|
psydude posted:The most secure switch is one which isn't plugged-in ftfy
|
# ¿ Feb 4, 2017 12:14 |
|
|
# ¿ Apr 23, 2024 07:30 |
|
Miguel Prado posted:Hi, I have one at home but if you're having printing issues then it's more than likely a Layer 4/7 issue.
|
# ¿ Feb 7, 2017 14:45 |
|
Miguel Prado posted:If the file is 1,77mb It will first load 225 kbs, print one page, stop and then continue to 660 kbs, printe page two, stop and so forth. Any idea what I can do to speed the process up? This might be the wrong thread, sorry. That's definitely a Layer 7 issue/feature, depends entirely on the protocol you're using. It's obviously spooling one page at a time or something. This isn't the right thread but I'm not sure which one to recommend. Update drivers on the client and pray?
|
# ¿ Feb 7, 2017 15:33 |
|
Partycat posted:The switching had been solid in the past, and the ERS 5500 stuff was great. Not sure they have really advanced much from there, though. I've been using an ERS 5530 (Second hand from auction) in my home network for ages until I replaced it with a Catalyst 2960CX. Solid switch but holy gently caress initial setup can be excruciating if you don't have the right serial cable and JDM is very bad. Still not a bad switch, here it is in my bin shed where it still remains to this day last I checked: https://twitter.com/GarbageDotNet/status/834374286475354117
|
# ¿ Mar 13, 2017 13:29 |
|
CrazyLittle posted:do this. do it now. One of our PMs actually has the extension 5666. He's the bane of my existence so it's appropriate.
|
# ¿ Mar 17, 2017 05:21 |
|
Anyone here managed to get ASAv running on ESXi 6.5 in a Workstation VM? A colleague of mine is having issues, "Failed to deploy VM: postNFCData failed." error.
|
# ¿ May 1, 2017 13:56 |
|
psydude posted:Pretty much all Cisco products aren't officially supported on 6.5 yet, and I've heard of all sorts of issues with it more generally. Cool thanks mate. Good to know.
|
# ¿ May 4, 2017 06:23 |
|
falz posted:PS I hate these things and I'm glad they're dead, but I probably need to keep these small handful for another year or so. I really liked Brocade FC switches and MPRs, nice GUI and CLI, never had any significant issues outside of one or two dodgy SFPs. Never used their IP stuff though so yeah.
|
# ¿ Jul 21, 2017 02:18 |
|
Actually reading that kind of makes sense with my experience which was via Brocade gear re-branded for IBM. They (Brocade) published some extremely specific and relevant errata regarding their products only via IBM's website. For example, port fillword settings for 8Gb FC compatibility with IBM SVC kit (Including Storwize V7000). Also the feature licensing for Brocade MPRs was obscene. At one point I caught out our VAR for loving up SFP and port licenses but copping that cost still didn't bite into their (IBMs) margin. Still, I really miss working with FC
|
# ¿ Jul 21, 2017 16:36 |
|
Thanks Ants posted:1. Cisco Small Business switches are poo poo Second. Super Slash posted:Ok this might be a dumb dumb question but here goes; Are they under support? If yes then open a case with Cisco so you can have them tell you that yes, your switches are poo poo. Makes it much easier to convince managers when vendors say so. Or who knows they may fix your poo poo and everything will be fine forever! Alternatively start cozying up to your local Cisco VAR and get them to loan you some proper Catalysts for demonstration purposes.
|
# ¿ Sep 18, 2017 16:19 |
|
This is probably more a security question but it's still tangentially Cisco related: anyone here using Cisco Umbrella for DNS resolution? Is it actually any good beyond what it claims to do and can its efficacy be backed up in reporting? Edit: that's good to know cheers vvv Pile Of Garbage fucked around with this message at 15:36 on Oct 20, 2017 |
# ¿ Oct 20, 2017 15:00 |
|
Judge Schnoopy posted:I'm on an ipv4 environment so the ipv6 limitation doesn't bother me. Just signed up a few months ago, and yeah it's pretty effective. The filtering is very up to date on malware identification and hardly anything gets through. Thanks for the feedback. Our customer's infosec lead acquired a trial subscription for Umbrella so I'll probably be reconfiguring our forwarders next week to try it out.
