i'm planning to use wireshark in my final year project (packet sniffing in wireless networks)and i alraedy installed it and captured some packets, but i don't know how to analyze those packets.I have basic information about networking from CCNA1. I want to learn how to anaylze the captured packets and what the hexadecimal values i got with each packet represent and how to read them.
I have a Time Warner Cable business class service with no static IP, with a wireless modem which is plugged to a CAT5 distribution panel. On the jacks (2 other rooms on the house) I have a Linksys E3000 and a Linksys Valet router for signal boost and gadgets usage (TV, cameras, etc).The main router (TWC) has it's own external IP which TWC assigns to me and internally distributes via DHCP the range 192.168.0.x. With that said:
- The E3000 has a 192.168.0.6 IP -- this is fixed setup on the TWC router (ubee brand) by MAC address - The Valet has a 192.168.0.7 IP -- this is fixed setup on the TWC router (ubee brand) by MAC address - The main router has the 192.168.0.1 as the gateway and web-interface
Whenever I connect something to the E3000, it is distributing the 192.168.1.x range and the valet 192.168.2.x range.That works perfectly for my home based business until I decided to use more stuff on the network such as a IP printer, IP cameras, etc.
- The IP cameras are connected to the E3000 due to signal strength and I have manually assigned them the 192.168.1.15 and 192.168.1.16 IPs and ports 9001 and 9002.
- The printer is connected to the E3000 and I have manually assigned the IP 192.168.1.30.
Issue 1: Port forwarding On the main router (TWC - UBEE) I have tried to setup a port forwarding by informing the Local IP as 192.168.0.6 (E3000 IP), Internal Port 0, Public Interface IP (0.0.0.0), Ext Start Port 9001, Ext End Port 9001, Protocol - Both, Enabled Yes. On the E3000 I did the same config (screen shot attached e3000.png).This is not working properly. I can't get into the camera.
Issue 2: Printer/ The printer is only accessible if I connect to the E3000 (because it is on the 192.168.1.x network)
Issue 3: How to configure all the devices on the same subnet? If I want everyone to be on the 192.168.0.x network, how to configure properly the E3000 and the Valet? I have tried to force them into the same network but it would not work properly. It would not get an IP from the UBEE router (main).
and this router will connect to 18 access point.and each access point need 30 usable host...how to design this netwotk, what subnet should i use...there is only 1 router, so just have only 1 default gateway,it is if the network have too many host, the speed will slow down, because they need wait others host to broadcast?
Here's the layout: Cable modem in the basement. Several devices in which I'd prefer a wired connection in the basement. Upstairs on the 1st and 2nd floor of the house are many devices in which wifi is fine or preferred.Here's the problem: As you might guess, wifi is weak upstairs and certainly on the patio and 2nd floor. I have an access point upstairs that I've experimented with but it is flaky.
I am a new student in networking, taking the CCNA courses, and now want to rewire my home. I currently have a cable modem and E2500 setup running my network. I want to get the modem and router out of my computer room and in the basement where the cable enters the house. I want to do this to clean up the computer room wiring a bit and to run line drops to different rooms in the house where the internet will be utilized.Currently there are two PC's, a laptop, a tablet, sometimes a phone, and an XBOX using the internet. I want to get my printer back up and running on the network but thats another story. Only one PC is currently hardwired. I would like to run two cables into the room with the PC and XBOX that are currently using wireless, at least two into the computer room for the PC and network printer, and one or two into the living room for the blue ray player and possibly an internet tv.
I have a D-Link DGL-4500 router and my landlord recently ungraded our internet connection. However, now I get this error message when I try to hook it up to the ethernet hub,"The addressing of the Internet side learnt thru DHCP conflicts with the addressing selected for the LAN side. Internet communications will be disabled until you have changed the LAN side addressing to resolve the problem."
I'm working on a new network design for my company. We're expanding and opening some more offices and satalite sites. We're a UK based company but opening some US sites.We have a main UK office (Office A on the diagram) a call centre (Office B) and then two buildings on another site (Office C). The USA offices will be very small and only require a couple of computers, hence the small IP allocation. I have marked the IP addresses of the links on the diagram, I intend to use 3560 switches for all the switches marked and all links will be layer 3 to route multiple VLANs from each site to each site (where permitted). question is this: How do I achieve this in the switches? I'm thinking that OSPF is the way forward, is this right? I want to do as little configuration on the switches as possible to allow for dynamic updates of the network (i.e. I don't want to add static routes for everything).
I have gotten the assignment of constructing a fictional network for my school.. and i cannot quite agree with myself upon which equipment i should choose.. its supposed to be all cisco. i need to supply 5000 users all in all, but only 300 on this site. i need to know which connections would be the most reasonable to use and of course which routers "if any" and switches i need.. (+ additional modules if needed) i have tried to make a visio representation, but i just think something is way off.
