Network Management





Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.

Share tech news, updates, or what's on your mind.

Sign up to Post

When I enable HTTPS Content Filtering in our SonicWall CFS, connectivity to Office 365 breaks very slowly. It might be fine for awhile, but randomly some users start to have Outlook issues where it says "trying to connect" at bottom of Outlook but eventually it says "disconnected", and then no mail comes down.

I have added all domain names listed here and here to the Allowed Domains list, in every permutation like https://, *., and just as shown on those links, but Outlook still slowly fails. To get everybody back up running, I have to go back into the CFS and disable HTTPS Content Filtering.

Evaluating UTMs? Here's what you need to know!
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Dear experts,

I came across a situation where I wish to create two subnets as in and

The will be my main network which will contains most of the PCs, printers, etc....

The will be my wifi network which all wireless connections such as phones, scanners, etc...

Here is the situation:

1. only have 1 switch with 48 ports (can be configured)
2. one sonicwall firewall  4 ports in back(can be configured)
3. allow the two networks to talk to one another as in if I have a PC in 192.168.1.x and wish to access a wifi device in 192.168.2.x

Here are the things that I wish to get answered and accomplished:
1. I wish to know what will be the "BEST and SIMPLE" configuration to accomplish this task. Thanks!
2. Is it possible to connect all devices into a single switch (the 48 port switch) and have combination of networks like 192.168.1.x and 192.168.2.x together without utilizing the VLAN?
I have searched through google and there seems to be many ways to do this but most you have to install some sort of application. This is a learning curve for me but basically I have 4-5 other computers on a network that when I start the main computer (PC1) I want the other 4-5 computers to power on also.

I have experience with running scheduled tasks and I have enabled in the bios and my network cards to Wake On Lan (WOL). I have set automatic startups before using the task scheduler but this is not what I need. My schedule is to erratic.

It appears I need to send a "Magic Packet" and this is new to me. I am hoping I can run a Script of some kind in the task scheduler to send these magic packets out to the other PCs. I am using windows 7 on all the PCs.

Thank you for the help!
I have been replacing antiquated equipment with unifi APs and switches.  I have a sonicwall that breaks my feed into 2 subnets.  One of them is content filtered for a school and the other is for church offices.  I would like to install a USG for the latency and throughput info, but can't seem to figure out how to get it to work without it interfering with SW or APs.  

Is there a way to do it?  I can buy another so that each subnet can have its own.  What I can't do is get rid of sonicwall or two distinct subnets as the school has to have the content filter and USG doesn't have enough of that capability.

I have changed IP and tried it on both subnets.  I have tried it before the SW and after.  I have adopted it, and it brings everything down.  I have adopted it and get caught in a provisioning loop.  It know shows managed by another device.

PS not an IT prefessional, doing this to save my school money and getting them the best technology possible!  So small words and simple answers please.  I have putty, but need step by step help
Are other ISPs besides Comcast able to use Comcast's DNS server addresses of &

An organization I am working for has switched over to using Comcast fiber optics as its primary internet service provider (ISP). We also have a second internet service provider (Etheric Networks ( which provides satellite dish based internet services.

Our internet service is set up in a failover configuration using a SonicWALL TZ600 router so that if our primary Comcast fiber optic internet service fails then our internet service will automatically switch over to Etheric until the Comast fiber optic service is restored.

We would like to continue to use the static external DNS server addresses of and in place if our internet service ever switches over to Etheric should the Comcast fiber optic internet service become unavailable.

Our question is if our internet service switches over to using the Etheric internet service will the external IP DNS server addresses of and still be valid and provide timely DNS name resolution?

Or is there a different type of method we should be using to handle our internet service and DNS name resolution switch over?
Where do I go within the SonicWALL TZ600 router interface to view which licenses have been purchased?
I have a client with a Sonicwall TZ 215  (SonicROM ) that is using a SonicPointN for wireless access. The SonicPoint is setup on Physical interface X2 with a network and the X2 interface also has two VLAN Sub-Interfaces on it, X2:V18( and X2:V19 ( These VLAN’s are used to create the two wireless zones, one for Guest and one for employee’s. The customer now wants to add a remote lighting “Hub” that is manipulated via an Android or iPhone apps. Even though the “Hub” is accessed via the internet the initial setup has to be done with the phone app being able to see the unit on the same local network segment. Since the hub only has a Ethernet jack and the phone only has wireless, the phone and the hub need to be on the same wireless network. So I what I am trying to accomplish and can’t seem to get working it make the X3 interface on the Sonicwall be on the same VLAN Sub-Interface as the wireless access point. In this case that would be X2:V18. So to sum the whole deal up.  I need to get X3 interface assigned to the same network ( and the VLAN-Sub-Interface as X2:V18. I can’t seem to get it the way I need, no problem getting the X3 on the X2 network ( but not on the X2:V18. Any help would be appreciated. Thanks

