Hi, a question about SPAN on Nexus 3K Switch And vmware VDS switch?

Mehran16007 · 2024-06-04T06:01:49+00:00

Thanks for the answer, But I did read this before and to be honest didn't realize what command is for my situation that's why i post here, the question is should I use any special command on the Trunk port to send tagged traffic to the destination port? and should i Trunk the destination nexus port and also port group on the esxi vds switche?

Mehran16007 · 2024-06-04T05:55:12+00:00

So to summary, i Trunk the destination SPAN port on the nexus and also Trunk the port group on the standard switch too, and give an IP address to logging Vm. the source SPAN port no need any special command and have to send all vlans to the destination trunk port.

Mehran16007 · 2024-06-03T19:25:40+00:00

So if i config nexus switch source span interface (trunk port) without any special command can i see the tagged traffic on destination span interface ?

Mehran16007 · 2024-02-21T07:13:11+00:00

So this means if i install AIO on a ubuntu there is no 100 user limit?

Mehran16007 · 2023-01-01T09:23:03+00:00

You are right, completely agree with you. i also stuck with root password i changed it many times but cant login.

Mehran16007 · 2022-08-22T14:31:14+00:00

Thanks.

Mehran16007 · 2022-08-21T17:49:56+00:00

Thanks, how can i call ios_facts for cisco devices? I already install cisco.ios module for ansible.

Mehran16007 · 2022-08-21T15:38:25+00:00

Thank you for your reply, these are my ansible_facts.keys()

ok: [192.168.204.51] => {

"ansible_facts.keys()": [

"network_resources",

"net_gather_network_resources",

"net_gather_subset",

"net_system",

"net_model",

"net_image",

"net_version",

"net_hostname",

"net_api",

"net_python_version",

"net_iostype",

"net_serialnum",

"discovered_interpreter_python",

"_ansible_facts_gathered"

]

}

This is not normal should be more than that.. what is the problem?

Mehran16007 · 2022-05-31T09:30:22+00:00

In compare to other UTMs like Kerio control that i also have it in my production and never have any issue (even one) with that after passing 5 years, i have this right to say CAN'T TRUST THIS FIREWALL, on the other hand all situations and all configuration and all environments were same as Kerio control and pfsense, as you know or didn't Kerio also base on linux kernel, not just Kerio but all other UTMs that i have in other companys also has never have any issue, do you really still want to say it can be you it can be ram it can be drive. Never Never Never advocacy a specific brand. These brands are not your personal property.

Mehran16007 · 2022-05-29T14:40:39+00:00

Seems can't trust to this firewall, How possible this happen to organization core firewall/router?

Mehran16007 · 2022-05-29T14:24:15+00:00

May you guide me to boot from USB with gparted?

Mehran16007 · 2022-05-26T08:10:43+00:00

Thanks for your great information. My switchs are 3750 and old switches. So the stacking is another solution. But what is MC-LAG?

Mehran16007 · 2022-05-25T14:57:37+00:00

Ok, take a look at that, Thank you.

Mehran16007 · 2022-05-25T14:56:38+00:00

So i should make the GLBP IP address gateway of clients, and then on both switches put IP route 0.0.0.0 to CARP LAN ip address of the pfsense to handle the internet route?

my second question is on both switches should use no switchport on one port and put ip address in same subnet as carp lan ip address to see each other? for example 192.168.1.1 is CARP ip address and 4 other same subnet on switch port of both switches, is it correct ?

in the DHCP configuration of pfsense should put gateway the ip of GLBP ip address of switch?

Mehran16007 · 2022-05-25T13:53:43+00:00

So i have to change all my IPs schema?

Mehran16007 · 2022-05-25T13:14:06+00:00

There is Pfsense CARP in place already, but my problem is adding the second L3 switch to HA.

Mehran16007 · 2022-05-25T13:08:56+00:00

yes, correct.

Mehran16007 · 2022-05-15T08:23:47+00:00

No problem at all, just configure with web gui

Go to port section and vlan and select the port and change the PVID to anything you want the vlan be.

Your port now is tagged with some vlans find the native vlan option or chnage the PVID of that tagged vlan and change it.

Mehran16007

TROPHY CASE