Network pics thread

Nothing wrong with windows firewall, it is the same as most firewalls in the simplest form of blocking and allowing what it needs if configured in advance mode.

Most people get into systems due to a exploit or weakness in a running application or code, which is already opened to the internet.

So if you have a $20k Cisco pix, or the integrated windows firewall, if your application is flawed, it doesn't matter what you put in front of it.
 
MrGuvernment said:
Nothing wrong with windows firewall, it is the same as most firewalls in the simplest form of blocking and allowing what it needs if configured in advance mode.

Most people get into systems due to a exploit or weakness in a running application or code, which is already opened to the internet.

So if you have a $20k Cisco pix, or the integrated windows firewall, if your application is flawed, it doesn't matter what you put in front of it.
Click to expand...

Haha true enough.

I just lock it down for default deny incoming and deny outgoing, and open up and only allow gameserver ports on the right IP's.

RDP I do leave open with a VBScript that monitors event log for 3 login failures, then issues a command to IPSec then offending IP rejecting all packets from it.

Works amazingly.
 
Its been a while since i posted.. So, here is my new core switch. i know the wiring is FUBAR, i will pick up a box of cat6 to have all the cables match...
i run voip services for family and other military friends (US and overseas), so i have to schedule outages on my own network.. lol
The 1841 is a VPN concentrator for my remote voip sites.. (it has the AIM-VPN/EPII-PLUS card)
My external router is currently a Linux server (will be upgrading with new toy,see below)

IMG_1931_zps199c98f0.jpg


Here is my new toy! should help expand my services.

IMG_1932_zpsff307bff.jpg

IMG_1933_zps8db4854c.jpg


Lets Open it up! SWEET!!!

IMG_1935_zpsbec4dbfb.jpg



This thing is LOUD!!! My wife is already complaining that my server room is loud again!
Ive spent a lot of time and money on a quiet server room (mag lev fans, HDD vibe mounts, ultra quiet everything)..
so i cut out the center of the fan guards, it instantly got a LOT quieter... i will clean it up with a dremal later...
IMG_1936_zps2b225f0b.jpg


But its not enough.. so i am going to get a cage fan and redo the airflow in the ASA...
Modified_zpsa8c2c9a9.jpg


And before people complain that i cut up a ASA 5520, if i did not modify it, then i would not be able to put in in production and its mine.. so Ha!
i will post a update when i finish the mods.

Enjoy
 
Last edited:
It's strange that your one is loud, we had lots of ASA 5510 and 5520 at my old work and they were pretty quiet...
 
They aren't bad as Cisco gear goes for noise but I suppose if you are already running a pretty quiet environment then they will be pretty loud.
 
Kedare said:
It's strange that your one is loud, we had lots of ASA 5510 and 5520 at my old work and they were pretty quiet...
Click to expand...

They are not loud compared to a Cisco 6509s or the older 1U Cisco call manager, but when compared to a cisco 1.5U 3750 switch or my atom asterisk server, its a jet engine.

The loudest think i have running is a couple of old 15K SCSI drives that i will soon replace with a SSD setup.
Most of my servers have been switched for Dell latitude D630 laptops. i got rid of all my DL360s due to noise.

Then again, this is a household server room. I am not supporting thousands of users.
My only real production services are a SIP voice/video system with the VPN hardware to make it secure (only 41 people around the world), a OWNcloud system, a web server and a few minecraft servers for some friends.

Has anyone else tried to build a quiet server room?
 
Last edited:
B1zz said:
just plug it in anywhere you like....hopefully spanning-tree is running and will fix it for you....
:rolleyes::cool:
Click to expand...

You sound like my old counterpart ... i flew all the way down to aruba once becuse of that same issue.. portfast was enabled... free vacation.. ;)
 
SysOps said:
You sound like my old counterpart ... i flew all the way down to aruba once becuse of that same issue.. portfast was enabled... free vacation.. ;)
Click to expand...

twas mostly sarcasm if it wasn't obvious.... :)

truth be told though, i have used that as a "troubleshooting method" when someone 2000 miles away calls and tells me their closet looks like a rats nest "what do i need to plug in?"

nice that you got a "vacation" out of your ordeal though. :cool:
 
B1zz said:
twas mostly sarcasm if it wasn't obvious.... :)

truth be told though, i have used that as a "troubleshooting method" when someone 2000 miles away calls and tells me their closet looks like a rats nest "what do i need to plug in?"

nice that you got a "vacation" out of your ordeal though. :cool:
Click to expand...

It was indeed obvious.
3 days to trouble shoot a network issue that took me 20 minutes was nice.
Did you have cisco works or something running, or just monitoring the distant end switchs?
 
SysOps said:
It was indeed obvious.
3 days to trouble shoot a network issue that took me 20 minutes was nice.
Did you have cisco works or something running, or just monitoring the distant end switchs?
Click to expand...

was SSH'd into what switches i could get to. kept "term mon" running and would turn on/off portfast etc as i saw what was going on according to the console output. thankfully the site wasnt fully live yet, so i could mess with stuff in real time. It was nice that i could keep a guy on the phone that wasnt necessarily IT savvy but fully followed instructions and didnt mess around with crap just to keep me on my toes.
 


Latest addition is a 3Com 4200-48G. Setting it up to use for my main switch with VLAN routing. Currently sitting in my lab rack so I can configure it before putting it in my other rack.

The cli on this switch is a pita compared to Cisco. Cisco's makes sense, this one doesn't really...
 
