|
Ninja Rope posted:Great, more ponies. I know a few banks who did it for the density and performance of their blades, however the IT manager is a huge Cisco nut.
|
#
?
Apr 4, 2013 03:31
|
|
|
|
| # ? May 31, 2024 19:24 |
|
|
Ninja Rope posted:Great, more ponies. yeah like 15 mil worth seems ok
|
|
#
?
Apr 4, 2013 03:35
|
|
|
teh z0rg posted:yeah like 15 mil worth Well it can't be worse than supermicro.
|
|
#
?
Apr 4, 2013 03:56
|
|
|
Ninja Rope posted:Great, more ponies. I work with a VAR that sells UCS 100% of the time they get a demo unit in the door. It's got it's warts but what blade system doesn't? I also have 8 blades and 6 C series servers in my lab that I'm pretty happy with.
|
|
#
?
Apr 4, 2013 05:24
|
|
|
1000101 posted:I work with a VAR that sells UCS 100% of the time they get a demo unit in the door. It's got it's warts but what blade system doesn't? I also have 8 blades and 6 C series servers in my lab that I'm pretty happy with. RAM density per unit is still its core selling point.
|
|
#
?
Apr 4, 2013 06:13
|
|
|
jbusbysack posted:RAM density per unit is still its core selling point. This is exactly why we initially looked at UCS....then we saw the cost.
|
|
#
?
Apr 4, 2013 16:47
|
|
|
routenull0 posted:This is exactly why we initially looked at UCS....then we saw the cost. A VAR should be able to get it under the cost of HP with discounts.
|
|
#
?
Apr 4, 2013 17:53
|
|
|
1000101 posted:A VAR should be able to get it under the cost of HP with discounts. http://buildprice.cisco.com/catalog/ucs/models/b200m3 They're giving 60-70% off list price. Even adding spare/addon parts (such as a second B-Series Chassis) can have the discount applied if your partner/VAR goes through the qualification process.
|
|
#
?
Apr 4, 2013 18:02
|
|
|
Not sure if the promotion is still running but for a time I believe there was something as to, buy 3 UCS C series get the 4th one free!
|
|
#
?
Apr 4, 2013 18:16
|
|
|
1000101 posted:A VAR should be able to get it under the cost of HP with discounts. The other issue was no Infiniband support on UCS. We were looking at UCS to scale for our HPC environment that we do on Dell Blades currently. The big RAM boost was attractive, but wasn't worth the trade-off for loosing QDR Infiniband.
|
|
#
?
Apr 4, 2013 19:37
|
|
|
Whoa infiniband? I haven't heard that in a while.
|
|
#
?
Apr 4, 2013 19:43
|
|
|
Powercrazy posted:Whoa infiniband? I haven't heard that in a while. Yup, when looking into UCS we were moving from DDR(20Gb) Infiniband to QDR(40Gb) due to our workload and requirements.
|
|
#
?
Apr 4, 2013 22:24
|
|
|
I know this isn't the Wireless thread, but does anyone has any experience with Cisco Wireless equipment? I work in hosting and was wondering if it could be feasble to host a Wireless controller for a customer, keep one of those in our datacenter, get a MPLS to the customer and all you had to do was plug in the access points at their various locations. If you where smart about it, maybe you could even share the controller between serveral customers. However I don't have enough experience with Cisco Wireless to know if this can be done, I mean if all the traffic has to go over the controller this would be dumb as hell. Anyone tried anything like this?
|
|
#
?
Apr 5, 2013 09:28
|
|
|
DagPenge posted:I know this isn't the Wireless thread, but does anyone has any experience with Cisco Wireless equipment? I have multiple partners in Norway doing this. There *are* some limitations and restrictions but it is very doable. For one you cannot do AVC (application visibility and control) on the traffic if it does not hit the controller. ior fucked around with this message at 12:31 on Apr 5, 2013 |
|
#
?
Apr 5, 2013 10:31
|
|
|
Cisco goons, we need an Anyconnect VPN solution for a network where multiple individual organizations share the same infrastructure (shared office space). They are split up into VLANs and have their own AD domains etc, there is no shared services between them and it needs to stay that way. To me it looks like there is no problem using an ASA with multiple AAA servers and creating multiple VPN groups that are targeted at the correct subnet with the right DNS servers and no way to escape the correct VLAN. Is there anything I'm missing here? I've done this before with Juniper, their SA appliances will do it, but their licensing is extremely expensive.
|
|
#
?
