rebelpeon.com

Category: electronics

  • Crack Kills

    Well, Crackdown that is.  That’s right, it’s killed my Xbox 360.  Binford bought it and apparently tried to play it on my Xbox, and it locked up.  Resetting the box resulted in the red three lights.  I came home later, not realizing what had happened, and the Xbox booted up, I attempted to play Crackdown, I downloaded a needed update, and it locked up again.  Restarting it gave the red three lights.  After some fiddling, I got it to work again.  I then booted it without a game, put in the Halo 2 disc, and it worked fine.  Put Crackdown back in, and it locked up again.  Some more fiddling, it comes back on.  Play even more Halo 2, everything’s fine.  Put in Crackdown disc, locks up.  Unfortunately now, no amount of fiddling has gotten it to turn back on again.

    Damn.  So I called Xbox support.  They run through everything to make sure it’s not the hard drive or the power supply.  It’s not.  I give him my serial number.  He comes back and says that it’s not under warranty anymore.  Well, it needs to be sent in because he can’t fix it over the phone, he asks if that’s alright.  Of course, I tell him no.  The damn thing worked fine before Crackdown, and now it doesn’t.  Hell, it even worked with Halo 2 just fine, but stopped as soon as I put the Crackdown DVD in.  Obviously this has nothing to do with my console and a whole lot to do with the game. 

    He talks to his supervisor.  They won’t charge me for the repair, but I’ll have to pay to ship it there (normally Microsoft pays for that too, at least, when it’s under warranty).  I say that that is acceptable, and he gives me all the details I need.  I’m thinking about shipping it from work, that way Microsoft still ends up paying. 

    This definitely gets me wondering how non-sensical this machine is.  It comes with a hard drive.  Actually, some do, not all.  Why are the updates not being applied to the hard drive?  That way, when something happens, you can just wipe the drive and start over.  Also, how is a game causing the thing not to boot anymore?  It’s just a piece of software that runs at a very high level.  There is no reason it should be able to influence how the machine runs.  And then there’s the fact that it is a closed system.  Everyone has the same thing, and the peripherals that do come out have to go through Microsoft.  How I’d love to be able to QA programs that only have to run with one configuration, and yet, they seem to not be able to do that.  Makes you wonder…

  • ISA Site-to-Site IPSec VPN

    I wasn’t necessarily going to post this, but since ISA seems to be the most linked to thing on this site because of only 2 articles, I figure it can’t hurt to talk about it. Especially since it was a very strange problem I had with it and I’m sure I won’t be the only one with it.

    Anyways, at work I am utilizing ISA 2006 Std edition in a front and back wall scenario. Site-to-Site VPN terminate on the external firewall, and all of our local VLANs (55 of them) are routed off of the internal firewall. So far, nothing that complex. It’s just a simple DMZ between the external and internal network setup.

    Anyways, I had a site-to-site VPN (IP pre-shared key) between a customer and us. Basically, we just need to hit a single machine, so the remote network contained two IP addresses, one for the client’s gateway (this is added by default in ISA 2006, DO NOT delete it, also be sure that the remote site has added your gateway in as a remote network too!) and another for the machine we needed to hit on their local network. Anyways, it was working fine. Well, actually, nobody was using it quite yet, but testing had been completed, and I was able to access everything that the developers would need. Anyways, the customer decides that they need to add another IP address that we’ll need to access. Again, no big deal. I’ll just add the IP to the network list for this client. Just to make sure everything’s working, I test it. Nothing works to the new IP. However, the old IP still works fine. What the hell?!

    For those of you unfamiliar with ISA, it’s not like I created a new VPN for this new IP addition, or anything like that. I simply added the new IP to the existing network. All the routing and firewall rules remained the same. Adding the new IP to the list of remote networks should have allowed it to work.

