After somehow* losing the VHD for my Sophos UTM install on my home Hyper-V server I needed to reinstall and restore my config from backup. However, the only installation media I had downloaded was from when I initially moved from Tomato over to Sophos, which was several years ago. This meant that the UTM needed to download over 3.5GB of updates in order to get back to a version which I could restore the config to. The root partition of the UTM is only 5GB, and the base install is about 3GB itself, so the updater craps out saying there’s not enough space to unpack the updates.
Continue reading Sophos UTM 9: Up2Date failed: Not enough free space
Going through my site-stats, and list of common referrers I found a few neat things, the first is that Google provides about 98% of my traffic. That wasn’t surprising, but I’m interested in the following two referrers, which are rather frequent, and are not public websites.
Continue reading Things that make me happy…
I have a VPN setup from my router to work so that I don’t have to dial one up when I need to get to some server from home. However, I also live in Canada and want to be able to purchase stuff from Google Play that I can’t get here, namely music, and be able to get US Netflix, Amazon Prime bonuses, etc. So I needed to set up a second PPTP VPN, since the US endpoint I have access to is a Windows server with RRAS. Unfortunately, the GUI doesn’t support two PPTP VPNs, so I had to figure out how to script it. Continue reading Configure Multiple PPTP VPNs on Tomato Based Router
SSL Certificates are expensive, and most CAs aren’t that respectable anyhow, so why are we all using their certificates to prove we trust each other? I figure you’re here for one of two reasons. You’re either my friend and got here accidentally or you’re looking for computer advice; you either trust me because we’re friends, or you trust me enough to make your computer work better.
Continue reading Why I’m a CA and you can too…
I wanted to install a cert on my router so that I could stop getting shit for not trusting it when I log in. However, installing the cert on every device that I access it with. Since I’ve got all my computers on a domain, I can just install the CA role on my DC, so I don’t need to fuck around with an untrusted CA like StartCom who offer free certs, but still require you to install the CA chain, or buy a ridiculously overpriced cert from some random CA.
Continue reading Generate Certificate for TomatoUSB from Active Directory CA
The insecure content warning some of you may be seeing is because the new version of Disqus, the comment system, has some issues with SSL. Awesome. I’ve got a support request open, as soon as I figure out what the issue was I’ll try to figure a way to get it to work without them.
Continue reading Insecure Content warning
I wanted to set one of the NICs on my OI box to have a static since it’s got a direct connection to my ESX box, bypassing any switches, and directly linked to a VM on that machine. I routinely transfer large chunks of data (1-20GB files) from that VM to my OI box, so I wanted to completely move that off of my main network. The VM is a Windows box, and I have the NIC set statically to 192.168.20.1/30 and wanted to set the OI box to .2. However, I couldn’t find a simple way to do it with ifconfig, and everything I found suggested disabling the NWAM service and switching to the old way of doing things, which is bad. Apparently.
Continue reading Static IP on multiple NICs in OpenIndiana with NWAM
I’m not a fan of SonicWall or Juniper networking gear, because I find them to be needlessly complex and overpriced for their functionality. Due to this lack of appreciation, I’m not familiar with them because I’ve focused more on other platforms. My distaste for those devices was heightened recently when I was flown to a client’s office because their old firewall had just decided it would no longer pass network traffic. I got there a little after midnight and met the client who had been waiting around since about 5:00. I wanted to get the internet and remote management up and running as quick as possible so that we could let the client go home. Then I’d just finish off the configuration from my hotel. Continue reading Something to be said for simplicity…