I am having a problem with the new Pix. I think it is a minor issue, but I just cant figure it out. I am trying to make a second static VPN tunnel, and the pix keeps telling me the crypto map is not complete. I am doing nothing different from the first tunnel I created but it still wont work. I am going to call Cisco and try to figure out what the deal is.
Hardware
Mini Pix
After some consideration I went out and bought a Cisco Pix 501e. You may be wondering why in the world a person needs one of those. Need may not be the word, but I do have uses for it. In the past 24 hours I have learned more about IKE tunnels than I had in the past 12 months. Allot of what I want it for is work related, but I doubt they will pay for it so I got one.
I want to prove (i know it can be done, but me doing it and having someone say it can be done are two different things) that I can setup a static VPN tunnel securely and allow a VOIP phone to connect to our office. I want to be able to lock down the connection so only the voice traffic we want can go over the VPN. It will work since to my office pix, it is just connecting to another office with a pix. The 501 is exactly the same as the larger 515 but you can only do less. The config and the PDM is all the same.
It is very cool. The only problem I am having is that I cannot initiate a VPN client connection through my pix to another pix somewhere else. We have this problem at work, and I have not been able to find a fix for it. I need to call Cisco about it. It is a pain, but not a show stopper.
I showed jayson what we can do with the personal Pix and he wants one, but he just got a big screen tv so he is not spending anything for a while.
iMac Will Stay, For Now
I have decided to keep the iMac for now. I decided that I do like it, and I do use it. Any other solution won’t be that great right now. So instead of investing more money in something else, I will keep what I have.
I do need another firewire hard drive though. My Lacie 200 Gig drive is running low on space. My other 160 gig drive in my PC only has 8 gigs free. I think I can get another 200 gig firewire drive for around $200. I will wait till after I move to pick it up. I am trying to save this month. So far I am doing ok, but there is several things I need to buy that I am waiting to spend money on.
Allot To Write About
I have allot to write about, but for some reason don’t feel that up to writing today. So here will be a quick recap of the weekend.
I continued to throw stuff out of my apartment in anticipation of my move next month.
I am also getting ready to ebay a bunch of tech stuff I have. I realized that allot of my crap is not worth that much anymore used. So it is easier to just keep it and or give it away.
Had dinner with Carrie, and my grandmother tonight. Morgan also! My grandmother was in to visit my cousin who is sick. She took us to dinner. it was actually pleasant. That is not always the case with my grandmother.
Got a hair cut on Saturday. My regular barber wasn’t there. Not sure what his deal was. His father did my hair. Didn’t do a good job. it is ok, but he didn’t listen to me when I gave him instructions. That may be the last time I go to that place since I am moving. I need to find a new place in the city for next time.
We had an issue with one of our Call Manager Servers Saturday that caused it to fail. The second machine in the cluster took over fine, but we had about 15 seconds of down time while that happened. Kai is working on getting a patch for it. I spent allot of Saturday working on the phone system because of that, and other issues.
The plus side is I did some more work on our IVR. I even setup our own for Support, to prove the concept. An IVR for support is overkill but we had extra 800#’s and it shows that they system can work.
This blog entry was written while listening to Machine Head by Bush
iMac or Not to iMac
I am still pondering the sale of my iMac when I move next month. I can still get a large amount for it, so I keep thinking will I be better served by a different computer? If I do sell it I would need a DVD burner for my powerbook or some other solution. I would also want a larger flat panel screen for my desk at home since I use the 20″ most of the time.
Too many choices. Pondering continues…
Got Rid Of Backups
Several months ago I read that CD-R’s and DVD-R’s won’t last as long as most people orginally thought. The personally recorded disks may only be good for 3-5 years. No one knows. I have been using CD-R’s and more recently DVD-R’s as my only form of backup of my computer data.
I keep everything on the computer now a days so those backup’s are important. Knowing these CD’s “rot” I decided to take all my backups dating back to 1998, and put them back on a hard drive. I then backed up that directory to another hard drive. Drives are cheap so I figure if I keep all my crap on 2 drives I will be safe from problems. Or so I hope. I took some of the really old backups and destroyed the CD’s. I still have my recent DVD’s of backup’s for 2002-2004, but older stuff is getting destroyed since I don’t really need the CD’s with them back on disk. I use a Lacie firewire drive with 200 gig of storage space.