    Working with the IT person at the customer, I learn that when I try to hit the new IP address, the Quick Mode authentication was failing because the ISA server was sending the wrong local network that the request was coming from. The local network that was defined in the rule (by putting a subnet destination in the network rule) was 10.254.95.192/27. However, on the client’s side, he was seeing the request coming from 10.254.64.0/19. In order to create the IPsec tunnel, both the local and remote networks on each end of the tunnel must be identical, but switched (i.e. my local is his remote, and his local is my remote). Needless to say, this 10.254.64.0/27 was screwing everything up. However, when I connected to the original IP that worked, it was sending the correct network of 10.254.95.192/27.

    Of course, no where in ISA 2006’s logging can you see it making the IKE requests. All I could see is that requests were being routed correctly from the internal ISA to the external ISA, and then from the external out to the correct network for the customer VPN. In essence, traffic was going in to a black hole. I could also see that the VPN connection (Main Mode) was up and running. I was completely reliant on the customer to let me know what was coming down the pipe to him. That right there is not really something I’m comfortable with, but he seemed to be OK with it. I’m sure it’s because he knew it wasn’t on his end, but on mine.

    After deleting the VPN multiple times and recreating it to no avail, restarting the machine, etc, I knew that I would have to get some help from someplace else. Thankfully we have an awesome community of people at work that I could bounce ideas off of. Unfortunately, I never received a response. Also, ISAServer.org is a great place to get information. They have forums there that people keep an eye on. Unfortunately, ISA 2006 is still quite new and not as many people deal with it. I also did not receive a response from there. Needless to say, I was on my own for this one. Not a place I really wanted to be, since I thought I was at the end of my ability.

    Actually, the IP isn’t really done in ISA server at all. Much like everything else that ISA server does, it’s just an application that sits on top of the OS and utilizes things that are already built into the OS (in my case Windows 2003 R2). This means that all IP policies, rules, etc are done by Windows and this can be monitored using the IP Security Monitor MMC Snap-in.

    Since the VPN tunnel was being created successfully, I knew that Main Mode IKE Policies were correct, it was the Quick Mode policies that were causing me grief. Since we have multiple VPN connections terminating on this firewall, there are a lot of Quick Mode IP policies in place. Especially since all of them use pre-shared keys, which require that two IP policies are created, one for inbound and outbound (otherwise you can have one policy that does both inbound and outbound).

    Scanning through the policies I was able to find the inbound and outbound policies for the original customer IP address to the 10.254.95.192/27 network, but I wasn’t able to find it for the new customer IP address. Alas, the problem! The next best policy for the new IP address was for the 10.254.64.0/19, since this policy encompasses the 10.254.95.192/27 subnet. Finally, I felt like I was making progress. Unfortunately, ISA should have been creating these policies when I edit the customer VPN networks. Actually, I still have no idea why ISA isn’t creating these policies. This is why I think there’s a bug which I’m going to submit to Microsoft (via this post actually).

    Now that I knew the source of the problem, I had to fix it. Some days diagnosing the problems take longer than fixing them, and some days it’s the other way around. Since it had already taken me about a day to find the problem, I hoped that it wouldn’t take that long to actually fix it.

    Needless to say, you can’t add IP policies from the IP Security Monitor MMC Snap-in, because, well, it’s a Monitor not an editor. The IP Policy Manager MMC Snap-in was no use either, as it defines computer level policies. Doh. Well, I can finally say that one of my certifications actually came in handy. That “+ Security” portion of my MCSE gave me the knowledge that there is a way to edit IP policies from the command line. Going on this, a quick Google search gave me exactly what I was searching for. Now which command to actually use?

    At first I tried to just create a filter. However, I didn’t know of any filterlist, and none of the current filters were a member of a filterlist. Thankfully you can just make up a name and it creates on. Unfortunately this didn’t solve anything. Nothing showed up in the Quick Mode filters. Lets try again, yeah?

