This seems to differ form person to person, but where does the firewall go? What's the difference between:
1. ISP > Firewall > Router > Layer 3 switch > access switch
2. ISP > Router > Firewall > Layer 3 switch > access switch
I've read it can be an issue with connecting the ISP directly to the firewall?
When people say ISP, are they referring to an ISP router? or just an address given from the ISP which can be assigned to the Firewall interface?
I'm in the process of rebuilding a domain controller that failed when one of its RAID-0 disks (yes really, don't ask, I have no idea) failed and I'm scratching my head at why this box is now unable to connect to our network. It's a PowerEdge R320 with two (2) each of Broadcom BCM5720 and Intel I350-t network interfaces - Broadcoms are onboard, Intels are in an addon slot. The first of each pair of interfaces is connected to one of three Cisco Catalyst 3750-x switches (Broadcom 1 goes to port 34 on switch 2, Intel 1 goes to port 34 on switch 3, nothing goes to switch 1).
I'm using the same static IP settings as before the rebuild and no physical connections have changed, but attempts to ping out to 8.8.8.8 and other addresses invariably fail. Additionally, configuring the network interfaces to DHCP fails to get a lease and ends up with a...
I am figuring out capsman, and have managed to get the 2x local wlan cards on my hap ac2 to play along, as well as a hap lite configured in CAP mode. I require some quidance on the wireless profiles though, there is a lot of information on 2.4ghz wifi but not so much on 5ghz. I do notice that wifi throughput on speedtests aren't getting to the full 10/100mbps fibre line capacity since putting in the capsman setup.
any idea?
I have a VPN configure between Site A and B
A is my Site where i have an ASA 1120 Firewall. Communication between sites are working properly.
My only issue is that at site B they want to see the internal IPs of 2 Terminal server and not the external Natted IP.
is it possible to only disable the natting for 2 IPs?
Hi All,
Fist things first I have little networking knowledge.
The question I have, is csma/cd old technology?
Is there a more efficient way to transport data across the wire.
Which is the best addressing scheme? Left or Right
Hi, dangerous novice here lol... So, my wireless controller went bad and my AP's are no longer working. Ordered new Netgear wc7600 but it's IP address is 192.168.0.250. My network is 192.168.1.--- and therefore I can not access the admin page to set it up. Can someone please describe in rudimentary terms, how do I change my laptop's ip so I can access it???
(feeling dumb)
Ella
Has anyone setup monitoring for Aruba 2930F switches in PRTG or any other monitoring?
Ideally be good to see status of the switches but also port details if possible.
I have a design building which is made up of product design employees and electrical design employees. Currently there is a VOIP VLAN on the switches.
Hi.
General working case:
Laptop connects to SSID1, assigned vlan 30 for this preauth area. User auths accounts, Clearpass checks auth, assigns user role. Clearpass user role sent to Airwave, Airwave assigns vlan for user role(vlan 10 in this example), Switch has vlan 10, sends dhcp relay to dhcp server. Laptop assigned IP from vlan 10, everyone is happy.
Current issue occurs randomly, in a conference room of 12 people, 2 people had this issue. Laptop has vlan 30(preauth), user auths, clearpass OK, Airwave assigns vlan 10, Switch sees vlan 10. Laptop ipconfig/all still in vlan 30.
Check mac-address on switch. Switch says mac is assigned vlan 10. Check arp on switch. NO IP.
Check WAP, WAP debug shows client reaching vlan 10's gateway on correct dhcp...
Interesting situation here,
In our network we have two domain controllers, recently our back up domain had a hardware issue and went offline on Tuesday. Since then we have roughly 7 workstations that will lose internet access, not local network access, until we reboot them. Once they are rebooted they work again for 1-4 hours then sure enough they lose internet access again. The workstations can ping the internet (google,yahoo,etc) but are unable to establish connection to a website from a browser. Also - our hosted Office 365 connected outlook disconnects as well. The rest of our office which is about a total of 150 users have no problems.
I was going to remove the back up domain controller once it failed anyway but I didnt predict it would effect anything since the primary is running and dcdiag shows it is in control of everything...
Noob question.. I'm slightly confused how ip addresses work regarding vlans and wifi.
So, I've dedicated a /22 for all wireless devices, I have a guest vlan and an employee vlan. The guest vlan is /25 and employee is /23. Each VLAN will connect to an AP using it's own SSID. Now this is where I'm confused, if a guest wanted wifi access, what ip address is actually given to them because I've said /22 for wireless devices but the guest vlan is a /23?
