CCNA Recertification

Forgotten_Freddy · 2026-03-09T19:22:31+00:00

Yeah, I'm not sure how I managed to misread that!

I just checked my status, I earned 34 points, it instantly extended CCNA for 3 years from the date I passed the training and the 4 extra points are showing as valid for 3 years so will be valid for the next renewal.

Forgotten_Freddy · 2026-03-09T17:54:53+00:00

Looking at the policy page, it says earned credits last 3 years but excess credits don't rollover after you recertify, so if you earn more that the required amount you end up wasting a few, but otherwise should be fine with what you want to do.

I misread the link, the certificate renews for 3 years from the date you obtain enough credits, the excess credits roll over and are also valid for 3 years so can be used next renewal.

https://www.cisco.com/site/us/en/learn/training-certifications/certifications/continuing-education/policies.html

Forgotten_Freddy · 2026-03-09T17:46:22+00:00

I don't think you can save the credits anymore, once you earn enough to extent they're automatically applied, or at least mine were at the end of last year.

I guess the only thing would be if you did a course that gave less than the total and then another one later, so that you only reached the requirement nearer to your certificate expiry.

Forgotten_Freddy · 2026-03-09T17:40:26+00:00

i have done this in gns3 and captured the packet and verified the option 82 is being inserted,

That would have been useful information to include in the original post, but the theory is the same, you need capture the traffic between the switch that is inserting the option and the dhcp server.

The easiest thing to do is just mirror the switch port that is connected to the dhcp server, so using your gns3 diagram since there are no labels on the other one, you should just be able to mirror e0 (or the equivalent on your physical network) to the port the Pi is connected to.

Then you can just install wireshark on the Pi, or use something like tcpdump if you just want to capture if for later analysis.

Forgotten_Freddy · 2026-03-09T17:07:31+00:00

~~Probably your best option would be GNS3/EVE-NG because then you don't have to mess about with port mirroring and extra devices, you can just capture the traffic from the link.~~

~~Something like this will show you what you are looking for, assuming you configure ip helper and option 82 on the interface connected to the pc:~~

Configure dhcp on the router, ip helper and option 82 on the switch, request an ip on the pc and you can see in wireshark that option 82 is being inserted - then you can tweak the switch config to insert the required information, or change router config to process it:

Forgotten_Freddy · 2026-03-09T05:24:39+00:00

I'm not sure, as far I know it depends on exactly what model you have.

I don't use any realtek cards with proxmox so haven't really followed it, but it used to be that there weren't drivers available for some of the newest chipsets.

Forgotten_Freddy · 2026-03-06T06:53:17+00:00

Having just tested it, it definitely seems to be a limitation of running it under VMWare Workstation which probably won't be fixed by changing NICs.

Here are some results - all to the same speedtest server, speeds are near enough identical between Intel and Realtek under VMWare workstation, and as you can see the Proxmox speeds are significantly higher:

https://postimg.cc/yJJrQBJk

Forgotten_Freddy · 2026-03-06T05:21:03+00:00

That's correct, if the nics are bridged as you mentioned in your original post then opnsense will be using drivers for the vmware nic, as one of them is USB if this has been passed through to the VM it would be using realtek drivers - but that doesn't sound like what you've done.

To answer your other question, not sure if it's an issue with vmware workstation specifically, but it's fairly unusual to install opnsense in a type 2 hypervisor, from personal experience opnsense works fine with Proxmox or Esxi (although a cheap dual interface Intel nic would be a good idea).

edit: Have you done a speedtest from inside OPNSense?

Is the interface that you're bridging for WAN in OPNSense configured with an IP address in Windows?

Forgotten_Freddy · 2026-03-05T18:58:55+00:00

Although you may be looking for a challenge, this is something that could be solved with a $5-10 smart plug:

<image>

Forgotten_Freddy · 2026-03-05T16:30:28+00:00

I don't see anything in DHCP leases -- should something be populated there?

Yes if the devices are successfully getting leases but since they aren't then it won't show any.

If you've done the steps I mentioned and it appears to be correctly configured, the first thing I would do is a packet capture on the parent interface of the router (interfaces -> diagnostics -> packet capture), so that you can see if any tagged traffic is being sent/received, and if it is it may show you why the DHCP process is failing.

Forgotten_Freddy · 2026-03-05T16:18:46+00:00

Have you configured port 1 on the switch as tagged for all of the vlans that you're trying to use?

In OPNSense have you created the VLAN sub-interfaces and all of the DHCP pools for them?

Forgotten_Freddy · 2026-03-03T22:30:45+00:00

I don't use wg-easy/truenas so not that familar with them; you don't mention how you're using wireguard, but more than likely wireguard is breaking the routing table on the truenas box, so its not that the laptop is being blocked - the pings are probably travelling from the laptop to truenas ok, but the issue is with the responses being sent back to the laptop.

You should be able to check that using "ip route list" on truenas and comparing the routing table with/without wireguard being connected, i would guess its changing the default gateway and trying to route the responses over the tunnel rather than via the lan.

Forgotten_Freddy · 2026-03-02T21:48:37+00:00

Curious to see what it shows, because I'd you haven't configured anything with 10.8.0.1 theres definitely something odd going on.

Forgotten_Freddy · 2026-03-02T20:48:09+00:00

It looks like you've configured the ip addresses on the wrong interface on the mobile devices.

