Network Architecture Solutions

Dear Experts
We have implemented CRM application( web based ). our customer will login to this and this application for reports and analytics. our customer is in a different country hence they want the news/update on certain products that is in our country, they have asked to provide the solution for them. Our CRM developer says he can integrate certain news channels so that customer can login to CRM and see the news updates, As an IT security point of view I have asked which all websites but he is not sure at the moment which all websites will have to integrate ,
1.      I have informed them we may have to look for different solution instead of CRM application for this until technical approach or detailed tech specs are shared with me. However would like understand is it a right way, is the CRM application using for this is it as right tool
2.       instead should we have to develop a portal and store all the details and share the portal to them.
3.      As CRM has sensitive data integration with new sites will it be recommended , when it comes to integration please suggest the measures to be taken
4.      What solution we need to go for news capturing and store it and share it with customer please suggest .
please help with above , thanks in adance.

3 Comments

Angular Fundamentals

LVL 19

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

Dear Experts

I am looking for the best practice network design to connect 03 offices which is 3 different locations with secured links with redundant links. Below explained
Data center where business applications are hosted in the location 1 here the business applications which are web-based applications, windows AD for authentication, file server, email server are maintained, cisco 1010 FTD and Cisco FMC is in place and two ISP’s.
Location 2 which is far of distance is going to be connected to location 1 data center with MPLS VPN link and for redundancy broad band link planning for SD WAN solution. Finalized and implementation is in progress.
Now that all the employees who were so far working in location 1 that is at data center location to be shifted to the location 3 which is of little distance from location 1. However, we are not shifting data center and our employess are of 20 users who is going to work from location 3 and they have to login for authentication to location 1 where the windows AD and file server for their document store and business application they use CRM.
1. Please suggest the best network design to connect location 3 to location 1, should I have to plan for MPLS VPN as one link and secondary link as leased line and use SD WAN solution here or any other best practice please.
2. How much bandwidth would be needed between location 3 to location 1 for web-based and store documents in the folder
3. as we have 20 users is it required to setup …

6 Comments

LVL 2

Question by

amigan_99

2019-11-12Solved

Multiple DVPN Hubs?

I am doing some discovery on a spoke of a DMVPN. I don't have access to the hub/hubs.
In the configuration seen below I have several ip nhrp map multicast statements and ip nhrp.
Is this indicating that this spoke has six different hubs to which it *could* register if the first one goes down? Thank you.

ip nhrp map multicast 66.66.8.129
ip nhrp map 10.77.126.1 66.66.8.129
ip nhrp map multicast 66.66.8.130
ip nhrp map 10.77.126.2 66.66.8.130
ip nhrp map multicast 66.66.8.136
ip nhrp map 10.77.126.3 66.66.8.136
ip nhrp map multicast 66.66.8.138
ip nhrp map 10.77.126.5 66.66.8.138
ip nhrp map multicast 66.66.8.134
ip nhrp map 10.77.126.7 66.66.8.134
ip nhrp map multicast 66.66.8.131
ip nhrp map 10.77.126.9 66.66.8.131

1 Comment

I need to clone/copy a Cisco 2960 layer 3 switch config to an identical Cisco 2960. I need to also copy the layer 3 configuration (routes, vlans, etc). Anything I have seen only lets you copy the layer 2 config. Yes I tried to Google the problem first, but there is not much I can find on how to do it.
Any help would be appreciated, thank you.

Steve

6 Comments

LVL 2

Question by

amigan_99

2019-11-01Solved

Advertising eBGP a subnet from a larger block

Client has a /16 and wants to advertise a /24 within the /16 via a new carrier at one of their smaller sites. Are there any things I need to discuss with the current carrier or the new carrier to make sure the new peering doesn't interfere with the existing route advertisements? Any other gotchas to consider in this operation? Thanks!

