Enable SNMP Traps on a VMware ESX 5.1 + Physical Host

Posted by & filed under VMware ESX.

LOGO1

I reinstalled my VMware ESX servers the other month and haven’t got around to setting the SNMP traps back up for Observium to use so I thought I’d make a quick article to show how it is done (as I had to look it up again).

1. Log into the console or shell to the box

2. Run the following command to set the trap name (Replace TRAPNAME with the community name you use)

2. Enable the trap

3. Log into vSphere

4. Select the host

5. Select the configuration tab

6. Select Software -> Security Profile

7. Under Firewall, click properties

8. Find the SNMP Server under labelVMware ESX SNMP Server 1

9. Go into the options of the service

10. Change to “Start and stop with host”

11. Click on StartVMware ESX SNMP Server 2

 

Your traps should now be working

Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you like what you have read, please share it on your favourite social media medium.

 

Installing Piwik for Website Visitor Tracking on Apache

Posted by & filed under Piwik.

piwik_logo

 

Okay so I have been using Piwik for about a year now and find it to be  flawless so I thought I’d do a write up about it.

From the Piwik website: Piwik is the leading open source web analytics platform that give s you valuable insights into your website’s visitors, your marketing campaigns and much more, so you can optimize your strategy and online experience of your visitors.

Installing

Assumptions

This is assuming the following is already configured:

  • A valid public domain
  • The said public domain has A records pointing to a publicly visible Apache web server
  • The said Apache web server has a valid vhost configuration for said domain
  • The said Apache web server has PHP 5.5 or greater installed and working
  • The said Apache server has internet access to download files
  • The said web server has mySQL installed and configured correctly

Configuring Apache

Create a directing for the Piwik install, I will be using example.com as an example domain

Download Piwik

Install Unzip (if not installed)

Unzip the contents of the zip file

Change ownership and permissions

Configuring mySQL

Note1: Do not use the “mysql>” at the beginning of the command, that is just to indicate you are in mysql command prompt.

Note2: mySQL commands require a “;” at the end of the command

Log into mySQL

Create  a new database

Use the database

Create a user

Grant permissions for the piwik account to the piwik database (don’t use password123)

Finish Install

Browse to the Piwik installation using your browser (I am using example.com)Piwik Install Step 1

 

Select “Next”

 

Make sure everything has green ticks next to them and click “Next”Piwik Install Step 2

Leave the database server as 127.0.0.1

Type in the username

Type in the password

Type in the database name

Select PDO/MYSQL

Click “Next”

Piwik Install Step 3

 

Ensure tables are created and click “Next”Piwik Install Step 4

Type in the desired admin login name, password and email address and press “Next”Piwik Install Step 5

Type in the website name, URL, time zone and whether or not it is a ecommerce site or not and then press “Next”

Piwik Install Step 6

 

Take a copy of the Javascript tracking code and select “Next”Piwik Install Step 7

 

Click on “Continue to Piwik” to continuePiwik Install Step 8

 

If prompted, upgrade databasePiwik Install Step 9

 

I recommend donating using the secure PayPal feature, select “Continue to Piwik”Piwik Install Step 10

Sign in to start using PiwikPiwik_Sign_In

Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you like what you have read, please share it on your favourite social media medium.

Apple Mac Native VPN Drops Cisco IPSec VPN Connections

Posted by & filed under MacOS X.

apple_logo

When using the Mac OS X (currently 10.9.4) native VPN client to connect over VPN to a Cisco device you might find it disconnects every 45 to 60 minutes without any warning and no attempt to redial to the VPN server. If you are like me and have a lot of sessions running, reconnecting them all again can be a real pain and that’s not even considering the transfers that also terminate and have to be restarted.

I was surprised to find this has been a “bug” for a while now, there does seem to be a fix but it’s designed for people that know Linux somewhat..

Here is how I solved the problem:

1. Connect to the VPN (this generates a file)

2. Copy the generated conf file to /etc/racoon

3. Edit the racoon file (I’m using vi but you could use vim or nano)

4. At the end of the file comment out the following line:

It should look like this:

5. Add the following line (Change 1.2.3.4 to the IP address of your VPN server)

Save and close

6. Edit the following file /etc/racoon/1.2.3.4.conf (change 1.2.3.4 to the ip address of your VPN server)

7. Disable dead peer detection by changing the value to “0”:

8. Change proposal check from “obey” to “claim”

9. Change the proposed lifetime in each proposal from 3600 to 86400 (24 hours):

Note: Change them all, not just one!

