Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi,

We have 2 x Aruba 8320s (Core Switches) We also have 11 x Aruba 2540 edge switches

Each switch has 2 x 10Gbe SFP modules which connect to the cores via fibre in a LAG.

The switches are split up in 5 separate racks across our building. We also have 1 x Meraki switch in each of the cabinets capable of have 10Gbe SFP modules.

My question is what is the best way to get the Meraki switches to communicate with our Cores? We want to utilise them.

1. Direct connection to the Cores (like the Aruba's)
2. Setup a trunk 10Gbe between the edge switches and Aruba's
3. Any other way?

Could you please advise?

Thanks
0
Python 3 Fundamentals
LVL 13
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

Dear Experts,

I need your assistance regarding 40net/40gate firewalls, i need to know a list of CLI commands that are commonly used for daily operations to troubleshoot end users issues.

Thanks for your attention to this question.
0
Dear All,

- Have two Access Points configured in Client mode with following Static IP addresses :
1) 192.168.28.1 / 255.255.0.0
2) 10.1.28.1 / 255.0.0.0

The  Above Two clients should be connected to Access Point

- on the other hand Computer will connect to the same Access Point in order to download data and access the two Clients

Need to know Network Configuration (IP /Mask / Gateway) for Laptop & Access Point in order to access clients by laptop ?

Thank You
0
Hi Experts,

what is difference b/w source-nat and destination-nat? i believe source nat is just hiding your internal IP behind the public IP address, and destination NAt we use in mainframe system or headless devices that do not have a default gateway. this concept driving me bananas. i really appreciate your clear answer.
0
We have a SonicWall 2650 with Content Filtering enabled to restrict website activity for those on the physical network and those on VPN. We are having problems with folks using their company devices to go to non-authorized sites when they are not on VPN or on the physical network. They are using a company-issued wireless device or their home ISP to gain internet access. It would be great if we can somehow force all of their traffic to go to our SonicWall for filtering without having to create a VPN connection (tends to slow things down on these machines).  Perhaps a proxy server (but only for external users since our internal users are already protected by the SonicWall?  Would it be best to install a third party product to block site access (would have to work on all possible browsers)? Maybe something else? Looking forward to your suggestions.
0
Hi, I ran this wireshark network protocol analyzer with no programs open, including no background programs. I ran it for three minutes. I have the report in csv and in pcapng format.(I've changed the latter to a .txt extension to upload).

Can someone let me know if there's any odd network activity going on? Thanks. If you need more information, let me know, this is way over my head.
packet-dissection.csv
packets---Copy.txt
0
The Cisco 2960x includes a management port. Reading the Cisco literature states this port should be on its own network that can be accessed remotely. The port is it's own vlan. That separate network accessed remotely would require another Internet connection and some sort of vpn to securely assess the management network. How practical is it to set up another Internet connection and a means to access the Cisco management ports?
0
Our organization has deployed couples of Cisco 2960x switches stacked with Flexstack plus. Whenever our end users and application team experiencing slowness on the application, they always blame the root cause is related to Cisco switches network devices. Our question is what command can we use on the switches which can provide evidence/reports to prove that the bottleneck or the root cause of the slowness is not related to the Cisco network switches (e.g. CPU, interface utilization, errors etc.) ? Not sure if there is any guideline from Cisco as far as network switches performance is concerned?

Thank you for your kind advice in advance.

Regards
Patrick
0
I am looking for  software solutions  that will allow me to Visualize Network Traffic .
The aim is to quickly pick up on network isssues .

What do you guys recommend?
0
Hello Experts,

I am at a customer site and I see that they have fiber connectivity  from distribution switch to access switches. When I look at the configuration I do not see any UDLD protocol applied.

My question is can I apply the UDLD protocol on the distribution switch and access switch globally and will that affect the uplinks. I am hoping to not have any distruption on the network.

Please assist
0
Exploring SharePoint 2016
LVL 13
Exploring SharePoint 2016

Explore SharePoint 2016, the web-based, collaborative platform that integrates with Microsoft Office to provide intranets, secure document management, and collaboration so you can develop your online and offline capabilities.

Does anyone know what RADB routes are?  We are requesting a LAN public IP from the Internet carrier that was promised.  Now they give us run around saying the route set belongs to RADB and they cannot update RADB route sets.  If the customer wants their prefix [1.1.1.0/24] to be routed via BGP, they would need to contact RADB to have them update their route set.  
We do not need a BGP.  Just requesting a public LAN IP address.

Does anyone know what does prefix belongs to radb mean?  I'm running the Whois and looks like the prefix belongs to my internet carrier.  Not to radb some sort.
Does the carrier give me a BS runaround on this?  It feels like it :)
0
Hi

When adding an IP to an outside interface on a Cisco ASA,  what IP information do i need from my ISP

I believe its just an public IP address and subnet mask? Do I need a gateway address?
0
My contractor ran fiber cables between floors.  Today I noticed there's an interesting transition connection from thicker cable to the thinner one.  Taped over with while electrical tape.
I didn't have that fiber patch panel.  They install it all.  Taped like that on both end of terminations.

  Does anyone know if this is how its done normally and should I worry about it?  Thanks.
20181226_121026.jpg
20181226_121022.jpg
0
HI Experts.

