How do you guys handle job stress/anxiety? Networking

---

• How do you guys handle job stress/anxiety?
• Beamforming vs spatial streams? How do they coexist?
• Not sure where I stand with the market.
• Hotel wifi login page & company firewall
• SSO/Federated auth, 2FA etc for console/management port access?
• Meraki 2 Switch Stacking
• How to block some specific country to access your services?
• Where to find freelance Networking
• Could cell phones connect to multiple cell towers at the same time?
• Help a broadcast engineer out!
• Help needed with Cisco Anyconnect & Okta mfa integration!
• Conferences in Europe about networking
• mirroring by Virtual functions on same single interface
• Services like OpenVPN cloud?
• Multicast Traffic Over Single Link In LACP Aggregate
• VOICE VLAN Issue
• Intervlan Arista to Cisco (Newbie)
• [HELP] Path.net / tempest reseller
• Controlling East/West Traffic?
• Can a switch replace a fiber modem ?
• Consolidate switch question
• Troubleshooting L2TP and S2S, how to best tackle this?
• Problems with an Edge Core switch
• Client VPN vs site-to-site VPN for services communication?

How do you guys handle job stress/anxiety? Posted: 04 Mar 2022 11:29 PM PST As the title says, I'm just curious how everyone handles work stress and how stressful you consider you job? ​ My story: I worked at a fortune 500 company as a network engineer where I helped manage 60+ locations with a few team members. I only worked on the LAN, that being layer 2 switches and wireless. 90% of my job was remote half being in different time zones all over the world. From what I was told when hired was they always assign more work than you can handle so prioritizing task is very important. As with any networking position I was basically on call 24/7, all locations operated 24 hours a day and down time meant lost revenue. On top of daily task, updates, repairs, working with the security team on why ports are being block (literally 90% of my daily task,) we also had huge projects with deadlines. Lots of meetings which required multitasking, troubleshooting with other site leads while being on mandatory calls. I'd say 50 percent of my day I was in a meeting all while having to do my daily task and work towards my projects. Not to mention projects had weekly meetings to update the progress and present what has been accomplished, what still needs done etc. Also, not to mention the stress that is applied when a site goes down and the company is losing 6 figures every hour the site is down. I guess I really just wanted to vent, but I ended up leaving my job do to mental health issues. The job paid really well, I had to downsize my life a lot and I often wonder if it was worth it. I'm curious if I just had a terrible job or if others struggle with workload/stress and how you deal with it. Just from personal experience, I can't imagine another job/career that is more stressful than IT. submitted by /u/DisappointingPanda [link] [comments]

Beamforming vs spatial streams? How do they coexist? Posted: 05 Mar 2022 02:31 AM PST I've always been confused by this. So the way I understand it, beamforming with Wi-Fi is essentially a very basic form of a phased array antenna. If you have a 4x4 access point, it can use the 4 antennas to transmit with a slightly out-of-phase signal from each antenna, so then you get constructive interference in a single direction, forming a beam. Okay, but don't you need all antennas to be broadcasting the same thing for this to work? They're all acting as a single phased array antenna in this scenario. So how can it coexist with MIMO, which requires each antenna to broadcast a different spatial stream? Or am I misunderstanding this? submitted by /u/Qbccd [link] [comments]

Not sure where I stand with the market. Posted: 04 Mar 2022 08:35 PM PST No, I'm serious. What do you do at work? I was an out of work civil engineer that was laid off in 2017. Because my skills didn't translate to systems administration on paper, I had to start back at the bottom. Help Desk. I worked my way up and was promoted every year. 1, 2, 3. Then I was asked to interview for a Network Administrator 1 position. Got the job. One year mark, my review comes up. Promoted again. Network Administrator 2. Unfortunately this company has some really interesting ideas on how to convert from "mom and pop" to Enterprise, and in my opinion, they're doing it wrong. So I'm looking elsewhere for work. I don't mind enterprise. In fact, I like the idea. I just don't like the way they're hiring more managers and keeping the worker bodies stagnant/slowly shrinking due to people leaving. Everyone is constantly understaffed and we're all burning out. My issue is... I only have experience as a network administrator in one company, and I have absolutely no idea if I'm doing less, more, or what is normally expected of a network admin at most companies. I know that there are ton of variables. Company size, government work, public sector, finance, etc... that play a part in how many hats we do or do not wear. I guess I'm trying to say I'd like to see if I can get a bit of an average of what you all work on regularly as network admins. My duties are ticket queue resolution for network related issues. Network issues, according to my company, are the obvious: Determine cause of high latency/outages Stage and deploy new network equipment: Cisco Routers, Switches, and firewalls (mostly modified templates) MSP management Firewall management, including rules, VPN users, and module troubleshooting Switch port configuration changes as users move around Access Point deployment Superscope/scope/subnet management DHCP management Cisco CM management (Mostly with MSP assistance) ISP coordination with new sites Runbook documentation creation and maintenance Topology map creation Vulnerability mitigation on network hardware My issue is, I'm afraid that because we are spread so thin, I'm unable to really deep dive and become a pro at any of this. I feel like I only understand about 15% of what I should actually know. I feel like it's all surface level knowledge and I barely know just enough to get the tickets closed. My question is, am I behind? Am I useless elsewhere? Am I on par with the market with my experience? What do you all do in similar roles as me? Thank you all for your time Edit: Formatting submitted by /u/DiscountPhil [link] [comments]

