|
Thanks Ants posted:I must be going crazy since I thought Xerox had a /8 to themselves, but it's not showing up on that list. They used to. They sold off a huge chunk for a few million bucks, iirc.
|
#
?
Sep 26, 2015 15:45
|
|
|
|
| # ? May 12, 2024 01:51 |
|
|
Judge Schnoopy posted:This is why class a addresses are a huge waste and need to be forcibly reclaimed from the shitheads that still think they need 500 million routable addresses (Microsoft).
|
|
#
?
Sep 26, 2015 16:00
|
|
|
Bhodi posted:IPv6 loving sucks to deal with on a daily basis; at least you can hold an IPv4 address in your head. Why would you ever need to hold any address in your head?
|
|
#
?
Sep 26, 2015 16:26
|
|
|
flosofl posted:Why would you ever need to hold any address in your head?
|
|
#
?
Sep 26, 2015 16:48
|
|
|
flosofl posted:Why would you ever need to hold any address in your head? Because your devs can't figure out how to setup their vpn properly on the macbook pro so they can't resolve any fqdn's and are constantly asking you which boxes their services are running on so you have to ping - a fqdn to give them the drat ip address
|
|
#
?
Sep 26, 2015 16:59
|
|
|
Bhodi posted:IPv6 loving sucks to deal with on a daily basis; at least you can hold an IPv4 address in your head. A Compact Representation of IPv6 Addresses
|
|
#
?
Sep 26, 2015 17:54
|
|
|
 This is about the 4th time I've been called for help since I left my last job. Do I just start ignoring him or what?
|
|
#
?
Sep 26, 2015 18:17
|
|
|
Depends. You could either ignore him, tell him you don't work there anymore, or charge ridiculous rates for your time and skills.
|
|
#
?
Sep 26, 2015 18:22
|
|
|
You start sending invoices.
|
|
#
?
Sep 26, 2015 18:22
|
|
|
Methanar posted:
"My consulting rate is $BIGNUM an hour, four hours minimum. I've a contract here, we ain't talking shop until you sign."
|
|
#
?
Sep 26, 2015 18:24
|
|
|
DigitalRaven posted:"My consulting rate is $BIGNUM an hour, four hours minimum. I've a contract here, we ain't talking shop until you sign." This is the company that had you picking up trash by hand out in the tundra, right? Consulting rate = $BIGNUM * FUCKYOUTAX an hour, four hours minimum.
|
|
#
?
Sep 26, 2015 18:40
|
|
|
Nintendo Kid posted:They used to. They sold off a huge chunk for a few million bucks, iirc. Dad always told me to "buy land because God sure isn't making any more of it." I think this is equally as applicable to ip's.
|
|
#
?
Sep 26, 2015 18:42
|
|
|
Dr. Arbitrary posted:This is the company that had you picking up trash by hand out in the tundra, right?  I'm not assertive enough for that. "SSH into esxi01" "You can't ssh into esxi" "Open putty and type in esxi01" "oh" How do you have a job
|
|
#
?
Sep 26, 2015 19:01
|
|
|
GnarlyCharlie4u posted:Dad always told me to "buy land because God sure isn't making any more of it." Until something comes along that makes routable ips make more sense than NAT, which will push ipv6 adoption and make ipv4 space widely available and practically worthless. The bubble will eventually burst, but the thing that bursts it hasn't been invented yet so it's impossible to know when it will happen.
|
|
#
?
Sep 26, 2015 19:02
|
|
|
Methanar posted:
Please start charging these people
|
|
#
?
Sep 26, 2015 19:03
|
|
|
Just stop answering, it's the weekend. Also it's not your job any more.
|
|
#
?
Sep 26, 2015 19:19
|
|
|
Especially since they lack the basic knowledge necessary to even look at it. I can understand answering some tribal knowledge question a few times after you left a job that you were in good terms on. After all that poo poo though and the fact that the person needs handled though basic connectivity. No. No no no. Also, because they have no idea what they are doing, they are very likely to misinterpret what you are telling them to do, make things worse, and try to hold you liable. Block the number and go on with your life.
|
|
#
?
Sep 26, 2015 19:23
|
|
|
I know this question gets asked a lot, but I don't have search. I'm searching CL, Indeed, Dice, and Linkedin. Are there any other search engines that are worth the time? I know Careerbuilder and Monster have a worse reputation now.
|
|
#
?
Sep 26, 2015 19:23
|
|
|
Methanar posted:
The gently caress man, grow a backbone, you don't work there.
|
|
#
?
Sep 26, 2015 19:25
|
|
|
the only thing i hate more than users is IT people
|
|
#
?
