@scottalanmiller said in Cisco ASA5510 vs Ubiquiti ERPro8:

@anthonyh said in Cisco ASA5510 vs Ubiquiti ERPro8:

@scottalanmiller said in Cisco ASA5510 vs Ubiquiti ERPro8:

@anthonyh said in Cisco ASA5510 vs Ubiquiti ERPro8:

The ERPro8 would perform more of a firewall role than a "router" role.

I know you are using quotes here, but I have no idea what you mean. Neither the literal words, nor any figurative implication, are apparent.

Edited that sentence to: "I'm looking to lean on more of the firewall capabilities than the routing capabilities of whichever device I choose."

Not sure why I used the quotes either.

Wouldn't that make them equal in that sense, then?

Possibly, but I'm not sure. I'm sure they perform different depending on what they are being configured to do (NAT, PAT, ACLs, etc.) but it may or may not be noticeable in my environment. If I decided to set up different firewall zones, I know for a fact that the ASA will throw traffic across the zones at just about wirespeed (gigabit). I don't have this experience in the Ubiquiti world (perhaps this is an an opportunity to test that).

@scottalanmiller said in Cisco ASA5510 vs Ubiquiti ERPro8:

@anthonyh said in Cisco ASA5510 vs Ubiquiti ERPro8:

The ERPro8 would perform more of a firewall role than a "router" role.

I know you are using quotes here, but I have no idea what you mean. Neither the literal words, nor any figurative implication, are apparent.

Edited that sentence to: "I'm looking to lean on more of the firewall capabilities than the routing capabilities of whichever device I choose."

Not sure why I used the quotes either.

I'm working on building up my home lab. I managed to score a pretty nice Cisco 3560X PoE+ to use as a L2 or L3 (if needed) switch. All I need networking wise is something to sit between it and the Internet. I've managed to get access to both a Cisco ASA5510 and a Ubiquiti EdgeRouter Pro 8. I can't decide which one I want to go with.

Advantages the ERPro-8

• Power consumption. I have not plugged the ASA into my Kill-A-Watt meter, but I have connected the ERPro-8 and after boot it idles at around 18 watts. My hunch is the ASA wouldn't come close (my instinct says 50-60 watts at idle).
• Footprint. The ERPro-8 is significantly smaller and lighter. However, this is a minor benefit as they will be installed in a rack.
• Noise. The ASA is much louder than the ERPro-8. However, this is a minor benefit as the rack they will live in will be located in my garage.

I'm looking to lean on more of the firewall capabilities than the routing capabilities of whichever device I choose. I currently have 75Mbps/7Mbps service through AT&T, but will likely upgrade this to one of Charter's offerings in my area which will be at minimum 100Mbps.

To help with the comparison, the ASA5510 has 1 GB RAM, so it can run the latest ASA software (which I have), has a 4GE SSM module (which gives you 4 gigabit interfaces on top of 4 built-in 10/100 interfaces), and it comes with the "Security Plus" license.

I've always been fond of Cisco gear (but not the price-tag), likely because it's what I "cut my teeth on" when first starting out as a network administrator.

Curious what y'all think.

EDIT: Obtaining one of the devices will only cost me gas to get it home, I just have to pick one.

We purchase Bria licensing here and it seems to work well. I don't use it personally so I cannot share any end-user experience with it. However, we do have some users who ask for it specifically and prefer it over a physical phone.

@black3dynamite said in XenServer - Rename guest within guest?:

@anthonyh said in XenServer - Rename guest within guest?:

I built a script that I use with my Linux (CentOS) template that eases standing up Linux VMs (very handy). It walks me through IPing the host, setting the hostname, joining it to AD, and making sure it's up to date.

Something I just thought of and am wondering if it's possible is re-naming the VM from within the VM.

In my environment, the guest name as displayed in XenCenter is equal to the guest's real hostname. What I'd like to do is have my script then "apply" this name to the guest. And, even a step forward, also re-name the virtual disk too.

Is this possible?

Maybe you can ssh using key file to XenServer and then use your xapi commands to capture the VM name so you can rename your guest VM. You can probably to do the same with renaming virtual disk too.

That's not a bad idea! I may look into this.

@momurda said in XenServer - Rename guest within guest?:

I have wondered about this same as you.
Your current script, is it in ~ of the template user? It runs within the vms you make?

I don't think XS can do anything with the vms it hosts other than turn on/off, migrate, suspend, delete, expand, other things like that.
If you look at xe vm-??? command list you will see all the things you can do only involve vm operation or virtual hardware actions.

The script resides within the template and I manually run it when I create VMs based off the template.

