@hobbit666 said in Port scanning tools:

@travisdh1 said in Port scanning tools:

That's really just nmap. Nothing wrong with using it, it is the official GUI frontend for nmap.

Yeah but saves me learning nmap commands 😆

That too. I use nmap a lot from the command line, but I'm normally running a standard scan (no options, just nmap xxx.xxx.xxx.xxx) or looking for a specific port nmap -p 443 xxx.xxx.xxx.xxx covers 90% of what I use it for.

So Free/Busy would work on a federated level and you can actually use the schedule assistant from another Office 365 account to see that however that is all you will get. That said the user will need to send an invite regardless. There is a Uservoice on this
https://office365.uservoice.com/forums/273493-office-365-admin/suggestions/36486493-allow-calendar-updates-for-external-users

There are other options like setting up a calendar in Sharepoint and external users can do that.
https://support.microsoft.com/en-us/office/create-a-team-site-in-sharepoint-ef10c1e7-15f3-42a3-98aa-b5972711777d?ui=en-us&rs=en-us&ad=us

You can also use this enterprise app in Office 365 as well
https://techcommunity.microsoft.com/t5/microsoft-bookings-blog/you-can-now-do-more-with-microsoft-bookings/ba-p/298461

Phew! Busy couple of days for me. Sorry for the late reply.

OK, so the setup is as @JaredBusch assumed. VPN on the Laptop only. Split tunneling was not enabled and now it is. Problem solved for now! DuckDNS is reporting the correct home IP. No need for VPN on the phone or PBX.

Good call @Dashrender

@scottalanmiller I'm still going to checkout the possibilities of OpenVPN though. Just in case I need it in the future.

Thanks guys. Have a great weekend.

@fuznutz04 said in Site to Site VPN - not passing audio traffic properly:

This one was interesting to get to the bottom of. @JaredBusch With the VPN tunnel enabled, the phone system was trying to send RTP to the phone on the internal IP. There is a setting in FreePBX on the extension level called "RTP Symmetric". Normally, this is set to yes. I changed it to no and the audio started flowing normally. However, I didn't like this solution. So, as a test, (and what I should have done from the beginning) I blocked all outbound traffic FROM my phone system, to any local network. (10.x, 172.16, 192.168, etc) This immediately solved the issue. I did not yet do a packet capture AFTER the fact to confirm, but I am assuming that blocking the PBX's ability to get to an internal private IP, forces the system to renegotiate and send the RTP to the correct public IP.

Definitely an odd issue.

nice you found a solution - I'm curious why it happens in the first place? Are some of the original phone's packet data still containing the original IP? And if so, why?
Are you using encrypted RTP?

@dbeato said in Web filtering for SMB:

I have continued to use Untangle, Pi-Hole and Yes NGFW as well. So it depends what you want to use, if DNS you know people can circumvent them outright but it is all up to you.

He said his goal was accidents. DNS filtering is perfect for accidents.

@Dashrender said in Remote Access for home user:

@manxam said in Remote Access for home user:

@fuznutz04 : Keep an eye out for the "hidden" hibernate that doesn't show up under "Plan settings" (only sleep and display). I've seen multiple systems that have "Hibernate after" configured under "Sleep" in the advanced settings as default.

There's also the problem where some systems become broken and once a system goes to sleep, it will continue going to sleep no matter what after something like 2 mins of non use. Rebooting fixes it, until it goes to sleep again... there is a fix somewhere in these threads too, reg fix.

Hahah, yeah. I was part of that thread too having been bit by it myself. Thankfully I haven't seen that behaviour in over a year.
Your thread : https://mangolassi.it/topic/18166/windows-10-goes-to-sleep-outside-listed-sleep-times
My thread : https://mangolassi.it/topic/17731/windows-10-ignoring-display-sleep-inactivity-settings

OK, we have success!

Steps to resolve:

On the DC I was having issues with at the main site, I stopped the KDC Service (Kerberos Key Distribution Center Service)

Then I ran this:

NETDOM RESETPWD /Server: <Domain Controller Name> /UserD:<Domain Admin Username> /PasswordD:<Domain Admin Password> Rebooted the server.

After this, all of the strange event viewer errors in the DNS log, AD log, etc were gone. I can now successfully replicate across sites as well as join PCs to the domain. I'm not sure why this happened in the first place, but this fixed it.

Thanks for all the help!

@scottalanmiller said in Internet connection sharing:

@fuznutz04 said in Internet connection sharing:

@scottalanmiller said in Internet connection sharing:

I think that the key thing here might be in interpretation of the language.

