Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.

Share tech news, updates, or what's on your mind.

Sign up to Post

I'm at a client which has an Internet feed from their Israel office which egresses in NYC. Nobody seems to know why it was put in that way. Might any experts on here with middle east experience know why you might want to egress on the other side of the Atlantic rather than just using a local ISP? Or at least Europe? Security issue? Tax issue? Something else??
0
Free Tool: Path Explorer
LVL 9
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Screen-Shot-2017-08-06-at-11.30.59-A.png
on the topology above , I have R1 and R6 on AS 1, R5 on AS3 , R2,R3,R4 on AS2

I would like to have Routers on AS1 (R1 and R6) Not take route through AS3 to reach routers inside AS2, instead I want AS1 routers to go straight to AS2 through R1 using BGP Default Local Preference command on R1

you can see in the config below on R1 :
bgp default local-preference 600


Below is the BGP route configuration on R1, R6, R3. As you can see R6 is going through AS3 to reach routers in AS2 instead of going straight to AS2 through R1

If you need more info , please feel free to ask.


Thank you

R1#sh run | beg router bgp
 bgp default local-preference 600
 network 1.1.1.0 mask 255.255.255.0
 neighbor 192.168.12.2 remote-as 2
 neighbor 192.168.16.6 remote-as 1

Open in new window


R6#sh run | beg router bgp
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.16.1 remote-as 1
 neighbor 192.168.56.5 remote-as 3

Open in new window


R5#sh run | beg router bgp
router bgp 3
 network 5.5.5.0 mask 255.255.255.0
 neighbor 192.168.35.3 remote-as 2
 neighbor 192.168.56.6 remote-as 1

Open in new window


R1# sh ip bgp
BGP table version is 13, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24       0.0.0.0                  0         32768 i
* i2.2.2.0/24       192.168.56.5             0    100      0 3 2 i
*>                  192.168.12.2             0             0 2 i
* i3.3.3.0/24       192.168.56.5             0    100      0 3 2 i
*>                  192.168.12.2                           0 2 i
* i4.4.4.0/24       192.168.56.5             0    100      0 3 2 i
*>                  192.168.12.2                           0 2 i
* i5.5.5.0/24       192.168.56.5             0    100      0 3 i
R1#

Open in new window


R6#sh ip bgp              
BGP table version is 6, local router ID is 192.168.56.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i1.1.1.0/24       192.168.16.1             0    600      0 i
* i2.2.2.0/24       192.168.12.2             0    600      0 2 i
*>                  192.168.56.5                           0 3 2 i
* i3.3.3.0/24       192.168.12.2             0    600      0 2 i
*>                  192.168.56.5                           0 3 2 i
* i4.4.4.0/24       192.168.12.2             0    600      0 2 i
*>                  192.168.56.5                           0 3 2 i
*> 5.5.5.0/24       192.168.56.5             0             0 3 i

Open in new window



R5# sh ip bgp             
BGP table version is 10, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24       192.168.56.6                           0 1 i
*> 2.2.2.0/24       192.168.35.3                           0 2 i
*> 3.3.3.0/24       192.168.35.3             0             0 2 i
*> 4.4.4.0/24       192.168.35.3                           0 2 i
*> 5.5.5.0/24       0.0.0.0                  0         32768 i
R5#

Open in new window

0
Hello,

Trying to create a Site to Site between our TZ215 and Azure:
VNET1 - Address Space     = 10.1.0.0/16
               Subnet  range      = 10.1.0.0/24

GatewaySubnet                  = 10.1.1.0/24

Virtual Net Gateway           = VPN
                                               = Policy-based
                                               = VNET1
                                               = VNET1GWIP  (created Public IP)

Local Net Gateway             = RP_OFFICE
                                              = Public IP address of SonicWALL
                                              = 192.168.250.0/24 (LAN network on SonicWALL)

Connection                          = Site-to-Site (IPsec)
                                               = Virtual Net Gateway
                                               = RP_OFFICE
                                               = Shared key that matches what's configured in the SonicWALL

SonicWALL:
 General Tab                         = Site to Site, IKE using Preshared , IPsec Primary = Public IP of Azure, IPsec Secondary = 0.0.0.0, Local & 
                                                   Peer IKE ID = IPv4 address
Network Tab                         = LAN Subnets, Azure LAN network
Proposals Tab                       = Main Mode, Group 2, AES-256, SHA1, 28800, ESP, AES-256, SHA1, 3600
             
Seeing the following in the SonicWALL log:
  SENDING>>>> ISAKMP OAK INFO …
0
Anyone has experience connecting Chinese office to US?  One of the options is going through Hong Kong but the connection if very poor we heard.

