For the trusted ips box to show up on the multi-factor authentication server settings in 365 multi-factor authentication so you can whitelist IP’s , you need to purchase and activate at least one single Microsoft Azure Multi-Factor Authentication License ( cheaper optoin ) or a single AD Premium License. This will give you the below options

 

trusted ips (learn more)
Skip multi-factor authentication for requests from federated users on my intranet
Skip multi-factor authentication for requests from following range of IP address subnets

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Fortigate

Create a new Interface under a port or an existing virtual switch where the Aruba switch uplinks to 

Enter Vlan ID and Interface IP

 

Next you will need to setup Allow Policies to allow traffic from the Vlan to the normal lan as well as internet

Aruba

Create a New Vlan with the Same ID

Add a trunk to the Uplink

Tag all the Ports with Vlan 2 that will have a phone plugged into them, Including the Trunk

Untag any ports the phone system or VOIP card might use

Attach the “voice” to the Vlan which will assign the right vlans for the phones that use LLDP 

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Meraki MX Router

Enable Vlans

Go to Security Appliance then Addressing & VLANs

Next setup the Subnet ID ( Number ) for your Vlans and the Address of the Router in each Vlan 

Next Change the Uplink to the Switch to a VLAN and set the Native Vlan ( this is the default usually 1 ) and the other Vlans which will pass down this trunk. The Native VLAN will need to be the same on both sides of Meraki and Cisco Switch

DHCP

Go to Security Appliance then DHCP

What device will be the DHCP on this new Subnet? You can set the Meraki or if its a Windows Network point the IP Helper to your main DHCP server

Cisco Switch

Uplink

On the uplink of your switch to the Meraki set e.g. GigabitEthernet1/0/1

 

conf t
int gi1/0/1
switchport trunk native vlan 1
switchport trunk allowed vlan 1,5
switchport mode trunk
end

You might see the native vlan 1 not showing in the config , this is because 1 is always the native vlan

UnTag Port on new Vlan

This changes the port to use Vlan 5

conf t
int gi1/0/2
switchport acccess vlan 5
switchport mode access
end
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Many internal companies use Newsletter services such as Mailchimp to email out internal newsletters. The From Address of this is usually an internal email address which means it will get rejected by the anti spoofing policy

Option 1

In Mimecast Administration Panel go to : 

Administration -> Gateway -> Policies -> Anti Spoofing SPF based Bypass

  1. Add the following Policy, this will only whitelist IP’s in your SPF Record,  so putting servers.mcsv.net will not work , you will also have to put “ip4:205.201.128.0/20 ip4:198.2.128.0/18 ip4:148.105.0.0/16” in your SPF record. If your SPF is over 255 characters : try option 2

 

Option 2

Administration -> Gateway -> Policies -> Anti Spoofing

Add the policy below , you can get a list of IP’s Mailchimp user here

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

If you are trying to get the size of your Synology Volume via SNMP < you will need to query the correct Index on the OID .1.3.6.1.2.1.25.2.3.1.3.

Synology does not have standard indexes , so you will need to start by downloading run and install SNMP walk on a machine that can communicate to the device over network

Enter the IP of the device in SNMP Walk ( Leave rest options to default ) and get the output to text File

Open the txt file and do a Search for volume and per below you should fine the list of OID’s

The last number will be the index , for example Index will be 41 fo the volume

.1.3.6.1.2.1.25.2.3.1.3.1 = STRING: “Physical memory”
.1.3.6.1.2.1.25.2.3.1.3.3 = STRING: “Virtual memory”
.1.3.6.1.2.1.25.2.3.1.3.6 = STRING: “Memory buffers”
.1.3.6.1.2.1.25.2.3.1.3.7 = STRING: “Cached memory”
.1.3.6.1.2.1.25.2.3.1.3.8 = STRING: “Shared memory”
.1.3.6.1.2.1.25.2.3.1.3.10 = STRING: “Swap space”
.1.3.6.1.2.1.25.2.3.1.3.31 = STRING: “/”
.1.3.6.1.2.1.25.2.3.1.3.36 = STRING: “/tmp”
.1.3.6.1.2.1.25.2.3.1.3.37 = STRING: “/run”
.1.3.6.1.2.1.25.2.3.1.3.38 = STRING: “/dev/shm”
.1.3.6.1.2.1.25.2.3.1.3.41 = STRING: “/volume1”

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently , users where getting the below error from a Web App they use

This is due to the mixed code security which needs to be set to : “Enable – hide warning and run with protections”

To deploy this setting to all computers on a network via Group Policy follow the guide below , here is the Java Reference

Create a GP to delpoy the following file to C:\Windows\Sun\Java\Deployment\deployment.config

deployment.system.config.mandatory=true
deployment.system.config=file:///C:/WINDOWS/Sun/Java/Deployment/deployment.properties

Create a GP to delpoy the following file to C:\Windows\Sun\Java\Deployment\deployment.properties

# Mixed code (sandbox vs. trusted) security verification
deployment.security.mixcode=HIDE_RUN
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently had a few Zerto Recovery Groups ( VPG’s ) came up with the state 

Recovery is possible. (0%)

Connecivity to the VM’s where ok , and when I ran through the Wizard after Editing the VPG is came back with all ticks. A reboot of the server and SCVMM server did not clear the issue either

In the end we had to perform a “Force Sync” to resync the delta’s

 

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently I was trying to add a Virtual Switch to a new Hyper V Server and I got an error similar to below

Image result for adding ports to the switch failed hyper v

Although the Virtual Switch seemed to add ok , it was coming up with Errors in the Cluster Manager ( Status Unavailable ) 

The server was actually already added to the Failover Cluster Manager. And I noticed that the

“Microsoft vmm dhcpv4 server switch extension” filter was missing. This gets added to a Node on adding to cluster

Evicting the Hyper V host from the Cluster then deleting and re-adding the VSwitch Resolved this

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)

Recently I was trying to get a WDS server PXE Booting using Legacy and UEFI booting. I followed the DHCP guide here Legacy worked however UEFI was not working. I double checked on the WDS server for the 67 Option with a file share and in

\\%IPOFSERVER%\reminst\Boot\x64

wdsnbp.com existed but no wdsmgfw.efi

Running a rebuild of the boot files also did not fix this for some reason , in the end I copied the file from : 

\\%IPOFSERVER%\c$\Windows\System32\RemInst\boot\x64

and it resolved the issue

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)