I'd like your advice on handling an issue about equipment on my network.

My question is, what would you do in this case? More of a personal than technical question.
I manage a network and I have a subnet in use by a group that is secured from other parts of our network.
I recently found out that someone in that group authorized a vendor to add a sonicwall ssl vpn. Of course he doesn't have any authority to allow anything on the network but why should that stop anyone.
Initially they thought they could bypass me and just hook it up. Each time he attempted to hook it up he knocked down his network. The vendor is actually doing the work with his direction.
In this case I was told by higher ups they must have it so I allowed them to plug it in to this subnet. I have not reconfigured the network at all other than allowing the sonicwall on the 2 switchports it is plugged in to.  
When he plugged it in at this point his subnet immediately bogged down. Slow as molasses! After a couple of frustrating weeks he has unplugged it from his network. And of course it's my fault.
Now they are asking me for help. What would you do about this?
Some givens: I do have to get it to work for him.
Expletives are already a given so after that initial response what would you do.
I don't have any access to it. He and the vendor have admin access.
Ideally I want to have it go in an interface on my firewall but I'm full at the moment.

Thanks for your help.
Frustrated network guy
KevinodonovanUC Architect, Communications Network EngineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Can you isolate him onto his own switch a backbone away from the rest of the network.  If not then they will just have to live with speed issues.  Maybe they can limit the traffic they create on the VPN.  But to truly answer your question, you can't control what your higher ups won't let you control, so expletives sound good to me.

Good luck!.....:)

I feel for you first and foremost.

IMHO, you need to setup a round table face to face meeting with your managers and the manage of that workgroup who is now looking to you for help.

1). What are their expectations of you when you cannot administer, access or configure their equipment, i.e. this new VPN device?

2). Why did they initially bypass you? (Do you have some underlying problem or personality conflict with someone)?

3). In this open meeting ask why this became your fault and problem?

Now in a lot of corporations, they may not take kindly this type of forum and point blank methods of understanding... but there is more here than meets the eye... I think. But oif the company you work for and its management are worth anything, they will listen, reply and help you to work this situation out.

If for some reason they do not trust you then things may work out differently. I have no idea about your companies culture, personalities, but just something to think about in all this.

As far as network speed, I'd be pointing my finger at the vendor! They MUST have some experts that can assist you in this speed issue.

Just my .02 cents!


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
John is right on the money!
KevinodonovanUC Architect, Communications Network EngineerAuthor Commented:
HI folks,
Thanks for your replies and I was away so I couldn't get back to you sooner.
You're both right and I do apologize for my inability to name names here. I work for government. In this case It's less a matter of trust and more a matter of control. I have had a face to face with people involved and some isues were addressed but not necessarily clarified. First, I am incharge of the network because no one else can be. Second I must act on priority issues in a more timely manner. Unfortunately we never did clarify priority issues or just what constitutes timely. Politics at its best.
I've decided to set them up on their own vlan and segment them from the rest of the network as well as do some traffic shaping. I'm also going to do this properly and that will take some time so they're going to have to be patient.

Thanks again.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Management

From novice to tech pro — start learning today.