Hotel wifi login page & company firewall Posted: 05 Mar 2022 06:35 AM PST Hello I'm not sure if this is the correct sub to post this question on but I thought I would start here. The hotel chain I stay at doesn't do the standard enter wifi password to connect; you connect to a public network and can't browse anything until you load the hotels wifi login page and enter you name and room number. Unfortunately my work laptop won't let me load the hotel's wifi login page until after I connect to the VPN. But I need wifi to turn on the VPN so I'm stuck. I've tried to mobile hotspot, connect to vpn, and then load the hotel wifi login page - but as soon as I connect to the hotel public wifi, the VPN drops, and the login page will not load. I would normally think it just means I won't ever be able to use the hotels wifi and will stuck using mobile hotspot when I travel but sometimes the hotels wifi login page will randomly load before I've connected to VPN. And then I can connect and everything works perfectly. It always seems to happen randomly after multiple failed attempts of it not loading. I was just curious if anyone could explain why it randomly works sometimes and will load for me but most of the time will fail? And if there is anything I can do force the wifi login page to load? Thanks for reading and for any suggestions :) submitted by /u/Candypaint114 [link] [comments]

SSO/Federated auth, 2FA etc for console/management port access? Posted: 04 Mar 2022 07:10 PM PST How do you guys protect console or management port access to network gear? By default, it seems most only support username/password based authentication - either through local accounts, or RADIUS, TACACS+ etc. However, are there any options for things like SSO, Federated logins, 2FA integration etc? submitted by /u/victorhooi [link] [comments]

Meraki 2 Switch Stacking Posted: 05 Mar 2022 02:40 AM PST Hi All! We are seeing some strange issues with a few new setups where we have 2 Meraki switches stacked together. We do not see the same issue with more switches stacked in a ring or where we have an an aggregation switch. The issue appears to be related to DHCP where some clients end up getting a 169 address. We are not snooping and these clients are on the same vlan as the windows DHCP server. The Meraki dashboard shows the DHCP server and it is not blocked. Rebooting the stack fixes this for a week or so before it returns. The thing I want to check is so simple it's insane. But these setups all have 1 stacking cable. Either port 1 to port 1, or port 1 to port 2. This is shown in the documentation as port 1 to port 2. Looking more there are videos showing 2 switch stacks with 2 stacking cables crossed over. So… Anyone else got a 2 switch stack with just 1 stacking cable? (P..S. I did not spec the stack!) Cheers! submitted by /u/adamtmcevoy [link] [comments]

How to block some specific country to access your services? Posted: 04 Mar 2022 08:38 AM PST I am trying to google but not getting better answer or may be there is not better answer for this question. Some folks saying use BGP ASN to blacklist but that is too much work because some country has more than 5k BGP ASN so how to block them. is there any super BGP AS which include everyone (i don't know just guessing not but want to see what other think of it) submitted by /u/satishdotpatel [link] [comments]

Where to find freelance Networking Posted: 04 Mar 2022 11:32 AM PST Hello everyone, I've tried using fiverr to get a networking project done. But the last 4 people to accept the job have ghosted me. Does anybody recommend a site for a freelance network engineer? It's a small network, 5 Netgear switches. 5 VLANs. I know nobody is excited about netgear but it was bought before I started at this company. submitted by /u/videopanda6745 [link] [comments]

Could cell phones connect to multiple cell towers at the same time? Posted: 04 Mar 2022 09:15 PM PST I know with carrier aggregation and MIMO, you can have a cell phone using larger channels across multiple bands. But what about accessing more than one cell tower? If one cell tower has more available bandwidth on certain bands, and another one has available bandwidth on different bands, can your device connect to 2 or more sites, like a sort of "reverse" MU-MIMO, and get data from each. The two towers would have to talk to each other to know which is sending you what, and the same for upload. So maybe that makes it too complex and not practically feasible, but it would increase the efficiency of the network. submitted by /u/Qbccd [link] [comments]

