Archives August 2015

VMware Validated Designs!? What the Whaaaaat??! #VMworld #vExpert

by Christopher Kusek (PKGuild) vExpert, Virtualization, vmware, VMworld, vSphere

Oh, well hey there! OMG ITS VMWORLD! Hey guys! I bet you’re wondering WTF I’m talking about! It’s okay. Some of you were expecting this, or are saying, “Finally… I mean, Cisco has validated Designs, and they’ve been doing those technical design guides for DECADES…” But I digress… I mean because VMware hasn’t been half shabby with their NUMEROUS whitepapers on every single topic under the sun for application supportability, capability, design, you name it!

OMG SO WHAT DOES THIS MEAN?!

Alright, alright calm down…

The VMware Validated Designs now provide a Blue print for the whole data center instead of merely being an infinite series of reference architecture, Best Practices, and Guides based upon products in a bubble! 

How does this differ from a validated architecture like VSPEX?

How this differs from a validated architecture is that an architecture will often be presented as ‘IM A VENDOR BUY MY STUFF’ whereas a design basically sets the table that, “Here’s a design… buy whoseever stuff or whatever things you want! (obviously ensure its on the HCL :))”   I hear this come up a lot with friends, partners, colleagues, customers and the best initial comparison I can think of comes to having a house built, a design truly becomes the blueprint for your home.  You pay an architect to produce that and you can then take that deliverable anywhere and have it be built, whereas in the technical sense an validated architecture is like track housing.  You can have it look and feel any way you want, as long as its one of these THREE options.   So you can pick and choose which framework or model works best for you, they’re not mutually exclusive and you can layer the capabilities of one atop the other.   Also consider, HEY you can use this to apply the principles to your existing implementation to see what you might do to improve it!

OMG ARE YOU SAYING ITS WIN WIN?! Yes. I am. But I won’t use those words. You chose to use them. :)

Today there are a few VMware Validated Designs which have been released (with more to come)

And as an added bonus, VMware has ALSO just announced “Feature Walkthroughs

VMware Feature Walkthroughs

What’s cool about the Walkthroughs is that it breaks down various business and technical elements of the VMware portfolio AND has direct links to take you to the hands on labs, so a little for the business and a little for the technical!  It’s a nice bit of fun all packaged up together! :)

For deeper insight into VMware Validated Designs, check out Felicia Jadczak’s post on the CTO Forum,  Introducing VMware Validated Designs

Enjoy! This is just a SMALL portion of things to be announced this week at #VMworld! <3

How to Disable SIP and RTP Processing on your Fortigate for VoIP Goodness!

by Christopher Kusek (PKGuild) Fortigate, RTP, Security, SIP, VoIP

So I’m sitting there… having moved our SIP Gateway and VoIP Phone system behind the Firewall and then OMG ITS NOT WORKING! I mean, it is, and by it is, I mean, no. It isn’t working. :)   Lo and behold technically OMG THE SOLUTION IS DISABLE SIP!  Well, that sounds pretty ridiculous… But I guess it turns out that the system has a native SIP handler and knows better than we do! Well, you’re wrong. You don’t know better than we do, unless ‘knowing better’ means breaking my SIP traffic!

That said, there are a few other blogs where I found answers which helped lead to this solution (included below) but you know me.. I like to make sure I have a source to refer back to things and of course to share my experience on the matter, thus here it is! :)

Step One: Disable SIP Helper!

  1. config system settings
  2. set  sip-helper disable
  3. set sip-nat-trace disable
  4. REBOOT THE DEVICE!!! (You may want to wait on rebooting until AFTER you do the next few steps!)

Step Two: Delete the SIP Helper

  1. config system session-helper
  2. show (Look for the SIP helper, often object 12)
  3. delete # (whatever number the SIP helper was)

Step Three: Disable RTP Processing

  1. config voip profile
  2. edit default
  3. config sip
  4. set rtp disable

And there you have it! If you did the steps in reverse and then rebooted, your Fortigate should no longer be preventing your SIP traffic from working!  That is also of course ensuring you’re sending all of the right ports through in your firewall rules… that’s up to you to check with your respective VoIP vendor to make sure you have the full compliment of ports, policies, etc!

Good luck! <3

Other blogs which helped solve this!