Networking

93K

Solutions

67K

Contributors

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.

Share tech news, updates, or what's on your mind.

Sign up to Post

Dear All

I hope someone can help

What I’m trying to achieve
We currently have a Cisco WLC 2504 controller running our Wi-Fi network. We have been running 2 networks  (Guest & Corp) with PSK for all users to type in manually. What I would like to do now is change the Corp Wi-Fi to use the staff’s AD username and password instead of the pre-shared key to connect whatever device they use (Mobile, Tablet, Laptop). We don’t have a certificate infrastructure and we only want to use is their AD user name authentication

What I have done
I’ve installed a NAP server (Windows 2012 r2) and followed the “RADIUS server for 802.1X Wireless or Wired Connections” wizard as recommend and I’ve setup a new SSID on the WLC to use the RADIUS server. This all seems fine and when I run the “test aaa radius” command it comes back with success. All good so far!

Issue I require help with
When I try to connect a client to the Wi-Fi it fails. The logs on the controller says the authentication has failed and I don’t know why.

Below is the two entries that come up on the controller.

I get two failures when I try to connect from a laptop one for the host and one for the user account

AAA Authentication Failure for Client MAC: a8:08:cf:b4:a7:w5 UserName:DOMAIN\USER User Type: WLAN USER Reason: Authentication failed
AAA Authentication Failure for Client MAC: a8:08:cf:b4:a7:dw5 UserName:host/HASTNAME.domain.local User Type: WLAN USER Reason: Authentication failed

If anyone could …
0
Determine the Perfect Price for Your IT Services
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

I am having problem with using arpspoof on my kali linux box.  i am receiving the following error " arpspoof: couldn't arp for host 10.10.9.5(windows host). I am able to ping to all my network devices and SVI's. I have bulilt out my own Network lab that have cisco routers, swithches, and firewalls. All my devices are receiving ip's from my DHCP server, and able to get on the internet. But for some strange reason the kali linux box arp table isn't populating and it's showing only  10.10.6.1 (which is the SVI), and the cisco switch arp table is populated.  

Below is the command Im using.

arpspoof -i eth0 -t 10.10.9.5 10.10.9.1

I have 4 vlans in my network (User's, Server's, Management,and kali)

10.10.9.x/24= users
10.10.8.x/24= servers
10.10.7.x/24= managment
10.10.6.x= kali
0
With currently known Ransomware variants is backing up a Windows 10 Pro and/or Windows 7 Pro workstation  to a ReadyNAS NAS Box  or FreeNAS NAS Box a reliable method of protecting your backup images/files  if the workstation user does not have permission to access the NAS device but the backup program on the workstation does have the ability to write to the NAS using a specific NAS configured Read/Write User account?
If not.....
 1) what are additional NAS configurations should be configured?
2)  what  other additional backup protection methods should be deployed on the network storage destination(s).

Thank you,
JohnB
0
We have our computers locked down pretty well and only our more privileged accounts can access desktops via the network - UNC, WMI, pssessions and such.

Is there a way to give a program, such as PowerShell, rights to access through the network?  I thought I could run PowerShell as my elevated account and that would suffice.  However, that is not the case.  

For security reasons, I do not want to add our less privileged accounts to the allow list.  I'm

Thank you
Mike
0
I'm buying a new Dell PowerEdge R740XD with a 4port 10GBe NIC and am looking into the best Switch to connect it to. We are primarily a Cisco Shop so I've been looking at Cisco Catalyst 3850 series. I'm looking for everyone's opinion here.
0
Need to setup Multicast on a network with Cisco SG220 switches and a Mikrotik router.  The switches are running several VLANs and the MikroTik is the core router for all IP traffic between them.  The Multicast source is a NVR.  I see that all of the devices support Multicast and I have setup a Multicast address on the NVR.  What do I need to do for the Cisco and Mikrotik devices to allow them to move the Multicast traffic around?
1
We're trying to set up a veeam proxy server/rep jobs for a new client. Due to an overlapping network between an existing client and the new client, we have their firebox translate the network to .30 when coming back and forth. This translation works in veeam (their servers show up), we can ping and pull up their drive shares from our side. The only place it's not working is when veeam goes across using the proxy server and tries to talk to the host at .30.250. We get the following error when starting the job using the proxy server...

Processing FS1 Error: Cannot get service content. Soap fault. TimeoutDetail: 'connect failed in tcp_connect()', endpoint: 'https://xxx.xxx.30.250:443/sdk' SOAP connection is not available. Connection ID: [xxx.xxx.30.250]. Failed to create NFC download stream. NFC path: [nfc://conn:xxx.xxx.30.250,nfchost:ha-host,stg:582f26be-c7f9cf95-50d7-2880231c4740@FS1/FS1.vmx].

