I have recently installed and configured my 2 node F5 BIG-IP cluster as load-balancer and SSL-VPN portal. I have been ocasionally performing configuration backups, but now i need to schedule them regularly and automatically.
This article covers the ways to perform the backup of a BIG-IP system and automate them.
In the menu options: System – … Read more
Maybe you have tried to execute the top command to monitor processes on a remote host.
Error remotely – Run it in batch mode
If so, the following error can be returned:
$ ssh user@remotehost top -n1
TERM environment variable not set.
top does not work remotely in the default “interactive” mode. Use the “-b” parameter to run it in … Read more
A user asked me the way to grant permissions to other users to access to some of his mailbox folders. And for certain folder only read-only permissions.
Let’s suppose “testuser1” wants to allow accessing some folders to “testuser2”.
Permission configuration (Outlook)
First of all, “testuser2” must have “Reviewer” (read-only) permissions on the mailbox root
Then, configure the permission … Read more
Last week I came across a DHCP problem. Devices from certain VLAN were not getting DHCP assigned IP.
Even though firewall policy should have accepted those packets, tcpdump showed Checkpoint gateway was not forwarding them to the destination.
To capture DHCP traffic:
# tcpdump -n -i <interface> port 67 or port 68 -e
Incoming interface DHCP tcpdump:
… Read more
Last week I came across a situation where I needed to copy Active Directory groups (including members) to new groups.
Suppose we want to clone the “SG-Test1” and “SG-Test2” groups
We need two groups (“SG-NewTest1” and “SG-NewTest2”) to be created with the same members included
Using this powershell scripts you can either clone a single group a list … Read more
Some time ago I started reading documentation about Raspberry. Nothing related to my job but, as a hobby/challenge, I decided to buy one and start a project in future posts I will talk about…
Also owner of a Raspberry? Follow this minitutorial to perform the basic installation of Raspbian OS with remote access enabled via SSH using WiFi connection.… Read more
Last week I was testing the IMAP/SMTP connection of my Exchange 2013. Unexpectedly Outlook returned the following error:
The message does not appear completely but seems to be “550 5.7.1 Client does not have permissions to send as this sender”. Obviously the user does have the permissions (the user was the owner of the mailbox itself).
Thanks … Read more
When connecting to checkpoint gateways, there may be a delay of 5 or more seconds when waiting for the password prompt. This is due a reverse DNS lookup that the gateway cannot perform until timeout is reached.
The UseDNS option of the SSH daemon can be disabled to avoid this behaviour:
Save a backup of the sshd_config file
… Read more
When renewing a certificate it is not necessary to generate a new csr. This is possible by maintaining the same private key.
When received the renewed certificate from the 3rd party certification authority, we can try to import it and assign the private key from the management console (mmc -> certificates).
One of the options that are shown when … Read more
Sometimes it is neccesary to configure a network interface to listen on more than one IP (for example, web servers containing multiple SSL certificates…)
After adding the new secondary IPs, If not explicitly avoided, outgoing traffic can be generated also by these instead of only by the primary. These can lead to connection errors (for example firewall receiving unexpected … Read more