One of my customers called the ISP directly because we were closed for New Years and they thought their network was Down. (It wasn’t. Just a DNS issue.) Anyway, we get a ticket the next day that we were open that said “wifi not working”. When we try to login, we can’t reach our equipment. So when get on site, we realized that the ISP had actually THROWN OUT the equipment that we had there (small business running unifi) and replaced it with heavily proprietary Cisco gear, that we couldn’t access, and we’re outright refused access to the equipment… let’s just say that the customer wasn’t too happy with having almost $7000 of new equipment thrown out, PLUS now having to pay an extra $70 per month for that Cisco equipment.
Many years ago I had to help a customer with their email service. Long story short the ISP was allowing authentication but _blocking_ any SMTP or IMAP commands. Initially perplexing to diagnose as you might expect but the best bit was talking to the tier 1 support and hearing him flip pages in the *paper* manual.
Old video i know, but if you do ever have to call up these providers here's a little trick in the UK that works well and worth trying your end. Its important to remain polite. Call them up, humor them for a few mins, right up until they say you need to reboot something, at which point. Excuse me sir / madam, its not possible for me to do that during business hours as you well know, [Enter some service terms here, a few QOS tidbits] I appreciate you have to deal with people like me all day, however, is it possible that my 25 years in the job means your script is useless, and as a result your chances of solving this highly technical matter is not within your purview nor you skill set - Its about here your met with silence, with that in mind I respectfully request you just skip all this playbook stuff and get an engineer to call me. An 99 times out of 100 ill get a call back from an engineer in a few mins, and all will be resolved shortly there after, almost all our problems with upstream ISP's are misconfiguration caused by upgrades on there side. Remaining polite is important folks, you are after all calling them fucking idiots
I’ve tried the rank trick and most of the time it does work but they are times when you get someone who thinks they know more and refuse to escalate. I have this happen a lot with tac from certain unnamed vendors.
I have my CCNA R/S done and CCNP Enterprise as well... Not that cert but that knowledge obviously... And willing to get those global certs next year... I have got no experiences as well but need a job though.., got done my degree in 2020..and again wish to pursue my MS in Australia nxt year.... Would that be possible after finishing it i can get myself a shot as a "Sys admin" then "A Network Professional"..??????
These questions are always tricking because the market is different everywhere and the demand and requirements are also different. If you already have the knowledge of the ccna and np I’d say you’re likely already ready and should or applying for positions. If you get turned down enough at least apply for a position where you get your foot in the door and push on in through there.
dude... 3389 open with port fwd... wtf?!?! This is a MASSIVE security risk... and a massive NO NO!!!! As a Lead Security Engineer for a fortune 500 enterprise, THIS WOULD NEVER HAPPEN... This is soooo bad.
Sounds like you are working for a small company that is growing... what corp are you at? In your DC, you should be running a few ISP's for redundancy/failover/load balance.... I would have at least TWO different ISP's with two different connections into the building. Never run a DC with just a since ISP with an LTE failover... that's just bad... Remember, the ISP works for you at that point, push them to do what YOU want.
Completely agree, it was a nightmare situation and I was very upset that it ever got approved by the person before me and then the time it took the ISP to block it. So much easier with me managing everything. The LTE stuff was completely scrapped after I asked them how would that make sense in a DC when I can get almost an unlimited amount of options from other carriers. It’s a fortigate HA pair now with the ISP mentioned in the video and a carrier blend from the Colo provider. It is a medium sized company so nothing too elaborate, HQ and a couple of branches spread out. You hiring lol?
@@ChadEmery Lol, we are always hiring! let me know if your serious, we have a lot of telecommuter positions now. But nice fix on that. Sounds like your predecessors really mucked things up... Honestly, that RDP exposed through carrier and such, there is no firewall rule or anything that can make that secure 100%. whoever put that in doesn't understand basic security and amazing there wasn't a malicious attacker on your network. When it comes to vendors and ISPs, alot of times you have to put your foot down and demand what you want as the customer paying them for a big service like a main DC feeder. I know dealing through Colo's can be a PITA though.
@@MikeHarris1984 sure why not! I’m always open to hearing opportunities. If you have a LinkedIn we can connect on there to gain visibility. If now you can find me on Instagram, Twitter. I’d love to hear about the open positions. I’m at the ceiling in my company and don’t want to be stagnant much longer. I completely agree with the ISP statement. It’s tough dealing with them at times and getting what you need but they will have to learn money can be spent elsewhere.
BUT when they get a complaint about the customer they want it fixed it NOW. I had SMTP authentication enable and a user's password was compromised so the spammer were using that account to authenticate and use my server to reply email. I get a call from my ISP and they are threaten to shut my service down now if I do not address this immediately. I explained I was on the road into work and was about 45 mins away but they did not seem to care. So I requested the evidence to review to see how it's happening. In the email I got with the evidence, they gave me 24 hours to resolve the issue. Once I figured out what was going on, I disabled SMTP authentication and fixed the problem. I called them back and explained that this traffic actually was authenticated traffic (via a compromised account) and not an open rely issue but I did resolve the issue. Now forward a couple of months and they has some issue that blocked a few ports to services and they needed to escalate the issue, I tried that 24 hours line on them and it did not work. :)
How does that work? What about if you just change the email accounts password ? Or disable that account? The issue I faced was the spammers used the name of our employees and the company’s phone number on their emails and send out emails to our customers pretending to be her using different domains addresses but not the real users account.
