Exam advice
Heyy, planning to take CCST exam. Is it worth in 2026? My plan is to get a certificate and find entry level job.
Heyy, planning to take CCST exam. Is it worth in 2026? My plan is to get a certificate and find entry level job.
I saw my boss setup a bunch of new switches a firewall and router with no cisco knowledge. He connected claude code, told it what he wanted and let it do everything.
Replacing a chunk of network infrastructure
Later, after it was all done, he was asking what conf t meant
Is this the future of networking?
My interview was one june 4 got intent to offer today
I have an offer to work as a vendor employee for Cisco on an initial 6-month client contract. Has anyone seen vendor/contract employees get converted to full-time Cisco employees? How common is it?
Hi all,
I've just finished building a multi-tenant EVPN/VXLAN lab on EVE-NG using Cisco NX-OSv.
The lab includes:
One limitation I found is that NX-OSv doesn't support native EVPN Multi-Homing (ESI), so that's next on the list using physical hardware.
I wrote a LinkedIn post with more details and the complete topology diagram. I'd love to hear feedback from anyone working with EVPN/VXLAN in production or in the lab.
Have a good day! :)
Hi everyone,
I'm trying to obtain the Cisco Catalyst Center 2.3.7.10 installation ISO for a recovery/redeployment.
Can anyone give me the iso file? i'll provide the onedrive link to drop on it
Thanks in advance!
//Solved!!!!!//
Hello guys,
So honestly Im extremely frustrated with this, maybe someone went through the same and can tell me what is happening. I've been using CML (cisco modeling labs) to study for my CCNP Encor and Enarsi. I had it in other computer and it was working fine, but I decided to get a new computer recently and basically its impossible to make it run.
To give you a small overview of my current PC:
| Component | Model |
|---|---|
| CPU (Processor) | Intel Core Ultra 7 270K Plus Tray |
| Motherboard | ASUS ROG STRIX Z890-F GAMING WIFI |
| Graphics Card (GPU) | Gigabyte Radeon RX 9060 XT GAMING OC 16 GB |
| Memory (RAM) | Kingston Fury Beast Black 64 GB (2×32 GB) DDR5-5600 CL40 DIMM |
| Storage (SSD) | Kingston KC3000 2 TB M.2 PCIe 4.0 NVMe SSD |
Now, lets mention that from BIOS:
- Intel (VMX) Virtualization Technology is enabled
- VT-d (Intel’s I/O virtualization) is enabled
From Windows 11 pro side:
- Hyper-V, Virtual Machine Platform, Windows Hypervisor Platform unchecked from Windows features
- Core isolation is off
- (cmd) bcdedit /set hypervisorlaunchtype off <successfull
- Virtualization enabled in the CPU performance tab in the tyask manager
- "Turn on Virtualization Based Security" inside Device guard (gpedit.msc) is set to disable
What I try to open the VM (moved from one PC to other with the current config but this is happening even if I try to create a new VM from the OVA)
"Virtualized Intel VT-x/EPT is not supported on this platform.
Continue without virtualized Intel VT-x/EPT?"
> If I click yes then:
"Feature 'hv.capable' was 0, but must be at least 0x1.
Module 'FeatureCompatLate' power on failed.
Failed to start the virtual machine."
I dont know honestly what to do... Any idea on this? I know 100% this PC supports virtualization because Ive checked multiple time the BIOS. I know I can use Proxmox but I have never tried it and honestly I would prefer a "easy" solution rather to doing such a huge changes...
Thanks!!
Hi! We are considering new sd-wan, next gen firewall for our remote sites.
Currently we have shortlisted CSF220-TD-K9 and PAN-PA-440.
Licensing for both is a mess, but for Cisco it would be TMC license for PA, not sure what is the SKU as the CORESEC bundle been listed as EOL. Replaced with Precision AI and Precision AI Pro.
Both systems are similar in terms of pricing and offered features. Could you share your experience and thoughts? How to they compare nowadays?
Easy to use and deploy, etc.
Also with Cisco, we would use Catalyst C1300 series, with PA either same switch or other brand.
We have been also considering Versa CSG355 Elite but typical response time is like 3 weeks which has been off putting and pricing was higher than Cisco or PA.
Currently using FG60F but licensing will end next year, so we are looking for alternatives.
Thanks.
Sooo, im 18, and recently passed my CCNA!!!
