How to backup VMs

/0 Comments/in /by

 

If you are looking to backup virtual machines of Hyper-v or VMWare and looking for a free software to do it, you might want to consider Veeam (www.Veeam,com).  One of the features that wont be available since you will be using the free edition is being able to schedule backup Jobs from within Veeam.  The free edition will allow you to run backup on demand if that is what you are looking for.

You can schedule backup jobs using Powershell and Windows schedule task.  We will post an example on how to do that in the coming days.

How to build HTTP and HTTPS polices to use Webblocker and deny access based on Source IP Network/address or IP range

/0 Comments/in /by

This is a quick published article that doesn’t include much detail but will give you very helpful hints.

WatchGuard uses Proxy settings to achieve such resolution. WatchGuard can act as a proxy to intercept HTTP/HTTPS requests in order to allow or deny access to sites based on source or destination networks or ports according to Policies built on it

When you choose to create a new policy in WatchGuard, you can choose it to be a packet filter (normal non-proxy rule), or a proxy policy. Now, create an HTTP-Proxy rule that includes that source network you want to apply the web-blocker to. Build another HTTPS-Proxy rule and apply it to that network, the same way. Then you can build two HTTP and HTTP (non-proxy rules, i.e packet filter) above them to allow other networks to bypass proxy policies that web blocker depends on. In the source network address of the non-proxy rules list only the networks that the proxy won’t apply to.

Now, instead of using a Web browser to access and manage the WatchGuard XTM/UTM admin portal, download and install WatchGuard System Manager… It’s much easier to work with and build the rules/policies what you want to.

After that, login in using the WatchGaurd System Manager, and from Tools menu click on Policy Manager to launch it. From Policy Manager click on Subscription Services, then WebBlocker and activate it.

HP EliteBook Screen issue

/0 Comments/in /by

HP EliteBook 8440P Screen Flickers – Ambient Light Sensor:

 

Had this laptop with Windows 7 and sent twice to HP to fix and replace the display and every time it came back I had the same issue with the screen flickering. The following seems to have fixed it.

1- Download and apply the latest HP drivers and BIOS updates from HP website for the HP laptop.

2- Important: Run Windows Updates to download and install any available video driver (in my case it was nVidia).

3- If that does work, reboot laptop and boot to BIOS and disable Ambient Light Sensor.

4- You might also need to disable power management of the screen and prevent it from going to sleep.

If you find this article helpful, please send us a note to Mike@bostonIT.com so I can keep on adding quality hands-on articles.

Backup Exec VSS Error

/0 Comments/in /by

Windows Server 2008 R2 – Backup Exec 2010 / 12.5 – AOFO: Initialization failure on: “\\SERVER01\Microsoft Information Store\Information Store”. Advanced Open File Option used: Microsoft Volume Shadow Copy Service (VSS). V-79-10000-11226 – VSS Snapshot error. The Microsoft Volume Shadow Copy Service (VSS) snapshot provider selected returned: “Unexpected provider error”. Ensure that all provider services are enabled and can be started. Check the Windows Event Viewer for details.

Scenario:

Windows Server 2008 R2 – Symantec Backup Exec fails backing up Exchange Server. The following error is recorded in Windows System Log:

Log Name:      Application
Source:        VSS
Date:          8/15/2013 6:34:55 PM
Event ID:      8193
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      Server01.Domain.local
Description:
Volume Shadow Copy Service error: Unexpected error calling routine Cannot find 
anymore diff area candidates for volume \\?\Volume{f6cd5a9b-04cf-11e1-b482-5cf3fc2b627f}\ [0].  
hr = 0x8000ffff,  Catastrophic failure. 

Operation:
   Automatically choosing a diff-area volume
   Processing EndPrepareSnapshots

Context:
   
Volume Name: \\?\Volume{f6cd5a9b-04cf-11e1-b482-5cf3fc2b627f}\
   Execution Context: System Provider
Event Xml:
Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"
  System
    Provider Name="VSS" 
  EventID Qualifiers="0"8193
 2
 0
    Keywords0x80000000000000 Keywords
    TimeCreated SystemTime="2013-08-15T22:34:55.000000000Z" 
    EventRecordID316735 /EventRecordID
    Channel Application Channel
    Computer Server01.Domain.local/Computer 
  EventData
Cannot find anymore diff area candidates for 
0x8000ffff, Catastrophic failure


Operation:
   Automatically choosing a diff-area volume
   Processing EndPrepareSnapshots