Glenn Thibeault
Onsite Information Technologies
We have 5 Locations and are looking to add more locations soon.  Sites are a mix of Intra and extra-state, and can be 1000 miles apart.
We have a Mix of resources - On-Premise Servers at HQ Site and some Azure Services (Office 365, SharePoint, Intranet Web)

We Currently have a Mix of Point to Point Ethernet to HQ and for the Smaller Offices Site to Site VPN.
The Point to Point Ethernet remote sites connect to HQ site to get to Internet and also to Azure Services.

Having the larger Locations all go through HQ for internet is nice as it is one Firewall to Manage. Though if HQ Internet goes down, all of the larger remote sites can't get to Azure Services. We could do redundant Internet connections to HQ, but if the fiber to the building has issues, All of it goes down.

We thought about having each site have their own Internet connection and Site to Site VPN into HQ so they only need HQ for Local HQ resources. Though that seems like a lot of firewalls and surface area for attack?

How do other people connect up multiple sites?
I currently have EIGRP routing between S1 and S2 and I'd like to add another EIGRP routing between S1 and S2. The new path will go through 2 L2 switches (see diagram).

vlan30 is the management vlan for S2 site.

vlan100 is the SVI that will carry EIGRP advertisement.

vlan10 is the users for S2 site.

vlan20 is the users for S1 site.

S1 site has vtp domain S1 & S2 site has VTP domain S2.

I only allow vlan100 between S1 & Switch2. This is just to allow only EIGRP to be advertised, The problem that I have is S1 reports a VTP domain mismatch because it cannot negotiate the trunk between S1 and Switch2. Any thoughts on how to deal with this?

Someone asked me "What are some system and network admin interview questions I should be prepared to answer?"  I have no idea.  What can I refer them to or suggest?
2018 Annual Membership Survey
LVL 12
2018 Annual Membership Survey

Here at Experts Exchange, we strive to give members the best experience. Help us improve the site by taking this survey today! (Bonus: Be entered to win a great tech prize for participating!)

Have internet from two ISP one is faster but has packet loses, the other is reliable but slower, have two lan one for the phones and one for the office equipment the office equipment runs on the faster and the phones run on the more reliable. Looking have this settings one router, plus a failover option and email notification. And recommendation?
I am looking for a broad scope on penetration testing/vulnerability exercises to engage a tender for 6-monthly assessments of our network. Most 3rd parties seem to steer you on the areas that should be included, but I was hoping for a more independent view on what type of areas are typically included for a thorough review, e.g. wireless, web apps, network devices, perimeter, build standards, end user equipment, telephony etc? I presume they will test as little or as much as you pay for, but some guidance on critical/desirable/little value per category would be most helpful so we know we are covering the critical areas at bare minimum, in line with budget.

Also any guidance on certifications of companies to look out for as a marker of quality service, would also be useful.
From a risk management perspective we need to identify what damage someone could do if they got admin access to a SAN. In terms of both data theft, and data loss to the organisation. This is a dell equalogic, but I am unsure on the name of the actual management GUI, and what options the admin has with access to the management GUI. But for arguments sake, if someone compromised an account with admin rights over the management GUI for the SAN, specific to data theft/data loss, what damage could they cause?
Does anyone has a document to share the color cable scheme?   Just want to have an idea.  How many colors are OK to have?  How many not too many and not too few.
Thanks in advance.
Due to legacy design, our Management VLan (where consoles of various servers, ESXi hosts, devices including WAF & Firewalls) are open to users to ssh/ssl in (though password will be prompted).

There's an urgency to fix this: I heard this VLAN sits on either the core or distribution Layer3 switches & not behind firewall :  to migrate it to behind firewall is going to take time & we may not have enough free firewall port/leg.

What's the fastest & safest (ie without causing disruption when making change) to get this VLan filtered/protected (pending firewall being purchased which will take a while) as it's considered quite a risk.

I suggest to put ACLs on the distribution/core switch but my netwk admin objected, saying core switch's function is
for fast routing/switching & we should not put ACLs as it will slow down the routing/switching.  He further argued that such ACL can be complex & accidentally blocked dynamic routing protocols (EIGRP & OSPF etc), causing disruption.