I'm still an intern at the place I work but one week after the CCNA my boss rearranged me to start sitting with the tier 2 support guys, I have no experience in tech support, when I started with 17yo, I was only doing basic ticket management. Problem is that my co-worker whos older and "tutoring" me advised me to start learning ISE (I saw them trying to set up a MAB, wich I didn't know what it was but after searching it I think understood it), I kinda already knew what ISE is because of the CCNA but never touched it, I tried starting to learn it with dCloud and seeing the black belt courses but it just seems VERY, VERY VERY HARD for me right now.
Should I start seeing onto ISE right now with my level of knowledge and if so where do i look, or should I climb the concepts to get to thenecessary level and if so what level and where to learn them.
I interviewed for the Technical Sales Apprenticeship role at Cisco. Cleared all 3 rounds, with the final round happening on June 10th. That's 22 days ago now.I asked the interviewer at ETR round for feedback afterward, and he mentioned that most candidates who make it to the final round usually do get an offer letter eventually. That gave me some hope, but the silence since then has been really hard to sit with.I've emailed HR but haven't gotten any response back.
For context: I'm from a tier-3 college 2025 grad and don't have a very strong technical skill set, I can do solve some easy med DSA questions n all but i lost hope from IT while trying out for an year.
so this offer would genuinely be one of the best packages I could realistically get right now. I know I'm probably relying on it too much, but it's hard not to when the alternative options being pushed on me (through placement consultants) are low-paying jobs (10-15k)
Has anyone else gone through a similar wait with Cisco ?Is a 3-4 week silence after final rounds normal for them, or should I start looking elsewhere seriously? Or anyway where i can contact them and ask??
Hi everyone,
I wanted to share a network troubleshooting case I've been diagnosing for one of our company's clients. My official role is "Sysadmin," but I wear many hats. I've been in this position for almost 3 years, and it's my first "serious" IT job. Trying to be proactive during downtime when tickets are low, I started analyzing this client's network and I noticed a massive amount of [TCP Dup ACK] and [TCP Retransmission] packets. Many of these were directly tied to an SQL server. In the past, users had reported intermittent connection drops to this server, but we were never able to reproduce the issue on our end. This prompted me to dig deeper into the network to figure out how it’s actually operating.
The infrastructure consists of 1 router, 13 switches, and 75 APs—all Cisco Meraki. I began auditing the switches and their event logs one by one. I had never touched Meraki before, so I went in blind, relying heavily on documentation and AI assistance. This is what I've uncovered so far:
stp_bpdu_conflict events. It doesn't happen as frequently as the MAC flapping, but it is a recurring issue.This led me to investigate what lies on the other side of that wireless bridge, especially since the exact log reads:
>
From what I understand, the switch received an STP BPDU from MAC 0C:EA:14... when it was strictly expecting it from MAC 00:0B:86....
Behind the local Data Center switch, there is a legitimate Root Switch with a priority of 4096 handling STP. On the other side of the wireless bridge, I found a UniFi switch matching the 0C MAC address, and an Aruba Mobility Controller matching the 00:0B MAC address.
According to Cisco Meraki's best practices for multi-vendor environments, it is recommended to enable Root Guard on any port leading to non-Meraki switches. I went ahead and enabled Root Guard on Port 24, but the issues persist.
What should I look into next? The last thing I checked was the STP priorities: both the UniFi switch and the Aruba controller are running the default maximum priority of 32768 (Note: corrected from 36768).
[TCP Dup ACK] and [TCP Retransmission] packets related to this STP BPDU conflict?>
What would be the best next steps to continue troubleshooting or analyzing this environment?
Thanks in advance for your insights!Hi everyone,I wanted to share a network troubleshooting case I've been diagnosing for one of our company's clients. My official role is "Sysadmin," but I wear many hats. I've been in this position for almost 3 years, and it's my first "serious" IT job. Trying to be proactive during downtime when tickets are low, I started analyzing this client's network and found the following:[Insert TCP Dup ACK screenshot here]I noticed a massive amount of [TCP Dup ACK] and [TCP Retransmission] packets. Many of these were directly tied to an SQL server. In the past, users had reported intermittent connection drops to this server, but we were never able to reproduce the issue on our end. This prompted me to dig deeper into the network to figure out how it’s actually operating.The infrastructure consists of 1 router, 13 switches, and 75 APs—all Cisco Meraki. I began auditing the switches and their event logs one by one. I had never touched Meraki before, so I went in blind, relying heavily on documentation and AI assistance. This is what I've uncovered so far:Every single switch is suffering from severe MAC Address Flapping.
Some switches have degraded ports operating at sub-optimal speeds (link speed duplex mismatches/downgrades).
