Wednesday, May 10, 2023

McAfee EPO Legacy tool for 7.3

EPO EETECH TOOL For Version 7.3 of McAfee EPO

Format the drive as Fat32 - There are quicker ways of doing this


Create a bootable usb key using the bootdisk.exe command

bootdisk.exe EETech.RTB f:




Posted by at No comments:

Monday, July 4, 2022

PFSENSE & OPENVPN CONFIGURATION (PROXMOX)

When you first install Pfsense you end up at on the console with the following options.
Select: 1) assign interfaces
The first question is are you going to set the VLAN's inside the Virtual machine or within the hypervisor.. In this case we tagged the virtual machines interface on the correct VLAN (this case 500 the link using the assigned IP address.)
The default configuration will only show two interfaces the WAN and LAN adapters any additional interfaces or subnets you require must be added now or when you configure them it will wipe the existing configuration and you may lose connectivity if doing this remotely.
In Proxmox confirm the virtual MAC and the VLAN tag has been assigned. (Note any changes to Proxmox networking [outside of VM's the actual OS] You must apply the configuration or the settings do not apply. 
VLAN-aware needs to be enabled on the virtual interface and applying configuration will be necessary.
Comparing the net0 above last MAC address HEX you can confirm that vtnet0 is the correct adapter for the WAN interface.
You can also surmise that the vtnet1 is the LAN address but this can also be confirmed against net1.
(opvpns1 adapter is only present as the lab is not a vanilla install, so ignore for the sake of this document)
Console configuration is now complete when you type Y this configuration will be written and the Pfsense box will be restarted.
The screen can hang on this screen for a while.. Interact with it by pressing Enter and it will waken the system back up
Select option 2 for assigning the Static IP addresses. The Menu's are very straight forward.. Select the WAN connection first and assign a the IP and then the Gateway IP the LAN IP if not DHCP is required to configure the device. There is no gateway required as it should egress through the WAN.
In Chrome open the LAN IP address that you either set or DHCP picked up the following warning will appear just click advanced and Proceed to IP Address
Default username: admin/pfsense
You know the internet access to the device is working when the contract type shows up as Community support /Only without this you can not proceed with the configuration
The first requirement is to install a package to export OpenVPN server credentials, you can not do this without internet access.
In the package manager click on Available packages and search for openvpn and install the openvpn-client-export and the latest version available you will need this later.
Completion screen you can move away from here at anytime.
Next create a Certificate Authority (CA) by clicking System and selecting Cert. Manager

The Create a new CA under your company or lab name later you will require a server cert and a user cert but let the OpenVPN wizard create these for you as there are specific requirements you can't do manually.
 Next configure OpenVPN by clicking VPN and OpenVPN.
For the simplest configuration select the Wizard
Select the Local user access (Client access VPN)
We pre-created the CA so it will be selected and click next
Create a new Certificate this will be the Server Certificate you may call it "server certificate" if you wish.
Note that the Protocol is UDP and on port 1194 and then set the name for the client access VPN, Scroll down the page to set the Tunnel IP and the access LAN IP's
Tunnel settings and access LAN IP's are set here
Allow for the Wizard to create the allow rule for ingress for OpenVPN.
Create a user and a user certificate click System and select User Manager
In here you can change the default password, this is highly recommended. You can also create a new remote user click on Add
Adding the user name, password and full name description
Move to the admins group  and tick the Certificate box this is a requirement for remote access.
One the user is created click back to VPN - OpenVPN
      Scroll down to the end of the page and download both of the follow zip files.

Posted by at No comments:

Friday, February 18, 2022

Windows Server 2022 Hyper-V Virtual Network configuration

New way to create a Virtual Switch on WS2022 Hyper-V

Step one is name the interfaces Prod1 / Prod 2

Create a virtual switch and team the NIC's at the same time

New-VMSwitch -Name "ProdSwitch" -NetAdapterName "Prod1","Prod2" -EnableEmbeddedTeaming $true

Create network adapters as needed, I generally create a Management and a production VM network interface.. code example below.

Add-VMNetworkAdapter -ManagementOS -Name “MGMT” -SwitchName “ProdSwitch”

Add-VMNetworkAdapter -ManagementOS -Name “VM” -SwitchName “ProdSwitch”

Generally you will require VLAN's for each of these interfaces and below are examples of the code required for this XX being the VLAN ID.

Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "MGMT" -Access -Vlanid XX

Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "VM" -Access -Vlanid XX
Posted by at No comments:

Monday, March 30, 2015

How to convert from dynamic to fixed disk

"Power down VM"
Stop-VM –Name "dubvmv01"

"Convert from Dynamic to Fixed disk"
Convert-VHD c:\clusterstorage\volume11\dubvmv01\dubvmv01.vhdx -destionationPath c:\clusterstorage\volume11\dubvmv01\dubvmv01-f.vhdx -VHDType fixed -Confirm y

"remove the old VHD file from the VM"
Remove-VMHardDiskDrive -VMName dubvmv01 -ControllerType 1 -ControllerNumber 0 -ControllerLocation 0

"add the VHD back to the Virtual Machine"
Add-VMHardDiskDrive -VMName dubvmv01 -Path c:\clusterstorage\volume11\dubvmv01\dubvmv01-f.vhdx -ControllerType SCSI -ControllerNumber 0 -ControllerLocation 1

"delete the old VHD File"
Remove-item c:\clusterstorage\volume11\dubvmv01\dubvmv01.vhdx

"Start the VM"
Start-VM –Name "dubvmv01"

Original script edited from Ideas from Aidan Finn's post on:

Convert Hyper-V Virtual Machine From VHD To VHDX

Posted by at No comments:
Labels: , ,
Location: Dublin, Ireland

Friday, September 12, 2014

Virtual NIC's in Hyper-V and how I've been doing it wrong!

