r/Cisco

▲ 5 r/Cisco

Exam advice

Heyy, planning to take CCST exam. Is it worth in 2026? My plan is to get a certificate and find entry level job.

reddit.com
u/aamirpatel18 — 7 hours ago
▲ 168 r/Cisco

Saw someone setup a bunch of switches and routers using Claude, no knowledge, is this the future?

I saw my boss setup a bunch of new switches a firewall and router with no cisco knowledge. He connected claude code, told it what he wanted and let it do everything.
Replacing a chunk of network infrastructure

Later, after it was all done, he was asking what conf t meant

Is this the future of networking?

reddit.com
u/Wraith_9912 — 1 day ago
▲ 0 r/Cisco

Cisco software test engineer trainee intent to offer anyone got? I got it tdy

My interview was one june 4 got intent to offer today

reddit.com
u/Cold-Shallot7043 — 13 hours ago
▲ 6 r/Cisco

Cisco 6-Month Vendor Contract – Is Full-Time Conversion Possible?

I have an offer to work as a vendor employee for Cisco on an initial 6-month client contract. Has anyone seen vendor/contract employees get converted to full-time Cisco employees? How common is it?

reddit.com
u/Frequent_Jello789 — 23 hours ago
▲ 25 r/Cisco+2 crossposts

Building a Multi-Tenant EVPN/VXLAN Fabric

Hi all,

I've just finished building a multi-tenant EVPN/VXLAN lab on EVE-NG using Cisco NX-OSv.

The lab includes:

  • BGP EVPN control plane
  • VXLAN data plane
  • Symmetric IRB with L3VNIs
  • Multi-tenant segmentation
  • Distributed Anycast Gateway
  • Classic vPC and vPC Fabric Peering (Anycast VTEP)
  • PIP vs VIP behavior for orphan and dual-homed hosts

One limitation I found is that NX-OSv doesn't support native EVPN Multi-Homing (ESI), so that's next on the list using physical hardware.

I wrote a LinkedIn post with more details and the complete topology diagram. I'd love to hear feedback from anyone working with EVPN/VXLAN in production or in the lab.

https://www.linkedin.com/posts/nicholas-lilla_evpn-vxlan-nxos-share-7478860375971540992-9zcm/?utm_source=share&utm_medium=member_desktop&rcm=ACoAADoheFkBiLd7Sv2O2GEP6PInjjGOjhaScyQ

Have a good day! :)

u/NichLilla — 1 day ago
▲ 0 r/Cisco

Cisco Catalys Center ISO

Hi everyone,

I'm trying to obtain the Cisco Catalyst Center 2.3.7.10 installation ISO for a recovery/redeployment.

Can anyone give me the iso file? i'll provide the onedrive link to drop on it

Thanks in advance!

reddit.com
u/Kind_Bluebird9270 — 2 days ago
▲ 9 r/Cisco

Cisco CML impossible to run on VMware Workstation pro

//Solved!!!!!//

Hello guys,

So honestly Im extremely frustrated with this, maybe someone went through the same and can tell me what is happening. I've been using CML (cisco modeling labs) to study for my CCNP Encor and Enarsi. I had it in other computer and it was working fine, but I decided to get a new computer recently and basically its impossible to make it run.

To give you a small overview of my current PC:

Component Model
CPU (Processor) Intel Core Ultra 7 270K Plus Tray
Motherboard ASUS ROG STRIX Z890-F GAMING WIFI
Graphics Card (GPU) Gigabyte Radeon RX 9060 XT GAMING OC 16 GB
Memory (RAM) Kingston Fury Beast Black 64 GB (2×32 GB) DDR5-5600 CL40 DIMM
Storage (SSD) Kingston KC3000 2 TB M.2 PCIe 4.0 NVMe SSD

Now, lets mention that from BIOS:

- Intel (VMX) Virtualization Technology is enabled

- VT-d (Intel’s I/O virtualization) is enabled

From Windows 11 pro side:

- Hyper-V, Virtual Machine Platform, Windows Hypervisor Platform unchecked from Windows features

- Core isolation is off

- (cmd) bcdedit /set hypervisorlaunchtype off <successfull

- Virtualization enabled in the CPU performance tab in the tyask manager

- "Turn on Virtualization Based Security" inside Device guard (gpedit.msc) is set to disable

What I try to open the VM (moved from one PC to other with the current config but this is happening even if I try to create a new VM from the OVA)

"Virtualized Intel VT-x/EPT is not supported on this platform.

Continue without virtualized Intel VT-x/EPT?"