10. Disconnect and reconnect

Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you like what you have read, please share it on your favourite social media medium.

Set up Apache as a reverse proxy using mod_proxy

Posted by & filed under Apache.

linux-logo-300x300

Okay so I love Apache and at every chance I will use it over Microsoft IIS or any other web serving service, unless a specific application is only written for Microsoft IIS – such as (Citrix Web Interface) !!

So in the case of only having one public IP and Citrix Web Interface behind it but wanting to host on Apache, I had to set up an Apache box to proxy all traffic for a certain domain name to the IIS box. Did I explain that well, probably not, … lets draw a picture!

Apache mod_proxy

 

Apache mod_proxy

mod_proxy is the Apache module for redirecting web pages, it isn’t just one module but rather a collection of them:

  • mod_proxy
  • modproxyhttp
  • modproxyftp
  • modproxyconnect
  • modproxyajp
  • modproxywstunnel
  • modproxywstunnel
  • modproxybalancer
  • mod_cache
  • mod_headers
  • mod_deflate

Installing Apache mod_proxy

This assumes you have Apache installed and running, if not just run the following to install:

Install Essential Build Tools

The package is required to install from source code

Install Module and Dependancies

Activating the Modules

We need to enable the necessary modules before configuring Apache, to check to see what modules are available, run the following:

Input the following modules to load:

proxy proxy_ajp proxy_http rewrite deflate headers proxy_balancer proxy_connect proxy_htmla2enmod

 

Restart Apache

Configuring Apache vHosts for mod_proxy

In this example I will be using “citrix.example.com” to a webserver at 192.168.0.11 as a domain and IP to get mod_proxy to redirect to, you will need to change this to suit your needs.

Create a vhost

Copy and paste the following into the conf file

Save and quit (:wq)

Enable Site

Enable the site by running the following:

Restart Apache

Finally, restart Apache web server

Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you like what you have read, please share it on your favourite social media medium.

Using a Cisco router with Telstra FTTH Velocity Service

Posted by & filed under Cisco.

800px-Cisco_logo.svg

I recently got fibre to the home (FTTH) or as some other people like to call fibre to the premise (FTTP) thanks to Telstra and their Velocity service. Now is is quite straight forward, someone comes out and connect activates the ONT unit. In my case the fibre is terminated at the ONT unit and then patched to the lounge courtesy of CAT5E running into every room in the apartment. From there I was able to patch from the lounge straight to bedroom 1 (b1) and from there to the router (it sounds complicated but its not). Now from my learnings there are two ways to connect, both requiring PPPOE authentication, you can either set up a new connection on a Windows 7 machine (or other flavours of Windows) and create a PPPOE dialer or you can connect a PPPOE capable router and pass credentials that way.

Telstra Fibre Router

Why am I writing this post you ask…. well it has to do with the learnings I stumbled upon while connecting my Cisco 1801 series router and wish to share my experiences, even if they are not the same as yours you might find this useful in troubleshooting your own connection.

I’m not sure about the Australian National Broadband Network (NBN) connection but could have some relevancy to this >>

Telstra OTP

Turn on terminal monitor

Turn on ppp debugging (this will show you when the dialer is trying to auth)

First off, you don’t need the ATM interface if you have a config already set up for DSL so first thing is to disable the ATM interface

You will need a dialer interface, I have mine set up as “Dialer0” with the following (using CHAP)

Note “dialer-group 1”

Now we have to assign the Dialer0 to the interface, depending on your Cisco product and IOS version is dependant on what you do here but for me I had to create a vlan and assign the vlan to the layer 2 interface (FastEthernet8) in my case.

If you don’t have the vlan 999 created, it will create it for you (it doesn’t need to be vlan 999 but any number you aren’t using).

Now you have to enable pppoe and assign the dialer pool number in the vlan (note my dialer pool number is 1) and assign as a outside natting interface.

Check your interfaces to see if it is connected

A more complete configuration example would be the following:

NOTE: This is for a Cisco router that has eight ports, you will need to add/remove depending on physical ethernet ports.

Change the following for your own circumstances:

  • PPP CHAP username and password
  • Type and amount of Ethernet ports, could be only two or four ports and maybe Gigabit Ethernet instead (GigabitEthernet).

You should be able to add your nats and anything else you require for your inside LAN, I added some alias but you don’t need them.

Should you have any questions, comments or suggestions, please don’t hesitate to comment below. If you like what you have read, please share it on your favourite social media medium.