NetScaler Network Connections. # At a very high level, considering the actual NetScaler connections to the network, and because of the way that NetScaler functions and can be configured, the NetScaler should be considered a switch, and not a router/firewall. With a switch, you can configure the management IP address on an individual port, responding to just devices reachable through that port, or it can be configured to respond on all ports to devices reachable from every port. With the NetScaler, either in single arm or multi arm deployment scenarios, there is no need to tell the NetScaler that network X is on interface 1/1 and network Y is on interface 1/2 (you can if you wish to, or instructed to by the network security team, by tagging IP addresses to a defined NetScaler VLANs which have specific interfaces assigned), but generally, it will happily use the IP addresses it is configured with on the relevant interfaces. When the NetScaler receives a packet destined for one of its IP addresses, it knows that the network which defines that address is available through the interface on which the request was received. Please Note: I don’t claim to be a NetScaler Guru, or to have the knowledge to make all the bells and whistles of the NetScaler sound into a polyphony, there are others on the Internet who can better provide you with that information. The information here is from my own observations during a standard two arm deployment of Virtual and Physical NetScaler 10 Access Gateways.
Requirements:
At least one Domain Controller running Windows Server 2012 with the Active Directory Administrative Center enabled. All Domain Controllers (or servers running AD LDS) must be running Windows Server 2008 R2 or higher. The Forest must be running at Windows Server 2008 R2 functional level. Import the Active Directory modules in PowerShell
netsh dhcp server mySRV scope 192.168.1.0 add reservedip 192.168.1.111 XXXXXXXXXXXX host.domain.local
A USB drive can be set up to boot into any LInux distribution using UNetBootin. Fortunately, ESXi is a Linux distribution. The steps are surprisingly easy.
Download ESXi from VMWare Download UNetbootin from Sourceforge Plug your USB drive into your computer. Double click on the downloaded exe file. UNetbootin is a stand alone executable. No installation is needed. Select the second radio button, Diskimage. Click the button with the ellipses on it, browse to and select the ESXi iso you just downloaded. Once UNetbootin is finished, remove your USB drive from your current system. Plug it into the computer you want to install ESXi onto, restart the system and you are off and running. Everything will work just as if you were installing from any other media.
edit the vmx file /vmfs/volumes/50bf4d82-31b73571-5543-001e4f378eac/MAS # vi MAS.vmx ensure you are using generated MACs: ethernet0.addressType = “generated” ethernet1.addressType = “generated” edit these 3 lines to reflect the MAC you want. this assumes you want to use one of the “VMWARE automagic (00:0c:29)” ones, notice the last 6 chars of the first two lines match the last 3 octets of your MAC uuid.location = “56 4d 74 53 f4 52 bf 03-02 fb 39 13 6b 2b 6c fc” uuid.bios = “56 4d 74 53 f4 52 bf 03-02 fb 39 13 6b 2b 6c fc” ethernet0.generatedAddress = “00:0c:29:2b:6c:fc” if you want ethernet1 to match something specific instead, you need to subtract 10 (0x0A) from the last octet of the ethernet0 MAC because of this line: ethernet1.generatedAddressOffset = “10” This will create ethernet1’s MAC with a value of 10 more than ethernet0. I didn’t play around with different values here, but presumably you could calculate & edit this number to get both MACs to match your needs. remove the VM from inventory, and re-import it (by browsing the datastore to the vmx file) When starting the VM, answer “I moved it” to the dialog box asking about what happened to your machine