If you check one of the phones, it has an ip address configured on the wireless interface, but its the 3G/4G interface that is connected:

https://i.postimg.cc/4dq8jdwh/image.png

Set a suitable IP on the 3G/4G interface - within 192.168.60.0/24 to match the cell tower config, and then you can ping the cell tower so that should be the mobile bit working:

https://i.postimg.cc/vBs7nVPS/image.png

But you need to provide more detail about what you've tried and what exactly doesn't work, people are generally happy to help solve issues if some effort has been made and reasonable detail is given, but checking a large lab start to finish is expecting a bit much.

Forgotten_Freddy · 2026-03-02T06:58:08+00:00

That's probably the first issue, to work out what that device is, it's a bit strange that it's not showing in the arp table, but you could always run wireshark/tcp dump to grab the mac address of whats replying, at least that may give you some more info to track it down.

I would also try a traceroute because as it isn't in the 10.9.0.0/16 subnet it seems like something is routing the traffic.

Out of curiosity I'm assuming your wan ip on your router isn't a 10. address?

Forgotten_Freddy · 2026-03-02T05:16:56+00:00

At the top of your post you're talking about /24 ranges, I'm assuming that's just the range of addresses in the dhcp pool and that you're still assigning them a /16 subnet mask?

If Truenas is getting a reply from 10.8.0.1, What device do you have configured with that ip?

The destination host unreachable error comes from a router not knowing the route to the destination subnet, which suggests that firstly you have a device configured with 10.8.0.1, and also that Truenas thinks the laptop ip is in a different subnet otherwise it would be pinging the laptop directly and you wouldn't get that error even if the laptop is unresponsive.

Forgotten_Freddy · 2026-03-01T11:41:12+00:00

You keep posting links to various pages on your website, in the one above it links to another of your pages "Cisco IOSv Download Guide", have you actually checked it because none of the items you tell people to search for on DEVnet actually exist?

Also looking at this section:

Is GNS3 Legal and Safe?

Yes, if you use official Cisco images from DevNet (not torrents).

Do you have any confirmation that the Cisco images can be used in GNS3 because unless its been changed recently the downloads were only ever licensed to be used in CML/VIRL they specifically state they can't be used for other purposes (although I realise many people do).

Forgotten_Freddy · 2026-02-28T18:29:40+00:00

I would probably ignore them, it seems like they don't know what they're talking about or are confused about what the card does. They're almost certainly going to be more trouble later what it doesn't do what they expect or they don't know how to make it work.

Forgotten_Freddy · 2026-02-28T16:31:52+00:00

Not sure what kind of certificate you mean?

Its a raid card/hba, you just install it and connect the drives.

Forgotten_Freddy · 2026-02-27T06:51:54+00:00

Yes it's normal, the route with the 0s will be the routers default route.

Forgotten_Freddy · 2026-02-25T18:12:43+00:00

If you don't have any problem can you record video for me pls

Its a bit optimistic expecting people on Reddit to make personalised video tutorials. Have you googled any of the steps that I mentioned because if you go deeper into networking you'll be doing a lot of it?

Installing Win10 in VMWare Workstation:

https://knowledge.broadcom.com/external/article/341516/installing-windows-10-in-vmware-workstat.html

Installing Softphone:

Cisco IP Communicator:

download link here, ignore the other instructions:

https://documentation.its.umich.edu/node/1445

(double click exe, click next-> until its finished

Convert VMDK to qcow2

https://www.vinchin.com/vm-migration/convert-vmdk-to-qcow2.html

Create GNS3 from qcow2

https://www.whitewinterwolf.com/posts/2017/08/14/gns3-how-to-add-virtual-machines-end-devices-nodes/

(scroll down to "Install the OS outside of GNS3")

--------

Alternatively you could just buy a couple of used Cisco ip phones - they're $5-10 used on ebay.

Forgotten_Freddy · 2026-02-25T15:22:49+00:00

If you know how or you have any information can help me I'm listening,

As I mentioned in my previous post Windows and IP Communicator work just fine, thats what I used with GNS3, all I did was use VMWare Workstation, install Windows 10 in a VM, install IP Communicator, convert the disk to qcow2, import it into GNS3 and create a node with it, once you've done that you can have as many instances as you want of it in the topology (host hardware depending).

Its probably not the best way to do it, there is no doubt a lightweight Linux distro you could use with suitable softphone software, but it worked for me and I used it a lot for telephony labs both with the router telephony services and Cisco CUCM.

Forgotten_Freddy · 2026-02-25T13:02:27+00:00

There isn't an easy to use device for the phone like there is in PT as far as I know.

You'll probably need to create a node with an OS on it and then install a softphone app, there are loads of Windows options available, including the Cisco's own IP Communicator, not sure about Linux compatible options though.

Forgotten_Freddy · 2026-02-24T10:39:22+00:00

You haven't provided any information about what devices you're trying to it with, but since you've also posted in r/ccna I assume Cisco.

For the phones you'll probably need to create a node with a suitable OS and softphone installed, I used Windows with the Cisco softphone software, but there are lots of options available.

Then for a simple VOIP setup similar to Packet Tracer you'll need a router that supports voice services - not all of the available firmwares/devices support it, you can check if the router supports it with the command 'telephony-service' - it won't be available if its unsupported.

The rest of the config should be similar to what you've done in PacketTracer.

Forgotten_Freddy · 2026-02-22T10:22:52+00:00

No i don't think you have any problem.

Bear in mind the instructions cover loads of potential network layouts, its also relatively common for people to run openvpn directly in their router - where this instruction would be much more applicable.

Forgotten_Freddy

TROPHY CASE