@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

... and my current understanding is that I would want a separate VLAN to use with that separate subnet.

Also incorrect. VLANs basically require subnetting (or overlaps) but you never use a VLAN for subnetting. Subnets are simple and effective, VLANs are complex. You only use a VLAN for management and security purposes, never performance, subnetting or any other purpose.

Stepping back in the discussion a bit.. I didn't understand your reply here. Isn't it best-practice to have a single network on a VLAN? Like, if I had a company network of 200 systems on one network and a LAB network of 20 systems, I wouldn't want them sharing the same switch/VLAN, would I?

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

... and I'm bad at weeding out things that aren't what they seem.

In any of the cases that have come up, as anything been different than it seems?

Walk through it carefully. Maybe there is something you can fix, like misusing terms that people use to mislead you, or emotionally reacting and wanting to defend people that have no reasonable defense or such.

Your Dell VAR... the title alone is enough to tell us that they'd be bad for you. The Cisco VAR, same thing. The CIO bringing in sales people instead of consultants, people calling sales people consultants. Having an ISP for the phones.

All of those things should be obviously bad based on what they are, and I would assume, were all transparently those things from the onset. Did any of them lie or hide their true nature?

hmm... I'll have to think about this. I'm heading to my lunch now so I'll continue this discussion when I get back. Thanks for your input, Scott.

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion @scottalanmiller said in VLAN confusion:

We did have a Dell VAR who I've cut ties with because he was terrible. Then we started up a relationship with that IT business management consultant company (who also are the Cisco partners/resellers we are going through)

They are NOT a business management consultant company. They are sales people. Please stick to the correct terms. Calling sales people consultants empowers the very behaviour the CIO is using here. It legitimizes what he's done, where the is no possible excuse for it, in reality.

Well I don't know what else to do or who to go through for help. I don't know how to find the right people and I'm bad at weeding out things that aren't what they seem.

But it's not your job. It's the CIO's job. Are you saying that he's business incompetent now and can't or simply won't do his job?

He's the one who chose that company I mentioned.

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion @scottalanmiller said in VLAN confusion:

We did have a Dell VAR who I've cut ties with because he was terrible. Then we started up a relationship with that IT business management consultant company (who also are the Cisco partners/resellers we are going through)

They are NOT a business management consultant company. They are sales people. Please stick to the correct terms. Calling sales people consultants empowers the very behaviour the CIO is using here. It legitimizes what he's done, where the is no possible excuse for it, in reality.

Well I don't know what else to do or who to go through for help. I don't know how to find the right people and I'm bad at weeding out things that aren't what they seem.

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

Well we do have the FIS who helps us with all the products and services we use in our company, but not so much with our IT infrastructure like we are talking about.

I'm not familiar with this term. What is a FIS?

https://www.fisglobal.com/

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

Also, I don't really know how to find phone consultants.

You have two non-reseller consultants in this thread alone. You should have an ITSP that aids you all the time, it should not be something you go looking for like this at all. Where is the company that helps you with finding the right people? It seems like there is a big gap in your support portfolio. That would be the CIO's job to have at the ready.

Well we do have the FIS who helps us with all the products and services we use in our company, but not so much with our IT infrastructure like we are talking about.

We did have a Dell VAR who I've cut ties with because he was terrible. Then we started up a relationship with that IT business management consultant company (who also are the Cisco partners/resellers we are going through)

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

So my say does count, but I don't want to make another bad case about Cisco and avoid going with them -- a setup that we know we can get installed correctly and supported well, vs going with some exotic and obscure cheaper voip solution..

Again, not related to the discussion. You are stuck on the decision when we are talking about a business process.

Sorry, I suck at properly following along in discussions...

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

ok. I could make a big stink about this, claiming that Cisco and the Cisco partner are just taking our money when we could be getting something for a lot cheaper, and it would probably work and I could probably convince them to not go with Cisco at all and instead let me find something that would be cheaper.

1. The core claim is around fundamentally bad business practices. Not the Cisco situation.
2. Then that leads to the Cisco SALES people being the wrong people to engage.
3. Then it leads to why there has been NO evaluation of needs AT ALL. Zero. No IT done, whatsoever.
4. Then it should lead to hiring a phone consultant, the word you misused about the salesman

What do you mean about number 3?

Also, I don't really know how to find phone consultants. Googling that seems to yield more full voice solution companies, so more of the wrong people I assume. Plus, we are in a small rural city with not a lot of diverse consultant type companies around. Maybe I could call Jared as someone suggested..