I also decided to buy a new Firewire drive every year for backup’s of crap. I realized that I bought my 200-gig drive less than a year ago and I have only like 50-gig’s left. It is cheaper to buy a new drive than to worry about removing crap off the existing one when it gets filled up.
I still have some more archiving to do, but I am getting things cleaned up virtually and physically before I start packing to move!
Still Building My Laptop
Sunday I got the OS back on my Thinkpad. Today was spent getting all the other applications on it. Throughout the day I had people come and ask for stuff. I would say, dam I need to install that. I would spend the next 20 minutes doing an install to get 5 seconds of information for someone. Hopefully this will be done soon so I can resume my normal work schedule routine.
Most importantly I still need to put on the VPN and Wireless software on the laptop, so I can be remote when I am in Kingston tomorrow. That is on my agenda for first thing Tuesday.
Product Recovery
I finally gave into the desire. I just got finished backing up all (i hope) of my data on my IBM Thinkpad T-40. As I write this I am running the IBM rapid restore function. Basically a hidden partition on the hard drive has all the settings and software that the machine had when it was bought. I am just returning it to the factory fresh setup.
I do this every once and a while. I may have done it once or twice before on this particular machine and I have only had it for 11 months. When I had more free time I would do this almost every 2-3 months. Now I don’t have the time, so it is a big pain in the ass to do, but it does wonders for the performance of the box.
I was having issues with the machine freezing up and then begin to work again after 30 seconds or so. I also realized how much crap I had accumulated on the machine. Now I am going to put Windows XP (pro), all the security patches and a few other pieces of software. Everything else I need I will put in a VMWare Virtual Machine. I will put VMWare workstation 4.5 on my machine. I just downloaded the free upgrade from 4.0. I want to keep this laptop as clean as possible. I know deep down that it will never happen in reality, but at least I will try.
I will spend the next week installing the main pieces of software I will need. I will spend the next month after that installing other miscellaneous pieces of software until I am finally happy with the setup.
Whenever I do this I always hope I remembered to back everything up. I almost always forget something. Sometimes important stuff, but usually something stupid, that will just take me time to get again, or I say goodbye forever to it.
Project And Other Servers
Gus is getting me to start using project server. I got my account today, and I hope to add my quarterly project plan in a few days. it looks cool, but we need to get everyone to use it.
I got the RAID card in for the new machine we will build Subversion on. lets hope that Promise didn’t lie when they said this card supports Suse 9.0. I need to build that with Danny sometime in the next week or so. I then need a new box for Nagios. Danny (who is now our resident Linux expert besides Gus) is saying that Subversion and Nagios may be too CPU intensive to put on the same low end box. We will evaluate the situation and make a decision. We are using a Penguin Computing 1U server we picked up last September. They make decent low end box’s for linux. We are modifying the one of the 2 we have for use with this app.
Remote Agents And Terminal Server
While I was awake and not sleeping last night, I thought about my remote agent design issues. Currently we have schematics of different electronic and home appliance parts on CD’s we use to look up stuff. The problem is they take up a huge amount of drive space. We get updates every month that need to be added to the existing data. This is fine when a computer is on our network, we just run the update from our file server. What do you do when you have remote computers over a VPN WAN link trying to get the same update? Pushing out 500 megs to 2 users is possible, but what about 20, or 200? It becomes unfeasible due to bandwidth limitations.
One option is to not give the remote agents this software, but they rely on it. My thoughts then turned to Terminal Services. What if all the updates are on the central server, and users just connected to the server via terminal services. That way I don’t have to worry about anything on the local machine except for an IP address and terminal client working.
This is contingent on our phone control software working with Terminal Services. I believe it does, but an answer to that question is easy enough to get.
The next problem is cisco soft phone. I doubt it would work through terminal services. We may need to go with a physical cisco IP phone at a person’s house. It adds cost per user, but it may be necessary. Also going with a hardware VPN solution is looking better than a software solution. If anything goes wrong with the remote computer we would be responsible to manage it. We cannot troubleshoot software issues like vpn over the phone, and we are not equipped to send someone onsite to fix problems like that.
A hardware VPN device that we can remote into and verify it is working, along with terminal services is looking like a good solution. it is not the cheapest but maybe the most feasible. We would require someone to have their own computer, and all they would need to put on it is terminal client. That takes 5 minutes to setup. Wire up a VPN router from cisco or linksys plug in a phone and they are up and running.
Now all I have to do is sell everyone on the solution and make sure it works from a technical standpoint.