@Fredtx said in Cisco Access Point Install Help (AIR-AP18321-B-K9):

Appreciate everyone's help. I may be posting more often, because I'm getting exposed to a lot of technology I'm not familiar with. LOL

Awesome

@Dashrender said in Cisco ASA:

@Jimmy9008 said in Cisco ASA:

A and B can also RDP/ping devices sitting on C.

If this is true, it's just a matter of rules/route allowing C back to A/B or a route specifically for C -> A/B.

172.16.0.0 vlan… switch IP = 172.16.0.1, ASA = N/A, gateway on the vlan is 172.16.0.1 (the switch)

this is legacy. What appears to happen is that the switch has 0.0.0.0 set to 192.168.50.10 (the ASA) on a vlan2. So, traffic from 172.16.0.0 hits the switch IP at 172.16.0.1, then hope out 0.0.0.0
^ I think its this that's causing the issue.

This should be fine, this is what allows the C network to get to the internet

so, when on the 172.16.0.0 network, the request goes to the switch's IP (172.16.0.1) which forwards it to 192.168.50.10 (the ASA), The ASA then doesn't have a rule allowing traffic from 172.16.0.0 to talk to 10.x, so it just dumps the traffic.

At least that's what it looks like to me at this time.

“C” network really?

@gjacobse said in Designing for tech startup: Network, AD, Backup etc:

@DustinB3403 said in Designing for tech startup: Network, AD, Backup etc:

I suppose you could use Storage Spaces Direct (all windows across the entire thing) but I wouldn't consider SSD at all mature nor production ready, especially at this scale.

Thanks, had not heard of this.

DataOn solutions fully support this and vice versa. They are experienced with this kind of scale and much larger.

@scottalanmiller said in ISP Failover with Cisco ASA:

That's mostly true. But Cisco considers it real Cisco and it shows their view of themselves. And that, I always think, is important. Cisco doesn't seem themselves as an enterprise player. And I've been in sales meetings with Cisco and that definitely comes through when talking to them.

That's not what I got from my sales conversations with them. They were very explicit about real Cisco and the lesser sub-brands.

Having been at two huge banks that were burned by being willing to use UCS, Cisco and enterprise are two words I never put together. From networking to phones to servers, Cisco is consistently overpriced and underperforming.

I absolutely loved UCS, even wrote the original oVirt/RHV plugin for the VMFEX cards. They were ahead of their time with those boxes, but the cloud pretty much killed everything really cool and advanced about HW

More remote code vulnerabilities. Haven't had time to look at what product(s) yet.
https://tools.cisco.com/security/center/publicationListing.x

@jaredbusch said in Small Restaurant Network Redesign:

@scottalanmiller said in Small Restaurant Network Redesign:

Also worth noting, there are some problematic switches at each site. Again, because the VAR was clearly trying to add complexity to up the support bill, and I'm having them put in simple, low cost, unmanaged Netgears to make this really simple and reliable.

I detest NetGear switches. They generally work, but everytime I try to use one for something even half specific, they puke.

Sites this small can use the EdgeSwitch 8
https://www.ubnt.com/edgemax/edgeswitch-8-150w/

And it will report into UNMS along with the routers.

Plus it's actually a switch, hardware- and software-wise. Not a breadbox which jumps over the table because you "accidentally" attached a cable to it. (yeah, I know, some NetGears also feature a metal case but it's not the same).

@scottalanmiller said in Cisco: we're not competent.:

https://arstechnica.com/information-technology/2018/02/that-mega-vulnerability-cisco-dropped-is-now-under-exploit/

They can own all the ASAs!

@travisdh1 mmmmmmmmm....... piiiiiiiiie switches......

0_1517347038052_homer_simpson_drooling_by_dondrug-d6h081a.jpg

Done

For the Dell X Series look at it below:
https://www.dell.com/support/article/us/en/19/how10377/how-to-enable-rapid-spanning-tree--rstp--on-d...

Someone on Spiceworks who had recently downloaded the firmware was able to send it to me (wipes sweaty brow) just so folks who read this will know. I appreciate the help.

And yes, @scottalanmiller , this kind of thing is all too common these days. I don't like it, but it doesn't change the situation at hand I'm afraid.

I remember sitting with a Broadcloud rep 18 months ago and they were worried about how SFB on Office 365 would affect their business. Still find it amusing that we took it as a serious threat.

I still have a lot of hope for FusionPBX and some other open source products as well.

@scottalanmiller said in Anyone with Cisco download access (firmware) can help me ?:

I replaced a Cisco a few weeks ago because we could get a Ubiquiti that was new faster, delivered to the site, than we could get a cable to hook into the Cisco. Saved both time and money and got them better quality gear. Pure win. Cisco's "deal with our BS" overhead is very high and a huge factor on their TCO.

