Sr Network Engineer
7 + years of experience in Network design, deployment and operations of both Cisco and Juniper Networks
Hands on experience on Up-gradation of Cisco IOS of different Cisco devices & modules.
Well Experienced in configuring protocols HSRP, GLBP, VRRP, ICMP, IGMP, PPP, HDLC, PAP, CHAP, and SNMP.
Strong hands on experience in installing, configuring , and troubleshooting of Cisco Nexus 7k, 5k, 2k, Cisco 7600, 7200, 3800, 3900, 2800, 2900 series Routers, Cisco Catalyst 6500, 4500, 2960 and 3750 Stack Switches.
Designed and deployed new Cisco catalyst 6513 and 6509 with dual Supervisor Engine 720 at both Distro and Core layer.
Experience working with OTV & FCOE on the Cisco Nexus 7010/5548 between the datacenters
Responsible for Cisco ASA firewall administration across our global networks
Worked on F5 LTM, GTM series like 6400, 6800, 8800 for the corporate applications and their availability
Design and configuring of OSPF, BGP on Juniper Routers and SRX Firewalls
Implemented traffic filters using Standard and extended access-lists, Distribute-Lists, prefix lists and Route Maps.
Design, develop, and document comprehensive test plans to setup of test scenarios, both hardware and software components, and Executes and update test cases with TCL/TK scripting.
Experience testing Cisco & Juniper routers and switches in laboratory scenarios and then deploy them on site for production.
Very sound knowledge IPV4/IPV6, implementation of Subletting, VLSM and ARP, reverse & proxy ARP, Ping Concepts.
Moderate knowledge in configuring and troubleshooting Cisco Wireless Networks: LWAPP, WLC, WCS, Standalone APs, Roaming, Wireless Security Basics, IEEE 802.11 a/b/g, RF spectrum characteristics.
Provides technical leadership for problem escalation and resolution.
Highly motivated with the ability to work independently or as an integral part of a team and Committed to highest levels of professional.
Operating Systems: Windows (Server 2003/2008, Vista, Windows 7), Basic Linux OS, Sun Solaris OS
Routers: Cisco GSR12016, ASR1001, 2900, 3900, 7200, 7600 & ASR9000.
Switches: Cisco 3750, 4507, 4510 & 6500 series switches, Nexus 7010, 5548, 2448
Routing: MPLS, OSPF, EIGRP, BGP, RIP-2, PBR, IS-IS, Route Filtering, Redistribution,
Summarization, Static Routing.
Switching: LAN, VTP, STP, PVST+, RPVST+, Inter VLAN routing & Multi-Layer Switch,
Multicast operations, Layer 3 Switches, Ether channels, Transparent Bridging.
Network security: Cisco (ASA, PIX) 5510, ACL, IPSEC VPN, GRE VPN
Load Balancer: F5 Networks (Big-IP) LTM Module, Cisco ACE 30 load balancer,
LAN: Ethernet (IEEE 802.3), Fast Ethernet, Gigabit Ethernet.
WAN: Leased lines 128k - 155Mb (PPP / HDLC), Channelized links (T1/DS3/OC3/OC12),
Fiber Optic Circuits, Frame Relay, ISDN, Load Balancing.
Various Features & Services: IOS and Features, HSRP, GLBP, IRDP, NAT, SNMP, SYSLOG, NTP, DHCP,
CDP, TFTP and FTP Management.
AAA Architecture: TACACS+, RADIUS, Cisco ACS.
Network Management: SNMP, Solar Winds, HP open view, and Wire shark
Reports: Microsoft (Visio pro.)
Academics: Bachelor in Electronics and Communication Engineering
University: Tribhuwan University
Cisco Certified Network Professional (CCNP)
Cisco Certified Network Associate (CCNA)
Juniper Enterprise Routing and Switching (JNCIS-ENT)
Microsoft, Seattle, WA August 2012-Present
Sr. Network Engineer
Experience with deploying the Layer 3 MPLS VPN in all the Branches and Campus locations.
Replace Campus Cisco 6509 End of Life hardware with new 4507/4510 devices.
Experience with Designing and configuring BGP in the data center environment.
Experience with layer 2 securities which was implemented using a dedicated VLAN ID for all trunk ports, setting the user ports to non-trucking, deployed port security when possible for user ports
Experience with migrating all the Partner IPSEC VPN tunnels from one data center to another data center.
