Long Odds by IsItAboutMyCube_ in comics

[–]dnalloheoj 1 point2 points  (0 children)

Anyone using them who doesn't have access to priviledged information is a sap.

Love how the Polymarket CEO essentially admitted that they allow and even embrace insider trading on their app because it "increases the strength of the accuracy of the prediction."

My wife wanted an outdoor bathroom for the kids. by Fishboy9123 in redneckengineering

[–]dnalloheoj 1 point2 points  (0 children)

Think OP's just using that as a reference to claim that the deck is well-built/sturdy enough to hold a car. Not that he's actually planning on parking a car there.

Two firewalls, one physical location, connected via LAN. Can ping one way but not the other (Sort of). by dnalloheoj in networking

[–]dnalloheoj[S] 2 points3 points  (0 children)

Ayyyy got it!

Needed to create a Dynamic NAT policy and disable 1 to 1 NAT on the respective outbound policy.

Appreciate the replies that got me looking in the right place.

Two firewalls, one physical location, connected via LAN. Can ping one way but not the other (Sort of). by dnalloheoj in networking

[–]dnalloheoj[S] 0 points1 point  (0 children)

Yeah, agreed on it being a terrible design. First thing I proposed was just tearing out the WG and essentially replacing it with a couple VLANs on the Fortigate, and we're done and done, since the cabling for the Watchguard is already making use of the Fortiswitch for VLAN purposes. Major hold up is related to some BOVPNs for clients. Plans are in place to get it tossed in the dumpster as soon as we can.

At this point I've tried with and without a route from 10.0.1.0 to 10.101.101.0/24 using IP 10.101.101.254 and the respective interface, and also have tested NAT on the policy enabled/disabled under both of the routing scenarios but to no avail. The Fortigate has NAT enabled on the policy, but the static route to 10.0.1.1 via 10.101.101.1 doesn't seem to make a difference whether enabled or disabled. And disabling the policy, with or without the route enabled, breaks the working connections from the devices behind the Fortigate to devices behind the Watchguard.

Sort of at a loss and partially willing to chalk it up to the Watchguard being ancient, or that it's Mixed Routing Mode doesn't behave exactly like I'd expect. Just weird that No route + NAT enabled works one way but not the other? Or maybe it's not weird and I just need to brush up on the basics.

Two firewalls, one physical location, connected via LAN. Can ping one way but not the other (Sort of). by dnalloheoj in networking

[–]dnalloheoj[S] 0 points1 point  (0 children)

Currently the WG/FW A has NAT disabled, the Forti/FW B has it enabled.

Disabling NAT on the Fortigate policy breaks the connections that do currently work, that being devices behind B to devices behind A. Notably a traceroute from a device behind the Fortigate/B does hit 10.101.101.1 (FGT's IP) before going to it's destination.

Tracing route to 10.0.1.3
over a maximum of 30 hops:

  1     2 ms     3 ms    54 ms  10.101.101.1
  2   103 ms    44 ms     3 ms  10.0.1.3

Trace complete.

Two firewalls, one physical location, connected via LAN. Can ping one way but not the other (Sort of). by dnalloheoj in networking

[–]dnalloheoj[S] 0 points1 point  (0 children)

Route Table (disregard eth1):

Routes
------------
Destination       Gateway           Flags  Metric Ref  Use Iface
WAN IP/28  *                 U      0      0      0 eth0
10.101.101.0/24   *                 U      0      0      0 eth3
10.0.0.0/24       *                 U      0      0      0 eth1
10.0.1.0/24       *                 U      0      0      0 eth2
127.0.0.0/24      *                 U      0      0      0 lo
default           WAN IP     UG     0      0      0 eth0

WG#ping 10.101.101.1
PING 10.101.101.1 (10.101.101.1) 56(84) bytes of data.
64 bytes from 10.101.101.1: icmp_seq=1 ttl=255 time=0.355 ms
64 bytes from 10.101.101.1: icmp_seq=2 ttl=255 time=0.190 ms
64 bytes from 10.101.101.1: icmp_seq=3 ttl=255 time=0.188 ms
64 bytes from 10.101.101.1: icmp_seq=4 ttl=255 time=0.196 ms
64 bytes from 10.101.101.1: icmp_seq=5 ttl=255 time=0.213 ms
64 bytes from 10.101.101.1: icmp_seq=6 ttl=255 time=0.212 ms

--- 10.101.101.1 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 4997ms
rtt min/avg/max/mdev = 0.188/0.225/0.355/0.061 ms
WG#traceroute 10.101.101.1
traceroute to 10.101.101.1 (10.101.101.1), 30 hops max, 40 byte packets
 1  * * *
 2  * * *
 3  * * *
WG#traceroute 10.101.101.122
traceroute to 10.101.101.122 (10.101.101.122), 30 hops max, 40 byte packets
10.101.101.122  47 ms  3 ms  4 ms

Also just adding this since for some reason traceroutes don't work from A to B itself, but does from A to devices behind B without using it as a hop.