2 Comments

Hi, we use haproxy with round robin on a few servers which works amazingly well
However now we need to use it for tcp sessions from different ports

basically, gps iot devices create connections to our server via TCP
When I run a netstat, I see lots of devices sending data from same IP address but different port
here is a snap shot
TCP myServerIp:9001 141.86.25.16:60046 ESTABLISHED
TCP myServerIp:9001 141.86.25.16:62084 ESTABLISHED
These are not the same device, they are using a mobile/cell network with same IP but different ports

So I would need a configuration for HA proxy to route to different servers based on IP and PORT
All the examples I’ve seen so far just use IP, which would not work well for me as it would batch a bunch of devices to same server.
I guess it would work, but it may overload one server and under-load another (if that makes sense)

Something else i’m not sure about, some devices also send data using UDP, and these would also need to be routed to same server, not sure if this would work or if i would just have to route all UDP devices to 1 server

Any feedback, pointers and help appreciated
Thanks

4 Comments

Dear Experts
Please help understand the difference between Network architect and IT infrastructure architect, does both means the same or different and if different please list the scope of each, this will be great help. thanks in advance.

2 Comments

LVL 11

Question by

Leo

2019-10-14Solved

Cisco Meraki Port opening

We are adding optus phones network at our office, I need to open up two ports on firewall. i.e.

FTP(XMPP) Port (1081) is Closed

How can I add this rule under Meraki MX?

Thanks.

2 Comments

LVL 4

Question by

TECHNO.IT

2019-10-10SolvedPrivate

Network Infrastructure Upgrade

Hello Experts,

We are planning for a network infrastructure upgrade. It includes structured cabling and active systems.
The network is currently running Cat5e cables, patch panels and faceplate modules.
Cisco Catalyst 3560 is deployed at edge and 6506 at Core.
We want to upgrade the infrastructure to Cat6a structured cabling, Fiber cabling supporting 10g and Cisco Switches with SD-Access.
Therefore, we are looking for tips and suggestions to start preparing the plan.

3 Comments

I am looking to develop an automation tool that can assist a NOC operation with WAN outage recovery without technician interaction. The automation tool will run in the lan environment (with no external access) and interact directly with the WAN interface. Please note this tool will not interact with any third party devices outside of the WAN environment. The test environment has Cisco Routers/Switches and uses Spectrum Monitoring. Looking for suggestions on use cases and example event flow to develop on.

3 Comments

Starting with Angular 5

LVL 19

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

I'm looking for some help re-configuring my home network. Here is current setup:

Comcast cable comes into data enclosure in garage wall to a 2-way Splitter. One coax goes to Gateway in my office. Patch cable out of Gateway to a switch beside it which connects my desktop and network printer. Patch cable from this switch to the wall jack backfeeds back to the data enclosure in the garage. Patch panels in the data enclosure connect to small switch in the data enclosure to provide network to other jacks in house.

First, I'm planning to ditch the Comcast Gateway and go with my own modem and router. I want to add a Ubiquiti Cloud Key Gen 2 Plus and eventually a couple of security cameras as well. I'd like to centralize things a bit more instead of going to my office and then backfeed to the data enclosure before distributing to the rest of the house. Unfortunately, there isn't room in the data enclosure for the router, modem, etc. and even if there was, I'd be concerned about the temps. It can get pretty hot in the garage (90F+).

The room directly above the data enclosure in the garage is a storage room with heat and A/C. Perfect location for the network equipment. And it has a knee wall I can get behind and access the cables going down into the garage. But I'm not sure how best to proceed.

There are 17 Cat5e cables coming into that data enclosure in the garage, 7 from top (upstairs jacks) and 10 from bottom (downstairs jacks). There appears to be enough length on the …

3 Comments

Hi,

We have 2 x Aruba 8320s (Core Switches) We also have 11 x Aruba 2540 edge switches

Each switch has 2 x 10Gbe SFP modules which connect to the cores via fibre in a LAG.

The switches are split up in 5 separate racks across our building. We also have 1 x Meraki switch in each of the cabinets capable of have 10Gbe SFP modules.