Sep 26, 2015 19:30
|
|
|
Methanar posted:
Send him here http://lmgtfy.com/?q=how+to+ssh+into+esxi
|
|
#
?
Sep 26, 2015 19:42
|
|
|
Methanar is the new larches. Let's get him out of his well.
|
|
#
?
Sep 26, 2015 19:45
|
|
|
Aunt Beth posted:Methanar is the new larches. Let's get him out of his well. We already got him out, now he's teetering on the edge looking in again actually he got himself out, but with plenty of encouragement
|
|
#
?
Sep 26, 2015 20:10
|
|
|
Aunt Beth posted:Methanar is the new larches. Let's get him out of his well. He dug his own loving well, you can't save everyone.
|
|
#
?
Sep 26, 2015 20:12
|
|
|
myron cope posted:Have you guys done any more rolling out of Windows 10? I'm not on the PC side where I work but as far as I know they aren't testing it yet even (which doesn't really mean anything, because I don't know what they do all day). I've got 50 of 500 laptops on it so far, just doing a nice relaxed-pace rollout, haven't encountered any showstoppers and enrolling each laptop onto Azure AD (laptop named for the person it was issued to) makes inventory and remote wipes pretty easy on the Azure portal. The one thing that blows is you can upgrade two PCs from Windows 7 to 10, install all your apps on one, make it into an Acronis image, restore it to the second PC, and half the time Windows 10 will automatically activate the image, and half the time it simply won't. When it doesn't, it even invalidates my older images... an image I might have used and it activated 20 laptops, will fail to activate any going forwards. So I can't "update" an image with new settings/apps. It's similar to the windows sysprep "rearm count", but it is affecting Acronis randomly which I've never seen before. I wound up buying one single copy of Windows 10 Pro from Microsoft Volume Licensing; I shouldn't have to, but allegedly that gives me unlimited imaging rights to clone it on to all the other legitimately Windows 10 activated PCs I have. Then I guess I just punch in the volume license key to force them to activate instead of relying on their incredibly inconsistent activation servers. I paid two days ago, still waiting on the key from the VAR.
|
|
#
?
Sep 26, 2015 20:34
|
|
|
The better question is why you're rolling out Window 10
|
|
#
?
Sep 26, 2015 20:39
|
|
|
go3 posted:The better question is why you're rolling out Window 10 For our purposes it works exactly the same as Windows 7/8 (I preinstall the image with Classic Shell so users can't tell the difference between all 3 OS anyways), the desktop is snappier, more security upgrades, and like I just mentioned, it has Azure AD Join which allows me to have much better inventory and control of the laptops. Since I activate Bitlocker on each laptop and set a BIOS password, if someone quits or the laptop is stolen/lost, I can more or less brick it from the Azure portal. I'm also already using Office 2016 and it allegedly has better integration in 10. The most important thing is we have 500 laptops, a year to upgrade them for free, and Windows 10 Pro costs $200 a pop in volume license. So I have a year to save us $100,000... better to get a head start now and address each issue we find as we find them. Fortunately we only use Office, Chrome, and Salesforce for everything so there's not much to go wrong. I did just find a bug where the Win10 image we made had a Win 7/8 audio driver left behind that prevented all Skype for Business audio from working, even though every other app was fine. Rolling out now gives me a head start finding little things like that instead of trying to figure it all out at the end of the upgrade year. I got some snark from the IT guy who's job I took on his way out, back when I went to upgrade everyone just from 7 to 8. My only real reason then was Win 8 Pro has Bitlocker when Win 7 Pro doesn't, and Defender has antivirus built into it on 8 when 7 only has anti-spyware (Win7 can use Security Essentials, but using it for 500 devices would have set me up for an audit). Anyway, that guy was all doom and gloom and we were perfectly fine. I get if there's a lot of legacy apps or something, my last job was healthcare IT and that was a shitshow with AS/400 and all that madness, but these days we're ~*~living it up in the cloud~*~
|
|
#
?
Sep 26, 2015 20:58
|
|
|
Methanar posted:I'm not assertive enough for that. It takes practice. Maybe start small. Buy a stopwatch the next time you're at the store. Next time they call, start it immediately. When it hits the 15 minute mark, let him know that you've been on the phone for 15 minutes and you wish you could help, but you don't work there anymore and you really need to be paid for your time. If you need to drive up there, include the travel time in your cost. Include the gas price in your cost. At this point, you're not being a jerk, if he called you up and asked you to give him $100 to pay for technical support, you'd tell him to get hosed, don't give him $100 worth of free tech support. Always mention that you're having to cancel plans or rearrange your schedule in order to accommodate his request. It's not lying because you had planned on watching Netflix by yourself, now you've got to change your plans. Use that to justify an extra charge and let them know that it'd probably be easier (and less expensive) if you just scheduled a visit once or twice a month for a few hours to answer questions and do some health checks etc. This is hard, you should feel bad that you're being taken advantage of, but don't let it drag you down. Once you start exercising that backbone muscle it'll get easier.
|
|
#
?
