Network Operations





Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.

Share tech news, updates, or what's on your mind.

Sign up to Post

In the groups of apartment that I stay, there's  a free Wifi for the community
which I could access from my phone/laptop when I move around the vicinity.
However, a reading room right in the centre of this area, the Wifi signal is
often cut off (or intermittently at 1 bar).

Is there anything I can get/install so that I could get the signal in the reading
room (which is a 5m x 3.5m room with glazed glass panels in front, a thick
wooden door & concrete walls on the roof & other sides of walls)?  Even if
I open the wooden door, the Wifi signal strength did not improve.

Until I shift my chair & laptop & sit just 1m outside the wooden door, then
I get 3-4 bar signal.

I don't mind a USB dongle with a 4m USB extender cable (which could be
slipped under the door but do recommend specific eBay/Amazon links
to the items that could be shipped to Singapore.

Btw, I don't have access to the AP and I can't get the management/admin
of this community to boost the signal so this is not an option.
Cloud Class® Course: Amazon Web Services - Basic
LVL 12
Cloud Class® Course: Amazon Web Services - Basic

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.


I have a pfSense router at an office I manage.  I'm not very familiar with it but I've gone through the options on it and read up about it a bit.  I'm having a problem that I'm not sure how to resolve.  The ISP has notified the office that there has been malicious requests our IP address directed at other servers.  The information they sent shows that the "PORT HIT" was "x.x.x.x:49039->x.x.x.x:23".  I found a packet capture on the pfSense and set it to listen on the LAN interface and put 49039 in for the port number.  I started the packet capture but I don't see it reporting anything nor do I know where to find the log or output of the packet capture.  It looks like this pfSense router is from a July version in 2015 so it looks like the firmware needs to be updated.  This router looks very powerful and I'd like to learn more about it.  I'm used to using Sonicwalls routers mainly so this is a little different.  Oh, and here's a real strange thing that's going on there.  I called the ISP and told them that I wasn't sure where the IP address that is reporting the malicious activity is at.  The IP on the WAN side of the router ends in 69 and the reporting IP is 71.  They said that they were not able to see any devices ARPing to that IP address at that moment.

If I check the WAN IP on one of the networks in the office (there are 7 suites--so there are at least 8 VLANs), it ends in 71.  I've scanned all 8 of the computers on that reporting network but nothing came up …
I wanted to find the real IP address of a site as sometimes Akamai (came across a few cases) CDN
cause issues & if I browse the actual IP (without going thru Akamai), the sites load Ok without

I found the following link but seems like they 'hang' or can't load:  did anyone manage to get
the sites below to work or can offer alternative ways to find the actual real IP (not the CDN IP)?   ==> this url is ok   ==> not this, connection error  ==> not this : connection error
We have a Technicolor Modem/wireless router combo device given by Spectrum.  When Spectrum tech first set it up I could connect to is wirelessly and I could see the public wan IP as ie.  We plugged it into our Sonicwall device and everything is working fine.  Bridge mode is enabled and we have a dynamic public ip so I set it to DHCP.   I just want to know why  I'm getting a address of showing on my WAN.  I was expecting to see the public ip instead like

Wan interface
We have two VLanes, "V-LAN1 & VLAN2 Wi-Fi"

We have configure traffic between the two, but our email is not working. "Meaning if I connect my cell phone or laptop to the Wi-Fi, I can not received emails. That s with VLAN2 Wi-Fi".
VLAN1 is hardwire .

Exchange:                                                                                     Server:                                                              Firewall:
- Exchange Sever 2007  Version 08.01.0436.000                   - Windows Server 2008 R2 Enterprise         - SonicWall NSA 2600
I was given a list of potential malicious sites by some intel but when I ping them, they don't resolve to any IP.

How to know if they were there before or had been taken down??

Will post them in the post below
Dear Experts, is  there any method to check the uninstalled apps in a PC/laptop? Can we do it via CMD or powershell?

Many thanks in advance!
Hello Experts-
We have subscribed to MPLS IPVPN via Service Provide to connect our branch offices with HQ.
We have been given /30 subnet at HQ and each offices and running BGP between CE Router and ISP. We suppose to send the routes to ISP and then take will foreward via MPLS Cloud.

We want to install firewall at the HQ between MPLS Router and L3 Switch.

I am just concerned what routing protocol I should between MPLS Router and L3 Switch at HQ so that all HQ hosts can reach to branch offices.. Shall I used IGP or Static Routes ?
How to inject the routes from MPLS routes to firewall ? Is it advisable to run a routing protocol between them
How I can achieve redudancy if a router or firewall fails in HQ Office.

I am attaching a basic design.
Any suggestions and comments are welcome.
All of a suddent, I'm getting these error messages and I'm not sure why.  It's not giving me the IP address of the other switch, I'm not sure what the T46.... number referenced is?
Any thoughts?

I have a perplexing VLAN routing issue that I need help with.

