Citrix NetScaler – Simple HTTP Site Load Balancing
KB ID 0001188 Problem Here is the simplest load balancing scenario I can think of, I’ve got two web servers, (on http port 80) and I’m presenting them though my NetScaler as an HTTP (Virtual Server). Solution First we add the ‘back-end’ servers. Connect to the management IP of your NetScaler and login > Configuration > Traffic Management > Load Balancing > Servers > Add. Define a name for the...
NetScaler – Locate the Host ID
KB ID 0001187 Problem To apply a license to your NetScaler you need the supply the Host ID to the licensing portal. A quick internet search yielded the commands, but the were not working? Solution Note: If this is a new installation, the username and password will both be set to nsroot. Whatever I was reading, didn’t tell me I needed to drop to shell mode! shell lmutil lmhostid As you can see this ones 0050569d5a96, (which I...
Windows – Suppress the ‘First Run’ Welcome to Windows Animation
KB ID 0001186 Problem I don’t like ‘first-run’ dialogs, Internet Explorer is annoying enough, Now Windows and Office insist on playing me a film clip when they start for the first time. I’m a busy guy I have things to do, stop asking me questions and making recommendations! It takes this long to create a user profile? I don’t think so. Solution You can do this by local policy on the machine, but domain...
Cisco – Cannot Connect to the ASA FirePOWER Module
KB ID 0001182 Problem There’s an alarming amount of people who have contacted me about this error; Cannot connect the the ASA FirePOWER module. Cannot connect the the ASA FirePOWER module.. Check that it is correctly configured and on the network. It’s also possible that the management address is being translated by NAT. Please verify the IP address/Hostname and port. Note: If you have just updated or re-imaged the SFR...
Microsoft – NDES Site Shows ‘HTTP Error 500.0 – Internal Server Error’
KB ID 0001181 Problem I was doing some testing for a client this week, a while ago I had deployed a three tier PKI solution for them, and as part of the rollout we deployed NDES for their network devices, (they were going to use certificates to secure site to site VPNs). The client was concerned, and wanted the auto renewal process testing. This could not be done on the live system. So myself and a colleague went to the test bench, I...
Exchange – ‘Not all the required authentication methods were found’
KB ID 0001180 Problem I had to visit a client who had recently gone through an Exchange migration, now his external mail clients were having a nightmare staying connected to Outlook Anywhere. I ran the Exchange connectivity tester and got this; Additional details Not all the required authentication methods were found Methods Found: Basic Methods Required: NTLM Solution Looks like an open and shut case, someone forgot to enable...
Cisco Add FirePOWER Module to FirePOWER Management Center
KB ID 0001178 Problem If you only have one FirePOWER service module you can now manage it from the ASDM; ASA 5505-X / 5508-X Setup FirePOWER Services (for ASDM) But if you have got more than one, and you can manage them centrally with the FirePOWER Management Center, (formally SourceFIRE Defence Center). WARNING: If you are going to use FMC DON’T register your licences in the ASDM, they all need to be registered in the FMC. ...
Cisco – Testing AAA Authentication (Cisco ASA and IOS)
KB ID 0001175 Problem I always forget the syntax for this, and I’ve been meaning to publish this for a while so here you go. If you have AAA setup and people can’t log in, then the ability to test authentication against a user’s username and password is a good troubleshooting step! Usually I’m on a Cisco ASA but I’ll tag on the syntax for IOS as well. Solution Cisco ASA Test AAA Authentication From...
HP – Switches The IP (or subnet) Already Exists
KB ID 0001176 Problem I was changing a clients LAN subnet this week, (dropping the mask from /24 to /16). When I attempted to change the management IP on the clients HP switches this happened; HP2510-24G(config)# vlan 1 HP2510-24G(vlan-1)# ip address 10.0.0.250 255.255.0.0 The IP address (or subnet) 10.0.0.250/16 already exists. HP2510-24G(vlan-1)# At first I though the switch was complaining because the IP was remaining the same, I...
Cisco FirePOWER SFR Module Cannot Ping
KB ID 0001174 Problem On a newly deployed FirePOWER service module I wanted to test connectivity and attempted to ping a public IP address. This is what happened; > expert admin@Petes-SFR:~$ ping 8.8.8.8 ping: icmp open socket: Operation not permitted My first though was, “Well you have to set a default gateway on the SFR when you set it up, so the firewall is probably blocking ICMP”. So I checked the default policy...