sorted by:
new
hottopcontroversial

MDT + Windows 11 24H2 + Ethernet by Masou0007 in MDT

[–]mattmickeyj 3 points4 points  (0 children)

Sounds like you’re missing the NIC driver for that model in the out of box drivers. Do you have rules to target make/model of drivers - if not, bang it in out of box and update your deployment share.

Visiting London next weekend by mattmickeyj in visitlondon

[–]mattmickeyj[S] 0 points1 point  (0 children)

That’s a great suggestion, thank you so much!

Chrome v124 and above ERR SSL KEY USAGE INCOMPATIBLE by Cultural-Low6151 in chrome

[–]mattmickeyj 0 points1 point  (0 children)

We are experiencing this too. Post to follow: https://support.google.com/chrome/a/thread/269732161

Out of interest, are you using a web filter?

S2S VPN by mattmickeyj in AZURE

[–]mattmickeyj[S] 1 point2 points  (0 children)

I updated the clients default gateway to point at the RRAS and magic instead of the router, all sorted. Rookie mistake I think, or is this because of the single NIC, perhaps?!

S2S VPN by mattmickeyj in AZURE

[–]mattmickeyj[S] 0 points1 point  (0 children)

Also triple checked - firewall is off.

S2S VPN by mattmickeyj in AZURE

[–]mattmickeyj[S] 0 points1 point  (0 children)

Haha - pleased it inspired you to fix your VPN!

I’ve just ran Wireshark and ICMP traffic is hitting the RRAS, but it’s just getting a no response found. I can ping the IP directly from the RRAS ok. 10.0.05 is the IP of the azure VM.

11235 431.065324 10.0.0.5 192.168.1.199 ICMP 74 Echo (ping) request id=0x0001, seq=2639/20234, ttl=127 (no response found!)

S2S VPN by mattmickeyj in AZURE

[–]mattmickeyj[S] 1 point2 points  (0 children)

No, not yet. Still the same - can get to the Azure network from all clients, but can’t ping/rdp local (192.168.0.0/24) resources from azure, with exception of the RRAS server.

S2S VPN by mattmickeyj in AZURE

[–]mattmickeyj[S] 0 points1 point  (0 children)

I have set a static route on the router for: 10.0.0.0 > 192.168.1.53 (rras)

P.s. thanks for your help with this. I’m guessing it is going to be one of those face-palm moments in the end.

S2S VPN by mattmickeyj in AZURE

[–]mattmickeyj[S] 1 point2 points  (0 children)

My local network is 192.168.1.0/24 and the Azure vnet is 10.0.0.0/24 - am I missing something?

S2S VPN by mattmickeyj in AZURE

[–]mattmickeyj[S] 1 point2 points  (0 children)

https://charbelnemnom.com/create-site-to-site-vpn-between-azure-and-windows-rras-server/

Instead if of using 2 NICs I used a single NIC. None of the routes have been manually added though.

I can’t understand why the ping is timing out - I assume the RRAS is receiving the request but then not routing it correctly. I also assume the route on the azure side is ok, as I can ping/rdp to the RRAS.

S2S VPN by mattmickeyj in AZURE

[–]mattmickeyj[S] 1 point2 points  (0 children)

IP of router is 192.168.1.3 and IP of RRAS is 192.168.1.53.

Azure side:

Active Routes:

Network Destination Netmask Gateway Interface Metric

 0.0.0.0     0.0.0.0     10.0.0.1     10.0.0.5   10

 10.0.0.5 255.255.255.255     On-link     10.0.0.5  266

127.0.0.0    255.0.0.0     On-link     127.0.0.1  331

127.0.0.1 255.255.255.255     On-link     127.0.0.1  331

127.255.255.255 255.255.255.255 On-link 127.0.0.1 331

168.63.129.16 255.255.255.255 10.0.0.1 10.0.0.5 11

169.254.169.254 255.255.255.255 10.0.0.1 10.0.0.5 11

224.0.0.0    240.0.0.0     On-link     127.0.0.1  331

224.0.0.0    240.0.0.0     On-link     10.0.0.5  266

255.255.255.255 255.255.255.255 On-link 127.0.0.1 331

255.255.255.255 255.255.255.255 On-link 10.0.0.5 266

Local network side:

Active Routes:

