I recently worked on a site-to-site VPN tunnel between a Meraki MX and a virtual Fortigate appliance in Azure. No matter what I did I could not get the tunnel up despite confirming the phase 1/2 and PSK settings multiple times. A few tricks I learned along the way that got me there: Even when you do all of that, it will not work. The missing piece was: The Fortigate sends the Local ID as…
I recently setup a few AVD pools for internal and customer use. I was running into an issue where OneDrive login would not persist across logins. After every sign in to the session host I had to re-authenticate. Then I built another pool that was even worse – Office activation wouldn’t stick either. If you have ever gone done the Google rabbit hole of WAM, ADAL, Office Shared Computer Activation, License Token roaming and so…
While working on a client’s Azure subscription(s) I found that my CSP privs weren’t giving me owner permissions through Partner Center. This was due to the fact that the client had multiple subscriptions and only one of them was created by my firm through Partner Centers. The other was a retail, Azure Plan sub. I wanted to have the engineers in my firm admin the subscription with their partner tenant account rather than an in-tenant…
TL;DR – The sysdig utility can help you find the process sending ARP requests. I recently ran into a problem with my “core” server. Its a trusty little Ubuntu 22.04.1 box that wears a lot of hats. In order to combine all of the functions it requires it has some more exotic network setups such as client VPNs, policy based routing, IPv6 an multiple wired and wireless interfaces. Linux is incredibly powerful but sometimes getting…
Background I’ve been an IT infrastructure engineer for more than 20 years. Cut my teeth in the early days of campus L3 switching. I was lucky enough to have one of my first jobs at a public educational institution that owned a PI Class-B. Those were heady days. Like so many others out there, I looked at IPv6 as something I could hopefully avoid until retirement. The inability to reel off an entire IP subnetting…