The complete IP check for sending Mailservers

 

DNSBL Providers:

 

Problem:

Attempting to test AAA authentication via LDAP to a Windows domain Controller.

AAA Server has been removed

Authentication test to host {IP-Address} failed. Following error occurred – ERROR: Authentication Server not responding: AAA Server has been removed

Solution:

This is a terribly ambiguous error! What it means is that the ASA cannot bind to active directory, either because:

  • The ASA bind account password is wrong.
  • The ASA bind username, (or path to the user object) is wrong.
  • You have set the LDAP server group to use LDAPS (port 636) and the server specified as an LDAP  host is not authenticating via LDAPS.
  • There is no connectivity between the ASA and the LDAP server.

You can narrow it down by running the following debug:

In the following output you can see either the username or the password is wrong:

In the following output you can see the firewall is trying to connect over LDAPS but the server is not configured, (or not answering on TCP 636):

 

For us the issue had been nailed down to Active Directory Group Policies based on the following message: “A stronger authentication method is required for this server”

You you need to change the following:

  • Domain controller: LDAP server signing requirements to NONE
  • Network security:LDAP client signing requirements to NEGOTIATE

cucm_ldap_problem4

 

Reference:

https://www.petenetlive.com/KB/Article/0001271
http://mehmetyeni.com/cucm-ldap-connection-problem-error-while-connecting-to-ldapip-address389-null/

Declarations

Database: [dbname]
User: [uname]
Password: [pass]

Back up

Back up a dedicated database from the Command Line:

Back up all the databases:

Back up with Compress:

 

Restore

1. Create an appropriately named database on the target machine
2. Create an appropriately named user on the target machine

3a. Import an uncompressed SQL dump

3b. Import a compressed SQL dump

ZFS – Single Path

ZFS – Multi Path

ISC Webinars:
https://www.isc.org/mission/webinars

ISC Webinar on RPZ:
https://www.isc.org/wp-content/uploads/2017/12/RPZ-webinar7.ppt.pdf

Security Zones – Rackspace Case Study:
http://www.securityzones.net/images/downloads/Rackspace-RPZ-Case-Study.pdf

Free Trial
http://www.securityzones.net/free-trial.html

Installation Guide for BIND with RPZ with links to example files:
http://www.securityzones.net/images/downloads/BIND_RPZ_Installation_Guide.pdf

ISC KB articles on RPZ:
https://kb.isc.org/article/AA-00525/110/Building-DNS-Firewalls-with-Response-Policy-Zones-RPZ.html

MX Tools – Spamhaus RPZ Service:
https://portal.spamhaustech.com/ma/manual/rpz/

RPZ web site with data feed providers list:
https://dnsrpz.info

1. Cisco Unified Border Element with Support for Multi-VRF

Cisco Unified Border Element Configuration Guide

2. SIPGATE

To let you CUBE register with SIPGATE for incoming calls, you need to ensure that the sip-ua, retry invite is 2 else it will not register!!!!

sip-ua
retry invite 2

1. remove broken packages

2. after removing package update your system

3. re-install the package

1. fix broken packages

2. cleanup 1st

3. cleanup 2nd

4. Package Manager

Here a brief config snipped to allow WordPress to

  • use a http proxy server for updates
  • enforce ssh
  • enable auto-upgrade for WP core, plugins and themes