For a while now I’ve been looking at travel routers, in order to have something small and portable I can bring with me wherever I go. After some research, I ended up purchasing a GL-iNet Opal (GL-SFT1200) Travel Router. The device seems to tick all the boxes for my requirements, including WireGuard VPN and DNS encryption

Read more →

Back in 2018 I outlined My Pi-Hole Setup and while the setup is still mostly the same some things have naturally evolved from there. That being said, Pi-Hole has been rock solid for all these years, and is still my main go-to for blocking ads and trackers from my home network devices. Since that post from 2018, I have done a few changes.

Read more →

Since baselines are deprecated in vSphere version 8 and baselines are restricted to only VMware-provided content after ESXi 7.0.3 Update P I helped one of my customers to move over to image based updating via vLCM. This has not gone by without any issues as mentioned in my previous post.

Read more →

The content catalog for VMware Explore 2024 Barcelona is now live! Scheduling will open on the 24th of September 2024, but you can start favouriting sessions now for easy access.

Read more →

I was updating one of my customer’s environment to vCenter 8.0 Update 3a today and was moving from the old vSphere Update Manager Baselines over to image based updating via vSphere Lifecycle Manager (vLCM), but the compliance check stopped at 30% for some reason.

Read more →

Microsoft has caused some noise today with CVE-2024-37085, which explains a well known feature in vSphere. A feature that has been available since vSphere 5.1 came out in September 2012 (no, that is not a typo, it is in fact 12 years old!). The feature in question is that if an ESXi host is joined to an Active Directory domain, it will by default look for an AD security group called ESX Admins and grants every member of that security group root access to the host.

Read more →

VMware by Broadcom recently published a blog post called Where did my VMware Security Advisories go? outlining the location changes for the VMware Security Advisories (VMSAs), making clear that from May 6th 2024, they are moved to the Broadcom Support Portal.

Read more →

In a new blog post by Broadcom CEO Hock Tan VMware by Broadcom promises that they will continue to provide security updates for VMware vSphere and other products for all customers who are running the old perpetual licenses, even if those customers don’t transition to the new subscription based license model.

Read more →

In my work lab environment, we have a need to share passwords and other login credentials among the team who uses it. Recently we decided to try out using Vaultwarden for this purpose. Linuxiac.com has a great guide on setting up Vaultwarden with Caddy, with Docker Compose, but this particular setup relies on Let’s Encrypt SSL certificates. Let’s Encrypt is great, but requires some online presence, which we don’t want for this environment. In addition that we have an internal Microsoft CA based PKI infrastructure that we wanted to use for this purpose.

Read more →

It was finally time to replace my old UniFi Security Gateway (USG) 3P with it’s shiny new brother, the Gateway Lite (UXG-Lite). The USG 3P has served me well over the last 5 or so years, but as the new UXG-Lite promises better throughput especially when enabling IDS/IPS it was time to replace it. In addition to the routing performance improvements, the UXG-Lite also offers WireGuard VPN support out of the box, which will allow me to get rid of my old L2TP VPN setup.

This is how I migrated my entire home network from the USG-3P to a new UXG-Lite, with minimal downtime.

Read more →