macOS: FaceTime HD Camera Not Working In Microsoft Teams?

KB ID 0001671

Problem

My firm are in the middle of moving from Skype to Teams, so more and more online meetings are being done with Teams. I have had some problems trying to get my camera to work?

Solution

Firstly you need to ‘Allow’ Teams to use the camera; Click the ‘Apple’ icon > System preferences > Security and privacy > Privacy > Camera > Tick to enable ‘Microsoft Teams’ (Note: You may need to click the padlock at the bottom, before you can change any settings).

If you have Teams running, you will need to restart it, then if you can see the camera ‘feed’ in Settings > Devices, (as below) you should be good to go.

Cannot See Camera Input in Teams

If there’s still no input, then it’s probably because another application has control of the Camera. (Remember I said above, we are migrating from Skype!) Well look in Skype and boom its working there, so Teams can’t use it!

I don’t need my camera in Skype, so I can simply ‘Block’ Skype from using it;

But if you want to use the Camara in BOTH/MORE applications, simply close the other applications that may have stolen the camera and restart the one you want to use it.

Related Articles, References, Credits, or External Links

NA

Remote Connect to macOS

KB ID 0001539

Problem

Remotely connecting to Windows is easy we’ve had RDP since Windows NT4, (yes I’m that old). But what if you want to remote connect to a mac? Well that has ‘Screen Sharing’ built in, (which it pretty much the same, but it uses VNC). 

If you’re unfamiliar with VNC, (Virtual Network Computing,) you can install it on both Windows and Linux. Normally you need a client, (to connect with) and a server, (to connect to). VNC server is built into your Mac, so you just need to switch it on. 

Note: To access though a firewall you will need to have TCP port 5900 open/forwarded to the mac.

Solution

Apple Symbol > System Prefernces > Sharing.

Tick: ‘Screen Sharing‘ > Computer Settings > Tick VNC viewers may control screen with password > Enter a password > OK.

On a remote machine download a VNC client (there are a lot to choose from!) > Point it to the IP address of your mac > Enter the password you set, (above).

And you are connected.

Related Articles, References, Credits, or External Links

NA

AnyConnect – “Connection attempt has failed due to server communication errors’

KB ID 0001279 

Problem

We had a firewall fail at work this week, as part of the rebuild the latest OS was put on it, version 9.7(1). I thought no more about it until I tried to VPN in and got this;

I used my Windows 10 VM and that connected fine, only my MacBook could not connect, this VPN tunnel is a big deal I need it to get onto client’s networks. I tried my other VPN connections and every one was fine, only the recently rebuilt one didn’t work? Ive seen OSX throw a wobbly with AnyConnect in the past so I did a complete uninstall,  deleted the opt/cisco folder and put on the latest version (4.4.00243 at time of writing) no change.

VPN

Connection attempt has failed due to server communication errors. Please retry the connection

A look in the client message history showed me this..

Connection attempt has failed.

No valid certificates available for authentication.

I checked my certificates, and the certificate on the firewall both they, (and the certificate chain,) were fine.

Debugging AnyConnect gave NO OUTPUT at all, but debugging SSL showed me this;

[box]

Petes-ASA#dedug ssl 255
debug ssl enabled at level 255.
Petes-ASA# error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832
error:06067099:digital envelope routines:EVP_PKEY_copy_parameters:different parameters@p_lib.c:143
error:1415FFA5:SSL routines:SSL_accept:pkp error@ssl_engine.c:2832

[/box]

Try Googling that and getting a result! In fact that’s probably what brought you here.

Solution

If you change a Cisco OS and things like this stop working normally it’s because they’ve dropped support for something that’s got a security hole in it. In the wake of the Poodle Exploit I assumed it was an SSL/TLS problem, but that wasn’t it.

I was in the right ball park though, and a bit of lateral thinking and SSL cipher problems I’ve had with ASDM, made me think, what if it’s SHA that’s been dropped because everyone is dropping SHA1 cause it’s the hashing algorithm of Satan?

Well as soon as I added a SHA1 ciphers back in, everything started working again!