Our core & distribution switches sit in the same Nexus chassis.
Please take a quick look at this Aruba WAP design and let me know if there anything can do better there.  Or if there anything I should change.
Are the Aruba controllers HA with a heartbeat cable between each other or over the switch?
I will have about 10 APs.  
Does it make sense for x2 Mobility Masters in different geo locations?

Any  other tips please let me know.  Thanks!
Question.  Our new office prewired with CAT6a all the way.  From users stations to the patch panels.
Does it make sense to have CAT6a for the users stations as well?  Desk ports to the computers.
And from patch panels to the switches.  
What about from other devices to the switches?  WAPs, FW, routers, between switches, etc.  Go with CAT6a all the way?
We are setting up a new domain, designated for a critical sensitive applications with its own AD/DC.

Is it Ok for the AD/DC servers to sit in same subnet as the apps servers    Or
should we segregate into separate subnets?

If separate subnets, segregate by router ACL is enough or firewall?

What's the reason & the best practices out there?

I had created a SITE to SITE VPN between a PFSENSE anda Sonic Wall TZ400.The VPN is up no problem. The only thing is that I cannot open ressources like folders, rdp or ping from one side to another. Anybody knows where I should look to fix this issu?

Free Tool: Subnet Calculator
LVL 12
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

One of the Experts here on EE suggested GFI Languard.  So, we bought it and have  had it running for a few months.  As I get further into it and want to take advantage of its capabilities, I naturally have questions.

Being a "good customer" I figured to start on the community forum.  But I can't log in and I can't set up a new account.  I have LOTS of email addresses available and can set up new ones.  Yet, no matter which one I enter for a new Registration, it says "already used".  Can't be true of course.

Telephone customer support takes one to a menu that has nothing to do with customer support and, if you politely wait after not responding, it says "Goodbye".

I may be in the market for 3rd party Q&A at least.  Or, what might you suggest?
Dear all,

I am an IT support for a small company consist of 5 users. I assigned a static IP address on each computer.
Around 3 weeks one of my colleague was not able to browse the connection or see the shared folder on the server until I changed his PC's IP address. This issue reoccurred again today on his PC and on another PC.
I have done a lot of troubleshooting and the last step was changing the IP address. After changing the IP address on two PCs they were able to browse the internet connection and see the shared drives.

I am wondering what is the magician with changing the IP address. Please assist me because I am looking for a solution to avoid keep changing the IP addresses form time to time.
Hi Guys,

We have an IP block from the ISP
Thus a couple of public IP's assigned, example:

Our NAT policies on over X1 interface is working well.

I've been trying to setup additional NAT policies on, but experiencing a connection issue.
Which brings me to the following questions:

1.  Is it necessary to setup a Virtual Interface for on X1?
Or could the NAT rules simply refer to X1?

2.  I tried setting up a Virtual Interface on X1 for, but it complains about the same subnet used,
What should the subnet for the Virtual Interface be?
Hello everyone,
A client of mine is having an issue with their wireless.  They have been reporting that the passwords were getting rejected so I updated the passwords and then the same thing.  I have tried rebooting it, which normally used to fix these issues but now does not.  They have two ssids, one for employees and one for guest and they are configured in a virtual access point.  There are no more firmware upgrades for this model, my next step would normally be to upgrade the firmware.  We have recommended upgrading this Sonicwall as it is no longer supported as well as having a separate access point in the past.  I honestly think that this would be the only solution at this point, but out of good customer service I am reaching out to you guys to see if there is anything else that I can try.
Hi Here is Opengear IM4216. I could not find relative document on it. Is it layer2 or layer3 device? What kind of device is it? Thank you
I'm pretty bad with IP design.   is there a 172.16 /12 network? If so,  how many subnets and hosts I can do?
planning how many offices,  larger and smaller I can put there.  
Thanks bunch.

Network Management





Network Management involves issues that are independent of specific hardware or software, including email policies, upgrade planning, backup scheduling and working with managed service providers for Desktop-As-A-Service (DaaS), Software-As-A-Service (SaaS) and the like through the use of tools, coupled with manufacturer standards, best practice guidelines, policies and procedures plus all other relevant documentation. Network management also includes monitoring, alerting and reporting, management reporting, planning for device or service updates, the backup of configurations, the setting of key performance indicators and measures (KPIs/KPMs), associated service level agreements and problem records as part of the IT Service Management (ITSM) framework.