F5 BIG-IP icon   F5 BIG-IP – Automate backup of configuration files



I have recently installed and configured my 2 node F5 BIG-IP cluster as load-balancer and SSL-VPN portal. I have been ocasionally performing configuration backups, but now i need to schedule them regularly and automatically.

This article covers the ways to perform the backup of a BIG-IP system and automate them.

Manual backup

Web GUI

In the menu options: System – Read more

Linux   Linux – Running top command remotely (SSH)



Maybe you have tried to execute the top command to monitor processes on a remote host.

Error remotely – Run it in batch mode

If so, the following error can be returned:

$ ssh user@remotehost top -n1
TERM environment variable not set.

top does not work remotely in the default “interactive” mode. Use the “-b” parameter to run it in Read more

EXCHANGE   Exchange – Mailbox folders permissions to other users



A user asked me the way to grant permissions to other users to access to some of his mailbox folders. And for certain folder only read-only permissions.

Let’s suppose “testuser1” wants to allow accessing some folders to “testuser2”.

Permission configuration (Outlook)

First of all, “testuser2” must have “Reviewer” (read-only) permissions on the mailbox root
Exchange – Mailbox folders permissions to other users 1

Exchange – Mailbox folders permissions to other users 2

Then, configure the permission … Read more

Checkpoint   Checkpoint – dropped Reason: UDP packet that belongs to an old session



Problem

Last week I came across a DHCP problem. Devices from certain VLAN were not getting DHCP assigned IP.

Even though firewall policy should have accepted those packets, tcpdump showed Checkpoint gateway was not forwarding them to the destination.

To capture DHCP traffic:

# tcpdump -n -i <interface> port 67 or port 68 -e

Incoming interface DHCP tcpdump:

# tcpdump 
Read more

POWERSHELL   Powershell – Script to clone AD groups



Last week I came across a situation where I needed to copy Active Directory groups (including members) to new groups.

Scenario

Suppose we want to clone the “SG-Test1” and “SG-Test2” groups
Windows – Powershell script to clone AD groups - Old Groups

We need two groups (“SG-NewTest1” and “SG-NewTest2”) to be created with the same members included
Windows – Powershell script to clone AD groups - New Groups

Using this powershell scripts you can either clone a single group a list … Read more

Raspberry icon   Raspberry – Raspbian installation and initial setup



Some time ago I started reading documentation about Raspberry. Nothing related to my job but, as a hobby/challenge, I decided to buy one and start a project in future posts I will talk about…

Also owner of a Raspberry? Follow this minitutorial to perform the basic installation of Raspbian OS with remote access enabled via SSH using WiFi connection.… Read more

EXCHANGE   Exchange – SMTP error: 550 5.7.1 Client does not have permissions to send as this sender



Problem

Last week I was testing the IMAP/SMTP connection of my Exchange 2013. Unexpectedly Outlook returned the following error:
Exchange - SMTP error 550 5.7.1 Client does not have permissions to send as this sender

The message does not appear completely but seems to be “550 5.7.1 Client does not have permissions to send as this sender”. Obviously the user does have the permissions (the user was the owner of the mailbox itself).

Resolution

Thanks … Read more

Windows   Windows – Renew certificate assigning the same private key



When renewing a certificate it is not necessary to generate a new csr. This is possible by maintaining the same private key.

When received the renewed certificate from the 3rd party certification authority, we can try to import it and assign the private key from the management console (mmc -> certificates).
One of the options that are shown when … Read more

Windows   Windows – Add secondary IP addresses to interface



Sometimes it is neccesary to configure a network interface to listen on more than one IP (for example, web servers containing multiple SSL certificates…)
Add secondary IP addresses to interface

After adding the new secondary IPs, If not explicitly avoided, outgoing traffic can be generated also by these instead of only by the primary. These can lead to connection errors (for example firewall receiving unexpected Read more