My question is what is the best way to get the Meraki switches to communicate with our Cores? We want to utilise them.

1. Direct connection to the Cores (like the Aruba's)
2. Setup a trunk 10Gbe between the edge switches and Aruba's
3. Any other way?

Could you please advise?

Thanks

1 Comment

I discussed about Velocloud SDWAN w/ Aaron Tomosky in past and he provided a great deal of insights. This time my question is very brief:

Can VEP 4600 Device for Velocloud SWDAN accept a fiber handoff, our internet provider can only provide optical handoff.

Thanks;

8 Comments

Given Below:
VLAN8 Server
VLAN16 Users
VLAN32 VOIP
VLAN64 Staff-Wifi
VLAN128 Guest-WiFi

We are facing issue for the DHCP distribution,Currently SW port 25,26 and connected Hyper-V host1 and SW port 27,28(Cluster1) connected to Hyper-V host2(Cluster1),
Please help to see anythong was wrong in the configuration .I try in Cisco Switch i just configure sw port to access mode VLAN 8 .But i not too sure why they configure like below:

member 1 8 ! N2048
exit
ip route 0.0.0.0 0.0.0.0 10.65.8.254
interface vlan 1
ip address dhcp
exit
interface vlan 8
ip address 10.65.8.201 255.255.255.0
exit
interface vlan 16
ip helper-address 10.65.8.61
exit

interface Gi1/0/25
channel-group 5 mode active
switchport voice detect auto
switchport mode general
switchport general pvid 8
switchport general allowed vlan add 8
switchport trunk native vlan 8
exit
!
interface Gi1/0/26
channel-group 5 mode active
switchport voice detect auto
switchport mode general
switchport general pvid 8
switchport general allowed vlan add 8
switchport trunk native vlan 8
exit
!
interface Gi1/0/27
channel-group 6 mode active
switchport voice detect auto
switchport mode general
switchport general pvid 8
switchport general allowed vlan add 8
switchport trunk native vlan 8
exit
!

interface port-channel 5
switchport voice detect auto
switchport mode trunk
switchport general pvid 8
switchport trunk native vlan 8
exit
!
interface port-channel 6
…

3 Comments

Question by

Math Tec

2019-08-28Solved

Network Symbol

I was doing design of a network and I was wondering why the router symbol is circle (actually disc) and the switch symbol is near to be a square. . Any idea why?

Thanks

8 Comments

Dear All,

- Have two Access Points configured in Client mode with following Static IP addresses :
1) 192.168.28.1 / 255.255.0.0
2) 10.1.28.1 / 255.0.0.0

The Above Two clients should be connected to Access Point

- on the other hand Computer will connect to the same Access Point in order to download data and access the two Clients

Need to know Network Configuration (IP /Mask / Gateway) for Laptop & Access Point in order to access clients by laptop ?

Thank You

6 Comments

I'm having issues finding IP address design plans to implement in a newly deployed network. Running BGP at the Edge and OSPF as an IGP. Any assistance is greatly appreciated.

6 Comments

I am trying to develop some software for a company. This company has at IT department with active directory. I would like to talk with IT, about getting Active Directory Certificate services setup so I can be issues with a Internal Cert to sign my app.
What documentation does Microsoft release regarding if they recommend AD CS. Is there any documentation that says if a domain doesn’t have a AD CS its not complete or its not whole?
Im sort of looking for historical document too. I want to be able to demonstrate to management the importance of AD CS for signing encryption and use of TPM on our laptops.
Thank you in advance for your help.

3 Comments

LVL 29

Question by

Brian B

2019-08-21Solved

Switches in an Outdoor Enclosure

I have a situation where I need to figure out how to a cool a switch stack that is installed in an outdoor cabinet. There are two Cisco 3850s in a steel cabinet mounted on a post. They have been throwing temperature alarms, so looking for suggestion on what can be done to keep them cool. Past experience has shown they can keep themselves warm enough in the winter, but still need to allow for the dusty environment and keeping out snow/moisture.

