20+ years of experience in the IT industry Fulfilled number of roles as Senior Technical consultant with expertise on Networking, Security, Infrastructure, Wireless and VOIP Design, Implement, Configure, Maintenance and Migration.
Flexible and productive team player working in different environments with solid work ethic who experts effort in successfully completing tasks.
Good Knowledge of Implementing and Configuring IP Addressing, TCP/IP, Layer 2/Layer 3, Routing and switching with Networking Routing Protocols.
Designed and Deployed VPN technologies: DMVPN, GET VPN, FlexVPN, MPLS Layer -3 VPNs, Multicast VPN (MVPN), IPsec site-to-site VPNs, L2TPv2/3 remote access VPNs, IPsec remote access VPNs, SSL remote access VPNs, VPLS and MPLS.
Good Experience in configuring and designing network securities such as AAA, TACACS+, RADIUS, SSH, IPsec, ACL, RBACL, Firewalls, NAT, IDS/IPS, NGFW / NGIPS, ISE 1.4 / 2.X and Content Filter (web,email).
Good Experience Virtualization environments like VMware ESXi 5.X, 6.X. vSphere suite, Cisco UCS, AWS EC2, Hyper-V, Citrix and Private / Public Cloud Services.
Good Experience with Firewall and Load Balancer Products like Checkpoint , Palo Alto, ASA / FTD , Fortinet Firewalls, Load Balance products like Citrix NetScaler, Big F5, and KEMP.
Good Experience in Designing and implementing Enterprise Campus Network Core, Distribution, Access Layer network, Using core as Cisco 6500, 6800, 9500, Distribution Cisco 6500, 4500, 9400, Access layer as 2900, 3500,3600, 3700, 3800, 9200, 9300.
Good Experience in Designing and implementing Data Centers using latest network devices and Technologies including 10 Gig Fabric, vPC, vDC, Cisco UCS (5108, B and C series servers, 61XX, 62XX, 2104, 2208), Nexus 1000v, Cisco (VSG), Cisco Nexus 9K/7K/5K/3K, Nexus 2K FEX, Cisco MDS SAN Switches, ASA Cluster with Multi-Context, Juniper VMX, SRX Firewall/Router and EX Series Switches.
Implemented Many PoC and moved to Live network in the area of SDN, Cloud, vXLAN, NSX, Express Route, Splunk, ELK, LogRhythm, InfoBlox, Mail Marshall, MoveIT, Cattools, Solarwinds – NTA, NPM, NCM, Safenet Token, NPAS.
Good skills on Service-Now – Service Ticket Manamgent and Change Managment Process.
Better Understanding of Coding Knwoledge Like, HTML,CSS,PHP,.NET,Perl, Shell, Python,YANG, XML, PowerShell.
Better Underanding of Databases like, MySQL, MSSQL, ORACLE, PGSQL.
20+ years of experience in the IT industry Fulfilled number of roles as Senior Technical consultant with expertise on Networking, Security, Infrastructure, Wireless and VOIP Design, Implement, Configure, Maintenance and Migration.
Flexible and productive team player working in different environments with solid work ethic who experts effort in successfully comp
There are pros and cons if you leave on bundle mode.
Best to read on cisco way :
https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/c/en/us/td/docs/switches/lan/Denali_16-1/ConfigExamples_Technotes/Config_Examples/Misc/qos/m_install_vs_bundle.html.xml
... View more
You need make bundle to install mode ( do it in change/maintanance window).
For reference :
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/3se/system_management/configuration_guide/b_sm_3se_3650_cg/b_sm_3se_3650_cg_chapter_010101.html
... View more
here is some of my tests with windows server - it may be changed in your environment. but you get idea how to configure and easy
http://www.balajibandi.com/2018/02/14/enhanced-vpc-testing/
... View more
Can you give more information.
1. Do you have public Fixed IP address from provider ? or from DHCP ? - if DHCP the IP dynamically changes, so you always need to keep track of that IP for incoming FTP.
