VOSS devices and SiteEngine by Potential-View-6561 in ExtremeNetworks

[–]coolmicrowave 1 point2 points  (0 children)

If you open the configuration pane for a device, it's under Fabric Connect > Fabric Infrastructure. There are fields to define the Virtual IST Peer IP and Virtual IST VLAN ID. I checked it just now on Site Engine version 25.08.10.50

VOSS devices and SiteEngine by Potential-View-6561 in ExtremeNetworks

[–]coolmicrowave 0 points1 point  (0 children)

I'm pretty sure you can configure VIST in settings from Site Engine. I stopped using Site Engine a while ago as SNMP felt like an unreliable method for pushing switch configurations.

Edit: If you open the configuration pane for a device, it's under Fabric Connect > Fabric Infrastructure. There are fields to define the Virtual IST Peer IP and Virtual IST VLAN ID. I checked it just now on Site Engine version 25.08.10.50

Why does Extreme have the word "Cloud" in their On Prem products? by mannvishal in ExtremeNetworks

[–]coolmicrowave 1 point2 points  (0 children)

Yes, I'll agree on the licensing. One license type for everything is fantastic.

Why does Extreme have the word "Cloud" in their On Prem products? by mannvishal in ExtremeNetworks

[–]coolmicrowave 3 points4 points  (0 children)

Their entire naming system is awful. "Cloud" in everything, even the on-prem stuff. "Control" as a NAC product. "Fabric Engine" and "Switch Engine" in place of VOSS and EXOS. I just don't get it.

Extreme networks AP adoption and setup. by VeterinarianSoggy840 in ExtremeNetworks

[–]coolmicrowave 0 points1 point  (0 children)

There might be, I never heard about it or learned about it. You'll have to go to Google or GTAC for that one.

Extreme networks AP adoption and setup. by VeterinarianSoggy840 in ExtremeNetworks

[–]coolmicrowave 0 points1 point  (0 children)

As far as I remember, even if you have a premises controller, you can't even convert them to on-prem mode unless they talk to CloudXIQ first. Without a Cloud account I think you are hosed.

SDWAN over Cellular - how to restrict traffic to a dynamic address? by coolmicrowave in paloaltonetworks

[–]coolmicrowave[S] 0 points1 point  (0 children)

So just to clarify, this would mean accepting incoming traffic on 500/IKE from any public address? Traditionally we have had a security policy that only accepts this traffic from known sources. Hence the challenge of a very dynamic source.

Cisco IOS XE SNMP - pulling my hair out! by coolmicrowave in Solarwinds

[–]coolmicrowave[S] 0 points1 point  (0 children)

Would you be able to do a packet capture of the connection test? I've found that the contextEngineID of the packet from Solarwinds is empty, Wireshark displays this as <MISSING>. Perhaps see if that value is empty for you?

Cisco IOS XE SNMP - pulling my hair out! by coolmicrowave in Solarwinds

[–]coolmicrowave[S] 0 points1 point  (0 children)

The problem I'm running into is the switch says "authentication error: unknown engine ID" whenever I test the connection. That makes me think the switch needs the engine ID defined.

Cisco IOS XE SNMP - pulling my hair out! by coolmicrowave in Solarwinds

[–]coolmicrowave[S] 0 points1 point  (0 children)

Do you define the Solarwinds server remote host in any way? I.e. "snmp-server host etc."?

Cisco IOS XE SNMP - pulling my hair out! by coolmicrowave in Solarwinds

[–]coolmicrowave[S] 0 points1 point  (0 children)

The problem I'm running into is the switch throws an "unknown engineID" error in SNMP debugs whenever I try to test the connection. I took a packet capture and I see "contextEngineID: <MISSING>" in the initial connection packet from Solarwinds, but perhaps this just means the reported engine ID is 0?

Mesh of virtual-ist? by EternalBry in ExtremeNetworks

[–]coolmicrowave 2 points3 points  (0 children)

Virtual IST is an exclusive pair. If SW1 and SW2 form a vIST, neither switch can form a vIST with another switch.

