VMware Enable SSH (vSphere ESX)
VMware Enable SSH KB ID 0000299 Problem Should you wish to get SSH (remote secure console) access to your ESX hosts, you need to do the following. ESX Version 8 and Newer ESX Version 6.5 and Newer ESX version 5 and Newer ESX version 4.1.0 ESX version 4.0.0 and earlier ESX version 4.0.0 and earlier Solution VMware Enable SSH ESX 8.0 Directly on an ESX Host: If you have a stand-alone ESX Server running version 8.x, Log in via the...
Cisco AnyConnect – With Google Authenticator 2 Factor Authentication
KB ID 0001256 Problem This was asked as a question on Experts Exchange this week, and it got my interest. A quick search turned up a bunch of posts that said, yes this is possible, and you deploy it with FreeRADIUS and it works great. The problem was, a lot of the information is a little out of date, and some of it is ‘wrong enough’ to make the non-technical types give up. But I persevered, and got it to work. Disclaimer:...
Event ID 4107
KB ID 0000304 Problem Event ID 4107 Failed extract of third-party root list from auto update cab at: <Microsoft URL>with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file. There’s a lot of info on this error out there in forums, and 99% of it had nothing to do with my problem. Its basically a certificate error, to get to the...
Troubleshooting Phase 2 Cisco Site to Site (L2L) VPN Tunnels
KB ID 0000625 Problem It’s been over two years since I wrote Troubleshooting Phase 1 Cisco Site to Site (L2L) VPN Tunnels. I’ve always meant to come back and write the ‘Phase 2’ article but never got around to it. This article is NOT intended to be a ‘fix all” for phase 2 problems, it’s designed to point you in the right direction to locate the source of the problem. Solution Here’s my...
Cisco ASA – Using ‘logging’ to see what ports are being blocked
KB ID 0000702 Problem If you look after a firewall, sooner or later something will fail, and the blame (rightly or wrongly), will be leveled at the firewall. I came back from holiday this week to find a client had got a problem with secure POP email. The problem had been fixed (temporarily) by dropping the affected users into a group, and opening all ports. As this had fixed the problem then it’s fair to say that the ASA was...