331) port (2002) That allows me to connect to switch or router connected using cable port 2. My question is how can I change the bit rate/speed so I can see the output of the other vendors console port? FYI, I tried to see if I could add the speed on the command but it does not work and I can't find documentation about it. Thank you [link] [comments]  |
| Is there a difference between cat 6 and cat 6a keystone (punch down) patch panels. Posted: 29 Sep 2021 10:53 AM PDT Title says most of it. I am running ethernet for an office for the first time. I am primarily a cloud guy, so don't rack and stack much. I want to terminate the solid core cat 6A cable into a patch panel, and then patch those into my switches. In looking for keystone patch panels, I dont see cat 6 or cat 6A specified anywhere. Are they all compatible since I will be punching down the wire myself? [link] [comments]  |
| Cable Management between racks Posted: 29 Sep 2021 10:00 AM PDT Looking for recommendations for horizontal cable management between our Tripplite 42U Smart Racks. We got these racks so we could move them around as needed. I don't want to have to run cable between the two by going through the drop ceiling and back down. I would like to go straight across. However, I am afraid that anything too rigid will not allow us to freely move our racks. Thoughts? Solutions that have worked for you? [link] [comments]  |
| What type of internet circuit(s) do you use for your UC environment? Posted: 29 Sep 2021 01:33 PM PDT I'm looking into moving away from on-prem UC to UCaaS. We currently run MPLS circuits at remote offices and though they are nice, they're expensive as all hell. I feel that with modern enterprise-class internet circuits could probably run voice/video with no problem as long as it's QoS'd and bandwidth is plentiful. Do any of you do this? Have you had any challenges with quality? Am I going down the wrong path? [link] [comments]  |
| Any good YouTube channels/videos/playlists on ACI networking? Posted: 29 Sep 2021 01:25 PM PDT We are in the process of fully converting to ACI from FabricPath and while most of the stuff I do on ACI is automated, I would like to find some good resources to learn more about it in an applicable way that's not just reading from a book. I would like to be able to troubleshoot more on my own as well as just understanding what's going on behind the scenes when I run an automated script. [link] [comments]  |
| Virtual Machine for VPN Connections to Client Sites? Posted: 29 Sep 2021 12:59 PM PDT Is it possible to have a VM configured with many VPN network connections? My company has many clients that we can connect to to troubleshoot issues with in their networks. I have to configure all of my techs PCs to have access to all current and whenever we get a new client, the new environments. Then if they leave the company, I have to remove that access. I thought of just giving them access to a machine at the office that has all of these devices configured, but I ran into routing issues. I ended up forwarding the RDP port thru our firewall, creating one user that everyone uses, and setting up all of the connections with in that setup. It has worked ok for us since then, but we have had issues with it:
I thought that I could set up a Cloud Based server for this, and give everyone user-level access. But as soon as the VPN connection negotiates, the RDP connection drops. Am I going about this wrong? Is there another service or device that will handle this issue? Thanks! [link] [comments]  |
| Cisco Catalyst Virtual Stackwise Breakage Triggered By Unknown Reason Posted: 29 Sep 2021 09:08 AM PDT Hello all, Just looking for anyone who has ever experienced this before to provide the reason this happened to them. This is a head scratcher. My team was cutting over to a pair of two new firewalls that connect to a Cisco Catalyst C9410R stack. Just to be clear, both the old and new pair of firewalls are connected to this Cat. Both pairs are configured in an active/standby high availability cluster. After an unsuccessful cut-over, my team rolled back to the old firewall pair. During the rollback process, the stack broke and both chassis' started acting as standalone switches. It took several reboots to fix this issue. After the stack was brought back, the member switch lost its configuration. Has anyone experienced something like this before? [link] [comments]  |