Apr 5, 2013 15:00
|
|
|
sanchez posted:Cisco goons, we need an Anyconnect VPN solution for a network where multiple individual organizations share the same infrastructure (shared office space). They are split up into VLANs and have their own AD domains etc, there is no shared services between them and it needs to stay that way. To me it looks like there is no problem using an ASA with multiple AAA servers and creating multiple VPN groups that are targeted at the correct subnet with the right DNS servers and no way to escape the correct VLAN. Is there anything I'm missing here? I've done this before with Juniper, their SA appliances will do it, but their licensing is extremely expensive. It'll work so long as there's someone everyone trusts to set it up / run it. Use split tunnels for each separate group. -edit- Oh, and nobody can be running overlapping IP space. -/edit-
|
|
#
?
Apr 5, 2013 15:11
|
|
|
"This is a courtesy notice that we made a scheduled change to the IPv4 addresses for two hosts used for retrieving updates, and upgrade manifest from Cisco.com. This change took place on April 1st, 2013." We got this email this morning. Thanks for the -4 days notice Cisco!
|
|
#
?
Apr 5, 2013 15:17
|
|
|
ragzilla posted:It'll work so long as there's someone everyone trusts to set it up / run it. Use split tunnels for each separate group. Cool. There is, and the subnets are unique, so I think we're set. I just wanted to be sure since it's a bit of a weird case, thanks!
|
|
#
?
Apr 5, 2013 15:44
|
|
|
DagPenge posted:I know this isn't the Wireless thread, but does anyone has any experience with Cisco Wireless equipment? Cisco offers a few wireless controllers made for this specific purpose, mainly the Flex 7500 controller and virtual wireless controller. What you will have to do though is make sure all the APs are configured to be Flex APs (formerly H-REAP) so that the traffic gets locally switched at the sites rather than being tunneled to the controller to enter the network. There's also their Meraki stuff which I don't know anything about but might be related.
|
|
#
?
Apr 5, 2013 16:44
|
|
|
Any 3850 field reports except for the horror stories a while back?
|
|
#
?
Apr 5, 2013 16:50
|
|
|
sanchez posted:Cisco goons, we need an Anyconnect VPN solution for a network where multiple individual organizations share the same infrastructure (shared office space). They are split up into VLANs and have their own AD domains etc, there is no shared services between them and it needs to stay that way. To me it looks like there is no problem using an ASA with multiple AAA servers and creating multiple VPN groups that are targeted at the correct subnet with the right DNS servers and no way to escape the correct VLAN. Is there anything I'm missing here? I've done this before with Juniper, their SA appliances will do it, but their licensing is extremely expensive. Just chiming in that you should eyeball Juniper sslvpn sa/mag boxes if you didn't already buy the hardware. They do fun stuff and don't necessarily need the user to launch a client.
|
|
#
?
Apr 5, 2013 17:55
|
|
|
I have a fairly basic question, but could use some help. I am currently working to design a network topology to connect two structures wirelessly using wireless Ethernet radios. Radios are the only option as there is no existing infrastructure between the locations. I’m fairly new to design, but have some experience configuring switches and routers from the CLI. Basically we’ll have two /24 networks connected via two Cisco ASA 5510 firewalls. The network ID for Location A is 172.17.1.0/24 and the network ID for Location B is 172.17.2.0/24 The firewalls will serve as the gateway devices for both networks, and the Ethernet radios will connect directly to the firewalls. Devices in Location A will need to communicate with devices in Location b, and vice versa. Since the radios will be directly connected to the firewalls, I THINK I’ll need to assign local IP addresses to the interfaces that the radios connect to. So, the interface on the ASAs for the radios will be assigned .2 addresses from their respective networks. Each radio will also need an IP address from their respective networks, so I’m thinking I’ll assign .3 to each radio. From there, it gets a little fuzzy…I’ll want to enable some type of dynamic routing protocol (I’m thinking OSPFv3), but I’m not sure exactly how to set that up on the ASAs. Also, I’m not sure if I should use something else besides OSPF. Does this IP design sound right? I know I'll need to configure firewall rules as well, but I want to make sure I have the basics down first.
|
|
#
?
