Queues and Disappointments 

Posted on August 4th, 2014 by Luke Sheldrick.
Categories: Mutterings.
Tags: , , , , , .

4 08 2014

The week before last the UK saw a a rather hot heat wave. My bedroom fan fell to bits, and the only other I had in the apartment was a rather big industrial type thing that is rather loud… especially when using in the bedroom. I’d heard good things about the Dyson fans, and decided I needed one that day. Argos, John Lewis, Currys, everywhere that had a click and collect type service, sold out. I called John Lewis who said the local waitrose may have some in store. They didn’t.

I’d taken Mother shopping a few days later, and Tesco had the ‘Hot and Cold’ variety on the shelves, at a slight premium as they have a heating function too, at this point the hot nights were getting worse.. Did the shop and when going through the till a big warning came up on the till, saying it could not be sold. ARGH. Upon checking online, that model had been recalled, months before. Asking Mother (who works for the group), it’s a rather rediculious system they have in place for recalls. These only seem to be tracked at the tills. So it basically goes:

Customer tries to buy > Gets to till, and held back > Goes in the pile of other unwanted items at the till > Either goes straight back on the shelf or goes into the store at the back shop > Night shelf stackers see the item, go place back on shelf > Repeat.

Was diagnosed with Celiac Disease a few weeks back, and finding the substitutes pretty grim, bread being one of them. However a lot of reading later, I had a few what good home made bread recipes. So this weekend I decided to brave Westfield, and go to one of the bigger John Lewis’ locally, as they stock a well rated bread machine for making Gluten Free bread. Check online and then head down to the store. I thought I’d call ahead, and make sure ‘Yep one in stock’. Perfect.

Get to store, find the isle, and the item. Get one of the PFYs to look it up ‘oh we only have the display model left’… Yup that counts as the one apparently, and they don’t sell the display models? Awesome. However I am told I could go to Oxford Street if I wanted, as they have some in stock, or order it in for click and collect and pick it up tomorrow. No no no. The idea of me going to a shop, is I want it there and then… If I want it tomorrow, why wouldn’t I just order online and get it sent straight home? Ergh, if you have an item in a massive department store, why would you not stock at least one item you can sell. What is the deal with getting someone to come back tomorrow? Surely retail is all about the impulse? If people need to order online to pick up, surely they’ll just order online and get it delivered?

Then decide to do some browsing, and popped into Game, again not something I would generally do, but I do enjoy some impulse shopping. Find a game I’d wanted to play… £37.99, bit steep compared to how much it is online, but oh well, I guess I’ll get it anyways. Oh… a big queue, but I’ll assume it will go down soon. 10 minutes later still not moved. It’s seems the two cashiers were explaining every single combination of how you could buy the latest console. Argh. Then in a very un-british way, someone in the queue asked one of the PFYs, who seemed to be just standing around picking his acne, if he could or get someone to open another till. There must have been 15 people in the queue. I then check Amazon, oh, I can get it for £29 and have it delivered for free on Sunday (note: I do have a Prime account). You know what happens next, I had planned to play it on Sunday anyway.

As I was walking out of the store, the original PFY and his fellow soap dodger was laughing that someone had asked for him to open another till.. I guess he didn’t have enough stars on his badge.

They wonder why Retail is f*cked…

0 comments.

Thin-Pi

Posted on June 9th, 2013 by Luke Sheldrick.
Categories: IT / Tech.
Tags: , , , , , .

9 06 2013

Since moving last year, now I have a dedicated home office, I banned myself from having a PC in the bedroom, and try not to take a laptop in there either. Lots of devices these days want internet access (TV, AppleTV, BD Player..etc) so I have a small 8 port switch hidden in the book case, with a point to point wifi connection back to the office, this works rather well. I also have 6 airplay destinations in the apartment, so can stream music to every room, however annoyingly iPad/iPhones can only stream to one destination. I use Airfoil on either my Mac or MacBook, to usually stream spotify or the radio to multiple rooms.

