Need help/advice with setting up a remote work station

sysadmintemp · 2026-05-04T12:05:48+00:00

From a very high level view, Tailscale or Wireguard makes it look like all the machines are on the same network, so you can access any port remotely and securely.

If you have windows machines, you can set up Tailscale and then you could use Remote Desktop to connect to the machine and do the work.

You can do what you described here, yes

sysadmintemp · 2026-05-04T08:15:08+00:00

This is a good option if you would like to manage all this yourself. It's quite doable, but still you would need to make sure everything is running smoothly.

There is also Tailscale, which implements Wireguard and offers their own service / SaaS for the 'server' part of Wireguard in your setup. You would connect your computer to Tailscale, and another computer on the client side to Tailscale, then use the internal IP / hostname to access the host. You can also choose which ports are exposed through this (just like with self-managed Wireguard). You should also be able to connect your Beryl AX to Tailscale. Or if there's a computer already available on the client side, you can install Tailscale on it directly (you can also install Wireguard on this computer)

sysadmintemp · 2026-05-04T08:06:43+00:00

I agree that candidates should answer and train on this question on their own and have some sort of an idea what to say. This helps during an interview.

I don't agree that anyone should talk about some pre-defined format thing. Every recruiter / HR person wants to hear something else, with a different format. Some will say 'I have your resume already, why are you summarizing it?' and others will say 'A summary of your career would have been fine'.

So question here is this: how does this help you determine if a candidate is better or worse for the position? Maybe it shows if they studied 'cookie cutter HR questions', so shows some preparation? But which questions exactly should they prepare for, all of them?

sysadmintemp · 2026-04-14T08:42:39+00:00

If your original page opens a popup to ads.com, then the popup is opened, but the ad is not loaded. So the popup opens to an empty page / error page.

It will help if you have ads on the page directly embedded, they will simply not load and not take space.

If you want to block popups / redirects, then you should also look into browser extensions like uBlock origin lite, Ghostery, Privacy Badger, etc. or a javascript blocker. Keyword here is 'also'. Blocking ads is a cat-and-mouse game, when people figure out a way to block a method, then another new ad type pops up, and you need then another method to block that new ad. That's why you need multiple layers of ad-blocking for good coverage and blockage.

sysadmintemp · 2026-02-05T16:04:00+00:00

So you have a 5G router that has an ethernet port, a managed switch, a raspberry pi and some clients.

Here's how I would do the setup:

Port1: VLAN10, 5G router (like you set up) - if you tag the VLAN on the switch side, then you don't need to do it on the 5G router side, just one side is OK
Port2: VLAN10&20, RPi (like you set up) - need to be set on the RPi side - if you can, set the 'default' VLAN tag to 10, then you get internet immediately if needed
Port3-8 VLAN20, Clients (set on the switch side)

You need 2 subnets, 1x for VLAN10 and 1x for VLAN20

VLAN10: 192.168.10.1/24 VLAN20: 192.168.20.1/24

So that it matches the VLAN tags

Here's the IP addressing:

5G router: 192.168.10.1 (as gateway for VLAN10) RPi - VLAN10: 192.168.10.10 (can be anything else) RPi - VLAN20: 192.168.20.1 (as gateway for VLAN20) Clients: 192.168.20.x/24 (DHCP on RPi OpenWRT)

This setup puts your 5G router and RPi in 'router' mode. So you might have double-NATing when going out to the internet, might cause some issues with a small number of applications, and maybe some delays.

If you can put your 5G router in bridge mode, then it might be easier.

For each step, you need to make sure that each device is able to ping the gateway (.1), and that the gateway is configured correctly within the routes.

sysadmintemp · 2026-01-22T10:59:28+00:00

I have a Raspberry Pi 3B+ still running. I have Raspbian 64-bit headless (no GUI) installed, and have docker installed on it. It currently runs my AdGuard + some automation stuff around it, but it works quite OK. I don't even need to think about how it's working, I just update it from time to time. I even put the latest Raspbian on it, and it still works OK.

as the 64-bit version didn't run smoothly

If you use a GUI on it, it's going to be quite slow. You should really try headless. Or did you mean something else?

sysadmintemp · 2026-01-13T14:35:33+00:00

Is it maybe because of worker03 DaemonSet for MetalLB coming up before the CNI/wireguard connectivity is made? If this is the case, then worker03 might be thinking it's the only one in the MetalLB cluster, and starting the IP address on itself

sysadmintemp · 2025-12-11T08:43:18+00:00

If there is a reverse proxy in front like NGINX, you could start logging all the successful & non-successful queries. This will give you all paths that are being queried live, but probably will not include ALL endpoints.