&gt; If I click yes then:

"Feature 'hv.capable' was 0, but must be at least 0x1.

Module 'FeatureCompatLate' power on failed.

Failed to start the virtual machine."

I dont know honestly what to do... Any idea on this? I know 100% this PC supports virtualization because Ive checked multiple time the BIOS. I know I can use Proxmox but I have never tried it and honestly I would prefer a "easy" solution rather to doing such a huge changes...

Thanks!!

reddit.com
u/AngeliMortem — 2 days ago
▲ 3 r/Cisco

Cisco CSF220 vs PA-440

Hi! We are considering new sd-wan, next gen firewall for our remote sites.
Currently we have shortlisted CSF220-TD-K9 and PAN-PA-440.

Licensing for both is a mess, but for Cisco it would be TMC license for PA, not sure what is the SKU as the CORESEC bundle been listed as EOL. Replaced with Precision AI and Precision AI Pro.

Both systems are similar in terms of pricing and offered features. Could you share your experience and thoughts? How to they compare nowadays?
Easy to use and deploy, etc.
Also with Cisco, we would use Catalyst C1300 series, with PA either same switch or other brand.

We have been also considering Versa CSG355 Elite but typical response time is like 3 weeks which has been off putting and pricing was higher than Cisco or PA.

Currently using FG60F but licensing will end next year, so we are looking for alternatives.

Thanks.

reddit.com
u/burco4 — 3 days ago
▲ 25 r/Cisco

Am I capable of learning ISE

Sooo, im 18, and recently passed my CCNA!!!
I'm still an intern at the place I work but one week after the CCNA my boss rearranged me to start sitting with the tier 2 support guys, I have no experience in tech support, when I started with 17yo, I was only doing basic ticket management. Problem is that my co-worker whos older and "tutoring" me advised me to start learning ISE (I saw them trying to set up a MAB, wich I didn't know what it was but after searching it I think understood it), I kinda already knew what ISE is because of the CCNA but never touched it, I tried starting to learn it with dCloud and seeing the black belt courses but it just seems VERY, VERY VERY HARD for me right now.

Should I start seeing onto ISE right now with my level of knowledge and if so where do i look, or should I climb the concepts to get to thenecessary level and if so what level and where to learn them.

reddit.com
u/Kiro1010 — 4 days ago
▲ 4 r/Cisco+1 crossposts

Cisco ghosted me for 25 days after clearing all 3 interview rounds — is this normal?

I interviewed for the Technical Sales Apprenticeship role at Cisco. Cleared all 3 rounds, with the final round happening on June 10th. That's 22 days ago now.I asked the interviewer at ETR round for feedback afterward, and he mentioned that most candidates who make it to the final round usually do get an offer letter eventually. That gave me some hope, but the silence since then has been really hard to sit with.I've emailed HR but haven't gotten any response back.

For context: I'm from a tier-3 college 2025 grad and don't have a very strong technical skill set, I can do solve some easy med DSA questions n all but i lost hope from IT while trying out for an year.

so this offer would genuinely be one of the best packages I could realistically get right now. I know I'm probably relying on it too much, but it's hard not to when the alternative options being pushed on me (through placement consultants) are low-paying jobs (10-15k)

Has anyone else gone through a similar wait with Cisco ?Is a 3-4 week silence after final rounds normal for them, or should I start looking elsewhere seriously? Or anyway where i can contact them and ask??

reddit.com
u/wanna_beengineer — 3 days ago
▲ 8 r/Cisco+1 crossposts

STP BPDU Conflict and MAC Address Flapping Issues

Hi everyone,

I wanted to share a network troubleshooting case I've been diagnosing for one of our company's clients. My official role is "Sysadmin," but I wear many hats. I've been in this position for almost 3 years, and it's my first "serious" IT job. Trying to be proactive during downtime when tickets are low, I started analyzing this client's network and I noticed a massive amount of [TCP Dup ACK] and [TCP Retransmission] packets. Many of these were directly tied to an SQL server. In the past, users had reported intermittent connection drops to this server, but we were never able to reproduce the issue on our end. This prompted me to dig deeper into the network to figure out how it’s actually operating.

The infrastructure consists of 1 router, 13 switches, and 75 APs—all Cisco Meraki. I began auditing the switches and their event logs one by one. I had never touched Meraki before, so I went in blind, relying heavily on documentation and AI assistance. This is what I've uncovered so far:

  1. Every single switch is suffering from severe MAC Address Flapping.
  2. Some switches have degraded ports operating at sub-optimal speeds (link speed duplex mismatches/downgrades).
  3. On one specific switch, Port 24 is connected to a Ubiquiti wireless bridge (antenna) that links to a remote sector of the campus. Along with the MAC flapping, this specific port triggers stp_bpdu_conflict events. It doesn't happen as frequently as the MAC flapping, but it is a recurring issue.