My server hardware hasn’t changed

4 x 1GB NIC's on a Quad adapter

2 x 10GB NIC's on a Dual adapter

If you've seen my previous posts you'll see that I created teams in Server Manager
Across from NIC Teaming if you haven’t created a Team this option is marked as Disabled

 Click on Tasks and create a virtual Switch


Select the NIC’s you want to add to the Team, In the above example you can see I left the Additional properties as default

I left the default options under additional properties.

The next step is what I’ve been doing incorrectly for some time, thankfully I got some great advice 
from some friends and I suggest you read his blog.
Credit for script: Aidan Finn - http://www.aidanfinn.com/?p=12609

My network is slightly different so my script is different although I used Aidan’s as a template. 
I have added some additions from Technet article - http://technet.microsoft.com/en-us/library/dn550728.aspx

Storage – Switch and vNIC (283)

Do not put a Virtual Switch on top of the Storage network
Create team and assign vLAN from Windows teaming

**********************

Production Switch and 3 x vNIC’s, MGMT(101), Live Migration (2828) and VMNetwork (102)

New-VMSwitch “ProductionNetSwitch” -NetAdapterName “Production” -AllowManagementOS 0

Add-VMNetworkAdapter -ManagementOS -Name “MGMT” -SwitchName “ProductionNetSwitch”
Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "MGMT" -Access -Vlanid 101

Add-VMNetworkAdapter -ManagementOS -Name “VMNetwork” -SwitchName “ProductionNetSwitch”
Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "VMNetwork" -Access -Vlanid 102

Add-VMNetworkAdapter -ManagementOS -Name “LiveMigration” -SwitchName “ProductionNetSwitch”
Set-VMNetworkAdapterVlan -ManagementOS -VMNetworkAdapterName "LiveMigration" -Access -Vlanid 2828


What will I end up with??

This script will give you a virtual switch
ProductionNetSwitch

Then it will give you 4 x vNIC's total
Storage on VLAN 283
VMNetwork 102
MGMT 101
Live Migration 2828

What does that look like in real life?


Posted by at No comments:

Tuesday, June 24, 2014

Gridstore and Hyper-V Teaming


Hyper-V Cluster with Gridstore


In this configuration we have a 3 host Hyper-V cluster and 3 Gridstore nodes. We are using 2 x Juniper 4550’s for the storage network and 2 x Juniper 3300’s.
There are 4 x 1GB NICS and 2 x 10GB SFP’s

 4 x 1GB NIC’s will be configured in a Team using Windows Server 2012R2
              Live Migration on VLAN 1

              Management on VLAN 2

              Production on VLAN 3

              DMZ on VLAN 4
2 x 10GB SFP’s will be configured in a team for the storage network and will be configured 1 Port per switch.


As Gridstore is based on WS2008R2 best practice is to use the manufacturer’s drivers for teaming.

The Broadcom network card will be configured in a load balanced failover team using the drivers supplied.

The Junipers will be configured to tag all traffic to VLAN 283. There will be a 2 x 10GB ports configured as a 20GB trunk to allow the switches communicate between each other and send VLAN 283 traffic.

 Gridstore NIC Teaming

       Plug Ethernet port 0 into a switch on each Gridstore node

       Boot a DHCP server

       Boot the Gridstore Nodes

       Each node should be assigned an IP address from the DHCP server

       Contact Gridstore Support and ask them to log into each node.


       Set a static IP on the Ethernet address

       To do this type in “control”


       Click on “Network and Sharing Center”


       Name the active interface and set a static IP on it to make things easier for later

       Once you have set the static IP the RDP session will drop. Reconnect using the new IP

       Cable your 10GB Ethernet to each switch and go back to the control panel

       Click on Broadcom Control Suite 4 in Control panel


       Click on Filter and select Team View

       Right click on the server name “GS-DHBS6CZ1” in this case

       Select create a new Team


       Click Next


       Name the team and click Next

       Name the team and click Next


       Select the adapters you want and click Add and then Next to continue
       Leave the defaults and click Next

       Leave the defaults and click Next


       Click Add VLAN and click next

       Name the VLAN this is important as it might help later in the process


       Click on Tagged and click Next


       Type in your VLAN ID and click next

       After the Team is created open Network and sharing center and set the IP address on the Teamed NIC


       RDP to the Gridstore using the new Teamed IP address

       The next configuration you have to complete is in the registry

       Open the command prompt and type in regedit and browse to “HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Gridstore\NetworkAdapter”

       If you see anything but the BASP adapter Follow the next steps

       Disable the MGMT Interface

       In the command prompt type in Service.msc

       Disable the Gridstore Service

       Open regedit

       delete the Folder “NetworkAdapter” in “HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Gridstore\NetworkAdapter”

       Start the service and refresh the Gridstore Registry key by pressing F5

       The BASP adapter should now be present.

       Duplicate for each node

Windows Server 2012 NIC Teaming

       Open Server Manager


  • Click on NIC Teaming

    

       Under teams click Tasks and select “New Team”


       Name the team and select the adapters

       Select the team then click Team Interfaces, Then click tasks and Add Interfaces

       Name the new Virtual Adapter and the VLAN for the network

       Set the Static IP on the StorageLAN – VLAN 283 Adapter

       The team is now configured
Posted by at No comments:
Labels: , , , ,
Location: Co. Dublin, Ireland
Subscribe to: Posts (Atom)