Topics created by Romo

@travisdh1 yup

8CF63B2B-CF0F-403B-9B30-689D782ACDC5.jpeg

@Dashrender said in User Account getting disabled in Azure:

o curious, if Azure is showing it as disabled - why is that not be

Azure Sync doesn't sync back to AD. it is the other way around.

See my post earlier had a user who could not send. Microsoft has an open service advisory not published about general slowness in their system.

@Dashrender said in Fanvil x5u - Firmware upgrade via server download:

https://www.fanvil.com/Uploads/Temp/download/20191218/5df9dd9ce42f0.pdf

The general configuration file is helpful in automatic configuration deployment of a large number of terminals. For example, only a general configuration file F0V00X600000.cfg carrying firmware parameters needs to be placed on the automatic configuration server to automatically deploy firmware for 1000 X6 terminals.

@Dashrender thanks I had totally missed that section of the pdf. Adding the Auto Image Url option, to the F0V0X5U00000.cfg did get the phone to properly upgrade the firmware automatically.

F0V0X5U00000.cfg contents for the test.

<<VOIP CONFIG FILE>>Version:2.0000000000 <AUTOUPDATE CONFIG MODULE> Auto Image Url :https://URL/x5u-6906-P0.18.23.21-2.2.10-3421T2020-09-27-16.44.21.z <<END OF FILE>>

Here are the logs of the process, phones starts with firmware 1.0.0 and properly upgrades to 2.2.10

[15/Oct/2020:09:20:42 -0500] "GET /F0V0X5U00000.cfg HTTP/1.1" 200 209 "-" "Fanvil X5U 1.0.0" [15/Oct/2020:09:20:43 -0500] "GET /MACADDRESS.cfg HTTP/1.1" 200 93621 "-" "Fanvil X5U 1.0.0" [15/Oct/2020:09:20:53 -0500] "GET /x5u-6906-P0.18.23.21-2.2.10-3421T2020-09-27-16.44.21.z HTTP/1.1" 200 40789888 "-" "Fanvil X5U 1.0.0" [15/Oct/2020:09:21:44 -0500] "GET /F0V0X5U00000.cfg HTTP/1.1" 200 209 "-" "Fanvil X5U 1.0.0" [15/Oct/2020:09:21:45 -0500] "GET /MACADDRESS.cfg HTTP/1.1" 200 93621 "-" "Fanvil X5U 1.0.0" [15/Oct/2020:09:23:02 -0500] "GET /F0V0X5U00000.cfg HTTP/1.1" 200 209 "-" "Fanvil X5U 2.2.10" [15/Oct/2020:09:23:02 -0500] "GET /MACADDRESS.cfg HTTP/1.1" 200 93621 "-" "Fanvil X5U 2.2.10" [15/Oct/2020:09:23:23 -0500] "GET /F0V0X5U00000.cfg HTTP/1.1" 200 209 "-" "Fanvil X5U 2.2.10" [15/Oct/2020:09:23:23 -0500] "GET /MACADDRESS.cfg HTTP/1.1" 200 93621 "-" "Fanvil X5U 2.2.10" [15/Oct/2020:09:32:53 -0500] "GET /fanvil_x5u_hwv1_0.txt HTTP/1.1" 200 115 "-" "Fanvil X5U 2.2.10"

Tried the Application Pool trick listed here, but it still failed.

https://social.technet.microsoft.com/Forums/en-US/b2274a17-13c0-4598-82cf-2724bc427251/error-downloadcontentfiles-failed-with-hr0x80070193?forum=configmgrgeneral

Found the issue and fixed it.

There were some extra entries in the default pjsip profile which were the culprit. The entries were there since quite a few versions back and hadn't caused any sort of issue with the trunks until we updated yesterday. Even after reverting to the previous working version, the trunks wouldn't get properly created until I found the extra entries and removed them. After that, the endpoints are created and the trunks are up once again.

@Romo said in Cisco SPA504G Call Reparking issue:

Totally agree, the phones suck, but they are what the client has as they didn't want to upgrade to new phones =(

Same here, we have an office full of that Cisco garbage, but hopefully we will be switching out our provider soon.

@Romo said in Polycom VVX450 Parking BLF key:

Any of you guys with more polycom experience have been able to configure the parking lots from a (freepbx/vitalpbx) asterisk server In a single key BLF key?
Testing this
I have the key setup like this
1a9f8e10-3d28-4e93-83d0-92fad626dfe1-image.png

But it doesn't appear to do anything when pressing it. I did find this document https://community.polycom.com/t5/VoIP-SIP-Phones/FAQ-Setting-up-a-Call-Park-Feature-using-an-Asterisk-Server/td-p/73565 which it appears to show that it can only be done by transfering to the call parking extension and not directly to the slots but not sure if this still applies as the document is from 2015.

anyone have an idea?

From the phone point of view, parking a call is nothing more than a blind transfer to an extension.

So, you need to look if you can have a BLF do a blind transfer on press during a connected call.

@anamanp said in Office 365 NDR for strange email address.:

@Romo Can you please tell me if this was resolved?

Yes, his reply with the solution was three above your post.

Rules set on OWA to keyword autoforward. The account was compromised.

@Romo said in EdgeRouter L2TP VPN network issue.:

We have a client with an Edge Router Lite FW version 2.0.8 which is having issues with the L2TP VPN. Clients can properly connect to the VPN and get an IP but after the first few seconds of being connected access to the file servers start getting timeouts, web browsing basically either doesn't work or slows so much it's really not usable. A router reboot fixes whatever is causing the issue for some days, but I would really like to figure out how to resolve this without doing a reboot.

