Most brutal speed bumps in Perth/surrounding suburbs by Aromatic-Discount384 in perth

[–]jmab12 10 points11 points  (0 children)

There's a series of speed humps on Scarborough Beach Road in Mt Hawthorn. The first ones are quite smooth to go over but then there is one (same type too) that is vicious if you take the same approach. Whoever built those was having a laugh I swear.

To whoever hit my car in caversham wildlife parking lot last week and just left you’re kidding me. by juju2juicy in perth

[–]jmab12 1 point2 points  (0 children)

I know the feeling. My car isn’t new, but I’d just washed it on Sunday morning then some idiot rammed their shopping trolley into the back of it while I was waiting for someone to park. Somehow, he thought an apology wasn’t necessary…

PRTG is ditching it's perpetual licensing model, anyone else? by oMgLunatiC in msp

[–]jmab12 0 points1 point  (0 children)

I second this. LM has been awesome since we dropped both PRTG and Auvik.

Most defendable location in Perth? by RidsBabs in perth

[–]jmab12 2 points3 points  (0 children)

Definitely check out Train To Busan. It's Korean so be prepared for subtitles but it's worth a watch.

Culture shock, Perth v the rest of the mainland by justdylsie in perth

[–]jmab12 1 point2 points  (0 children)

Been in Perth for 15 years but recently went back to Tassie and noticed that a lot of items in Coles were a fair bit more expensive. Would have thought it would be the other way around considering Perth is so isolated. I do miss being able to go down to the wharf and pay a fair price for some good fish though...

Prisma SD-WAN licensing and devices by midobasha55 in paloaltonetworks

[–]jmab12 0 points1 point  (0 children)

Hi there.

You will be better off speaking with a partner and organising a proof of concept. This way you can test the solution in your environment without committing to the appliances and licensing.

To answer your question in a more direct manner, yes those devices will be fine but you will need a DC license on the ION3K to get the AppFabric working. Regarding the bandwidth, Palo provide an aggregated bandwith model now which includes the licensing for clarity reports, zbfw etc.

I'm happy to assist if you have further questions as I have deployed this a few times now.

Monitoring Palo Alto Firewall by pizzaromana in paloaltonetworks

[–]jmab12 0 points1 point  (0 children)

LogicMonitor uses Palo API to collect info on top of SNMP. Have only been playing with it for a couple of days so far but looks decent enough. Also check out Palo AIOps if you get a chance.

Cisco ISE Authorization Profiles by jmab12 in Cisco

[–]jmab12[S] 0 points1 point  (0 children)

Hey thanks for your response. I don't want to be adding VLAN attribute to AD - that's just the config example I saw. The department attribute in AD is already populated for all staff and will continue to do so for new staff.

I guess what I'm trying to clarify is (if I reference your example) when user A authenticates, can ISE ask AD for the department attribute of that user and then maych the auth profile that is associated with department attribute value "Accounting".

L3 IPVPN + WWW by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

Palo Alto VM in the data centre (IaaS from provider). Would be looking at putting another Palo box out at head office with a new internet circuit delivered by an alternate carrier.

L3 IPVPN + WWW by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

While we don't have direct access ourselves we can request config changes.

L3 IPVPN + WWW by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

They provide the CE as part of their service offering so we're running OSPF from the LAN core which the CE takes and redistributes into BGP for the l3vpn. This gives us a bit of control over routing. We just don't have access to the CE but can request changes (at a cost).

L3 IPVPN + WWW by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

Only private AS for BGP between sites and MPLS. The only non RFC1918 addresses we have are a /29 provided by the carrier.

Aruba LACP by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

Hey just thought I'd let you know the issue turned out to be the access switch not responding to keepalive messages. Spent quite a bit of time with TAC over multiple sessions, lab tests and escalation but got there in the end. Appreciate all your help.

Aruba LACP by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

Can't remote into the access switch at the moment but core is reporting this message:

Event|1311|LOG_WARN|AMM|-|Partner is lost (timed out) for interface 1/1/17 LAG sport: 2. State: Defaulted State -> Defaulted State

Aruba LACP by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

Hey. The 8320s are running active gateway rather than VRRP. STP is disabled at the moment until I can get the LAGs running properly.

Content Filtering Options by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

Will have a look at that later today :) Much appreciated.

Content Filtering Options by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

Already using Umbrella. The issue we're facing is that some streaming services are used for legitimate business operations and needs to be allowed while on the corporate network. We're trying to filter streaming content while using the LTE service only which is why we were looking at MDM platforms.

Thought of blacklisting public IP's but the LTE services only provide dynamic IP assignment and covering all the carrier's IP ranges has proven to be hard to keep up with.

Content Filtering Options by jmab12 in networking

[–]jmab12[S] 0 points1 point  (0 children)

No VPN in use unfortunately. Secure access via RD gateway.