[box]

Petes-ASA(config)# ssl encryption aes256-sha1 aes128-sha1
WARNING: This command has been deprecated; use 'ssl cipher' instead.
INFO: Converting to: ssl cipher default custom "AES256-SHA:AES128-SHA"
INFO: Converting to: ssl cipher tlsv1 custom "AES256-SHA:AES128-SHA"
INFO: Converting to: ssl cipher dtlsv1 custom "AES256-SHA:AES128-SHA"

[/box]

 

Disclaimer: SHA1 is bad, where practical all cert ciphers should be at least SHA256

Related Articles, References, Credits, or External Links

NA

MAC TFTP Software (OS X )

Mac TFTP KB ID 0001247

Problem

Every time I go to a networking event theres a sea of MacBooks in the audience, If techs like MacBooks so much why is there such a lack of decent Mac TFTP software?

Solution

The thing is, I’m looking at the problem with my ‘Windows User’ head on. When I have a task to perform I’m geared towards looking for a program do do that for me. OS X is Linux (There I said it!) Linux in a pretty dress, I’ll grant you, but scratch the surface a little bit and there it is.

Why is that important? Well your already holding a running TFTP server on your hand, your MAC is already running a TFTP server, you just need to learn how to use it.

MAC TFTP Server (OS X Native)

As I said it’s probably running anyway, but to check, open a Terminal window and issue the following command;

[box]netstat -atp UDP | grep tftp[/box]

If it’s not running you can manually start and stop the TFTP server with the following commands;

[box]Start TFTP

sudo launchctl load -F /System/Library/LaunchDaemons/tftp.plist

Stop TFTP

sudo launchctl unload -F /System/Library/LaunchDaemons/tftp.plist[/box]

Note: In macOS Catalina, it’s disabled by default, so if you don’t manually start it, you will see errors like;

[box]

%Error reading tftp://192.168.1.20/cisco-ftd-fp1k.6.6.0-90.SPA (Timed out attempting to connect)
[/box]

It would normally go without saying, but If I don’t say it, the post will fill up with comments! Make sure your Mac is physically connected to the same network as the network device, and has an IP address in the same range.

And make sure the device, and the Mac can ‘ping’ each other.

Use Mac TFTP Deamon To Copy a File To a Network Device

I’ve got a Cisco ASA 5505, but whatever the device is, does not really matter. You will have a file that you have downloaded, and you want to ‘send’ that file to a device. This file will probably be in your ‘downloads’ folder, the TFTP deamon uses the /private/tftpboot folder so we are going to copy the file there. Then set the correct permissions on the file.

[box]

cd ~/Downloads
cp FILENAME /private/tftpboot
cd /private/tftpboot
chmod 766 FILENAME

[/box]

Note: You can also use;

sudo chmod 777 /private/tftpboot
sudo chmod 777 /private/tftpboot/*

To set permissions on ALL files in this directory.

You can then execute the command on your device to copy the file across;

[box]

ciscoasa# copy tftp flash

Address or name of remote host []? 192.168.1.5

Source filename []? asa825-59-k8.bin

Destination filename [asa825-59-k8.bin]? {Enter}

Accessing tftp://192.168.1.5/asa825-59-k8.bin...!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Writing file disk0:/asa825-59-k8.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
15482880 bytes copied in 12.460 secs (1290240 bytes/sec)
ciscoasa#

[/box]

Use Mac TFTP Deamon To Copy a File From a Network Device

There is a gotcha with the TFTP daemon, which is you cant copy a file to the TFTP daemon if that file does not already exist there.  Which at first glance sort of defeats the object, but what it really means id you have to have a file there with the same name and the correct permissions on it. In Linux you can create a file with the ‘Touch’ command.

[box]

cd /private/tftpboot
touch FILENAME
chmod 766 FILENAME

[/box]

You can then sent the file to your Mac from the device;

[box]

ciscoasa# copy flash tftp

Source filename []? asa825-59-k8.bin

Address or name of remote host []? 192.168.1.5

Destination filename [asa825-59-k8.bin]? {Enter}

Writing file tftp://192.168.1.5/asa825-59-k8.bin...
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
15482880 bytes copied in 9.940 secs (1720320 bytes/sec)
ciscoasa#

[/box]

I Want Mac OS X TFTP Software!

Well you have a limited choice, if you don’t like using the Mac TFTP Daemon. You can install and use a GUI front end that uses the built in TFTP software. 

But if you want a ‘stand-alone’ piece of software then the only other one I’ve found is PumpKIN, you will need to disable the built in TFTP daemon or it will throw an error.

Related Articles, References, Credits, or External Links

FortiGate TFTP : Backup To & Restore From

Backup and Restore Cisco IOS (Switches and Routers)

Backup and Restore a Cisco Firewall

CentOS – Install and Configure a TFTP Server