I have restarted the vpn services but that doesn't seem to fix the issue.

I can't seem to find anything outside of the ordinary in the logs that would help. Only thing weird is this when the vpn is having the issues ksoftirqd/0 and 1 start using most of the CPU:

Screenshot from 2019-12-12 09-22-16.png

Any ideas?
@scottalanmiller

How long are these users keeping sessions open?

If a reboot fixes, it is likely an issue with the router packages.

I so rarely use my L2TP connection to routers anymore, I have no experience with this issue.

Yep choosing an https mirror seems to be working.

@Dashrender said in QoS on Edgerouter Lite:

@Romo said in QoS on Edgerouter Lite:

Just setup a traffic-policy shaper to test:

20% bandwidth for voip guaranteed with a ceiling of 100% bandwidth
30% bandwidth for USERS PC guaranteed with a ceiling of 100% bandwidth
50% bandwidth for ALL others guaranteed with a ceiling of 100% bandwidth

Does this sound reasonable?

if you parse off 50% for those things and they aren't in use, then the bandwidth is just being wasted... I know scott has mentioned that doing this is generally bad in the past because of the waste of resources.

You don't read clearly. He's talking minimum guarantee at 20/30/50 and max possible when available at 100 for all.

@Romo said in Forced Double Sided Printing:

@travisdh1 Thank you, the change there solved the issue.

You'll never guess who ran into that same issue just a few days before you posted. 😆

@Romo said in Issues with remote PJSIP extension:

Same thing on Yealink SIP-T42S 66.84.0.80.

I'm out of easy ideas. I've been on site at a location all day.

Best way to run Chrome on 2016 RDS.

Use this as a reference.

https://support.google.com/chrome/a/answer/187202?hl=en

Use enterprise edition and configure admx with GPO

Set
Disk Cache Directory
Roaming Profiles Directory
User Data Directory
Setting up Legacy Browsers and Plugin
Turning off Hardware accel and other settings for performance.

Just read that 💫 and configure what policies you need. Took me a day to set up but works smooth.

@scottalanmiller said in Windows 10 PC's not renewing DHCP lease:

@Dashrender said in Windows 10 PC's not renewing DHCP lease:

@scottalanmiller said in Windows 10 PC's not renewing DHCP lease:

@Dashrender said in Windows 10 PC's not renewing DHCP lease:

@dafyre said in Windows 10 PC's not renewing DHCP lease:

Your DHCP range isn't close to being full, is it?

Man, I wouldn't think that would prevent a renewal.

It does. Depends on race conditions, but it definitely happens.

I guess I need to re-read up on the DHCP process - I thought (at least with Windows) that the client machine did a check at the 50% timeframe and renewed then, thereby never actually reaching an expired state. But that was 20+ years ago when I read the MS docs on it... so I could have a faulty memory.

It does, but machines powering on and off and such can disrupt that process.

uh, what? Sure, now if a machine is off, and the half way point, or the full expire time hits, sure, when the machine comes back online - it has to basically start over...

The OP says the machine is loosing it's IP what appears to be overnight. OK, so let's assume the lease expired while the computers were in powersaver mode, or simply off. I would expect them to be turned on and simply go through a DHCP request - but the OP says a reboot it required to get back on the network. so something isn't working from the client side.

So the NIC has been updated and that didn't solve it.

Any chance the switch could be the culprit? Are there updates available for the switch?

@JaredBusch said in Extensions not registering:

Fully updated FreePBX and zero issues. I use pretty much only use pjsip.
b6a3844c-2573-4763-bd7f-efce2b7603ae-image.png

This is VitalPBX, its super weird still. I didn't really touch anything on the extensions.

@Pete-S said in ZeroTier vs VPN:

@Kelly said in ZeroTier vs VPN:

In the strictest sense ZT is a VPN. It is just a one to one IaaS that is routed through the cloud on ZT's systems instead of your edge. You can achieve the same effective security through rules on most VPN servers. ZT just makes it simpler, and reduces your ongoing effort assuming that 1 to 1 or 1 to few is your primary access model.

I haven't used it but why does ZT makes it easier? You have to install it on every machine you want access to, right? And I assume you have to setup some kind of routing on a computer if you want access to something on the network where you can't install ZT, like an appliance or something like an ilo interface.

With an OpenVPN (SSL VPN) connection through the firewall you have a routable VPN and no NAT problems. You can put whatever access to whatever resources you want without installing anything anywhere. And you have everything in one place.

I though ZT was a peer to peer network. So it would make most sense when there are no LAN or central resources and everything is spread out. But that not the network layout in this case.

You do have to install it on every machine. It is easier in the sense that to achieve the same level of lockdown paired with user specific access you would need to do a fair bit of work on your edge and keep it maintained. Deploying software to clients should be pretty straightforward if you're using quality tools: https://chocolatey.org/packages/zerotier-one.

@Pete-S said in Packet loss when connected to L2TP/IPsec VPn:

@Romo said in Packet loss when connected to L2TP/IPsec VPn:

This same issue is happening today once again, VPN is connecting properly but I can't properly reach anything properly on the local lan or the internet.

You should just buy a new edge router to exclude any hardware issues.

Valid option. The cost is minimal compared to the time you are spending.