Windows Adding Firewall Rules With PowerShell
KB ID 0001538 Problem There was a question on Experts Exchange this morning, the asker wanted to be able to add a ‘Trusted’ network range to their Windows Server Firewall settings as a ‘allow all ports’ rule. Solution You can of course add this manually in the GUI, normally I’d simply Add a Firewall Rule with a Group Policy. but the problem with that is, that’s fine if you want to open a particular...
Safari – Download ZIP files (Not Open Them!)
KB ID 0001537 Problem I’d forgotten Safari did this, after replacing my mac a few weeks ago I was trying to download a ZIP file from Github, and was perplexed that it was getting extracted to a folder in my downloads folder, and not appearing as a ZIP file? Solution After about the third time, the penny dropped. Safari does this by default. You need to disable it. Safari > Preferences > General > UNTICK : Open...
You Have Exceeded the Maximum Number of Computer Accounts
KB ID 0001536 Problem A few weeks ago, this was asked in a forum, and while I knew what the problem was, I’d never seen it myself. So I recreated the problem on the test network to look at why it happened, and how to fix / get around the problem. The following error occurred attempting to join the domain {domain-name} You computer could not be joined to the domain, You have exceeded the maximum number of computer accounts you...
Sysprep Was Unable to Validate
KB ID 0001535 Problem While building a new Windows 10 machine to be used as a template, I ran Sysprep to generalise the installation, and got this; Sysprep was not able to validate your Windows Installation. Review the log file at %WINDIR%\System32\Sysprep\Panther\setupact.log for details. After resolving the issue, use Sysprep to validate yout Installation again. Solution What I did was Google the error, instead of looking at the log...
VMware: Fiber Channel HBA Reports Wrong WWN?
KB ID 0001534 Problem I was building some new ESX 6.7 U1 (HPE) servers this week, they had Emulex Fiber HBA’s in them. When it came to ‘allowing’ them access to the SAN, I went to get the Port World Wide Name; And was presented with this; Not only is that 19 Characters long, and not 16 characters, but BOTH VMHBA’s WERE THE SAME! Like MAC addresses they should be unique? So I’m guessing this is a bug....
Cisco IOS: Ether-Channel Trunks
KB ID 0001533 Problem This is a subject that every time I need to create an Ether-Channel I end up checking beforehand, so it’s about time I wrote it up. We are combining two different things, an Ether-channel, (an aggregation of links) and a Trunk (the ability to carry many VLANS). If you are NOT from a Cisco background then you might want to read though the following post first to avoid confusion about the world...
VMware: Change IOPS Limit From 1000 to 1
KB ID 0001532 Problem I got asked to do this by a client this week, HP has requested that this be set for connections to their Storevirtual VSA that had been having some problems. Solution I followed the instructions and was at first confused because I could not see the settings that needed changing? That’s because this only applies if you have MULTIPATHING enabled and set to ‘Round Robin’. So if your storage does...
Cisco ASA VPN to Cisco Router “MM_WAIT_MSG3”
KB ID 0001531 Problem While migrating a VPN tunnel from an ASA 5520 firewall to a new 5516-X I got this problem. The other end was a Cisco router (2900). As soon as I swapped it over, it was stuck at MM_WAIT_MSG3, and phase 1 would not establish; NUFC-ASA5516x(config-tunnel-ipsec)# show crypto isa IKEv1 SAs: Active SA: 6 Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey) Total IKE SA: 6 1 IKE Peer: 1.1.1.1 Type :...
Cisco ASA: “Wrong Serial Number?”
KB ID 0001530 Problem Cisco have done this for a while, the first time I saw it was years ago on a 5585, but all the NGFW models now have a ‘Serial Number” and a “Chassis Serial Number”. Normally you don’t care unless you need to log a TAC call online. So you issue a show version command, take a note of the serial number, and then it says, there’s no record of that serial number? Solution Just to be...
Disable ATS Heartbeat
KB ID 0001529 Problem After ESX 5.5 Update 2, VMware added ATS Heartbeat.Some vendors, (like HPE SureStore and VSA) recommend that this is disabled. I can’t find any info about whether it’s safe to do this in production, so to be on the safe side I placed the hosts in maintenance mode first. Enter Maintenance Mode Use the following command; vim-cmd /hostsvc/maintenance_mode_enter Disable ATS Heartbeat Use the following...