Site to Site VPN with Azure and a Draytek Router

Posted by robd on October 19, 2020
Azure, Draytek / No Comments

Hello,

Recently passed my AZ-104 exam (was a good challange).

One of the labs I wanted to setup was a Site to Site VPN and as I had a draytek router kicking about I thought I’d use it.

These are the things you need in Azure:

Local Network Gateway – This is the object that represents my draytek (or site)

Virtual network (vNet) – The network for everything to sit in, in Azure.

Virtual Network Gateway – The frontend of Azure, so the bit the draytek is looking at.

Public IP – For the VPN Gateway

A Azure VM to test with.

The vnet was pretty straight forward, my Azure VM was in here and VPN Gateway.

 

 

 

 

Now lets configure the Local Network Gateway, basically all you need to do is:

Enter your Drayteks public IP,

In address space enter in the subnet you use at home (or the site your connecting).

Now lets create a connection to the Draytek.

Note here I used IKEv1, thats because my Draytek didnt seem to support v2.

Now make a note of the public IP in the Local Network Gateway overview.

To the Draytek!!!

Enter the following

under IKE pre-shared key I used the key I setup earlier:

Thats it.

Check the Lan to Lan profile to see if its connected.

Now in Azure, try pinging the home network from the Azure VM:

 

 

I appreciate this isnt my best blog, sorry (I’m in a rush).

Here’s Microsofts official guide:

https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-howto-site-to-site-resource-manager-portal

 

Tags: , ,

Work Folder – Clients

Posted by robd on August 10, 2020
Work Folders / No Comments

Did you know you can also defrag local meta.edb files on a client?

Well you can:

Open a CMD prompt or PowerShell and naviate to:
Then Defraggle it:

 

Tags: , ,

Ghost in the Citrix XenApp

Posted by robd on August 06, 2020
Citrix / No Comments

We’ve had this really frustrating issue for a few months where XenApp applications would launch then if a user closed the app or left it then they would be able open it again.

When you jump of the Citrix XenApp server you’d see the session but in a weird state.

Either like this:

or with the username but just a few processes listed:

  • Citrix Graphics (ctxgfx)

  • Client Server Runtime Process (csrss.exe)

  • Desktop Window Manager (dwm.exe)

  • Windows Logon Application (Winlogin.exe)

  • Windows Logon User Interface Host (LogonUI.exe)

  • EMUser.exe – Ivanti service

The work around workaround is to kill winlogin.exe or loginui.exe or emuser.exe and the session ends.

If we remove DisableLogonUISuppression this problem goes away, but then when launching a published application users see a black screen.

So after doing a million things one of the guys at Ivanti found the issue, the App was taking more than 60,000 Milliseconds to launch so Citrix was shitting itself.

The fix, increase the Citrix policy “application launch wait timeout” in Citrix to 12,000 Milliseconds.

And bobs your uncle.

You’re probably asking, why the hell does an app take more 60,000 Milliseconds  to launch….well, I’m blaming Ivanti personalisation and Chrome.

 

If that doesnt help then check these out:

https://support.citrix.com/article/CTX232490

https://www.reddit.com/r/Citrix/comments/8s9pva/disconnected_sessions_are_not_logging_off/

Ghost Sessions Haunting Me from Citrix

Tags: , , ,

ODBC Driver Update

Posted by robd on April 23, 2020
powershell, SQL / No Comments

Hello,

As many of you may know the latest round updates have disabled TLS 1.0 and TLS 1.2

For us that meant either enabling TLS everywhere or using newer methods. Below is a URL to enable:

https://blogs.windows.com/msedgedev/2020/03/31/tls-1-0-tls-1-1-schedule-update-edge-ie11/

A much better option is to install Microsoft® ODBC Driver 13.1 for SQL Server on the clients:

https://www.microsoft.com/en-us/download/details.aspx?id=53339

Then update a whole bunch of ODBC system DSNs.

Thats great but some of our Citrix servers have a lot of system DSNs and I didnt much fancy doing them one by one so here’s some PowerShell to do it for you:

Boom.

 

Tags: , , ,

Updating Cisco Prime 3.4 to 3.7

Posted by robd on March 06, 2020
Cisco / No Comments

Well what a fun few days its been.  I’ve been on a mad mission to update our Cisco products, first I did Cisco ISE (I’ll try and blog about that later) and then Cisco Prime.

Here’s the Cisco Prime tac I took:

SSH to Prime

First thing first, backup Prime.  In my case that was on the prime server in the default repo.

Next now ftp the update the file to prime:

next check its there:

Now update:

Oh no ERROR:

You have to open the VM console!!!!!!!

Try again!

Ugh, its full.  Delete the old backups

Try again

Arggggh now what, stop Prime….

Try again:

Now its working!!

Tags: , ,

Vib Error updating ESXi from 6.0 to 6.7

Posted by robd on March 05, 2020
vmware / No Comments

Tried to upgrade ESX on a Cisco server today but kept getting the following today:

missing_dependency_VIBS ERROR. Found=[Qlogic_bootbank_scsi-qla2xxx….. These vibs on the host are missing dependency if you continue to upgrade.

So to fix, put the host in Maintenance mode then check if the device blocking is in use:

In my case it wasnt so bin it off:

 

All done, reboot and try and upgrade

 

Tags: , ,

Check and change DNS on all the servers in the domain

Posted by robd on February 19, 2020
DNS, powershell / No Comments

Here’s a brilliant PowerShell scipt to check what the DNS servers are set as accross the domain then change it:

 

 

Tags: ,

Copy Protected by Chetan's WP-Copyprotect.