|
Bob Morales posted:
I assume you meant having a second voice vlan with 172.27.31.0 /24 scope and yes, that would work. You aren't limited to one voice vlan per device, just a switchport can only be on one voice vlan. Or expand the current DHCP scope if you only need a few more and you don't need 28 statics on that scope.
|
#
¿
Feb 17, 2020 16:01
|
|
|
|
| # ¿ May 5, 2024 22:08 |
|
|
Bob Morales posted:You don't need a L3 switch in each telco closet on every floor of the building, as long as they each run back to your core stack of switches (that are L3), right? L2 switches are like 1/3rd the price and when you're replacing ~20 of them... Just so you know, if you are planning to replace them with Cisco switches, there is no L2 only license with DNA, which is required for the new 9k Catalysts. (Which will most likely be the model you would buy if you are going new Cisco)
|
|
#
¿
Feb 28, 2020 14:01
|
|
|
GreenNight posted:We're replacing all our C3560X switches with Meraki MS390. My first dip into the Meraki world outside of wifi. I've been really bad about doing any research into the Meraki line but that'll have to change with it being part of the certifications now. My basic understanding is it provides ease of use for people who aren't experts on configurations and has built in visual monitoring tools without needing an application like Solarwinds but at an increased cost for hardware and licensing. Is that about right?
|
|
#
¿
Feb 28, 2020 16:38
|
|
|
Bob Morales posted:
Couldn't you just create a static route that sends all traffic to that cloud service over your primary connection and put an SLA on it that checks for reachability, and create a floating static route with the same information for the secondary connection? Put a delay on the SLA with whatever management has deemed an acceptable tolerance level for downtime so it isn't flipping back and forth every time an ICMP echo fails. edit- or what tortilla_chip recommends, since this solution is going to require a script to detect if the IP ever changes and to change the configuration or be manually configured, otherwise the routes will just be ignored. Edit2- this article suggests you can use an http proxy to do the above with no script required https://packetlife.net/blog/2008/dec/15/ip-sla-monitoring-http-proxy/ Cyks fucked around with this message at 20:52 on Aug 20, 2020 |
|
#
¿
Aug 20, 2020 16:53
|
|
|
Otis Reddit posted:Desktop Support guy here at a medium sized MSP that is a Cisco Meraki shop. Looking to make the jump to sys admin hopefully as part of an in-house IT team. Is the CCNA still a good cert to go for? Since we mostly replace ASAs with MX equipment, the overall vibe at my current company is 'not worth it anymore' -- but MSPs love their own partners and discourage all else. What do you goons think? Protip: if you are still with your company 2 years after moving into a non-desktop support IT role, you are doing it wrong. A competent sys/network admin is worth way more than the 2% yearly raise on a starting salary 99% percent of employers give. My point being when it comes time to look at furthering your career, go with what is in demand. In the networking world, that's still Cisco. (Although yes, networking isn't as hot as cloud/security)
|
|
#
¿
Sep 22, 2020 00:04
|
|
|
Tesseraction posted:Okay, after doing some struggling with my previous post I got a further and think I have a less stupid question: If the issue really is .180/30 subnet can't reach .48/30 subnet then I'm pretty sure you can verify that by just doing "ping x.x.x.181 source x.x.x.50" on the cisco device to see if routing between the two interfaces is blocked for some reason. When you say ACLs, are you talking about on the router interfaces (G0/0/0 and G0/0/1)? Keep in mind it's stateless so you'll need to make sure you are allowing ingress and egress on each interface. Otherwise If your PC can ping .181 but not .50 either your firewall doesn’t know where .180 network is or your router doesnt know about your internal. ISP > Router > Firewall isn't that uncommon but if it's just to go from fiber to copper I'd be more inclined to use a managed switch with a fiber port. Cyks fucked around with this message at 18:02 on May 24, 2022 |
|
#
¿
May 24, 2022 17:54
|
|
|
Tesseraction posted:Yeah, honestly wondering if that would be the better way to go about it with the switch. Does the router know how to get to the LAN subnet that your PC is connected to? When you do a "show ip route x.x.x.x" for your LAN network does the router come back with a path or does it come back with route not in the routing table. edit- though I suppose you'd be running NAT on the firewall. Cyks fucked around with this message at 03:12 on May 25, 2022 |
|
#
¿
May 25, 2022 03:08
|
|
|
Also create a loopback interface on the router for testing to rule out issues with the WAN interface.
|
|
#
¿
May 25, 2022 13:01
|
|
|
Thanks Ants posted:It's monitoring isn't it, not management? You get to see the switch port status, they take part in the topology views and you can see usage, but config and software updates is done manually or through that DNA thing. It's both monitoring and management. From my understanding adding a catalyst switch for just monitoring is free but I haven't seen anything that confirms pricing for management; assuming it uses a typical Meraki licensing per device. Trying to get the people who just let the required DNA licensing lapsed? Although I do agree it makes me wonder why you'd ever order a Meraki product over a catalyst 9200 in the future (assuming both were readily available).
|
|
#
¿
Jun 15, 2022 13:38
|
|
|
Thanks Ants posted:I think it's been confused because Cisco are using Catalyst as the name for their APs now. The announcement on the feature only mentions monitoring of switches, but management of wireless Think the confusion is you can start monitoring your Catalyst switches today, but the configuration option isn't available yet (just being demo'd at Cisco Live). The Meraki youtube channel uploaded a few videos about it yesterday and in this one https://www.youtube.com/watch?v=v21OIRYH200 they specifically show a C9300-converted being configured using the Meraki dashboard.
|
|
#
¿
Jun 15, 2022 18:20
|
|
|
Budget Dracula posted:I have access to plenty of pc’s, iPads, a few MacBooks, but am very short on androids. The cheap (free) and dirty recommendation was going to be running WiFi analyzer in android but there isn’t a iOS/macOS version afaik. Could run an app on windows 11 that’s available from the amazon App Store. Bluestack might work for windows 10 and mac?
|
|
#
¿
Feb 8, 2023 06:03
|
|
|
|
| # ¿ May 5, 2024 22:08 |
|
|
You’ll want to read this. https://documentation.meraki.com/General_Administration/Licensing/Meraki_Licensing Both rhinonetworks and hummingbird networks are good sources for meraki license purchases when you don’t have an account rep with publicly listed prices. Also I hope you have access to the account. If you don’t; Cisco won’t help you and you can’t claim the device without the existing holder releasing them. (Ask me about the $30k worth of Meraki gear under my desk that I have no idea do “manages”). Rough estimate is around $100/year per AP, switch varies but around $120 for that one, and $180 for the cameras each. Most of the expenses for these come from the purchase price. The router is the opposite and most of the costs come from licenses on the smaller models. You’ll want at least the advanced security licenses (not the enterprise) and that’s going to be $400-$600/yr based off commitment. That looks like a lot, but it’s pretty close to what a fortigate with similar licensing and online management will run you. Cyks fucked around with this message at 01:55 on Apr 12, 2024 |
|
#
¿
Apr 11, 2024 23:53
|
|