Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - LynK

#1
Routing and Switching / Re: Moving to IPv6
January 25, 2021, 07:45:46 AM
Wow... thanks for the info ristau & otanx. I was building out my transports with /127's. The more you know.


We are unfortunately being pushed to IPv6. I recently moved to a new company with has been using provider owned IPs since the dawn of man. Obviously getting multiple /24's from ARIN is near impossible right now, but there is a plethora of IPv6. They currently use two full /24's, so we would need atleast 3 /24's to make it work, and I do not see us getting those additional two /24s any time soon.

So we are kind of being pushed to move IPv6 because we were given a /32.

We will be doing /64 networks, like you had mentioned, for all of our internal infrastructure. The good news (I guess) is we have a lot of silo'd (DMZs) so it should make the transition for those smooth (in theory).

Thanks for the info, the recommendations of the books, and the wisdom. Is appreciated.
#2
Routing and Switching / Moving to IPv6
January 21, 2021, 02:07:43 PM
Hey guys/gals!

I hope you are all doing well. We are going to be dual-stacking our ISPs soon and starting the migration to IPv6! Do you have any good design guides/books you recommend? Also, for those of you who deployed IPv6 Did you use ULA or GUA addresses for your internal network? I do not see why we would not just use our GUA addresses and let the firewall control what can talk to them.

#3
Forum Lobby / Cloud networking books
July 07, 2020, 08:18:24 AM
hey guys,

I hope you are all doing well. I am possibly moving to a new role which involves a SaaS company with a heavy investment in the cloud. so my role will b e 50/50 on prem and cloud. Which books/resources do you recommend for AWS and azure networking?

thanks!
#4
Forum Lobby / Re: networking-forum.com is dead
June 04, 2020, 09:20:59 AM
at least most of us are still alive.
#5
the real question is how long they keep this open for? This really hurts their locations with pearsonvue. I hope they keep online an option. I hate going to testing centers.
#6
Forum Lobby / anyone taken CCNP Enterprise yet?
April 23, 2020, 09:48:10 AM
Hey guys!

I hope you are all doing well. 2020 has been a crazy year for sure thus far.

Do any of you know someone who has taken the CCNP enterprise yet? What were their thoughts on the exam? Difficulty? Time taken to prepare? Materials used?

#7
Forum Lobby / Re: What is my public IP
March 17, 2020, 08:44:02 AM
#8
We have been using mxtoolbox, and it has helped, and yes it is primarily email (and a few sonicwall devices our customers use, geo-ip blocking "unknown" countries).

Luckily we are also having problems emailing symantec support. Their support team can only work cases that their customers present to them. Well... if I cannot email their support maybe symantec themselves can escalate the issue.
#9
Otanx,

Thank you, we appreciate it. This is unfortunately very big issue as we have banking institutions that use symantec message labs, and we are stuck hoping their internal resources can contact IT, and provide assistance.

-Will
#10
Hey guys,

We have moved over to our new ARIN addresses, and AS#. We are running into issues with various companies blocking us due to Geo-IP, signature systems, or heuristic detection blocking. This is an issue specifically with symantec message labs, as we have critical people we contact through them.

Is there a way that you know to work around this? ARIN does not offer any geo-ip services, and I know it is on the customers end, but do you know of anything else we can do. One of our problems for example is with chase bank. The only way symantec will fix the issue is if chase calls them. yeah... good luck.
#11
Otanx,

Dont scare me. Im sure it is 3 years from the first exam taken to pass all 3. So I have till February. I have reached out to my cisco SE for verification


Guys,

Can you give me details in books you used? I also have INE videos too.
#12
Hey guys.

Took my NP Route back in '17 and never finished the switch + tshoot. I want to get them done so I can get NP before feburary.

Right now I have 2 vouchers through global knowledge and the video course through them. What other books/crap should I buy for the switch, and what else should I get for the tshoot?
#13
Wireless / Re: Hello Wireless, Meet NAC
September 25, 2019, 02:34:29 PM
Quote from: SimonV on September 25, 2019, 09:56:04 AM
Quote from: LynK on September 25, 2019, 09:33:05 AMCurrently we have a PEAP based auth, and I cannot get the two MACs to connect to save my life. Even if I try to use profile creator or apple configurator, they will not connect. So I have then tried to go with a eap-tls based wireless to see if the MACs will connect, and nothing is working, neither MAC or windows on the test SSID.  :wall: :wall: :wall: :wall: :wall:

What's your RADIUS server, is it NPS? Is the certificate AD-signed? Do your MACs have your AD CA and intermediates in their list of Trusted Root CA and Intermediate CA?

Microsoft NPS, Public signed through digicert, yes the MAC do have the servers bundled cert (server, inter, and root) installed and trusted. Macs are running the latest mojave.


Sent from my iPhone using Tapatalk
#14
Wireless / Re: Hello Wireless, Meet NAC
September 25, 2019, 09:33:05 AM
Right now I am having a heck of a time with this exact issue. We use microsoft NPS for our radius server, and I am getting more and more frustrated with it, which is causing me to learn to use either freeradius or our forescout solution.

Currently we have a PEAP based auth, and I cannot get the two MACs to connect to save my life. Even if I try to use profile creator or apple configurator, they will not connect. So I have then tried to go with a eap-tls based wireless to see if the MACs will connect, and nothing is working, neither MAC or windows on the test SSID.  :wall: :wall: :wall: :wall: :wall:
#15
I have to do my switch, and tshoot exam. We went through global knowledge. They have updated their interface to HTML5. It isnt too bad.