On one specific switch, Port 24 is connected to a Ubiquiti wireless bridge (antenna) that links to a remote sector of the campus. Along with the MAC flapping, this specific port triggers stp_bpdu_conflict events. It doesn't happen as frequently as the MAC flapping, but it is a recurring issue.This led me to investigate what lies on the other side of that wireless bridge, especially since the exact log reads:
Port 24 received BPDU from 0C:EA:14:x, 24; expected 00:0B:86:x, 1
From what I understand, the switch received an STP BPDU from MAC 0C:EA:14... when it was strictly expecting it from MAC 00:0B:86....Behind the local Data Center switch, there is a legitimate Root Switch with a priority of 4096 handling STP. On the other side of the wireless bridge, I found a UniFi switch matching the 0C MAC address, and an Aruba Mobility Controller matching the 00:0B MAC address.According to Cisco Meraki's best practices for multi-vendor environments, it is recommended to enable Root Guard on any port leading to non-Meraki switches. I went ahead and enabled Root Guard on Port 24, but the issues persist.What should I look into next? The last thing I checked was the STP priorities: both the UniFi switch and the Aruba controller are running the default maximum priority of 32768 (Note: corrected from 36768).Are the [TCP Dup ACK] and [TCP Retransmission] packets related to this STP BPDU conflict?
Is the MAC address flapping also tied to this, or is it a separate issue? Every flapping MAC I’ve tracked down so far belongs to a smartphone. However, some MAC addresses log over 700 flaps in just 4 days. Here is a sample MACs flapping:
MAC: 0E:6D:X, Ports: 15, AGGR/0, 16, VLAN: 27
MAC: 2E:3C:X, Ports: AGGR/0, 15, 16, VLAN: 27
MAC: CA:78:X, Ports: 15, AGGR/0, 15, VLAN: 27
MAC: 3C:CD:X, Ports: AGGR/0, 15, AGGR/0, VLAN: 26
MAC: E0:2B:X, Ports: 15, AGGR/0, 15, VLAN: 27
MAC: BE:85:X, Ports: 16, 15, 16, VLAN: 27
MAC: 42:AA:X, Ports: 15, AGGR/0, 16, VLAN: 27
What would be the best next steps to continue troubleshooting or analyzing this environment?Thanks in advance for your insights!
What should I do, I got a call while I was getting freshed🥲
I need to connect an MDF to an IDF switch.
Switch in the MDF is a C1300-48FP-4G
Fiber SFP are FS brand - SFP1G-85-1
We have used dozens of these switches/fiber modules in the past and they work fine.
This is where it gets fun.
For this IDF, I have to install in a wall enclosure. There's no rack and no room for a full size switch.
When I connect the 1300 switch in the MDF to a temporary switch I have in the IDF (a CISCO BUSINESS 250 Series 8 port switch that won't fit in the enclosure), everything works. Fiber link comes up, devices work just fine.
I bought a tiny 4 port PoE+ sfp switch (E-LINK lnk imc104gp sfp - Mini Industrial 4-Port 10/100/1000T 802.3at PoE + 1-Port 100/1000X SFP Ethernet Switch with 12~48VDC Input and Voltage Booster).
When I connect the fiber in the IDF to the E Link Switch (same SFP - works when patched into the CISCO 250 SWITCH) I get no link.
However, if I string everything together and go from MDF Cisco 1300 --> IDF Cisco Business 250 --> E-LINK SWITCH ----> IT WORKS.
I SSH in and see the SFP recognized in the 1300 switch just like the 250, but there is no sign of life when I patch the cable in on the 1300 - but the 250 links right up.
TL;DR - Why can I connect from a Cisco Business 250 to a weird little chinese switch no problem, but a fiber connection (utilising the same cable, the same SFP) from a Cisco 1300 doesn't link up?
Halp?
We run Cisco ISE and it works well for doing 802.1x port authentication. Problem is we have some vendor security/IOT devices that we need to do MAB on because they do not have a proper supplicant.
Long story short, these devices are supposed to go into VLAN 732, and that works flawlessly when the MAB Identity Group matches the MAC address and the authorization policy pushes VLAN 732.... All that applies correctly, BUT DHCP does NOT work after MAB even an ipconfig /release or an ipconfig /renew is a no go.
Strangely enough if we change the order to MAB first then DOT1X all works well except then DOT1X devices cannot get DHCP.
Any ideas?
