Archive for the ‘Networking’ Category

Can’t join a Windows 2012 server to a 2003 forest

January 21, 2017

Simple solution but here’s the scenario;

I had to replace a 2003 server with a 2012 server. So the original forest and domain is 2003 (I had to upgrade that from 2000!) but when I tried to promote the 2012 server to a DC it balked with this error;

“A domain controller running 2008 or later could not be located in this domain.”

I did some digging and found that it’s really not stopping you but prompting you to put in a recovery password. Thanks for the intuitive message MS.

So simply type in a recovery password and it will allow you to continue the promotion.

Ref: https://social.technet.microsoft.com/Forums/sharepoint/en-US/87876f09-90e6-4548-bdb6-7b1e525951be/adding-a-windows-2012-dc-to-a-windows-2003-forest?prof=required

Advertisements

Meraki Client VPN woes

January 7, 2017

I just spent two + hours trying to figure this out.

Setting the scene;

L2TP client VPN intermittently working…

Client VPN’s had been working just fine with a mix of Mac and Windows.

Today it might take 10 attempts to connect before it’s successful!


I will get right to the point. The issue was caused by a combination of Meraki having a bug and Comcast’s DNS being terrible.

We had configured our MX device to use Google’s DNS as primary and Comcast as secondary.

Beleive it or not but the problem was caused because of putting Comcast’s DNS in as a secondary. This is bug with Meraki as I said because all the DNS servers are referenced when the VPN is attempting to estabish. If ANY of the DNS servers don’t respond or are very delayed then your VPN won’t work.

The fix? Changed the secondary to Google’s secondary (8.8.4.4) and boom. Works flawlessly.

[Emoji with the rolling eyes]

Stay strong out there 🙂

Computer won’t get an IP address

December 19, 2016

OK so first off this is a VERY unusual post for me because I didn’t figure out the cause of the problem.

What I wanted to do was to save you time (hopefully) in fixing the issue!

To that end, of course try the obvious things like connecting to a different network or using a different adapter (wired vs wireless) but if all else fails, simply run a System Restore to when it WAS working.

If I had taken this advice it would have saved me hours of investigative work 🙂

I’m sorry I don’t have the answer to the problem but this is at least a fix. (or it was for me anyway)

Office files won’t open from a shared drive but DO if copied locally

February 1, 2016

Weird would be a good word here…

Anyway long story short (as always) it was caused by corruption in the OFFICE profile – location found below.

Just rename the office folder – of course making sure you don’t have any office apps open at the time.

  • Rename %APPDATA%\Local\Microsoft\Office to something like Office.old.

Open Word (or Excel, etc.) by it’s self (not loading a file) and then close the application.

Then go open that pesky network file and it should fix it.

 

Access denied from browser to router

January 11, 2016

Browser denies access to router because security has been tightened on most browsers!

Quick and easy work around is to use Firefox and change the config as below;

Open Firefox and go to the about:config page

  • set security.ssl3.dhe_rsa_aes_128_sha = 0(false)
  • set security.ssl3.dhe_rsa_aes_256_sha = 0(false)

Close the browser and reopen (just to be safe) and you should be fine.

VPN’s & DNS riddles

December 9, 2015

So you setup a VPN and it works. Well it kinda works. You connect and can ping but you can’t use DNS right? You can’t ping “remoteserver” but you can ping 192.168.1.10.

Simple… just add the VPN’s DNS sever right? Sure that should work… but it doesn’t does it?

Grrr annoyed you add an entry to the hosts file! WTH? Who uses that anymore anyway? But it STILL doesn’t work!

Ahh forget it. They can just remap their drives using an IP address.

-OR-

Here’s how to fix it! Yay. I finally got tired of this issue and spent some time getting it to work. So before I ramble on any longer here’s the fix;

  • Open properties on your VPN connection.
  • Go to the Networking Tab
  • Bring up TCPIP (v4 – for now)
  • Advanced
  • DNS
  • If you haven’t already, then add your VPN’s LAN DNS server in the first field under “DNS server addresses”
  • In the second field you want to append these DNS suffixes
  • Add in here the FQDN or something like mylocaldomain.local (or what ever your local AD domain is)

Worked for me.