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

Yeah, I agree with this. This is all I've really wanted to express. Nobody is maliciously corrupt here, but not everyone is the best at their jobs here either.

Not an option. Either your CIO is competent and corrupt, or incompetent and would welcome your exposure of the problem.

So which is it... are you comfortable telling the CIO and CEO about the situation because they honestly want to do what is right, or do you have ANY fear that they will punish you to silence the exposure of what they plan to do?

You can't have it both ways.

ok. I could make a big stink about this, claiming that Cisco and the Cisco partner are just taking our money when we could be getting something for a lot cheaper, and it would probably work and I could probably convince them to not go with Cisco at all and instead let me find something that would be cheaper. But then, I would be responsible for finding that product and implementing it myself (I assume), such as FreePBX, which I know nothing about. I don't know anything about phone systems and I don't want to get myself into a mess and have my boss say, "see we should have gone with Cisco and had them set it up the right way" or something.

Now I'm sure this will devolve into a discussion about how I'm not fit for my job then and all that, etc... fizzles out

EDIT: side note, we did go down this road with Sh---Tel voip and C------Link ISP where the ISP was responsible for installing the voip but really sucked at it so we pulled out of our contract due to my efforts at showing how they were doing a bad job, etc. So my say does count, but I don't want to make another bad case about Cisco and avoid going with them -- a setup that we know we can get installed correctly and supported well, vs going with some exotic and obscure cheaper voip solution..

@scottalanmiller said in VLAN confusion:

@dashrender said in VLAN confusion:

Because of the lack of knowing their job and these other mentioned things - they don't see themselves as unethical. This is the cornerstone to why I don't see them as corrupt. So to you, they are corrupt because they don't even realize they are corrupt, because they don't understand their role.

People steal music, pirate movies, use Windows without a license... and don't consider themselves unethical. People make all kinds of excuses for their own behaviour because everyone believes that they are ethical and have a good reason for breaching everyone else's ethical believes. Rioters, looters, common thieves almost always feel that "they are good people" with a good reason for what they do.

Are you an angel or something? LOL. No but seriously, I do get what you are saying and I totally see your points.

@dashrender said in VLAN confusion:

I guess it boils down to an understanding of one's job and the actual understanding of adulting and buyer's agents vs seller's agents.

I'm guessing most people, including most IT people (or whomever is making the decisions in general) don't adult.

Because of the lack of knowing their job and these other mentioned things - they don't see themselves as unethical. This is the cornerstone to why I don't see them as corrupt. So to you, they are corrupt because they don't even realize they are corrupt, because they don't understand their role.

Yeah, I agree with this. This is all I've really wanted to express. Nobody is maliciously corrupt here, but not everyone is the best at their jobs here either.

It's a trade off too. We are probably going to get ripped off in some way or another, and we've got to all try to do our best to stay educated and informed so we can ward off the saleswolves.

@scottalanmiller said in VLAN confusion:

@dashrender said in VLAN confusion:

@dave247 said in VLAN confusion:

@dashrender said in VLAN confusion:

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

@coliver said in VLAN confusion:

@dave247 Sounds like your company has made a decision already.

The CIO has failed at one of the most basic life skills...

"Never take advice from a sales person."

Yes, I am aware of this sigh but I can only do so much. I don't want to get into the details of my work dynamic with my boss and all that, and long story-short, I have to do what he says as I am the only sysadmin/low man on the totem pole.

In a healthy company, that statement should get you in trouble - because knowing that you have a security / ethics breach and a rogue actor putting the company at risk should be something that the company doesn't just allow you to expose, but requires you to expose. Does the CEO really not want to know that he has a CIO abusing the company for personal reasons?

It's comments like this that make this hard to accept. It's not that it's not possible - but how do you know his CIO is abusing the company for personal reasons? It's every bit more likely that he's simply failing at his job of researching good solution - and that no reasons other than laziness are really involved here.

Yes, this. I 100% believe this is far more accurate description of what's going on vs corrupt employees "on the take".

Scott considers the act of not protecting a company from sale personal to be on the take/corrupt.

Let's pretend that the CIO is the company's bodyguard. He's paid to protect the company, to watch for danger, to take a bullet if necessary. That's his job.