This is the config right now on the 9300x Catylyst ports:
switchport access vlan 30
switchport mode access
switchport voice vlan 31
authentication event fail action next-method
authentication event server dead action authorize vlan 30
authentication event server dead action authorize voice
authentication event server alive action reinitialize
authentication host-mode multi-auth
authentication open
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication timer inactivity server dynamic
authentication violation restrict
mab
dot1x pae authenticator
dot1x timeout tx-period 10
auto qos trust dscp
spanning-tree portfast
service-policy input AutoQos-4.0-Trust-Dscp-Input-Policy
service-policy output AutoQos-4.0-Output-Policy
EDIT: Running IOS-XE 17.15.05 on the 9300X-48HX switch stacks
This site has 100 labs that are guided and graded as you go. All in one place ready to go instantly. Scaling into CCNP soon. Like a hyperbolic chamber for networking.
Imagine if Boson or PT had a baby with duolingo/tryhackme
It’s completely free right now. We’re just trying to get honest feedback from the networking community.
Please enjoy! Switchlab.dev
Boa noite pessoal,
Gostaria de tirar uma duvida sobre wifi, onde trabalho existe a cultura de colocar frequencia 5hz e configurado para 40 mhz, com isso o throughput aumenta, mas voce utiliza dois canais para cada acccess point, estou enfrentando problemas de co-channel pois os canais precisam se repetir, exemplo fiz um site survey em um escritorio de alta densidade que vai utiliza 14 access points no primeiro andar e mais 12 no térreo modelos cisco 9120i, nesse cenario e impossivel nao repetir canais. O recomendado para esse cenário serio utilizar em 20 MHz para aumentar a quantidade de canais? E se for o throughput muda muito?
Obrigado.
We're about 18 months into an SD-WAN deployment at a retail chain with 80 branches, and about 35 of them are still in hybrid state -- SD-WAN edges installed, running alongside MPLS circuits that are under contracts that don't expire for another 14 to 22 months. I won't pretend the hybrid operating period has been simple. We have two separate monitoring systems that need to be correlated during incidents, routing coexistence between the SD-WAN fabric and the legacy EIGRP environment took longer than anyone planned to get stable, and there are sites where the SD-WAN edge and the legacy CPE are both in the path in a way that makes troubleshooting calls genuinely annoying.
That said, the branches that have been fully migrated are noticeably easier to operate, and even the hybrid sites are delivering real benefits we didn't have before. Application-aware path selection means we stopped losing Teams calls every time a branch's primary circuit had a bad afternoon. We can see WAN performance across all 80 branches in one dashboard instead of five. The MPLS circuits that are still under contract are now cold standby rather than primary paths, which reduced our per-site bandwidth costs on those circuits. The thing that has made the hybrid period manageable is getting both the SD-WAN telemetry and the legacy network telemetry into the same observability platform early. Before we did that, incidents at hybrid sites were genuinely painful to triage. After, they're just normal incidents. Did anyone else find that unified observability was what made the coexistence period tolerable, or did you solve the two-dashboard problem differently.
I'm currently doing the Cisco CyberOps Associate course. I got it for free from my uni, and while I'm actually studying compsci and not cyber security they still said it would be useful to do.
However, I'm finding it hard to focus and take in all the info and with it being my first Cisco course I wasn't sure how important it is that I learn everything. Is it fine to skip over a lab if I'm not understanding it, and should I make comprehensive notes for every topic and module?
There are 28 modules in total, and I was hoping to get this done in the next 2 months, do you think that would be possible?
Thanks for any advice you can give! Especially if you've done this course before, that would be great!
Hello! I'm studying for the CCNA right now, and it's definitely an uphill battle. I got curious one night about how evil the other certs could be, and I saw the horror that was the CCNP. I thought "no way could it get any worse" and then I learned about the CCIE and lost my mind!!!
This leads me to my question, which is: Where were you at in your career that you were able to achieve the CCIE? What roles were you in, what experiences had you worked through, projects you built out?
Thank you in advance for your responses; I look forward to learning and reading from you guys!
Hi everyone,
I’m having a problem with Cisco Packet Tracer and I’m wondering if anyone else has experienced this.
When my laptop is in light mode, Packet Tracer looks normal and all the colors are fine. But when I switch my laptop to dark mode, the colors inside Packet Tracer start acting weird / shuffling around. Some parts of the interface and device windows become hard to read because the colors seem wrong.
I already tried changing the color scheme inside Packet Tracer through:
Options → Preferences → Interface → Color Scheme
but that did not fix the problem.
I don’t really want to put my whole laptop back into light mode just to use Packet Tracer, because I prefer using dark mode.
Has anyone found a fix or workaround for this? Is this a known Packet Tracer issue with Windows dark mode, or is there a setting I can change?
I’m using:
Any help would be appreciated.