Their optics division makes 2 Billion a year I hear. 3rd party optics are made by the same people so I never blinked at using them and duck taping some spares to the side of the chassis.

The esp-group encryption also, but it at least still does MD5 hash.

jbusch@jared# set vpn ipsec esp-group Test proposal 1 encryption 3des aes128 aes128gcm128 aes256 aes256gcm128 [edit] jbusch@jared# set vpn ipsec esp-group Test proposal 1 hash md5 sha1 sha256 sha384 sha512 [edit]

@jaredbusch said in Comparing Ubiquiti EdgeRouter and Cisco ASA PPS Performance and Cost:

@nashbrydges said in Comparing Ubiquiti EdgeRouter and Cisco ASA PPS Performance and Cost:

@jaredbusch said in Comparing Ubiquiti EdgeRouter and Cisco ASA PPS Performance and Cost:

@nashbrydges said in Comparing Ubiquiti EdgeRouter and Cisco ASA PPS Performance and Cost:

@brandon220 said in Comparing Ubiquiti EdgeRouter and Cisco ASA PPS Performance and Cost:

I've been using an ERL at home for a while and have them deployed at several business. Zero complaints and I recommend them all the time.

I wish I could use it at home. I'm on Bell Canada ftth and they use a different vlan for iptv and internet. All of the online guides I've seen haven't been able to get me to use my ERL and Bell won't give up which VLANs they use.

No one hasd figured this information out yet?

Sadly not yet, at least not that my Google-fu has allowed me to find.

I am a bit amazed because it should only take a mirrored switch port and wireshark to find VLAN tags.

This was my thinking as I was reading the posts. This is /should be pretty easy to figure out.

@dustinb3403 said in Hardware differences - what makes one less than enterprise:

@scottalanmiller said in Hardware differences - what makes one less than enterprise:

@dustinb3403 said in Hardware differences - what makes one less than enterprise:

@scottalanmiller said in Hardware differences - what makes one less than enterprise:

@jaredbusch said in Hardware differences - what makes one less than enterprise:

@scottalanmiller said in Hardware differences - what makes one less than enterprise:

@jaredbusch said in Hardware differences - what makes one less than enterprise:

@scottalanmiller said in [Hardware differences - what makes one less than enterprise]

The software. The hardware is about equal, sort of.

But a $95 Ubiquiti is faster than a $3,000 CIsco. So the hardware still matters. Cisco at $3,000 is "Maybe able to handle your house."

Prove this.

Don't bullshit or theorize. Prove it. Get a unit and run tests or stopping stating it like a fact and predicate these statements with "in my opinion" and such.

Granted I'll never buy Cisco in the SMB when Ubiquiti exists for the cost and performance that it currently exists with.

But none of that invalidates the quality or functionality of Cisco hardware and software.

Cost has nothing to do with that.

I'm not the one making the claim, it's based off of measured PPS between the two.

You are the one always making the claim and have never linked to source material to back up your claims.

I've never made the claim. I've repeated Ubiquiti's performance measurements. It's nothing to do with me. I just remember the number and repeat it as it is a critical guideline for understanding where Ubiquiti falls within the Cisco product range. When people are talking $10K Ciscos, we can't talk Ubiquiti, it just doesn't make sense. But at $3K and below, I've never had anyone come up with any value proposition to Cisco gear considering that Ubiquiti is measured at better throughput until that price point. Granted, Ubiquiti did the study, but Cisco has not disputed it or claimed any other performance of which I am aware.

If you're repeating it, find the source and post a link, FFS. I want to believe a lot of what you say, but I agree with @jaredbusch here. It comes out like another scott-ism.

It only sounds that way because you think I don't have sources for all of my stuff.

You can always go look up Cisco performance, too, and see what it is.

But you're the person spouting something off as a fact, so provide the source!

This is correct, it is not our job to do research when you are the one claiming a fact. It is the reader's job to verify, but the reader cannot do that without the initial facts.

Yes, I know you already answered. Just closing my part of the conversation.

@whoolly said in Switchvox phone issues:

Vendor insisted he has never had any VOIP issues with Sonicwall and didn't want to budge on that.

Even while it doesn't work. So you know that he'll say this to other customers now, even after this one. Chances are, he's had problems at all customers. SonicWall is culprit #1 for VoIP issues. I mean that literally. I get a call that someone has VoIP audio issues, my first question is always "Do you have a SonicWall?" Nine times out of ten, the answer is yes and nine times out of those ten, the SW was the issue. It's nearly a sure bet with audio issues.

Had you led this question purely with "I have these audio issues..." we'd have said "I bet you have a SonicWall."