However, as I don’t have a PC in the bedroom, I have to kick this off from the office. I’d recently been testing thin clients out, and have a spare monitor, so decided to set one up in the bedroom, so I can stream music, check train times…etc stuff I want to quickly check in the mornings, that kind of thing. I have no need for a full blown PC, nor do I want the noise/power in the bedroom. One of the most flexible ‘clients’ I’d tested was a Raspberry Pi. Whilst it is a ‘full PC’, it’s silent, very lower power use, and for things like RDP/SSH is perfect. Another thing, is it’s very cheap, even compared to actual thin clients. I have the streaming software, and a load of other day things running on a VM in the office, so RDPing back to this is a doddle.

I have it hidden away with the switch in the bedroom, and purposely put it somewhere I can’t sit and use it. I only want to be able to control bits in the apartment, and use it as a terminal.  I set it up, using raspbian, and a few scripts to make make opening up RDP sessions seamless. I have to say, I am very impressed with it. Although it’s quite a underpowered ‘PC’, for simple tasks such as this, I’m very very impressed. It’s also quite handy having a full linux environment, though compiling anything from source is a foolish decision.

Pi Cupboard Pi Thinclient

0 comments.

VMware VCD VPN + Fortigate

Posted on December 29th, 2012 by Luke Sheldrick.
Categories: IT / Tech.
Tags: , , , , , , , , , , , , , .

29 12 2012

I’ve been testing a new platform at the day job for the last couple of days, as a user. The main part of this, is I do all the tests as if I was the end user (i.e. our Customer). The platform is based on VMware’s Virtual Cloud Director 5.1. I’m working with our product team to get the platform ready to hand over to our customers, and filling in the missing gaps, when it comes to requirements, documentation and any support needs.

One thing I was playing with today, was the inbuilt VPN capabilities. The documentation from VMware here, if I am honest, is quite incomplete. Even as a seasoned VMware user, some elements, are confusing. So the documentation for this element, were, how do I put it… minimal (read: missing all the needed info). I assume it’s because they’re assuming that you’ll be connecting it to another vShield Edge device, so their defaults, would just work.

I was working with my physical test lab to simulate a customer’s existing hosted solution, i.e. a rack of equipment in their data centre. The firewall I was using was an old Fortigate 200A, however this is running the latest v4 FortiOS, so would be the same for any firewall from Fortinet (running V4, V3 would be very very similar, if you still have that out there).

So, let’s assume the following:

 vOrg Network: 192.168.15.0/24
 VShield Edge IP: 90.1.1.1.1
 All devices NATed behind the Edge device.
 Legacy Network: 10.30.3.0/24
 Fortigate IP: 80.1.1.1.1
 All devices NATed behind the Fortigate.

Login to the VCD Portal, and go to your vOrg network preferences, right click on the network you want to configure for VPN access.

Network

Go to the VPN tab, and If not already enabled, enable the VPN service. Then select new.

Network2

Change the “Establish VPN to” to External Network.

VCDVPN1

From the below, we’re going to fill out.

 Name: Your choice
 Description: Your choice
 Local Networks: LS-Network2 (matches the 192.168.15.0/24) Here I chose the network that matched my requirements. (Yours will differ, and you'll need to make the amendments throughout.)
 Peer Networks: 10.30.3.0/24
 VPN Endpoint: The vShield Edge device you're going to terminate the VPN on.
 Local ID: Your choice - just needs to match what you configure the firewall with.
 Peer ID: Your choice - just needs to match what you configure the firewall with.
 Peer IP: This is going to be your other firewall. So for me it was 80.1.1.1
 Encryption Protocol: again, your preference. AES256 is a sane default.
 Shared Key: Your choice - just needs to match what you configure the firewall with.
 The rest: I left as default.

Now this left me asking some questions, i.e. what were the other settings going to be, such as Authentication method, DH Group, PFS, Key lifetime..etc None of this is listed in the documentation/user guide.

Anyway, to continue, you need to add a firewall rule in, to allow communication between the two environments. Something like the below, but again, adapt to your requirements.