If you have some guys which makes fun to change password on a virtual connect there is a procedure to reset administrator password to it original setting. This procedure comes from c00865618.pdf file page 28 HP Virtual Connect for c-Class BladeSystem User Guide Resetting the Administrator password and DNS settings —————————————————– If the system maintenance switch 1 is in the ON position on a VC-Enet module, the firmware restores the Administrator account password and DNS settings to the original factory defaults as found on the module label (without disturbing any other local user accounts), and also displays the password on the VC-Enet module management console. For information on accessing the VC-Enet module management console, see the OA user guide. The default password is no longer displayed after switch 1 is in the OFF position. Password restoration is done during each power-up sequence while switch 1 is in the ON position (and reserved switches are in the OFF position) and does not allow changes until the switch is placed back into the OFF position. For switch locations, see the appropriate system maintenance switch (“HP 1/10Gb VCEnet Module system maintenance switch” on page 15, “HP 1/10Gb-F VC-Enet Module system maintenance switch” on page 18, “HP Virtual Connect Flex-10 10Gb Ethernet Module system maintenance switch” on page 22). After switch 1 is returned to the OFF position, users with appropriate privileges can then change the Administrator password. Only reset the password on the module running the Virtual Connect Manager (and/or its backup), and not other modules in the domain. The recommended password recovery procedure is as follows: 1. Remove the Virtual Connect Ethernet module from interconnect bay 1. 2. Remove the access panel from the Virtual Connect Ethernet module. 3. Set switch 1 to the ON position. Ensure that all other switches remain in the OFF position. 4. Install the access panel. 5. Insert the Virtual Connect Ethernet module into bay 1 and allow the module to power up and reach a fully booted and operational state (approximately 1 minute). 6. Remove the Virtual Connect Ethernet module from interconnect bay 2. This causes interconnect bay 1 to become the module running the active VC Manager. Because switch 1 is set, the Administrator password remains at the factory default for interconnect bay 1 (not overwritten by the change of state because of the failover). 7. Wait to ensure that the VC Manager has had time to become active on interconnect bay 1. Log into the VC Manager to confirm it is up and functional on interconnect bay 1. 8. Insert the Virtual Connect Ethernet module into interconnect bay 2 and allow the module to power on and reach a fully booted and operational state (approximately 1 minute). 9. Remove the Virtual Connect Ethernet module from interconnect bay 1. 10. Remove the access panel from the Virtual Connect Ethernet module. 11. Set switch 1 to the OFF position. Ensure that all other switches remain in the OFF position. 12. Install the access panel. 13. Insert the Virtual Connect Ethernet module into interconnect bay 1 and allow the module to power up and reach a fully booted and operation state (approximately 1 minute). 14. Log into the VC Manager using the factory default user name and password to log in to the module (regardless of whether it is running on the module [EDIT MARCH 12 2012] FOR ONBOARD ADMINISTRATOR FOR OA this link http://h30499.www3.hp.com/t5/HP-BladeSystem-Management/Resetting-the-Onboard-Administrator-password/td-p/2304569 explain how to do on OA I re-copy it for everyone: Brian had an Onboard Administrator question: ********************** I have two chassis were the customer has lost the passwords. They are not set to the default. Does anyone have password recovery procedures. Downtime and configuration is not any concern as this is a new install. ********************** Bill had the process down: ******************** From the OA 3.10 user Guide, page 19… Recovering the administrator password If the administrator password has been lost, you can reset the administrator password to the factory default that shipped on the tag with the Onboard Administrator module. The Onboard Administrator resets a lost password to Lost Password/Flash Disaster Recovery (LP/FDR) mode. To recover the password and reset the administrator password to the factory default: 1. Connect a computer to the serial port of the Active Onboard Administrator using a null-modem cable. 2. With a null-modem cable (9600 N, 8, 1, VT100, locally connect to the Onboard Administrator). 3. Open HyperTerminal (in Microsoft(r) Windows(r)) or a suitable terminal window (in Linux), and then connect to the Active Onboard Administrator. 4. Press and hold in the Onboard Administrator reset button for 5 seconds. 5. To boot the system into Lost Password modem Press L. The password appears as the system reboots. ************************ from Ken: ********************* I prefer to use a script on a thumb drive to recover lost OA passwords. I’ve attached 2 scripts. ResetPW resets the “Administrator” account password to “password”. The OA-Add-admin script adds use “admin” password “hpinvent” to the OA, and all ILOs in the enclosure. To run the scripts: Copy the scripts to a thumb drive Place the thumb drive in the active OA Run the script from the Insight Display o USB Menu o Restore Configuration o usb://d1/script-name.cfg Script 1: ADD USER admin hpinvent SET USER ACCESS admin ADMINISTRATOR ASSIGN SERVER ALL admin ASSIGN INTERCONNECT ALL admin ASSIGN OA admin ENABLE USER admin HPONCFG all << end_marker end_marker Script 2: SET USER PASSWORD “Administrator” “password”
