I have 5 hosts. Each host has 2 FC connections going to each switch.
On the VNX side I created a storage group and added each of the hosts to it.
All of the hosts are running vsphere 4.0. Got to upgrade to 5 but we don't have a current service agreement with vmware.
Hey Child of Wonder, Thank you so much for the explanation.
I've redone the fabric and zoned each initiator to each target.
Is there anything else I need to do ?
Why would you need to have single initiator to single target ?
I'm trying to understand what the point of that is, infact what is the point to having zones in the first place ?
The way i've set this up is all the SAN targets are grouped into a single alias. The zones are then setup with each...
So, I finally got 2 brocade 5000's - emc branded.
As I understand fabric zoning, every host should be isolated from other hosts and should only be connected to the Storage it needs to access. Basically each of them need to be in their own separate vlan.
Am I correct in this assumption ?
True.
I had it working before I installed a NATed pfsense firewall.
I should be more specific with my questions.
Is there a way of setting this up between 2 natted environments without using a vpn tunnel ?
How would one make this work ?
I wanted to move our mail server to another network (much faster).
I understand i'd need to setup another DC in the other network, but how exactly can we make this work ?
I've been thinking about doing that. If I get 2 MDS's how would I need to zone each switch for this kind of configuration ?
So far i've just been plugging them in and letting the servers detect the luns.
Guys,
We've recently installed a VNX5100 in our rack and getting ready to migrate data from our old cx500. All the hosts are connected via old Mcdata 2gb switches.
I want to move to newer 4gb or later switches. Do you have any recommendations ?
Ugh, I wish I had asked on here before buying these.
Would these be okay for light load environments ?
I expect to have a total of 2x8host connections going into this.
Its going to be our dev/test environment connected to a san melody device (hopefully)
So just a separate vlan ?
Do i need anything else ? Does anything else need to be disabled ?
I'm hooking these up to a couple of C6100's gonna use them for testing.
Wireless is fine if you're doing regular web-browsing on multiple computers. It gets bad when they start needing to file swap and move directories between multiple computers. Not very reliable IMHO.
Guys,
I just purchased 2 CISCO WS-C2948G-GE-TX Switches. I was hoping to use these for iSCSI data for VM's.
Does anyone have any tips on what the best practice is for setting this up ?
or is this just plug and play ?
Hey all,
Still kind of new to this field.
I just wanted to confirm if its okay to run SAS drives alongwith SATA drives on the same controller.
Where would I be able to get a SAS connector breakout that connects to the 5-pin SATA power connector on the drive side ?
All I've found were the...
This guy is soo right. Rootkits are the viruses of the future - i've been exploited once running Avast on a 64-bit Windows 7 machine. It came in through an "Adobe update", I just got lazy should've read what I was clicking yes for.
The Saga ends.
Went live with the new IOS on saturday, and was having the same issue as before - SYN timeouts on data coming back.
We finally realised that our ISP's Cisco 7600 had an arp cache that was not refreshing. Clearing that brought all traffic back through the new ASA.
I got pwned...
Langly,
I'm not sure if this is resolved as yet - will know when I go attempt to install it again later.
RE the static nat, Since i'm using 8.4 my static nat commands are:
object network 192.168.1.115
host 192.168.1.115
nat (inside,outside) static 20.x.x.115 dns
However, I'm not sure if my...
Langly, I've been through those links before. What I wasn't sure about is if the STATIC NAT i've implemented here is correct or not ?
Its strange cause in my test environment, it works - I can access the http server behind the firewall and the server can go out to the internet as well.
But when...
So, we've been trying to get our network ipv6 compatible and had to upgrade the IOS on our ASA 5510 to 8.4
Little did we know that upgrade to 8.4 would need me to change all out NATs and Access-lists. We have a 1-1 NAT configuration that I need to keep with a bunch of regular rules to different...
OP here,
Just wanted to clarify that I wasn't getting rid of the ASA, just moving it to our main production environment for IPv6 connectivity and also active-passive backup.
BTW.. the pfsense firewall has been running pretty well for the past few weeks. Only issue I seem to have is loading any...
LOL.. some people :rolleyes:
Anyways... Back on topic: Been playing around with pfsense on a local VM... liking it a LOT.
Still need to deploy in a test environment and hookup real servers behind it.
Another question - Does anyone know of a faster way of creating rules and exporting/importing...
The ASA's don't have any IDS/IPS - and we don't have the budget to purchase that.
Might need to move back though - once the NEED for IPv6 becomes unavoidable.
Nate7311 - Whitelists would be external IPs that do not get filtered/firewalled by pfsense/snort.
jadams - thats interesting, did not know snort is a memory hog.
How bad would the performance hit (if any) be ?
Also double-check DNS on all the servers.
If you must .. even change individual host files to point to the right place.
After migrating our Exchange server from 2003 to 2010.. and botching up the Public folder migration, I've narrowed down most ALL of my issues to DNS.
Hosts file entries helped...
Christopher,
That is exactly what I need to do - except this is for a /24 network.
Initially it will be a 100mbit up/down, but eventually we might need to go higher.
I had planned on using dual ASA 5520's (failover) but I would rather use pfsense with its snort capabilities.
Would a dual-proc...
Hey All,
I am sort of new to linux-based firewalls, although I have played around with iptables a while back.
I was planning on replacing our ASA's at one of our backup centers with a couple of pfsense firewalls. Now i'm sure hardware wise i'll be fine (using old dell poweredge servers) but...
If 3389 is indeed blocked at the ISP, then u can just use any other non-standard open port on the router and forward that to 3389 on the server... this would be a whole lot better.. prevents bots from trying to bruteforce in.
The way port forwarding should work is you select what ports you want and send them to the network location on the internal network.
For example:
outside router inside IP:PORT
80 =======ROUT====>192.168.1.123:8008
What im trying to say is, just forwarding ports...
I doubt its a problem with the RAID0 array, cuz if one of the drives died you'd have no array.
I think its a Windows XP problem for which a Repair installation would fix the problem.
this link should help -
http://www.michaelstevenstech.com/XPrepairinstall.htm
XP Repair install
Please...