"We have another business in the building" could mean that they own two companies and those two "companies" are sharing a connection. We might use that terminology for two divisions that do different things but legally can share a connection no problem.

Or it might be some random business that just happens to be in the same building that is trying to not pay for their own Internet, in which case this is a big problem.

Everyone is assuming the second, but I had read it assuming it was the first. But both are just assumptions, to know what the best options are and what is an option really requires understanding that.

Wow, I am terrible at following up with posts in a timely manner....

Yes, it is the first. So you assumed correctly. So I think we are all set with just breaking out the connection via a switch after the modem.

Thanks!

If it was me and it was two companies that I controlled, I'd use an EdgeRouter Lite, it has one WAN in and two LAN out. That way I'd have central control. Make that control owned by the "parent" organization. Then have each place have their own switches after that point. But only one router.

This is also how I would do it. There would only be one company in control of the one router.

nmap is so much lighter and faster than other tools, too.

@scottalanmiller said in UNMS Cloud:

@JaredBusch said in UNMS Cloud:

Nothing is free, so I am curious, and have not been able to find, what they get out of this.

Loss leader. Netgear already does this, so lacking it meant being behind their competition.

I know you love Netgear, but they are not competition to me. I never consider them.

I wrote this a long time ago. It was to run on my EdgeRouter but I also mention how you can use it with another internal device.

https://hooks.technology/2017/08/dyanmic-dns-with-cloudflare/

Obviously this assumes you're using Cloudflare.

Generally, for most use cases, just having two servers and good backups is the best option. If you have a greenzone, turn your VMs off, do your updates, turn them back on.

Updates essentially never cause issues. Not on hypervisors (at least not on KVM/Xen.) Putting in a lot of complexity, cost, or risk to mitigate a shark attack isn't worth it. You will focus on a false risk.

@pirho99 said in ISP & VoIP woes:

If someone in the neighborhood is using MoCA, you could put this adapter on the business' incoming cable line, before the first split or amplifier. It would block their interference. link

This won't make any difference though - because the signal has to leave the building, i.e. go where the line noise is, to get out to the rest of the world... so the problem would still be there.

@Obsolesce said in Wordpress Theme Recommendations:

@scottalanmiller said in Wordpress Theme Recommendations:

@Obsolesce said in Wordpress Theme Recommendations:

@Dashrender said in Wordpress Theme Recommendations:

We use DIVI - but I'm not saying it's good or bad as I've never used another.. or WP plain.

DIVI?

Divi purports to be the most popular theme on WP. It's definitely popular and seems to do a lot and has decent licensing rules. But is pricey, too.

Oh, I googled it and seen so many other things lol. I haven't heard of it before so I wasn't sure what I was looking for.

it adds a ton to WP - including a wsyiwyg editor (if you want to use it), etc..

@scottalanmiller said in FusionPBX - 2020:

@JaredBusch said in FusionPBX - 2020:

The developers use Debian. So use that.

This is my general rule. unless they use something insane or unnecessarily expensive, I do this above all other things.

For packaged systems like a PBX.

For other things like web apps. I tend to put them on Fedora (my chosen OS), no matter what the dev team uses.

Looking at you Nexcloud.

I will also chime in and say that Udemy is great. I have been very impressed with how thorough the content for the courses I have purchased has been. Definitely worth the money if you ask me.

Not sure anyone mentioned HostiFi. You can get a free account for a single site.

https://hostifi.net

@stacksofplates said in Automated Provisioning - KVM & CM tools:

@fuznutz04 said in Automated Provisioning - KVM & CM tools:

@stacksofplates said in Automated Provisioning - KVM & CM tools:

Terraform will do this and I have an Ansible role to do it also.
As @IRJ mentioned Vagrant will work also. However I feel Terraform is a better fit as you have more control over the specific pieces of your infrastructure.

You would still prefer Terraform over Ansible for this as well?

Yeah. My role can create the VMs, but Terraform had more functionality for that. Ansible overlaps in the infrastructure provisioning space a lot, but it lacks keeping states like Terraform does.

I'd like to learn both. I just started with Ansible a day or two ago. I have been (and still am) using SaltStack.

@JaredBusch said in LVM Partition resize:

@fuznutz04 yes, I did exactly that.

Then whenever things got full again, I was able to simply drop/create the one table without stopping anything.

Well, looks like I know what i'll be doing tonight.

Been using Wasabi for several months now. Was using AWS S3 for several years prior. Haven't had any issue with Wasabi. Using the same tools, as it is S3 compatible.