I have been looking into different NAC solutions. Does anyone have some good suggestions for a good NAC solution? I have heard Packetfence is good but i am not able to install it currently something i wrong with the install any other suggestions?submitted by /u/Jet_1996_
In principle kind of a broad question, but I’ll provide the specific scenario:
I’m designing a topology for a DMZ in our org, and my constraints are that I have to repurpose hardware from a decommissioned site to do so. It’s not too bad, it could be far worse, but my current bottleneck is the router.
The router in question is a Cisco ISR 4430. It notably lacks any 10 gigabit ports, copper or otherwise. On the other end of things I have a handful of Netgear switches that will be separated into two stacks that will converge on the router via seperate interfaces. One is a M4300-12x12F and the other a M4300-28G-POE+. Due to the limitations, I can’t spare any RJ45 connections to uplink these switches to the router, only SFP+ 10 gigabit ports. The only SFP/SFP+ modules I have are Fiber, no copper.
Preferably I want to make it as easy as possible to insert a replacement router down the track that is capable of 10 gigabit, so question is - if I use 10G Fiber SFP+ modules on the switches, and connect to 1G Fiber SFP modules on the router, will link speed auto negotiation occur the same as with RJ45 Ethernet? Or will I need to use a 1G Fiber SFP module in the switches to compensate and replace them with 10G when a better router goes in?submitted by /u/the_it_mojo
Automation plays a critical role in ensuring that SD-WAN connectivity functions optimally. Learn more about this topic from Fortinet.
One of the biggest challenges for organizations adopting SD-WAN is that issues like provisioning, meshed VPN, and the complexities of managing multiple network edges can quickly become more of an IT burden than originally anticipated. For example, workflows such as cloud connectivity or tying security enforcement to specific connections can be time-consuming, especially when they need continuous…
What i am trying to achieve is to load balance 2 50mpbs dsl lines and 1 100mpbs cellular with the edgerouter and then pass the combined lines over to my existing usg 3p. I am trying to achieve high speeds on the cheap without switching systems or product lines (I already have unifi APs, the usg and some small non rack mount switches) Basicaly is it possible to connect my 3 incoming internet lines to the er-x, let it handle the load balancing and then connect the lan port of the er-x to the wan port of the usg? I would also like to be able to do port forwarding on the usg which i am guesing i would need to setup DMZ on the er-x. If this is possible will there be a way to forward a ftp server for example and have it utilize the compined upload speed of all the lines?submitted by /u/SnooCookies5894
I have been asked to change from defaults to the following settings on one of my networks. I was provided the following 4 settings that seem to be from a FortiNet firewall, however I am using a simple Cisco 881 router at this small remote site acting as a firewall.
set tcp-option enable
set tcp-halfopen-timer 100
set tcp-halfclose-timer 100
set tcp-timewait-timer 100
If anyone has any clue if it’s possible to mimic this on a Cisco 881, along with what commands I would need to use and which mode (e.g. global config, interface config etc.) it would be greatly appreciated!submitted by /u/BEST_FOR_BIDNESS
Hey does anyone know of a remote lab service for more advanced service provider equipment? I’m thinking like the NCS 5000, ASR 9900 with 100G ports etc. There are some cases where we need to test certain QOS intricacies or upgrade procedures and need some of this equipment on demand.submitted by /u/notpudding
We are using QinQ a lot in our network, because we are working on multiple sites and between some of these sites we have only a single VLAN. The switches have a management-vlan with qinq stacking enable. The servers are sending single tagged ethernet frames which will be stacked in the outer VLAN on the switch interface. This all works quite well.
But now we need to add another device to our management VLAN that doesn’t support VLAN tagging at all. So luckily our Huawei switches support double tagging of frames. The idea is that the untagged ethernet frames from this device will be tagged first in our management VLAN and then again in the outer VLAN. This works but… It only works from a remote site. The management server on the same site is unable to connect with the untagged device.
vlan 40 management-vlan # interface Vlanif40 ip address 10.0.0.1 255.255.255.0 undo icmp host-unreachable send qinq stacking vlan 1500 # interface GigabitEthernet0/0/1 description uplink-to-remote-site port link-type hybrid qinq vlan-translation enable undo port hybrid vlan 1 port hybrid tagged vlan 40 1500 port vlan-stacking vlan 40 stack-vlan 1500 # interface GigabitEthernet0/0/2 description management-server-tagged-40 port link-type hybrid qinq vlan-translation enable undo port hybrid vlan 1 port hybrid tagged vlan 40 port hybrid untagged vlan 1500 port vlan-stacking vlan 40 stack-vlan 1500 # interface GigabitEthernet0/0/3 description untagged-device port link-type hybrid qinq vlan-translation enable undo port hybrid vlan 1 port hybrid untagged vlan 1500 port vlan-stacking untagged stack-vlan 1500 stack-inner-vlan 40 #
No response from the untagged device when the management server on the same site is trying to connect or send a ping. But the funny thing is that a management server from the remote site is able to get a response. What am I missing here?submitted by /u/MediaSmurf
Computer Network: Apa itu Jaringan Komputer? Sejarah, Tujuan, Fungsi, Cara Kerja, Jenis, Macam serta Kelebihan dan Kekurangannya!
Mengenal Pengertian Computer Network, Apa itu Jaringan Komputer? Sejarah, Tujuan, Fungsi, Cara Kerja, Jenis Tipe, Macam Koneksi serta Kelebihan dan Kekurangannya!
Benar, seperti yang sering Kami singgung sebelumnya, background atau latar belakang kemampuan matematika yang solid itu sangatlah berharga dalam semua bidang ilmu komputer dan teknik lainnya.
