iPhone 6 picture issue in message

September 20, 2014

First day I got my iPhone 6, everything went well with the activation.  Started using it and realized that anyone that iMessaged me with a picture, I couldn’t see it.  I would get a square box with “Downloading” but it would never download.  And if you reboot your phone, then the square box just has a question mark “?” in it.

What was odd was on my Mac Book, in Messages, I could see the pictures, just not on my phone.

Issue:  Cant view pictures sent to you thru iMessages from other iPhone users

Solution:  If you are using another Mac device with iMessages, you have to disable them all (sign out).  Then on your iPhone, go to Settings > Messages.  Turn Message “off”.   Wait 5 seconds, turn back “on” and below under Send & Receive, remove any other emails or numbers for Messaging other than your primary number.  So you should just have one under that section.
Now you should be able to get pictures.  If so, now you can re-enable Messages on all your other devices.

CentOS 6.5 as a gateway

August 25, 2014

Here is my setup.   I have a Cisco lab in my garage.  I have a PC in my garage.  The PC connects to my WiFi via a 7811 Edimax USB adaptor.  I want my PC to act as a Gateway so I can access the Internet on my Cisco lab.    (btw, I live on the second floor of an apartment and my garage is located below at an angle.)

I know what you are thinking…”Why dont you get a WRT wireless router and make a bridge?”  Been there done that plus I dont need to go out and spend $30 or $50…I have everything I need, plus its fun to geek.  So lets get to it.

<—-Internet—->wlan0 —PC—eth0—switch—lab or another PC

Interfaces:

wlan0 – Internet (192.168.1.12)
eth0 – LAN  (192.168.2.1)

First thing… turn off Network Manager
# service NetworkManager stop

Download a DHCP server (unless you want to use static IP’s)
yum -y install dhcp

Let’s edit our wpa_supplicant files
nano /etc/sysconfig/wpa_supplicant
add your interface name:

INTERFACES=”-iwlan0″     <–make sure to put the “-i” in front.

nano /etc/wpa_supplicant/wpa_supplicant.conf  (this will depend on your WiFi router setup, below is mine)

network={
ssid=”WIFI-NAME”       <—- change yours to your SSID
scan_ssid=1
key_mgmt=WPA-PSK
pairwise=TKIP
group=TKIP
psk=”WIFI KEY”             <—change yours to your key
}

Now open lets edit the wlan0 config file a bit (below is mine)
nano /etc/sysconfig/network-scripts/ifcfg-wlan0

ESSID=”NETWORK-NAME”   <—- change yours to your SSID
MODE=Managed
CHANNEL=1
RATE=Auto
KEY_MGMT=WPA-PSK
CIPHER_GROUP=”TKIP CCMP”
TYPE=Wireless
BOOTPROTO=dhcp
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
USERCTL=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME=”wlan0″
HWADDR=80:1F:02:94:4C:C4
ONBOOT=yes

Now lets give eth0 an IP address for that subnet
nano /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
IPADDR=192.168.2.1    <— change yours to whatever
PREFIX=24
GATEWAY=192.168.1.12   <—-change yours to your WLAN0 or ETH device
DNS1=192.168.1.1   <—- change yours to your DNS server preference
DEFROUTE=yes
IPV4_FAILURE_FATAL=yes
IPV6INIT=no
NAME=”eth0″
HWADDR=00:1A:A0:D2:E6:66

Next lets add a line into IPTABLES to setup NAT’ing…
# iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE    <—- change wlan0 to whatever interface will do the NAT’ing outside.

Lets make sure wpa_supplicant is set to start up
# chkconfig wpa_supplicant on
# chkconfig network on
# chkconfig NetworkManager off

# service wpa_supplicant start
# service network restart

So now you should be set.  Plug in a device with a static IP on a switch in your new LAN.  Ping google or some shit.

