@scottalanmiller Thank you sir. Your and everyone's input is valued and appreciated.

@Pete-S said in Raspberry Pi 4 as thin/fat client:

@Emad-R said in Raspberry Pi 4 as thin/fat client:

@Pete-S

Hey if your bussiness can use LibreOffice, you dont need MS Windows. Or google Docs, basically if you can do your job via terminal and web browser you have alot of options and freedom

Thanks Emad but I'm not the one looking for VDI solutions. I just wanted to share my test with the raspberry pi 4 is it might be interesting to use as a thin client.

Something extra nice about an RP4 as a thin client is that it has the power to run things locally too. I know lots of people who use them as a fat clients. Being that cheap and dual purpose is great.

@JaredBusch said in Incoming Call Issue:

@VoIP_n00b said in Incoming Call Issue:

Running FreePBX v14... No resent changes made, except to change the name on an extension.

When some calls in, and let's say they dial 555 then end up getting 511, 511 can then forward the call to 555 no issue, but I have no idea what is causing this.

Because they released a horrible fucking update to IVR.

Edit your IVR and set strict dial time out to No - legacy

That fixed it! Thank you so much!!!

@JasGot said in Cost Pros and Cons for VDI in DataCenter:

Thanks. This will be good to make sure I don't miss any high points to demonstrate why it is a bad idea for this particular business.

The main "bad" is the complete lack of any benefits.

That's the real crux... absolutely zero reason to even consider it. Tons and tons of negatives, and what seems like no positives.

@JaredBusch said in Taking over IT for a small business:

@scottalanmiller said in Taking over IT for a small business:

@JaredBusch said in Taking over IT for a small business:

@scottalanmiller said in Taking over IT for a small business:

@Dashrender said in Taking over IT for a small business:

LOL - If I were the boss, I could do that. She has already ordered me to remove her from the monthly updates - so I have to nag her to do those manually, they can't be pushed to her via WSUS, because of reboots.

Make sure you have a "get it in writing to remove HIPAA requirement automation."

OH, good one.. She's breaking HIPAA by not being updated.

Over a certain time frame, yeah. 🙂 That's going to be the big motivation here. Maybe he should even go to the owners and say "as you title me an IT decision maker, I meed a sign off to allow disregarding the law and a statement that I'm not allowed to follow HIPAA against my requirements, knowledge, and recommendations." Don't argue it, just make them state that they've accepted responsibility by demanding he not follow HIPAA.

But since automatic is disabled, he has no insight to know the time frame is being kept. So yeah.

Right, even if she promises to do it as HIPAA requires, he needs to be indemnified from that.

Here is the complete list of required ports.

@Carnival-Boy said in Learning Python from Microsoft:

I'm planning on learning Python to help my son who is studying it at school (with a useless teacher).

Python 3 is definitely the best option for learning. My kids have had some luck using the learn online free tools out there.

@Dashrender Confirmed, our MailCow is using ActiveSync to my phone, works beautifully.

@Pete-S said in How do I install gparted on RHEL 7.7 with GUI?:

@JaredBusch said in How do I install gparted on RHEL 7.7 with GUI?:

@Pete-S yum install epel-release absolutely should work.

If I understand correctly yum install epel-release only works on CentOS, not real RHEL.

It was a fresh install too from rhel-server-7.7-x86_64-dvd.iso

Ah, you are correct. I skimmed the RHEL bit. Totally my bad.

Nope.

####################################################################################### ## Network Internet ## ####################################################################################### static.network.ip_address_mode = static.network.span_to_pc_port = static.network.vlan.pc_port_mode = static.network.static_dns_enable = static.network.pc_port.enable = static.network.primary_dns = static.network.secondary_dns = static.network.internet_port.gateway = static.network.internet_port.mask = static.network.internet_port.ip = static.network.internet_port.type = ##V83 Add static.network.preference =

Just installed 19.10, 120MB

@Pete-S said in Can I use the first IP in a subnet, for instance 192.168.0.0?:

OK, I did some more research and made some test. I believe most people got this one wrong and for reasons that are historical.

Assume we have the network 192.168.1.0/24.
Subnet mask 255.255.255.0. The address range is 192.168.1.0 to 192.168.1.255.

192.168.1.0 is a valid host IP - contrary to what most people believe.
192.168.1.255 is reserved for directed broadcast.

Why?

An IP like 192.168.1.0 used to be excluded from use by a host in the past. This was obsoleted in conjunction with the introduction of classless subnets, CIDR. Mentioned in 1995, RFC 1878, which also obsoleted something related, which was the exclusion of certain subnets called subnet zero and the all-ones subnet.

