Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. Because I have site-to-site OpenVPN and IPSEC tunnels between my primary and remote sites I ended up defining lots of static routes. The environment started to be complex enough to justify the use of OSPF that is supported by EdgeRouter. The… Read More »
The following are the steps I used to perform to set up an IPSEC VPN with a vti (virtual tunnel interface). The advantage is that using a vti gives us a route-able interface so making it easy to work with the IPSEC tunnel. The current setup looks like: Primary Site: ER-8 (with load-balancing WAN1 and… Read More »
Trying to fix my OpenVPN site-to-site link and due to the environment update I had to do some changes. The initial setup of the OpenVPN is here https://blog.voina.org/edgerouter-dual-wan-hair-pin-multiple-networks-openvpn-site-to-site-vpn/ First of all there is a new EdgeRouter ER-8 that is directly linked to the main ISP I got this from Amazon.de see Ubiquiti ER-8 Netzwerk/Router .… Read More »
Very important information about the SafeNet software and licences. I get all the time very puzzled clients that find it difficult to understand how to see the license validity and how to install the e-token support. In order to obtain the software and to be able to monitor your licences you need an account with… Read More »
In the following I will try to show how to generate user certificates on e-tokens by using the Windows CA. This tokens can be used after that for secure user authentication or signing. Prerequisites: – Install the Windows CA service. This comes a standard feature in Windows Server 2012. – Internet Explorer 9 and up… Read More »
In a setup having an enterprise application depending on a database instance where some tables are defined as nicknames to tables from a federated database, it can happen to get this very cryptic DB2 error. I already had a post related to this case when the setup uses access to a federated database https://blog.voina.org/db2-sql-error-30090-caused-by-read-only-table-nickname-to-a-federated-database/. You… Read More »
I wanted to move my test db2 installation based on a Fedora Core 23 to a RHEL7 virtual machine without having to reinstall everything and not lose any data. This is in fact cloning my test environment database. This is not an easy task as is not officially supported by IBM but the beauty of… Read More »
At some point my RHEL7 development virtual machine run out of space. Resizing the image is really made easy by RedHat: STEP 1: Resize the virtual machine disk [root@localhost VMs]# qemu-img resize RHEL7-clone.qcow2 50G Image resized. [root@localhost VMs]# STEP 2: Start the VM and check the disks from inside the VM Check the virtual disk:… Read More »
The requirement that an enterprise system has high availability on site and across sites is very often encountered in the world of financial systems. To achieve this requirement the obvious solution is to have a cluster on the primary site (PR) and another cluster on the disaster recovery site (DR). On the PR we created… Read More »
My setup becomes more and more complicated bellow there are the updated steps of my configurations with references to the original posts containing the partial configurations. STEP 1 EdgeRouter : Dual WAN with Hair Pin Initially I started with a dual-wan configuration with some extra setting to exclude from load balancing the hair pin connections:… Read More »