Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello We are setting up a new SIEM and one of the requirements is to track accounting information, such as users logging in to the devices and making configuration changes. On the Cisco N9Ks, the output of the "show accounting log" is what we need to...
Hello We're migrating off our legacy 3750 core and need to get an idea of current throughput so we can size our new devices correctly. What's a simple way to see overall throughput without having to set up external monitoring? Thanks
Hello We have 2 data centers with Direct Connects to AWS running BGP. The US DC advertises it's private /19 range and the CA DC advertises a /12, the problem is that the /19 falls within the range of the /12. Is there a way to prevent the CA DC from ...
Hello We are in the process of migrating off our old 3750 core switches and onto Nexus 3ks. Currently, all of our Layer 3 networks are on the 3750s, there is a trunk between the 3750s and N3Ks and our rack switches are connected to the N3Ks. So Layer...
We’re connecting uplinks from a new pair of N9K-C93108TC-EX rack switches to our core, however the new switches only have QSPF ports for fiber and the core side has limited 10G ports and no spare 40G ports. What are our options for cabling? We have s...
We ended up linking the Nexus device aaa to a Radius server, so the accounting logs would go to the Radius server and then directly from Radius server to the SIEM
Thanks for the info, we'll likely go with the 32Ts. We currently have two stacked switches in each rack and would like to keep redundancy with the 32Ts, what are our options for that?
To add to the complexity, we want to allow all traffic on ports 80 and 443 but block all other ports except for this small subset of users, which all traffic should be allowed for. We thought about using sticky mac-address port-security but I don't t...
Just to provide some more information, we only want traffic going over the port from the internal network to the data centre to be tested for authenticated users. We don't want to specify IP addresses or anything like that so a layer 3/4 access-list ...
Hi Jason
Thanks for the recommendation, I have looked at ISE and it seems to be quite involved. We only have about 5 users that we want to allow access across the switch port, is there a simpler way to achieve this?
Thanks
A
