Network Management

13K

Solutions

15K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.

Share tech news, updates, or what's on your mind.

Sign up to Post

A few years back I had SolarWinds Real-Time NetFlow Analyzer working with my Cisco 3750x switch. Recently we had some suspicious traffic so I installed a new version of the software on a Win 10 machine. I can connect through the software to my switch, I can see all of the interfaces but none of them show NetFlow enabled. When I click on the interface I want to monitor then click "Start Flow Capture" I get a 'NetFlow is not detected on the selected interface'.

How do I get this port configured correctly to capture NetFlow data?

Additional Facts:
IOS version 15.0(2)SE6

Config on switch:
int gig <port to be monitored>
ip flow ingress
ip flow egress

ip flow-export source <port to be monitored>
ip flow-export version 5
ip flow-export destination <IP of my Win 10 machine> 2055

Open in new window


Per this thread- https://thwack.solarwinds.com/thread/20498 
I tried to run the ip nbar protocol-discovery and the ip route-cache flow on the port to be monitored. Neither of those commands were accepted on that port.

Any help is appreciated.

EDIT:
I've had users on other forums attempt to help me by pointing me to towards flexible netflow configurations that use the command ip flow monitor <name of monitor> input applied to the interface they want to monitor. My switch does not allow flexible netflow to be applied to non-service module ports. What I'm trying to monitor are the standard gigabit interfaces.

The netflow commands I can apply to those standard interfaces are those listed above: ip flow ingress and ip flow egress. How do I get netflow analysis that way?
0
In the Microsoft Call Quality reports - there is an option to view call quality
for Mobile LTE calls. How does MS Skype know that the calls are going over
Mobile LTE? Is the Skype mobile client running on a cell phone and transported
over TCP/IP over the carrier's LTE network? Or are  cell phone calls into
a Skype conference bridge but not over IP? I'm not sure what these calls are.
Their call quality percentage is by far the worst of any other classification of calls
and could contribute to the perception of Skype not being so hot.

We are using Skype for Business Online - Office 365. Thanks.
ScrnGrab4444-180413-14.09.jpg
0
Ubiquiti relatively new in the USA, but the quality and price of their products make them is now on the rise, thy grow very fast, if you have any of their products you may want to look in their Network Management System [UNMS] from where you can manage all you Ubiquiti devices from one central place via a web page, and even from a phone, it is still in bate but already have nice amount of management. The only down side with Ubiquiti is support.
In short I will be give guide how to install UNMS on a virtual machine in hyper-v and change the default port for security [you don’t need to have a server, since windows 10 supports hyper-v].
As you can see on their website you need to have 64-bit (x64) CPU and assign
•      2 GB RAM (Minimal)
•      16 GB storage (Minimal)
To follow this guide you should also own a domain and have a static ip, you can make it work without but this guide is based with the above requirements.

1-      Download and install Ubuntu 16.04.1 LTS (Xenial Xerus) 64-bit
2-      Once your done with the instlation and you have the machine up and running open the terminal and Run the following script, curl -fsSL https://unms.com/install > /tmp/unms_inst.sh && sudo bash /tmp/unms_inst.sh
3-      Login to you domain host and add a DNS a record at you domain host to point to your public IP you can call it however you want [acb.initializebiz.com]
4-      Get your local IP address make it static in your router or reserve in domain controller
5-      Open a web browser Locally and enter the …
0
LVL 3

Author Comment

by:Abraham Deutsch
Thank you for paying attention to my post.

On my lest article I posted Editor Comment me the following;
The article is full of spelling and grammar related errors. I mentioned when I published your last submission that a considerable amount editing was required to correct both spelling and grammar mistakes. I often find it helpful to slowly read each sentence and paragraph slowly and aloud to myself to see how it sounds.  

I understand and am sympathetic to the fact that English may not be your first language, which is possibly why you are running into so many difficulties, however, the purpose of an editing process isn't to rewrite your articles for you so that they read well and make sense.

A few corrections here and there are always tolerated during the editing process, but you really need to make more of an effort to get your work as close to perfect as possible before submitting for editing and publication.  

Perhaps get a fluent English friend to proof read your work for you and make suggestions for improvements, or at the very least, run your text through an online Spelling and Grammar checker. There are many such services on the Web you could take advantage of, both Free and Paid.