VCDFW

Moving on to the Fortigate. This took a while to work out, as basically, I had to configure the VPN, wait for the edge device to try and bring up the VPN to see what it was proposing, in order to then set the Fortigate to match these (read: a complete PITA). However now that’s been done, hopefully this will help someone.

Go to your VPN Settings, add a new Phase I


FNP1

So the settings here:

 Name: Your choice.
 Remote Gateway: Static IP.
 IP Address: Edge device IP. Mine 90.1.1.1
 Local Interface: Your internet facing interface.
 Mode: I chose Main, but this can be your preference.
 Pre-shared Key: What you made up in the earlier steps.
 Enable interface mode (makes life a lot easier for firewall rules.)
 IKE Version: 1
 Local IP: I chose main - your config may differ.
 Encryption: Whatever you chose earlier. AES256 for me.
 Authentication: SHA1 (This is one of the settings not documented anywhere)
 DH Group: 2 (This is one of the settings not documented anywhere)
 Keylife: 28800 (This is one of the settings not documented anywhere)
 DPD: Disabled - The edge device didn't seem to respond to these, so the Fortigate tore the tunnel down. (This is one of the settings not documented anywhere)

Phase II:

FNP2

 Name: Your choice.
 Phase I: Select the one you configured above.
 Encryption: AES256 (unless chosen different above)
 Authentication: SHA1 (This is one of the settings not documented anywhere)
 DH Group: 2 (This is one of the settings not documented anywhere)
 Keylife: 1800 (This is one of the settings not documented anywhere)
 Source Address: 10.30.3.0/24 (yours will need to changed to match your network)
 Destination Address: 192.168.15.0/24 (match your vOrg Network)
 The Rest: Default.

Next: create the firewall rules. Incoming and outgoing for the VPN interface. I wont go into details here, as if you’re reading this I expect you’ll know how to add a policy in.

Static Route. You’ll need to create a static route for the VPN, in order to route traffic down the interface. Interestingly, you didn’t need to do this on the Edge config.

Go to the Router > Static > Create new. Something like the below, amended to your network.

FNSR

Once this is done, the VPN should come up.

0 comments.

Serial Console & Android

Posted on December 9th, 2012 by Luke Sheldrick.
Categories: IT / Tech.
Tags: , , , , , , , , , , , .

9 12 2012

You’re in a datacenter, all you have with you is a bag of cables, a crash cart, and your mobile. A core switch has fallen over, and you need to quickly see what the console it outputting.

I was tinkering at home, where I was building a lab of some cisco and fortigate kit, and needed to quickly set a management IP. I had a rollover cable, and a usb to serial converter, and wondered if my Samsung Galaxy Note, and the ‘USB-to-go’ cable would allow me to connect to the serial port on the switches and firewalls. Using the inbuilt terminal didn’t work, and I couldn’t get minicom to play. However I did find an app in the Play Store, that had support for most of the usb converters.

A bit of fiddling, and bingo, it all worked.

Android Serial Console
I got this to work on my Galaxy Note, however this should work with anything that has USB Host Mode support. This would be really useful on a tablet.

The best bit here, is to do this, it’s really rather cheap. What I used:

USB-to-go connector – for converting the micro usb (Micro-B) to standard Female USB(Type A).
USB-to-Serial – cheap PL2303 based converter
Cisco Rollover cable – Every DC will have hundreds of these.

Slick USB 2 Serial Terminal – Android app that talks directly to the USB-to-Serial converter. (Ad supported or pay for version).

2 comments.

Mountain Lion – Notification Center Shortcut

Posted on July 27th, 2012 by Luke Sheldrick.
Categories: IT / Tech.
Tags: , , , , , , , .

27 07 2012

Just a quick one. Have been using Mountain Lion for just over a day, but noticed there wasn’t a quick way to see the notification center

Seems there is a shortcut available in the keyboard preferences, it’s just not set. So just assign your preferred shortcut, as below.

 

 

0 comments.

1 of 1712345...10...»»