Selain kalkulus atau calculus (baca…
To make a long story short, I’m looking for some software suggestions or alternative ideas.
I work at a company where we leverage Ansible for network and server configurations. Those scripts are executed through Ansible Tower. However, our general user base uses an internal website we’ve built using Django/Apache to have custom UIs for every script we have to allow for a wide range of configurations.
Thanks in advance!submitted by /u/fishey9999
How Businesses Can Stay Up-to-Date with the Latest Technology
Nowadays, technology evolves quickly. Progress and advances in technology are growing at a far faster rate than ever before. Intelligent new products are invented and developed continually. It can feel almost impossible to keep up with the latest innovations, as there are just so many of them being announced all of the time.
Generally, all these technological advancements have been great news for…
Hi, Anyone successfully got a Vrrp working between these switches os’s? We’re getting odd issues. Version 2, you can failover the vlan to Aruba fine, but routing goes dead when try to fail back to comware. Version 3, both routers go master! Have a case with tac, but it’s slow going. I suspect it’s going to be a bug.submitted by /u/S0uthw3ll
I have two disparate internet edge sites with different public IP spaces. I have an IP SLA setup so that if one ISP goes down, a default route to the other site will be added to the routing table and traffic will start to egress through the other site. One site is our primary (A), and the other a secondary (B), but are active active. When an internal client wants to reach the internet, they are always going to route out of A unless the IP SLA is triggered and then they will route out of B. Both sites have stateful firewalls between the router with the SLA and the internet.
If we have an outage on A (I.E. ISP has a routing failure), the IP SLA will trigger and routing with fail over to B as expected. Our external DNS is updated to use the B site’s public IPs instead. Now if site A comes back up, and the IP SLA changes the route back to site A, but external DNS is still pointing to site B we are asymmetrically routing where inbound traffic (for example SMTP) comes in through firewall B, but because of the IP SLA routing change the traffic will egress through firewall A. This seems to have mixed results, but sessions like cloud provider sync jobs don’t seem to function while this is the case until the external DNS changes back to site A so that everything is flowing symmetrically.
Is this something inherent of the functionality of a stateful firewall?submitted by /u/aetherpacket
Maybe it’s random, but I was just interested in some feedback from wireless engineers and designers. What do you like about the role? What don’t you like? I’ve done some wireless design and implementation, and it’s a pretty fun specialty that blends traditional networking with science and blue collar work, but it also seems there’s a lot of pushback from customers/users who pull the “well in my wireless network at home” line or are convinced wireless is perfect magic.
Let’s hear some thoughts!submitted by /u/Subnetmask9473
Social Auto Poster – WordPress Plugin
[*]LIVE PREVIEWBUY FOR $39
Social Auto Poster – A perfect choice for auto posting your content to famous social media platforms like Facebook, Twitter, LinkedIn, Tumblr, BufferApp, YouTube, Google My Business, Reddit, Telegram, Medium, WordPress and Pinterest. You can configure your social accounts and post new content as well as repost your old content to keep it alive & reach to maximum…
Der Socialmedia Club
Nur für Selbständige und Unternehmer
-ist der beste Weg, um die Aufmerksamkeit einer großen Gruppe von Menschen zu erhalten
-ist der schnellste Weg, um Interessenten in Ihr System zu bekommen
-ist der günstigste Weg, um bei Google auf die Seite 1 zu landen
Social Media ist die wichtigste Quelle für Ihre Kundengewinnung.
Damit Sie das Richtige tun können und mit Social Media erfolgreich werden, brauchen Sie ein System. Ein System, das die Fähigkeit besitzt Rund-um-die-Uhr automatisiert für Sie zu arbeiten.
Testen Sie den Socialmedia Club 4 Wochen lang für nur einmalig 7,-€ !
Medicare General Hospital Jobs 2021
Medicare General Hospital Jobs 2021
Medicare Cardiac & General Hospital Karachi has announced new and latest jobs for deserving, dedicated, eligible & qualified candidates to fill the following vacant positions mentioned as follows. The following vacant positions are hospital positions. The following vacant positions and jobs are located in Karachi. The gender required to fill the following…
I am on a network with a lot of control plane policing. Is there a quick way I can validate which specific class-map inside of my policy-map that a specific piece of traffic is hitting? I’m sure a problem I’m facing is to do with CoPP, and I won’t be allowed to remove the service policy, so I need a way to validating which line in the policy-map I’m hitting. I was hoping there was some sort of #test policy-map kind of command (you know, like how you would test aaa or test which port on an etherchannel you get load balanced out of), but I don’t see it.submitted by /u/sg4rb0sss
been asked by the CEO of a company i consult for to deploy a wireless solution for a large home. I dont really do home solutions (experience is mostly deploying Meraki and Aruba)
The home is cabled cat5e almost all over. My preference would be to deploy a Google wireless mesh solution (easier for the user to mange)
I know the units can be wireless meshed, but unsure i can do that if they are hard cabled in (one AP per floor).
just want to make sure before i suggest the platform/purchase!submitted by /u/Valkoinen_Kuolema
If you’re a regular reader of our Diaries, you may remember that over the last year and a half, a not insignificant portion of my posts has been devoted to discussing some of the trends in internet-connected systems. We looked at changes in the number of internet-facing machines affected by BlueKeep, SMBGhost, Shitrix and several other vulnerabilities  as well as at the changes in TLS 1.3 support over time and several other areas [6,7]. Today, we’re going to take a look at the tool, that I’ve used to gather data, on which the Diaries were based, from Shodan.io.
Read more @ https://bit.ly/3iTMqfS
via CMNatic’s Bot.
This account is un-monitored. Check below for info.
My owner: CMNatic