Tunnel SSH / Proxy Socks5

 

Voici un petit article afin d’expliquer la mise en oeuvre d’un tunnel ssh afin de faire du proxy Socks5.

Si vous êtes comme moi dans une entreprise ayant choisi de faire du filtrage d’URL mais la possibilité de faire du ssh, voici la solution pour outrepasser le filtrage.

 

Avec notre client ssh putty, nous devons cr?er une connexion avec notre serveur extérieur.

image

 

Dans les options « Tunnels » choisir un port et sélectionner « Dynamic »

image

 

Ne pas oublier de l’ajouter dans la liste avec le bouton « Add »

image

 

Sur notre raccourci Chrome, nous allons ajouter :

« –proxy-server= »socks5://127.0.0.1:8090″

image

 

Et voila, c’est fini.

Ça fonctionne aussi avec toute les applications gérant les proxy Socks5.

Problème Instant Recovery VEEAM

 

 

Veeam a besoin des ports 111, 1058 et 2049. (pour v?rif de port ? netstat ?nba)

Le probl?me c?est qu?un service Arcserve ouvre le port avant le service Veeam, donc il faut cr?er une d?pendance.

clip_image002

Il faut aller dans la base de registre -> HKLM\SYSTEM\CurrentControlSet\Services\CASportmapper.

Cr?er une clef REG_MULTI_SZ avec le nom ? DependOnService ? et entrer la valeur ? VeeamNfsSvc ?

clip_image004

Donc nous aurons une d?pendance au service Veeam

clip_image006

Restarting the Management agents on an ESX or ESXi Server


:Start
 
To restart the management agents on ESX host:
 
1 – Log in to your ESX host as root from either an SSH session or directly from the console.
 
2 – Type service mgmt-vmware restart.
Caution: Ensure Automatic Startup/Shutdown of virtual machines is disabled before running this command or you risk rebooting the virtual machines. For more information, see Restarting hostd (mgmt-vmware) on ESX Server Hosts Restarts Hosted Virtual Machines Where Virtual Machine Startup/Shutdown is Enabled (1003312) and Determining whether virtual machines are configured to autostart (1000163).
 
3 – Press Enter.
4 – Type service vmware-vpxa restart.
5 – Press Enter.
6 – Type logout and press Enter to disconnect from the ESX host.
 
 
If this process is successful, it appears as:
 
[root@server]# service mgmt-vmware restart
Stopping VMware ESX Server Management services:
VMware ESX Server Host Agent Watchdog [ OK ]
VMware ESX Server Host Agent [ OK ]
Starting VMware ESX Server Management services:
VMware ESX Server Host Agent (background) [ OK ]
Availability report startup (background) [ OK ]
[root@server]# service vmware-vpxa restart
Stopping vmware-vpxa: [ OK ]
Starting vmware-vpxa: [ OK ]
[root@server]#
 
 

VMware failed connect 903

Cannot open the virtual machine console Details

* When you try to connect to a virtual machine console from vCenter Server, you see these errors: ·

o Error connecting: Host address lookup for serverfailed: The requested name is valid and was found in the database, but it does not have the correct associated data being resolved for Do you want to try again?

o Error connecting: cannot connect to host: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. Do you want to try again?

o Error connecting: You need execute access in order to connect with the VMware console. Access denied for config file.

o Unable to connect to MKS: failed to connect to server IP:903.

* You cannot open a remote console to a virtual machine. * Virtual machine console is black (blank). * The VMware vSphere Client console tab session may time out or disconnect while in use. * Migration of virtual machines using vMotion fails. * This issue may affect a single ESX host. If the virtual machines are moved to another ESX host, you may be able to connect to the console without error.

· This issue may occur if you try to connect to the console using VMware bSphere Client connected directly to the ESX host or to vCenter Server.

Solution This issue may occur if your network contains a firewall between the ESX host and the client running the workstation.

Validate that each troubleshooting step below is true for your environment. The steps will provide instructions or a link to a document, for validating the step and taking corrective action as necessary. The steps are ordered in the most appropriate sequence to isolate the issue and identify the proper resolution. Do not skip a step.

Notes:

* For more information on restarting the Management agents, see Restarting the Management agents on an ESX Server (1003490). * For more information on editing configuration files, see Editing configuration files in VMware ESX (1017022). 1. Log in to vCenter Server directly through Terminal Services or a Remote KVM and attempt a connection using vSphere Client from this system. If this method works, the firewall may be preventing the console from working. 2. Configure your firewall to allow communications between the ESX host and the workstation running vSphere Client using port 903. For more information, see Testing port connectivity with Telnet (1003487).

If port 903 is not open or cannot be opened in your environment, enable the vmauthd proxy. This forces remote console communication to be sent on port 902 on the Service Console, instead of 903.

Note: By enabling this setting there may be degradation in the performance under heavy usage while communicating to the ESX host service console.

To enable the proxy: a. Log in to the ESX host’s service console as root. b. Open /etc/vmware/config using a text editor. c. Add this line to the file:

vmauthd.server.alwaysProxy = « TRUE » d. Run this command to restart xinetd:

service xinetd restart 3. Verify the ESX firewall policy. For more information, see Troubleshooting the firewall policy on an ESX host (1003634). 4. Verify that the ESX host and the workstation running vSphere Client are correctly synced to an NTP service. This is required to satisfy SSL handshaking between vSphere Client and ESX. For more information, see Verifying time synchronization across environment (1003736). 5. DNS problems are a common cause of virtual machine console problems. Verify name resolution in your environment. For more information, see: o Identifying issues with and setting up name resolution on ESX Server (1003735)o Configuring name resolution for VMware VirtualCenter (1003713)6. After verifying DNS, open a command prompt on the vSphere Client machine and run these commands:

ipconfig /flushdns ipconfig /registerdns 7. Ensure that the VMware ESX host has enough disk space in the /var and other required partitions. For more information, see Investigating disk space on an ESX host (1003564). 8. Verify that the permissions for the virtual machine’s .vmx file are set correctly. To set the permissions, run the command:

chmod 7559. If your ESX host has more than one service console configured, verify that they are not on the same network. For more information, see ESX 4.0 hosts lose network connectivity when multiple service console interfaces are configured on subnets that use DHCP IP addresses (1010828). 10. Check if the Service Console IP is routing traffic to the workstation running vCenter Server. For more information on configuring the Service Console Gateway, see Changing the IP address, default gateway, and hostname of the Service Console in ESX (4309499).

If the issue continues to exist after trying the steps in this article:

* Collect the VMware Support information. For more information, see Collecting diagnostic information for VMware products (1008524). * File a support request with VMware Support and note this KB Article ID (1024198) in the problem description. For more information, see How to Submit a Support Request.