|
# ¿ Oct 22, 2017 11:59 |
|
GreenNight posted:When we replaced our core switch last year (480 ports) we got all ethernet slim cables. loving slick let me tell you. I did some offshore fit-outs earlier this year and we used the Panduit Cat6 slim-cables which in the cramped areas were a godsend. However you have to be careful not to get them pinched because they're easy to damage.
|
# ¿ Nov 14, 2017 06:44 |
|
Biowarfare posted:What happens on an err-disable? Is the port still "powered on" or negotiable at all? err-disable can be caused by a number of things but usually to restore it you'll have to shut/no shut the port. Whilst the port is err-disable you'll get no Layer 1 and up.
|
# ¿ Jan 15, 2018 20:59 |
|
Cross-post, not a question but ya'll will find it relevant: I've just checked our main edge ASA 5555-X's and they're running fuckin 9.5
|
# ¿ Jan 30, 2018 01:51 |
|
Jamsta posted:A dimwit (me) who really should know better entered this into a 2960S's remote console session while in conf t: I've probably told this story before but in my last job I worked with FortiGate firewalls a lot, much more than I did with Cisco gear. With the FortiOS CLI if you type "show" or "sh" in configuration context it will output the current config for whatever node you're editing. Anyway one day we were having issues with internet at the office so I SSH'd to the 2911, enter "conf t", "int gi0/0" and then suddenly muscle memory kicks in and I instinctively enter "sh" to try and show the current interface config. Down goes the inside interface and everyone's internet drops out along with my SSH session. I brought it back up in ~5 minutes via console but it was still embarrassing as hell. Pile Of Garbage fucked around with this message at 14:30 on Jan 30, 2018 |
# ¿ Jan 30, 2018 14:27 |
|
It's funniest when you accidentally paste passwords into IRC.
|
# ¿ Jan 30, 2018 16:29 |
|
Settle down and welcome to last page mate.
|
# ¿ Feb 5, 2018 18:05 |
|
Second. That sounds like some crazy optical carrier poo poo FatCow and I would like to know more.
|
# ¿ Feb 16, 2018 12:44 |
|
mythicknight posted:I have an access switch stack that has a single link to two different core switches. My problem is it seems to be pushing all traffic up one link right now, and its saturated. Anything I can do to tell it to use both? Port channel wouldnt work I think since each link is going to a different device upstream. Not sure why we didn't run multiple links for each connection but here we are Maybe escalate to a network person.
|
# ¿ Jun 1, 2018 17:03 |
|
CrazyLittle posted:... Unless you enjoy working on Saturday. And get paid overtime...
|
# ¿ Jun 1, 2018 18:20 |
|
cheese-cube posted:
|
# ¿ Jun 3, 2018 14:50 |
|
Docjowles posted:No, Brocade is bad and you are correct for being mad at how awful they are to work with Brocade FC switches and MPRs were (Are?) pretty good IMO. The worst network gear I've ever worked with is Nortel ERS. It's just so incredibly obtuse and backwards compared to Cisco or anything else really.
|
# ¿ Sep 1, 2018 16:23 |
|
Did Cisco ever release a model with >3 zeros in the name? I immediately thought of CSS but that was only 11500 (I assume the 5 was a courtesy move because ugh).
|
# ¿ Oct 7, 2018 14:57 |
|
Sounds like a VAR sales engineer somewhere is going to get a big xmas bonus
|
# ¿ Dec 11, 2018 12:27 |
|
Fortinet devices have a REST API apparently however you need to pay for a subscription to their developer program to get the doco
|
# ¿ Jan 5, 2019 15:21 |
|
doomisland posted:All the fancy SDN poo poo too uses the same networking concepts as well. There are several blogs and posts I've reading where people are amazed by things such as IPTables and dynamic routing. NVGRE is the work of satan.
|
# ¿ Feb 7, 2019 08:02 |
|
Can anyone point me in the direction of where the XML schema or whatever that Cisco uses for Netconf is documented? I just want something that shows how each part of the config is represented.