2. c onfiguration limited access to an internal ftp server that need to configure One-to-one NAT with the ACL's to allow only the ALLOWED public address to connect.
you can do as below for testing:
Firewall>Access Control, create a rule, with priority 1, source interface WAN, PERMIT SOURCE XX.XX.XX.XX TO DESTINATION YY.YY.YY.YY (Private IP address).
below guide to help to understand.
https://sbkb.cisco.com/CiscoSB/GetArticle.aspx?docid=f6916a7709cb43d38d74bd6ef3e8d0a2_Configure_One_toOne_Network_Address_Translation__NAT__on_RV3.xml
... View more
@Francesco Molino as suggested you can do if you are familiar.
If not please use this guide to access the Console of FP2100
https://www.cisco.com/c/en/us/td/docs/security/firepower/quick_start/fp2100/ftd-fmc-2100-qsg.html
... View more
Looks like this is common problem reported for this model, i have not personally had this device.
But couple of recommendations here is :
1. Contact Cisco TAC soon so they can aware any fix or bug in the code or hardware.
2. Disable SNMP as suggested some time back was fixed the issue.
https://community.cisco.com/t5/cisco-bug-discussions/cscut04694-rv325-router-freezes-and-requires-a-reboot-to-recover/td-p/2677422
Cisco bug :
https://quickview.cloudapps.cisco.com/quickview/bug/CSCut04694 ( but you have latest version - should have fixed this issue).
https://community.cisco.com/t5/small-business-support-documents/sr-638773469-chat-2-rv320-device-freezes-and-stops-working-1-3-2/ta-p/3171688
... View more
I would suggest to connect console cable and see what is in the logs.
If you do not have contract number, call cisco local TAC number with serial number of the device, Sure TAC able to assist you better, if them device covered under smartnet contract.
... View more
This configuration need to be configure in router : ( along with other changes i have suggested on other post).
ip name-server 8.8.8.8 - you start with config (since you confirmed you able to reach 8.8.8.8 from router).
... View more
By buying another WAP problem will be not solved.
better contact local wireless SE / Partner to conduct some site survey to suggest how many AP you required.
Same SSID will work all over your AP's
... View more
You can do ssh as long as the AP has joined the WLC and is currently in the RUN state. You also have to allow ssh from the WLC Wireless Configuration page. If the AP not joined or not joining the WLC, then use console into the AP and look what is wrong ?
WLC SSH config
Wireless - Global Configuration - set login creds
then choose All AP - choose AP - Advanced Tab - enable SSH
... View more
As suggested other post what is the achievement.
as per my understand you can do this way :
Port 1 : switchport trunk allowed vlan 1,2,3,4....
Port 2 : switchport trunk allowed vlan 15,30,32....
Port 1 and 2 configure as port-channel in nexus allow all that vlan mentioned in the port-channel.(you can also use vPC depends in your requirement)
Esxi side you can do same configuration on dVS.
VMWARE docs for your reference :
https://docs.vmware.com/en/VMware-vSphere/6.0/com.vmware.vsphere.networking.doc/GUID-0D1EF5B4-7581-480B-B99D-5714B42CD7A9.html
... View more
Quick Test here :
If ASR acting as DHCP Server
ip dhcp excluded-address 10.0.1.1
Interface Gi0/0/10 <- as per your description this is connected to your 2900 switch.
ip address 10.0.1.1 255.255.255.0
no shutdown
i am in a assumption that 2960 no VLAN config done. so default vlan1.
So PC should get ip address from 10.10.1.2
If this router acting as internet NAT translation, your default route point to ISP.
Test and let me know, also post full config of the switch.
... View more
After your looking your configs and output, your router have connection to internet
Looks like your NAT not working.
Lets have quick test NAT part. and change simple config change.
CHANGE THE CONFIG AS BELOW for testing.
=============================
interface FastEthernet0/0 no ip virtual-reassembly in
ip virtual-reassembly interface FastEthernet0/1 no ip virtual-reassembly in
ip virtual-reassembly also config ip name-server for testing
ip name-server 8.8.8.8 <-- your ISP name server
once config change done.
From router 2811 you should able to ping yahoo.com <-- paste this output in the forum
if that works, ping using source interface using internal interface.
ping yahoo.com source fa 0/0 - now your NAT Translation should work.
If this is working, check from PC also.
if all fails, post full configuration of router and Switch.
... View more