Since I am limited in time, and don’t have that much time to spend on writing the article to accommodate the requirements of submitting an article on top of the time it takes to put together the article, but still want to voluntary information that others may find helpful, I stopped trying to post articles and rather use post where I can just drop it in, as to post there is no requirements.
0
LVL 128

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Ok I understand we've been using Ubi kit for quite a while now
0
Has anyone else tried to monitor their Kerio Control 3000 series with SNMP via Spiceworks?

It let's me add the device but it will not monitor any interfaces.  I know the Kerio Admin page shows all of this info, I would just prefer to have it monitored in Spiceworks with all my other servers and switches.
0
What's the best way to switch to another DNS in DHCP server?  
Lower lease -
Change scope options 006 DNS Servers  - reboot
Sounds right?

Is there a way to do it transparently without a boot?
0
Why would wireshark shade certain lines of a packet capture grey instead of light blue which is the majority?
0
In the DHCP scope options 006 DNS Servers.  
Is it required to put all AD DNS servers there?  I got two in this case.
Also, is it a good idea to put google dns as 3rd option 8.8.8.8 ?
0
Hello ,

We have a serious issue here . We are unable to access vcenter with cac authentication but able to access vsphere web client with user name and password only. Can you please assist how to get the cac Authentication to log into vcenter vsphere 6.0.
0
Do I really need a reverse DNS zone?  This place never had it on bind dns and worked ok for years.  and it did't create on AD Windows DNS either.
Do I really need to create that? and would it cause an issue if I don't.
0
Hi Guys,

 I am trying to use hyper-v extended port acl's as a basic form of firewalling for vms on hyper-v server 2016

My goal is simply to limit incoming connections while generally allowing outgoing traffic (and return traffic).

In essence we are allowing incoming http(s) and dns replies. All outgoing tcp traffic is marked as stateful.

We use the following acl's (cleaned up slightly for readability)
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Deny" -Direction "Inbound" -Weight 20
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -Weight 30 -Protocol 1
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -LocalPort 80  -Protocol "TCP" -Weight 60
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -LocalPort 443  -Protocol "TCP" -Weight 70
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Inbound" -RemoteIPAddress "8.8.8.8/32" -RemotePort "53" -Weight 130
Add-VMNetworkAdapterExtendedAcl -VMName "web" -Action "Allow" -Direction "Outbound" -Protocol "TCP" -Stateful $True -Weight 150

Open in new window

The issue is as soon as the last stateful entry is added significant latency is observed to the point of things becoming useless.

In the cisco switch acl world you would simply look for the established flag for the packet.

Is there a way we can achieve the same here without incurring these severe performance penalties? Am I doing it completely wrong?

thanks for any insight.
0
What processes can I follow to set up an email alert to let me know when a certain user with domain admin rights has logged onto a Server 2016 domain controller?
0
I am setting up SNMP for the first time.  I installed the service on a member server.  Added the Public to the Community.  Started the SMNP Trap on two of the other servers, both are DC's.
When I try to add the service using PRTG MNetwork Monitoring it fails.

What steps am I missing in the setup of SNMP
0
We have one client purchase 2 MX64 and 1 X MS250 For the beginning i design to create the vlan2,3,4 in MX and also DHCP.

My thinking is we have the 2 unit MX64 so i can configure as warm spare.if one unit MX is down so another MX will be can active and all the function will not impact to user.

But recently we receive msg from customer IT team .They would like configure VLANs in MS250 and throw the default route to MX .

May i know what are the benefit to configure DHCP and inter-vlan in switch and please advice which method is better
0
I upgraded our SonicWall at the beginning of the year and have some confusion regarding SonicOS's  CFS.  The device is running SonicOS Enhanced 6.5.0.2-8n.

(1) Is there a way to get a log of *ALL* CFS entries?  When I look under:

Log Settings > Base Setup > Security Services > Content Filter

It shows:

CFS Alert = 1461
Website Accessed = 16
Website Blocked = 14

However, I can't figure out how to get to that log.

(2) Is there a way for me to be emailed anytime someone gets the "blocked" screen with the details shown on the block screen they see?

TIA.
0
Dear Experts, I need to check install and configure zabbix agent on vCenter appliance 6.5 but when I accessed to it, it is based on Photon-OS with abnormal Linux commands. Could you please suggest how to do it?
0
We have 3 wan connections going into a bonder - Bell (200mbps) Rogers (200mbps) and Shaw (150mbps) and then from the bonder into X1 interface of the sonicwal (NSA 3500). From the bonder direct out we are getting about 320mbps (which is not great and we are working with Rogers & Shaw to improve their connections) but from the clients we are only getting a max of 95mbps up and down no matter how many tests we run. I have tried this on the X1 and X2 interface as well as change to the secondary HA unit and I get the same results.