I built a script that I use with my Linux (CentOS) template that eases standing up Linux VMs (very handy). It walks me through IPing the host, setting the hostname, joining it to AD, and making sure it's up to date.

Something I just thought of and am wondering if it's possible is re-naming the VM from within the VM.

In my environment, the guest name as displayed in XenCenter is equal to the guest's real hostname. What I'd like to do is have my script then "apply" this name to the guest. And, even a step forward, also re-name the virtual disk too.

Is this possible?

@jrc Glad you were able to find a solution!

Is it still possible to interface with Google Voice these days with Asterisk/FreePBX? I know a while back Google changed something on their end which made it much more difficult (if not impossible at the time) to do.

@scottalanmiller said in SIP Trunk Provider For Home Lab:

THink about how many minutes that is of incoming calls for home use. A DID with pay per minute is $.85. Incoming calls are $.009 per minute. So ...

$4.25 - $.85 = $3.40
$3.40 / .009 = 377 minutes included.

Unless you are regularly getting a lot of incoming calls a month, you are losing money on that. For a home, that's really rare. That's many hours of sitting on the phone every month on incoming calls alone.

OH!!! I was reading it as 9 cents. Not 0.9 cents!!! Makes total sense now!

I'm talking about this:

@scottalanmiller said in SIP Trunk Provider For Home Lab:

Yup, voip.ms is the top choice.

I was looking at their pricing and for ~$5/month you can get unlimited calling. Is that both inbound and outbound, or just outbound?

I'm toying with the idea of setting up an Asterisks deployment (likely FreePBX) in my home lab. I'd like to be able to make/receive external calls. Any recommendations on a SIP trunk provider for such use? voip.ms seems pretty cheap. Just curious what you guys would recommend.

Thanks!

In my experience the default behavior is to not allow the user of a chroot jail the ability to write to the root of the jail. There may be a way around this (I have a CentOS SFTP server that allows my chroot jailed users to write to the root of the jail (say that 5 times fast), but in helping @jrc offline Ubuntu seems to play less nice.

So, my suggestion is to create a directory specific for jails, like "/var/jails/<user>"

Set the chroot jail to the permissions the system is expecting (755 root:root).

Create a symlink in the jail that points the user to the folder they need access to (making sure the folder at the other end of the symlink has the appropriate permissions, of course).

In theory this should work...but we will see.

@dashrender said in Home Network Setup:

Any value to trying to use DNS/DHCP for Windows domains on something other than Windows? It drops the need for Windows CALs for DNS/DHCP use.

If so, does UBNT based gear support dynamic DNS?

If the environment is utilizing Active Directory I think sticking with with MS DNS is best (I'm sure there are ways around it if you replicate the various DNS records AD creates, but IMO it may be more headache than it's worth). However, you can use other DHCP solutions. We do not use MS DHCP and have no issues.

@scottalanmiller said in Home Network Setup:

@anthonyh said in Home Network Setup:

2 vCPUS and 1G RAM which is more than plenty for the role in my environment.

1vCPU and 512MB should do that fine.

You're probably right.

@krisleslie The EdgeRouter line's OS is based on Vyatta OS which you can run on x86 hardware. Check this out: https://vyos.io/

I run a CentOS VM that does both recursive DNS (bind) and DHCP (dhcpd) for my home network.

2 vCPUS and 1G RAM which is more than plenty for the role in my environment.

I have dhcpd set up to do dynamic DNS updates so that my dynamic clients are reachable via hostname. Works really well.

I have an EdgeRouter PoE and have found that it is not as quick at resolving DNS than BIND in my environment.

@dafyre said in PowerShell - Script never completes. Is there a session timeout?:

@anthonyh said in PowerShell - Script never completes. Is there a session timeout?:

@dafyre said in PowerShell - Script never completes. Is there a session timeout?:

ROFL. Not a problem. Things working as designed. Next!

For what it's worth, my post was intended to be framed from the standpoint of "what am I doing wrong??" rather than "what's wrong with the system?!". I figured I was missing something stupid.

Never hurts to have extra eyes. I didn't even think about the potential for this to be a scheduled job... God, I have a case of the Mondays.

Not your fault at all. I did not mention it in my OP. Whoops. Perhaps I'm the one with a case of the Mondays.

@dafyre said in PowerShell - Script never completes. Is there a session timeout?:

ROFL. Not a problem. Things working as designed. Next!

For what it's worth, my post was intended to be framed from the standpoint of "what am I doing wrong??" rather than "what's wrong with the system?!". I figured I was missing something stupid.