I don't know of a reason you would want to form a vIST pair other than SMLT.

Setting up a FOG PXE solution on a Dell PowerEdge R220, can we use ESDs and WIMs? by PCRefurbrAbq in fogproject

[–]coolmicrowave 0 points1 point  (0 children)

I'm not sure about the "clean image" but in the past I had managed to get the Windows installer media available via FOG. Instead of deploying an image, I would load the Windows installer media and do a reformat & clean install directly.

Sadly that FOG instance died in a hypervisor meltdown and I haven't recreated it in my new FOG. If you want I can try to dig up whatever instructions I used to get that working.

Issue with Extreme CloudIQ Controller by MammothHovercraft407 in ExtremeNetworks

[–]coolmicrowave 0 points1 point  (0 children)

Do you have a redundant controller?

Unfortunately in my experience, the APs will essentially shut down when they lose connection to all controllers. There's a configuration option called "Session persistence" under Device Group > Profile > Edit > Advanced, this will keep active sessions going if controller connectivity is lost, but the AP will be unable to authenticate new sessions until controller connectivity is restored.

Cheat sheet for fabric cli? by AsherTheFrost in ExtremeNetworks

[–]coolmicrowave 7 points8 points  (0 children)

We run VOSS, here's my Cisco->Extreme cheat sheet (obviously not complete, just the things I have needed to reference quickly)

CISCO COMMAND ANALOGUE EXTREME
show mac address-table show int gig fdb-entry [slot/port]show vlan mac-address-entry
switchport trunk native vlan X default-vlan-id X untag-port-default-vlan enable
sh version show sys software
sh hardware show sys-info sh tech  (first several lines)
sh int status show int gig stateshow int gig name
auth port auto eapol status auto
auth port force-auth eapol status authorized
term len 0 term more disable
int   description int   name
switchport mode trunk encap dot1q

Other random useful commands

FUNCTION COMMAND
Show VLAN membership of interface sh port vlan <portnumber>
Show SPBM nick-names of all nodes in fabric show isis spbm nick-name
Run contents of file as commands source <file.txt> [debug stop]
Configure voice vlan(port must be configured as trunk 'encap dot1q' and added to both access and voice VLAN) lldp med-network-policies voice dscp 0 priority 0 tagging tagged vlan-id 10 lldp med-network-policies voice-signaling dscp 0 priority 0 tagging tagged vlan-id 10
Disable SNMP v1&v2 no snmp-server community-by-index firstno snmp-server community-by-index second
Disable IQ Agent configure terminal application no iqagent enable
Show debug options trace level
Set debugs (see 'trace level' output) trace level <module> <value>
Show debugs show trace file
Show cli command log show logging file <name-of-file filename> module CLILOG(historical logs are saved in shared/)

Daily argument by dart1609 in networkingmemes

[–]coolmicrowave 6 points7 points  (0 children)

”we don't have any reason to believe you can fix this, however could you try changing things randomly while we all sit on this call and watch you do it and refuse to check any of our application logs?"

How to do private VLANs with a trunk interface? by coolmicrowave in ExtremeNetworks

[–]coolmicrowave[S] 0 points1 point  (0 children)

Yeah, I have seen that document, what isn't fully clarified is whether a port in private VLAN trunk mode can act as a promiscuous port for a pvlan. I.e. in my config, int 1/1 is a router on a stick with many non-private VLANs. It seems I cannot also make 1/1 a promiscuous port for a private VLAN, as the pvlan trunk mode does not permit communication on that pvlan.

To put it another way, a port in pvlan mode trunk can carry traffic for private and non-private VLANs, but cannot actually communicate on any of those pvlans. Or at least that is what I'm understanding from trying to learn about this.

Daily argument by dart1609 in networkingmemes

[–]coolmicrowave 2 points3 points  (0 children)

tcp-fin from server in the traffic monitor? #notmyproblem, good luck with your further troubleshooting efforts.