1:many NAT on MX-100 not usable for zoom connector or barracuda spam firewall
I have discovered that the 1:many meraki NAT implementation will always send outgoing traffic on the primary public IP instead of the IP assigned to the 1:many NAT rule.
I have spend hours on trying to find out why I am not able to use these two NAT services:
- zoom meeting connector which should be possible to configured using 1:many NAT unfortunately not on meraki MX-100 device:
The solution to this is not to use 1:many NAT rule and use 1:1 NAT unfortunately this will require two public IPs or more if you add other zoom on-premise services.
- barracuda spam firewall and exchange server.
I decided to offload some traffic from the barracuda firewall for traffic which is not related to SPAM checking and use the build in 1:many NAT instead of 1:1 on the MX-100.
This resulted in outbound email be send using the primary IP instead of the assigned 1:many NAT
This will result in SPF verification to fail and outgoing email be rejected from outside servers.
Had to revert back to 1:1 NAT and deal with occasional overload on barracuda firewall due to web traffic.
Deploy using registry:
REG ADD “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” /v AutoAdminLogon /t REG_SZ /d 1 /f
REG ADD “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” /v DefaultDomainName /t REG_SZ /d *your domain* /f
—-if local domain is needed use “.” (without the “)
REG ADD “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” /v DefaultUserName /t REG_SZ /d *User* /f
REG ADD “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” /v DefaultPassword /t REG_SZ /d *password* /f
—If using special character use ^ before it
REG delete “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” /v AutoAdminLogon /f
REG delete “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” /v DefaultDomainName /f
REG delete “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” /v DefaultUserName /f
REG delete “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon” /v DefaultPassword /f
Nice tutorial to configure FreeNAS 9.3 as a Time Machine backup:
How to: Configure FreeNAS 9.3 for Time Machine with disk quotas
If you had to work in air-conditioned datacenter and or directly next to it you know how much noise all the machinery can generate.
To be green it would be nice to setup datacenter with low energy consumption servers with passive cooling as well as no air-conditioning.
this solution should help with the no air-conditioning cooling part: http://arstechnica.com/business/news/201…nology.ars
And this is Facebook approach: http://www.matternetwork.com/2011/4/face…server.cfm
High Density WiFi Deployment
1. 25 Cisco access points with controler
2. 25 Meraki access points with cloud based controler
3. 25 Ruckus access points new design with 16 antennas and ZoneDirector controller hardware/ software.
600 per unit,Power injector 50, 25 aps controller 1125 4000
560 yearly support
4. 12 Xirrus access points new design with 4,8 or 16 access points in one device with on board controller and controlled using XM-3300-CC server appliance or software version on existing server. Price ~ 750 per radio. If one unit has 4 access points the price would be 4 x 750.
Nice comparison of Ruckus and Cisco on tomshardware.com