19 Aug 2022

Blocking ICMP

DONT BLOCK ICMP  (Maybe rate limit !)

Since setting IP IPV6 networks  icmp has become more important

Most IPV6 test sites Test ICMP connectivity.

ipv6 test

I have found this one to be very important

IPv6 - (Type2, Code0)   Packet Too Big (IPv6)

This is essential for MTU path discovery

IPv6 Routers do not Fragment packets like IPv4 did,  they just send back Packet too big  and the sender need to adjust.  these messages need to get back to sender!

Also  IPv4 used ARP for Layer 2 to  Layer 3 mappings.

But IPv6 Uses ICMP  for  

Router Solicitation (RS) (Type133, Code0)
Router Advertisement (RA) (Type134, Code0)
Neighbor Solicitation (NS) (Type135, Code0)
Neighbor Advertisement (NA) (Type136, Code0)
Redirect (Type137, Code0)

These should be permitted in the network but not outside

I have found a great source of information here

 Should I block ICMP

27 Jul 2022

UBB Bridge Link Firmware Upgrade

SSH (default)

Username ubnt

Password   ubnt



Should be 

upgrade http://http://fw-download.ubnt.com/data/unifi-firmware/3134-UBB-2.1.3-2094415b625d477983f2a648b8

Manual Way

wget -O /tmp/fwupdate.bin http://fw-download.ubnt.com/data/unifi-firmware/3134-UBB-2.1.3-2094415b625d477983f2a648b8

syswrapper.sh upgrade2

Default IP

Edit the file /etc/udhcpc/udhcpc


Unifi L3 Adoption with DHCP Option 43 on pfSense, Mikrotik and others - tcpip.wtf


16 Jan 2022

MS Update Breaks L2TP VPN (Including Meraki using the build in client)

UPDATE 18/1/2022

Microsoft have released fix to update that broke windows native to Meraki Client VPN.

You must be running the Latest windows 10   21H2 

check and update here for windows 10   

Update Windows 10

Update  to the problem is

Windows 10 - KB5010793

Windows 11 - KB5010795

Run Windows Update and it will appear under optional downloads


Download the patch from there: Microsoft Update Catalog  windows 10

Download the patch from there: Microsoft Update Catalog windows 11


Microsoft released Updates 11 Jan 2022

 KB5009566 (windows 11)

 KB5009543 (windows 10)

This update breaks Meraki Client VPN. 

 Need to uninstall to fix VPN.

 MS confirmed today they will fix in an up coming update. (but may take 2 weeks.)

When you uninstall this update you then need to pause updates for 14 days to stop it reinstalling.

Open a command prompt as Administrator

then on

Windows 10:

wusa /uninstall /kb:5009543

Windows 11: 

wusa /uninstall /kb:5009566

28 Dec 2021

Upgrading SYSVOL replication to DFSR

Migrating 2008 SBS to Server 2019  Domain Controller Migration

dfsrmig /getglobalstate

dfsrmig /setglobalstate 1

dfsrmig /getmigrationstate  (Wait till successful)  (10 min)

dfsrmig /setglobalstate 2

dfsrmig /getmigrationstate  (Wait till successful)   (10 min)

dfsrmig /setglobalstate 3

dfsrmig /getmigrationstate  (Wait till successful)  (20 min)


net share

make sure NTfrs service is disabled.

5 Nov 2021

Cannot print to network printers

Cannot print to network printers

uninstall this update

wusa /uninstall /kb:5006670

KB5005565 — Windows 10 2004. 20H2 and 21H1

KB5005566 – Windows 10 1909

KB5005568 – Windows 10 1809 and Windows 10 LTSC

KB5005030 — Windows Server 2019

KB5005573 – Windows Server 2016

KB5005613, KB5005627 — Windows Server 2012 R2, Windows 8.1

KB5005563 – Windows 7, Windows Server 2008 R2

reg add "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers\PointAndPrint" /v RestrictDriverInstallationToAdministrators /t REG_DWORD /d 0 /f

hide updates

$HideList = "KB5005565", "KB5005566", "KB5005568"
Hide-WindowsUpdate -KBArticleID $HideList -Verbose

Another workaround is to set the reg key

reg add "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print" /v RpcAuthnLevelPrivacyEnabled /t REG_DWORD /d 0 /f