Want DHCP server running on the inside interface (eth0)?  Easy…

Edit this dhcp file
# nano /etc/sysconfig/dhcpd

DHCPDARGS=eth0  <—– specify your inside interface

#nano /etc/dhcp/dhcpd.conf
Add the following lines:

option domain-name “example.org”;                             <—- change to your liking
option domain-name-servers 192.168.1.1, 8.8.8.8;   <—- change to your liking

default-lease-time 600;
max-lease-time 7200;

authoritative;

subnet 192.168.2.0 netmask 255.255.255.0 {                   <— change to your local network setup
range 192.168.2.10 192.168.2.20;
option routers 192.168.2.1;
}

Save that shit.
Now lets start DHCP server up like a boss!

# chkconfig dhcpd on
# service dhcpd start

Lets test this….plug in a PC to your new LAN switch on the inside (eth0 in this case).
run this command
#tail -f /var/log/messages

You should see DHCP request come in.  If you do, you do man.  If not, you did something wrong fool.

NOTES:
Use the command “iwlist wlan0 scan” to find wireless access points around you and see their encryption type.
You have issues, check the logs…/var/log/messages
You can set it up to do DHCP relay using the file /etc/sysconfig/dhcrelay file.  Then just start the dhcrelay service.  But you need a DHCP server somewhere in your network.

FreeBSD 10 – sFTP setup

May 21, 2014

 

First off, sFTP doesnt actually use FTP protocol or associate with it.  It’s pretty much like SCP but with other features.  It uses port 22 as well.  The one unique thing about it is that the user or group you specify in the sshd_config for sFTP will not be able to log in with SSH.  That user will only be able to sFTP into the server.

Pretty simple to setup.

ee /etc/ssh/sshd_config

scroll down to the bottom and put this in…

Match User sftpuser                (specify “group” instead of user if you wanted)
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp

 

Thats it.

# service sshd restart.

Create your user.

Root must be the owner of the home directory.  It should be by default.

Create another directory inside the new users home for them to access.

mkdir /home/sftpuser/files

chown root:sftpuser /home/sftpuser

chown sftpuser:sftpuser /home/sftpuser/files

 

You are done!  Have fun!

FreeBSD 10 ssh key authenication

May 21, 2014

 

# ssh-keygen -t rsa  (uses default 2048, want higher?  use -b 4096)

Enter a passphrase.

cat id_rsa.pub >> .ssh/authorized_keys

ee /etc/ssh/sshd_config  

Comment out (#) the line ChallengeResponseAuthenication and change it to "no" (without the quotes)

service sshd restart

Copy the id_rsa (private key) to your laptop/desktop or whatever computers you use.   drop it into the .ssh directory of your system directory.  Have Windows?  point to it in Putty.  I believe most distro's will read the id_rsa as a default key file so you may need to change its name if you SSH to other servers.  for example...I have a server named web01....so I would ssh user@web01 -i web01.priv  <--- is my private key.  



FreeBSD 10 USB 3.0

May 19, 2014

Just an FYI.  I have an ASUS motherboard with USB 3.0.  I had an issue with FreeBSD 10 and using a USB 3 device.  It would fail to allocate a resource or an assignment of sorts.   I had to go into the BIOS, disable “USB Legacy”.  Now USB 3 works on my PC.

FreeBSD 10 / PCBSD 10 and Edimax 7811un

March 5, 2014

FreeBSD 10 supports the Edimax 7811un (RTL8188CUS chipset, FreeBSD calls the device “urtnw0″) right off the bat.  BUT…there is a small trick to get it working if you don’t see the error message.  Plug in your 7811un to your PC.  Install FreeBSD.

**** if you are using PC-BSD, do the same steps as below.  You’ll have to go into /boot/loader.conf.pcbsd file and edit out the step 3 options.