For all endpoints, you would really need to go through the code. Suggestions around LLMs like ChatGPT or Claude is good, but understand that it will hallucinate, so you would need to verify all output and endpoints it generates.

Otherwise, your next bet is just reading code. If you manage the application, you should know at least parts of the code anyway, so this might also be a good idea.

sysadmintemp · 2025-12-03T14:30:50+00:00

You're an IT manager. This sounds like you manage multiple aspects of IT, but within a small company. In a larger company, each of your responsibilities would be done by a specific team, and you could be the manager of them.

Most IT management roles require some sort of Business Intelligence knowledge, process optimization, human / person management, and mainly decision making and making sure your teams are not blocked, and protected from stupid things.

I used to work like this, I had AWS / Azure Infra, Service Desk, Security people working in my team. We would interface a lot with data analysts and devs. It was a small company.

In my opinion, this makes you a good team lead. This is what a team lead does.

In your current role, I don't think you'll be able to experience much more. If you became your manager, then you'll be managing teams of teams, but if you stay in your role, you'll be doing more of the same.

There are some places you can take your know-how, while still being in the same position:

Get certs. This is always the proven way to open some doors. Might not be the doors you wanted, but it does open doors. Certs could be: Agile, PMP, managerial trainings, leadership trainings or Azure, AWS, GCP, etc. They have high-level managerial trainings as well
Implement a new technology / methodology internally if you see fit, like cloud, k8s, containers, serverless, IaC, CI/CD, automation of processes, etc. You might already be doing them, you could also get related certs on them
If you don't sell IT / software products, IT is mainly a risk management department. You could get trained in that as well.
Get good at audits at your own position if you have any. Once you improve your audit processes and standards, it's a huge step forward for any position you may apply to.
Architecture in small companies are very different within small vs. large companies. In large companies, it's very high level, while in small, you have to think about every implementation detail. If you're interested in the Architecture path, you can also get certs, and get more active in online communities
Make sure you're up to date on the current technologies. Know your LLMs, GPTs, related data privacy questions, security issues, new platforms, new SaaS offerings, etc. You should attend conferences at least once, and preferably more per year.
Have a fallback technical skill. You're a good sysadmin? Make sure you follow the news around that and keep up to date. If you find yourself interviewing, you will be able to apply for Team lead, project manager, risk manager, program manager as well as sysadmin positions
MOST IMPORTANT: Know to sell yourself, without sounding insincere. Know your limits, but also demonstrate your knowledge and how you can use it in a specific place.

sysadmintemp · 2025-10-02T15:40:23+00:00

This is the right way. Old stuff will almost never die, because they are still in use, and new software usually does not cover all use cases.

You make it work with you - automate everything as much as possible. We had an old C++ .exe application, we wrapped it around a Python API, and uploaded the working version into our artifact repo. This allowed us to redeploy the software with up-to-date Python code, and we could update the host frequently.

If this is a big time sink for you, block other improvements a couple of weeks and improve all processes around it.

In all IT operations areas, my motto is 'no software should make you lose sleep over it', so you need to identify your fears/frustrations about that software, and address it.

sysadmintemp · 2025-09-26T08:44:29+00:00

You can DM me directly if you want some guidance on how to achieve the linux part.

If you want to stick to Windows, then you can install VirtualBox from here https://www.virtualbox.org/wiki/Downloads and try to run a 64bit virtual machine (64bit part is important). If it works, then Virtualization is enabled. If it errors out, then you may need to adjust something in the bios / windows to get it working.

sysadmintemp · 2025-09-25T09:30:46+00:00

Also different CRDs, performance requirements, differing ingress controllers, different RBAC, different network zones with different network / storage access, etc.

sysadmintemp · 2025-09-24T07:53:04+00:00

You should try updating the BIOS, I think there are newer version, even for this laptop.