I have this policy map on most of the switches at my organization.  
Policy Map AUTOQOSPOLICY

    Class AUTOQOS_VOIP_DATA_CLASS
      set dscp ef
      police 128000 8000 exceed-action policed-dscp-transmit
    Class AUTOQOS_VOIP_SIGNAL_CLASS
      set dscp cs3
      police 32000 8000 exceed-action policed-dscp-transmit
    Class AUTOQOS_DEFAULT_CLASS
      set dscp default
      police 10000000 8000 exceed-action policed-dscp-transmit

We are now replacing the existing phones with a new cloud base phone system and they sent me these requirement for QOS and the vendor gave me this policy to use on the switches

policy-map PM-ASW-IB-User
class CM-ASW-IB-RC-Voice-RTP
set ip dscp ef
police 512000 16000 exceed-action drop
class CM-ASW-IB-RC-Video-RTP
set ip dscp af41
police 768000 8000 exceed-action policed-dscp-transmit
class CM-ASW-IB-RC-GeneralSIP
set ip dscp af31
police 32000 8000 exceed-action policed-dscp-transmit
class CM-ASW-IB-RC-Meetings-Control
set ip dscp af31
police 32000 8000 exceed-action policed-dscp-transmit
class CM-ASW-IB-RC-Other
set ip dscp af21
class CM-ASW-IB-Cust-AF13
set ip dscp af13
class CM-ASW-IB-Cust-AF12
set ip dscp af12
class CM-ASW-IB-Cust-AF11
set ip dscp af11
class class-default
set ip dscp default

Apply on the ports :

interface range Gi1/0/9-20
! no mls qos trust device cisco-phone
! no auto qos voip cisco-phone
! no mls qos trust cos
! mls qos trust dscp
! priority-queue out
! …
0
Hello Experts,

I am at a client site and he has a bluecoat packetshaper s200, the client has ordered a replacement hard disk and it has arrived, I would like to replace the hard drive on this device. I am hoping someone can guide me through the process,

I know that I have to open the box and remove the old drive and put the new drive. I need help in backing up the configuration file and IOS, One more thing I like to know is to determine which drive needs a replacement, I do have access to the gui but need the right steps to do that.

Thanks,
0
We use Cisco StealthWatch and are disturbed at some of the activity we're seeing.

What's the best technique to research large downloads/uploads from a particular IP address, such as:  168.62.9.111 transferring 3 gigs?

Per https://myip.ms/info/whois/168.62.9.111 , I see this is registered to Microsoft so I don't think it's malicious.

The only IP's I've been able to figure out so are:
OneDrive:                   13.107.136.9
Windows Update:     13.107.4.50

Is there good site that knows what IPs microsoft uses and for what purpose?

Thanks,
Mike
0
Hi

I have a network with a Layer2 link back to a datacentre which provides our internet connection, we have no firewall onsite at present but looking to install one.

We have ordered an internet connection on premise.

We want to keep our Layer 2 connection and make use of it somehow.

We want to use the new internet connection on-premise and a firewall to route the internet. What's the best way to do this?
0
I'm listing out IT Infra changes that require CR / change control ie subject to CAB.
1. OS, network device OS patching/update/upgrade
2. Installing or configuring a software/feature
3. Adding/deleting/amending an ACL or firewall rule for Production purpose
4. Configuring DB changes : to list out ...
5. Hardenings & OS changes (permission changes etc)
6. OS/device tunings (including migrating services behind WAF, ...)
7. changing account/object privileges

However, I think the following just require an SR/email:
a. blocking of IOCs (from threat Intels)
b. unlocking accounts/password resets
c. login to check/extract information (Cisco 'show run')
d. restarting / rebooting a service or OS due to fix a problem
0
Dear Experts,

I am at a client location today and they have a local server that will be accessing different sites with various ports. The client has ASA firewall and Cisco Firepower my question is do I add the access rules in Firepower or directly in ASA?

I am always not sure and the client has no preference.

Please let me know from your experience how to tackle this .

Thanks,
0
Starting with Angular 5
LVL 13
Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

1.pngso all of a sudden some emails stop flowing and my connector is not validating, been setup for years and we did not change any server or network settings

i have Office 365 and a hybrid server - exchange 2010

the emails that are failing are coming from my mercury server and flows thru my exchange to office 365. i have contacted microsoft support but they are saying its an internal issue.
0
Hello gents,

I am at a customer site and they have a server in the internal zone, the network has Cisco ASA firewall.

They have a developer and on the server he wants to open ports 7000-7200, Do I use the Cisco ASA to open these ports ? or is this done on the server only.

I am not sure how to address this I need clarity on such type of requests from clients,

Thanks,
0
Hello Experts,

I have 2 sites connected via OSPF neighbor relationship using MPLS  and I also have direct connect between the two sites. I had issue with the point to point connection and I removed the static routes between the two sites and OSPF was able to pick the routes again.

Now my Point - to - point connection is up again and I added the static routes but the issue I have now is that the traffic is still going through the ospf and not using the point-to-point path.

How can I make sure the path is reverting back to the point-to-point path, I thought by adding the static path it would pick it up again.

Thanks,
0
Hello Experts,

I have these SIP audio alerter devices on site, and we use CUCM, what is the best  way to find the phone numbers of extensions assign these devices , I only have a sample Mac address of a device but need help.

Thank you,
0
Hello Experts,

I am at a site location and they have BlueCoat Packet shapper S200 , I know the management IP and I know the port number and switch that the management IP is connected too.

I see there are other 2 ethernet cables connected to it and I want to find out their IP addresses and neighboring devices. Is there a way I can find the info from the portal? what will be the best way. I could go to the datacenter and find out but just want to know if there is in anyway I can do this from the portal.

Thanks,
0
Wonder your folks opinion.  How do you approach this questions from executives.  
 "what do you think is better 74Mb DSL or 60Mb cable?"  :)
0

Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.