Some nice For Dummies Books.

Will add more as I stumble upon them.

Network Virtualization for Dummies
https://secure.vmware.com/47785_REG?touch=1&src=so_5bbb4d89277ef&cid=70134000001CYBq&src=so_5a314d05e49f5&cid=70134000001SkJn

Micro‐segmentation For Dummies
https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/products/vmware-micro-segmentation-for-dummies-book.pdf

NVMe over Fibre Channel For Dummies Brocade Special Edition
http://media.wiley.com/assets/7359/40/9781119399711.pdf

Firewalls for Dummies
https://doc.lagout.org/Others/Firewalls%20For%20Dummies%2C%202nd%20Edition.pdf

Next Generation Firewall for Dummies
https://www.csuc.cat/sites/default/files/docs/ngfw_for_dummies_ebook.pdf

Cybersecurity for Dummies
https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/education/cybersecurity-for-dummies.pdf

Network Security in Virtualized Data Centers for Dummies
http://gauss.ececs.uc.edu/Courses/c5155/pdf/netsec_virtdatacntr.pdf

Virtualization for Dummies
https://ssl.www8.hp.com/de/de/pdf/virtuallisation_tcm_144_1147500.pdf

 

Requires registration

Modern PC Management for Dummies Guide
https://secure.vmware.com/45047_REG?touch=1&src=so_5b976692a4abe&cid=70134000001sq1O

SMB Hybrid IT for Dummies
https://www.hpe.com/us/en/resources/servers/smb-hybrid-it-dummies.html

Next-Gen Virtualization for Dummies
Hyper-Converged Infrastructure For Dummies
Network Virtualizations For Dummies
http://learn.vmware.com/40588_REG?touch=1&src=so_5bbede7a6a8ab&cid=70134000001SpN6&src=so_5a314d05e49f5&cid=70134000001SkJn

Advertisements

Client VPN and VPN server in ASUS router at the same time. Route all traffic thru VPN service.

What we want:

Markering_596

 

I don’t think this will work with ASUS orginal firmware, I have not tested.
I use Merlin (https://asuswrt.lostrealm.ca/)

Check what TUN you have in the router via ssh
Command: route

Then you see what TUN you have on the vpn, in my case tun15
You can also use tun1+ but then all TUN will be affected

Command:
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun15 -j MASQUERADE

Test if this works

Then add it to a script that will apply this automatic after renoot.

Script:
https://github.com/RMerl/asuswrt-merlin/wiki/User-scripts
1. Enable script in the gui
2. Create script

vi /jffs/scripts/firewall-start

#!/bin/sh
iptables -I POSTROUTING -t nat -s $(nvram get vpn_server1_sn)/24 -o tun15 -j MASQUERADE

chmod +x /jffs/scripts/firewall-start

reboot

Don’t forget to tick to start vpn client on boot in the gui

And

Redirect Internet traffic Any or selective routing

Create wildcard from lets encrypt from another machine. And convert to p12

You need to verify by dns, that’s what I read anyway.

I was doing this from ubuntu 18.04

Install certbot:

sudo add-apt-repository ppa:certbot/certbot

sudo apt install python-certbot-apache

Oneliners

  1. Certbot certonly –manual –preferred-challenges=dns –email roger.bergling@invid.se –server https://acme-v02.api.letsencrypt.org/directory –agree-tos -d *.portal.jkp.invid.se
  2. Add DNS txt vaule, you get this from above command
  3. Convert cert to p12: openssl pkcs12 -export -inkey privkey.pem -in fullchain.pem -out portal.p12

 

 

 

Update Manager is missing in the Flash or HTML5 gui. No errors, service is started. Unable to access Virtual Center from Linux Client.

One smash, two flies

After upgrading from 6.5 vcsa to 6.7 without any problem, update manager is missing in the clients, both flash and html5.

No errors on services, and everything looked fine.

But when I from Linux client browse to virtualcenter adress I get:

NET::ERR_CERT_INVALID

And I am not able to proceed to the site.

 

After the upgrade, for some reason the machine certificate got fucked up!
Common Name was set to CA. Don’t know why.

But i HTML5 gui, go to Administration, Certificate Management

Look at __MACHINE_CERT. The Common name was set to CA, and that was not the server name. So we choose action and press renew. Restarted the appliance and after that Update Manager and the cert error was gone.

If you are using third party application like veeam, don’t forget to verify the connection to the Virtual Center.

 

 

Markering_592

Unable to migrate Virtual Center to 6.5 from 5.5. Certificate errors.

Easy one

Uninstall VCenter Server from Windows

Copy/Backup and  Remove

C:\ProgramData\VMware\VMware VirtualCenter\SSL

Reinstall same Virtual Center that was installed before.

 

Or you can follow this great blogg from Zlatko Mitev

http://vbuffer.com/vcenter-selfsigned-certificates/

Some notifcation from me:

OpenSSL 0.9.8 is requried
http://gnuwin32.sourceforge.net/packages/openssl.htm

Deploying and using the SSL Certificate Automation Tool 5.5
http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=2057340

#When you are running openssl 0.9.8 you can go past 2037 or something so you need to change -days to something smaller
openssl x509 -req -days 1300 -sha256 -in c:\tmp\rui.csr -signkey c:\tmp\rui.key -out c:\tmp\rui.crt -extensions v3_req -extfile c:\tmp\openssl_config.cfg

#For me Openssl 0.9.8 did not work so I used the openssl version from C:\Program Files\VMware\Infrastructure\Inventory Service\bin
openssl.exe pkcs12 -export -in c:\tmp\rui.crt -inkey c:\tmp\rui.key -name rui -passout pass:testpassword -out c:\tmp\rui.pfx

 

Windows 2008 R2 cleanmgr.exe how to fix without reboot.

If not have desktop expirence installed and want to clean up C: on Windows 2008R2. Then copy below files the you are able to run clenmgr whitout reboot.
Yo need to overwrite, because the old files will be there.

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr_31bf3856ad364e35_6.1.7600.16385_none_c9392808773cd7da\cleanmgr.exe

to C:\windows\system32\

C:\Windows\winsxs\amd64_microsoft-windows-cleanmgr.resources_31bf3856ad364e35_6.1.7600.16385_en-us_b9cb6194b257cc63\cleanmgr.exe.mui

to C:\windows\system32\en-us\

The you can run cleanmgr.exe