@Dashrender said in Pfsense to Meraki Site-Site Ipsec VPN:
At what size network do you normally turn on BGP?
Pretty much any time you have multiple routers & subnets. BGP is to routing what DHCP is to Up addressing (kinda). With static routes every device has to be setup manually with every network which is insane. With BGP and Autonomous system numbers it's automated and less likely to have mistakes.
@JaredBusch said in Windows Server 2016 Pricing:
@coliver said in Windows Server 2016 Pricing:
Out of curiosity, and not trying to rub any more salt, what's the reasoning behind having exchange on-site still?
As a municipality, if the police department is on this server, that is the reason.
Exchange Online is not legally allowed for any organization that is required to meet ... and my mind just blanked on what the acronym is for police investigation chain of evidence compliance.
State level is VCIN (for Virginia) Federal is CJIS. Heck CJIS required a diail/t1 modem for it's Java based program until not too many years ago they started allowing Juniper Hardware Tunnels for the dispatch computers.
You could do hybrid exchange, onsite for PD, 0365 for normal departments.
@scottalanmiller said in Windows Server 2016 Pricing:
@crustachio said in Windows Server 2016 Pricing:
We have looked at hosted, but the cost is quite high.
Do Government entities get a discount? I know non-profits get it for free.
When I worked in Government there was a major discount. Closed to 50% off.
@JaredBusch said in Windows Server 2016 Pricing:
What does "operating system environments" actually mean?
I would assume it means 2 Windows Server VMs.
Yes. Same as it's always been. though with Containers you can do Process virtualization and save money.
Pricing really hasn't changed that much. Just the licensing has. If you were licensing properly before with up to 4 CPUs and 8 Cores the costs will not go up.
BGP wasn't advertising correctly on some of the routers in their network.
MPLS is most likely using BGP and advertising the networks. a VPN needs a Phase 2 entery for every network (or a superscope that covers it). VPNs also need proper firewall rules compared to MPLS which is usually treated as trusted.
@Mike-Davis said in Ubnt NVR more than 50 cameras:
@Jason said in Ubnt NVR more than 50 cameras:
Just go with an Axis system
Why Axis? This is an honest question. I have set them up before, but a vendor gave us the cameras, so the cost of the cameras wasn't an issue. They also gave us a license of some software that I don't really care for. The camera's were nice, but seems like they cost way more than Ubiquiti.
Axis is all around a much better system. Ubiquiti stuff is fine for very small deployments but I wouldn't use it for something of this size
Helping someone with this one. I got the VPN Tunnels up. I can ping the local IP address of the router/VPN box on both ends. However I can not ping anything else on the lan. Both ends firewalls are set to allow any.
Unrelated how's unlock compare to adblock plus since it's now putting out it's own ads
Network Administrator or Desktop Support Techician, or ERP Analyst, Hepldesk Technician?.. Actually other than the title I see no networking..
We Have Sophos Enterprise here. Webroot actually uses the Sophos AV Engine. It's the consumer/small biz version of Sophos.
@Minion-Queen said in Microsoft Activations:
Still the leaked key can be from a VL. There are shady companies that will by VL and sell the key off to fit in their VL amount.
Yes, but pretty much the only way ours could get out is if SHI reps went rouge... oh wait one did get fired a few weeks ago. haha
@hobbit666 said in Microsoft Activations:
I've had a few Laptops (Lenovo) pop up saying they are no longer genuine, my guess was a key has been leaked and block by M$
These are all Volume licensed
Anyone ever had microsoft void all your keys, give new ones and force all your products to deactivate so you can re-activate with more current numbers? it's the dumbest thing ever. we found out this morning, and shortly after all MS products crying that they are not genuine.
We just got through with an Audit we passed 4 months ago so it doesn't make any sense to me.
Changed
# Check if extracted device info matches 'iPhone OS'.
if grep -q 'iphone_os' $tempfile; then
#echo 'Bingo!';
_extract_device
to we shall see if that does it.
if grep -q '*' $tempfile; then
#echo 'Bingo!';
_extract_device
so with LanMarshal It's filtering down to Apple devices hence why it didn't work for me. I just need to figure out what to edit here.
#!/bin/sh
#
# This script extracts mobile devices from a Nmap scan. This version recognizes
# Apple devices.
#
# copyright 2013 Artelsys.com
#
#
# Redistribution and use of this script, with or without modification, is
# permitted provided that the following conditions are met:
#
# 1. Redistributions of this script must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Global constants and variables
dumpfile="/home/app/servers/dump.txt"
tempfile="/home/app/servers/temp.txt"
result="/home/app/servers/result.txt"
# It ...
#
function _extract_device() {
# Extract relevant fields
MAC=$(grep -n -m 1 "MAC Address" $tempfile | awk -F " " '{print $3 }')
IP=$(grep -n -m 1 "Nmap scan report" $tempfile | awk -F " " '{print $5 }')
DEVICE=$(grep -n -m 1 "Device type:" $tempfile | awk -F " " '{print $3 " " $4 }')
OS=$(grep -n -m 1 "Running:" $tempfile | awk -F " " '{$1=""; print }')
OS_CPE=$(grep -n -m 1 "OS CPE:" $tempfile | awk -F " " '{$1=""; $2=""; print }')
OS_DETAILS=$(grep -n -m 1 "OS details:" $tempfile | awk -F " " '{$1=""; $2=""; print }')
# Remove leading white spaces
OS=$(echo $OS | sed 's/^ *//g')
OS_CPE=$(echo $OS_CPE | sed 's/^ *//g')
OS_DETAILS=$(echo $OS_DETAILS | sed 's/^ *//g')
echo "$MAC;$IP;$DEVICE;$OS;$OS_CPE;$OS_DETAILS" >> $result
}
# It ...
#
function _extract_block() {
# Extract the block and copy it to
sed -n '/Nmap scan/,/Network Distance/p;/Network Distance/q' $dumpfile > $tempfile
lines=$(wc -l < $tempfile)
#sed q $tempfile
#echo "$lines lines have been extracted."
# Delete the extracted block from input file
while [ $lines -gt 0 ]; do
sed -i "1d" $dumpfile
let lines=lines-1
done
# Check if extracted device info matches 'iPhone OS'.
if grep -q 'iphone_os' $tempfile; then
#echo 'Bingo!';
_extract_device
fi
}
# -----------------------------------------------------------------------------
# Main program
#
# -----------------------------------------------------------------------------
# Delete file containing list of detected devices
if [ -e "$result" ]; then
rm $result
fi
touch $result
# Clean up the file by removing the two first lines and the empty lines
sed -i '1,2d' $dumpfile
sed -i '/^$/d' $dumpfile
# Extract the 'Nmap' blocks and store detected mobile into database
# echo "extracting Nmap blocks ..."
# Do until all the blocks are extracted
size=$(wc -l < $dumpfile)
while [ $size -gt 3 ]; do
_extract_block
size=$(wc -l < $dumpfile)
done
exit 0
IMO it should have just had a ARM based chip already in it. not require people to get a raspberry pi for it.