Wondering if anybody that manages Checkpoint firewalls can help me.
We upgraded from Cisco ASA to checkpoint and on one of our VPN tunnels we translate the source IP addresses from an inside network. ( i.e. 10.1.1.0 /24 to 10.90.90.0 /24) and then send the traffic over the tunnel. The other...
What is passive mode? Why is their server rejecting the requests? If the requests are reaching their server shouldn't that be their issue? Or is the issue the ASA blocking the data back on its return?
You don't have to use object groups, but when you are creating an access list for multiple hosts. You can create a object group that points to the hosts. Its a best practice and a good way to document configurations so the admin after you will understand the config.
More on the lines of this for the access list:
access-list outside_access_in permit tcp any 192.168.0.0 255.255.255.0 range 989 991
I've never seen port forwarding to a whole subnet before only individual hosts. But I'm guessing it can be done.
Experience is better than certification. Gaining certification is the part where you learn how to do a job and a paper that certifies that you can do the job. Experience is you actually performing the job.
My manager can talk about technology like he invented it to other people who are not technical at all. But as far as really knowing how stuff works; he doesn't have a clue. I have to tell him if it will work or not or what the impact is etc. In my dept, the managers focus primarily on the...
Sounds like a good offer if the pay is in the 75k 85k range. You will also need a senior network engineer though; somebody with 10 years plus experience.
So out of the whole conversation you nitpick my wording? I live in small country where we don't even have a university. I work for the second largest employer here, so huge was the correct wording. I understand in the US you have major cities and major universities. I was hoping you was going...
For the thread creator. To make things easy. You can get poe access points run cat5e or cat6 from a poe switch. That way you don't have to worry about finding power in the ceiling.
The WCS does make it a bit easier. You can create maps that show RF prediction and it's easier to troubleshoot...
I agree. Just manually configure 3 APs in stand-alone mode. You don't need a controller or central management for 3 access points.
hey cyr0n_k0r, I manage a huge Cisco wireless network as well currently 160+ APs. Some 1131s, 1141s, and 3500s. Maybe you could share some ideas. We have a...
Properly designed networks hardly ever go totally down. There may be a slight outage somewhere but not the whole network. Some industries which vitally rely on their data, will most certainly have on-site IT support staff even if they are using the cloud to host some of their services. The...
These 3 factors affect almost all jobs not just IT but you are correct. Robotics halted the growth of factory jobs and assembly lines. A depressed economy encourages organizations to cut back and conserve. Outsourcing works great sometimes but in other cases it doesn't work at all and adds to a...
I was just having this exact conversation at work today. There is a strong future for IT people. I work for a hospital and my managers like the idea of having support on-site staff. All the switches, access points, servers etc. have to be managed and yes all these devices can be accessed...
Hey thanks. I will have a look now.
I'm just deploying PCs at remote locations that will have DSL connectivity. They will VPN back to the main office. My manager requests to have pornography, gun and violence blocked from Internet use for the users.
Can anyone recommend me a wireless router that has content filtering? For example, if there was a category of websites to block like porn, guns/violence etc. that would be great.
The blocked machines will be safe because their behind your router and plus Internet traffic is blocked for those machines as well.
The machines that aren't blocked still have protection behind your router/firewall but you should still turn on windows firewall.
"so they should arrest any...
Yes its a huge responsibility depending on your role. I work for a Hospital as a Network Analyst and we support 1800 users. Anything goes down, whether its the network, wireless, servers, phones, AS/400 people panic and it looks bad on our dept. Also, I have to keep checking my phone for...
On the DIR-655 Advanced Tab, go to Access Control. Create a Policy and add the computers you want to block access (select block all access) and your done. They will still have access to your LAN.
Hey guys just wanted to know what network management software you use. We use What's Up Gold but keeping getting false alerts saying fan down etc. Looking to migrate to another solution. Have any ideas? We are currently looking at Solarwinds.
We are not saying vito_corleone doesn't know his stuff. Remember when you put certain certs on your resume, be prepared to be asked questions on that level on the interview because you will be expected to know.
And for beginners, attempting mid-senior level certs can be difficult due to lack...
I agree. You have to start somewhere. I can almost gurantee any new entree level person that you won't start out installing servers or configuring switches.
Again my manager didn't let me configure any switches, or even give me the password to the servers until I proved myself. That was...
Edited:
I started out doing A+, my first jobs were summer employment and interns. You don't wanna rush and not learn some of the important fundamentals that people in a help desk know :)
I'd start at Comptia A+ / Network + then go for MCITP: Enterprise Desktop Support Technician. Also, I'd start reading books about IT and Telecoms in general.
Question of the Day 2:
You have connected another switch to your network but you are not receiving VTP updates from the VTP Server. What are some reasons for this?
Yes it really true mainly because in an Enterprise network all the systems tie into each other. You have to know a bit about everything, and then you have your core specialty areas based on your role.
I just checked for you. You can go to Tools, then Discover devices and you can select an IP Range and even the SNMP polices to use. I am using version 14.2.
You have to go to add a device, then you can tell it what IP address to pull from. If SNMP is configured correctly on the device Whats Up Gold will scan and pick up all the information.
It supports not only SNMP ver 3 but some of the other versions and authentication.
Each vendor has different scope settings that you have to apply to the scope. What VoIP vendor are you using?
You shouldn't have to configure static entries, that is only really used when you are configuring a phone for a user outside of your corporate network or in special instances.