Today, a small blog post about a real-world headache I had with Fedora and public WiFi hotspots in hotels or venues. If you work remotely a lot like me, you find yourself hopping from Wi-Fi to Wi-Fi: hotels, airports, event locations; basically anywhere but your regular desk. Connect to Wi-Fi, get dumped onto a portal page, accept the policy (or sign in), and only then can you actually get online. ...
Ok, one of our pfSense in Production just did it again, greet me with a friendly “Unable to check for updates”. My first suspect was DNS again, but after checking all resolvers can resolve the firmware.netgate.com domain without any issue. Next Step to try was in cli if the Package manager itself became a zombie or stuck somewhere. What is interesting is that it gave a response that was not expected. ...
Hey, just a heads-up that this content is based on an automatically imported version from our old CMS. If the formatting isn’t perfect, I’m sorry about that. If you change your CPE (Consumer Placed Equipment) like Modem or Router from your Providers thingy to your own Router you may face the problem that it is not working as intended. Some Providers, especially on some GPON Fiber, using Tagged VLANS. This is also very common for some DSL Providers using PPPoE. So in case you want connect e.g. a pfSense as your main Router, without bridging the existing CPE unit, you need to set it up first – no plug an play DHCP and done. ...
Hey, just a heads-up that this content is based on an automatically imported version from our old CMS. If the formatting isn’t perfect, I’m sorry about that. I’m a fan of pfSense. If you use it too, you may noticed the recent change in recommended local domain names from previously *.local into *.home.arpa, here is the relevant redmine entry. The topic has also been discussed here and there recently, which is a good thing. ...
Hey, just a heads-up that this content is based on an automatically imported version from our old CMS. If the formatting isn’t perfect, I’m sorry about that. If you look at the Windows command prompt from a network perspective, Linux has better “weapons” to offer. Often it’s the little things that frustrate me with Windows from time to time. For example, the DHCP client. In Linux it is sufficient to enter dhcpc -v to get a detailed logged output of what happened in the background with the DHCP. In Windows you can only rely on the presented Information, define some Log Actions or just wisely nod your head. ...
Hey, just a heads-up that this content is based on an automatically imported version from our old CMS. If the formatting isn’t perfect, I’m sorry about that. The Background Yesterday Netgate made a big leap into a new version branching for pfSense with pfSense plus. Instead of having 2.45, 2.5 versioning, there is now a partly proprietary pfSense+ build using Month/Year Versions for all Netgate-owned devices and optional bought subscriptions. The new Versions are YY.MM.VV, so 21.02 is the first one. ...
Hey, just a heads-up that this content is based on an automatically imported version from our old CMS. If the formatting isn’t perfect, I’m sorry about that. Just a tiny post about my home Internet Connection. I use a Vodafone, former Unitymedia, CableMax 1000 home connection. That’s a Gbit Coax line with 50 Mbit upstream. Problem at the beginning of the new 1G Tarif there where several Problems regarding IPv4 / IPv6 – either you got a IPv4 only connection or something like DS-Lite or a SLAAC IPv6. I quickly figured out there is a way to change your contract and let them enable “Dual Stack”. ...
Unifi L3 Adoption Recently I installed a lot of new Unifi Sites in local Schools, due to Corona the demand of a working Wifi in School Environments boosted. Most sites we Setup run their Network split to different VLANs, so a simple Layer 2 Adoption is not always possible. But Unifi Controllers luckily have a way to solve this possible adoption issue. So I got used to set both, DHCP Option 43 and unifi DNS name on each site, no matter if VLAN (L3 Structure) or a flat L2 Network. I just set the Options and done. ...
Hey, just a heads-up that this content is based on an automatically imported version from our old CMS. If the formatting isn’t perfect, I’m sorry about that. TL;DR HoneySIP is a SIP Honeypot Blacklist for use in Firewalls to Block SIP Crawlers and Bruteforcer. All IPs coming from own SIP Validating Honeypots at several servers. If you run a Server accessible over the Internet you will quickly find a lot of “interested” Eyes on it, especially if it is a VoIP System using SIP on default udp/5060. In an Ideal World this system would never be exposed to the Internet – but if you have a PBX which need to be accessible by a lot of remote workers and know how critical SIP/RTP can be you want to avoid forcing SIP over VPN. ...
Hey, just a heads-up that this content is based on an automatically imported version from our old CMS. If the formatting isn’t perfect, I’m sorry about that. Cause I’m not „blogging“ regularly on this page I just want to post more things in a “Today I learned” fashion. Specially if you work on/at Events and IT there are a lot of things which leave you puzzled questioning thing and forcing you to find solutions “RIGHT NOW”. While others in normal IT Ops have time to test things, Event-IT things are often MacGyver jobs. Working on a remote unknown site with other people’s IT Infrastructure and take what you get, at the end nobody cares – it need to work. ...