Cisco networking & eduroam: Rate Limiting Using Microflow Policing

This is my final post on the interesting technical aspects of the new networking infrastructure that support the eduroam service around the university. This post covers the finer technical details of how we currently rate limit client devices to 8Mbps … Continue reading

Posted in Cisco Networks, eduroam | 1 Comment

Configuring Cisco Ethernet management interfaces

Following on from recent posts where I have covered our use of the Cisco Catalyst 4500-X platform for the eduroam networking infrastructure upgrade project, I thought it would be good to cover the Ethernet management interface in more detail. Why, … Continue reading

Posted in Cisco Networks | Leave a comment

Cisco networking and eduroam: Routing

This is the first post in a series discussing some of the finer details of the networking setup for the new eduroam infrastructure that went into production last month. In this post, I will be covering the IP routing setup … Continue reading

Posted in Cisco Networks, eduroam | Leave a comment

Building the new eduroam networking infrastructure

As many of you around the university are likely to be aware of by now, this month we migrated to a new backend infrastructure to support the eduroam service across the city. This blog post has been written to give … Continue reading

Posted in Cisco Networks, eduroam, Wireless | Leave a comment

Using Microsoft Active Directory as the Authentication server for an SSL VPN on a Cisco ASA.

Background We wanted to be able to run an SSL VPN for a second team (Team B) on one of our ASA pairs. It was important to give each team a different VPN pool for security reasons. The first team … Continue reading

Posted in Cisco Networks, VPN | Tagged | Leave a comment

ASA 5505 Transparent Mode DHCP and Memory fun

We have a customer who uses a Cisco ASA 5505 in transparent mode to protect a small LAN. They did the right thing and took out SmartNet cover, but the reseller botched something and the TAC wouldn’t play with them … Continue reading

Posted in Best Practices, Cisco Networks, DHCP, Firewall, General Maintenance | Leave a comment

VPN NAT Changes

What is this post about? We are planning to make a minor change to the way our VPNs NAT clients. For those who are interested, this blog post explains why and how we are doing this. Please note that these … Continue reading

Posted in Cisco Networks, Documentation, General Maintenance, VPN | Leave a comment

OUCS Backbone Network Naming and Numbering Conventions

Introduction This blog post is intended to help ITSS in Oxford to better understand how the centrally provided network fits together with their own local networks. It is also hoped it will assist them in assessing the impact of any … Continue reading

Posted in Backbone Network, Cisco Networks, Documentation, General Maintenance | 1 Comment

Budget High Availability ASA testing

The problem We’re looking at setting up a management network behind a couple of ASAs. My requirements and prerequisites are: No L2 end to end VLANs through the core. That is bad and wrong. A total site failure at one … Continue reading

Posted in Cisco Networks, Firewall | Leave a comment

MAC Flaps – why are they bad?

What is a MAC Flap? A MAC Flap is caused when a switch receives packets from two different interfaces with the same source MAC address. If this makes no sense, perhaps a  quick summary of how switching at layer 2 … Continue reading

Posted in Backbone Network, Best Practices, Cisco Networks | Tagged | 4 Comments