@pete-s said in Reboot on ping loss:
Eaton owns them now.
When did Eaton buy them? Fuck I hate Tripp-lite.
I have been buying standard Eaton UPS for years. They work great. I don’t use their software. Their software was crap when I tried it. I just don’t bother managing the UPS for low end.
@scottalanmiller said in "Site not secure" | Self-signed Certificate?:
@jaredbusch said in "Site not secure" | Self-signed Certificate?:
@pete-s said in "Site not secure" | Self-signed Certificate?:
@scottalanmiller said in "Site not secure" | Self-signed Certificate?:
@pete-s said in "Site not secure" | Self-signed Certificate?:
You can't get or buy publicly trusted SLL certificates for any server on your LAN, only for public FQDNs/IPs
We get them. It's just more effort.
Please elaborate Scott!
Yes, please.
Sure, you just have to do it via the DNS TXT process. The server has to be able to reach out, it can't be totally isolated from the Internet (unless you want to move the files around manually) but it verifies that you own the name without needed to provide a file. We do this for some clients all of the time. It's a pain and cannot be automated, so you need a human to get involved from time to time to make it work. But it works.
That is more than getting a cert for everything on your LAN. That is also giving everything your on LAN a valid FQDN, and thus also valid internal DNS records, or NAT reflection etc, for said traffic.
@scottalanmiller said in Locking down vendors:
@dashrender said in Locking down vendors:
They MIGHT have an internal team for this, but since we have our own IT department, my management has decide to take the costs internal versus paying the new vendor to set up remote access for themselves.
That doesn't really make sense as this is all questions about THEIR IT. All your team can do is get in the way
Right, I have no idea WTF you think you are doing here @Dashrender.
The most you should do is setup a VLAN or actual separate LAN with no access to your network. The other company can deal with putting something on this shit old device that reaches to their support infrastructure.
@jasgot said in Cordless VoIP phone preference?:
I have a need for some VoIP cordless phones. Does anyone have any tried and true models they like?
Need it to work with VitalPBX if it matters.
Also want some decent range through office buildings.
Personally, I prefer DECT based cordless devices. I've never had a problem with Yealink's line of them.
https://www.yealink.com/products_list_23.html
@nadnerB said in What do you use as an identity provider?:
@VoIP_n00b said in What do you use as an identity provider?:
JumpCloud’s SSO goes beyond application access to provide a single identity that can access any IT resource, from applications to devices, networks and more. Backed by a robust Directory Platform, you can onboard, offboard, and manage the lifecycle of every user with a single set of credentials. With one identity per user, you can easily provision and deprovision user access to devices (MacOS, Windows, and Linux), on-premise applications, networks and VPN, and servers from a single, secure console.
There is so much marketing fluff speak in that.
Did you just copy and paste from the propaganda page?
Of course he did, that is all he ever does.
@Fredtx If you are going to do VPN, then do hub and spoke for sure. Mesh of multiple locations like you have is simply asking for crypto to hit all the things.
I mean your risk is already high by using insecure LAN methods, but yeah, why multiply it?
@scottalanmiller said in How to Updated to Fedora 36 from the Command Line:
sudo dnf --refresh upgrade
Why are you adding this?
@pmoncho said in SIP Extension for Maintenance Staff in Noisy Environment:
@JaredBusch said in SIP Extension for Maintenance Staff in Noisy Environment:
I have one of these.
https://www.amazon.com/Sennheiser-SDW-5066-507024-Double-Sided/dp/B07P68C84DThe noise cancellation works really good. I don't know about factory floor good, but real good.
Do you find the (roughly) 500' range to be accurate? I only need 100' but with a few walls in between.
Yes. I get 200' + from my office walking up or down the sidewalk.
@WrCombs said in SQL Server 2019:
@scottalanmiller said in SQL Server 2019:
Thanks - I'm looking to move a private client to this. anything I need to keep in mind?
SQL Server is SQL Server. Nothing has really changed with it in years other than the ability to now install it on Linux.
@WrCombs said in Application error -:
it requires .net 4.0 or higher (4.9 is installed)
.Net 4.0 is not .Net 4.9
Are you sure it allows .Net 4.0 or higher?
@osmanErdi I cannot answer that question, but I can say Kaspersky is a pain in my ass for the last week. I am having problems with a client using OneDrive for Business and the problems go away when i disable Kaspersky.
Your problem is a lack of understanding how EPM works.
When you use the update device button, a SIP NOTIFY message is sent to the extension.
Obviously, if you delete a mapping for Extension 123, but do not reset the phone itself, the phone will continue to be provisioned as extension 123.
When you reuse the MAC address for extension 124, which is not currently registered, there is no endpoint to send the SIP NOTIFY to.
Basically, EPM is using this asterisk command (assuming you have a Yealink phone) to tell extension 124 to check its config. But since 124 is not yet registered, nothing answers the message.
pjsip send notify reboot-yealink endpoint 124
There are various contexts for different manufacturers
You can manually tell extension 123 to check it's config (which will make the device check, and pull the new config file with extension 124.
You can see it not work since I have no 124 on this PBX.
But for an extension that exists...
You can see the notify message in sngrep
I'll be spinning up a new Nextcloud instance and simply manually migrating users to it I think.
@NHCSAdmin said in Scale Computing VS Proxmox:
I was wondering if anyone has any opinions on moving from Scale to something like ProxMox?
These two stacks serve different purposes.
Scale is Hyperconvergence
Proxmox is simple virtualization
Yes there is a lot of overlap between the two depending on how things are setup, but you should ignore trying to squeeze something into a non-standard shape, even if it can fit.
Looks like the cert expired in April, so I bet PVE has been hammering ACME.....
When I tried to manually renew the certificate from the command line, it said I have been rate limited.
root@pve:~# pvenode acme cert renew
Loading ACME account details
Placing ACME order
Error: POST to https://acme-v02.api.letsencrypt.org/acme/new-order { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: pm.daerma.com: see https://letsencrypt.org/docs/rate-limits/", "status": 429 }
Task Error: POST to https://acme-v02.api.letsencrypt.org/acme/new-order { "type": "urn:ietf:params:acme:error:rateLimited", "detail": "Error creating new order :: too many certificates (5) already issued for this exact set of domains in the last 168 hours: pm.daerma.com: see https://letsencrypt.org/docs/rate-limits/", "status": 429 }
I have 2 PVE 7 systems running at home. Mostly just to have a non-client, non-production, setup handy.
I could not log in to the web interface of the cluster by FQDN or the direct IP of either unit in the cluster. FQDN did through a cert expired error. So, something is going wrong, as the certificate manager is supposed to handle thing.
SSH works just. I know the password, confirmed by using it for SSH.
Things I saw on a google search did not help. So a reboot. Still did not help. So I ran updates from the CLI, not it has been stuck at 98% for 10 minutes on both systems.
@Dashrender said in How to find lost phone numbers?:
I guess the thing to do is call their telco provider and ask where the numbers are? why they aren't on the bill anymore, etc.
This is all you can do. Call the provider. But likely they were ignored and legally lost.