|
# ¿ May 2, 2019 05:43 |
|
tortilla_chip posted:show run | xml is your best bet That output modifier doesn't appear to be available on the CSR 1000v I've been testing with (Running IOS XE 16.09). ragzilla posted:You mean the YANG models? Yeah I'd seen that repo before but it just confused me till I realised they're model definitions. I ended up using pyang to parse the definitions which worked well (Example).
|
# ¿ May 3, 2019 05:36 |
|
I've been working with a team recently who have been doing a similar thing for state government departments at sites all over the state. They said IP telephony was the biggest pain in the rear end and would tie up techs for entire days doing just one site. My involvement is network automation with Ansible to do LAN cutover but this telephony stuff seems like just a literal slog.
|
# ¿ Jul 13, 2019 11:22 |
|
Still, probably easier than having to support 2950 switches in TYOOL 2019
|
# ¿ Jul 13, 2019 13:01 |
|
Been experiencing a weird issue since I upgraded my Catalyst 2960CX to v15.2(7)E, hoping maybe someone has seen it before: object-group's in extended ACLs don't match when said ACL is used in line vty access-class. Here's what was configured and working prior to upgrading: code:
code:
code:
|
# ¿ Nov 30, 2019 14:14 |
|
MF_James posted:I had a similar issue recently, remove the ACL from the config then re-add it, if that doesn't work remove the line vty as well and re-add; that fixed the issue I was having and it was a very similar lead up that you had, I did an upgrade to possibly the same version or the one before. Cheers thanks mate I'll give that a go. Edit: no dice. Removed the line, ACL and object-group then recreated but the same issue occurred. Pile Of Garbage fucked around with this message at 17:20 on Nov 30, 2019 |
# ¿ Nov 30, 2019 16:44 |
|
BaseballPCHiker posted:This is a dumb question but I am willing to expose my ignorance to the people of SA. Do all of your sites breakout internet locally or is everything routed back to a central network via VPN/MPLS? Also what kind of traffic are you having to whitelist and why (e.g. are you just implicitly denying all and allowing as required)?
|
# ¿ Jan 11, 2020 14:03 |
|
Prescription Combs posted:Long shot but anyone have any experience with adtran ONTs? Trying to figure out wtf mine keeps shutting off the ethernet port after handshaking with the gateway. Waiting for my ISP to get back to me in the mean time. Just a guess, some of the ones I've seen can't negotiate speed/duplex so you need to set it to 100/Full instead of auto on your side.
|
# ¿ Jan 24, 2020 13:37 |
|
Prescription Combs posted:Not sure what the actual issue was but they ended up reprovisioning my account and that fixed it. Typical telco voodoo
|
# ¿ Jan 25, 2020 11:05 |
|
"Have you tried unplugging it and never plugging it in again?"
|
# ¿ Feb 11, 2020 15:58 |
|
Bob Morales posted:Two problems: Why is DHCP configured on this switch at all?
|
# ¿ Feb 19, 2020 20:36 |
|
Might only make sense to those using FortiGates on the reg, also only if you use profile groups (Which you should be they're dope): https://twitter.com/GarbageDotNet/status/1248155278958153729 tl;dr: device will stop you from creating an invalid config state but won't stop you from editing existing config into an invalid state (Mixing Comfort Clients protocol options with the Content Disarm & Reconstruction AV feature). I'm certain that invalid config has been causing a bunch of issues in my home network with weird dropped replayed packets and poo poo.
|
# ¿ Apr 9, 2020 12:56 |
|
|
# ¿ Apr 23, 2024 07:30 |
|
Biowarfare posted:Whole company is going to move to cloud but then pipe all cloud traffic through a single 100Mbps AWS Direct Connect to some onprem branch office's VDSL line to run a web filter to block any form of adult content. You'll need to know Layer 3 and BGP plus maybe ECMP for the Direct Connect. Also I'd question piping back to on-prem, I'm currently doing a design for an architecture that uses Transit Gateway and Direct Connect to pipe traffic on-prem as well as a spoke VPC with HA FortiGate VMs to do inspection for web traffic (Egress from ~20 TGW attached VPCs).
|
# ¿ Sep 22, 2020 12:28 |