Now as a bodyguard an assassin comes along and says "I'll buy you lunch if you leave your guard down. Just come sit at this table instead of actively protecting your target." If he takes that lunch, and still gets paid to be the bodyguard but intentionally looks away, that's corrupt. He's getting "favours" or more, in order to "look the other way".

Even worse, it sounds like the CIO likely sought out the assassins in this case. Invited them to make him an offer.

If you put it into a non-technical context - once someone is getting personal benefits (pay, less work, kick backs, free lunches, personal security, recommendations for the next job) in order to let down their guard and not protect something that they are paid to protect... that's the corruption.

More like, the bodyguard has eaten way too many sandwiches over the years and he has become overweight, slow and lethargic, and is now increasingly more unable to quickly get in front of all the bullets that are headed towards the CEO.

@scottalanmiller said in VLAN confusion:

@dashrender said in VLAN confusion:

@dave247 said in VLAN confusion:

@dashrender said in VLAN confusion:

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

@coliver said in VLAN confusion:

@dave247 Sounds like your company has made a decision already.

The CIO has failed at one of the most basic life skills...

"Never take advice from a sales person."

Yes, I am aware of this sigh but I can only do so much. I don't want to get into the details of my work dynamic with my boss and all that, and long story-short, I have to do what he says as I am the only sysadmin/low man on the totem pole.

In a healthy company, that statement should get you in trouble - because knowing that you have a security / ethics breach and a rogue actor putting the company at risk should be something that the company doesn't just allow you to expose, but requires you to expose. Does the CEO really not want to know that he has a CIO abusing the company for personal reasons?

It's comments like this that make this hard to accept. It's not that it's not possible - but how do you know his CIO is abusing the company for personal reasons? It's every bit more likely that he's simply failing at his job of researching good solution - and that no reasons other than laziness are really involved here.

Yes, this. I 100% believe this is far more accurate description of what's going on vs corrupt employees "on the take".

Scott considers the act of not protecting a company from sale personal to be on the take/corrupt.

I think to not feel this way requires an extreme degree of "flexible ethics." If I pay someone to make good decisions and protect my business, and then that person takes that money and turns around and does exactly the thing that they've been paid not to do and even uses their influence to enable it, that's completely corrupt and unethical. Completely. The entire basis for the job is a lie, and the actions taken aren't just to fail to do the job that he is paid to do, but to act completely contrary to the job and actively act as the enemy of the business. He's paid to work for the business, but acts literally against it.

Please explain where the grey area is here that allows this to be a "Scott sees it" way. How does Dashrender see it another way?

I think, to put it simply, if someone is doing their job in an honest and sincere way to the best of their ability, yet still sucks at some or all aspects of their job, then that means that person is just guilty of being bad at their job, not that they are corrupt or on the take.

@dashrender said in VLAN confusion:

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

@coliver said in VLAN confusion:

@dave247 Sounds like your company has made a decision already.

The CIO has failed at one of the most basic life skills...

"Never take advice from a sales person."

Yes, I am aware of this sigh but I can only do so much. I don't want to get into the details of my work dynamic with my boss and all that, and long story-short, I have to do what he says as I am the only sysadmin/low man on the totem pole.

In a healthy company, that statement should get you in trouble - because knowing that you have a security / ethics breach and a rogue actor putting the company at risk should be something that the company doesn't just allow you to expose, but requires you to expose. Does the CEO really not want to know that he has a CIO abusing the company for personal reasons?

It's comments like this that make this hard to accept. It's not that it's not possible - but how do you know his CIO is abusing the company for personal reasons? It's every bit more likely that he's simply failing at his job of researching good solution - and that no reasons other than laziness are really involved here.

Yes, this. I 100% believe this is far more accurate description of what's going on vs corrupt employees "on the take".

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

I know you might then reply with the question of why he's a CIO at all.. he is mainly involved with high level policy and procedure for several of our departments and helps ensure that we meet regulation and pass audits, and he has very good business acumen, but as I said, he's a bit behind in the world of IT these days, regarding the technical/hands-on stuff.

That's fine to say. But the issue we have here is that he is failing at business acumen. That is the sole issue. His technical competence was never mentioned. That he needs help technically is clear. But what you are missing is that we are only discussing his business competence or ethics, and that is the failing.

If you believe he's a skilled businessman, that tells us that you then must believe that he is a crook. Because this is insanely basic business stuff that he's doing wrong in the standard, unethical way that someone on the take does.

