Blog Posts

Slow Wireguard throughput on OPNsense 24.1.6

I’m working on a topology that I will explain in a future post where I have multiple site-to-site VPN with multiple locations with full redundancy. I’ve switched recently from EdgeRouter to FortiGateVM + OPNsense, both redundancy. The main problem I faced was bad performance of OPNsense under ESXi but also slow wireguard throughput. Slow Wireguard throughput has been fixed after I discovered this post. It looks like this has been related to the kernel version 14+ that is only available

Continue Reading

How to change ESXi 8.0 System Storage size

Since I was working to build a lab for doing Fortinet certification, I was why not tot try out directly ESXi 8.0 ? Since before I was using ESXi6.7.Installed first time, discovered a nice UI but then I discovered I have only half of my disk space. It looks like you can only fix this by editing the boot.cfg process at the installation by adding at end autoPartitionOSDataSize=8192. Later on is not possible.

Fixing: The capture session could not be initiated on interface” (You don’t have permission to capture on that device)

After I tried to run Wireshark on my M1 Macbook Pro, I found out i cannot use internal interfaces from the docking station because of ? no permission. I tried to do the recommandation and install the app they recommend but without sucess. Current i’m running Ventura 13.1. This has been upgraded with the Wireshark running on the older version, probably this broke some permission. After a little bit of google, I found the solution. The solution would be to

Continue Reading

Ubiquiti EdgeRouter POE 5 re-flash

After a power outage, we discovered that we lost internet connection to one of the best home use router, ubiquti edgerouter. This model was POE 5. Decided to bring a ER-5 but I had a console with me and I want to see what is going on behind. Looks like there is actually a flashdrive from where the device is booting and…the files are corrupted. Because I didn’t had any usb flash drive, small enough for that USB, I tried

Continue Reading

ssh radius authentication as a client for Linux

Because I had a radius server ready with a group and secret present, was more easy for me if I can acomplish to have some linux machines to authenticate clients via the same radius server. Looks like it was not that easy that I was thinking. I tried multiple options like this and this but I failed. Digging online, I found a solution and a workaround and I think it make sense to share this here. A very old unsupported

Continue Reading

SNMPtrap logrotate

I worked this days to troubleshoot why our monitoring tool hardrive gets full very fast. Looks like that service snmptrapd that collects snmp traps is using all the space.Here is my logrotate script to fix it. The trick is that you need to use logrotate to restart the service at every “cleaninig” root@hostname:$ cat /etc/logrotate.d/snmptrapd/var/log/snmptrap/*.log {hourlymissingokrotate 24delaycompressnotifemptycompresspostrotate/bin/systemctl restart snmptrapd.service > /dev/null 2>/dev/null || trueendscript}

Octagon sf8008 automatic buttons pressed

If you have a Octagon sf8008 at home for satelite or cable receiver and you discovered similar to someone  is using remote control even if not ? Yeah, the issue is related to a driver.  Quick fix: mv /lib/modules/4.4.35/extra/hisi_keys.ko /lib/modules/4.4.35/extra/hisi_keys.ko.bakshutdown -r now And now everything should work fine. Credits for this here.

How to get LLDP info details from vSwitch UPLINKS

LLDP is a standard almost everywhere, unlike CDP that is mostly used only on Cisco devices.  From time to time I had to troubleshoot issues where is a ESXi (or ESX) server connected and if all the vlans are tagged correctly. Sometimes documentation is not accurate so we had to find where is connected based on some MAC addresses and other ways. We know that VMware can receive LLDP uplinks information but they are “available” by default only for VDS

Continue Reading

Ansible ssh-dss workaround for AOS6

These days as was fighting with configuration of multiple AOS6 and AOS8 switches using Ansible and I discovered that for old versions of AOS6, this doesn’t work because of the encryption limitation of the python. Error that I had: As a workaround I had to edit: And find those two lines: And replace them with: Don’t need to reload any services, just works after. Source.

Snmp “extend” to OpenWrt Meraki MR33

I discovered recently that Librenms is capable to “handle” and show wifi sensors and because i had a OpenWrt AP running i tried to have it running but… It wasn’t running as it was described. Here i would like to explain what i did to make it running.Two issues that are not discribed in the documentation: Librenms don’t have MIB or snmp-mibs. OpenWrt had a bug that doesn’t have “extend’ feature enabled in my running SNMP application. For problem number

Continue Reading

Site Footer