Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x

Network Architecture

11K

Solutions

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi Guys,

We have an IP block from the ISP
Thus a couple of public IP's assigned, example:
196.31.231.80
196.31.231.81
196.31.231.82

Our NAT policies on 196.31.231.80 over X1 interface is working well.

I've been trying to setup additional NAT policies on 196.31.231.81, but experiencing a connection issue.
Which brings me to the following questions:

1.  Is it necessary to setup a Virtual Interface for 196.31.231.82 on X1?
(255.255.255.0)
Or could the NAT rules simply refer to X1?

2.  I tried setting up a Virtual Interface on X1 for 196.31.231.82, but it complains about the same subnet used,
What should the subnet for the Virtual Interface be?
0
Veeam Disaster Recovery in Microsoft Azure
LVL 1
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Hi Here is Opengear IM4216. I could not find relative document on it. Is it layer2 or layer3 device? What kind of device is it? Thank you
0
Where i work has a large number of DHCP scopes. must be approx 40-50 its been left that way for a good few years apparently

I have just joined in past 6 months and just getting round to look at it now

Any DHCP scope clean up plans? Whats the worst thing that can happen if some are removed that have VLAN connections (one thing we're worried about) so i plan on taking an inventory first

I know i can use powershell to look for free addresses per scope can i use this to see addresses that are taken, then i could compare using HP IMC to see whats actually being used

Any ideas appreciated domain functionality is 2008
1
Looking for software to document my network layout. Any options worth looking at?
0
Hello,

I am trying to research this question but not getting any concrete answers. I have multiple hub locations (none MPLS) connected to HQ via DMVPN. My bandwidth circuits at those external locations varies between 5Mb up to 100,Mb. My questions is, with SD-WAN, those sites with only 5Mb, will they see performance increase? Will I be able to manage this bandwidth? Or will I be cancelling the circuit with.. let's say Comcast and get a SD-WAN provider and thus leverage the speed? Also, if thats the case, will I be signing up for certain speed with the SD-WAN provider or no?
0
Working in environment with 34 switches mix of hp 5500 and 5120s over 3 locations

I suspect that the company who support our infrastructure just took the default priority for spanning tree design with switches

I intend to check each BID on each switch is there an argument for using default settings for stp would appreciate best practice on this and and also pointers on easiest way to correct it

I have login for each switch but also use HP IMC

Thanks,
0
I am trying to understand the effect of configuring  ip summary-address rip 0.0.0.0 0.0.0.0  on the Hub router in DMVPN Network.
per the  book, Spokes should see in their routing tables the RIP default Route 0.0.0.0, but it is not the case in my LAB

Hub#sh run 
Building configuration...

Current configuration : 1636 bytes
!
! Last configuration change at 12:59:12 UTC Sat Dec 30 2017
!
upgrade fpd auto
version 15.0
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Hub
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
!
!
ip source-route
no ip icmp rate-limit unreachable
ip cef    
!
!
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
! 
!         
!
!
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 !
!
interface Tunnel0
 ip address 172.16.123.1 255.255.255.0
 no ip redirects
 ip nhrp authentication DMVPN
 ip nhrp map multicast dynamic
 ip nhrp network-id 1
 ip summary-address rip 0.0.0.0 0.0.0.0
 tunnel source FastEthernet0/1
 tunnel mode gre multipoint
 !
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
 !
!
interface FastEthernet0/1
 ip address 192.168.123.1 255.255.255.0
 duplex auto
 speed auto
 !
!
interface FastEthernet1/0
 no ip address
 shutdown
 duplex auto
 speed auto
 !
!
interface FastEthernet1/1
 no ip address
 shutdown
 duplex auto
 speed auto
 !
!
!

Open in new window

0
We have a connection to the Internet and now we just added another Internet connection. We want to use the new Internet connection just for Office 365. I am not sure how to go about doing this as I have a default route from my core to the FW and then from the FW to the provider router. So currently all Internet connection, including O365, is pointed to the default route and there is nothing going out of the the new Internet connection.
We have a physical connection from the provider to the FW, then from the FW to the core switch.

