-
nat for remote management
So I had an issue at work that went like this: We recently put in new managed switches at our remote sites. One of them failed and was replaced by our 3rd party subcontractor. They just do a hardware replacement and my team does the configuration. By default, the switches are configured to use 192.168.1.254…
-
test
did some cleanup on the backend. making sure everything still works.
-
Subsonic on FreeNAS
I posted this on the freenas forums.. Here’s a short write-up on how I got SSL going with LDAPS against AD for authentication. I used the plugin and am working out of / in the jail. keytool is located at /usr/pbi/subsonic-amd64/bin 1) Create a cnf file to be used for generating the csr. [ req…
-
HE DDNS on SSG
This is a copy/paste from https://forums.he.net/index.php?topic=3194.0. I’m keeping it here in case that post ever disappears and I need a reference. This isn’t something people do often, so I figured I would add a post about it (mostly so I can Google it myself in a few years…) To configure Dynamic DNS (DDNS) updates on…
-
traffic policing
The antivirus server at work was pissing me off and saturating our OC3. I policed it down to 50mbps. ip access-list extended traffic-police permit ip host 192.168.0.100 any class-map traffic-police match access-group name traffic-police policy-map traffic-police class traffic-police police 50000000 conform-action transmit exceed-action drop int po1/0 service-policy output traffic-police
-
WCCP w/Websense and GRE
ip wccp version 2 ip access-list standard WCCP_Proxies 10 permit host 192.168.10.80 20 permit host 192.168.11.80 ip access-list extended WCCP_Redirect 10 deny ip host 192.168.10.80 any 20 deny ip host 192.168.11.80 any 30 permit ip 10.16.0.100 0.15.255.0 any ip wccp 0 group-list WCCP_Proxies redirect-list WCCP_Redirect int vlan 10 ip wccp 0 redirect in
-
Exchange 2013 OWA/ECP Error 500
After I installed Exchange 2013 and tried to access either OWA or ECP on it, I kept getting Error 500. Looking at the httpproxy logs, I saw this: The unhandled exception was: System.Security.Cryptography.CryptographicException: Invalid provider type specified. Turns out Exchange doesn’t like the key provider, Microsoft Software Key Storage Provider, so you have to reissue…
-
blank owa error
it never fails, it never fails… or rather it always seems to fail: exchange service packs or rollups. I’ve had to fix quote a few at work and in my home lab. one thing that I’ve come across multiple times for exchange 2010 is to run a powershell script that automagically fixes the issue. this…
-
So I don’t forget
… My dad changed ISPs and took the SSG5 I gave him offline. I had to disable the VPN on my side because it was spamming the logs. If I ever need to re-enable it, all I need to do is bind it to tunnel.1 and re-enable monitor, optimized, and rekey.
-
Windows 2008R2 IPv6 Settings
So that servers get only one ipv6 address… C:\Users\administrator.GUAMMIE>netsh int ipv6 sh int Idx Met MTU State Name — ———- ———- ———— ————————— 1 50 4294967295 connected Loopback Pseudo-Interface 1 10 50 1280 disconnected isatap.{1C882B80-03D8-4F3C-B703-6A1DC1768F6B} 11 50 1280 disconnected Teredo Tunneling Pseudo-Interface 14 5 1500 connected Local Area Connection 4 C:\Users\administrator.GUAMMIE>netsh int ipv6 sh…
-
hostname and ip from ipconfig files
i’m currently working on a wireless deployment with a requirement to use mac filtering. There are over 600 laptops being deployed to a unique location per laptop. Part of the imaging process doesan ipconfig and dumps the output to a text file which I can then use to copy/paste the hostname and mac into the…
-
AD authentication on Ubuntu 12.04
1) Get the latest PBIS Open Edition from BeyondTrust (formerly Likewise): http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True 2) chmod 755 the file, execute it, then install it. chmod 755 pbis-open-7.1.0.1203.linux.x86_64.deb.sh ./pbis-open-7.1.0.1203.linux.x86_64.deb.sh cd pbis-open-7.1.0.1203.linux.x86_64.deb ./install.sh 3) Join the domain sudo domainjoin-cli join guammie.com administrator 4) Add domain group to sudoers sudo visudo %GUAMMIE\\domain^admins ALL=(ALL) ALL 5) Make domain logins use Bash…