We has tubez!

So many of you may find this site looking to see where I’ve gone, and why I’m not on Hak5 any longer.

While this is a brief post I promise I will write up a longer more appropriate post for you shortly.

Short and sweet of it is, I’ve decided to move on and focus my energy on my career, business opportunities and my undying love of internet radio.

I’ll be bringing back my internet talk show soon, and if you’re ever at an SAP conference focusing on infrastructure or virtualization, you might see me presenting

Like I said, a more thought out post is coming shortly, and I’ll be posting on my blog pretty regularly with updates on things going on in my life.

Thanks to all the great I’ve met over the last 2.5 years, you have truly made them unforgettable!

So the series I’ve been doing on ESXi has been getting nothing but great feedback, and I’m glad that I can share what I’ve learned over the course of the last couple years with everyone.
On episode 518 of Hak5, we show how truly easy it is to add iSCSI storage to a free deployment of ESXi.

So what is iSCSI?

In computing, iSCSI (pronounced /аɪsˈkʌzi/), is an abbreviation of Internet Small Computer System Interface, an Internet Protocol (IP)-based storage networking standard for linking data storage facilities. By carrying SCSI commands over IP networks, iSCSI is used to facilitate data transfers over intranets and to manage storage over long distances. iSCSI can be used to transmit data over local area networks (LANs), wide area networks (WANs), or the Internet and can enable location-independent data storage and retrieval. The protocol allows clients (called initiators) to send SCSI commands (CDBs) to SCSI storage devices (targets) on remote servers. It is a popular storage area network (SAN) protocol, allowing organizations to consolidate storage into data center storage arrays while providing hosts (such as database and web servers) with the illusion of locally-attached disks. Unlike traditional Fibre Channel, which requires special-purpose cabling, iSCSI can be run over long distances using existing network infrastructure.

In simpler terms, using some free software, it’s stupid easy to create a large amount of storage which is not tied to the physical adapter of the host server (in this case, the server ESXi is running on).

So what do we need?

• Functioning ESXi Installation
• Server capable of running FreeNAS
• Gigabit connectivity between ESXi server and FreeNAS

Now let’s get started. While it’s recommended to separate your iSCSI traffic from your other internet networking, for the purpose of this instruction, we’re just going to use the same IP subnet for all of our LAN and iSCSI traffic.
Our ESXi server sits at 10.10.1.55 and our newly installed FreeNAS server is located at 10.10.1.66

1. Connect to your FreeNAS server through the WebGUI using your favorite browser. In the top menu select Disks, then click Management.
   
2. Click on the plus sign in the lower right corner to add drives.
   
3. Next to Disk, choose the drive you want to add from the drop down, and if you want enter a description for it next to Description.
   
4. When you go back to the Disk Management screen you will be asked to confirm the addition by clicking on Apply changes, go ahead and do that now.
   
5. From the top menu choose Services, then iSCSI Target.
   
6. Click on the plus sign in the Extent area.
   
7. The Bolded fields are required, so place a name in the Extent name field, leave the Type as Device, and then choose the Device you want in the dropdown.
   
8. When you get back to the iSCSI Target page click on Apply changes.
   
9. Click on the plus sign in the Target area.
   
10. As before the Bolded fields are required. Here is a breakdown of the fields:

    Target name: Add your own or leave the default
    Flags: RW for Read/Write or RO for Read Only
    Storage: Will have the extents listed that were setup, choose the one you want to use
    Authorized Network: Enter the IP network that can access this drive. For us we’re going to enter 10.10.1.0 and we’ll leave the /24 as our subnet is 255.255.255.0

    Once you fill in all the info click on Add.
    

11. Back at the iSCSI target page you need to click on Apply changes once again.
    
12. Now place a check in the box next to Enable in the top right corner and then click Save and Restart in the bottom left.
    
13. The iSCSI Target drive is now setup and ready for use.

Now we need to setup ESXi to connect to our newly created iSCSI target.
Start by logging into your your host by using the Vitrual Infrastructure Client.
Click on your host, and then click the configuration tab.
Click Storage adapters, and then select your VMHBA32 iSCSI storage adapter.
Click properties and configure, then check the enabled box.
Goto the dynamic discovery tab, and add your FreeNAS IP address (in this case, 10.10.1.66)
Click ok, then close, and then rescan the HBA.

At this point you should see your storage, now we need to format the new storage.
So click back to the storage option on the left.
Then click Add Storage.
Select Disk / Lun, and click next.
Select your new disk on the FreeNAS iSCSI target, and next, next, finish.

DONE!

Questions? Post em in the comments!

Hey everyone,

Just a little post regarding the most recent episode of Hak5.
I went into showing users how easy it really is to setup a VOIP provider so that you can easily make and receive phone calls to and from external numbers.