Experience working with Nexus 7010, Nexus 5596, Nexus 2232 in the data center environment
Experience working with Nexus VPC, VDC in the data center design environment.
Implement and configured GLBP (on core switching and also for VPN redundancy), HSRP on different location of office on the switched network and managing the entire multilayer switched network
Configuring, testing, and troubleshooting routing and switching issues and related protocols
associated with packet networks including MPLS and traffic engineering (QoS).
Provide consultancy services to customers on a variety of network security products including firewalls, VPNs, authentication, load-balancing, data loss prevention, security information and event management
IOS upgrade in Nexus 7010 through ISSU (In service software upgrade)
Configuring numerous LAN/WAN technologies including leased point-to-point circuits, MPLS, ISDN, various Ethernet speeds/media
Configuring Virtual Chassis for Juniper switches EX-4200,Firewalls SRX-210
Worked extensively in Configuring, Monitoring and Troubleshooting Cisco's ASA 5500/PIX security appliance, Failover, DMZ zoning, & Configuring VLANs/routing/NATing with the firewalls as per the design.
Enabled STP attack mitigation (BPDU Guard, Root Guard), using MD5 authentication for VTP, disabling all unused ports and putting them in unused VLAN and ensuring DHCP attack prevention where needed
Provided redundancy in a multi homed Border Gateway Protocol (BGP) network by tuning AS-path.
Worked on Juniper J series j230, M 320 routers and EX 3200 series switch.
Designing, configuring, implementing and troubleshooting (LAN) VLAN’s, VTP, Spanning Tree (STP), Trunking (dot1q and ISL) and Ether channel.
Designing and configuring IP address schemes.
Deployed the Cisco 3500 Access Points using Cisco Wireless controllers 5500 and 2500 and WCS System
Configured and supported Cisco firewall PIX 500 series.
Configuring AAA using TACACS+ and ACS server.
Key contributions include troubleshooting of complex LAN/WAN infrastructure that include routing protocols EIGRP, OSPF & BGP
Involved in the redistribution into OSPF on the core ASA firewall.
Involved in the removal of EIGRP from all devices and making OSPF the primary routing protocol.
Involved in the modification and removal (wherever necessary) of BGP from the MPLS routers.
Worked on Solar winds Orion for analysis and monitoring purposes.
Century Link, Littleton, CO September 2011 – July 2012
Worked on commissioning and decommissioning of the MPLS circuits for various field offices.
Configuring STP for switching loop prevention and VLANs for data and voice along with Configuring port security for users connecting to the switches.
Working on Network design and support, implementation related internal projects for establishing connectivity between the various field offices and data centers.
Responsible for service request tickets generated by the helpdesk in all phases such as troubleshooting, maintenance, upgrades, patches and fixes with all around technical support.
Ensure Network, system and data availability and integrity through preventive maintenance and upgrade.
Providing daily network support for national wide area network consisting of MPLS, VPN and point-to point site.
Worked on Riverbed devices for WAN bandwidth Optimization in the data centers for sensitive market data applications.
Configuring HSRP between the 3845 router pairs for Gateway redundancy for the client desktops.
Configure VRRP & GLBP and VLAN Trucking 802.1Q & ISL, STP, Port Security on Catalyst 6500 switches.
Network Cabling, dressing, labeling and troubleshooting various network drops onsite.
Involved in L2/L3 Switching Technology Administration including creating and managing VLANs, Port security, Trunking, STP, Inter-Vlan routing, LAN security.
Worked on the security levels with RADIUS, TACACS+.
Completed service requests (i.e. – IP readdressing, bandwidth upgrades, IOS/platform upgrades, etc)
Handled SRST and implemented and configured the Gateways, Voice Gateways.
Worked on a broad range of topics such as routing and switching, dedicated voice access, planning and implementation, large-scale high-visibility outages, change management coordination, proactive monitoring and maintenance, disaster recovery exercises, and core network repairs.
Citizens Bank, Providence, Rhode Island November 2009 – August 2011
Working on Cisco 6509 and 4507 series switches for LAN requirements that include managing VLANs, Port Security and troubleshooting LAN issues.