I have a new project coming up that will require more IPs added to an already quite full class C network. My other issue stems from foolishly putting all hosts in the crowded C network onto the management VLAN. In turn, I have to make each port a trunk.Moving forward I'm wondering what's best for design.or if I should just attempt to change the subnet mask across the board.?
I am in the process of planning our new network. Our business is changing from hosting its own data centre, to moving it to a professional facility. We have 120 users, over 100 servers (physical and virtual) and three sites (main premise, data centre, dr site). The new network will connect all three. Our new WAN links are almost ordered. We will be making use of a managed MPLS IP VPN, with a 100M access rate at each site. I am currently focusing on the desing of the network at the main business premise. We have a significant investment in Cisco 2960 & 3750 switches and Fortinet firewall appliances. I plan to re-use these in the design.
Our current LAN is very flat and I want to segment the network. My plan is to create a number of VLANs, enable the Inter VLAN routing on the 3750 and then attach the 3750 to the Fortinet appliance which will provide stateful firewalling and traffic policin based on the VLAN (subnet) addresses. It is important that the traffic be routed as quickly as possible from this site to our prod and dr data centres.The 2960's act as the access layer, the 3750 as the distribution layer. The 2960's will connect via port channels (layer 2) to the 3750's and the VLAN interfaces will be configured on the 3750.
I was then planning on creating a VLAN on the 3750 to connect to the Fortigate appliance with a /29 address to limit the addresses used whilst also providing some flexibility for any future design changes.I want to implement a little security between the VLANs on the 3750 switches. I have a question about this coming up.I then plan to use the Fortigate appliance to do basic traffic policing based on source/destination addresses.
The WAN routers will connect to the Fortinet appliance on a Gigabit copper interface. The WAN routers will run HSRP between themselves and only one router will be active at any one time. The failover will be managed by the Fortigate and Cisco routers.I plan to define those addresses hosted at the other data centres and associate them with the interface associated with the WAN.I will then define the routing on the firewall for the two other data centres through summary routes for each of the sites. We will run static routing from the Cisco 3750 to the Fortigate and Fortigate to WAN router. We have no other networks/sites and won't have any others in the future.
I've been tasked with designing a network consisting of 3 separate broadcast domains with each one representing a separate business accross 3 separate floors. None of the companies should be able to communicate with each other.I've been told that the design should only represent the first 3 layers of the OSI model so I'm only looking at Cabling, Switching and Routing.
I don't expect you all to tell me exactly how I should do this, however I just need a starting point. My main issue is with routing. I'm aware that each port on a router represents a broadcast domain so if I use one router, 3 broadcast domains, does that means that none of the domains will be able to communicate with each other? Should I use more than one router or can i get away with one? Also just so you are aware I've been told not to use VLans and each broadcast domain must have its own ip address schema.
The following diagram is showing what I "Plan" on doing or "Hope" I can do. This is the most complicated deployment I have taken on in my profession, and Honestly it is very exciting, but had some questions.
1. The network between the ASA's and Routers, is that suppose to be a Private network or Public Network? I have to assume Public because I want my ASA's to take care of the NAT.
2. ASA's are runing single context Active/Standby so what way will the ASA push out going traffic?
3. The routers need to know about each other in a BGP configuration, correct? We accomplish this using iBGP so will that traffic need to be allowed through my firewall to allow the routers to share that information, or should these routers be talking to each other outside the firewalls?
Is this design possible? I am sure there are limitations as always, just trying to wrap my head around the flow of traffic and where to start.
Additional Details/Requirements -
BGP routers are 2921's that I have control of. Both routers have 4 port GigEtherswitches in them.
ASA's are Active/Passive and cannot be Active/Active due the limitations of the Active/Active Design (VPN limitations)
Both ISP's must be used for outbound traffic, I would like to be able to load balance, but can send some traffic one way and the rest of the traffic the other way based on Routes.
ISP's are not Symentrical, one is 50mbps and the other is 250mbps.
All NAT should take place at the ASA's
The routers that have gig etherswitches, can they run HSRP?
Should I be putting Layer 3 switches between the routers and the ASA's instead?
Where should I run my iBGP communication for the routers?
I'm looking for feedback and constructive criticism on our network redesign project for our company.We are currently on a 192.168.1.x/24 and running out of addresses. We are looking to move to the following design and implement VLANs as well for segregation and security. We are probably going to use a few SG300s for switches. [code]
One of our clients is replacing some of their aging network components with 4 Cisco 2960S switches. Unfortunately in this case, my skills of switch configuration are greater than my skills of network design. I have a really crude network diagram of their basic network layout (4 servers, 4 switches, and a number of endpoints).
How would you experts design the physical connections in such a way as to facilitate some redundancy?
