Hardest "exam" passed....

bighornsheep

I'm happy to say that I succeeded one of the most difficult (IT related) trials that I've endured in my lifetime this past weekend.

I've been working on an upgrade project at work to swap out existing 2600/3600 series routers and 3550 switches with 6509/6513 and using ASA5520 as perimeter firewall. For the past 4 months now I've spoken to Cisco more than I have to my family but it's finally paying off.

I completed the final changes to the access-lists and things are working very nicely. Without getting into too much details, the old design involved alot of isolated vlans and a couple dozen too many static routes, some "standby" routers were used for redundancy and it was just a nightmare when problems occurred, we were swapping cables and moving switchports from different vlans to bring things back online.

I am quite new to this position but I have proven to my team that I know my cisco networking, and eventually the boss appointed me lead on this project. The new architecture uses a pair of 6509 and a 6513 with dual sup720, and two ASA5520 at the perimeter. I've implemented SSL VPN with several policies for various user groups.

I still consider myself very new to the Cisco arena (still working on my CCNP) but this project really put my mind and skills to the test. I didn't really dig into best practices and I am sure my design will be flawed if benchmarked against CCDP/CCDE level, but I'm just really glad I was able to translate most of the business requirements into solid specs implemented with cisco gear.

MLS are talking via single area OSPF, restrictions are all handled by the ASA, implemented several strange NAT/NAT Exempt rules to solve addressing problems, I've got MST implemented for L2 load balancing and redundancy, configured enhanced STP features on edge ports and uplinks ports where necessary.

The list of things I put to practice from my CCNA and CCNP prep is just awesome...I will now shift gear and focus on completing my CCNP.

The moral of the story is just to encourage you guys to focus on the real world experience. For head knowledge to go unused, it's probably causing negative impact. Learn the skills, then put it to practice!

gorebrush

That is one sweet project!

Well done on your success

dynamik

That's the kind of project that will make a lot of people around here jealous.

Keep up the good work! I'm glad to hear you're doing well.

kryolla

Congrats there is nothing better than accomplishing your first major project. I remember those days doing switch cuts and forklifts. My old manager used to tell me you put the time in prep work or you put the time in troubleshooting either way you are going to put the time in. It seems you did your prep work good job. Now its time to ask for a raise J/K.

gorebrush

Time spent planning is time never wasted...

nel

Congrats man, sounds like an amazing project man!

Is there any resources/ books you would like to share for others going through a similar thing?

Plazma

Yea.. i'm quite envious you get to play with 65xx's

Turgon

bighornsheep wrote:

I'm happy to say that I succeeded one of the most difficult (IT related) trials that I've endured in my lifetime this past weekend.

I've been working on an upgrade project at work to swap out existing 2600/3600 series routers and 3550 switches with 6509/6513 and using ASA5520 as perimeter firewall. For the past 4 months now I've spoken to Cisco more than I have to my family but it's finally paying off.

I completed the final changes to the access-lists and things are working very nicely. Without getting into too much details, the old design involved alot of isolated vlans and a couple dozen too many static routes, some "standby" routers were used for redundancy and it was just a nightmare when problems occurred, we were swapping cables and moving switchports from different vlans to bring things back online.

I am quite new to this position but I have proven to my team that I know my cisco networking, and eventually the boss appointed me lead on this project. The new architecture uses a pair of 6509 and a 6513 with dual sup720, and two ASA5520 at the perimeter. I've implemented SSL VPN with several policies for various user groups.

I still consider myself very new to the Cisco arena (still working on my CCNP) but this project really put my mind and skills to the test. I didn't really dig into best practices and I am sure my design will be flawed if benchmarked against CCDP/CCDE level, but I'm just really glad I was able to translate most of the business requirements into solid specs implemented with cisco gear.

MLS are talking via single area OSPF, restrictions are all handled by the ASA, implemented several strange NAT/NAT Exempt rules to solve addressing problems, I've got MST implemented for L2 load balancing and redundancy, configured enhanced STP features on edge ports and uplinks ports where necessary.

The list of things I put to practice from my CCNA and CCNP prep is just awesome...I will now shift gear and focus on completing my CCNP.

The moral of the story is just to encourage you guys to focus on the real world experience. For head knowledge to go unused, it's probably causing negative impact. Learn the skills, then put it to practice!

Nothing beats real world experience. Nothing. Over the years I have gained as much hands on experience as I could often to the detriment of time (and energy) available to study. Studying as hard as you can certainly helps with real world work but you just don't find the scenario in labbooks or Cisco Press or CCO that you need to get working properly in situations like this. No vanilla solution. That's when your approach to your studies will be tested because you will not only be pulling on what you learned, but how to put that mush into practice as well as finding and understanding the other details you need to get your head around. No doubt you went home many evenings with quite a bit of homework to do as this project progressed.

Sounds like you got some good exposure there. Well done.

Panzer919

bighornsheep wrote:

I've been working on an upgrade project at work to swap out existing 2600/3600 series routers and 3550 switches with 6509/6513 and using ASA5520 as perimeter firewall. For the past 4 months now I've spoken to Cisco more than I have to my family but it's finally paying off.

So.. what are you doing with the 2600's and the 3600's? I'll be happy to take them off your hands

On a similar note. I had to take a department test about a year ago to move up in the company. It involved cisco VPN 3002 concentrator and some sonicwall clients. I had not done much with the conc before the test. My boss asked an engineer to build the concentrator for the test. So the engineer brought me the conc and said "here, build your test".

Moral of the story - its not about the destination its about the journey! All those things you had to research and test you will probably never forget.

mamono

dynamik wrote:

That's the kind of project that will make a lot of people around here jealous.

Keep up the good work! I'm glad to hear you're doing well.

Ditto. The amount of experience learned from these type of projects is priceless! I, for one, am envious. I hope to get one like this in the near future.

Slowhand

That's a great bit of news, good to know you're still crankin' out those certs!

It sounds like you're really getting to flex your IT-muscles, definitely sounds like the kind of project any of us would be proud to look back on and say "I did that". You say that it might seem like a second-rate design compared to those of CCDPs or CCDEs, just look at it this way: you got to complete a great project that validates your Cisco knowledge and proves to yourself and your coworkers that you didn't do all that studying for nothing, (not to mention the boost it gives to your confidence in moving forward with the CCNP and becoming a Cisco guru). And, maybe you'll come back to that setup someday, smile for a nostalgic moment when you think back to this past week. . . then rip it all up and redesign it as you're wrapping up your CCDP or CCDE.