Context:
   Volume Name: \\?\Volume{f6cd5a9b-04cf-11e1-b482-5cf3fc2b627f}\
   Execution Context: System Provider
    2D20436F64653A20535052414C
4C4F4330303030313137342D2043616C6C3A20535052414C4C4F4330
303030303739302D205049443A202030303031343838342D205449443A20203
0303030393234302D20434D443A2020433A5C57696E646F77735C5379737
4656D33325C737663686F73742E657865202D6B2073777072762D20557365723A204E616D653
 A204E5420415554484F524954595C53595354454D2C205349443A532D312D352D313820 Binary
  EventData
Event

Resolution:

Took me a while to figure it out. The error was happening to me because the Shadow Copy setting for C:\ was set low for VSS to operate. Increasing that disk space fixed it! Right click on C: drive, Properties, Shadow Copies, Highlight C:\ (Even though shadow copy might be disabled),click Settings –> Under Maximum size, change it to a bigger size., I set it to 300G to test it and that worked for me.

If Exchange Stores are located on a different drive, adjust that drive shadow copy setting.

If you find this article helpful, please send us a note to Mike@bostonIT.com so I can keep on adding quality hands-on articles.

Windows 8 to 7 Downgrade

/0 Comments/in /by

Downgrading Windows 8 to Windows 7 Freezes and hangs – How to install Windows 7:

Scenario:

I had a brand new HP ProBook 4440s Laptop that came preloaded with Windows 8. Customer wanted to downgrade it to Windows 7 x64 but during the very initial steps of the Windows 7 installation, the Windows installation screen would freeze and it wouldn’t go on:

Resolution:

That was basically a BIOS UEFI setting. Reboot PC and go to BIOS, go to System Configuration, Boot Options and change setting there to “Legacy” mode. Change setting, save and reboot. That should fix it. Try installing Windows 7 again and it should work this time.

If you find this article helpful, please send us a note to Mike@bostonIT.com so I can keep on adding quality hands-on articles.

 

Cisco RV082 Config Example

/0 Comments/in /by

Example: Cisco RV082 One To One NAT – Access Rules Example

Example:
Public IP Address: 75.75.75.75
Private IP Address: 192.168.1.10

In this example we will NAT 192.168.1.10 to 75.75.75.75 and open up TCP Port 23 (Telnet) to the inside host from outside.

– Login to the Cisco RV 082 through the browser
– On the left click on Setup then One-To-One NAT
– Click Enable One-To-One NAT. In the Private Range Begin: fill in 192.168.1.10. In the Public Range Begin type 75.75.75.75. In the Range Length type 1. Click Add to List. Click Save.

Click on Firewall on the left.. Click Access Rules. Click Add.
For Action click Allow
For Service choose TELNET TCP 23-23
For Log: choose the option you want
For Source: choose the outside interface of the Router. In my case it is WAN 1
For Source IP: Choose ANY (if you would like it to be available to anyone on the Internet
For Destination: Choose the Inside IP address of the NAT 192.168.1.10 (NOT The Public IP Address)
Click Save

Now create a new rule to deny any other access to the NAT’d host:
Click on Firewall on the left.. Click Access Rules. Click Add.
For Action click Deny
For Service choose Any
For Log: choose the option you want
For Source: choose the outside interface of the Router. In my case it is WAN 1
For Source IP: Choose ANY (if you would like it to be available to anyone on the Internet
For Destination: Choose the Inside IP address of the NAT 192.168.1.10 (NOT The Public IP Address)
Click Save

If you find this article helpful, please send me a note to Mike@bostonIT.com so I can keep on adding more hands-on knowledgebase articles.

Exchange 2010 Testing the OPTIONS command

/0 Comments/in /by

Exchange 2010 Testing the OPTIONS command failed – Activesync:

Last week we deployed a new Microsoft Exchange 2010 Server on a Windows 2008 R2 Domain Controller (We know! it’s not recommended but due to the client’s budget constraints we had to do it and it worked just fine). We purchased and installed an SSL certificate on IIS 7 for OWA. We created a redirecting script to re-direct http://webmail.domain.com to http://webmail.domain.com/OWA so people would have a shorter link to type to take them to OWA.
Read more

Symantec Backup Exec backup to USB Disk

/0 Comments/in /by

Symantec Backup Exec backup to USB Disk – 546 The log file sector size does not match the sector size of the current volume – Microsoft Exchange Information Store (IS) using Granular Restore Technology (GRT).