There are already holes in the bottom where the network cables and power run in/out, so maybe could leverage those somehow? I'm looking for may some sort of weatherproof venting that we could bolt on.

10 Comments

PMI ACP® Project Management

LVL 19

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

Our customer is connected to internet via a static route to ISP, now they want to advertise a subnet to internet, is it possible to do that, please help.

25 Comments

I have an old network diagram that has a .DSD extension. Anyone know of a reliable program I can use to open it?

3 Comments

We are migrating a school district from a Cisco ASA FW (LAN) to a Fortigate Vdom on our WAN. My normal process would be to create unique vlans that would not overlap on our WAN and reconfigure all LAN switches at the school to use those vlans instead of the normal vlan 1, along with any other vlans that would cause an id conflict. Another method we have used in the past is vlan translation: assigning a single vlan to their LAN switch port and connecting it to our WAN switch on the desired translated vlan. I.E. vlan 1 connected to a vlan 150 port, vlan 10 connected to valn 151 port, vlan 21 connected to vlan 152 port on the WAN switch. Because of some logistics, I am considering the vlan translation approach and would like confirmation my approach is correct or advice on how to configure properly.

The school is using a Cisco Catalyst 4500 switch that will connect to an Aruba 3800 switch.

I am familiar with the Aruba switches more than Cisco. Would I simply trunk (Cisco trunk) a single port to pass the desired vlan to the Aruba switch and on the Aruba switch set the connecting port to tag the translated vlan?

I.E. Cisco:
interface GigabitEthernet1/13
switchport trunk allowed vlan 1
switchport mode trunk
no logging event link-status

interface GigabitEthernet1/14
switchport trunk allowed vlan 10
switchport mode trunk
no logging event link-status

interface GigabitEthernet1/15
switchport trunk allowed vlan 21
switchport mode trunk
no logging …

4 Comments

Dear Experts
We have data center in head office where the web based applications are hosted and now we are setting up branch office at remote location but wired MPLS connection is not feasible at branch office hence the only option we have is to go for RF (antenna with line of sight) MPLS network, to establish the connection between head office and branch office site location. The topology I am planning is hub and spoke connectivity between two locations and managed mpls network.
I am planning for link redundancy with one more MPLS setup from a different ISP however they too offer with RF and same hub and spoke connection between head office and remote branch office spoke location, please suggest is this best network design as the up-time between 2 locations connectivity is critical for us.
1.Please suggest is the above network is good to go or please recommend best practice.
2.If we have to go with 2 ISP’s MPLS vpn connectivity, then what type of gateway device we have to procure to achieve automatic link fail over/link redundancy i,e if any one link goes down automatically other link should serve us to continue our work, please suggest the network design and the gateway device that we have to procure. Thanks in advance.

15 Comments

I would like to have exchange 2013 and Sql server 2014 and DFS as file server n clustered mode on esx servers
I would like to know what are necessary steps for that
Do I have to build esx server cluster and then exchange server cluster or anything will be clustered by default after that or how the design looks ?
Please expalin for me the steps required in details in terms design of network ,hardware, lans clustering ,services for each of SQL Server 2014 , File server,exchange 2013?

7 Comments

We have site A connected to site B with a pair of fiber. The fiber is muxed with CWDM at each site. We also have site C and site D with the same setup (muxed between the sites with CWDM). Now we like to extend one of the wavelength (1511nm) from site A to site D. Is there going to be any issue if we mux it twice (i.e. between site A and B and then between site C and D)? It looks something like below. I would like to know if it's an acceptable solution

Site A Site B Site C Site D
1511nm-----CWDM-------mux-------CWDM-----1511nm------CWDM-------mux-------CWDM-----1511nm

Thank you,

5 Comments

Network Architecture

Related Topics

Network Architecture

Related Topics