Do the following:

1. setup your /etc/rc.conf with the following…
wlans_urtwn0=”wlan0″
ifconfig_wlan0=”WPA DHCP”

2. setup your /etc/wpa_supplicant.conf with the following…(my network is WPA2)

network={
     ssid=”yourSSID”
      psk=”yourKey”
}

3. setup your /boot/loader.conf file with the following…
if_urtwn_load=”YES”
wlan_wep_load=”YES”
wlan_ccmp_load=”YES”
wlan_tkip_load=”YES”
legal.realtek.license_ack=1

***The last line is the most important.  If you don’t add that it won’t work.  

4. REBOOT  -  this is a must.

Thats it.  It should come up on its own.  This is if you have your network setup with a WPA2 encryption.  If you need additional help, consult the FreeBSD Handbook wireless section.

ASA Rommon mode – image issue

February 18, 2014

If you accidentally erased the whole flash drive and killed any images you had.  Here is how you restore.  Create a TFTP server

 

Rommon mode:

  • ADDRESS=192.168.1.x
  • GATEWAY=192.168.1.x
  • SERVER=192.168.1.x)
  • IMAGE= (IMAGE file)
  • Tftpdnld -> hit enter
  •  do a reset

Make sure you confreg is 0×0000001

Windows 2003 to Windows 2008R2 CA server migration

February 15, 2014

 

We use Windows CA server at work for our Cisco ASA’s.  We wanted to upgrade to 2008R2.  Below are the links or instructions to setting that up.  We use a SinglePassword setup due to us deploying ASA’s all the time to new locations.

- Migration of the CA’s to from old Server to new Server.  Follow this document.  FYI:  give the new server the same name and same CA name.  The default setup in 2008 will try to attach a “CA” at the end of the server name.  In windows 2003, this didnt happen.  So be careful.
http://technet.microsoft.com/en-us/library/9aa53be9-0497-49fa-9ff6-09b72cb69444(v=ws.10)#BKMK_RestoreReg

-  setting up SinglePassword setup.   FYI:  instructions are wrong for the Registry path, its HKEY_LOCAL_MACHINE\System\Microsoft\…..
http://social.technet.microsoft.com/wiki/contents/articles/9063.network-device-enrollment-service-ndes-in-active-directory-certificate-services-ad-cs.aspx#Password_and_Password_Cache

Access your CA server to get password info.
http://<ip address>/certsrv/mscep_admin/

Also, you may need to restart IIS or the system.  The first initial time during setup it took it a bit to come up.

PF Firewall settings

February 7, 2014

Here are my PF settings.  Very basic for a firewall on one PC.  I’m not running a router or gateway off my PC.

What this does is block everything coming in, allow anything out and remember its state status so it can come back in.  I do allow SSH to come from the outside and to protect me from hackers I have enabled <ssh_bruteforce> and made it add IP address that have 3 bad login attempts in 60 seconds to be added to the list.  They will be blocked indefinitely.

CONFIG:

#
# Steve’s PF Firewall Rules
#

#Variables
ext_if = “ale0″
ext_ip = “( ” $ext_if ” )”
tcp_services = “{ 22 }”
#icmp_types = “echoreq”

# Tables
table <ssh_bruteforce> persist

# Return a reset for all blacks
set block-policy return

# Ignore the loopback
set skip on lo0

# Anything in the blacklist should be stopped here
block in quick on $ext_if from <ssh_bruteforce> to any

block in all
pass proto icmp all
pass out all keep state
pass in on $ext_if proto tcp from any to $ext_ip port $tcp_services flags S/SA keep state (max-src-conn-rate 3/60, overload <ssh_bruteforce> flush global)

Cisco 2900 voice router – Unavailable Resource erro

February 7, 2014

Cisco 2900 router with T1 setup.  Calls were coming in but we were getting a “unavailable resources” error.  The error made it seem like our router was generating the error and it was but it was due to the telco’s router/equipment.   It would then disconnect the call but first it seemed like it transferred it back to the local telco switch.

#debug isdn q931

Cause i = 0x82AF – Resource unavailable, unspecified

Found the error code HERE.

We rebooted the telco equipment and all works well.  What seems to have happened is the telco router was trying to use a channel we do not use when it set up the call.


Follow

Get every new post delivered to your Inbox.