We already tried editing the host file by adding the .30 address to it. Didn't help though. So my thinking is, can we add another nic card to the host, give it the .30 network and have it function along side the existing network? Will it work the way i want it to work? Is there something else we can try?

I get why veeam is holding onto the .30 address but there has to be some way around overlapping networks like this. I'm sure we're not the first company to run into this scenario.

Please let me know if you need additional info or logs. Thank you in advance.
1
1 user can't login to linux box using domain password. Other users have no problem.

I have a Zentyal server where all my users are defined (17 users).
This server is used to validate the user passwords from our Zimbra server, our intranet application (custom developed PHP application doing authentication using ldap calls), and we have 2 linux application servers who also validate the passwords using samba against our Zentyal server.

This works perfectly for 16 users.
For the 17th users (lets call him Norbert), everything works perfectly (zimbra login, intranet login, login on 1 of our application servers) EXCEPT logging in on our second application server.

Note: this is not the last user created on Zentyal, he has been working for this company for over 8 years, several other colleagues created after him have no problem connecting to this server.

On server2:
If I do an "id -u anyusername" for any of the 16 other users, I get an id back
If I do an id -u norbert i get :    "id: norbert: no such user"
If I do the same on server1: no problem, not with norbert, not with anyone.

The samba config file for application server 1 and 2 are identical.
And, again, everything works FINE for ALL OTHER users.

If I try (from another machine) ssh -l norbert server2
I get the question norbert@server2 password:
upon entering THE CORRECT password, I get "permission denied, please try again"

If i do ssh -l norbert server1 and enter the same password, I have no problem.…
1
Port 5083 : Qpur File Protocol
Can somebody tell me for what purpose is this service used for?
1
Hi, I am trying to join my computer to our domain but I unable to do so due to issues with discovering the name server. when i run nslookup it returns with a server unknown with an IP V6 address. I have a slight inclination as to the issue is but could not know how to troubleshoot it. On the DNS server someone as crated both multiple host records with different names pointing to the same IP address in both IPV4 and IPV6. However the IPV4 records in  SBS Server 2011 can have reverse lookup records where as IPV6 do not. I know IPV6 should have the capability to do a reverse lookup. Please help.
1
Big Business Goals? Which KPIs Will Help You
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

I am planning to implement the following solution.


1)Is this a good solution and are there any drawbacks?
2)Do we need separate VLAN for heartbeat and storage network?
3 Is 1-2 GB enough for the Quorum?
4)How many 2016 server standard license need?
1
Hi All,

We have an exchange 2016 with one domain network. The issue we are currently having is that the user is able to send and receive emails to everyone internal and external with no issue except one external address. Whenever the user sends an email to the external recipient he gets the below reply back. Any suggestions would be greatly appreciated.
-------------------------------------
"Your message couldn't be delivered and there was no valid enhanced status code being issued by the remote mail system to determine the exact cause, status: '503 This mail server requires authentication when attempting to send to a non-local e-mail address. Please check your mail client settings or contact your administrator to verify that the domain or address is defined for this server.'."

Requested gave this error:
This mail server requires authentication when attempting to send to a non-local e-mail address. Please check your mail client settings or contact your administrator to verify that the domain or address is defined for this server.
1
My ISP is Comcast and I am assigned a range of 5 external IP addresses.

How can I determine which external IP address the SonicWALL VPN is using so that when I configure the VPN clients on Windows 10 computers I will put in the right external IP address?

The SonicWALL router is a TZ600.
1
nfsv4 mount fails with "operation not permitted"

i'm using nfsv4 over tcp

tcpdump output says
Flags [P.], seq 365:489, ack 141, win 229, options [nop,nop,TS val 3498408 ecr 486410650], length 124: NFS request xid 4189983984 120 getattr fh 0,0/24
Flags [P.], seq 141:217, ack 489, win 122, options [nop,nop,TS val 486410655 ecr 3498408], length 76: NFS reply xid 4189983984 reply ok 72 getattr ERROR: Operation not permitted

i'm using a synology nas and have reasons to believe the rights are properly configured as they are cloned from working rules for other hosts and the same export
- read only
- squash all users to admin
- non privilege ports allowed
- cross mounts denied

other mounts are performed through a VIP + source nat

in this case, there is 2 different layers of port redirections ( one checkpoint and one regular end-user internet box ) followed by both destination and source nat performed by a pfsense firewall

EDIT for clarification
CLIENT > checkpoint > internet > box > pfsense > SERVER
__ checkpoint performs source port and address translation as a regular outgoing NAT firewall
__ the internet box performs a simple destination address translation : source address and both source and destination port untouched
__ the pfsense firewall translates both source and destination addresses. destination port untouched. i'm unsure about the source port but it is changed by checkpoint anyway


the network part does work : i can …
1
I went thru the instructions below to remove the printer prompt window on windows 10 but when I uncheck “Show Informational Notifications for Local Printers” and “Show Informational Notifications for Network Printers“ and then try to print through a program the prompt still appears even after reboot and restarting program.  Do i have another place where i have to go to prevent that popup from appearing.