Scenario:

You are backing up Exchange 2007 Information Store running on Windows Server 2008 R2 with Symantec Backup Exec 12.5 and you have selected to use Granular Restore Technology (GRT) in order to be able to restore individual mailboxes and email items. Backup is failing with the following error:

Backup- \\Email-Server\Microsoft Information Store\First Storage Group V-79-57344-759 – Unable to complete the operation for the selected resource using the specified options. The following error was returned when opening the Exchange Database file: ‘-546 The log file sector size does not match the sector size of the current volume. ‘

Solution:

In my case I was backing up MS Exchange server into a 3T Byte USB disk that had Bytes Per Sector format of 4096, while Exchange was on a server with Bytes Per Sector disk of 512… The backup software didn’t like that! My solution was to use a 2T Byte USB disk which by default had the same 512 Bytes Per Sector matching the Exchange Server disk.

To find out the Bytes Per Sector for Exchange server disk, type the following on the Exchange server:

fsutil fsinfo ntfsinfo c:

To find out the Bytes Per Sector on the USB disk, type:

fsutil fsinfo ntfsinfo F: (assuming that F: is the USB disk drive),

The following article has more workarounds:

http://www.symantec.com/business/support/index?page=content&id=TECH50820

If you find this article helpful, please send us a note to Mike@bostonIT.com so I can keep on adding quality hands-on articles.

Reset Juniper Firewall Admin Password

/0 Comments/in /by

How to Reset Juniper Firewall Admin Password – Reset to Factory Default – Forgotten password:

Scenario:

You have a Juniper SSG-140 firewall appliance that you’ve forgotten the admin password. You don’t have any other user to login with. You have a backup of the SSG-140 configuration.

Resolution:

The following instructions will reset the SSG-140 to factory default. Resetting ScreenOS to factory default will wipe out the whole configuration of the device and you need to reconfigure or restore configuration from backup.

METHOD 1:

1- Connect to it through Console/Serial.
2- Login with the serial number of the SSG as the username and password.
3- You will be prompted whether you want to reset the firewall to factory default.

Once it’s been reset, connect to Ethernet 0/0

http://192.168.1.1
Username: netscreen
Password: netscreen

Once have logged in, go to Configuration, Update, Config File and import the backup config file there. If you don’t have a backup config file, you will need to manually re-configure the firewall.

METHOD 2:

If you don’t have a console cable you can hard reset the Juniper firewall using the following instructions – This will also reset it to factory default:

Push and hold the pinhole on the Juniper. The status LED will turn to a blinking amber so KEEP holding, and when it turns to blinking green, release the pinhole. After 1 second, push and HOLD the pinhole again. The LED will turn to blinking red so KEEP holding until the status LED turns to solid amber or solid green, release right away and wait for the device to reset and come back – give it five minutes. Then connect to it as described above http://192.168.1.1

If you find this article helpful, please send us a note to Mike@bostonIT.com so I can keep on adding quality hands-on articles.

IP NAT and PAT Examples

/0 Comments/in /by

Network Address Translation:
 Cisco – IP NAT and PAT Examples:

Example 1:

  • Allow all outgoing traffic
  • PAT local network as 100.100.100.100
  • Allow incoming SMTP traffic (TCP Port 25) to 192.168.1.5 that will be NAT’d as 100.100.100.101
  • Default Gateway 100.100.100.102

!
Interface Ethernet0
IP address 100.100.100.101 255.255.255.248
Description Outside-NIC
IP nat outside
IP virtual-reassembly

Interface FastEthernet0
IP address 192.168.1.254 255.255.255.0
Description Inside-NIC
IP NAT inside
IP virtual-reassembly

IP route 0.0.0.0 0.0.0.0 100.100.100.102

IP nat pool nat-1 100.100.100.100 100.100.100.100 netmask 255.255.255.248
IP nat inside source list 109 pool nat-1 overload
IP nat inside source static tcp 192.168.1.5 25 100.100.100.101 25 extendable no-alias

access-list 109 permit IP 192.168.1.0 0.0.0.255 any

Example 2:
Example of Sub-Interface:

interface Serial0
no ip address
ip nat outside
ip virtual-reassembly
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
frame-relay lmi-type ansi

interface Serial0.1 point-to-point
ip address 100.100.100.1 255.255.255.252
ip access-group 109 in
ip nat outside
ip virtual-reassembly
frame-relay interface-dlci 500 IETF
crypto map myvpn

If you find this article helpful, please send us a note to Mike@bostonIT.com so I can keep on adding quality hands-on articles.