Firefox: Cannot Open vCenter Web Client

KB ID 0001482

Problem

I wonder how many hours Ive lost trying to get browsers to connect to things, and the browser has not been happy? This week I needed to connect to a vCenter (6.5) web console with Firefox and was greeted with this.

Your connection is not secure
The owner of {site} has configured their web site improperly. To protect information being stolen, Firefox has not connected to this website.
Error Code: , SEC_ERROR_UNKNOWN_ISSUER

Normally I use Firefox, because if there’s a problem I can simply add an exception and all is well, but this time there was no way to connect at all.

Solution

Browse to about:config, and then search for security.enterprise, set it to true.

Now it will work

Related Articles, References, Credits, or External Links

NA

VMware: The OVF Descriptor is Not Available

KB ID 0001483

Problem

I’ve seen this a couple of times now, and each time I’ve (wrongly) assumed that the OVA/OVF file I’ve downloaded is either corrupt, or it has some sort of problem.

Failed to deploy OVF package.
Cause:
A general system error occurred:
Transfer failed: The OVF descriptor is not available.

Solution

Redeploy the OVF file, but this time instead of selecting the Cluster, select A SPECIFIC HOST to deploy to, this time it deployed without error.

Note: I’m using vCenter 6.5, ESX 6.5, and Firefox to manage the vCenter. I’ve seen the same problem with vCenter 6.7 and Chrome.

Related Articles, References, Credits, or External Links

NA

How to Transfer Files from PC to iPhone Wirelessly

KB ID 0001481

 Written by Tag Jones

When it comes to transferring files from PC to iPhone and vice versa, the most obvious choice is to use iTunes. However, it has been found that many users don’t like working with this application.  Bloated and ponderous, iTunes continues Apple’s ongoing trend of having lost its design mojo.

 Luckily, we have other options. One of the easiest ways is to use Wi-Fi Direct Transfer. With this method, you can pair your computer and iPhone/iPad within seconds and transfer anything you desire in a jiffy. Unlike AirDrop, Wi-Fi Direct allows you to work across all the platforms including Windows and Android. So you can also use this method to share files between an Android device and your iPhone/iPad as well.

How to use Wi-Fi Direct transfer

For it to work, your iPhone and your computer must be connected to the same Wi-Fi network. Since they will connect directly within the Wi-Fi network, you don’t even need an access point. In other words, your devices don’t have to connect to the Internet.

If there is no Wi-Fi network available nearby, you can create one on your own by using the Personal Hotspot feature. Just turn on Personal Hotspot on your iPhone, then on the computer, join the newly created hotspot. That way you can establish a connected Wi-Fi network from anywhere. 

Now we’re going to install a wireless transfer tool on the computer and its companion app on the iPhone. There are actually plenty of tools offering this function in the market. The best ones? Well, below are the apps that I’ve used and personally recommend.

1. SHAREit

The SHAREit application is pretty popular due to the fact that the app is developed by Lenovo and it comes pre-installed on many Android devices from this brand.

Step 1:Download and install the SHAREit appson both your computer and iPhone. After they have been installed, launch the apps.

Step 2:Make sure both devices are connected to the same Wi-Fi network. To send files from your iPhone, select “Send” from the main screen. Note that you’re only able to send photos and videos and other files managed by the Files app. 

Step 3:Select the files you wish to transfer to the computer, then tap “OK”. Now if your computer is on the same Wi-Fi network, it should display on the screen. Tap on it to start transferring. Once done, the files will appear on the window of the desktop app.

If you’re not able to connect the two devices, make sure the app is on-screen on both your computer and your iPhone. I have used SHAREit as the primary method to transfer photos from my iPhone to the PC(for editing with Lightroom and Photoshop) and it has worked fine.

3. Xender

Xender is quite similar to SHAREit, except that you don’t have to install a program on your computer. It can work by using your web browser.

Step 1:Download and install the Xender app on your iPhone. It’s free.

Step 2:Connect two devices to the same Wi-Fi network. 

Step 3:On your PC, open your web browser of choice and go to http://web.xender.com. The web page will display the QR code used for connecting from the iOS device.

 

Related Articles, References, Credits, or External Links

NA

Office 365: Allow Mail Relay Through Exchange Online

KB ID 0001480

Problem

If you are used to running ‘on-prem’ Exchange then allowing an IP/Hostname to relay mail (sent mail through without authenticating) it’s handy for things like older multifunction scanners, or applications that need to send emails. Now you SHOULD be sending mail through Office 365 ‘authenticated’, but that’s not always possible.

Solution

From Office 365,Launch The Exchange admin console.


Mail flow > Connections > Add.

From: Your Organisations email server.

To: Office 365

Give the connector a sensible name > Next.

Enter the PUBLIC IP or PUBLIC HOSTNAME > Next.

WARNING: Where possible ensure this IP is only used by the internal host that needs to relay, if you only have one public IP (And you NAT/PAT all your internal IPs to this public IP), then filter the hosts that can send mail ‘outgoing’ on your firewall. If you don’t, and an internal client gets infected it will be able to send unauthenticated mail though your office 365 account!

Text

Save.

Related Articles, References, Credits, or External Links

Allow a Server to “Relay” Through Microsoft Exchange

VMware Cannot Remove / Unmount an NFS Store

KB ID 0001479

Problem

After I had a datastore failure I needed to ‘unmount’ a datastore in my VMware 6.5 environment. But when I attempted to do so I got;

The “Remote Datastore” operation failed for the entity with the following error message.