add rewrite action AD_delete_rewrite_action delete_all "http.RES.BODY(120000).SET_TEXT_MODE(ignorecase)" -pattern "document.write(' 1');" -bypassSafetyCheck YES add rewrite action AD_replace_rewrite_action replace_all "http.RES.BODY(120000).SET_TEXT_MODE(ignorecase)" ""AD Password'"" -pattern ""Password"" -bypassSafetyCheck YES -refineSearch q/extend(50,50).REGEX_SELECT(re![ ]*'[ ]*+[ ]*_("Password")[ ]*!)/ add rewrite action RSA_replace_rewrite_action replace_all "http.RES.BODY(120000).SET_TEXT_MODE(ignorecase)" ""Secure token:'"" -pattern ""Password2"" -bypassSafetyCheck YES -refineSearch q/extend(50,50).REGEX_SELECT(re![ ]*'[ ]*+[ ]*_("Password2")[ ]*!)/ add rewrite policy AD_rewrite_pol "http.req.url.path.endswith("vpn/login.js")" AD_replace_rewrite_action add rewrite policy RSA_rewrite_pol "http.req.url.path.endswith("vpn/login.js")" RSA_replace_rewrite_action add rewrite policy AD_delete_pol "http.req.url.path.endswith("vpn/login.js")" AD_delete_rewrite_action bind rewrite global AD_rewrite_pol 100 NEXT -type RES_OVERRIDE bind rewrite global RSA_rewrite_pol 110 NEXT -type RES_OVERRIDE bind rewrite global AD_delete_pol 120 NEXT -type RES_OVERRIDE
1. Log into the switch as root (not admin) and execute /fabos/libexec/webdconfigure and answer ‘yes’ to the HTTP Restart question. Example: (note: answer yes to http atributes and HTTP Restart, then take defaults for the rest of the prompts) fabbd70:root> /fabos/libexec/webdconfigure http attributes (yes, y, no, n): [no] yes HTTP Restart (yes, y, no, n): [no] yes HTTP enabled (yes, y, no, n): [yes] ErrorLog Enabled (yes, y, no, n): [no] AccessLog Enabled (yes, y, no, n): [no] SSLLog Enabled (yes, y, no, n): [no] HTTP Port: (1..60000) [80] Secure HTTP Port: (1..60000) [443] HTTP IsAlive Check Enabled (yes, y, no, n): [yes] HTTP Max HeapSize: (256..1024) [512] webtools attributes (yes, y, no, n): [no] cal attributes (yes, y, no, n): [no] Now wait a minute or two and do the following command to see if the HTTP processes are restarted: fabbd70:root> ps -ef | grep http root 23369 1 0 10:08 ? 00:00:00 /usr/apache/bin/httpd.0 -f /fabos/webtools/bin/httpd.conf.0 nobody 23370 23369 0 10:08 ? 00:00:00 /usr/apache/bin/fcgi-pm -f /fabos/webtools/bin/httpd.conf.0 nobody 23938 23369 0 10:53 ? 00:00:00 /usr/apache/bin/httpd.0 -f /fabos/webtools/bin/httpd.conf.0 nobody 23949 23369 0 10:54 ? 00:00:00 /usr/apache/bin/httpd.0 -f /fabos/webtools/bin/httpd.conf.0 nobody 23960 23369 0 10:55 ? 00:00:00 /usr/apache/bin/httpd.0 -f /fabos/webtools/bin/httpd.conf.0 root 24060 23978 0 10:55 pts/0 00:00:00 grep http
Before upgrading any individual components, check the latest compatibility matrix ( in attachment ) Check if a SAN/iQ patch is available for your firmware. This method is always preferred. Download the Smart Update Firmware DVD 10.10 If additional files need to be added to the Smart Firmware DVD, download the HP USB Key Utility for Windows to create a bootable USB stick instead. Update de CMC ( eerste beschikbare update in de huidige CMC) Download all the upgrades from the CMC ( als dit te traag gaat kan u de volgende FTP gebruiken ftp://up_p4k_5:Extreme1@ftp.usa.hp.com/ ) Igv maintenance window had met complete downtime van de iSCSI sessies kan er gewoon in normale modus de upgrade uit gevoerd worden. Worst case scenario, indien de update failed updaten in support mode. http://blog.j81.nl/?p=81 Bijkomende informatie + release notes vindt u op: https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=StoreVirtualSW
Shutdown the CMC Open Users[user].storage_systempreferences.txt At the top of the file, add the following: CmcSystemPreference.supportMode=true CmcUpgradePreference.useOldUpgrades=true CmcUpgradePreference.userUpgrade=true Start CMC, under Configuration Summary there will now be a “Support Upgrades” tab. Browse to the patch Select the node you want to update Apply update