Help a broadcast engineer out! Posted: 04 Mar 2022 06:22 AM PST I'm a broadcast engineer with enough networking knowledge to be dangerous. I've done plenty of IP network designs using pim SM and various igmp config, but I've got a customer who wants to ensure multicast from specific devices is forwarded to a specified port. I'm rather hoping that I can use policy based routing, and use the match IP address commands to direct the traffic accordingly. What I need to know is if the match IP address has to be a source unicast address, or if it can be the multicast address of the media flow? submitted by /u/meekamunz [link] [comments]

Help needed with Cisco Anyconnect & Okta mfa integration! Posted: 04 Mar 2022 05:07 PM PST Hello everyone, I am trying to setup anyconnect mfa with okta radius server (installed in my lab domain controller). I have the okta radius server already configured to connect with my okta admin account (trial version) & I have configured Cisco ASA vpn application in my okta account as well. When i try to connect through anyconnect, i get a pop up to enter my username & password - i hit enter but then it times out. I am expecting a second popup windows with okta challenge but that never appears. I checked the logs on okta radius agent & i can see that it received the access-request from ASA and sent back an access-challenge. To me it seems like the ASA is not handling the challenge properly & thus timing out my session login attempts. Guide i followed: https://help.okta.com/en/prod/Content/Topics/integrations/cisco-radius-intg.htm?cshid=okta-cisco-radius-intg 1) My ASA config: ASA-01# ASA-01# sh run tunnel-group tunnel-group AnyConnect-Default type remote-access tunnel-group AnyConnect-Default general-attributes address-pool anyconnect-ip-list authentication-server-group OKTA authorization-server-group ISE default-group-policy GroupPolicy_AnyConnect-Default tunnel-group AnyConnect-Default webvpn-attributes group-alias AnyConnect-Default enable ASA-01# ASA-01# sh run aaa-server aaa-server ISE protocol radius aaa-server ISE (inside) host 172.16.40.200 key ***** aaa-server OKTA protocol radius aaa-server OKTA (inside) host 172.16.40.199 timeout 60 key ****\* authentication-port 1812 no mschapv2-capable ASA-01# ​ 2) My okta admin Dashboard: Port is set to 1812 Below settings are enabled: Report client IP is checked with 31 calling station-id option Single-line MFA prompt Enable inline MFA enrollment Send Access-Challenge for MFA-only logins Enable UPN or SAM Account Name Login ​ Thanks! EDIT: my issue has been resolved. After trying everything, i started to doubt my ASA software version itself (was running 9.8.1 in gns3) so I tried with a newer version (9.12.4.18) & now i can see the challenge popup. Everything is working 👍. Thanks everyone for replying & helping out! submitted by /u/7AKISE7 [link] [comments]

Conferences in Europe about networking Posted: 04 Mar 2022 02:29 AM PST Hello, What is your favorite conference that has at least some topics about networking and (at least sometimes) is hosted in Europe? I, personally, love NetDevs. Hopefully, this year they will host it in Portugal. :) submitted by /u/cyb3rL0rdq [link] [comments]

mirroring by Virtual functions on same single interface Posted: 04 Mar 2022 12:41 PM PST I have specific interface that I'm trying to do mirroring on same interface by virtual functions. This means same interface has two different virtual functions lets say, one virtual function for actual traffic on the interface and second virtual function for observing and analyzing on the same interface for analyzing the actual traffic that's running on first virtual function on same interface. Can I do something like that ? what shall I configure? environment is centos linux. Any idea / help about if it's possible to do mirroring by virtual functions on same interface? Im trying to implement the concept of Port mirroring which is the method of copying and sending network packets transmitted as input from a port to another port but here I dont have switch that's why cant do port mirroring so Im trying to do same concept by doing mirroring using virtual functions on same interface! a pleasure for the help ! Thanks! submitted by /u/RayanMaraty [link] [comments]

Services like OpenVPN cloud? Posted: 04 Mar 2022 03:20 PM PST We run AnyConnect and even though we have RADIUS, getting MFA on it without stitching together a bunch of things is a pain. We could do keys but our users are challenging. Today, in less than 1 hour, we setup OpenVPN Cloud with AzureAD. The cost is stupid cheap for our needs ($5K/yr for 200 concurrent connections). I'm about to pull the trigger but their compliance statement are wishy-washy and support looks non-existent. So are there others that offer this kind of service? We've been looking at Zscaler and Palo, both magnitudes more expensive and it took us days to get POC setup. submitted by /u/Shujolnyc [link] [comments]