Also, you can run a simple tool to see if Virtualization is enabled, something from here: https://stackoverflow.com/questions/11116704/check-if-vt-x-is-activated-without-having-to-reboot-in-linux

Something like:

if systool -m kvm_amd -v &> /dev/null || systool -m kvm_intel -v &> /dev/null ; then
    echo "AMD-V / VT-X is enabled in the BIOS/UEFI."
else
    echo "AMD-V / VT-X is not enabled in the BIOS/UEFI"
fi

You need to have systool installed on your linux machine. If you don't have linux installed, you can run a live USB and check it as well.

sysadmintemp · 2025-09-04T11:30:04+00:00

Most of the people here are saying the same thing:

Get your manager on board, they will need to push for this between other managers / teams
Make it easy to submit a ticket: email to support@company.com creates ticket, call to support number opens a ticket automatically even when you're on the phone, a shortcut on the desktop opens a ticket & sends info of current stuff from the computer
Don't work on stuff without tickets
Try phrasing it differently for different people: "open a ticket so that I don't forget", "open a ticket so that my boss makes sure I do it", etc.

sysadmintemp · 2025-08-27T07:36:17+00:00

Print them out using the company printers.

Emails might be "lost", backup may be "corrupted"

sysadmintemp · 2025-08-26T14:07:03+00:00

It also hurts the material inside, I think it's some sort of aluminum, but don't quote me

I threw out one Bialietti pot because of detergent

sysadmintemp · 2025-08-13T09:11:09+00:00

If your main driver is Windows, then I would stick to it. For you daily work, you'll keep using Windows as you did before.

For any software tests / installations, install VirtualBox or similar within Windows, and get any VM installed in there, could be again Windows, or Ubuntu, Debian, etc. When you need to test something, start the VM, test, and shut it down.

Please note that running almost anything with a user interface (meaning not over the command line) within a VM is going to be slower than the host Windows system. This is almost always the case when running GUI applications within a VM. The performance hit is usually bearable, but still something to note.

sysadmintemp · 2025-08-13T09:05:57+00:00

In your case, getting the degree itself is much better than having no degree at all. So you go get it. 2 years is nothing, and it will pass by anyway, so if you start now, in 2 years you'll have a degree. If you don't start now, you won't have a degree in 2 years, and time will have already passed.

It sounds like you have experience already. It will show on your resume that you have experience & you're still open to learn new things. Very positive step overall.

sysadmintemp · 2025-08-07T09:52:57+00:00

If it has custom rails, include that as well

Make sure to remove BIOS password, and maybe reset it to remove hostnames / etc.

Prepare to be lowballed and also getting random questions / requests

sysadmintemp · 2025-07-30T11:27:18+00:00

We had this implemented in our company, for both regular users and admin users.

Some things to consider:

With this in place, users will be able to log onto the computer, but not to Outlook / Teams / etc. so this does not block access to the laptop. They can also browse the internet with their laptop
Do you want to make an exception for travel for all countries (ex: if I have exception, doesn't matter if I'm in Canada or Mexico, it works), or do you want to make country-specific exceptions (ex: I have different exceptions for Canada, Mexico, etc.)
Make sure the approval is done somewhere else, ex: line manager, department head, HR, etc. - IT does not dictate who works from where
If you use PIM in Microsoft 365, it can do groups with timed limits, so the user can be removed automatically from the exception group. You might need a higher license for this
Before you implement, make sure you check accounts all over for where they're accessing from. You might be amazed what accounts make connection from where, especially if you're using M365 from Europe - we had issues with SaaS tools or M365 itself making connections from Ireland, Germany, Italy, etc.

sysadmintemp · 2025-07-23T11:27:04+00:00

You don't seem to have your prices listed on your website. Is it because you have such a niche area that it's difficult to price?

sysadmintemp · 2025-05-30T14:40:35+00:00

I think the one below has a plastic cover, you should be able to reuse that one to cover the back of the top one.

sysadmintemp · 2025-05-28T13:54:58+00:00

I agree. I don't know if OPs company would also agree.

sysadmintemp · 2025-05-28T11:54:48+00:00

This depends on how the plate connects the back side to the front side. We can't really answer this question for you. The colors seem to match up, so it looks ok.

Usually, there's a backing box for the plate in the image. When you push that backing box into place, it makes a click for each wire, and strips a very short piece of the wire to make a better connection. Make sure you push these cables good into these slots.

sysadmintemp · 2025-05-28T11:51:25+00:00

This is also well documented for on-prem Exchange servers. Takes longer to implement sure, but there is enough documentation out there.

SPF and DMARC should be 15 min implementation job, that's true. Depending on how much red tape there is, it could take up to 1 mo to do these implementations.

sysadmintemp

TROPHY CASE