Apr 5, 2013 19:07
|
|
|
If you only have two sites, there is no need for anything other than a static route pointing to the radio interface for the other network. And it's also possibly that the Radios can be nothing more than transparent switches so you could create a transit network that both ASA's are members of. Site A 172.17.1.0/24 Site B 172.17.2.0/24 Transit Network 192.168.255.0/29 The outside interface of the Site A ASA: 192.168.255.1 The site A Radio: 192.168.255.2 The outside interface of the Site B ASA: 192.168.255.4 The site B Radio: 192.168.255.3 ASA A has a static route: 172.17.2.0/24 -> 192.168.255.4 ASA B has a static route: 172.17.1.0/24 -> 192.168.255.1 Assuming the Radio interfaces pass broadcast traffic etc, the two ASAs will see the radios as nothing but a wire, so it would be like the two ASA's are directly connected. The only reason for the Radio IP addresses would be management, you would probably want to create a Site to Site VPN however so you can encrypt the traffic passing over the air.
|
|
#
?
Apr 5, 2013 20:38
|
|
|
falz posted:Just chiming in that you should eyeball Juniper sslvpn sa/mag boxes if you didn't already buy the hardware. They do fun stuff and don't necessarily need the user to launch a client. Yeah they really own.
|
|
#
?
Apr 6, 2013 00:51
|
|
|
Powercrazy posted:If you only have two sites, there is no need for anything other than a static route pointing to the radio interface for the other network. Thanks! I like the idea of a transit network to connect the ASAs, so I'll probably go that route. Also, one of the features of the radios is that the transmission is AES 128 bit encrypted, so I should be good there. Thanks again.
|
|
#
?
Apr 6, 2013 01:36
|
|
|
Speaking of H-REAP/FlexConnect, does anyone have a problem where the remote APs will occasionally get the local controller's VLAN number for an SSID in their VLAN mappings? This is a problem that occurs maybe once every three months and has persisted through three version upgrades. I'm attacking it by running a weekly scheduled task on Prime to apply a template to the remote APs, but I'm wondering if it's a bug that's fixed after 7.0 somewhere. I'm pinned right now because of 4400 WLCs in my deployment.
|
|
#
?
Apr 7, 2013 15:38
|
|
|
bort posted:Speaking of H-REAP/FlexConnect, does anyone have a problem where the remote APs will occasionally get the local controller's VLAN number for an SSID in their VLAN mappings? This is a problem that occurs maybe once every three months and has persisted through three version upgrades. I'm attacking it by running a weekly scheduled task on Prime to apply a template to the remote APs, but I'm wondering if it's a bug that's fixed after 7.0 somewhere. I'm pinned right now because of 4400 WLCs in my deployment. Do you have multiple controllers? Are the flexconnect SSIDs configured exactly the same on all controllers (even the WLAN ID number)?
|
|
#
?
Apr 7, 2013 16:30
|
|
|
chestnut santabag posted:Cisco offers a few wireless controllers made for this specific purpose, mainly the Flex 7500 controller and virtual wireless controller. Thanks I'll look into it, seems pretty cool though and hopefully my boss won't think it's too expensive.
|
|
#
?
Apr 8, 2013 09:37
|
|
|
bort posted:Speaking of H-REAP/FlexConnect, does anyone have a problem where the remote APs will occasionally get the local controller's VLAN number for an SSID in their VLAN mappings? This is a problem that occurs maybe once every three months and has persisted through three version upgrades. I'm attacking it by running a weekly scheduled task on Prime to apply a template to the remote APs, but I'm wondering if it's a bug that's fixed after 7.0 somewhere. I'm pinned right now because of 4400 WLCs in my deployment. We have about 40 or so APs on FlexConnect, but haven't had this happen.
|
|
#
?
Apr 8, 2013 14:36
|
|
|
Frozen-Solid posted:"This is a courtesy notice that we made a scheduled change to the IPv4 addresses for two hosts used for retrieving updates, and upgrade manifest from Cisco.com. This change took place on April 1st, 2013." Just got to the thread. 'Sup Ironport buddy?  Did your manager freak out about the notifications regarding the inability to contact update servers and call you at home as well?
|
|
#
?
