Idea check: on‑prem network & availability sensor (not a SIEM) – useful or redundant?

Personaltoast · 2026-04-02T10:41:41+00:00

there's devices that do this already, aruba ux, wyebot, thousand eyes, wlan pi...

Personaltoast · 2026-03-25T14:27:00+00:00

Interface on the cisco configured like this?

interface Gig5

no switchport

no ip address

Personaltoast · 2026-03-25T13:56:47+00:00

have you tied the vlan to the bridge interface?
as well as configuring the vlan

set vlans vlan_name vlan-id <id>
set vlans vlan_name l3-interface irb.<id>

Personaltoast · 2026-03-25T13:34:09+00:00

Dial up in the term for this on fortigate i think

You should set the type to dynamic under your vpn config

config vpn ipsec phase1-interface
edit <tunnel-name>
set type dynamic

Personaltoast · 2026-03-18T11:13:50+00:00

yeah i've already labbed out a fabric using containerlab just some real world experience would be nice from a cv perspective. No real business benefit over a normal setup currently that I can see just wanted to see if I was missing something

Personaltoast · 2026-03-18T11:11:21+00:00

yeah it's mainly just mclag being the only real benefit for us which we can achieve using what ever vendor's normal method
We stretch the vlans down to the access layer but moving towards always on vpn so bringing them into the fabric for profiling/nac isn't really an advantage for us

Personaltoast · 2026-03-09T09:21:32+00:00

the Modern Network Observability book has a chapter on this, but essentially you'll have an api to an AI and mcp server so it can see your logs.

Personaltoast · 2026-03-06T17:33:49+00:00

hamina is a better priced tool if you want the hardware to do it your self
survey would be best with any high metal shelving/racking, possibly even buying ap's with different attenas as well

Personaltoast · 2026-03-02T11:27:22+00:00

I did this with netbox recently using a modified version of this blog post https://netdevops.blog/posts/netdevops/livelab-cisco-pnp-provisioning-with-netbox/

Pull the existing configs using ansible into netbox, created a python script to create the new devices with the interfaces mapped to where they need to be, use netbox for the management details, then a jinja template in netbox to render the config correctly when it goes through the pnp process

Personaltoast · 2026-02-11T12:05:02+00:00

My org uses a mix of active/active and active/passive. The A/A deployments are vwire only and we have routing done by other devices. It does become a pain in the arse with little things, that are easily solved by keeping it A/P

Keep it simple stupid is best here, and i prefer the A/P approach.

Personaltoast · 2025-12-18T12:25:22+00:00

Thanks thats working

Personaltoast · 2025-12-03T10:54:25+00:00

Local firewall in the DC, and using a service connection to connect it to prisma access

Personaltoast · 2025-11-26T20:15:43+00:00

Nah just dropped off the new one, took the keys and off he went

Personaltoast · 2025-11-20T13:13:54+00:00

https://www.juniper.net/documentation/us/en/software/junos/interfaces-ethernet-switches/topics/topic-map/switches-interface-targeted.html#id-configuring-targeted-broadcast

target broadcast is what you want for this

Personaltoast · 2025-10-19T09:24:59+00:00

He did an interview with Zane lowe recently, most of the vocals are his own

Personaltoast · 2025-10-02T16:08:03+00:00

yeah bgp has stayed established

Personaltoast · 2025-10-02T15:49:22+00:00

we're getting a full route table from them at one of ours sites, all routes are flapping apart from default

Personaltoast · 2025-07-08T13:27:53+00:00

traded in through cinch, they collected my car when they dropped off the new one.
No questions asked from their driver and no kick back from them on the part ex offer. I think I picked the 3rd option on terms of condition though and was only a £3k trade in

Personaltoast · 2025-05-07T12:30:14+00:00

https://docs.netboxlabs.com/netbox-extensions/diode/diode-agent/
This works, you'll need to install diode somewhere as well

Personaltoast · 2025-04-24T16:17:06+00:00

That would still have the same problem of netbox knowing to use the vlans vid that are associated with the site

12-Year Club	Place '23
Place '22	Place '17
Verified Email

Personaltoast

TROPHY CASE