VMware: Change IOPS Limit From 1000 to 1
KB ID 0001532 Problem I got asked to do this by a client this week, HP has requested that this be set for connections to their Storevirtual VSA that had been having some problems. Solution I followed the instructions and was at first confused because I could not see the settings that needed changing? That’s because this only applies if you have MULTIPATHING enabled and set to ‘Round Robin’. So if your storage does...
Cisco ASA VPN to Cisco Router “MM_WAIT_MSG3”
KB ID 0001531 Problem While migrating a VPN tunnel from an ASA 5520 firewall to a new 5516-X I got this problem. The other end was a Cisco router (2900). As soon as I swapped it over, it was stuck at MM_WAIT_MSG3, and phase 1 would not establish; NUFC-ASA5516x(config-tunnel-ipsec)# show crypto isa IKEv1 SAs: Active SA: 6 Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey) Total IKE SA: 6 1 IKE Peer: 1.1.1.1 Type :...
Cisco ASA: “Wrong Serial Number?”
KB ID 0001530 Problem Cisco have done this for a while, the first time I saw it was years ago on a 5585, but all the NGFW models now have a ‘Serial Number” and a “Chassis Serial Number”. Normally you don’t care unless you need to log a TAC call online. So you issue a show version command, take a note of the serial number, and then it says, there’s no record of that serial number? Solution Just to be...
Disable ATS Heartbeat
KB ID 0001529 Problem After ESX 5.5 Update 2, VMware added ATS Heartbeat.Some vendors, (like HPE SureStore and VSA) recommend that this is disabled. I can’t find any info about whether it’s safe to do this in production, so to be on the safe side I placed the hosts in maintenance mode first. Enter Maintenance Mode Use the following command; vim-cmd /hostsvc/maintenance_mode_enter Disable ATS Heartbeat Use the following...
Exchange: Create a PFX Certificate and Import a Private Key
KB ID 0001528 Problem On my test network I have an Exchange server (Exchange 2016). As it’s publicly available and connected to Office 365 it needs a digital certificate. Because its my test network, I don’t want to spend a fortune on a certificates, so I buy the cheapest one I can find. I replaced it last week with a 2 year certificate for about $5.00. When the certificate came I had certificate-name.crt, and a CA bundle,...