Strange how all my posts with you end up at this point. LMAO. Look, a lot of what you are saying is probably true to some extent, but I really don't want to get fired from my first IT gig by trying to prove that my boss is not qualified/on the take/doing things wrong for the business/etc. He and my company owners are good friends so I'm not going to get anywhere by running to the CEO (Our company hierarchy is pretty flat by the way). My company owners and my boss are genuinely good people, and I do get the impression that we get taken advantage of by sales people a lot, but I have a hard time trying to convince my boss of things sometimes due to his lack of IT-knowledge.

I don't know.. I didn't mean for this to devolve into another discussion about the dysfunction of my company.. but that's the thread I pulled again I guess.

I'll do what I can to see about keeping out phones and computers on the same LAN and try not to get RAPED by Cisco sales associates...

in the meantime, are there any good voice solution alternatives that you guys could provide? Part of our requirement for our phones is that we may not want to have it cloud-hosted due to the fact that our internet connection goes down every so often during business hours. YES I get that this is another problem that should be resolved vs applying a bandaid, but we live out in the country and have limited ISP options (Spec---m and Centu---ink).

@scottalanmiller said in VLAN confusion:

@coliver said in VLAN confusion:

@dave247 Sounds like your company has made a decision already.

The CIO has failed at one of the most basic life skills...

"Never take advice from a sales person."

Yes, he has failed at adulting or, far more likely being that he has made it to CIO level, at ethics. The most likely scenario is that there are direct kickbacks going on.

Yes, I've heard a lot of this from you through previous posts on the S****works forums and I hear where you are coming from and get that you probably have a lot of reasons to make that assumption. People are insanely corrupt. That being said, from my impression of everyone that I work with at my company (which is a local family owned business, not a corporation) is that everyone here is pretty nice and trusting. So I think if there is any failure on the part of my CIO, its that he's not very knowledgeable with the current IT industry and he's very trusting in people. I know you might then reply with the question of why he's a CIO at all.. he is mainly involved with high level policy and procedure for several of our departments and helps ensure that we meet regulation and pass audits, and he has very good business acumen, but as I said, he's a bit behind in the world of IT these days, regarding the technical/hands-on stuff.

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

They've mentioned setting up a VLAN for the phone system and setting up a voice router for it.

Of course he has, your CIO decided on this path when he brought in a Cisco networking salesman to screw the company. That decision was made ahead of time. Cisco uses their phones as a leader to get companies to buy inappropriate networking equipment. This is a completely "by the book" unscrupulous sales tactic for VoIP sales people.

Well we are probably going to go with them and I might not have much of a say... so it's going to be difficult for me to try to pressure these people to install a system in a way different than how they usually do it. Is there any material I can reference to "prove" that VLAN's are not needed and that voice and data are fine on the same network? Actually, now that i think of it, our current voice and data are on the same network and we have no issues.

Also, regarding QoS, didn't you mention something about having the QoS set up on the VoIP RTP service rather than the voice VLAN?

@scottalanmiller said in VLAN confusion:

@dave247 said in VLAN confusion:

Also, my CIO is adamant about keeping the voice traffic segregated for "security reasons" as it will satisfy an item on one of our various IT audits (we are a financial institution that has a lot of audits).

That's fine IF he can prove that the audit is legit (normally they are fake) and find some regulation that the auditor is following. I'm not aware of any here, so he's need to produce this. This sounds like collusion to me. If this was an actual security concern, VLANs aren't an option, you have to encrypt the voice traffic. If someone is suggesting a VLAN to meet this audit requirement, something inappropriate is going on. No regulation makes you put in VLANs.

Good point. I will ask for the specific audit request on this and find out more.

@coliver said in VLAN confusion:

@dave247 Sounds like your company has made a decision already.

The CIO has failed at one of the most basic life skills...

"Never take advice from a sales person."

Yes, I am aware of this sigh but I can only do so much. I don't want to get into the details of my work dynamic with my boss and all that, and long story-short, I have to do what he says as I am the only sysadmin/low man on the totem pole.

@coliver said in VLAN confusion:

In Powershell I think it would look something like this.

Set-NetIPAddress -PrefixLength 22

Of course you'd need wrap it in a foreach script that goes over the list of your servers. I'll work on it a bit later today and see what I can come up with.

oh nice.. I haven't done a lot of scripting yet but I've been meaning to learn powershell. I did a bit back in college and a few times at my current job but I really should get cracking on it. I know scripting is essential as a sysadmin...