Category: Technology

Secure Socket Layer

Yesterday I went through literally (yes literally) every host on my IIS server and rebuilt every SSL certificate. I was using the program Let’s Encrypt as my certification authority. Upon first attempt, this was no easy feat with Microsoft IIS. If I had Linux, it would be practically effortless. However, Windows was a different story. Fortunately there is a freeware command line application that assists in the process called letsencrypt-win-simple. For the most part, it does the job well and also create a scheduled task that automatically handles the certificate renewals. 

Unfortunately last month I pressed “create all certificates for all sites” in the program. This made at least twice the number of certs I needed, the new ones pertaining to my redirects. This caused a few issues and spammed my Inbox that some certs were expiring. 

So yesterday as I said before, I started all from a blank slate. The Let’s Encrypt program had its own folder that stored renewal information. I made a copy and wiped it. Then I cleared out all the unnecessary certs in IIS. Finally I went through one by one and made new valid certs that should renew automatically. 

One site wouldn’t accept SSL, but I suspect that is due to the manual HTML encoding used. I’ll be speaking with that webmaster soon. 

Free SSL for the win! 

SonicWALL SSL-VPN and Tunnel All Mode

I must remember this one.  Scenario: you have setup SonicWALL’s SSL-VPN to accept external NetExtender client connections.  You have configured the clients in “Tunnel All Mode” which means the external device will browse the Internet from the IP of the SonicWALL (useful for when you’re at a public hotspot or other connection-inhibiting location).  Everything connects properly and yet you cannot browse the Internet.  The fix is simple.

Go to Local Groups, edit the SSLVPN Services group.  Go to the VPN Access tab.  Add the entry WAN RemoteAccess Networks.

You’re welcome.

Don’t Forget the RTP Stream!

It’s been a rough day for SIP. Out of nowhere my Asterisk server stopped working properly. I suspected the SonicWALL and began a 2 hour long process of generating the configuration from factory defaults. I did this because a SonicWALL technician in his Indian accent chastised me for loading Beta firmware without having good backups. He blamed this for having a malfunctioning CFS policy. Anyway, I loaded new configuration and as it was it had no effect on the symptoms. Specifically, there was 1-way or no audio and the call disconnected right at about 30 seconds. 

Every Asterisk forum and support post always describes the cause of this issue to be bad NAT-ing. However nothing had changed. I loaded the same configuration into the SonicWALL as was before the wipe. 

Ultimately after much searching I came across a working solution. I added RTP ports UDP 10000-20000 to the firewall. Also I opened up the firewall to All incoming connections instead of my SIP trunk providers IP address. Possibly they changed the IP address for the media gateway but only a call to tech support would determine that. Fortunately I’ll do that tomorrow. 

Side note that I also went through a couple hours worth of free SMTP quota in about 3 seconds. I turned on email alerts on the default SonicWALL configuration. I also had Geo-IP filter engaged for a measly few 12 of the baddest countries in the malware world. Let’s just say it’s a dangerous Internet out there. My SonicWALL sent an email every time someone tried to connect and was blocked yet the Geo-IP filter. 

VMware Can’t Add NFS Datastore

This problem took me over a month to figure out.  However, with the help of a fellow tech guy (shout out to Michael Groff, thank you bro), it’s finally put to rest.

Symptoms: VMware ESXi server will not connect to a FreeNAS NFS share no matter what.  When trying to add it, VMware immediately displays a “failed” error.

Cause: About a month ago, I had an existing datastore connected with the name of “BACKUP” that was an iSCSI share from a Synology NAS.  This single drive finally failed and needed to be replaced.  Since the drive failed, I did not specifically delete the datastore from VMware, although it did not show anymore.
This was ultimately the problem.  While VMware didn’t show the datastore, I was trying to add a new datastore also called “BACKUP” (trying to remain consistent here) but somewhere in VMware the name still existed.  Unfortunately I’ve lost the link to the website where the fix was found, but it’s so simple that I still remember it.

Resolution: Connect to VMware ESXi using SSH and run the command esxcfg-nas -d <datastore name>
It will generate an error such as “Datastore not found; but we deleted it anyway”.  After that, you should be able to add your NFS datastore again.

Advidia A-14 or A-15 and Constant Reboot

Just a simple note that might save you hours of troubleshooting.  If you update the firmware of an Advidia A-14 or A-15 camera (might be more models), you will need to perform a Factory Default command, otherwise the unit will reboot every 3-5 minutes.

For what it’s worth, this is mentioned on the Advidia website.

Bad Things Come in Three’s, Right?

In the past week, the following has happened.

  • The media server, Valhalla, was mysteriously infected by Ransomware but no note was found; only encrypted files.
  • The main NAS for my network is reporting hundreds of “File System Errors” but is unable to tell me any more information and all the data is accessible.
  • There was a storage failure (and subsequent automatic recovery) of the VMware server in the middle of the night and that caused four (4) virtual machines to fail; cause of the failure is completely unknown.

