Cisco Wireless & DHCP

Posted by robd on December 02, 2020
Cisco, Wireless / No Comments

Had a very frustraiting issue recently where our Zebra RF Scanners werent getting DHCP addresses on certain Cisco Access Points.

Only the scanners were not working, everything else seemed fine!

So I checked a heap of things:

Data Rates

Some of RF scanners are OLD, so its important to find out what data rates they require and then match your RF profile.

I suggest you profile the scanner using sometime like a WLANPi first just so you dont have to enable any older data rates.

Or use:

Read more about old data rates here.

Port Config

We run FlexConennect so was every port in a Trunk and did every port have have the correct vlans tags?


Where all the vlans trunked up to the core switch?

DHCP Server

Rebooted it and everything seems fine, lots of DHCP requests from other devices etc.

To be sure I did run wireshark and there were no requests from the scanners while on the “broken” APs.

Debug, Debug, Debug

I then started these debugs and waited forced the client to join again:

So the results showthis:

When it works it looks like this:

DHCP request,

DOT11 Auth

DOT11 Association


DHCP Request


When it doesnt, everything looks good until the end, no ACK from DHCP:

So what does this tell us? The DHCP requests are not getting to the DHCP server.

The Fix

So based on the above, I doubled checked the switches.

Trunks and ports were fine BUT I had missed something!!

Showed me I hadnt actually added the sodding vlan on the switch…… 🙁

Why did other devices work?

Well we use one SSID and Cisco ISE moves RF scanners to a different vlan when they’ve authed. Other devices dont use our special RF scanners VLAN.

The Lesson

Its never Wireless, its always something else!


Tags: , , ,

Site to Site VPN with Azure and a Draytek Router

Posted by robd on October 19, 2020
Azure, Draytek / No Comments


Recently passed my AZ-104 exam (was a good challange).

One of the labs I wanted to setup was a Site to Site VPN and as I had a draytek router kicking about I thought I’d use it.

These are the things you need in Azure:

Local Network Gateway – This is the object that represents my draytek (or site)

Virtual network (vNet) – The network for everything to sit in, in Azure.

Virtual Network Gateway – The frontend of Azure, so the bit the draytek is looking at.

Public IP – For the VPN Gateway

A Azure VM to test with.

The vnet was pretty straight forward, my Azure VM was in here and VPN Gateway.





Now lets configure the Local Network Gateway, basically all you need to do is:

Enter your Drayteks public IP,

In address space enter in the subnet you use at home (or the site your connecting).

Now lets create a connection to the Draytek.

Note here I used IKEv1, thats because my Draytek didnt seem to support v2.

Now make a note of the public IP in the Local Network Gateway overview.

To the Draytek!!!

Enter the following

under IKE pre-shared key I used the key I setup earlier:

Thats it.

Check the Lan to Lan profile to see if its connected.

Now in Azure, try pinging the home network from the Azure VM:



I appreciate this isnt my best blog, sorry (I’m in a rush).

Here’s Microsofts official guide:


Tags: , ,

Work Folder – Clients

Posted by robd on August 10, 2020
Work Folders / No Comments

Did you know you can also defrag local meta.edb files on a client?

Well you can:

Open a CMD prompt or PowerShell and naviate to:
Then Defraggle it:


Tags: , ,

Ghost in the Citrix XenApp

Posted by robd on August 06, 2020
Citrix / No Comments

We’ve had this really frustrating issue for a few months where XenApp applications would launch then if a user closed the app or left it then they would be able open it again.

When you jump of the Citrix XenApp server you’d see the session but in a weird state.

Either like this:

or with the username but just a few processes listed:

  • Citrix Graphics (ctxgfx)

  • Client Server Runtime Process (csrss.exe)

  • Desktop Window Manager (dwm.exe)

  • Windows Logon Application (Winlogin.exe)

  • Windows Logon User Interface Host (LogonUI.exe)

  • EMUser.exe – Ivanti service

The work around workaround is to kill winlogin.exe or loginui.exe or emuser.exe and the session ends.

If we remove DisableLogonUISuppression this problem goes away, but then when launching a published application users see a black screen.

So after doing a million things one of the guys at Ivanti found the issue, the App was taking more than 60,000 Milliseconds to launch so Citrix was shitting itself.

The fix, increase the Citrix policy “application launch wait timeout” in Citrix to 12,000 Milliseconds.

And bobs your uncle.

You’re probably asking, why the hell does an app take more 60,000 Milliseconds  to launch….well, I’m blaming Ivanti personalisation and Chrome.


If that doesnt help then check these out:

Ghost Sessions Haunting Me from Citrix

Tags: , , ,

ODBC Driver Update

Posted by robd on April 23, 2020
powershell, SQL / No Comments


As many of you may know the latest round updates have disabled TLS 1.0 and TLS 1.2

For us that meant either enabling TLS everywhere or using newer methods. Below is a URL to enable:

A much better option is to install MicrosoftÂŽ ODBC Driver 13.1 for SQL Server on the clients:

Then update a whole bunch of ODBC system DSNs.

Thats great but some of our Citrix servers have a lot of system DSNs and I didnt much fancy doing them one by one so here’s some PowerShell to do it for you:



Tags: , , ,

Updating Cisco Prime 3.4 to 3.7

Posted by robd on March 06, 2020
Cisco / No Comments

Well what a fun few days its been.  I’ve been on a mad mission to update our Cisco products, first I did Cisco ISE (I’ll try and blog about that later) and then Cisco Prime.

Here’s the Cisco Prime tac I took:

SSH to Prime

First thing first, backup Prime.  In my case that was on the prime server in the default repo.

Next now ftp the update the file to prime:

next check its there:

Now update:

Oh no ERROR:

You have to open the VM console!!!!!!!

Try again!

Ugh, its full.  Delete the old backups

Try again

Arggggh now what, stop Prime….

Try again:

Now its working!!

Tags: , ,

Vib Error updating ESXi from 6.0 to 6.7

Posted by robd on March 05, 2020
vmware / No Comments

Tried to upgrade ESX on a Cisco server today but kept getting the following today:

missing_dependency_VIBS ERROR. Found=[Qlogic_bootbank_scsi-qla2xxx….. These vibs on the host are missing dependency if you continue to upgrade.

So to fix, put the host in Maintenance mode then check if the device blocking is in use:

In my case it wasnt so bin it off:


All done, reboot and try and upgrade


Tags: , ,

Copy Protected by Chetan's WP-Copyprotect.