Any other vendors or solutions we should look into?  Fiber connectivity?   Just need to have a reliable connection to one of our US data centers.  Please advise.  Thanks!
0
There are two sets of Sonos one on the main network and anther on the guest network.

Do I need to get anther bridge/ adapter for the guest network ? the main has one.
0
What is the process to logon to or reset the logon username and password for a SonicWALL TZ600 router when the logon information isn't known?

We don't want to reset any information on the router we simply want to logon to it or reset the username and password.

We have physical access to this router.

How can this be done?
0
Hi experts,
i need some advice. i have about 50 pc's on our company network with 1 file server that these pc's access for AD,DNS, DHCP and our financial application(uses access database). we currently have a 48 port 10/100 switch with 2 gigabit uplink ports as the backbone and then 2 gigabit switches connect to this backbone switch. i was aiming to replace the 10/100mb backbone switch with a full gigabit switch but budget is a problem at the moment. would the following work as a temporary solution for about 3 months: I will install a very entry level 8 port dlink gigabit unmanaged network switch as the backbone, connect my server and links to other switches to this 8 port switch. so from the 8 port switch i will connect all 4 network cards on my server to this switch as well as the link cables from my 3 larger switches. I know this is not the best solution but i just need something that will do the job for a few months? or would this small 8 port switch take too much strain?
0
can I ask a few basic questions in relation to Symantec backup exec.

1) what is the underlying database which stores all the configs, e.g. sql server or something else?

2) where is the management console can you see which accounts are authenticated for access? is access based on windows logins or accounts specific to backup exec?

3) in terms of the management console configuration, what needs to be backed up?

4) and is there an easy way to export all the current settings, e.g. jobs/schedules, backup selections per server (e.g. which drives) alert configurations and recipients, out to a single file for offline analysis?

5) is it application aware, e.g. by default does the standard package have the ability to backup exchange, SQL, AD, sharepoint etc.
0
what is the correct terminology used to get an a top level view and oversight of network infrastructure in use in your private networks, e.g. firewalls, proxies, routers, switches, wireless controllers etc. I would like to request a copy for asset management and CMDB purposes to see what interacts/depends on what, but need some idea on the correct terminology for such a diagram/document.
0
aside from SQL Server databases, what other types of files would need special/app aware backup processes. My understanding (albeit I am not a backup admin) is most default backup solutions don't backup live running database files, so you typically have to use the DBMS backup features and then use your backup solution to 'backup to backup'. I just want to do some assurance work that the backups our admins are doing is either using an application aware product which can handle running files such as databases, or whether they are using other tools such as the DBMS in built backup features to do them.

also apart from SQL databases, what other files need special backup arrangements, e.g. what else would not be covered by standard backup programs, in your standard windows network environment?
0
Moving data to the cloud? Find out if you’re ready
LVL 3
Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

I set up a Linksys LRT224 router about a year ago
it does some pass-throughs ti the following
-security camera NVR only two users can access

-Windows Server 2012 running an SQL database about 10 users

-VPN connection so users can get to all servers and appliances
This was suppose to be for only two users, but now they want all 10 users to be able to use VPN

Question?
should I continue to use this router? will is start to degrade in speed
some users say the VPN is starting to slow down

any suggestions are appreciated
0
Dear, I got this error from today morning. All the servers in this network range could not be accessed like attached screenshot.

When I tried to access these servers from the same ISP (which provide this network range to us), the servers COULD be accessed; but when I tried from other 2 ISPs, they COULD NOT be accessed.