Any thoughts? Thanks
0
I currently have a SonicWALL TZ 200 configured with WAN connections on 2 interfaces. I recently purchased a HughesNET satellite connection and I want hook this up to the SonicWALL (And add it to the failover/load balancing). However, once I received the Modem from HughesNET (HT2000) I learned that it does not have a "Bridge" mode built into the router. I cannot disrupt my current Subnet (needs to stay the same). Does anyone know if there a way to configure the interface for the modem/router combo into the SonicWALL so it will work properly?

Thanks in advance.
0
What steps would you take to move from a L2 flat 10.x network to a routable L3 network.  The gear is 15 yrs old and having the obvious issues that come with a flat network.
Thanks
0
Concerto's Cloud Advisory Services
LVL 5
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

I have a client that we support that just purchased a 10 person office across town and need them to connect to our office.  The 10 users will be connecting to our applications via remote desktop services (RDS server 2012 R2) at the main office.  I am looking for a router / firewall appliance that offers both site to site VPN and Client to site VPN.  My goal is to use a robust solution that offers support that I can easily setup and understand.  Some have recommended Sonicwall and Watchhguard, but their business strategy requires that I go through one of their partners - who may be in direct competition with what we do - provide IT support.  We simply want a solution that is under $1000 per appliance, easy to setup and logical and someone to help should we have questions.  We gave also looked at Barracuda networks as well.  But with any of these appliances, I need specific models to go with.

We will need the VPN for both the branch office we are connecting to as well as allow users from our current office to connect remotely from their homes.  So total # of VPN users could be 20 users.  Any guidance would be appreciated.
Don't get me wrong, I have 20 years IT experience and can configure most routers easily and have used Most in the past.  Just don't know the current offerings with subscription based / more robust VPN solutions.
0
I have been informed by Spamhaus that the IP address we use for corporate email has communicated with a known spam site and is either infected by, or NATing for, a computer that is infected by the S_Gozi trojan / downloader.

It states that the infection is extremely difficult to detect and is not seen by most commercial AV or EndPoint protection suites.

I have been told to program the Sonic-wall TZ215 to stop all traffic to sites outside the US.  We have never done this before.  Not sure how to setup the sonic-wall for that purpose.  I know this virus does not use the standard port 25 for smtp traffic it uses port 80 which i cannot block.  It is extremely difficult to find so i am trying to stop its connections at the firewall level to stop it communicating.  Any help would be greatly appreciated.
0
Hello,

I am sure this is a dummy question but i suck in networking.

What is the purpose of a windows server box to have multiple ID addresses assigned to it, although they share the same host-name on DNS?

Thanks 4 your help,
0
Intro

I would like to setup my personal firewall directly to the Netgear DM200 ADSL Modem (in modem mode).

This would allow me to connect directly through VPN to my work ASA5510.

Setup

ADSL Phone line <-> ADSL filter/splitter <-> Netgear DM200 <-> ASA5505 <->BT HomeHub5

I have set the DM200 in modem mode with the username "bthomehub@btbroadband.com", i dont know the password or the Authentication method "PAP or CHAP or MSCHAP"

The ASA is also asking for an VPDN group which I have no details for....

The DM200 is working because I can access th einternet when connected to the LAN port when in Modem mode.

Issue

Ultimately i just want to securely VPN into my work ASA but it would be useful to implement the Firewall for all outgoing internet traffic instead of placing it behind the BT Homehub5 that im replacing .

