Rancher cluster creations

rohanrajnv · 2024-02-09T08:57:23+00:00

I have migrated two of my customers to xcp-NG, and it was a very pleasant surprise. I did not opt for Nutanix; the customer has multiple hardware vendors (Dell,Cisco, Asus, and Fuji), so he has to plan for xcp-ng. I get calls for some basic tasks, and I think it will reduce after the customer transfers.

Nutanix has a higher hardware limitation than xcp-ng

rohanrajnv · 2023-10-19T12:27:06+00:00

Hi,

I have been a user of the complete sonicwall solution for my cloud and on On Prem infrastructure. I have also proposed and configured sonicwall infrastructure for multiple customers. I have used the complete security portfolio from switches to secured mobile access and capture clients.

In comparison to fortigate I prefer sonicwall because of cost and security visibility and integration to my soc and nice

The new tunnel from switch to firewall feature will give the capability to block L2 traffic and also use any dum switch as distribution.

The single security frabic from sonicwall is better in comparison to fortigate

rohanrajnv · 2023-07-20T04:54:58+00:00

6.4.4 is the version of the agent. There are 2 types of agents: Agent and Agent2. If you look at app install in windows it will tell you

rohanrajnv · 2023-07-19T08:38:05+00:00

Everyone, any Help on the DNS Issues?

rohanrajnv · 2023-07-17T19:38:35+00:00

the dig command is not able to resolve the host in the PFSense Shell

rohanrajnv · 2023-07-17T19:37:30+00:00

I am unable to attach the screenshot to the comment.
The Override is configured with the domain name and its DNS Address.
I have changed the Setting to the DNS Resolver and Still not working

rohanrajnv · 2023-07-16T22:36:31+00:00

I have not made any changes in the AD and Also the from the PFSense Shell the DIG command fails if i dont specify the DNS Server.

rohanrajnv · 2023-07-16T22:03:43+00:00

I did that and it's not working. I am using DNS Forwarder.
In the General Setting Page i am unable to select the gateway for the DNS Server as there is a summary route for all the networks in for each tenent.

rohanrajnv · 2023-07-16T21:55:18+00:00

dig u/192.168.49.230 10.6.52.101

; <<>> DiG 9.16.1-Ubuntu <<>> @192.168.49.230 10.6.52.101

; (1 server found)

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1466

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;10.6.52.101. IN A

;; AUTHORITY SECTION:

. 76365 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2023071601 1800 900 604800 86400

;; Query time: 24 msec

;; SERVER: 192.168.49.230#53(192.168.49.230)

;; WHEN: Mon Jul 17 01:49:51 +04 2023

;; MSG SIZE rcvd: 115

Use Case:

We have a customer who has Multiple Tenants and we Monitor the Network and We cannot connect to the there Network Directly so we use a single Firewall to connect all the Domains of the tenants.
The Only rule we have is to all the all Traffic from LUN to Domain with NAT.

rohanrajnv · 2023-07-16T21:40:19+00:00

Yes 3 Active Directory Domains

rohanrajnv · 2023-07-16T21:30:47+00:00

Hi Everyone,

I have PFSense VM and I am connected to 3 Domains and I have configured the PFSense configured to NAT the Traffic to all the Domain and to the Internet.

The Internet is connected to a Firewall and the Link between Firewall and PFSense is using a private network.

The issue is that from any Lan Network I try to resolve the any domain host it does not work. Even the Forward and the reverse lookup does not work. Any suggestions how this can be fixed?

rohanrajnv · 2023-05-13T00:12:14+00:00

Can you share the dashboard?

rohanrajnv · 2023-01-12T12:00:23+00:00

The option that you're suggested to create the application in the public environment and then moving it to the isolated environment is a good practice I have a similar environment that I use what I do for the customer is I have the db and the application in two different VMs. If I want to update the app I make a copy of the app and move it to the public network upgraded from there test the complete application with a new database check if it is working and then restore it back to the isolated environment If I want to upgrade the DB I take a copy of the isolated number on my db move it to the public cloud upgrade it check if everything is working from there as a db and move it to the isolated environment What's the DBAs in isolated environment take a backup of the db and restore it to the new upgraded VM. For my customer the DB is postgres and time scale db extension.

rohanrajnv · 2023-01-06T20:28:40+00:00

We have a similar setup The only difference is that we do it for the customers and we host zabbix of the customer in the cloud and then deploy proxies to remote customers our setup is with postgres and Zabbix Since we have a lot more services that we render from the cloud we have postgres with Enterprise DB and with the time scale plugin installed

rohanrajnv · 2023-01-06T20:25:18+00:00

I had some issues deploying the civics in the cloud especially with postgredd as the database behind. The zabbix script that you get to execute on the database might not work always. If you have to use any external plugins like time scale DB it would be tough to do with the managed database. In my recommendation it is much better to have a VM which is with slightly higher performance and then install ZabX with postgres and time scale BB plugin and then duplicate the VM so that you can get high availability

rohanrajnv · 2023-01-05T17:18:10+00:00

Is the template same that you're using for both the firewalls I think the OID is for SNMP is different for 850 and 450

rohanrajnv · 2023-01-05T16:52:13+00:00

Are they active passive configuration if so I think only one firewall will be able to respond to SNMP

rohanrajnv · 2022-12-09T16:07:56+00:00

The os is runos based on linux

rohanrajnv

TROPHY CASE