How to :Filter wireshark by time frame

You know the score. You leave a wireshark trace running for an hour and it grows to a couple of GB. When you try and open the file it takes for ever to load and filter.

What do you do?

Continue reading

MBG : How to remove “revoked” certificates

Although i dont believe it does any harm i have wanted to remove the revoked certifcates from the certifcate management web page on the MBG

As you see above i have already removed mine

To do this simple find the revoked PEM files under

/home/e-smith/certmgmt/revoked

If you want to be specific you can search for the actual file or just delete all in the “revoked” folder

You can either access this folder with putty or via Winscp

If you dont know how to access the MBG via putty see my post here

Web proxy troubleshooting. Logs to check.

The logs to check when accessing the AWV through a web proxy are located on the web proxy MBG

/var/logs/httpd/access_log

and

/var/logs/httpd/error_log

The best way to watch them as you perform a test connection is using the “tail -f” command in putty or from the console

If you dont know how to putty to see the mbg console check out this post

Example:

tail -f /var/log/httpd/error_log |grep {your ip address you are connecting from}

and

tail -f /var/log/httpd/access_log |grep {your ip address you are connecting from}

MSL port query commands, web proxy etc

Run these commands from putty or the console. Login as root not admin

Dont know how to putty to the MSL/MBG/Micollab? See this post

nc -vz {AWV URL} 443
nc -vz {AWV URL} 4443
nc -vz {AWV 2nd URL} 443
nc -vz {AWV 2nd URL} 4443

URL will be the Micllab FQDN and the AWV FQDN

E.G. conference.yourdomain.com and conference1.yourdomain.com

When the command is ran you should get a “succedded” back

Using putty as a socks5 proxy

You can use the MBG to VPN to a customers network but this is another trick in your box.

From your office putty into the external address of the MBG

(This has to be allowed in the remote access section of MSL)

Setup tunnels in Putty, see below, copy this and click Add. Make sure to choose “dynamic” and “Auto”

 

putty-tunnel1

 

As some of the Mitel kit requires Internet explorer(IE) i will use it as my example.

In IE choose internet options, connections,LAN settings

putty-tunnel2

 

Now you can web browse to any web site on the customer network, including the 3300, MBG, Nupoint, ETC

MBG daisy chaining

MBG – Installation and Maintenance Guide

Setting up Daisy Chained Servers

For geographically remote servers:

  1. Configure your upstream MBG server as usual (either Gateway or DMZ deployment).
  2. On the downstream server, use the MBG web interface to configure the following

parameters:

  •  On the Configuration tab, select Network Profiles and then click Put Into

Daisychain Mode.

  • In the Daisy-Chain IP address field, enter the IP address of the upstream MBG

server.

  •  Click Save.

Notes:

  • Downstream server can be in either Gateway or DMZ deployment mode.
  • Add sets and configuration changes to the upstream server only.

For remote offices with high volume of remote sets:

This scenario can be configured in one of the following two ways:

  1. Remote (downstream) office uses an MBG server operating in Gateway mode as the Internet firewall.
  2. Remote office has a separate firewall and runs the MBG server in DMZ mode.

In either case the configuration described under For geographically remote servers should be
done on the downstream server.

Note: There is no restriction on the location of remote sets – they do not have to be on
the LAN side of the server. So it is possible (and may be desirable) to have Internet MBG
sets also point to the downstream server to maintain local streaming with sets on the
remote LAN.

mbg daisychain2

 

mbg daisychain