I am trying to implement a VPN using my Netgear Nighthawk.  The client is OpenVPN and the configuration files are downloaded from the router, this includes the client certificate which seems to be the problem.  When I try to connect I get the following error in the log

Tue Nov 13 13:46:04 2018 Certificate does not have key usage extension
Tue Nov 13 13:46:04 2018 VERIFY KU ERROR
Tue Nov 13 13:46:04 2018 OpenSSL: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
Tue Nov 13 13:46:04 2018 TLS_ERROR: BIO read tls_read_plaintext error
Tue Nov 13 13:46:04 2018 TLS Error: TLS object -> incoming plaintext read error
Tue Nov 13 13:46:04 2018 TLS Error: TLS handshake failed

Looking around on the internet I don't find a clear explanation on how to correct the problem.

The client is loaded on Win 10 Pro, I don't know what else you might need to help me, let me know and I will try to get the info.

Hi,

Any idea how to improve the network design to ensure the network performance , link redundancy (RSTP) and compatibility on layer 2 to layer 3 are working fine on  video management system?

Thanks

I'm tearing my hair out on this one!

I've got a client who is having a VOIP issue (ongoing for several months).  Here are the facts:

1. Very small client: 4 users on a local domain, Windows PCs and a Server 2008R2.
2. VOIP phone system using same router as computer network.
3. Two phones work solidly.  Two are intermittent.  Tried varieties of plugging in phones, including directly into LAN ports on router instead of the network switch.
4. Intermittent symptoms are: 50% of the time a caller calls the number and gets either a fast busy signal, or "your call cannot be completed as dialed".  Sometimes the caller goes directly to voicemail even though the phone is not in use.
5. One of the phones has been replaced, as an experiment. Used to be a SNOM 320, now an Aastra model.
6. On the working phones, unplugging the phone on the network results in the caller getting voicemail.
7. On the intermittent phones, unplugging the phone typically results in the caller getting a fast busy signal (even at times when the phone seems to be working).
8. At a time when a phone was not working, I ran a continuous ping test to the phone from a computer on the LAN, and it never dropped out once.
9. Before the problems occurred, they enjoyed excellent service on this LAN hardware for some number of years.

The VOIP company is saying that the problem is either the switch or the router, though there are never any detectable problems on the network (there is a Windows 2008R2 server …

Hi,

I have a PFsense router at my location and there has been some malicious activity coming from a device on my network.  Our ISP has notified us that they think that it's a problem with port 23 and if I block it that should fix the problem.  I've blocked port 23 outbound and inbound on all of the interfaces.  The complaint to our ISP gave a reference to BitNinja to check on the malicious requests sent from our network.  Here's a copy of the last request:

{
    "PORT HIT": "98.#.#.#:21349->185.#.#.164:8899",
    "MESSAGES": "Array
            (
                [01:36:54] => REMOTE HI_SRDK_DEV_GetHddInfo MCTP/1.0
            CSeq:57
            Accept:text/HDP
            Content-Type:text/HDP
            Func-Version:0x10
            Content-Length:15
            
            Segment-Num:0
            
            )
            "
}

I see that on 11/2/18, the malicious activity was on port 23.  Now, today I see that it's going on port 5680.  And the latest request was 8899.  

I don't know what device is doing this.  I've scanned the network and don't see any unknown devices on the network.  Here's something strange that happened.  There was a car in our parking lot with dark tinted windows and ghetto rims.  He was always gone when I came by the office.  I was talking to someone in the office and they said that that strange car was back.  I asked if they saw the driver.  She said that he was sitting in the back seat.  I remoted onto a computer in the office and scanned the network.  An IP address showed up that shouldn't be there.  I pinged it but it didn't respond.  …

I have Aruba Wireless Controller and HP Procurve core switch that connected and working with 4 different SSID. Each SSID setup with each VLAN. I have an issue connecting these two when I added new SSID with new vlan. For example, new vlan 88 with 192.168.88.1 / 24 on hp switch, and 192.168.88.2 /24 with vlan 88 on Aruba controller. I can't ping each other.
Other VLAN can ping each other just fine and these two devices connected directly.  What could that be wrong?

Hello there,

Can someone help me locate management packs for HPE Aruba Switches? Alternatively, easy to use documentation on how to incorporate its SNMP into SCOM (System Center Operations Manager) would be helpful too.

Cisco Mobility Express - I have 2 - 2802E's and a load of 2702's
One I have setup as a controller works fine, now I want to setup the second 2802 as a failover controller.

Initially I flashed it with the lightweight firmware it joined then went into my ME controller and said convert to ME, now it comes up ME capable.
That one seems to sit on the setup wizard at least when I look at the console port.

The first time I gave it some time thinking it would get the config and eventually just come up as a controller but nothing.
It does show up in ME as ME capable. I went into my controller and clicked make ME Controller it just rebooted and went to the same place.
I ended up rebooting it there essentially killing the setup wizard. It seemed to work but the secondary controller kept disappearing in ME until I rebooted and then it would show up again for a while.