I would really appreciate it if anybody could offer any advice or help.
0
Building/space already have multiple ISP provisioned.  Fibre and wireless.
Before building a network what information we need to know from ISP before designing and building things out?  Just making sure not missing anything.
I am inheriting an existing space with already provisioned ISP service.
Thanks in advance.
0
Hello Experts,
I just installed sonicwall tz400w and everthing is going well except printer. Printer disconnect automatically after few minutes. I have to connect them manually again and again. I am using commercial printer by konica minolta and i use fiery app on Konica. Its working fine without the firewall.  Please help
0
We are using CAT6a for all horizontal runs.  This is rated to 100m at 10Gbps.  CAT6 can run 10Gbps at up to 55m.  So what happens if we use CAT6 patch cable on the patch panel.  Would we be limited to 55m total length as this is the weakest link?
0
Hi just using IMC on a trial basis

How exactly does it help with vlan management and ACL management can anyone outline ways in which it help us support switches is it just useful in terms of deployment etc

Any good learning material available?
0
First timer here with a Sonicwall Soho wireless. I want to integrate it into a network where currently Verizon FIOS is providing Internet connectivity to one Server and three Windows 10 Pro workstations. Server is the only DC.

I'm almost certain the Verizon router's IP is dynamic, but will check when onsite.

I am thinking that the Sonicwall appliance should be set up physically where I run a CAT5 from the Verizon Router's LAN port to the WAN port on the Sonicwall, and then from the Sonicwall's LAN port to the switch.

Is this correct implementation? Any insight would be greatly appreciated.

Verizon Actiontech RouterMI424WR
Sonicwall SOhO Wireless-N
DellServer 2008 set up as DC
3 Windows 10 Workstations
0
What does it mean to be "Always On"?
LVL 5
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

I have a rack with a VMware cluster, SAN, and 2 Dell n3048 switches.  The 2nd rack has all end point termination for fiber and network users with 2 n3048 switches.  Currently the 2 racks are connected with a cat 6 cable.  I'm wanting to change the connection to one of the 10gb fiber ports but curious what is the recommended method for connecting these switches with different MTU sizes?
0
So I have an old sonicwall I am replacing with a fortigate.  The PC's have 7 day DHCP leases... The Fortigate will be set up to be the same IP as the sonicwall was and it will have the same DHCP range... But of course when I make the swap the fortigates lease list will be empty... Im curious - as PC's check in with the firewall, will they keep their addresses?  Or will they wind up getting reset the lowest available address at the time?

Any other concerns to think about with swapping the firewalls?  

Thanks!
0
I am looking to create an IP strategy for a hybrid environment (VMware on prem and Azure public integrated). I am wondering if anyone has best practice on best practices for IP strategy and more importantly on IPv6 implementation in Azure. Anything to watch out for with IP addressing, in particular IPv6.

Your help is appreciated.

Regards,
J
1
Hi all, please am submitting a CRQ for a simple static route via vrf
i.e.
ip route vrf  (vrf name) <ip address/mask> next hop.
I know it will not be approve if I did not put a statement about testing.
Please can anyone suggest any simple testing statement for static routing?
0
I have been using SonicWall for years. Never really thrilled with their support (primarily a language barrier until recently) but their content filtering seems to be problematic. I spend more time on the phone with them trying to keep it running correctly than it is worth.

Does anyone else use SonicWall for content filtering and in your opinion is it easy to keep running? Any comments about sonic wall in general?
0
I have an outside vendor that needs to communicate to their equipment on our inside network. I would like to set up a DMZ for that access. I have 5 public IP addresses to use. The ASA i want to set up is strictly for this use and no other. I have four devices on the inside that will have static IPs which will require certain ports to be opened. This is what they require. I do not have a config to post as of yet. I am trying to configure one.

Four static private IPs
External port forwarded to internals
  Port 90 Open - 1st internal IP
  Port 91 Open  - 2nd internal IP
  Port 2048 Open - 2nd internal IP
  Port 92 Open - 3rd internal IP
  Port forward 2049 to 2048
  Port 93 Open - 4th internal IP
  Port forward 2050 to 2048

Any suggestions would be greatly appreciated.
0

Network Architecture

11K

Solutions

11K

Contributors

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.