I really hate things that break.  Tune in for more as this story develops.

Big Phone to Small Phone to Bigger Phone (Part 3)

This post is about the final chapter of my quest for the right smartphone in August of this year.  The purchase has been made and the honeymoon is in full swing.  I have purchased the Google Nexus 6P.

droid_turbo2_iphone5_nexus6pDroid Turbo 2 > iPhone 5 > Nexus 6P

Originally I was going to purchase the new Moto Z Droid Force and start “modding” it with accessories.  However, the pricing for the Moto Z was not attractive.  Gone are the days of the “affordable” (and customizable) Moto X.  The Moto Z Droid Force (64 GB) I wanted was $770 not including accessories.  Unfortunately Best Buy wanted to sell me the 32 GB version for $800.  Yes I wanted to retire my Droid Turbo 2, but this was getting seriously expensive.

I think it was through an advertisement in an e-mail that I was alerted to the special promotional price of $400 for a Google Nexus 6P (64 GB).  I literally stayed up for two hours past my bedtime reading all about the reviews and life with the Nexus 6P.  Originally when the device launched it cost $650 making it not affordable, as well as being manufacturered by Huawei.  I was not excited about giving my money to a foreign company.  However, now that Motorola was owned by Lenovo, I officially decided to “pick my poison”.

After using the device for a few days now, I am very happy with its speed, simplicity, and fingerprint reader.  The camera is very impressive so far as well.  I don’t expect to be impressed after a year of apps and updates slow it all down, but for now I can finally stop worrying about my smartphone.  I am still searching for the right case to protect the (breakable) screen but in the meantime a nice matte Skinomi protects it from fingerprints and body oil.

Thanks for reading my thoughts.

Big Phone to Small Phone to Bigger Phone (Part 2)

This is a continuation of my previous post regarding my smartphone experiences of July and August of this year.

Yes, I said it.  For 1 and a half weeks, I used a fully-functioning Apple iPhone 5.  Sure, I wish it could have been a new iPhone 6S, but for being free I cannot complain.  I have used iPhone’s before and supported the devices for many years in my personal and professional life.  This was the first time I had an extended usage duration with the whole Apple ecosystem.

I am going to confirm what I have been saying for literally years: I respect Apple and what the company has done to the smartphone world, however it is simply not the device for me.

The iPhone is simple, easy to use, (for the most part) reliable and safe, and very close-minded.  Yes I can accomplish most of the same goals I could on Android, but I had to do these tasks a certain way.  It was satisfying to know that my unofficial review of the iPhone device that I have been reporting for years has been confirmed with actual use.  I almost thought to myself it was a poorly-executed and copied BlackBerry ecosystem, but highly successful.  Most people harshly criticize BlackBerry for forcing tasks a certain way, but iPhone is just as guilty.  Meanwhile, simply saying, Android allows for so much more unique configurations and commands.

There is one thing I definitely enjoyed about the iPhone 5 and that was its size.  I could easily operate it with one hand and it was very comfortable to hold, even if it was only glass and metal and had sharp lines all over it.  Sometimes I miss the simplicity and effectiveness of a flip-phone and the iPhone 5 had similar qualities of dimensions that could help ease the transition from a simple device to a smartphone.

Every now and then when I become so frustrated with Android and the fragmentation of the ecosystem, I romanced the idea of abandoning ship and purchasing a new Apple iPhone.  This quick fling with the opposing team has solidified me in Android.  Sure, it may be much more complex and difficult to setup and backup and maintain, but Android simply does more.

Big Phone to Small Phone to Bigger Phone (Part 1)

The past month has definitely been a difficult month for smartphones.  It all started out when I purchased my Motorola Droid Turbo 2 shortly after launch day last year.  The phone was marketed as having a “shatterproof display” and even carried a dedicated 4-year warranty exclusively for the display if you found a way to damage it.  I quickly found out that even though most people have said it’s a marketing gimmick, the screen indeed does not break.  It has been the first phone I have carried without a case and while the phone itself suffered bumps and bruises, the screen was flawless.

Unfortunately while the screen was flawless, the internal parts were not.  After a long honeymoon period, the phone began shutting off randomly, then always when it fell on the ground.  Then more frustratingly it sometimes did not power back on immediately.  This left me in a panic a few times as I was left without communication.  Fortunately I had my ever-reliable BlackBerry to help me through a few sticky situations.

Contacting Motorola (not Verizon), I obtained a replacement new device (Moto-Maker) and vowed to treat this phone with utmost respect and would not let accidental falls happen, no matter how durable the screen is.  Much to my dismay, the phone still shut down and rebooted on its own, and had difficulty starting back up.  The longest it was down was four days (with the battery charged, if you were curious).  Same again, I contacted Motorola and I was sent a new phone.  But here’s the interesting part: For the 1 and a half weeks that my Turbo 2 was inoperable, I used an Apple iPhone 5.

If you want to comment on my Turbo 2 woes and experiences, comment on this post.  For my thoughts about the Apple iPhone, see the next post.