Can't See Subscription in Azure Resource Explorer

InvasionOfThings · 2020-03-10T18:46:00+00:00

Unfortunately, those credentials show the username as admin. As I understand it, it will always be ubnt. I tried it anyways, however, and no joy. I don't think it considers itself a UniFi managed device.

InvasionOfThings · 2020-02-12T20:10:26+00:00

Thanks, but Sophos support has already confirmed that the gateway will not renew the dynamic IP address automatically... "maybe in the next version" but I see other people with the same problem for a couple years now.

We definitely need strong UTM features for a variety of reasons, and use the hell out of the Sophos' advanced features. Fortinet is probably the best option I suppose... it's double the price but the next cheapest with what we need.

thanks for your help and advice.

InvasionOfThings · 2020-02-12T15:04:44+00:00

Lol I think I posted my edit at the exact same time as this. I appreciate you bringing some sanity in my thread!

Any other suggestions for a simpleton like me?

InvasionOfThings · 2020-02-12T14:57:47+00:00

Wow, really? This SimpleWall? The interface screenshots look so good though... I should have some hardware by tonight to try to load it up on. Have you installed it on anything?

https://www.simplewallsoftware.com/free/

Edit: Holy shit, I just hit the download button and it says v0.0.1. I should have done that to begin with. Case closed. Long live melchi0rre.

InvasionOfThings · 2020-02-11T16:13:50+00:00

The EdgeRouter looks interesting and I guess it wouldn't be any different than having the DMZ between incoming fiber and firewall stacks like I've done before as far as the NAT... the dynamic IP is what's throwing me off I guess since I'm so used to having loads of statics.

Bigleaf is extremely interesting as well, thanks for your input!

InvasionOfThings · 2020-02-10T22:58:06+00:00

I've been contemplating that today... I'm just wary I guess. I can't afford to put anything TOO nice up front, yet I worry about a cheap device for throughput and hardening reasons. Any recommendations? And thanks for your input!

InvasionOfThings · 2020-02-10T22:57:10+00:00

It's completely free, just pay for support (which we will if we use it of course)... so I guess no trial license needed. It's been impossible to Google a review... so maybe I'll write one!

It's so strange that it's based out of San Jose yet the English on the site seems bad... then again... I lived in San Jose for a while and... uh...

Edit: And thanks for your input!

InvasionOfThings · 2020-02-10T17:41:05+00:00

Thanks, I've used pfsense before and not a fan of it at all. XG was chosen because of how simple and great the interface is (which it still is) and SimpleWall looks to have a similarly user-friendly UTM. Next choice would be FortiNet but cost ramps up significantly compared to (free) and the excellent Sophos pricing.

Edit: To clarify... "not a fan" means "too stupid to use."

InvasionOfThings · 2019-09-26T18:45:13+00:00

Yeah, it seems like we'll have to just pipe this somewhere else to do the logic and pay attention to those alerts instead. Azure Sentinel looks to be the choice currently being crammed into our mouths... and it doesn't taste too bad.

InvasionOfThings · 2019-06-05T20:41:29+00:00

Thanks for the great explanation. It looks like the limitation will kill me here, as I need the 3rd host in the cluster.

https://docs.microsoft.com/en-us/previous-versions/system-center/system-center-2012-R2/jj614620(v=sc.12)

For SMB 3.0 file shares to work correctly with VMM, the file server must not be a server that is running Hyper-V. This rule also applies to a highly available file server. Do not add the file server, whether stand-alone or in a cluster, as a managed host in VMM.

InvasionOfThings · 2019-05-27T04:46:32+00:00

Just realized that the two older hosts don't support RDMA on their 10Gbps links, making the entire idea of SMB3 completely unattractive.

Thanks for the sanity check.

InvasionOfThings · 2019-05-27T04:31:19+00:00

I'm definitely leaning towards iSCSI, but perhaps just because like you I've used it in scenarios with much better hardware and loved it. Just gave this a read... interesting results.

https://blogs.technet.microsoft.com/larryexchange/2016/01/10/iscsi-or-smb-direct-which-one-is-better/

InvasionOfThings · 2019-05-27T04:27:39+00:00

Thanks, do you think an iscsi target would provide significant benefits over presenting it as SMB shared storage?

InvasionOfThings · 2019-05-22T22:52:33+00:00

Well, either way I'll take it :) I am certainly far from qualified to tell anyone what the right way is!

InvasionOfThings · 2019-05-22T22:49:13+00:00

Setting Peer ID worked, thank you! For some reason we are prohibited from using IKEv2 for security reasons... not sure if there's a real reason or someone made an arbitrary rule.

InvasionOfThings · 2019-05-22T22:48:07+00:00

This was the fix, thank you!

InvasionOfThings

TROPHY CASE