|
sudo rm -rf posted:Hey friends, nat question. Yes, this is definitely do able.
|
# ¿ Jan 28, 2015 22:10 |
|
|
# ¿ May 15, 2024 16:10 |
|
Partycat posted:TAC has had a bunch of excellent engineers available in the last few months, and less Convergys doorknobs. If you get a good one, though, clear your schedule cause they get distracted and dematerialize for weeks at a time if you don't take their calls. The number of cases that come in are staggering, and the range from mundane, to holy poo poo wtf is happening is pretty wide too. I think I one point I was working 100 cases simultaneously. There was another guy on my team that was up around 140.
|
# ¿ Feb 16, 2015 20:53 |
|
adorai posted:I have had one of those "wtf is happening" cases open since JULY of 2014. I have had a few engineers on it, and I can tell they just don't want to take the time to figure it out. It's quite irritating. Can you PM me the case number? Be interested to take a look. I don't work in TAC anymore. I'm also not making excuses for less than stellar service at times.
|
# ¿ Feb 17, 2015 00:30 |
|
Bigass Moth posted:I thought it showed all messages for the level you choose and anything below (ie, you set the log for all level 4 notification, but you also get 5,6,7 since they are "lower"). Have I misread? I think you have your numbering backwards if you are talking about syslog. That said it's about cutting down on noise and volume. Most devices let you reclass specific messages. This greatly lets you reduce the noise.
|
# ¿ Feb 18, 2015 04:39 |
|
Ahdinko posted:I don't know about any of the ones you mentioned since I've never used them, but since you're asking in the Cisco thread, what about two ASA 5512-X's for your main office, and maybe a 5505 or a single 5512-x for your other office? 5506 is shipping now and has SourceFire integrated. There will be a model with a built in AP that can run standalone or lightweight very shortly.
|
# ¿ Feb 24, 2015 22:56 |
|
1000101 posted:You'd still use some /30s for the point to point links. You've only got 4 devices doing l3 in the diagram so even with a full mesh you're not looking at a whole lot of routes in the routing table. If there's more to the topology then you could create a null0 route and put that in the IGP. When packets hit your core your more specific /30 routes will take precedence. If its only ptp use /31
|
# ¿ Mar 9, 2015 17:19 |
|
Moey posted:Any point in using PFS on a site to site VPN if it isn't going over the internet? How paranoid are you? I don't mean this in a derogatory way.
|
# ¿ Mar 13, 2015 01:47 |
|
madsushi posted:RANCID question: Do you guys only have any of the other Nexus switches (9,7,6,5)? Curious if it's product specific or NX issue.
|
# ¿ Mar 19, 2015 23:12 |
|
madsushi posted:We have 7ks and 5ks but have not seen the issue there, although we also don't have the "ip access-group" setting on any of those, if that's the one that floats. One of my customers has several hundred 3ks. They don't use RANCID however they have other similar tools that are used to monitor and correct config drift. I've never heard anything like this, but certainly will ask around.
|
# ¿ Mar 19, 2015 23:57 |
|
Read this: http://www.cisco.com/c/en/us/td/docs/security/asa/asa83/upgrading/migrating.html You were running super old code on that 5505 I gather.
|
# ¿ Jul 15, 2015 18:16 |
|
It really depends on what other things CM data is used for. Peer reviews are common sense, a second set of eyes doesn't hurt when you are talking about changes that are more significant than code upgrades and reconfiguring user ports.
|
# ¿ Jan 22, 2016 07:26 |
|
adorai posted:we use fortigates with bai or whatever they are called today for IDS monitoring. FortiOS is pretty intuitive, and has an excellent gui if that is your thing. FortiOS is far from intuitive. We have hundreds of Fortigates, and after how they've handled the FM login security issue I have no trust in their products.
|
# ¿ Jan 23, 2016 01:12 |
|
|
# ¿ May 15, 2024 16:10 |
|
falz posted:How is this different / worse than other vendors ? Also all firewaslls are the worst. It's not bad once you learn each vendors quirks. From experience with PIX/ASA/FWSM/Fortigate. I have a hell of an easier time with Cisco, but thats largely due to my experience with the platform.
|
# ¿ Jan 27, 2016 21:30 |