Apr 8, 2013 17:38
|
|
|
ior posted:Do you have multiple controllers? Are the flexconnect SSIDs configured exactly the same on all controllers (even the WLAN ID number)?
|
|
#
?
Apr 8, 2013 18:08
|
|
|
Couldn't get Bonjour or Avahi to work. So I grabbed a Netgear from Walmart, plugged it up, plugged that Lantronix POS into it, got it to find the Xerox, install the drivers and the iPad connected to the wifi aaaaaand nope. Still didn't work. Punting it back to PC support cause I ain't fooling with it any more.
|
|
#
?
Apr 8, 2013 20:10
|
|
|
It has been 5 months since my CCNA and I've already forgotten everything... I have a 2950T and I cannot get the Gigabit ports to activate. No lights or any response in ios when cables are plugged in. I swear they worked the last time I use this thing, and the other 24 ports work  .show post just says passed. The config is bare... how else can I poke at this thing? edit: when it is booting/post, the GE port lights turn on and off in unison with the other 24 FE lights. edit edit: It seems my ancient ios does not support auto mdx. lol.. ...but the other end does so that shouldn't matter and it still doesn't work. The ports work if I plug them straight into my laptop, but not when plugged into a mikrotik switch :/ other people fucked around with this message at 13:57 on Apr 9, 2013 |
|
#
?
Apr 9, 2013 13:12
|
|
Associate Christ
|
Kaluza-Klein posted:It has been 5 months since my CCNA and I've already forgotten everything... Have you actually tried a X-over cable to see if the issue is on the Mikrotik side? You can always "default interface gix/y" to make sure the port config is actually cleared as well. What IOS is running?
|
|
#
?
Apr 9, 2013 15:13
|
|
|
routenull0 posted:Have you actually tried a X-over cable to see if the issue is on the Mikrotik side? Also if trying to use a crossover cable with gigabit, you may need a crossover cable where all four pairs are swapped (instead of a 10/100 crossover where only two pairs are swapped.)
|
|
#
?
Apr 9, 2013 16:19
|
|
|
Isn't auto-MDIX a requirement for Gig ports to work? Otherwise yeah, try using a crossover cable - preferably a Gigabit crossover where all the pairs are swapped rather than just the 2nd and 3rd pairs.
|
|
#
?
Apr 9, 2013 16:21
|
|
|
chestnut santabag posted:Isn't auto-MDIX a requirement for Gig ports to work? Auto-MDIX is in the Gigabit standard, but he is saying his IOS version does not support it, which would mean he probably has to use a X-Over built for it. I'm not sure if Auto-MDIX is required on both side for it to function properly as I haven't used anything that old in awhile.
|
|
#
?
Apr 9, 2013 16:30
|
|
|
I made both a regular cross over and gigabit crossover where all pairs are crossed. Neither made any difference. It occurs to me that none of that matters, as auto-mdix only has be active on one side of the link, as far as my reading indicates. Perhaps I am reading this wrong, but http://www.cisco.com/en/US/prod/collateral/iosswrel/ps8802/ps6948/ps5013/ps5538/prod_bulletin09186a00801f4bc0.html indicates to me that any ios version before that would not include auto-mdix, right? This device has 12.1(9) or something like that. I am not in a position to check right now. I will have to play with it again after work.
|
|
#
?
Apr 9, 2013 16:59
|
|
|
Bluecobra posted:This requires Expect: What's your PayPal address? I had to tweak it a bit, but I just used this to backup all our configs.
|
|
#
?
Apr 9, 2013 17:58
|
|
|
|
| # ? May 31, 2024 19:24 |
|
|
routenull0 posted:Auto-MDIX is in the Gigabit standard, but he is saying his IOS version does not support it, which would mean he probably has to use a X-Over built for it. I'm not sure if Auto-MDIX is required on both side for it to function properly as I haven't used anything that old in awhile. There's also the problem of "standards" and "cisco"... Kaluza-Klein posted:I made both a regular cross over and gigabit crossover where all pairs are crossed. Neither made any difference. Try setting both port speeds to 100mbit full and see if the mikrotik connects that way.
|
|
#
?
Apr 9, 2013 18:23
|
|