    Turns out it’s not a static setting, but a dynamic setting, which makes more sense. Anyways, you can add Quick Mode rules pretty much the same. In that I mean, the command is just as long and gross. Just be aware, that since I wanted to add a Quick Mode rule and not a Main Mode rule, I had to put in the Quick Mode Policy variable.

    Another thing that made this so confusing was that in IP Monitor, they are called Quick Mode Filters and at the command line they’re called Rules. Ugh. At least it’s taken care of. And now I think I know more than I ever wanted to about ISA and IP.

  • Rebates

    Holy shit, I finally got the second rebate check ($150) for my phone!  Yes, this is the phone I purchased back in March of ‘05.

  • NetApp Certified

    Well, I have another acronym to stick at the end of my name, NACA.

  • Services Companies

    I find it funny how a services based company, that is based on consumer satisfaction, can be so unhelpful to the consumer. Let’s take Comcast for example. It’s a $22.23 billion revenue ($14.2 billion profit [how can I create a company like that?!]) company. Why is it so hard to make customer service decent. Don’t get me wrong, I rarely use it as it is, and normally when I do it is quickly resolved, but today was different.

    On Friday we started having problems with the HD stations we get. Everything keeps going pixelated every few seconds or so, and the sound cuts in and out. Basically, the channels are useless. However, the SD channels are fine. Another little annoyance is if you happen to be on an HD channel, the remote seems to stop functioning at all. In all actuality it works, but there is so much latency that it takes a minute or more before your button presses on the remote show up. Hell, even using the buttons on the front of the cable box didn’t do anything.

    Needless to say, I finally got around to calling them about this. The first lady I spoke to said she would “send a signal” to the box and everything should be ok. For what ever reason I believed her, hung up and tested it out. Only to my surprise did it not work. So, I called back. This time I was given a guy that seemed very new, or just crazy slow (I’m not sure which yet). He had me do a few things, which completely locked the cable box up, and then said he’d have to schedule a technician to come out.

    “The first available time is 10-12 tomorrow. Are you available?” he inquires.

    “Do you have anything after 5?” I respond.

    “No, we don’t offer appointments after 5, but we do have slots available on the weekends.”

    What the hell?! So, I basically have to either take time out of my, already incredibly, busy schedule at work, or waste my free time on the weekend?! I think not. I let him know this seems pretty sleazy as this is a problem on Comcast’s side, but he tells me there’s not much he can do. I ask to speak to his manager, even though I too know there’s nothing this person can do either.

    All I can say is, this lady was pro. She’s either been there awhile or has taken a whole lot of classes. I dropped the “moving to satellite” line and she didn’t even flinch. She did mention that she could have someone come out between 4-6 on Friday. I said I’d be here at 5. She said it didn’t have to be me that was in my house. I was tempting to ask her if she would leave anyone in her house just waiting for the cable guy, but I refrained. Finally she conceded and the best she could do was between 4 and 6. I said that was fine, but I wouldn’t be there until 5.

    Now, actually, I could’ve been here from 10-12 tomorrow. I guess that’s not the point though, is it? Both support technicians reassured me that this was a problem on their end and that a technician needed to come out (they also dropped the “you won’t be charged for this visit” line, damn straight I won’t!). So why am I forced to bend my schedule or give up my free time just so that they can fix something wrong on their end? Why do the 21.4 million subscribers to Comcast think that it’s ok to play with their schedule for a service they, themselves, pay for? It just doesn’t seem right to me. What makes it even more absurd is that the technicians that come out (at least in Chicago) aren’t even Comcast employees. They’re hired out contractors.  You can not tell me that these people refuse to work after 5.  Give me a break.

    Oh, and don’t let this lead you down the path that it’s just Comcast either. This isn’t an excuse to move to satellite or whatever, all large services based companies are like this. I guess that’s why so many people my age are enjoying “internet-based” businesses so much. They feel more like mom and pop stores because of the people that run them, but have the global appeal and size potential because of the internet.

    I don’t even really watch TV that much anyways! Personally, I can’t wait till the technician shows up sometime between 4 and 5, while I’m not there, and then I get billed for not being there, even though I staunchly said I wasn’t going to be. Yet another battle because I’m difficult.  *Sigh*  All just to live and be hip in this, the 21st Century.

  • ISA 2006 Part 2

    I still haven’t found any decent solution to the compression, but I did find a solution to publishing NTLM websites.  Basically, ISA 2004 didn’t have any pre-authentication, where ISA 2006 does.  Why I wasn’t experiencing any of this on my websites was because the ISA machine is on the same domain.  In order to fix this, I had to use LDAP pre-authentication.  I used part of an article posted on isaserver.org.  It got me working to a certain extent, but then I had to play with it a little bit more.  No big deal, it’s all working now. 

    Now just to fix the compression part…

  • Vista and Photoshop

    I finally got around to ordering the hardware necissary to do what I want on my computer without having to wait and wait and wait. I finally bought 2 GB of RAM and a new video card. This will increase my system RAM 5 fold after I add it, and get me off the onboard video card with 8 MB of RAM.

    The reason I did this was for two reasons: Running Vista RC2 is painfully slow with only 512 MB of RAM and an onboard video card, and post processing images for aaron spruit (.com) is painful with the limited amount of RAM. Currently my Vista score is 1. This will hopefully bring me up to something that’s bearable. And all for ~$250, you can’t go wrong.

  • Leostream

    Leostream, who I’ve talked about before, has a few new demo’s up on their website.  Having used some of the demoed software before, these are pretty well done.  I would definitely take a look at them.  Oh, and it doesn’t seem to work in IE7 beta, and there are other people saying it doesn’t work in IE at all, so break out firefox or something else to check em out.

  • Office 2007 Beta 2

    Office 2007 Beta 2 has been out for awhile, and I must say, I’m impressed.  I really like the new layout in instead of the old file, edit, view, etc menu.  It took awhile to get used to, but I think I’ve found where everything is now.  I’m also digging the new, and probably temporary, default font, Calibri.  Granted, any one using Office 2003 and earlier can’t see the font.  The built in RSS feeds in Outlook and the To-Do bar is a nice addition too.  Oh, and don’t forget the preview on the fly for things like color, font, and style changes.  Very slick.

    However, there are a few things I don’t like.  I really don’t like how Outlook doesn’t use the same layout as word, excel, etc.  If they’re going to change it one place, they really need to change it everywhere.  It’s not like Outlook’s toolbars are that much radically different than Word’s either.  Also, while the RSS feeds in outlook are nice, there are some serious downsides.  The biggest of which is the inability to edit anything about the feeds, particularly the refresh time after you’ve added it.  Plus, by default, when you add a feed, the update limit is taken from the publisher’s recommendation.  Most sites, however, don’t publish this data so the feed will never update.  So, when you add a feed, be sure to click the advanced button and uncheck the ‘Update Limit’ checkbox unless the provider has actually set the limit.

    Speaking of which, I should probably look into how to do that with my RSS feed.

  • VMWare Infrastructure 3

    Today was the official announcement of VI3, VMWare’s next release of ESX and Virtual Center.  After watching the webcast this morning, I’m more than a little bit stoked.

    Some of the things I’m looking forward to are

    • NAS support
    • USB support
    • Drag and drop in virtual center
    • New, more performant VMFS 3
    • 4-way SMP and 16 GB of RAM support for virtual machines
    • DRS
    • High Availibility features
    • Support for Solaris
    • Ability to run non-VMWare machines
    • Removal of the web interface

    I can’t wait to get the final bits loaded on my machine.  I’ve actually been debating installing beta 2 on my home machine for awhile, but haven’t because of time constraints.  However, I’ll have to put a few things on hold to install the final version.

    There are also a few new whitepapers on VI3 already on VMWare’s website, so you can get a head start before it’s actually released.