I chose to use Teliax, which in my opinion is a great option if you’re looking for a provider as they have some really attractive pricing especially the pay as you go plan.
The nice thing about that plan is you can have 10 simultaneous calls going, and so long as your 3CX license provides, there’s no extra setup.  It will just deduct you based on how many minutes each of the callers is using.

There have also been a couple of questions that have popped up both here on my blog and in email.  Check out those after the break.

Read the rest of this entry »

Recently on Hak5 I showed how easy it was to setup a Windows based IP-PBX using software by 3CX, a company out of the small country of Cypress.

After having an urgent need to replace our aging PSTN based telephone system which costs $100/hr for some monkey to come in and make a simple extension change, my company decided it was time for something we could control.

I had been through this motion about a year prior, and in that time, came away with a solution from Mitel which ended up costing around $30,000.  Now this was a great platform, (IP3300 if I remember correctly) Office Communications Server 2007 integration, remote site support, Exchange 2007 UM integration, all of the key features that I had spent tireless hours implementing in our infrastructure to hopefully take advantage of in a new phone system.

However, the current economic conditions as they are, we could no longer justify a $30,000 price tag for a new phone system;  Enter 3CX.

After searching google for about a half hour, and looking at all of the asterisk based IP-PBX systems, I came across the 3CX IP-PBX platform which ran on top of Windows.  Now I know there are those of you out there that may be reading this thinking to yourselves, AHHH MORE WINDOWS.  Well you can go to hell, seriously.  My company is a Microsoft shop, end of story.  I have no need, nor the time to do something in linux that would take me personally longer than it would in Windows.  You may be quicker, and that’s good for you, but I can’t be bothered.  Windows works for my company, and that’s all that you need to know.

Back on track…  After downloading the free version (yes it’s completely free if you don’t need some of the advanced features such as Exchange 2007 UM integration, or call parking, etc.) I literally had a functioning internal phone system up and running in about 10 minutes.  The installation is painless, and the configuration steps a breeze.

So I decided to kick it up a notch.  I ordered a single Linksys SPA962 IP Phone from 888voipstore (I highly recommend these guys, sure you can find stuff for 10-15 bucks cheaper, but at the end of the day, I’m speaking to someone I understand, and who is very attentive to their customer)  After receiving said phone, I plugged in the mac address to the 3CX back end, and auto provisioned the phone.  CAKE!  Nice and moist, just the way I like it.

Next came the all important decision of how many people we’re going to roll this out to in Phase 1.  Answer? 16
I can handle 16, and apparently so can 3CX.  I had 16 extensions and phones configured in about 2 hours.  That includes the time it takes to upgrade the phones to the latest 6.1.5a firmware available from Cisco.

All in all I’m pretty satisfied with the 3CX package.  While I can’t get into every nitty gritty detail of my phone system, I don’t need to.  The software works, a few small issues not withstanding) and I can eventually turn over basic user maintenance to someone who isn’t an IT person because it really is that easy to use.

I really would suggest anyone with a Windows machine lying around the house who has a need for a basic PBX for use with either a VOIP provider, or a PSTN gateway look at 3CX.  I know I’ll be deploying a server here at the hakhouse for some other business purposes, and don’t have to worry about much beyond which machine I’m actually going to throw it on.

For more info on 3CX or to download the free version OR their enterprise version with a free demo license which unlocks all of the software’s functionality, but limit’s it to 2 concurrent calls should visit http://www.3cx.com

Recently I had the pleasure of being a part of the Napera Indigo Beta program in which Napera, (a networking company founded by Todd Hooper formerly of Watchguard) sent me a 24 port gigabit switch with their new embedded switch platform installed on it.

The Napera beta is basically a test of a network software platform for installation by companies interested in the features that Napera is spearheading.  With the recent release of Windows XP SP3, Vista and the upcoming release of Windows 7, microsoft has taken the bold move of having the ability to offload the monitoring and auditing of machines connected to your internal network and checking them for things like up to date OS patches, firewalls and antivirus.

The program focused on a couple key components.
1. Set-up and Activation
2. Enable NAP and Health Reporting
3. Health Enforcement
4. Identity Enforcement
5. Guest Access

You can read a little more on exactly what NAP is here : http://www.microsoft.com/technet/network/nap/napoverview.mspx

All of that aside, in the most recent episodes of Hak5, I dived into the interface and health reporting functionality of the Napera switch and it’s ability to limit workstation access based on Health and Authentication with Active Directory.

I’m a steadfast believer that anything that makes my life easier as a Systems Admin, or now in my case a CTO for a small company, is a great advancement and something that I think is sorely lacking in the industry.

I can go on and on about the functions of the napera software but I think it’s best experienced from the horse’s mouth.

For more information on Napera, head on over to http://www.napera.com/indigo/Napera%20Indigo%20User%20Guide.pdf for the Users’s guide on Indigo.