≡ Menu

T he following Exim mail servers error was encountered while sending out mails. The original error was experienced by Gravity Forms WordPress plugin. However, I was able to test it out by using command line to rule out the plugin.

someone@domain.com R=virtual_aliases: No Such User Here

The debug message I received via Gravity Forms is the following. This confirms the mail has been passed on from WordPress to the mail server.

2016-03-25 11:06:04.042599 - DEBUG --> GFCommon::send_email(): Result from wp_mail(): 1
2016-03-25 11:06:04.042748 - DEBUG --> GFCommon::send_email(): Mail was passed from WordPress to the mail server.
2016-03-25 11:06:04.153172 - DEBUG --> GFFormDisplay::handle_confirmation(): Sending confirmation.

Before I go any further, I would like to give some background information on domain.com, which the following aspects are hosted as below.

[click to continue…]

Even though I am a big advocate on promoting IPv6, I have came across Debian’s APT / apt-get stuck with the following message. I believe it is due to an issue on the serve concerning the FQDN
http.debian.net and security.debian.org. The easy way to fix is to force APT to use IPv4 as opposed to IPv6.

0% [Connecting to http.debian.net (2a01:4f8:151:555d::42)] [Connecting to security.debian.org (2610:148:1f10:3::73)]
echo 'Acquire::ForceIPv4 "true";' | tee /etc/apt/apt.conf.d/99force-ipv4

On Cisco ASA, You cannot have DHCPd and Relay configured at the same time.

  • You can either add a relay server and add the DHCP scopes.
  • You can add different DHCP scope to the ASA DHCPd.

Cisco VIRL: KVM acceleration is not available

Visco VIRL sometimes throw the following error stating KVM acceleration is not available on hosts running ESXi.

KVM acceleration is not available

INFO: Your CPU does not support KVM extensions
KVM acceleration can NOT be used

You can also run the kvm-ok command to find the status of KVM accleration.

This is due to a missing setting on ESXi Guest OS and the following parameter needs to be added VM’s .VMX configuration file.

Please make sure the VM is shut down before making the change.

vhv.enable = “TRUE”

You can also add this parameter to /etc/vmware/config of the host, but it is not imperative you should do it.

IANA ROOT DNS Object-Group

The following object-group consists the latest IANA ROOT DNS Servers which can be used on the Cisco ASA firewalls.

object-group network IANA-ROOT-DNS
 description IANA Root DNS Servers (IPv4/IPv6)
 network-object host 198.41.0.4
 network-object host 2001:503:ba3e::2:30
 network-object host 192.228.79.201
 network-object host 2001:500:84::b
 network-object host 192.33.4.12
 network-object host 2001:500:2::c
 network-object host 199.7.91.13
 network-object host 2001:500:2d::d
 network-object host 192.203.230.10
 network-object host 192.5.5.241
 network-object host 2001:500:2f::f
 network-object host 192.112.36.4
 network-object host 128.63.2.53
 network-object host 2001:500:1::803f:235
 network-object host 192.36.148.17
 network-object host 2001:7fe::53
 network-object host 192.58.128.30
 network-object host 2001:503:c27::2:30
 network-object host 193.0.14.129
 network-object host 2001:7fd::1
 network-object host 199.7.83.42
 network-object host 2001:500:3::42
 network-object host 202.12.27.33
 network-object host 2001:dc3::35

[click to continue…]

When it comes to firewall rules, there are a number of things I follow as best practice. To start with, you need to make sure you have all the necessary information in place before writing your firewall rules.

Ask yourself the following questions… If you don’t have the answers, go back to the drawing board and get all the necessary information.

  • Do you have all the necessary ports required for the firewall?
  • Do you have all the IP/Subnet information?

Make the ACLs short and sweet

It is always a best practice to avoid using IP addresses in ACLs.

  • Make sure that the ACLs are intuitive to anyone who is not familiar with your network.
  • You should be able to understand how the firewalling is done by reading the ACLs.

[click to continue…]

PREVIOUS POSTS

Copyright © Nish Vamadevan 2002-2016. All Rights Reserved. Terms and Policies.