| Dell PowerConnect 5500 Series switch question? VLAN Static Routes? Posted: 29 Sep 2021 12:35 PM PDT Have a question and see what are some of my option to make this all work. currently the network is pretty flat. only 1 VLAN that is isolated for all iSCSI traffic. What I wanting to accomplish is separate Samba file share and NFS files hare. There are two NAS boxes and both have Samba file share and NFS file share open. Currently they share the same interface. What I want done now instead is move Samba file share to VLAN80 (10.0.80.0/24) and then NFS file share to VLAN90 (10.0.90.0/24) Now each of these NAS box is running Linux (XigmaNAS) both server have multiple NICs. The one I am interested in configuring is a Intel X540-T2. Port 1 (10.0.80.2 NAS 1 & 10.0.80.3 NAS 2) will go to the Samba file share and Port 2 (10.0.90.2 NAS 1 & 10.0.90.3 NAS 2) will go the the NFS share. Regular traffic is 192.168.90.0 I need 192.168.90.0 to communicate to both 10.0.80.0 & 10.0.90.0 however I want 10.0.80.0 & 10.0.90.0 isolated from each other. Do I need to setup a static route in the 5548 & 5524P? Do I need to assign an IP4 address to the 2 interface (since there are 2x VLANs) on the PowerConnect switch? The physical connection would be using the 2x SPF+ ports on each switch while using the HDMI cable as link to each other [link] [comments]  |
| wifi network monitoring tool for windows? Posted: 29 Sep 2021 12:01 PM PDT We have a high profile user at my job who is having difficulties working remotely, he often gets disconnected from the Microsoft RDS and our VPN. It is my suspicion that it is simply due to poor wifi strength as i've seen the signal dipping a bit here and there. working on windows 10. is there a wifi network monitoring tool that could be used to actively monitor his wifi connection quality/strength etc throughout the day? Then we could compare this to the vpn disconnect event logs. Native to windows would be ideal but open to third party. thanks!! [link] [comments]  |
| Strange Issue with ISP Connection Posted: 29 Sep 2021 09:27 AM PDT Ok guys. I have a weird one for you!! I have a customer who has new internet with Cox with static IPs. I have attempted to install 2 different SonicWalls and 1 soho router. All are factory defaulted. Once routers are installed, they cannot ping the gateway or access the internet. However, I can connect to internet and gateway with a laptop connected directly to isp. [link] [comments]  |
| Advice for upcoming comms room re-patching project Posted: 29 Sep 2021 07:06 AM PDT Hi guys, Anyway, I've inherited a project at the new place to install 3 new 48-port switches to combine to a total of 8 switches across our 3 48U cabinets. While I have installed switches in cabinets plenty of times, these were either totally new builds or emergency repairs where cable management etc was not of major concern. This time however, we're looking to completely re-cable all 3 cabinets for ease of management and to improve the overall aesthetic. The caveat is that we currently have a total of 27 24 port patch panels in the cabinets, with an expectation for this to grown by a few more in the next year or so. Of course, this means we have a pretty large overlap of patch panels to switches. Luckily, not all of the ports on the patch panels are used, however there will be an expectation to be able to quickly/easily move cables between the panels/switches in the future, as-and-when they're needed. I'm currently planning the layout of our 3 cabinets and am trying to work out how best to set it all out. There's no set deadline so I can spend as long as I need (within reason) researching, planning and testing solutions before the final implementation. I was wondering if there are any resources you guys could point me to please so that I can learn how best to plan my racks? This is a project far larger than I'm used to, but I still want to get it right. I'm struggling to work out where I should be placing each patch panel and their corresponding switches. Some additional info that may also help:
Thanks for reading, and I hope I've provided enough information. I'm not asking for the project to be planned out for me, but if you have any suggestions of how I should lay this out, can tell me any keywords I should know to help my research or can point me in the direction of any good resources out there would be of great help to me. [link] [comments]  |
| Posted: 29 Sep 2021 01:44 AM PDT This might be a foolish question, but what are the main reasons for doing a LAG (e.g. 10x10G ports), instead of just having a port with the same throughput (e.g. 1x100G) ? Is it redundancy, is it cost, or something entirely different ? [link] [comments]  |
| How to send and receive multicast on two laptops? Posted: 29 Sep 2021 02:07 AM PDT Hi guys, In my lab I have a setup with two switches (of different brands), in which I have to prove, if the multicast configuration on both is correct and multicast traffic is traversing the MPLS network or rather VPLS orderly. I have two laptops (MacBooks) connected, one on each switch at the end of the VPLS. So, what is the easiest way/tool to send out multicast traffic between these two laptops? Anyone has a fast to establish idea? [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment