Monday, August 27, 2012

UBUNTU: IPTABLES

Reference site:
https://help.ubuntu.com/community/IptablesHowTo

Basic Commands

Typing
sudo iptables -L -t nat
lists your current nat rules in iptables. If you have just set up your server, you will have no rules, and you should see

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Basic Iptables Options
Typing
sudo iptables man
lists the iptables manual

CASE: Redirect port 443 to port 8443 not working
CAUSED: IP server change, server reboot.

Solution:

    1. To reset iptables
      # iptables -L -t nat    to list nat rules
      # iptables -t nat -F    to flush nat  
      # iptables -L -t nat   after flush list nat will empty
    2. Run iptables command
      iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination server_local_ip:8443
    3. Check back the nat list.
      # iptables -L -t nat
      It will show like this:
      Chain PREROUTING (policy ACCEPT)target     prot opt source               destination
      DNAT       tcp  --  anywhere             anywhere             tcp dpt:https to:Server_IP:8443
    4. Test run the https site without port 8443.
      https://sso.domain.com:8443  become   https://sso.domain.com
    5. Save iptables rule in firewall.conf
      # iptables-save > /etc/firewall.conf
    6. Check the rule save or not in firewal# more /etc/firewall.conf
      **Make sure the date is current date:
       
      # Generated by iptables-save v1.4.12 on Mon Aug 27 07:58:04 2012
    7. Reboot server
    8. Test to run the https site again.
      https://sso.domain.com

    9. Finish.

    Friday, August 3, 2012

    Windows 2008: CRM Server Problem - No internet connection after electrical failure shutdown

    Case: CRM Server - Cannot remote & No internet connection after electrical failure shutdown

    Study case:
    One of the components of the Internet connection on your computer is a built-in set of instructions called TCP/IP. TCP/IP can sometimes become damaged or corrupted. If you cannot connect to the Internet and you have tried all other methods to resolve the problem, TCP/IP might be causing it.

    Because TCP/IP is a core component of Windows, you cannot remove it. However, you can reset TCP/IP to its original state by using the NetShell utility (netsh). 


    Recommended solutions:
    1. Logged on to the computer as an administrator.
    2. Type cmd in the Start Search
    3. Type netsh winsock reset at the command prompt, and then press ENTER.
      >
      netsh winsock reset
      *Note If the command is typed incorrectly, you will receive an error message. Type the command again. When the command is completed successfully, a confirmation appears, followed by a new command prompt. Then, go to step 3.
    4. Type exit, and then press ENTER.

    Wednesday, August 1, 2012

    VMWare Server: Cloning a virtual machine in vSphere fails with the error Number of virtual devices exceeds the maximum for a given controller

    I just happen to clone one new virtual server, but unluckily got this error.
    Cloning fails at approximately 90% on the vSphere client with an error message:
     
    Number of virtual devices exceeds the maximum for a given controller


    Solution:
    This issue occurs when the following check box is selected as a cloning option in vCenter 4.0 and vCenter 4.0 Update 1:

    Edit Virtual hardware (Experimental) To resolve this issue, clone the virtual machine again, without selecting the Edit Virtual hardware (Experimental)option.
     
    .