I have been recently asked to design a network. What I have for equipment is four 2960G's and one 1941 router. One switch is a root switch and the other three will have end devices on them.I have decided on three V lans to go with: VLAN20 Data, VLAN30 ISCSI, and VLAN99 Management each with seperate trunk links and redundancy (see picture below).
I have a seperate trunks for each V lan using the switch port trunk allowed. With exception to the Data V lan.My design has the Data V lan as the native because it is going to be receiving untagged traffic from the external network. I have set up inter v lan routing on the 1941 via sub-interfaces to allow them to talk to each other (or because of allowed they cannot?). I have one port coming from my router to my switch via Ethernet cable which is my bridge out. I have my external port doing a NAT translation for my inside addresses and a Default route set up ip route 0.0.0.0 0.0.0.0 gig0/0. I am using rapid- PVST to prevent loops and provide my zero downtime convergence when a link goes down. As it stands right now I cannot talk out of my network or inside of my network.
You can see it is highly redundant and I do not want to change it. This network is going to be deployed but there will never be anybody physically there to manage it which is why I made it as redundant as humanly possible.
Every time I connect to my home network with iPhone 4 my whole network stops working. Windows 7 is not reporting any problems with connection, nor is my router. I have cable connection with my PC and wireless with my laptop, they both just stop working without any visible reason. Even the iphone i connect with wont work, but of course it says its connected and everything is ok.I tought it was an iOS 5 problem, so I reinstalled it. It worked for an hour then its all back again. I even tried sharing my PC conection so that my iPhone is connected to PC and not directly to router.But that produced the same results.
My Set up at home is as follows: [code] Now according to what I have read I should be able to set the subnet on .2.0 network to a subnet of 254 and this gives me 512 Hosts I believe however my question at this point is how to route between 192.168.1.0 and 192.168.2.0.Or when I set the subnet .254 does the router just route it automatically.I would still set the subnet mask on both networks to 254 correct? I believe I can only use 192.168.0.1 to 192.168.1.255 w/.254 subnet mask. However I already have some servers that are configured with applications (On the 192.168.2.0 network) that I do not want to change ips on because it would be a pain to reconfigure so, my other question is other than using .252 to extend it to 192.168.0.1 to 192.168.3.255, (I need the 192.168.2.0) is there anything I can do? Like use 192.168.1.0 with subnet mask of 255.255.254.0 to get the 192.168.2.0 network? The reason I asked is I was using a subnet calculator to try and figure this out but every time I put in 192.168.1.0 with .254 subnet mask it changed the ip to 192.168.0.1 to 192. 168. 1. 255.I would really like to use the netgear only. The way I have it now is not working I am able to ping the internet from the 192.168.1.0 network but I can't ping from 192.168.2.0 network to the 192.168.1.0 network.
At the moment I have my home network (192.168.0.0/24) like as below (all connect using straight cables): [code] My Cisco lab equipment are in the basement all connecting to an access server which at the moment is plugged into Switch3-dumb (along with a printer & NAS).What I'm thinking is to replace the Switch3-dumb with a 3550 I'll be picking up later this week.Then using this to do as the Switch3-dumb did maybe by creating a native 'vlan 192' & putting it into a gig interface which will connect to the network using the straight cable, also putting the printer & NAS into the same vlan.This will hopefully still give me connectivity throughout.Then when required I'll like to use the 3550 with the rest of my Cisco equipment for setting up different labs (segmenting them from the home network by using different vlans etc.One of my reasons to implement the 3550 into the home network is to be able to play about on a regular basis (port monitor, traffic stats, etc).
I'm currently working on setting up 2 ASA 5510's with redundancy/failover. I'm not an expert when it comes to the ASA's so I'm not 100% sure if I can do what I need to.I have 2 inside networks that need to remain separate, a DMZ network,and an outside network. Since each network connects via ethernet to one of the 4 ethernet ports on the ASA 5510's, all 4 ethernet ports on the ASA 5510 will be in use. If I wanted to setup one firewall as Active and the other as standby, how would I go about doing that? Do I need a direct ethernet connection between the 2 firewalls to use something such as HSRP? Or would the Standby firewall be able to tell if the Active firewall is OK since they would both be connected on each of their interfaces to the same networks?
remote location on MPLS circuit terminated on a Cisco router that has Internet connectivity through Central Site router. We are installing a cable modem at the remote location that is to be used as the Primary Internet Connection but still be able to use Internet through MPLS if the cable Internet goes down. We want the failover/fallback to be handled automatically.
We have an ASA5505 for the cable Internet which then feeds into the ISPs modem.
At first I was thinking about getting a module for the remote router so the cable Internet could be terminated on the remote router as well but that introduces a single point of failure. I would also like to firewall both the MPLS and the cable Internet but if I do so on the ASA there is another single point of failure.