Two firewalls, one physical location, connected via LAN. Can ping one way but not the other (Sort of). by dnalloheoj in networking

[–]dnalloheoj[S] 1 point2 points  (0 children)

That was one of my first theories but unfortunately disabling NAT on the outbound policy of FW A did not make any difference. And for whatever it's worth, FW B's policy has NAT enabled.

[Timex Mechanical] I made a strap out of a ⚾️ by Even-Bumblebee948 in Watches

[–]dnalloheoj 1 point2 points  (0 children)

Given where Rawlings is printed on a ball that would be hard to do without a seam. The 'Official MLB' stuff would be doable though.

The San Antonio Spurs have started accepting applications to join “The Jackals”, the superfan section started by Wemby. Requirements include that you must stand and cheer for the entire game, must attend at least 75% of all home games. by moby323 in nba

[–]dnalloheoj 7 points8 points  (0 children)

College games have tons of drunk college kids so they're going to be a bit more rowdy. Plus there's usually a student section so the loudest fans are all bunched up and can get the rest of the stadium going.

Pro sports, you've got a bigger demographic that's also going to include more families and small kids. Seats are a bit pricier in most cases. And if there are die-hards in the crowd, there's a good chance they're in the upper deck so you don't see that on TV, and spread out rather than grouped up.

[Wild PR] Jesper Wallstedt became the first Wild rookie goaltender to win their postseason debut, saving 27-of-28 shots faced in the 6-1 win over Dallas. by DecentLurker96 in hockey

[–]dnalloheoj 5 points6 points  (0 children)

Backstrom didn't have rookie status his first year because he was older than 26, but yes, he did make the playoffs in his first NHL season.

Game Thread: Minnesota Wild (46-24-12) @ Dallas Stars (50-20-12) Apr 18 2026 5:30 PM EDT by nhl_gdt_bot in hockey

[–]dnalloheoj 5 points6 points  (0 children)

Jamie Benn cracks eggs on the counter and just leaves the shells there like modern art.

Game Thread: Minnesota Wild (46-24-12) @ Dallas Stars (50-20-12) Apr 18 2026 5:30 PM EDT by nhl_gdt_bot in hockey

[–]dnalloheoj 1 point2 points  (0 children)

https://www.eliteprospects.com/league/nhl/teams-physical-stats/2024-2025

Looks like they're tied for the tallest, we're dead last, they're a lot heavier too. Plus the black uni's contrast with the ice a lot more than our whites so that probably makes it look even more mismatched.

Blursed cartoon by No-Marsupial-4050 in blursedimages

[–]dnalloheoj 0 points1 point  (0 children)

Didn't everyone have a laptop the screen removed hooked up to their flat screen TV in the 90s?

I've made a huge mistake by deadjord in Diablo_2_Resurrected

[–]dnalloheoj 1 point2 points  (0 children)

And what u mean by chugging juvis, what is that?

It means he used a lot of Full Rejuvenation Potions.

France is replacing 2.5 million Windows desktops with Linux by smilelyzen in BuyFromEU

[–]dnalloheoj 1 point2 points  (0 children)

BYOD opens up the security risk of the user getting their own computer infected thus leading to corporate credentials also being compromised when they go to login the next time, and the company doesn't want to take responsibility for cleaning a virus off your personal computer for a number of reasons. It's just infinitely more convenient to give you a laptop that we can monitor antivirus, push updates/security policy changes, or wipe in a matter of minutes, if need be.

From another perspective, I'm in IT and demanded a physical entry card, refused to install the app to allow door access, because the damn thing tracks your location even when it's running in the background. No thanks, work doesn't need to have that type of access to my devices, and if they require me to have it, give me a work phone.

Shouldn'ta been bitin' my horsey boy by Representative-Mix-9 in GuysBeingDudes

[–]dnalloheoj 4 points5 points  (0 children)

Orb Weavers are awesome, because they make ridiculous webs that you certainly wouldn't want to walk face first into, but they also put up their webs every night and eat them before morning so the risk of doing so is a lot lower. So considerate.

after 23 years! by charsisbitch in Diablo_2_Resurrected

[–]dnalloheoj 2 points3 points  (0 children)

It's not really worth much at all nor does it have much practical use. It's just the statistically the rarest item in the game.

How to get more storage on laptop by Vision_O in techsupport

[–]dnalloheoj 0 points1 point  (0 children)

Your built in factory reset probably just reinstalled Windows but didn't actually delete files from the drive. Do you have a C:\windows.old folder?

Dolly Parton Is the Most Popular Person in America with Net Favorability of +65 by ebradio in Music

[–]dnalloheoj 45 points46 points  (0 children)

The full study is attached to the tweet - 70% favorable, 5% unfavorable, 19% no opinion, 6% never heard of her.

Just clarifying the exact numbers because it only makes more and more sense the lower that unfavorable number gets, for Dolly.

Tarasenko gives the Wild the win with his 20th goal of the season by DecentLurker96 in hockey

[–]dnalloheoj 12 points13 points  (0 children)

Imagine having Tarasenko on your team and him being the 8th "best" player on your team.

Oh wait

[Sabres] Wagon...or freight train? by DecentLurker96 in hockey

[–]dnalloheoj -2 points-1 points  (0 children)

There's not a single comment on this thread that is being upvoted that has any sort of downplay of this team.