Saturday, November 15, 2008

New Zealand Election 2008

Well it's over and we look to be the better for it.

Gone are the socialist (bordering on communist) Labour people.  Helen "I don't really have a family but I'll tell you how to run yours" Clark and more importantly Michael "I'm so smug and you depend on me for everything and I know it" Cullen.  Their arrogance, social engineering, policies of excess and demotivation hopefully will be replaced by something more positive.  They both resigned on the night and good riddance to them.  People keep saying how wonderful Helen was.  I say crap.  She was a professional politician. You need to do more before entering parliament.  You need some real world behind you.

So we have centre government still but one that may do some good. ACT from the right and Maori somewhat from the left seem to share a few views.  Stop beneficiary dependency seems to be a big one.  For different reasons both sides want this fixed.  Labour managed to make the middle class in NZ beneficiaries with their working for families program. Let me explain how this works:  you pay tax and then you request some back depending on how many children you have and the bureaucracy takes a cut.  How about not encouraging people to have too many children and giving a tax cut instead? Easy to work out, easier to manage and better for the environment... I have little time for green propaganda and the simplest way to keep the planet under control is to have less demands on it.

If both sides want to work on the benefit dependancy trap then we should get some progress.  Here about three quarters of crime is associated with beneficiaries. Simplistic I know but even cut that in half the police can get on to the real work. There's another huge failing of the PC.  Anyone can become a policeperson (sic) so you have lots of arrogant young people with a uniform.  Great.  Bring back the tough entry conditions.  Bring back the respected policeman that nipped petty crime before it got to more. Ahh nostalgia. Anyway get people motivated, get them doing something with their lives and contributing and busy.

One last point:  ACT don't turn into the thing your campaigned against.  Rodney Hide has already pissed off a lot of people playing the power trip card.  Pull your head in and get on with it. Winston Hide is a bad label.

Monday, September 22, 2008

OSX server (Postfix) and certificates...

Well, we got a certificate from Thawte for this site and it worked fine for https and imaps but kept failing for smtps.

The log kept saying can't read the .crt file in /etc/certificates/.  

Not a permissions problem. So I tried converting the file to pem etc but still no joy.

In the end the problem was the .key file which is des encrypted.  So to get OSX server to work with smtps (and possible other postfix installs) you need to leave the key exposed and remove the passkey and encryption.

openssl rsa -infile file.key -outfile outfile.key

will remove the des encryption but you need to make the permissions tight, tight, tight on that file.

Hope this saves someone some time...


Monday, September 8, 2008

PIX PPTP problems

I've run into a few problems with PPTP on PIX over the years.

I got one sorted today so figured I'd share the love.

We switched from a direct ethernet connection to being behind DSL router and NATing everything.

For some reason PPTP stopped and gave the error...

GRE request discarded from my.ip.add.ress to outside:x.x.x.x

The TCP 1723 part was fine but the GRE was now broken. After some debugging and testing it seems the change from direct to NATted we need the

fixup protocol pptp 1723

command. Once this was in it all worked fine again.

Wednesday, August 20, 2008

Linksys SGE2000P review

I got a couple of these to set up for a new site and thought I'd share my experience.

The good: Everyone that passed my desk stopped and looked at them and said how nice they looked. High praise for a piece of network equipment. However with their piano black front panel people just want to touch them and leave finger prints on them :-)

The stackable management is great. Hot plug add and subtract from the stack and it picks them up and you can manage them from one web interface on 1 IP address.

The bad: the link between them is not all that flash. You have two cables plugged into Gig ports 12 and 24 to make a ring. I've only ever seen one flash so I'm not sure you even get 2GB bandwidth between the switches. Disappointing.

You can't do teaming across switches. Then again these ain't no 3750s baby.

The ugly: they don't save the config between resets! You can copy the running config to a tftp file and then copy that to the startup config. Or log in using the serial console and copy the running to the start but I couldn't find it in the web interface.