Press and hold the Windows Key, then press “R” to bring up the Windows Run dialog box.
Type “printmanagement.msc“, then press “Enter“.
Expand “Printer Servers“, then right click the name of the computer and select “Printer Server Properties“.
Select the “Advanced” tab.
Uncheck “Show Informational Notifications for Local Printers” and “Show Informational Notifications for Network Printers“.
1
EAP-TLS Authentication, I have setup a Network Policy on our NPS server the requires Smartcard or other Certificate to authenticate. I have been attempting to test on a windows 7 laptop. I have gone to the CA and requested a user certificate. I have installed the certificate on my login personal store in MMC. However, when I set the WIFI profile on the Windows 7 laptop it keeps telling me I need to get a certificate.
1
I have a Windows 10 pro laptop that is picking up our Avaya voicemail server as the DHCP server and Gateway address. I also see a unknown DNS server address 208.67.222.220 and 208.67.222.220.  I was thinking virus.. but this laptop is right out the box.   I am still able to get onto the internet with these IP's.   Any thoughts?
1
Recently Windows server essentials experience stopped showing users and network PC's
I found an article and they suggested to uninstall the role and add it back.

I was able to get it uninstalled but now when I try to ass back its giving me a CA error. ( Certificate Authority has already been installed on this server)
How to I resolve this issue so I can get it installed back without breaking the server?
1
I bring my (Windows 10 Pro) laptop around to do support in a few different networks - some with DHCP and some where a fixed IP-address is needed. Have tried to find a way to make shortcuts to set the fixed addresses (or set the network adapter back to dhcp), but haven't found a way to do it. Thinking of commands in a batch-file. Any suggestions?

-Olaf-
1
Microsoft Azure 2017
LVL 12
Microsoft Azure 2017

Azure has a changed a lot since it was originally introduce by adding new services and features. Do you know everything you need to about Azure? This course will teach you about the Azure App Service, monitoring and application insights, DevOps, and Team Services.

Hi guys

We have people using two factor authentication to VPN onto our network. For security, as it stands, people with home PC's/laptops access our network by having to RDP onto their own local machines at work and then accessing the network drives. This was just to prevent the SMB port being open and reduce the possibility of viruses transferring from local PC's onto our own PC's as we don't have control of their machines at home.

As the company shifts more and more towards mobile usage, more and more users are beginning to request direct access to the actual network now, i.e. once they have VPN'd to our Firewall, to directly map to the network drives. We use Watchguard firewalls.

What would be your proposition for such a scenario? Would you offer them access to the network with extra security measures in place, such as having them install applications that would control ransomware/viruses etc?

Thank you
Yashy
1
What are the steps to lookup the SonicWALL VPN domain name?

This "domain name" can be different than the Active Directory domain name and needs to be entered within the SonicWALL NetExtender VPN connector. Where within the SonicWALL configuration settings can I look up the "domain name"?

SonicWALL NetExtender
1
Hi Experts,

we have to plan a big move to another building.
I have some questions about it.
Our datacenter is using RJ45 patch panels and cabling is done with CAT7

The new building has older technology installed and another patch system , called SYSTIMAX.
This SYSTIMAX patch system is new for all of us and the installed cables are all CAT6.

What kind of patch systems do you use in your datacenter ?
Do I have so many benefits with SYSTIMAX ?
1
I'm trying to map a sharepoint site as a network drive using Kixtart. Here's my syntax...

Use W: \\con-fs01\Admin
Use X: "\\contoso.sharepoint.com@ssl/Projects" /Persistent:Yes

Drive W maps just fine, but X does not map at all. Any suggestions?
1
Windows SBS 2011 single-server domain.  DC boots up but directory services does not start.  Netlogon service fails with 0xc000064.  ADUS, ADSS, tools will not start - stating invalid interface.  Users cannot access network shares, printers, etc.  Netdom query fsmo errors with invalid interface.  DCDiag shows cannot connect to DC.  Have already tried last known good configuration.  Your thoughts would be very appreciated.
1
Great day experts,
I hope all is doing well. I was wondering does anyone know of any Networking labs books or software that would give you a step by step that I can purchase?
1

Networking

93K

Solutions

67K

Contributors

Networking is the process of connecting computing devices, peripherals and terminals together through a system that uses wiring, cabling or radio waves that enable their users to communicate, share information and interact over distances. Often associated are issues regarding operating systems, hardware and equipment, cloud and virtual networking, protocols, architecture, storage and management.