The resource “Datastore-Name” is in use.

Solution

In use by what? Thanks for the assistance! Usually this happens because you have a VM with a VMDK in their datastore, or more likely, a VM has a CD mapped to an ISO that was in this datastore (which was my problem).

In “Datatstore View” > Select the offending Datastore > VMs > Eliminate them one by one.

Related Articles, References, Credits, or External Links

NA

Install and Use a Windows TFTP Server

Windows TFTP KB ID 0000063 

Problem

Note: If you are using a mac, then seee the following link; MAC OS X TFTP Software

There are many free tftp applications, my personal favourite is 3Cdaemon, as it also has a built in syslog server and an FTP server. heres how to install it on your computer.

There are a number of places you can download 3CDeamon or just  CLICK HERE

Deploy a windows TFTP Server

Download the files and extract them to your PC, then run the setup.exe file > At the Welcome screen > Next.

At the license screen > Yes.

Either accept the default location or choose your own > Next.

5. Leave it on the default > Next.

When its done > OK.

Launch the application.

9.Ensure the “TFTP Server” section is selected > Click the “Pen knife” Icon labelled “Configure TFTP Server”.

10. Change the Upload / Download directory to something you will find easliy (I usually create a “TFTP Root” folder on the C: drive.

Related Articles, References, Credits, or External Links

Backup and Restore a Cisco Firewall with TFTP

FortiGate TFTP : Backup To & Restore From

Backup and Restore Cisco IOS (Switches and Routers)

Backup and Restore a Cisco Firewall

CentOS – Install and Configure a TFTP Server

ASDM on Windows 10: ‘Cannot find Javaw.exe?’

KB ID 0001478

Problem

Windows 10 machine, (with Latest Java installed), while attempting to launch the ASDM you see;

Windows cannot find ‘javaw.exe’. Make sure you typed the name correctly, and then try again.

Solution

I should have fixed this a lot quicker than I did, because the error message was a lot more descriptive in older versions of Windows and the ASDM! This is the same problem seen on Windows 8.

You still need to install the x32 bit versions of Java! once you do it will work fine.

Related Articles, References, Credits, or External Links

NA

Cisco ASA No Debug Output?

KB ID 0001477

Problem

I see this get asked in forums A LOT, typically the poster has another problem they are trying to fix, someone has asked them to debug the problem and they cant see any debug output.

Solution

Firstly you need to understand what logging is, and how debugging fits within it. (Bear with me, this is good knowledge to have).

The firewall saves logs in syslog format, and there are 8 Levels of logs, the one with the MOST information is called ‘debugging’ (or severity 7 in Syslog world)

  • 0=Emergencies
  • 1=Alert
  • 2=Critical
  • 3=Errors
  • 4=Warnings
  • 5=Notifications
  • 6=Informational
  • 7=Debugging

So if you are debugging, then all you are doing is looking at syslog output thats severity 7. The ASA can send these logs to an internal memory buffer, and external Syslog server, or to the screen, either the console (via rollover cable) or the monitor (SSH/Telnet session, or what router types, call the virtual terminal lines).

Fine but I cant see anything doofus, that’s why I’m here!

OK, now you understand how it all works, you should understand when you see the commands, why it wasn’t working!

Issue a ‘show log’ command;

What does this tell us? Well mose importantly it tells us logging in ON.

[box]Syslog logging: enabled[/box]

If it were disabled then you turn it on with;

[box]logging on[/box]

The next piece of pertinent information is.

[box]Timestamp Logging: Disabled[/box]

While not critical, logs are much easier to interpret when they are stamped with the correct time! I’m in the UK so this is the command I would use (Note: I’m enabling NTP Time sync, this can take a while to synchronise);

[box]

clock timezone GMT 0
clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 2:00

!
ntp server 130.88.203.12 source outside

!
logging timestamp

[/box]

Sending Debug Output to the Screen

As mentioned above, you can send output to the console or the monitor;

Send Debug to SSH/Telnet Session

[box]logging monitor debugging

terminal monitor[/box]

Note: To disable, the command is ‘terminal no monitorNOT ‘no terminal monitor’ (Thanks Cisco!)

Sending Debug Output to the Console (Serial Connection)

Send Debug to SSH/Telnet Session

[box]logging console debugging[/box]

Note: To stop it, set it back to ‘warnings’ (the default).

[box]logging console warnings[/box]

Sending Debug Output to the Internal Log (Buffer)

This is easier, as you can filter the results for particular IP addresses/ports/usernames etc, which is handy if there are pages and pages to look though, and they are not scrolling past you yes, faster than you can read them!

[box]

logging buffered debug
logging buffer-size 1000000

[/box]

Then to view the logs file;

[box]show log[/box]

To clear the log;

[box]clear logging buffer[/box]

To turn off;

[box]no logging buffered debug[/box]

To Filter/Search the logs;

[box]show log | include 192.168.100.1[/box]

Related Articles, References, Credits, or External Links

NA

ASA Connection Error: ‘The First Key-Exchange Algorithm’

KB ID 0001476

Problem

When attempting to connect to a Cisco ASA firewall via SSH you see the following error;

The first key-exchange algorithm supported by the server is diffie-hellman-group1-sha1, which is below the configured warning threshold.
Do you want to continue with this connection?

Clicking ‘Yes’ will let you connect.

Solution

When connected, execute the following commands;

[box]conf t

ssh key-exchange group dh-group14-sha1

write mem[/box]

Problem solved.

Related Articles, References, Credits, or External Links

How Diffie Hellman Works