My network has three VLANS:
Data - VLAN 1 Default ( /24)
VOIP - Vlan 20 ( /24)
Wifi - Vlan 30 ( /24)

Vlan 1 is untagged on the switches (all Procurves) and the remainder tagged.  I initially configured this network five years ago and it has worked fine.  IP routing is configured on my L3 switch (HP3800) and I can ping between VLANS with no issue.
However, I am trying to add a new VLAN and I can't get it to route.  I configured it the same as the others and assigned it an IP address (  I can ping .70.1 from my PC (Data VLAN) with no problem but I can't ping a server that is on VLAN 70.  What I get is a "Destination Host Unreachable" from, which is the default gateway for the Data VLAN on the L3 switch, even though the server is attached to a port on the switch.  If I telnet into the switch I still can't ping the server.  I looked in the ARP tables and I don't see any IP in the range.
If i manually configure a PC with a VLAN 70 address, however, I can ping the server but I can't ping the other VLANS.  In other words, the VLAN works but it won't route.
Troubleshooting steps I have taken include:
1 - updated the firmware of all the switches (this entails rebooting)
2 - cleared the ARP table on the L3 switch

I sure it is something obvious but it sure has me stumped.  Any thoughts on what I should be looking for?
Prepare for an Exciting Career in Cybersecurity
Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

- (1) Cisco SG250 26P PoE switch
- (2) Ruckus WiFi ZoneFlex R610 access points (using their Unleashed setup)

I'm about to create/implement my first VLAN's, I'm pretty stoked I finally get to play with VLAN's. I've been doing IT/networking since 1991 but never did VLAN's. I've configured Sonicwall firewalls from scratch but this is my first Cisco device I get to admin; thankfully it has a GUI. I've already researched the heck out of VLAN's, trunk ports, tagging, & more, & I feel I'm ready to do it. I have the freedom to create this new network as if it were the original network built for this office. Almost all the employees are out of town for next week so it's an ideal time to build a new network. There are no Windows servers or any network services on this WiFi network; all that stuff is on the "corporate" network. This WiFi network I'm replacing/upgrading is what could be referred to as a "rogue" network that this department installed themselves just so they'd have faster Internet.

I'm creating VLAN's so our business can separate the Guest WiFi traffic to its own VLAN but also allow some inter-VLAN routing to allow our screen-sharing solution (Airtame) that guests will be using to talk to our big screens in the conf rooms, which will remain on our internal/business VLAN.

We currently have a Netgear Orbi Pro WiFi network setup but that's not quite robust/sophisticated enough for what we need to do. I'm keeping this existing Orbi WiFi network hardware …
hey guys,  I used this module for 1Gb fiber ISP link.  SFP-1G-LR

Are there 10Gb modules available for the same Catalist 3850 switches?  SFP-10G-LR

I am using cisco catalyst 3850 48port

appreciate your help!
We are noticing some really odd slow down when we use our ERP system ( hosted inside our networks) and syncing using Smart Connect with Dynamics 365. When a user enters information into our ERP system schedulers are run every 5 minutes through smart connect and ideally should update the Dynamics 365 pages at its slowest 5 minutes or so, but the updates at times are taking 10-30 minutes to populate back to the Dynamics 365 page.

Is there any software I can monitor the passes through and see at where process the times takes the longest. It could be how our smart connect is configured however there are too many variable right off the start.

Our ISP is 10mbs\10mbs. with a Sonicwall Firewall in between.
We have about 30 small branch offices (ie the spoke) that are connected back to the data centre (ie the hub),
each via leased line.

There are 2 services that we would like to restrict to each of the branches (ie don't want the Tcp port accessible
elsewhere in the corporate & not accessible between the branches) & the services listens on Tcp 8000 & 8222.

If I want to apply ACLs on each branch's WAN router to block the 2 TCP ports from being reachable, should the
ACL be applied on the WAN router's LAN interface (ie facing the branch's LAN) or the router's serial interface
(facing the leased line towards the datacentre)?

Can correct/review my suggested extended ACL below?  Assuming a.b.c.d is the IP address of the  branch's
1st server listening on Tcp8000 & e.f.g.h is the IP of the 2nd server listening on Tcp8222

Assuming it's applied on the LAN/ethernet interface of the router, I think (but do correct me), it looks like:
interface Ethernet0
ip access-group 102  in   [or should it be  'out' ?]
access-list 102 deny tcp any any eq 8000 log
access-list 102 deny tcp any any eq 8222 log
access-list 102 permit ip any any

What if it's applied on the serial interface, how does the ACL looks like?

I am seeing a lot of collisions and errors on a WAN port (Sophos SG210) which connects to fiber NTU ( Cisco ME 3400E)

This is 100Mb up/down fiber but I am getting around 60Mb download and 3Mb upload. I think the cause of the slow upload speed is because of the packet collisions and errors.

I get around 70Mb/70Mb when I connect my laptop directly to the NTP.

What would be the cause of the problem?