I reset it and flashed it as a CWAP again, worked fine.
I had ME convert it again and this time went through the wizard and gave it the same settings as my main controller, it came up and I click Make ME controller now they are fighting back any forth I'm guessing over the management IP which makes sense so I just shutdown the second one for now.

I can't find a single document regarding bringing up a secondary controller using on premise ME unit.
I found documentation using cloud based services and using full blown WLC's but nothing in regards to what I'm using.

I found a few brief mentions about …

I have a Netgear Range Extender Model Number WN2500RPv2-- Model No.-I would like to have someone explain to me in simple terms how to connect it to my Hitron Router/Modem Model Name CGNM-that I am renting from my ISP{Suddenlink}. The netgear has 4 ports to connect different devices to it. Dish receiver, Samsung BluRay, Denon home theater receiver.

Please Please help me with simple and easy steps to follow.

Thank you,

Basem Khawaja, R.Ph.

Had an issue last week with upgrading a 4451 - X and Cisco recommended Image:  
isr4400-universalk9.16.03.07.SPA.bin

Was using image:  isr4400-universalk9.03.13.00.S.154-3.S-ext.SPA.bin

The Primary and secondary routers were stable for about 20 minutes and started to reload on their own.  The two engineers from Cisco were awful from the TAC Case we had open.

The Image I wanted to use was: isr4400-universalk9.03.13.10.S.154-3.S10-ext.SPA.bin

Anyone have knowledge of crashes on 4451-X using the Denali platform?  So far, I am unimpressed.

Need education on 5 WAN IP block (same subnet) and the MPOE running up a fiber connection to the office suite.    We walked into this situation illustrated below.  There is one circuit coming into the suite.   The internet service installed a 200 megabit fiber connection at the MPOE.  A couple businesses want their own separate public WAN IPs running off of this one circuit.   There is currently a couple TP Link routers that we like to replace.   What device (switch?  what kind of switch?  Any problems using one switch over another one?) do we use between the biscuit (one ethernet port) and the multiple WANs on the Sonicwall? Here's what we summed up the ultimate game plan below...

Use a Sonicwall Tz 500(a model with at least x8 interfaces) and configure 2 additional interfaces as WAN ports - this would then give us 3. Each of these we can configure with their own static IP accordingly. Next we would configure a LAN interface for each company. Then we would use Policy Based Routing to move traffic from example: LAN 1 "Company A" to WAN 2. Sonicwall also provides QoS I believe which will support VOIP traffic through the routing.

I have a server 2012 running hyper-v with guests.  It has two nics.  I also have two networks with 2 routers each with static IPs.

I want to use one nic for the guests and the other nic for the host OS.  I don't want the networks to see each other. Reason being, one network (hyper-v guests) will be public facing (website and game servers) while the other network (host) will be used for personal purposes in my home network.  

How can I do this?

Note: I know how to assign a guest to a specific nic but my concern is the host server being on both networks.  I know that the OS will default to the first nic it loads, but since the second nic still gets an IP, my worry is security from that second network, even if it is not activly using it.

I need to know all of the steps of what happens behind the scene when a user wants to go to a website like www.google.com.  What happens from the point the user request that from his computer's browser and he gets back the Google webpage.  Please include the entire round trip steps including how routers pass along the request, how and when DNS comes in to play, etc... Thanks

Bandwidth allocation - we are trying to increase our dburg bandwidth, currently its at 25%, we have class-default at 17%. Can we drop class default to 10% and increase dburg to 33%. Will it cause performance issues on our router? to better help we have a 500MB pipe

below is the router config




ip dhcp pool ccp-pool
 import all
 network 10.10.10.0 255.255.255.248
 default-router 10.10.10.1
!
!
ip domain name domain.com
ip name-server 8.8.8.8
ip cef
no ipv6 cef
multilink bundle-name authenticate
!
class-map match-any domain
 match access-group name VPN-TO-NY
class-map match-any VoIP
 match access-group name VoIP-NY
class-map match-any Broadcast-Video
 match ip dscp cs5
class-map match-any Outbound-Priority
 match access-group name VoIP-Bos
 match access-group name Polycom-Bos
 match access-group name TO-SFB
class-map match-any Bulk-Data
 match ip dscp af11  af12
class-map match-any Multimedia-Steaming
 match ip dscp af31
class-map match-any Interactive-Video
 match ip dscp cs4
 match access-group name Lync-out
class-map match-any Net-Control
 match ip dscp cs6
class-map match-any Multimedia-Conferencing
 match ip dscp af41
class-map match-any OAM
 match ip dscp cs2
class-map match-any Inbound-Priority
 match access-group name VoIP-NY
 match access-group name Polycom-NY
 match access-group name From-SFB
class-map match-any Transactional-Data
 match ip dscp af21
class-map match-any Voice
 match ip dscp ef
class-map …