This led me to investigate what lies on the other side of that wireless bridge, especially since the exact log reads:

>

From what I understand, the switch received an STP BPDU from MAC 0C:EA:14... when it was strictly expecting it from MAC 00:0B:86....

Behind the local Data Center switch, there is a legitimate Root Switch with a priority of 4096 handling STP. On the other side of the wireless bridge, I found a UniFi switch matching the 0C MAC address, and an Aruba Mobility Controller matching the 00:0B MAC address.

According to Cisco Meraki's best practices for multi-vendor environments, it is recommended to enable Root Guard on any port leading to non-Meraki switches. I went ahead and enabled Root Guard on Port 24, but the issues persist.

What should I look into next? The last thing I checked was the STP priorities: both the UniFi switch and the Aruba controller are running the default maximum priority of 32768 (Note: corrected from 36768).

  • Are the [TCP Dup ACK] and [TCP Retransmission] packets related to this STP BPDU conflict?
  • Is the MAC address flapping also tied to this, or is it a separate issue? Every flapping MAC I’ve tracked down so far belongs to a smartphone. However, some MAC addresses log over 700 flaps in just 4 days. Here is a sample of the logs:

>

What would be the best next steps to continue troubleshooting or analyzing this environment?

Thanks in advance for your insights!Hi everyone,I wanted to share a network troubleshooting case I've been diagnosing for one of our company's clients. My official role is "Sysadmin," but I wear many hats. I've been in this position for almost 3 years, and it's my first "serious" IT job. Trying to be proactive during downtime when tickets are low, I started analyzing this client's network and found the following:[Insert TCP Dup ACK screenshot here]I noticed a massive amount of [TCP Dup ACK] and [TCP Retransmission] packets. Many of these were directly tied to an SQL server. In the past, users had reported intermittent connection drops to this server, but we were never able to reproduce the issue on our end. This prompted me to dig deeper into the network to figure out how it’s actually operating.The infrastructure consists of 1 router, 13 switches, and 75 APs—all Cisco Meraki. I began auditing the switches and their event logs one by one. I had never touched Meraki before, so I went in blind, relying heavily on documentation and AI assistance. This is what I've uncovered so far:Every single switch is suffering from severe MAC Address Flapping.

Some switches have degraded ports operating at sub-optimal speeds (link speed duplex mismatches/downgrades).

On one specific switch, Port 24 is connected to a Ubiquiti wireless bridge (antenna) that links to a remote sector of the campus. Along with the MAC flapping, this specific port triggers stp_bpdu_conflict events. It doesn't happen as frequently as the MAC flapping, but it is a recurring issue.This led me to investigate what lies on the other side of that wireless bridge, especially since the exact log reads:

Port 24 received BPDU from 0C:EA:14:x, 24; expected 00:0B:86:x, 1

From what I understand, the switch received an STP BPDU from MAC 0C:EA:14... when it was strictly expecting it from MAC 00:0B:86....Behind the local Data Center switch, there is a legitimate Root Switch with a priority of 4096 handling STP. On the other side of the wireless bridge, I found a UniFi switch matching the 0C MAC address, and an Aruba Mobility Controller matching the 00:0B MAC address.According to Cisco Meraki's best practices for multi-vendor environments, it is recommended to enable Root Guard on any port leading to non-Meraki switches. I went ahead and enabled Root Guard on Port 24, but the issues persist.What should I look into next? The last thing I checked was the STP priorities: both the UniFi switch and the Aruba controller are running the default maximum priority of 32768 (Note: corrected from 36768).Are the [TCP Dup ACK] and [TCP Retransmission] packets related to this STP BPDU conflict?

