I have encountered a security breach, the most likely explanation is packet sniffing of http data. The issue is that we have many companies each assigned to their own separate VLANs. Can packet sniffers sniff across different Vlans if they are connected to the same  the same switch or AP? I didn't think that was possible?

In the search tool - you can select source or destination address that EQUALS, NOT EQUALS, IS EITHER, IS NEITHER. But what I haven't figured out is how to search by subnet. e.g. show me all the traffic with Destination in the 10.12.67.0/24 subnet. Is that possible?

How set equally load balancing for 3 different ISPs

Please find the exsting config, after this configuration i am unable to get load balancing in order, always traffice goes automaticly from interface FastEthernet0/0/0 every time i dont know why its happing.

Maximum time uses:-
interface FastEthernet0/1 - 20% (4Mbps Link)
interface FastEthernet0/0/0 - 30% (2Mbps LInk)
interface FastEthernet0/0/1  - 50% (2Mbps LInk)

why every time traffice use primery interface as a interface FastEthernet0/0/1, please suggest what need to be changes for traffice move in order, example:-
interface FastEthernet0/1 - 60% (4Mbps Link)
interface FastEthernet0/0/0 - 20% (2Mbps LInk)
interface FastEthernet0/0/1  - 20% (2Mbps LInk)

Router 1 Config:-

interface FastEthernet0/0
 description office_64/5/10_Lan
 ip address 192.168.90.1 255.255.255.0
 ip flow ingress
 duplex auto
 speed auto
!
interface FastEthernet0/1
 description 4Mbps
 ip address 1.1.1.1 255.255.255.0
 delay 1
 duplex auto
 speed auto
!
interface FastEthernet0/0/0
 description 2Mbps
 ip address 2.2.2.1 255.255.255.0
 delay 2
 duplex auto
 speed auto
!
interface FastEthernet0/0/1
 description 2Mbps
 ip address 3.3.3.1 255.255.255.0
 delay 3
 duplex auto
 speed auto
!
!
router eigrp 100
 variance 2
 network 1.1.1.0 0.0.0.3
 network 2.2.2.0 0.0.0.3
 network 3.3.3.0 0.0.0.3
 network 192.168.90.0

Router 2 Config:-

interface FastEthernet0/0
 description Rack_Lan
 ip address …

I set up a Linksys LRT224 router about a year ago
it does some pass-throughs ti the following
-security camera NVR only two users can access

-Windows Server 2012 running an SQL database about 10 users

-VPN connection so users can get to all servers and appliances
This was suppose to be for only two users, but now they want all 10 users to be able to use VPN

Question?
should I continue to use this router? will is start to degrade in speed
some users say the VPN is starting to slow down

any suggestions are appreciated

I have an HP EliteBook 8730w HP machine with XP SP3.  The NIC is a 82567LM Gigabit.  Wireshark Version 1.6.1 is seeing a flood (packet ea/.001068 seconds +/-) of protocol 0x8899 Ethernet II packets (All outgoing; no responses).  Packet length ranges from 64 to about 1499 or 1518 packets long. The problem I have is that I cannot find the Source MAC on my (small home) network (I have tried several MAC scanners), nor do I know anything about the destination address.

Source:  f8:c0:01:7c:65:cc
Destination: Dell_79:08:f2 (00:19:b9:79:08:f2)
Type: Unknown (0x8899), Ethernet II
Data (1504 bytes)
5 lines of data:
0010   88 64 11 00 14 ef 05 d6 00 21 45 40 05 d4 ac 25  .d.......!E@...%
0020   20 00 36 11 54 58 47 13 fb f9 61 73 b9 db a0 e1   .6.TXG...as....
0030   c9 be 05 cd 4b 14 32 bb 81 3a 22 b9 5d 95 21 4e  ....K.2..:".].!N
0040   6d 27 cb 53 59 65 0b 8d 75 33 cb ab f9 de 7e 52  m'.SYe..u3....~R
0050   32 57 86 24 53 27 ee 64 20 41 72 31 20 11 2a 43  2W.$S'.d Ar1 .*C
.
.

So, I have no such source or destination MAC on my network (that I can tell) , am seeing  an ongoing flood  of data anytime day/night.  To my knowledge, I have no Dell equipment on my network (two printers, 4-5 computers, a couple of Smart phones, and several Security DVRs).  Most computers behind one or more switches.  I am certain that I have no Realtek routers/switches or anything that might be using a managed protocol i.e. Realtek Remote Control Protocol (RRCP) Type 0x8899.

How can I test the speed between two computers on the network?

Looking for a application I caN check out my network to see if there is a issue in loss of connects delays slow connection and if, which point and what application. Any recommendations but not something that should break my pocket.

We currently have a Dell Sonic Firewall that is our firewall as well as our company router.  This is our main router for all of our sites in the company.  We have 16.  We implemented through our EMR (Electronic Medical Records) software an upload to a billing company.  They in turn configure and print bills and send them out to our customers.  This has worked fine for over two years.  When this was implemented, we were not required to make any firewall changes at all.

A week ago, the user doing this procedure received an error that the file could not be uploaded.  She called the EMR company, who in their effort to troubleshoot the problem, changed the upload method from ftp to sftp.  She then tried to upload and she got an additional error that port 22 was unable to send.  Seeing that error, the EMR said that the problem has to do with our firewall.  I spoke with the billing company who tried to do a trace route to our external IP.  They were unsuccessful, but I was able to do a trace route to them.  The only caveat is that the user can do this procedure from home with no problem.

I am willing to make firewall changes if necessary, I just don't know what they would be or why it is necessary now, if no one has made any changes other than the upload method from ftp to sftp.

Please help.  I am desperate.

I'm sure I have done something wrong here. This is such a basic config. Can you tell me why my router can communicate outside, but my PCs cannot?

!
! Last configuration change at 17:48:41 UTC Sat Jun 10 2017
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname MYROUTER
!
boot-start-marker
boot-end-marker
!
enable secret 5 <obscured>
enable password <obscured>
!
no aaa new-model
!
no process cpu extended history
no process cpu autoprofile hog
memory-size iomem 20
dot11 syslog
ip source-route
no ip routing
!
!
!
!
no ip cef
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
!
!
license udi pid CISCO1841 sn FTX1104Z0BG
!
redundancy
!
!
! 
!
!
!
!
!
!
interface FastEthernet0/0
 description OUTSIDE
 ip address dhcp
 ip nat outside
 no ip virtual-reassembly
 duplex auto
 speed auto
 no cdp enable
!
interface FastEthernet0/1
 description INSIDE
 ip address 172.16.254.1 255.255.255.0
 ip flow ingress
 ip nat inside
 ip virtual-reassembly
 no ip route-cache
 speed auto
 half-duplex
 no cdp enable
 no mop enabled
!
interface ATM0/0/0
 no ip address
 no ip route-cache
 shutdown
 no atm ilmi-keepalive
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat inside source list 101 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 dhcp
!
access-list 101 permit ip any any
no cdp run

!
!
!
snmp-server community public RO
!
!
control-plane
!
!
line con 0
 

Select all Open in new window

…