SRE, VMware Virtualization, vSphere, vCD, ESX, Configuration Management, Microsoft AD, Security, Networking, and about anything else..
Saturday, May 30, 2009
ESX 4 HA Errors
Enabling HA gave the error:
"Cannot complete the configuration of HA agent on the host. See the task for details for addional information. Misconfiguration in the host network setup."
After poking around for a while, I realized that one host had a bad Default Gateway (off my 1) setup. After correcting that, HA works like a champ.
I did also fix the fact that one of my /etc/hosts files had my VMOTION service console IP and not the correct primary SC IP.
But its all good new..
ESX 4 is really nice..
ISA 2006 Firewall Service won't start
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7001
Time: 10:19:44 AM
The Microsoft Firewall service depends on the MSSQL$MSFW service which failed to start because of the following error:
The operation completed successfully.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
and when i try to start Microsoft Firewall service it says: " Could not start the Microsoft Firewall service on Local Computer.
Error 1068: The dependency service or group failed to start."
also the other automatic service on which Microsoft Firewall service is dependant is stopped and when i try to start that service it says "The MSSQL$MSFW service on Local Computer started and then stopped. Some services stop automatically if they have no work to do, for example, the Performance Logs and Alerts service."
Following these articles
they say there is a problem writing to the logs, and that's why I can't start the service. After changing the logging types, and many other changes, the final fix was to do as others had said. Export your ISA config, uninstall and reinstall ISA, and blamo, everything works again.
Thursday, May 21, 2009
Things I needed to Deploy SSTP (windows 2008 HTTPS/SSL VPN)
Step-by-Step Guide: Deploying SSTP Remote Access
Do you want to change the certificate used by the SSTP server - Read how
Getting Certificate from third party Certificate Authorities for SSTP
Publishing SSTP based VPN server using ISA2006 Firewall
Registry entries that Routing and Remote Access adds in Windows Server 2008
How to debug SSTP specific connection failures
I’ll fill in some more blanks one I feel more comfortable with it.
However i’ll say so far MAKE SURE to open port 443 on your 2008 VPN server or this won’t work.
Wednesday, May 20, 2009
How to find and kill a hung VM on ESX 3.5
First you must find the PID
ps auxfww | grep Name_of_the_VM
Then kill it
Stop Soft Technique:
# vmware-cmd /path/to/config/file.vmx stop soft
Stop Hard Technique:
# vmware-cmd /path/to/config/file.vmx stop hard
# kill <pid>
If the above doesn't work you may need to issue a kill –9
# kill -9 <pid>
Thanks to This article I used to get my information.
Tuesday, May 19, 2009
Issues using ISA 2006 for a back firewall
For some reason after reinstalling ISA 2006 as a back firewall, you can’t reach some machines on the DMZ network. Without a long discussion for the routing reasons for this, The solution is to modify the ISA back firewall in order to disable the proxy on it.
To disable the Web Proxy filter for HTTP, do the following:
- In ISA Server Management, click the Firewall Policy node.
- On the Toolbox tab, click Protocols.
- Expand All Protocols, right-click HTTP, and then click Properties.
- Click the Parameters tab, and in Application Filters, clear Web Proxy Filter. Then click OK.
- Click Apply to update the firewall policy.
Tuesday, May 12, 2009
Really awesome new stuff in Windows 7
Problem Steps Recorder