DNS changes in DHCP

December 3, 2015

This is something that might help for future reference. Something I very rarely have to do but would helpful for other people and a good reference.

Specifically changing where your DHCP client points DNS requests to.

  1. Open DHCP Manager
  2. Drill down to the scope
  3. Open Scope Options
  4. double tap DNS Servers
  5. Add your new shiny server and move it to the top of the list
  6. Click OK and you’re done

Setup a guest network with WAP371

September 10, 2015

OK this is going to be a bit of a long one. When I looked around the internet for a guide there was $#@& all so here is how you do it;

  • First you need VLANs. This might be obvious to some but not for all.
  • The default VLAN guest on Cisco stuff is 25, so you may as well just stay with that.
  • First off you need to setup a VLAN on the WAP371.
    • Click on Wireless.
    • Click on Networks.
    • Either choose a Radio for your guest network or setup a new SSID on both/one.
      • For that just click the Add button and name the guest network.
      • Strangely you will then need to tag the network and choose edit. Why it doesn’t go straight into an edit mode I don’t know…
      • Change VLAN from 1 (default) to 25. Give it a name… like Guest, choose your security, blah blah.
      • Click Save
    • So that’s it for your WAP371… now on to your switch/router.
  • I used an SG 200-08P
    • Login to that puppy – default username password is cisco/cisco in case you hadn’t worked that out by now.
    • Click on VLAN Management.
    • It should bring you to a page where there is only 1 VLAN – namely VLAN1 aka Default.
    • Click the Add button.
    • It will popup (turn off your popup blocker if you have one) a page. VLAN ID wants to be…. you guessed it….25.
    • VLAN Name can be anything but let’s stick with Guest for sake of consistency.
    • Now here’s a part that often trips people up. You need to click on Port VLAN Membership.
    • So we want the port that the WAP is connected to but ALSO the router.
      • Say we have the WAP connected to port 2 and the router connected to port 1.
      • Tag the g1 port.
      • Click Edit.
      • Yet another popup.
      • Click on the available 25 but also don’t forget to check the Membership box below.
      • Then you can click on the arrow to add it to the membership.
      • Click Apply.
      • Once it brings you back to the page of ports you should see Membership on port1 now reads 1U and 25T. (the U means untagged and the T means Tagged)
      • Do the same for the g2 port.
    • So that’s that then for the switch. The final part is the router!
  • My router is the RV325. A pretty widely used router for small businesses and one that ticks all the boxes for reliability and function. So far I have no complaints.
    • Again, login to the device.
    • Go to Port Management.
    • Click on VLAN Membership.
    • Now it should have 25 on there already but what you need to do is click Enable right at the top.
    • Click Save.
  • That should be it!

Microsoft LLDP woes

December 22, 2014

One of the stranger problems I have come across.
When I boot up the PC neither Wifi nor Ethernet work. they connect ok but have no IP address.
I ruled out Hardware issues as well as router/DHCP issues so it comes down to Windows and more narrowly to Microsoft LLDP protocol driver.
When I enabled this and disabled it the NIC came back to life. Weird huh? If I reboot the problem comes back…
Anyway as a short term fix I created a script to fix this issue;

Echo off
cd \it\nvspbind
nvspbind “Ethernet” /e ms_lldp
Echo Recalibrating…
ping -n 5 -w 1000 127.0.0.1 > nul
nvspbind “Ethernet” /d ms_lldp

Now you will need to download NVSPBIND from Microsoft to do this but it’s worth it and I can confirm it does work.

Download it here; https://gallery.technet.microsoft.com/Hyper-V-Network-VSP-Bind-cf937850

When you download it, it will give you all the arguments you can add.

My example above is on a network device called Ethernet and I put a little “wait” command in there (which is the ping!) then disabled it again. Also I downloaded NVSPBIND to a folder called c:\IT\NVSPBIND.
This worked like a charm for me.