I also plugged in my laptop directly to the Bell connection and was getting about 180 up and down. Plugged into the sonicwall X2 interface and changed my client to use that route and again I was getting a best of 95mbps.

Seems like this problem points to the sonicwall

I have a case open with them but wanted to try and resolve this sooner than later so any help/insight you have would be appreciated!
0
When the user domain_aislas was trying to authenticate with NA domain AD, EMEA domain AD , the authentication failed -through wireless

when using LAN CAT 5 it works

When the same user came across LA Domain AD the authentication succeeded.  

Authentication failure from Clearpass
=====================================
NA domain AD - 10.130.x.x: User not found.
MSCHAP: Authentication failed
EAP-MSCHAPv2: User authentication failure


Service groups and the AD servers in Clearpass
==============================================
1. NA_Enterprise wireless access ( Authentication for the user a_aislas failed here )

here all doamins are parent child relationship


is it a subnet issue
0
Is there a website that has white papers or articles/solutions on monitoring ICS:SCADA systems?
0
I am familiar with making DHCP reservations in Windows Server But am now doing in SonicWALL TZ 215 I can see how this is done, But have some questions when doing this in the ARP section:

What does it mean to Publish Entry?

I assume that I want to bind the MAC address or why would I be setting this up in  the first place?

What is meant by Update IP address dynamically?

In the big picture the user will use PPTP from the Windows server to VPN in.  They have a business app that is Unix based and requires the client system to maintain the same IP address (reservation or static).  So, I need the client to obtain that same IP whether they are in the office or out on the road.

Thank you.
0
I've got a NETGEAR  GS724T V4 Managed switch with a VLAN set up using the Auto VoIP setting for 6 ports to serve VoIP phones at a client's location. The other ports are set to default. The IP for the switch is 192.168.1.200.  The switch is on a 192.168.1.1 network.


1) Do I need to set up another subnet for this VLAN (192.168.2.1), or will these ports just be isolated from the traffic on the other ports of this switch.
2) If I do need to set another subnet, how do I set either static IPs or DHCP for these 6 ports on the subnet?

Thanks lots for your insight.
0
Can a POE injector be plugged into any port on a (POE enabled) Switch?

This is the POE injector btw

https://www.bhphotovideo.com/c/product/900418-REG/Vivotek_900002003g_POE_IJ_1748NDN_US_PoE_Injector.html
1
home network devices not finding new SonicWall SOHO Wireless.  It also is not being detected on my phone.
0
I ran the network tool 'IPerf" on 2 PC's that are connected by several GB Switches.  The results are pretty close every time I ran the test, please see below

G:\Downloads\Iperf\From_France\files>iperf.exe -c XXX.XXX.XXX.151
------------------------------------------------------------
Client connecting to XXX.XXX.XXX.151, TCP port 5001
TCP window size: 64.0 KByte (default)
------------------------------------------------------------
[  3] local XXX.XXX.XXX.151 port 64114 connected with XXX.XXX.XXX.151 port 5001
[ ID] Interval       Transfer     Bandwidth
[  3]  0.0-10.0 sec   719 MBytes   603 Mbits/sec

--------------------------------------------------------

My question is this acceptable for a GB switch network?  I suppose if you take 603 and divide into 719 that is 83%; but, I have no frame of reference.  I would think that the power of the computers make a difference as well; but, can someone explain to me:

Question1: What is considered good bandwidth results for a GB LAN connection?

Question2:  What is considered bad babdwidth results for a GB LAN connection?

Question3:  How can I make a definitive test using Iperf?  or any other utility?
0
Dear Experts, we realized some abnormal traffic on my Cisco 3925 router when issued command: "show processes cpu, show ip flow top-talker, show ip nat translations" and blocked some IPs which were strange, but the other keep coming to attack us on port 389.

Is there any way to configure the Router so that it can react automatically? for example: block IP when the connection is higher than the pre-defined threshold? my router's CPU is 17-25%, is it too high? normally at offpeak time, it's just about 10%

Please suggest. Many thanks as always!
0
Is there a simple method for manually sending a test trap? I know traps are getting to the server, but to troubleshoot further, I need an easy way to send a test trap to my receiver manually.
0

Network Management

13K

Solutions

15K

Contributors

Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.