Here is ifconfig on the WAN link on SG210.

eth1   Link encap:Ethernet HWaddr xx:xx:xx:xx:xx:xx
          inet Mask:
          RX packets:373271 errors:0 dropped:0 overruns:0 frame:0
          TX packets:220080 errors:2306 dropped:0 overruns:0 carrier:2306
          collisions:128842 txqueuelen:1000
          RX bytes:527821557 (503.3 Mb) TX bytes:48346583 (46.1 Mb)

 ethtool eth1
Settings for eth1:
        Supported ports: [ TP ]
        Supported link modes: 10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
        Supported pause frame use: Symmetric
        Supports auto-negotiation: Yes
        Advertised link modes: 10baseT/Half 10baseT/Full
                                100baseT/Half 100baseT/Full
        Advertised pause frame use: Symmetric
        Advertised auto-negotiation: Yes
Brief: SonicWALL IP Spoof on WAN from Similar Subnet.

While this article seems like the resolution doing what it detailed did not resolve the issue: tion.html

I have a Unifi Controller behind a SonicWALL.
We have multiple sites we control from it.

If the site is on a static IP from the same ISP (only 2 ISPs in town) and has the same first 3 octets the traffic passes fine.
Server site WAN IP:
Client site WAN IP:

However if a site is on a different octet then they cannot communicate due to "IP Spoofing" detection.
Servers site WAN IP:
Client site WAN IP:

I've talked with SonicWALL and their engineers are working to find a resolution but I don't know if they can come up with anything.

The server site ISP WAN IP is a /30 net mask.
Trying to connect Netgear WNDA3400 to act as a wireless access point behind a SonicWALL SOHO. I read post from other users about same issue. I tried but no success. Can anyone help me figure this out?
Got called in to look at a very strange network the other day...  They were running a business off a (A) Linksys E2500 home wireless router.  Now off of this router is one cable going to a (B) Mako dual wan appliance, which then goes to a (C) Cybera appliance which hosts a VPN connection as well as a (D) Cisco RV042 router.  Now the other cable off the original router goes to another (E) E2500 Linksys router which only has a laptop and provides wireless to a printer and cell phones for employees.  

Now router (A) is controlling PPPoE from a bridged DSL modem.  Router (A) IP is and servicing everything via DHCP (This will change in near future).  Router (E) acting as an access point is also LAN IP of and handing out DHCP.  The laptop connected to (E) also has a secondary NIC via USB that connects to some point in the other side of the network.  The Mako fails over to secondary ISP (Cellular) after only a few minutes and generally won't return.  I believe either the laptop router (E) is creating the problem.  Router (A) is experiencing over 2,000ms latency and over 5% packet loss.  So I removed router (A) and reconfigured the DSL modem to handle the PPPoE and this now becomes router (A) in the equation.  This router is set to and has around 25ms latency with less than 2% packets loss and everything works great!  We are keeping an eye on this for a week or so, before any more changes are made.

Eventually the Mako should be the router and…
I don't know anything about Office 365. I'm a new developer at my current job. This is what they're going to do...

My manager says we have NT accounts and we're going to Office 365 but everything will break we don't use AD accounts. Some of our apps use NT accounts.

He says maybe we need to integrate Azure AD accounts into our own AD accounts. For example, we use a username (NT account) so we'd need to translate NT to Azure NT account.

Where can I find more info about this? what needs to be done? thanks for any help.
Hey MSSPs! What's your total cost of ownership?
Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

I have been ask by PCI QSA regarding what is SonicWALL using for PCI industry hardening standard.

I have been searching the internet and talking to SonicWALL support but couldn’t get the answer. So I will try here.

Anyone know this information or any PCI expert here that can tell me what to do with PCI Req 2.2 regarding system hardening standards?

Please advise.

Thank you
I have SonicWALL Firewall/Router and 5 public IP address. I am going to have 1G Fios connection soon; however, the my soniwall won't give the 1G connection speed due to the DPI.
I would like to create second network that outside of firewall and wondering if I can split by public IP address with separate router.  Do you have any solution for this?
So my sonicwall 3600 went down. Sonicwall sent a replacement. I uploaded the saved configuration into the replacement and didn't notice any problems.

The next day, users say they can't access the VPN. After a half day talking to Sonicwall support, we figured out that users cannot access the VPN using their UPN as they used to on the old 3600 but can access it using their SAM.

L2TP / IPSEC with RADIUS (NPS) authentication. Funny thing is, the RADIUS server shows success (reasoncode 0) with both the UPN and SAM. Sonicwall's "Test" area in RADIUS shows Success when testing with UPN.

Thanks in advance!
Dear Experts

What is the difference between audit log enabling like setting up centralised logging like  Syslog server and  Networking monitoring enabling and setting up, does both serve the same purpose, can you please help me to understand this. what each of these does , is it recommend both to be enabled in two different servers please suggest
2nd home wireless computer is connected to Sonicwall SOHO wireless -n, but has no internet
We have a SonicWall TZ600.  A manager wants to know in easy to understand terms what the security benefits the firewall is providing us.  Can someone help me word something that would be understandable?  I am new to SonicWall.  We were using a CISCO ASA.

Network Operations





Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.