Designed and installed new Branch network systems. Resolved network issues, ran test scripts and prepared network documentation.
Provide technical support for clients with dial-up internet issues.
Monitoring the NMS system for different Network Alerts.
Installed and configured DNS and DHCP server.
Involved in troubleshooting of DHCP and other IP conflict problems.
Performed switching technology administration including VLANs, inter-VLAN routing, Trunking, STP, RSTP, port aggregation & link negotiation.
Ensure problems are satisfactorily resolved in a timely manner with focus on providing a high level of support for all customers.
Once trouble ticket has been created keep customer informed of status of ticket and estimated time to repair.
Checking and configuring Cisco 7613 routers at data center for remote sites’ issues.
Configuration of Access List ACL (Std., Ext., Named) to allow users all over the company to access different applications and blocking others.
Responsibilities also include technical documentation of all upgrades done
Attending meetings and technical discussions related to current project.
Moodys Analytics, NY Nov 2007 – October 2009
Understanding of IPSEC & GRE tunnels in VPN technology implementation using Cisco IOS and have checkpoint firewall /VPN
Familiar with Remedy trouble ticketing system and the escalation of issues from level 1 through level 3 assignment in the NOC operation
Deployment of OSPF dynamic routing NOC engineering network routers, previously running RIP and Static routes
Trouble Shoot routers, Testing Data Circuits E1, ISDN lines,
Provide Technical support to end-user either through remote management or onsite based on the requirement.
Involved in designing VPN architecture with IPSEC, VPN-Services, RADIUS-Servers, IP-addressing
Hands on experience on Windows server installation components like DNS,DHCP, Active directory and ISA application for load balancing on the servers
Installation of windows active directory for the creation of users and groups and assigning policies based users application
Experience in Configuration of ADSL (PPPoE, PPPoA), ISDN, leased lines and frame relay connections
Using Local Management Interface (LMI) involved in monitoring VC’s (Virtual circuits) status and network congestion using FECN and BECN for Frame rely topology
Experience on configuration of routing protocols like EIGRP, OSPF multiple areas
Network monitoring of LAN/WAN using tools like snort, snortsnarf and ping tools.
Maintenance of Cisco AAA server database and deployed AAA authentication, authorization and accounting to all Cisco devices
Closely monitor VPN service functionality based on two Cisco PIX 525 Firewalls and VPN accelerator card for high speed services
Responsible for managing the TFTP logs for the VPN and firewall services and troubleshoot the VPN tunnel issues like SA, RSA, ISAKMP encryption and cleared/refresh VPN tunnel issues
Setup sniffer traces for the error ports on switches and monitor the issues by mapping them onto sniffer ports and logs on the sniffer
Used Cisco-Works/solar winds for the tracing of IP address, mac-address, ports, servers attached to the various switches
Troubleshoot the BGP neighbor flapping issues and configures RIP/BGP redistribution, implemented OSPF metric tuning for the internal routing of the vanguard
Involved in setting up 6500 with supervisor 2 and installing IOS/CATOS codes for the boot-up process
Worked on the Cisco devices like 6509, 6513, 7200, 2811, 5500 and worked on all line cards and port configuration for the VLAN
Worked on PIX firewalls for building the ACL rules for the extranet connectivity and implementation of the rules on the corporate firewalls and monitored logs for the issues
Everest Net Private Limited, Kathmandu, Nepal Feb 2006 – Oct 2007
Hands on experience with Cisco 3500, 2950 series equipment and configuring and deploying from the scratch and fixing them with various modules like Gig card , T1-WIC card and other modules
Experience in deploying EIGRP/BGP redistribution and the changing the metrics for the primary and backup paths for the packet prioritization and EIGRP tuning
Involved in designing data communications and networks utilizing that utilize a mixture of frame relay, point to point T1, T3 & OC3 lines
Involved in designing and applying QOS to 2600 series routers for all the branches
Experience in configuring routing protocols like EIGRP,RIP v2, OSPF & BGP and Cisco ACS protocols like RADIUS and TACACS
Coordinated with senior engineers with BGP/OSPF routing policies and designs, worked on implementation strategies for the expansion of the MPLS VPN networks
Involved in IP Quality of Service (QoS) implementation including Priority and Class-Based Weighted Fair Queuing, IP Precedence, DiffServ
References: Available upon Request