Linksys support. I said bad things about Cisco previously. I think I've just been spoiled by them up til now. I emailed Linksys with a question on the stack link and bandwidth. Beyond the robot reply, no answer.

I called support and asked about the config not saving. I was booked a call back an hour later and that was 2 days ago.

So these are good switches. They sped up the network they were installed in but if you want the best still the Cisco 3750s are the ones to go with. They cost more but they are just nicer. If you want something to stack up were people will see them and speed and resiliancy isn't too import these may be your babies.

Update:  seems the config has to be saved manually now unlike previous Linksys gear.  So they do save the config as long as you tell it to but it's hidden away in the copy file menu rather than having a nice save config button on the main screen so you don't forget!

Thursday, August 14, 2008

It's the putting right that counts...

First I should apologise. I was having a bad/sick/grumpy day and should not have been near a keyboard. I need to think carefully before lining someone up with both barrels. The folks at Ingram Micro (New Zealand) did not deserve to be slighted.

I didn't think anyone read the irate rantings of bloggers unless you were famous...

Anyway after speaking to the nice folks they have bent over backwards to put things right. They have been phenomenal given that I didn't say very nice things about them. So I need to thank them and hopefully the world will be a happier place. Plus I need to get someone some nice bottles of wine...

So thank you again guys for the help and the moral of the story is blogs are not diaries. No matter how obscure you think you are, someone is watching. Like network security really...

So I promise to shift plenty of UC boxes once I've done the training and the exams.

Tuesday, August 12, 2008

Where has Cisco gone wrong?

Following up on the stuff that pisses me off post comes this..

I recently contacted Ingram Micro, the New Zealand distributor for Cisco, to get a not for resale VoIP phone system to play with and get some hands on experience with.

After two weeks I have given up.  The Ingram staff and the Cisco account manager are useless.  They've either ignored my emails or palmed me off.  

Cisco used to be good stuff.  You paid a premium but got good product and great support.  These days it seems they still make reasonable product but the support has gone downhill.

I also have a TAC case open for what seems like a simple IOS software change which has been open for weeks.  I've run into problems with IOS erasing flash, firewall inspection problems with SMTP, FTP.  It's just all gone wrong.

Ah well looks like I'm back onto Asterisk to get my VoIP hands on. What's happening in the world?

Monday, July 14, 2008

Stuff that pisses me off

Start with a big one I figure.

Hmmm..today it would be vodafone. They cock up everything they touch it seems here in New Zealand. My phone doesn't make outbound calls due to me not paying a bill but wait I paid that last week... Our ISP at home used to be great until it go bought by vodafone and now is arrogant and awful to deal with and have crap plans.

LJ Hooker...well real estate agents in general. Lips are moving ergo they're lying.

The biggest one the people that run our country. Too big a topic to cover really. We're governed by the most PC, feminazi, anti man, anti family, anti business.. I could do this all night.

We have a nice country. Fun to live in. Not bad people. However if you try and get ahead you will be dragged back into the lump of the masses. If you are a looser you will be sucked back in and given anything you need. We live in a nation of little of no consequences for your actions. Hell, if you're under 16 you can get away with almost anything but murder and you get a family conference which is unenforceable.

There is no incentive to better your self. State health care means no incentive to keep healthy. State ACC (cross between health and life insurance) so make up an injury and the state pays for your care. Families are better off in many ways separating. Our biggest destroyer of families is a thing called the domestic purposes benefit. You can leave you partner and take the children and you get paid better than a job. Get your partner in on it (you don't have to name the parents of your children) and you're made. The family court system is amazingly one sided and blind to the real world. No.. people don't make up domestic violence accusations as an opening attack...never.

I feel a bit better now. vodafone can still kiss my big pink baboon ass though. smacktards...

I want to live in Australia. Their government seems to have balls to do what is right rather than PC. They have tax rates we can only dream of and people get paid sensible amounts.

They still have vodafone but I can avoid them over there...

On a positive note. The children love me... that makes it worthwhile..

Oh..and Alan Parsons has released remastered albums...mmmm.. Alan Parsons..