Multicast Traffic Over Single Link In LACP Aggregate Posted: 04 Mar 2022 12:22 PM PST We have a couple of Aruba 8320s in an HA pair utilizing multi-chassis LAGs or VPCs. Those connect to our core Nexus 9300s also utilizing VPCs. They are built with LACP aggregates for a total of 20GB. IGMP v2 snooping is enabled for our AV VLAN and the downstream AV devices need to communicate with the IGMP querier which lives on the Nexus. Traffic appears to be flowing primarily over one of the two links in the LACP aggregate. For example, one link from the 8320 to the Nexus is at 90-100% utilization causing some packet loss while the second link sits around 5% utilization. I can't figure out why the flows aren't being split between the two links to prevent this loss of packets. It's my understanding that the destination of these packets see the LACP LAG as the destination rather than the individual interface level. Is this correct? submitted by /u/BulldozerOfDeath53 [link] [comments]

VOICE VLAN Issue Posted: 04 Mar 2022 12:03 PM PST CCNA #Cisco I have a question for the Network community, what happens is, when I connect a device (VOIP) to a port on a switch (L3 switch) with configs for the port to access vlan 10, voice vlan 30, spanning-tree portfast, IP routing enabled. CiscoChampion #networkengineer ..only 1 out 3 VOIP get IP from VLAN 30 the other 2 VOIP always get a VLAN 10 ip, I have reset the 2 phones but still no headway...any suggestions??? submitted by /u/iSpreadnlove [link] [comments]

Intervlan Arista to Cisco (Newbie) Posted: 03 Mar 2022 10:50 PM PST Hey Guys, I'm new to Arista and have been trying to figure out a simple intervlan connection. I'm using eve-ng for labbing. Now my problem is I could not ping cisco sub interface and I cant find any good resources to solve the issue. I checked Arista warrior and Arista white paper but still cant figure it out not sure how I can make this work. I also tried to allow all vlans but same issue. ​ This is a simple config I have below. Arista: IT-Switch(config)#sh run ! Command: show running-config ! device: IT-Switch (vEOS, EOS-4.23.2F) ! ! boot system flash:/vEOS-lab.swi ! transceiver qsfp default-mode 4x10G ! hostname IT-Switch ! spanning-tree mode mstp ! no aaa root ! vlan 900 name management ! interface Ethernet1 switchport mode trunk ! interface Ethernet2 ! interface Ethernet3 ! interface Management1 ! interface Vlan900 ip address 10.3.0.2/30 ! ip routing ! end IT-Switch(config)#sh vlan VLAN Name Status Ports ----- -------------------------------- --------- ------------------------------- 1 default active Et1, Et2, Et3 900 management active Cpu, Et1 IT-Switch(config)#sh ip int br Address Interface IP Address Status Protocol MTU Owner ---------------- ---------------- ----------- -------------- ---------- ------- Management1 unassigned up up 1500 Vlan900 10.3.0.2/30 up up 1500 ​ Cisco Router: ​ IT_RTR#sh run int g0/3.900 Building configuration... Current configuration : 102 bytes ! interface GigabitEthernet0/3.900 encapsulation dot1Q 900 ip address 10.3.0.1 255.255.255.252 IT_RTR#sh ip int br Interface IP-Address OK? Method Status Protocol GigabitEthernet0/3 unassigned YES NVRAM up up GigabitEthernet0/3.900 10.3.0.1 YES NVRAM up up submitted by /u/Androxy90 [link] [comments]

[HELP] Path.net / tempest reseller Posted: 04 Mar 2022 09:04 AM PST Hello, i am currently running a few rust servers which are decently successful. (min : 400 max : 800 at any time) i have been using some smaller path.net resellers and we were doing quite well, We were running the servers via a VPS connected to the path network and IPIP tunnels from that VPS to our remote server of which we were hosting the servers themselves from. My question as such is does anyone know of any path.net provider or tempest provider that will allow IPIP connections aswell won't break the bank as we aren't aiming to make money. We do it out of our own pocket and a hobby however we don't want to impact our players experience as people are sending attacks to the machine and currently exploiting a BGP tunnel from the VPS to path network. Thanks in advance submitted by /u/PenguinCSG0 [link] [comments]