Last edited:
thrash408 said:
You can still buy 3com?
Click to expand...
They are all over Craigslist for cheap.
i guess that's what happens when HP buys you out..

They are good for basic labs and non-profit origination.. Ive installed a few in community centers and churches (local volunteer work).
Open standards like 802.1Q make them still viable.
 
Last edited:
/usr/home said:
It's HP now. This switch went EOL in 2010, but they still release firmware updates. Paid $150 for it. VLANs are simple on Cisco, on these I'm struggling a bit.
Click to expand...

We use all HP switches as Cisco is way too expensive.
If this helps, this is how you do vlans on a HP.

configure
vlan 5
tagged 10
exit
vlan 6
untagged 10
exit
exit

imho how HP does it makes more sense, but then again I started with HPs and not Cisco.
 
feffrey said:
We use all HP switches as Cisco is way too expensive.
If this helps, this is how you do vlans on a HP.

configure
vlan 5
tagged 10
exit
vlan 6
untagged 10
exit
exit

imho how HP does it makes more sense, but then again I started with HPs and not Cisco.
Click to expand...

Commands are completely different on this switch. It's not at all like other HPs. This will be replacing a 2824.

Finally got the trunk ports to work, but now the second VLAN can't reach the internet. I'm thinking it's a setting with my ASA though.
 
/usr/home said:
Commands are completely different on this switch. It's not at all like other HPs. This will be replacing a 2824.

Finally got the trunk ports to work, but now the second VLAN can't reach the internet. I'm thinking it's a setting with my ASA though.
Click to expand...

Check the native vlan setting. i had a similar issue with non-tagged .1q traffic before.
 
SysOps said:
Check the native vlan setting. i had a similar issue with non-tagged .1q traffic before.
Click to expand...

I'm thinking I may move back to my my Mikrotik for routing duties and put DHCP duties on the switch and then just have multiple gateways on the Mikrotik, then stick the ASA behind the Mikrotik and dedicate it to VPN duty. Right now I have a spare ASA, Unifi, Switch, and Mikrotik so I'm going to lab it up and see what I can get going here. I don't know what it is about Mikrotiks, but I love the way their firewall rules are setup.
 
Last edited:
Moved the new rack to where it's going to go. I still need to frame around the existing one and add power outlets and cable management ducts, so once that is done this one will be flush against.

That rack will most likely be for lab/test stuff as well as power equipment. Might eventually throw a sliding monitor/kvm in there if ever I find one for a decent price, but all the ones I've seen are very expensive.



2 racks for a home server room... should be good enough for a while, eh. :D
 
Yep. I don't have the head unit but they do work as a DAS when connected to a PC. Downside is, if I put any other drive it does not work. So as far as drives failing I can't replace them. None have failed yet though. I only power it on ever so often to do a backup of my full environment. I setup Linux md raid on the top two shelves. 400GB drives. The two bottom are 250GB drives.

The fiber switch is not being used, but was also part of that SAN environment. Got lucky enough to score that when it got decommissioned. TBH It's more there for show than anything. I don't even have enough UPS capacity to power those on and use them as normal. All 4 take up close to 1kw lol. Which, really, is not all that bad considering all the drives.
 
hrmm, sucks you cant use other drives?

I am using a couple FC attaced DAS RAIDs from Infortrned and love them :)
 
Yeah I knew HP bought them out, i just didn't think you could get them (new) anymore. One of my clients purchased a HP switch right after they took 3com over, and HP sent a 3com switch with a HP sticker on it.... lmao? I don't care for 3com, HP isn't too bad you just have to get used to it. I prefer cisco all the way though. I can set up a cisco network in a quarter of the time as it takes me dicking with other brands.
 
thrash408 said:
Yeah I knew HP bought them out, i just didn't think you could get them (new) anymore. One of my clients purchased a HP switch right after they took 3com over, and HP sent a 3com switch with a HP sticker on it.... lmao? I don't care for 3com, HP isn't too bad you just have to get used to it. I prefer cisco all the way though. I can set up a cisco network in a quarter of the time as it takes me dicking with other brands.
Click to expand...

Yeah. This is a decent switch from what I've used, but its such a pita since I'm used to Cisco. It's taking me a lot longer to configure than a Cisco would. It doesn't even have a interface range command so I have to set each port independently. Grrrr.
 
/usr/home said:


Latest addition is a 3Com 4200-48G. Setting it up to use for my main switch with VLAN routing. Currently sitting in my lab rack so I can configure it before putting it in my other rack.

The cli on this switch is a pita compared to Cisco. Cisco's makes sense, this one doesn't really...
Click to expand...

it only makes sense because you learned it first :p
 
Just arrived for a project I am working on. Needed a 24 port for a new part of office space, and we had a 24 port in the datacenter in a mix of all our 48's for some reason... Swapping this one for it, then the 24port to its new home.

Switch.jpg
 
feffrey said:
We use all HP switches as Cisco is way too expensive.
If this helps, this is how you do vlans on a HP.

configure
vlan 5
tagged 10
exit
vlan 6
untagged 10
exit
exit

imho how HP does it makes more sense, but then again I started with HPs and not Cisco.
Click to expand...
You forgot "en". :)
 
MinPins said:
Um..... is it just me, or is the dude in the photo sportin' a 'chubbie'?
Click to expand...
I don't know about you, being 6' super skinny at 158lbs, but I prefer my toilet deployments to have LOTS of leg room all around and maximum privacy. :D
 
'chubbie' = erection
He appears to have and erection.
Wish I would not have noticed that, but the internet has ruined me.
 
You must log in or register to reply here.
Back
Top