Sep 26, 2015 21:35
|
|
|
Question for anyone with a bunch of Meraki experience. I'm contemplating implementing MX100 appliances as edge devices at our three sites. The only possible hangup, is our DMZ doesnt use NAT; just an ASA5510 performing firewall rules. Internal is, however, privately addressed. This was all configured prior to my tenure. It looks like, the MX100 does support 1:1 NAT, and in the online demo, it doesnt fire back any errors if I set the external IP and the internal IP to be the same. However, I havent heard back from my Meraki sales guy on this one to confirm. Basically, assuming everything on the ISP side is routed properly, can I setup an internal subnet that happens to be externally routable (208.x.x.x), and use 1:1: NAT with identicle WAN and LAN IP addresses? I dont really want to re-subnet these DMZ hosts, as its a legacy application that's being phased out anyways. Walked fucked around with this message at 21:48 on Sep 26, 2015 |
|
#
?
Sep 26, 2015 21:46
|
|
|
Zero VGS posted:I wound up buying one single copy of Windows 10 Pro from Microsoft Volume Licensing; I shouldn't have to, but allegedly that gives me unlimited imaging rights to clone it on to all the other legitimately Windows 10 activated PCs I have. Then I guess I just punch in the volume license key to force them to activate instead of relying on their incredibly inconsistent activation servers. I paid two days ago, still waiting on the key from the VAR. Microsoft licensing is terrible, but this is what I've learned after months of haggling on various projects for clients and carefully reading the wording in their documentation. First, the machines that you are putting the image on must have the same OEM product and version as the volume licensed image. 8.1 Pro -> 8.1 Pro, 7 Pro -> 7 Pro... so you cannot put 8.1 Pro VL on a machine purchased with 7 Pro OEM, or 7 Pro on a machine purchased with 7 Home. But you can put 7 Pro VL on an 8.1 Pro OEM machine because you get downgrade rights. In addition, the Windows 10 upgrade for volume licensing customers is a paid upgrade and I'm led to believe that you'd need to purchase one for each device you want to upgrade. But, the reimaging part would remain true if you purchase new machines with Windows 10 Pro OEM and image with a purchased Window 10 VL key. Also, try doing your imaging with MDT/WDS-- I think you'll have a better experience than cloning with Acronis. PM/IRC if you need any help.
|
|
#
?
Sep 26, 2015 22:42
|
|
|
The VAR Microsoft specialist seems to think, and it makes sense to me, that if I upgrade all my current PCs from Windows 7/8 Pro to Windows 10 Pro via the normal free upgrade, and then reimage it with the VL key, that should be fine from a compliance standpoint. Again, I'm only doing this because their licensing server is literally not functioning as intended (if you upgrade legitimately to Windows 10 and it activates, you're allowed to restore any kind of backup image you want and it should reactivate each time) and I can't wait for however long it takes them to get their poo poo together. You're saying that going from Windows 10 Free Upgrade to Windows 10 "Paid" Upgrade, when they're functionally the same exact thing... I wouldn't put it past Microsoft since their licensing BS knows no bounds but it seems ridiculous. Also, the PDF you linked says: quote:Note: If you have questions about the free Windows 10 Pro upgrade offer and its implications for Volume Licensing customers, contact your Microsoft representative or Microsoft partner. Like, gee, thanks assholes, God forbid you actually put it in writing, I love relying on the time tested he-said-she-said every time. quote:the free Windows 10 Pro upgrade offer and its implications It's like the Microsoft Audit team is Dennis and I'm a girl on his boat...
|
|
#
?
Sep 26, 2015 23:15
|
|
|
Walked posted:Question for anyone with a bunch of Meraki experience. I'm almost certain the mx dashboard will complain about overlapping networks on an outside and inside interface. You don't want 1:1 NAT you want bridge mode which may be available somewhere but I've never used it or seen it. Perhaps it's as simple as applying the same IP to two interfaces and the device figures it out?
|
|
#
?
Sep 26, 2015 23:49
|
|
|
I'm not really sure the Meraki stuff has an option for not being a NAT firewall type device. At least it's not in the dashboard for the MX60 that I have. Presumably your ASA has one of your public addresses on the outside interface, another public address (not the same one) on the inside on your DMZ interface, and this is what the hosts in the DMZ (addressed to public addresses in the same subnet) use for their gateway? I don't think using the same address on two interfaces is going to work. Thanks Ants fucked around with this message at 00:00 on Sep 27, 2015 |
|
#
?
