Archive for July 30, 2012

Testing SSL Ciphers

Stumbled across a sweet Windows port for SSLScan: http://code.google.com/p/sslscan-win/

Extremely useful when testing out 256-bit SSL on IIS 7.5 🙂

FTP in IIS 7.5 – Firewalled and Not

We have hosted infrastructure in the US and UK which both needed FTP access.  Previously FTP in IIS has been pretty straightforward, but given the setup of each environment FTP was going to be an issue.

I found the following walkthrough given by Microsoft, as we were using Windows Server 2008 R2, the installation of the additional module can be ignored: http://learn.iis.net/page.aspx/309/configuring-ftp-firewall-settings-in-iis-7/

The one caveat for me given our environment was the step whereby you specify the ‘External IP Address of Firewall’, for the environment behind a load balancer, this must be specified.  When behind a firewall, at least in our instance, nothing should be specified.

The symptoms of issues were being able to log into the FTP server, but then not being able to list the directory, in both passive and active modes on the client side, it would just time out.

So if you’re seeing a timeout when you list directory from your FTP client connecting to an IIS 7.5 FTP server, tweak the settings specified in the link above.  In both cases, I had to specify a data channel port range.

Dell EqualLogic Multipathing Extension Module – Deleting existing vSwitch

When removing an existing iSCSIvSwitch created using the MEM module setup, you will need to remove the stagnant VMkernel bindings with the existing physical NICs.

This is done by SSH-ing into the ESX host and running the following command:

esxcli swiscsi nic remove –n <vmk_interface> –d <vmhba_device>

You can determine which vmk_interface is associated with which physical NIC and associated vmbha, by running the following command:

esxcli swiscsi nic list –d <vmhba_device>

Once this has been done, you can follow the process of creating the iSCSIvSwitch using the MEM Module.

Simple process that held me up for a while, reference link: http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1030674