I'm running UCS 4.04 and I am not seeing in the GUI where port channels connecting upstream to the LAN are associated with which VLANs.
If I SSH to UCS I can see that the new VLANs I added on the server NICs appear to be (automagically?) appearing on the port channel to
the network. But if I go into LAN Uplinks Manager/VLANs/VLAN Manager I expecting to see the port channels underneath the VLANs with
which they are associated. But that is not the case. From nxos CLI note the VLANs and their association with the uplinks.Perhaps it's the case that if you don't specifically assign a VLAN to an uplink that all VLANs automatially are permitted on those uplinks?

Partial config from connect nxos:

vlan configuration 1,9-11,20,30,32
vlan 1,9-11,20,30,32


interface port-channel2
  description U: Uplink
  switchport mode trunk
  pinning border
  switchport trunk allowed vlan 1,9-11,20,30,32
  speed 10000
 
interface Ethernet1/1
  description U: Uplink
  pinning border
  switchport mode trunk
  switchport trunk allowed vlan 1,9-11,20,30,32
  udld disable
  channel-group 2 mode active
  no shutdown

interface Ethernet1/2
  description U: Uplink
  pinning border
  switchport mode trunk
  switchport trunk allowed vlan 1,9-11,20,30,32
  udld disable
  channel-group 2 mode active
  no shutdown

interface Ethernet1/3
  description U: Uplink
  pinning border
  switchport mode trunk
  switchport trunk allowed vlan 1,9-11,20,30,32
  udld disable
  …

I'm looking for generic low-level design (LLD) templates. This current project will include campus (LAN), WAN and DC builds.

Customer looking for WAN optimization. I’m struggling to find appropriate options, as it appears Cisco is ending their WAAS options. The customer mentioned Riverbed, but indicated it was likely too expensive…

The customer isn’t technical, so wasn’t too helpful on the discovery call, but I gathered the following:

•      They have three Ethernet (L2) circuits into their primary location in CA.
•      They sounded like E-Line/ELAN, but…
•      150M, 100M, 20M (being replaced with a 600M down/35M up) – so, the latter is obviously broadband/DIA
•      They couldn’t identify how the Internet connection is being firewalled
•      They have a Mushroom Networks (never heard of it) consolidating these links, somehow providing an SD-WAN policy for them.
•      Nothing (according to them) is being encrypted.

So, all of that wildness aside, they’re looking for something to front these appliances to accelerate their throughput. I’m open to a solution to optimize over each of three links or something larger, such as an SD-WAN option to bring all of them into a policy, etc.

Hi,

Our company internet provider set us up with a new modem which would deliver faster speeds and has the IBGP failover ability. In order to use the IBGP failover we would need to designate 1 (or 2?) IP's from our small block of IP's, or get rid of the current ones and use a larger block of IP's.

Does it make sense to just consolidate our current IP's instead of purchasing a larger block of IP's? We currently have 5 public (outside of the broadcast)

Is it best practice/ industry standard to purchase larger amount of public IP's?

Thank you.

Dear Experts

I am looking for the best practice network design to connect 03 offices which is 3 different locations with secured links with redundant links. Below explained
Data center where business applications are hosted in the location 1 here the business applications which are web-based applications, windows AD for authentication, file server, email server are maintained, cisco 1010 FTD and Cisco FMC is in place and two ISP’s.
Location 2 which is far of distance is going to be connected to location 1 data center with MPLS VPN link and for redundancy broad band link planning for SD WAN solution. Finalized and implementation is in progress.
Now that all the employees who were so far working in location 1 that is at data center location to be shifted to the location 3 which is of little distance from location 1.  However, we are not shifting data center and our employess are of 20 users who is going to work from location 3 and they have to login for authentication to location 1 where the windows AD and file server for their document store and business application they use CRM.
1.      Please suggest the best network design to connect location 3 to location 1, should I have to plan for MPLS VPN as one link and secondary link as leased line and use SD WAN solution here or any other best practice please.
2.      How much bandwidth would be needed between location 3 to location 1 for web-based and store documents in the folder
3.  as we have 20 users is it required to setup …

I need to clone/copy a Cisco 2960 layer 3 switch config to an identical Cisco 2960.  I need to also copy the layer 3 configuration (routes, vlans, etc).  Anything I have seen only lets you copy the layer 2 config.  Yes I tried to Google the problem first, but there is not much I can find on how to do it.
Any help would be appreciated, thank you.

Steve

I am trying to install SSL certificate on F5, I keep getting Import error (Screenshot attached) I have tried entering password, and changing the option for Key security, it doesnt work.

The certificate i am selecting is in .pem format, have selected .crt and .p7b as well, none of them works.

Have anyone experienced the same error?

Thanks for your help.

Hi, we use haproxy with round robin on a few servers which works amazingly well
However now we need to use it for tcp sessions from different ports

basically, gps iot devices create connections to our server via TCP
When I run a netstat, I see lots of devices sending data from same IP address but different port
here is a snap shot
TCP myServerIp:9001 141.86.25.16:60046 ESTABLISHED
TCP myServerIp:9001 141.86.25.16:62084 ESTABLISHED
These are not the same device, they are using a mobile/cell network with same IP but different ports

So I would need a configuration for HA proxy to route to different servers based on IP and PORT
All the examples I’ve seen so far just use IP, which would not work well for me as it would batch a bunch of devices to same server.
I guess it would work, but it may overload one server and under-load another (if that makes sense)

Something else i’m not sure about, some devices also send data using UDP, and these would also need to be routed to same server, not sure if this would work or if i would just have to route all UDP devices to 1 server

Any feedback, pointers and help appreciated
Thanks

We are adding optus phones network at our office, I need to open up two ports on firewall. i.e.

FTP(XMPP) Port (1081) is Closed

How can I add this rule under Meraki MX?

Thanks.

I am looking to develop an automation tool that can assist a NOC operation with WAN outage recovery without technician interaction. The automation tool will run in the lan environment (with no external access) and interact directly with the WAN interface. Please note this tool will not interact with any third party devices outside of the WAN environment. The test environment has Cisco Routers/Switches and uses Spectrum Monitoring.  Looking for suggestions on use cases and example event flow to develop on.

Hi,

I have three Cisco firepower. Two of them are FPR2120-NGFW-K9 and the third one is FPR4110-NGFW-K9. I want to buy Cisco firepower management center. What type of License do I need? And what is the estimate price for it?

Thanks

Hi,

We have 2 x Aruba 8320s (Core Switches) We also have 11 x Aruba 2540 edge switches

Each switch has 2 x 10Gbe SFP modules which connect to the cores via fibre in a LAG.

The switches are split up in 5 separate racks across our building. We also have 1 x Meraki switch in each of the cabinets capable of have 10Gbe SFP modules.

My question is what is the best way to get the Meraki switches to communicate with our Cores? We want to utilise them.

1. Direct connection to the Cores (like the Aruba's)
2. Setup a trunk 10Gbe between the edge switches and Aruba's
3. Any other way?

Could you please advise?

Thanks