The servers are Window Server 2012R2 Standard, have Kaspersky, Firewall but they are configured properly, nothing change (this error started from today morning)

Can you please suggest?
0
we are doing some risk assessment work on backup processes from a risk management perspective (we have no responsibility for doing them ourselves), aside from servers, which host the critical data/files, what other devices in a network need considering in backup policies, so we can interview the department responsible to see that they are included/tested.
0
what documentation would you expect to see an IT department have in place specific to their backup/restore processes? I am trying to get a better idea of the process from a risk and compliance angle, but need to identify either some useful probing questions for the team who do backups, or request some documentation that you would expect to be in place.
0
i have a veeam Job which backup 6 vms(jobname= job1). Sudenly this Job not working any more , after that i cloned this Job (jobname= job1.clone) and work good at the Moment.
but still exist on the NAS storage , .vbk and vbr files. they are prox :900 gb .of Course i would like to use this space for job1.clone Job.

i changed restore Point under job1 and deleted part of vbk,and vrb. But still there is data which i cant delete manually.

Please help to delete These old files.

Thanks in advance
0
Hi,



Can anyone help in identifying why once my vpn client enabled. I can  ping all other internal IPs except 192.168.4.1(interface DatabaseZone)  and 192.168.3.1. My vpn client assigned 192.168.5.100 which is in  the range ov VpHi,



Can anyone help in identifying why once my vpn client enabled. Cant ping any of internal IPs configuration like 192.168.4.1(interface DatabaseZone) . My vpn client assigned 192.168.5.100 which is in  the range of Vpnclients object-group configuration.nclients object-group configuration.

here attached output from "show vpn-sessiondb detail remote"
vpn-sesssiondb-detail.txt
0
I have a sonicwall NSA250 and i have a 50GB fiber coming into the office. I want to partitiont he bandwidth allow Vlan1 to get 40GB and Vlan2 to get 10GB. Can this be done in sonicwall?
0
Hello,

I have a Sonicwall TZ 300 firewall being used as a gateway router for a network. The IP address scope is 10.1.1.1-10.1.1.255 on the X0 interface.

I would like to setup another network with the SAME IP address scope of 10.1.1.1 etc.. on the X2 interface to build and test another server which is eventually going to replace the server on the X0 interface. This second network has to be isolated from the the X0 interface so the two servers/networks can exist without seeing each other. Is this possible? How can I do this if so?

I have it working now as long as I use another IP scheme (10.0.0.1...) but I want to use the same IP scope to make it easier to transition to the new server down the line.
0
Can you please suggest best IT security vulnerability reporting software like hackerone which will be also cost effective.
0
Ransomware Attacks Keeping You Up at Night?
Ransomware Attacks Keeping You Up at Night?

Will your organization be ransomware's next victim?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with our Ransomware Prevention Kit!

what is the difference between nagios and centreon, are they technically both the same
0
Hi, the title said it all. Can anyone draft me some pros and cons of stacking switches?

And is it possible to simulate this techniques in GNS3, Packet Tracer or something else?
0
I am setting up a linux server on a small network for people to access their files, each windows computer will have local login.
I will create logins on the linux server that will be for each individual on the network.
I will map each computer with the appropriate folders that belong to those users.
How can I handle it if someone else needs to use someone else's computer and would like to access their personal files?
Should I have 2 logins, one belonging to the user of that system and a guest of some sort but how can they get to their files easily without needing me to map the drive for them? I need simple because these are not very technical people.

thanks
0
What are the gaps / items in my outsourcing vendor (for hosting & Datacentre) that I ought to
look out for?  I'm sort of auditing them
0
Hi,

We are looking for recommendations for a network level internet filter.
At the moment, we are using OpenDNS or draytek content filter, but neither are particularly robust.

Our main requirement is that it be a network filter in the true sense, in that there is no need to install an agent on the end-user device or have to deploy proxy settings. The above filters work at the router level.

Another nice feature, but not as essential, would be to have granular controls, rather than one policy for all.

Does anyone have any recommendations?

Thanks!
0
I have five stack cisco 3750 switch in the network, and I will like to learn how to configure them.
first thing first, how can I connect to network from my pc or network so I can see the structure built?
0

Network Operations

9K

Solutions

11K

Contributors

Network Operations includes asset management, help-desk supervision, security and user policies, infrastructure administration and anything else that affects the operation of your network. Discussions will include those of best practices in platforms, configurations, performance, security and accounting.