Is the MAC address flapping also tied to this, or is it a separate issue? Every flapping MAC I’ve tracked down so far belongs to a smartphone. However, some MAC addresses log over 700 flaps in just 4 days. Here is a sample MACs flapping:

MAC: 0E:6D:X, Ports: 15, AGGR/0, 16, VLAN: 27
MAC: 2E:3C:X, Ports: AGGR/0, 15, 16, VLAN: 27
MAC: CA:78:X, Ports: 15, AGGR/0, 15, VLAN: 27
MAC: 3C:CD:X, Ports: AGGR/0, 15, AGGR/0, VLAN: 26
MAC: E0:2B:X, Ports: 15, AGGR/0, 15, VLAN: 27
MAC: BE:85:X, Ports: 16, 15, 16, VLAN: 27
MAC: 42:AA:X, Ports: 15, AGGR/0, 16, VLAN: 27

What would be the best next steps to continue troubleshooting or analyzing this environment?Thanks in advance for your insights!

reddit.com
u/nismanidades — 4 days ago
▲ 0 r/Cisco

I missed a call from cisco about apprenticeship interview scheduling

What should I do, I got a call while I was getting freshed🥲

reddit.com
u/Murky-Shock-5229 — 3 days ago
▲ 1 r/Cisco

SFP issues - weird little switch

I need to connect an MDF to an IDF switch.

Switch in the MDF is a C1300-48FP-4G

Fiber SFP are FS brand - SFP1G-85-1

We have used dozens of these switches/fiber modules in the past and they work fine.

This is where it gets fun.

For this IDF, I have to install in a wall enclosure. There's no rack and no room for a full size switch.

When I connect the 1300 switch in the MDF to a temporary switch I have in the IDF (a CISCO BUSINESS 250 Series 8 port switch that won't fit in the enclosure), everything works. Fiber link comes up, devices work just fine.

I bought a tiny 4 port PoE+ sfp switch (E-LINK lnk imc104gp sfp - Mini Industrial 4-Port 10/100/1000T 802.3at PoE + 1-Port 100/1000X SFP Ethernet Switch with 12~48VDC Input and Voltage Booster).

When I connect the fiber in the IDF to the E Link Switch (same SFP - works when patched into the CISCO 250 SWITCH) I get no link.

However, if I string everything together and go from MDF Cisco 1300 --> IDF Cisco Business 250 --> E-LINK SWITCH ----> IT WORKS.

I SSH in and see the SFP recognized in the 1300 switch just like the 250, but there is no sign of life when I patch the cable in on the 1300 - but the 250 links right up.

TL;DR - Why can I connect from a Cisco Business 250 to a weird little chinese switch no problem, but a fiber connection (utilising the same cable, the same SFP) from a Cisco 1300 doesn't link up?

Halp?

reddit.com
u/call0w — 3 days ago
▲ 9 r/Cisco

DOT1x and MAB DHCP issue

We run Cisco ISE and it works well for doing 802.1x port authentication. Problem is we have some vendor security/IOT devices that we need to do MAB on because they do not have a proper supplicant.

Long story short, these devices are supposed to go into VLAN 732, and that works flawlessly when the MAB Identity Group matches the MAC address and the authorization policy pushes VLAN 732.... All that applies correctly, BUT DHCP does NOT work after MAB even an ipconfig /release or an ipconfig /renew is a no go.

Strangely enough if we change the order to MAB first then DOT1X all works well except then DOT1X devices cannot get DHCP.

Any ideas?

This is the config right now on the 9300x Catylyst ports:

switchport access vlan 30

switchport mode access

switchport voice vlan 31

authentication event fail action next-method

authentication event server dead action authorize vlan 30

authentication event server dead action authorize voice

authentication event server alive action reinitialize

authentication host-mode multi-auth

authentication open

authentication port-control auto

authentication periodic

authentication timer reauthenticate server

authentication timer inactivity server dynamic

authentication violation restrict

mab

dot1x pae authenticator

dot1x timeout tx-period 10

auto qos trust dscp

spanning-tree portfast

service-policy input AutoQos-4.0-Trust-Dscp-Input-Policy

service-policy output AutoQos-4.0-Output-Policy

EDIT: Running IOS-XE 17.15.05 on the 9300X-48HX switch stacks

reddit.com
u/BluebirdExpress6279 — 5 days ago
▲ 32 r/Cisco

This will save you hours learning for your CCNA

https://preview.redd.it/2f2t09tvokah1.png?width=640&format=png&auto=webp&s=916f027a909afab30ac13566f92c36065798c44a

This site has 100 labs that are guided and graded as you go. All in one place ready to go instantly. Scaling into CCNP soon. Like a hyperbolic chamber for networking.

Imagine if Boson or PT had a baby with duolingo/tryhackme

It’s completely free right now. We’re just trying to get honest feedback from the networking community.