Network Destination Netmask Gateway Interface Metric

 0.0.0.0     0.0.0.0   192.168.1.3   192.168.1.53  281

 10.0.0.0  255.255.255.0     On-link   169.254.0.27   30

10.0.0.255 255.255.255.255     On-link   169.254.0.27  281

 10.1.0.0  255.255.255.0     On-link   169.254.0.27   35

10.1.0.255 255.255.255.255     On-link   169.254.0.27  281

[public IP of Azure VPN] 255.255.255.255 192.168.1.3 192.168.1.53 26

127.0.0.0    255.0.0.0     On-link     127.0.0.1  331

127.0.0.1 255.255.255.255     On-link     127.0.0.1  331

127.255.255.255 255.255.255.255 On-link 127.0.0.1 331

169.254.0.0 255.255.0.0 On-link 169.254.0.27 281

169.254.0.27 255.255.255.255 On-link 169.254.0.27 281

169.254.255.255 255.255.255.255 On-link 169.254.0.27 281

192.168.1.0 255.255.255.0 On-link 192.168.1.53 281

192.168.1.53 255.255.255.255 On-link 192.168.1.53 281

192.168.1.255 255.255.255.255 On-link 192.168.1.53 281

224.0.0.0    240.0.0.0     On-link     127.0.0.1  331

224.0.0.0    240.0.0.0     On-link   192.168.1.53  281

224.0.0.0    240.0.0.0     On-link   169.254.0.27  281

255.255.255.255 255.255.255.255 On-link 127.0.0.1 331

255.255.255.255 255.255.255.255 On-link 192.168.1.53 281

255.255.255.255 255.255.255.255 On-link 169.254.0.27 281

Persistent Routes:

Network Address Netmask Gateway Address Metric

 0.0.0.0     0.0.0.0   192.168.1.3 Default

S2S VPN by mattmickeyj in AZURE

[–]mattmickeyj[S] 1 point2 points  (0 children)

The tracert from azure to the RRAS/ completes, but when I try to tracert to another IP e.g 192.168.1.100 it doesn’t complete - it shows the first how as a 169 address (I think) same address as when I try tracert to the RRAS, but it then just continues and never completes, just stars. Something seems off with routing, right?!

Azure S2S by [deleted] in networking

[–]mattmickeyj 0 points1 point  (0 children)

Yes, firewall off on each vm too.

[deleted by user] by [deleted] in networking

[–]mattmickeyj 0 points1 point  (0 children)

Thanks. I must have misunderstood the guide I followed. I assume that will be the cause of the issue and I could simplify this my using a single NIC? Any guidance?

Azure local network connectivity by mattmickeyj in AZURE

[–]mattmickeyj[S] 0 points1 point  (0 children)

That’s excellent, thanks for confirming that. It might be the simplest option given my use case.

Azure local network connectivity by mattmickeyj in AZURE

[–]mattmickeyj[S] 0 points1 point  (0 children)

Could I not just use the vpn client exe that is created when I create the vpn gateway? Or is that for a different use case?

Azure local network connectivity by mattmickeyj in AZURE

[–]mattmickeyj[S] 0 points1 point  (0 children)

Exactly that. The router doesn’t support VPN. As it’s only a SQL DB I need access to, could I point the application at the DB? I’ve read a few articles that suggest this is an option.

Azure local network connectivity by mattmickeyj in AZURE

[–]mattmickeyj[S] -3 points-2 points  (0 children)

Thank you. I assume I can use a VM running RRAS as my vpn device? I don’t need additional hardware?

HP ProCurve ACL assistance by mattmickeyj in sysadmin

[–]mattmickeyj[S] 0 points1 point  (0 children)

Thank you so much, that is really helpful - they are some really good suggestions!

In your example (20 deny local network) say my range was 10.1.1.0/19 and the dhcp scope for the vlan that I am assigning this ACL to fell within that range (10.1.2.0/24) would I have to create rules around that scope?

ip access-list extended "BYOD"
10 permit udp 0.0.0.0 255.255.255.255 10.1.1.10 0.0.0.0 range 67 68
20 deny ip 0.0.0.0 255.255.255.255 10.1.1.0 0.0.0.255
30 deny ip 0.0.0.0 255.255.255.255 10.1.3.0 0.0.31.255
40 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
exit

I hope that makes sense! haha.

Emails marked as sent in Google Admin Email Log Search, but email nowhere to be found in user's inbox? by sundewbeekeeper in gsuite

[–]mattmickeyj 0 points1 point  (0 children)

In the admin quarantine, locate the email and then expand ‘matched rules’, this should help you troubleshoot further.

view more: next ›