4 Jan 2013, 12:42pm
Sys Admin VPN
by

leave a comment

Vyatta IPSEC status commands

Phase 1

show vpn ike status
show vpn ike secrets
show vpn ike sa

Phase 2

show vpn ipsec status
show vpn ipsec sa

Debug

show vpn debug

Good link with great tutorial : http://openmaniak.com/vyatta_case_ipsec.php

16 Aug 2012, 12:17pm
News Sys Admin Windows
by

leave a comment

Compatibity tool prompts for ADPREP when upgrading windows server from 2003 to 2008 R2 domain

Trying to upgrade windows 2003 domain controller ( single server ) I kept getting prompted to upgrade my AD :

http://technet.microsoft.com/en-us/library/1d502209-cdb9-4e13-9a6c-57ad6c9d1e8b

Ended up that I had to :
1. switch to native mode.
2. run forestprep AND domainprep

After that, all was well. hope it saves someone some time.

6 Jul 2012, 4:18pm
Mac News:
by

leave a comment

My Mac Tweaks

#disable DS_store

defaults write com.apple.desktopservices DSDontWriteNetworkStores true

#disable dashboard

defaults write com.apple.dashboard mcx-disabled -boolean YES

#show hidden files

defaults write com.apple.desktopservices DSDontWriteNetworkStores true

#stop auto open windows after a reboot

defaults write com.apple.Preview NSQuitAlwaysKeepsWindows -bool
false

 

3 Jul 2012, 8:35am
FreeBSD Sys Admin
by

leave a comment

FreeBSD 7 – check dell raid using megacli

MegaCli -AdpAllInfo -aAll
MegaCli -PDList -aAll
MegaCli -LDInfo -Lall -aAll
MegaCli -CfgDsply -aAll
MegaCli -AdpEventLog -GetEvents -f events -aAll && less events

Cisco WLC 5508 – Set WPA pass

Step 1 Disable the WLAN by entering this command:

config wlan disable wlan_id

Enable or disable WPA for the WLAN by entering this command:

config wlan{enable | disable}ity wpa enable wlan_id

Step 3 Enable or disable WPA1 for the WLAN by entering this command:

config wlan security wpa wpa1 {enable | disable} wlan_id

Step 4 Enable or disable WPA2 for the WLAN by entering this command:

config wlan security wpa wpa2 {enable | disable} wlan_id

Step 5 Enable or disable AES or TKIP data encryption for WPA1 or WPA2 by entering one of these commands:

•config wlan security wpa wpa1 ciphers {aes | tkip} {enable | disable} wlan_id

•config wlan security wpa wpa2 ciphers {aes | tkip} {enable | disable} wlan_id

The default values are TKIP for WPA1 and AES for WPA2.

Enable or disable 802.1X, PSK, or CCKM authenticated key management by entering this command:

config wlan security wpa akm {802.1X | psk | cckm} {enable | disable} wlan_id

The default value is 802.1X.

If you enabled PSK in Step 6, enter this command to specify a preshared key:

config wlan security wpa akm psk set-key {ascii | hex} psk-key wlan_id

WPA preshared keys must contain 8 to 63 ASCII text characters or 64 hexadecimal characters.

Step 8 If you enabled WPA2 with 802.1X authenticated key management or WPA1 or WPA2 with CCKM authenticated key management, the PMK cache lifetime timer is used to trigger reauthentication with the client when necessary. The timer is based on the timeout value received from the AAA server or the WLAN session timeout setting. To see the amount of time remaining before the timer expires, enter this command:

show pmk-cache all

Information similar to the following appears:

PMK-CCKM Cache
Entry
Type Station Lifetime VLAN Override IP Override
—— ——————- ——– —————— —————
CCKM 00:07:0e:b9:3a:1b 150 0.0.0.0

If you enabled WPA2 with 802.1X authenticated key management, the controller supports opportunistic PMKID caching but not sticky (or non-opportunistic) PMKID caching. In sticky PMKID caching, the client stores multiple PMKIDs. This approach is not practical because it requires full authentication for each new access point and is not guaranteed to work in all conditions. In contrast, opportunistic PMKID caching stores only one PMKID per client and is not subject to the limitations of sticky PMK caching.

Step 9 Enable the WLAN by entering this command:

config wlan enable wlan_id