Sep 26, 2015 23:58
|
|
|
Judge Schnoopy posted:I'm almost certain the mx dashboard will complain about overlapping networks on an outside and inside interface. You don't want 1:1 NAT you want bridge mode which may be available somewhere but I've never used it or seen it. Hm. Weird. The demo dashboard didn't complain - but like I said, it's not something I have had a chance to test with demo units. I could always give it a whirl in a lab, but I don't have the demo units yet. Guess this project plan is going to include re-subnetting some of the network.
|
|
#
?
Sep 27, 2015 00:01
|
|
|
Like mentioned above you really shouldn't have to change more than the wan address on the ASA and match that network segment to the mx100. Your rules and dmz addresses should stay the same. You'll be double natting which may possibly cause issues with certain services but with a 1:1 on the mx and the ASA the services shouldn't notice. I set up internet -> mx64 -> 1:1 NAT to ASA -> vpn tunnel terminated at the asa -> LAN segment back to mx64 -> internal network, and static routes for the return traffic to go out the same path. All because the mx doesn't support a natted site to site vpn. It requires address space on the LAN segment of the far side.
|
|
#
?
Sep 27, 2015 00:52
|
|
|
Zero VGS posted:Azure AD Join which allows me to have much better inventory and control of the laptops. Are you using only Azure AD without on kind of ON-Premise Domain Controller? What options does Azure AD give you when it comes to device control? Last I checked, you can't deploy any GPO's, ect...
|
|
#
?
Sep 27, 2015 04:05
|
|
|
Tab8715 posted:Are you using only Azure AD without on kind of ON-Premise Domain Controller? What options does Azure AD give you when it comes to device control? Last I checked, you can't deploy any GPO's, ect... Yup, no domain. After you've joined devices (Can be Windows 10 for PC or phone, and apparently iOS) you go to portal.office.com -> Admin -> Mobile Management. There you can set some policies in the portal: quote:What requirements do you want to have on devices? That's all they have so far, but not too shabby. You're right that I can't deploy GPO with that. To deploy GPO, I just set the policy I want on a sample PC, verify it with RSOP.MSC, test out all the functionality, then I can start rolling it out to other PCs by copying the C:/Windows/System32/GroupPolicy (a hidden folder) and overwrite any other PCs Group Policy folder with that folder. A restart or "gpupdate /force" will apply the new GPO, which again can be verified with RSOP.MSC. I personally deploy the folder with a script over PDQ Deploy to the group I want. Since my organization is pretty simple and all uses laptops, I can use the same GPO for everyone. The only particularly important GPO settings are that the laptops never sleep while plugged in, and I have both remote desktop and unsolicited remote assistance permissions to all of them. Later on I might get back to some of my medieval poo poo like software whitelists via SRP. By the way, does anyone know if any elegant way to script an always-on connection to a VPN in Windows Pro? I'd like to reverse engineer DirectAccess so I can hit more deployments/inventory when people are working from home.
|
|
#
?
Sep 27, 2015 05:08
|
|
|
That sounds pretty painful, especially if there's something in GP you want to rollout on the quick. Is there a reason for "no domain?" Are they saving on licensing?
|
|
#
?
Sep 27, 2015 05:11
|
|
|
Does this set off red flags for anyone, or am I just being paranoid?quote:Client facing IT position - Jr. System Administrator, Jr. Network Engineer The things I'm seeing are asking for salary requirements in the initial application (but please don't start discussing whether or not you should disclose your salary), offering 38k as a base for a junior admin role, and "redefin[ing] the IT service experience" sounds a lot like "unpaid overtime."
|
|
#
?
Sep 27, 2015 07:15
|
|
|
|
| # ? May 12, 2024 01:51 |
|
|
22 Eargesplitten posted:Does this set off red flags for anyone, or am I just being paranoid? 22 Eargesplitten posted:The things I'm seeing are asking for salary requirements in the initial application (but please don't start discussing whether or not you should disclose your salary), offering 38k as a base for a junior admin role, and "redefin[ing] the IT service experience" sounds a lot like "unpaid overtime." Personally, I wouldn't take less than 45k/y without benefits(PTO/Health/401k) but honestly I'd apply, do my best in the interview. If I do well, there offer comes back with $38k I'd tell them thanks but no thanks and I'd like <$blah>.
|
|
#
?
Sep 27, 2015 09:10
|
|