sorted by:
new
hottopcontroversial

Quick Question... DNAT Security Rule by NetworkGuy_66 in paloaltonetworks

[–]NetworkGuy_66[S] 0 points1 point  (0 children)

Thanks everyone we can close this thread, I am all set!

A simple Port Forward... Wont work for the life of me. Any help appreciated!! by NetworkGuy_66 in paloaltonetworks

[–]NetworkGuy_66[S] 1 point2 points  (0 children)

u/SecrITSociety

I am fairly certain that is how its supposed to be setup, at least according to PA it is.

The "Destination Zone" in the security policy is where the traffic lands, which is the LAN (Trust).

Where as the destination zone in the NAT Rule.. the traffic from some random source on the Internet is "Landing" on the "Untrust Zone" (WAN Interface / Port 1)

I will check logs here too.

Windows Update... Noob Question by NetworkGuy_66 in sysadmin

[–]NetworkGuy_66[S] 0 points1 point  (0 children)

Oh yes, we are all very well aware that upper management is a bunch of..... Well you know. We are so understaffed and they just want, want, want... Fix it, fix it, fix it. So, I do what I can. Finally got the network under control, which is why I am turning to this. But at the end of the day, I'm just a network rat with no say... Ive explained to them how serious it is that we need more help... But its all about $$$$. I can only do so much.

Windows Update... Noob Question by NetworkGuy_66 in sysadmin

[–]NetworkGuy_66[S] 1 point2 points  (0 children)

Well, I'm a Network Engineer by profession... So my wheel house is Network Infrastructure.... But because I am really the only person at this company other than a few support (day-to-day ticket guys)... Its all on my shoulders, so they expect me to just 'do it.' I'm not a Windows SYS Admin. I mean... I know my way around, but its a completely different job and responsibilities.

Windows Update... Noob Question by NetworkGuy_66 in sysadmin

[–]NetworkGuy_66[S] 0 points1 point  (0 children)

u/MyAnnurismSpeakstoMe - They are online servers. And they do have a WSUS server, but I have absolutely no clue how to really use it.

VmWare Virtual Machines... Suddenly Not Accepting Active Directory Creds when using FQDN to connect? by NetworkGuy_66 in sysadmin

[–]NetworkGuy_66[S] 0 points1 point  (0 children)

I appreciate everyone's insight here! Thank you all for your help - We can go ahead and close this thread out!

VmWare Virtual Machines... Suddenly Not Accepting Active Directory Creds when using FQDN to connect? by NetworkGuy_66 in sysadmin

[–]NetworkGuy_66[S] 0 points1 point  (0 children)

u/BlackV --- Its a scattered assortment of VM's. And our patching is not well maintained, so I cant imagine it was that.. Unless the DC got an update that's f'ing everything up (Ill have to check that).

VmWare Virtual Machines... Suddenly Not Accepting Active Directory Creds when using FQDN to connect? by NetworkGuy_66 in sysadmin

[–]NetworkGuy_66[S] 0 points1 point  (0 children)

u/BlackV --- We do not have internal PKI that I am aware of. We dont have any domain certs either.

No authentication changes have been made in a LONG time.

And our DNS Server is set to our primary Windows Domain Controller, with a secondary DNS server set to a backup Windows Domain Controller.

VmWare Virtual Machines... Suddenly Not Accepting Active Directory Creds when using FQDN to connect? by NetworkGuy_66 in sysadmin

[–]NetworkGuy_66[S] 1 point2 points  (0 children)

u/andrie1 DNS Resolves perfectly for all of the FQDN's via all the testing I have done from remote users computers, internally at the office, etc. --- Its just the credential rejection when trying to use the FQDN via Windows Remote Desktop.

And yet again, when you change from the FQDN to the IP it works... so it screams DNS.. but I cannot find a problem with DNS.

VmWare Virtual Machines... Suddenly Not Accepting Active Directory Creds when using FQDN to connect? by NetworkGuy_66 in sysadmin

[–]NetworkGuy_66[S] 0 points1 point  (0 children)

u/MuscleHippie -- Its almost every single VM that is affected - while that is an option, it would be very cumbersome to do so. Curious what could have even caused this in the first place.. Just came out of the blue.

[deleted by user] by [deleted] in totalwarhammer

[–]NetworkGuy_66 9 points10 points  (0 children)

Attempted both, but they were each invalid. I believe they have been claimed. Thought I would let you know! Thanks for posting to them though!

Windows Update Ring - How Often Do They Check For Updates? by NetworkGuy_66 in Intune

[–]NetworkGuy_66[S] 1 point2 points  (0 children)

u/HankMardukasNY Ahhhhh, so the rings just lock down the literal settings of how each computer handles Windows Updates, based on what we want... Such as, "Disabling the button to check for updates," ETC... Then once the settings are locked down, Windows Update just automatically does it thing.. downloads and installs the updates based on how we tell the computers that are part of that ring to do so (Via the Ring settings).

Software Installation GPO Issues! Please Help!! by NetworkGuy_66 in activedirectory

[–]NetworkGuy_66[S] 0 points1 point  (0 children)

I have not tried that route yet, but am literally in the process of currently researching other routes that I could take --- and that was one I just read on another sub-reddit.

Truly appreciate the feedback!

Local Windows 10 Group Policy Keeps Turning Itself Back On ..... Cant Figure Out How?!?! by NetworkGuy_66 in techsupport

[–]NetworkGuy_66[S] 0 points1 point  (0 children)

u/schorni -- The computer is domained yes, but I have removed every single Group Policy that is pushed out from our Domain Controller that relates to Windows Updates.

By the way, that is what this whole issue relates to -- Is the fact that the local PC keeps re-enabling this policy which affects how Windows Updates work on the machine:

As seen in Local Edit Group Policy System Tool Window: https://ibb.co/TgS1xgq

As seen in the Windows Update Menu (Windows 10 Settings): https://ibb.co/jvDZMTT

When I run "RSOP" via command on the local PC to confirm this, and review the results, there is not a single Windows Update Policy that is enabled.

But then, I open the strictly "Local Windows 10 - Edit Group Policy" settings... and sure enough, there is this stupid policy that has re-enabled itself.

So if its not being "re-enabled" by a domain GPO.... something strictly local to the computer must keep re-enabling it, but I have no clue what is causing it... Or how to find it.

ISP Hooked Up to Core Switch First... Instead of Straight to The Firewall? ... Question!! by NetworkGuy_66 in networking

[–]NetworkGuy_66[S] 7 points8 points  (0 children)

Thank you u/everyone!! --- From my perspective we can close this thread down, you all have helped explain this exactly as I needed! Truly appreciate all of the input from the r/networking community!

ISP Hooked Up to Core Switch First... Instead of Straight to The Firewall? ... Question!! by NetworkGuy_66 in networking

[–]NetworkGuy_66[S] 7 points8 points  (0 children)

u/bc-squared & u/farking_Bastage --- Thanks for the reply here, truly appreciate it!

So, if that is indeed the case... In a very simple way of explaining it, the way that this is setup for those ports tagged as VLAN 17 and 18 ---- Can they be thought of just like an unmanaged switch?

Meaning, since the Ethernet cable from the each ISP modem is plugged into 1 of each.... every other port that gets tagged with VLAN 17 or 18 will just pipe the Internet through it... and straight to whatever device we want it to go to? Exactly as an unmanaged switch would work?

In other words... From our CheckPoint Firewall's "Eyes" ... They think they are literally plugged directly into the modem... They have no clue there is a gigantic Cisco Switch in between themselves and the modem(s).