One of my customers is unable to get to get to a single website from behind a Comcast cable modem. I can't get to it from my laptop when plugged directly into the modem. The last hop of the tracert before timing out reads:
(Domain)-LL.ear1.Atlanta2.Level3.net [IP Address]
I didn't include the domain or IP because I wasn't sure about the protocol on that, but I can give it if needed.
I can get to the site from anywhere else. The company (domain owner) is not receiving any other complaints. It's gone to Comcast's level 2 support four times. Each time, Comcast gives me a reason to contact the domain owner. The last time, Comcast told me that Level3's backbone team would need to be contacted and that they couldn't do it because unlike AT&T or Verizon, Comcast isn't considered a utility, so they can't contact Level3 directly.
I contacted...
Hey All!
I have a older Fortigate 60C running v4.0 that I am messing around with and am having an issue. In my setup I have my ISP connected to the FW in WAN1, INT 1 on the LAN goes to a ptp system to get the network to my house. At my house I have a single UBNT AC Pro AP. With a default config loaded I can not access the internet. My radio's and AP can phone home to their controlling server without issue, I can remotely access the Fortigate from a different site and from the CLI in the fortigate I can ping via ip or FQDN. DHCP is on the FW and is providing the proper settings. I have looked in the traffic log and have a ton of Deny's that say Denied by forward policy check. From what I can tell that means there is no policy matching the traffic. If I go to my policies I have a Policy that allows internal to any with source and...
I am sure someone has run into this but I have pulled my hair out trying to figure out why.
Every user on my network gets disconnected exactly after 8 hours of being connected to the VPN. So I know it is a setting someplace. However, I inherited this issue and can't find where it is.
Users connect to a Watchguard M200 via a L2TP tunnel. Watchguard is set to authenticate to Radius and NPS.
1. Checked the NPS settings and can't see anything their that would be limiting anything.
2. Checked the Watchguard Policy and again nothing is jumping at me in regards to limits.
3. Checked the AD group NPS is using for authentication...can't see anything.
Any suggestions...???
Thinking of setting up a new VPN Users Group in AD and add it to NPS to see if something is stuck with the existing group. Maybe a reg setting the previous admin set on the server?...
Good day Spiceheads
Looking for a neat small network pinging tool, I regularly have to login to change registry keys / network folder security settings on a large amount of machines.
The tasks I have to perform varies per machine so no scripts and no Group Policies, the issue I have is the machines I have to login regularly goes on and off (Notebooks mostly and night shift employees).
I want a small pinging tool I can feed with roughly 100 machines names / IP's, in a .csv file or copy directly into and notify me when one of those machine comes online (pop-up).
We have network monitoring software but adding a node takes long, so this purely for convenience, have you come across any neat ICMP pinging tools that does the trick? Or any neat monitoring tools in general?
Thanks in advance.
M
Hello everyone!
To give you a better idea on what I am trying to do and my hardware I am working with, here it is.
I already have a pretty secure network behind a hardware firewall that my normal users access and use everyday. I have been tasked to set up another network within our network for a more secure area for our Devops Program. What I am trying to do is use remote desktop (or some other recommended program) to access this more secure network. Normal users will not be able to access this network unless they go through the remote desktop app. I am also trying to prevent the ex-filtration of information from this network, that way network admins are the only ones able to transfer information to and from.
I currently have 20 users and have 4 main virtual servers (Win/Linux) running off VMware, each user has their own laptop and most...
I recently took on a project this year where we moved oof of 5 lower cost PoE DVR's to one system running Milestone software.
I still have two cameras on an Amcrest DVR that are located in another building on our campus. It is about 400 feet away. But the network from the main building/switches to this one is provided through underground fiber and it isn't easy to cable additionally without professional help.
So, I am looking for ways to get the PoE cameras from data from that secondary building back to my server room. It is on a private 192. network for the camera data only. So here are my ideas / questions:
Although some may be finding their selves back in the office, there's still a great deal of people who are remote working. Maybe you're one of them! According to one survey, one in three of those surveyed wanted to remain working from home after COVID restrictions ended. So, with more remote workers wishing to remain at home, that begs the question... Do they have the equipment they need?
When your users transitioned to remote users and did more work from home, in order to supply their needs, did you find yourself purchasing more home networking equipment like routers, switches, extenders, etc.? If not currently or in the past, in the future, do you suspect you'll be facilitating more home networking equipment to your users?
