Posted by LTLnetworker on August 16, 2015
We all want a management network or at least a management VLAN. Regarding those who say they have none, actually they do have a VLAN for management, it is probably just shared with ordinary users (i. e. it is not dedicated). But most IT people prefer a dedicated VLAN that is not used for other kind of traffic and preferably not reachable for users.
In this article we use this definition:
a management VLAN or management network is a dedicated segment for network management traffic which can be used for:
- administering your network devices (aka device access: switches, routers, firewalls via telnet, ssh, https etc.)
- collecting monitoring information (syslog, SNMP etc.)
- hosting syslog, monitoring and management servers (Nagios, Tivoli, Cisco Prime etc.)
- AAA traffic (RADIUS or TACACS+ to Cisco ACS/ISE)
Read the rest of this entry »
Posted in ASA, Check Point, Cisco, F5, Fortinet, routing, switch | Tagged: asa, asymmetric routing, BIG-IP, F5, management, OOB | 3 Comments »
Posted by LTLnetworker on December 4, 2013
This article’s topic really fits in this blog’s genre. It focuses on a case of classic routing protocol behaviour inspection.
I was looking at the subnets in the routing tables when I noticed that a network I picked up was absent in one of the devices. It is a VLAN routed on a pair of core switches (SW1,SW2). The switches advertise the VLANs by EIGRP and all other routers learn it as external EIGRP routes (due to redistribute connected). However, there’s a router R2 connected to SW2 by a L3 link that doesn’t have the network in the routing table.
Let’s see R2’s EIGRP config :
Read the rest of this entry »
Posted in Cisco, router IOS, routing | Tagged: eigrp | Leave a Comment »
LTLnetworker | IT hálózatok, biztonság, Cisco 