In the past IPs like 192.168.1.0 has also been used as a broadcast address but that practice is also obsolete. RFC 1812 (also 1995) states that 192.168.1.255 should be used for directed broadcast in the 192.168.1.0/24 network and that 192.168.1.0 is forbidden to use for that purpose.

Problem when something becomes obsolete is that you still have old equipment, old protocols and old habits in use. So it takes many years before you can actually stop doing certain things that were needed in the past.

To test the state of things today I spun up some VMs. I used 172.16.0.0/24 as my network.

No problem setting 172.16.0.0 as IP address on CentOS or Debian for example. Everything works as you would expect.
centos_network_addr.png

You could however see some remnants of the past, like this:
broadcast_ping.png
As mentioned above, it was a long time since that was considered a broadcast address.

Windows 7 was however another story. You can't enter 172.16.0.0 as a valid IP address in network settings. But you can do it on the command line with netsh. And then it shows up as expected. Network works as expected too.
win7_network_addr.png

So all in all, it is technically OK to use the first IP as an host IP. It's not reserved anymore and hasn't been for more than two decades. Protocols that used that IP for broadcast or reserved for the network address are not in use anymore.

The biggest risk is probably to run into applications where they on purpose don't allow you to enter a specific "invalid" IP address.

That said, it would probably be very confusing for most people.

I would assume in a /24 network to not use x.x.x.0 when there are other networks, but in a bigger network, perfectly fine since it's inside the network range.

@mroth911 said in Routing port 80:

So is there any services that I can use, or do I have to build a server? or what can I do to simplify the process.

An external service can't help because you need to direct the traffic once inside your LAN. You just need a reverse proxy, like Nginx, running somewhere and all port 80 pointing to that, and it in turn pointing to the internal resources. So it can be a dedicated server or shared with some other task.

Update: this is what I ended up with.
Route based VPN using this guide as a template.

Master site: 1x ER 12 + 1x ER 4
Sites A, B, C & D :1x ER4 each location
Colo: 1x ER4 & 1x pfSense (SM x10SDV-TLN4F+)

Well, it looks that it is actually FreePBX as part of the problem again with some stupid cron jobs.

And there is an issues with Moodle but I think that is more of an authentication issue and not actually a spam issue.

@WLS-ITGuy

Look good to me .

If you need to send emails from the box itself you need to open additional, but usually you rely on third party services for that like SMTP2GO or SendGrid and for that you dont need to open any additional ports.

I used to firewall port SSH but then i was like I would like to work on machines from anywhere, so I just enable strong SSH auth based security.

However both approaches will work, the thing is imagine if you want to connect on that machine on emergency, you have to go to the 74 IP or vpn to it.

@wrx7m said in IOPS for SSD?:

@travisdh1 said in IOPS for SSD?:

@wrx7m said in IOPS for SSD?:

@Pete-S They dropped the price to 1061.24 since I posted. lol Interesting. Yes, but that is a max of 12 nvme. I may have misunderstood that option with 8 SAS/SATA. I am guessing that the max of 12 would allow for more SAS/SATA, although it doesn't mention it. My issue was also with the available drive capacities and cost per TB for spinning disks in the 2.5" spec.

Yeah, especially direct from the OEM. Have you thought about buying the storage from xByte instead?

Are their drives brand new? I did price out a server with specs as similar to Dell's as possible and it was only off by a couple grand.

IMHO, I consider their drives are 99.9% brand new as its possible an OEM install was done on the drive or something like that. Plus testing of the drive by the OEM and xByte.

Their hardware is manufacturer refurbished, not used. Big difference.

If you can get a Dell ProSupport (w/w-out) Plus 7 year warranty on the server with the drives from xByte, it doesn't really matter if they are new or not. They are under warranty for 7 years and you have no worries.

@Skyetel said in VOIP.ms more secure:

SIP Trunking by IP is so much better than registration, we don't even allow you to register.

About a year ago, a customer came to us from one of our competitors that used SIP Registration. A hacker broke into his PBX, and instead of relaying all the calls through his PBX like they normally do, they got his SIP Trunking username & password for his carrier. They then proceeded to register half a dozen systems and burned through tens of thousands of dollars before the carrier realized something was wrong. They then forced him to pay the bill (which is why he quickly looked to move away to us).

I can rant all day about the pitfalls of SIP Registration, but I shall refrain 😛

Multiple failures in the scenario you listed. Anyone of those failures being not there would’ve made the entire thing not a problem.

@WrCombs said in How to Stop an Ongoing RAID Rebuild HP P420i RAID Controller:

we use Intel Rapid Storage - CTL +I on Boot gets you there? - Disclaimer I may be thinking of Software RAID rather than Hardware RAID - but It may be worth a shot to try..

Yeah, Intel Rapid Storage is the most prominent example of Fake RAID. So it is software.