I have a relatively simple question. I would like to create a private network within a larger network, the private network having several clients. I would ideally like the router to appear as the only device on the larger network and all data to be sorted by the router to the clients in the private network.
Will the Netgear FVS318G be able to do that? It seems to have the necessary NAT options.
I am just browsing and looking for a solution to converge my multi-vendor switched network and bring some redundancy to it as recently we managed to get a redundant links. I have a need to change core switch to Cat3750G, which has Per-V LAN-RSTP+ on board, but tests have shown that it won't be compatible with some other proprietary per-V LAN RSTP solution other vendor's switches use currently.
So, I thought maybe standard-based MSTP design might do the trick. I've made some tests and got some weird and unstable switching result. I have two topology rings with a core switch in the center. Every ring has about 10 switches, so practically network diameter may vary from 5 switches (when spanning-tree converges in the center and I have a blocking port somewhere int the middle of the ring) to about 10-11 switches (if a I have link failure on any of ports right at the core switch). I disconnected one port from core switch to eliminate a possible switching loop while I will be configuring new MSTP design. Then I started enabling MSTP on all the switches staring from core Cat3750G to MSTP, one by one, placing all switches to the same MSTP region, and placing all V LAN's to default MSTI0(CIST) cause I don't need to organize any separate MSTP instances for every V LAN or for group of V LAN s. When I turned MSTP on on 7th or 8th switch in the chain (cause I had a physical chain when I disconnected one port out of redundant ring) I got all switches "flapping", storming and flooding the network with broadcasts. Even when I had one redundant port disabled.
I have no idea what I am doing wrong. I noticed that Cat3750G has an option that defines a possible network diameter which actually automatically changes some hello, max age etc. attributes according to diameter specified. When I defined a maximum network diameter of 7, if didn't change anything: I still have hello timer of 2 sec etc. I've been wondering if the maximum network diameter has something more than just a "variable" to fine tune hello timers etc? Maybe I won't be able to use MSTP in my network which might have diameter more that 7 switches. Or maybe it was a mistake of placing all the switches to the same region and all the v LAN s to the default MSTI0 (CIST) and I should configure one MSTI per V LAN or per some group of V LANs and subdivide my switches to few MSTP regions?
I'm experimenting/attempting to use a laptop as a network tap between my (DSL) modem and a wrt54gs by creating a bridge with two NICs in the laptop. My problem is I can't seem to get connectivity on the user end of the router. I can't ping the bridge from an end computer...
DHCP is disabled in the router, but even when manually configuring the IP address on an end computer and using the bridge as a default gateway I can't ping out.
Am I completely misunderstanding the purpose of a NIC bridge?
I want to setup a DC++ HUB for sharing data within the university local network. We have addresses of the form 172.31.*.*. These addressed are accessible within the university bu non routable outside on the internet. My plan is to setup a local HUB for DC++ for sharing data within the university intranet. So even if internet is unavailable data can be exchanged through LAN. This HUB must not be accessable outsied the university network.how should I do this all..implementing network sharing other than DC++. My basic idea is that everybody can share their data and the data is searchable from one common interface( Web interface is better option, if possible). And data featching should prefferably be from many hosts, using multiple connections so that speed can be improved..
I have a crappy router/modem from comcast with two windows machines and a linux web server connected. I also have another router, a Linksys WRT54G with DDWRT firmware with WAN connected to the modem/router. The linux web server has a static IP, configured with /etc/network/interfaces The network goes down randomly. Disconnecting and rebooting the linux web server usually fixes it. It's possible that the WRT54G could be at fault as well.The problem is that I just don't have any information on what is happening on the network. (Well even if I had the information, I'm not sure I would know what to do with it) I installed wireshark, I figure I should just leave it running until the network goes down, then I can go through the packets and see if I see anything weird?
I have a home network running all Mac computers (though can run Windows VM if necessary) and a pair of USB printers. The wireless router and cable modem are in one room, but the printers are in another. I'd like to find the most practical way to add the printers to the local wireless network without sharing them from a computer. I've tried that for a while, but don't want to leave a laptop connected 24/7 just to enable wireless printing (rather defeats the purpose of a portable computer). I don't have any wired network lines in the home, and am not excited by the idea of running any cables.
Camera set up with the Beta Mac wizard connected via ethernet on Airport base. Wireless security WPA2 Personal. Using DHCP. AirPort Utility 5.5.2, OSX 10.6.6.I can see the cam with the myDlink Lite iPhone (4) App when I am in my house with my wireless network. When I am out, away from my network, the App can't connect to the cam, tells me to check my network settings. I did the wps way and added the cam in the airport base utility *Access Control* tab but still doesn't work. Checked in the cam web page settings, can't figure out what the Pre-Shared Key is and where I get it/set it up in the airport utility...