Please enjoy! Switchlab.dev

reddit.com
u/Visual-Ambassador-99 — 5 days ago
▲ 2 r/Cisco

Co-channel 5ghz utilizando 40mhz

Boa noite pessoal,

Gostaria de tirar uma duvida sobre wifi, onde trabalho existe a cultura de colocar frequencia 5hz e configurado para 40 mhz, com isso o throughput aumenta, mas voce utiliza dois canais para cada acccess point, estou enfrentando problemas de co-channel pois os canais precisam se repetir, exemplo fiz um site survey em um escritorio de alta densidade que vai utiliza 14 access points no primeiro andar e mais 12 no térreo modelos cisco 9120i, nesse cenario e impossivel nao repetir canais. O recomendado para esse cenário serio utilizar em 20 MHz para aumentar a quantidade de canais? E se for o throughput muda muito?

Obrigado.

reddit.com
u/andbooleano — 4 days ago
▲ 6 r/Cisco

Is SD-WAN Integration With Legacy Infrastructure Worth the Complexity

We're about 18 months into an SD-WAN deployment at a retail chain with 80 branches, and about 35 of them are still in hybrid state -- SD-WAN edges installed, running alongside MPLS circuits that are under contracts that don't expire for another 14 to 22 months. I won't pretend the hybrid operating period has been simple. We have two separate monitoring systems that need to be correlated during incidents, routing coexistence between the SD-WAN fabric and the legacy EIGRP environment took longer than anyone planned to get stable, and there are sites where the SD-WAN edge and the legacy CPE are both in the path in a way that makes troubleshooting calls genuinely annoying.

That said, the branches that have been fully migrated are noticeably easier to operate, and even the hybrid sites are delivering real benefits we didn't have before. Application-aware path selection means we stopped losing Teams calls every time a branch's primary circuit had a bad afternoon. We can see WAN performance across all 80 branches in one dashboard instead of five. The MPLS circuits that are still under contract are now cold standby rather than primary paths, which reduced our per-site bandwidth costs on those circuits. The thing that has made the hybrid period manageable is getting both the SD-WAN telemetry and the legacy network telemetry into the same observability platform early. Before we did that, incidents at hybrid sites were genuinely painful to triage. After, they're just normal incidents. Did anyone else find that unified observability was what made the coexistence period tolerable, or did you solve the two-dashboard problem differently.

reddit.com
u/ElderberryLexi — 5 days ago
▲ 2 r/Cisco

Currently doing my first Cisco course and wanted some tips?

I'm currently doing the Cisco CyberOps Associate course. I got it for free from my uni, and while I'm actually studying compsci and not cyber security they still said it would be useful to do.

However, I'm finding it hard to focus and take in all the info and with it being my first Cisco course I wasn't sure how important it is that I learn everything. Is it fine to skip over a lab if I'm not understanding it, and should I make comprehensive notes for every topic and module?

There are 28 modules in total, and I was hoping to get this done in the next 2 months, do you think that would be possible?

Thanks for any advice you can give! Especially if you've done this course before, that would be great!

reddit.com
u/Mobile_Resident7964 — 5 days ago
▲ 27 r/Cisco+1 crossposts

All CCIEs: Where were you when you got it?

Hello! I'm studying for the CCNA right now, and it's definitely an uphill battle. I got curious one night about how evil the other certs could be, and I saw the horror that was the CCNP. I thought "no way could it get any worse" and then I learned about the CCIE and lost my mind!!!

This leads me to my question, which is: Where were you at in your career that you were able to achieve the CCIE? What roles were you in, what experiences had you worked through, projects you built out?

Thank you in advance for your responses; I look forward to learning and reading from you guys!

reddit.com
u/payterrrrrrrrr — 6 days ago
▲ 2 r/Cisco

HELP Cisco packet tracer

Hi everyone,

I’m having a problem with Cisco Packet Tracer and I’m wondering if anyone else has experienced this.

When my laptop is in light mode, Packet Tracer looks normal and all the colors are fine. But when I switch my laptop to dark mode, the colors inside Packet Tracer start acting weird / shuffling around. Some parts of the interface and device windows become hard to read because the colors seem wrong.

I already tried changing the color scheme inside Packet Tracer through:

Options → Preferences → Interface → Color Scheme

but that did not fix the problem.

I don’t really want to put my whole laptop back into light mode just to use Packet Tracer, because I prefer using dark mode.

Has anyone found a fix or workaround for this? Is this a known Packet Tracer issue with Windows dark mode, or is there a setting I can change?

I’m using:

  • Cisco Packet Tracer version: [9.0.0]
  • Operating system: [Windows 11 PRO]

Any help would be appreciated.

reddit.com
u/FitDragonfruit9730 — 5 days ago