Controlling East/West Traffic? Posted: 04 Mar 2022 08:32 AM PST Hey everyone, What solutions/platforms/configurations are you using to control east and west network traffic? As an example at its simplest, I would assume ACLs would be used on the network appliance carrying out inter-VLAN routing. Would this best be down on a port level or at the VLAN level? How do ACLs filter host-to-host traffic if DHCP is changing those host IPs? At a more advanced level, I would assume you get more into "zero trust." Any cisco lives or documentation is welcome, not asking for my handheld per se. Thanks! submitted by /u/Rare_Protection [link] [comments]

Can a switch replace a fiber modem ? Posted: 04 Mar 2022 11:56 AM PST Hi, most ISP don't provide a modem able to do LACP/LAGG/802.3ad bonding. So if the modem would be used in pass-through mode anyway, and there is an external ONT near it and it would be for being used along with 2 external routers (be them active-active or active-passive) Can a switch that does LACP replace the modem, in between the ONT and the 2 routers ? Is the customer identification/activation always done within the modem or it may be possible from within the ONT ? submitted by /u/ansomesa1 [link] [comments]

Consolidate switch question Posted: 04 Mar 2022 07:32 AM PST We have 3 SonicPoint APs (powered by POE injectors) connected to a 5 port switch. That switch is connected to a physical interface X8 (WLAN zone) on the Sonicwall NSA 3600. Our LAN clients are connected to an Engenius EWS7952FP POE+ 48 port switch and that switch is connected to physical interface X0 (LAN zone) on the Sonicwall NSA 3600. I want to eliminate the 5port switch and have the APs just plug into the 48port switch. I don't THINK I want to simply reconnect all the cables from the 5port to the 48port as I'd be feeding traffic from 2 different Sonicwall zone assignments to the 48port switch. Question: Can this consolidation be done with VLAN or some other config? Thanks for your attention. submitted by /u/ppaqit [link] [comments]

Troubleshooting L2TP and S2S, how to best tackle this? Posted: 04 Mar 2022 07:07 AM PST Hello All, Over the past 2 days I stood up a L2TP VPN on our UDM Pro SE gateway, along with a S2S to a cloud provider on that same gateway. I won't get into the specifics of the OS version, or anything like that since this sub is more generalized to networking instead of Ubiquiti products. (I know, they aren't that great but management wanted UI gear) Device: UDM Pro SE Issue: L2TP connection on devices constantly disconnect after a few minutes. S2S VPN traffic occasionally fails. (constant ping tests result in timeouts every so often) What I've done: Recreated both L2TP and S2S, rebooted gateway multiple times to test. Changed WAN IP's to test whether issue with talking to specific addresses. As this gateway is remote from my location, I've had to conduct all testing remotely. I ssh'd into the gateway and ran a remote packet capture for the L2TP interface that was created between my PC and the gateway. The info captured doesn't seem that helpful, just a couple of packets that report the cloud workload I was pinging failed to respond. The rest of the data was just ACK to ICMP traffic and such. Is there any way besides this packet capture and ping test to troubleshoot the L2TP VPN? Logs for these devices are next to non-existent, I've been searching some logs through SSH that irritatingly are not available from the UI of the device. From what I've read, L2TP should be pretty resilient so I really think it's device related but I wanted to get a second (or multiple) opinion. Maybe I'm just not looking at this from the right angle. submitted by /u/justabeeinspace [link] [comments]

Problems with an Edge Core switch Posted: 04 Mar 2022 03:05 AM PST So I recently acquired an Edge-core 4610-54T. It came running with cumulus as the OS, but while playing around with it, I accidentally booted into ONIE and now can't find a way to boot back into cumulus. At first I thought it might not be a big deal but I can't seem to find any NOS which runs on this switch and is free. I dont want to/can't spend heaps of money on a license for an OS, so I was wondering if anybody had any suggestions as to what I should do, whether that be a way to boot into cumulus again, or an operating system that will run on it for free. Thanks for any advice. submitted by /u/theGamingProgrammer [link] [comments]

Client VPN vs site-to-site VPN for services communication? Posted: 04 Mar 2022 02:57 AM PST Hi, I need to setup a connection to an external service from a third party via a VPN connection. They have provided me with the required files to create a client connection via OpenVPN but so far I've always dealt with this kind of situations with a site-to-site VPN connection so I was wondering: What would be the difference between using one solution over the other? As far as I understand, I could always create the client as a separate service on my network to work as a proxy so I can scale the other service up or down easily. But in this case it would work similarly to what a site-to-site connection provides. So, is there anything that I need to be careful with when using this solution? From the server perspective it seems easier to manage as they would only need to provide the configuration files to clients without having to deal with their specific network settings. Is there any security implication in doing it this way? Thanks. submitted by /u/Sepharat [link] [comments]

You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States