Jake Kappus.com

I passed 70-662 and 70-663 last week to earn the MCITP: Enterprise Messaging Administrator certification for Exchange 2010.

Now what?

I’m going to be sitting the Exchange 2010 exams in the next week or so.  I’m feeling pretty good after taking the practice tests.  Wish me luck!

Wow…I just remembered that I promised to post more from TechEd.  Well, as you can see, my only post was from somewhere on Bourbon Street and that’s pretty much all I remember.  OK, maybe not.  I swear I did make it to every session on my list.    I guess life got in the way that week, but for the better.  Seems that Melissa and I needed that week in New Orleans much worse than we thought.  It’s amazing that too much alcohol, Bourbon Street debauchery and honesty can actually repair a relationship in some cases.

Seems like my Cisco days are just about over.  I can be a Microsoft geek again soon. 

I’ve installed FCS before and it was a major pain in the ass.  The pre-reqs weren’t documented well and it took a while to get SQL to play nice and eventually get Forefront installed.  I really just attributed it to my own lack of experience with it.

I’m back installing Forefront again and I’m going to say it again.  It’s a pain in the ass to install.  Great anti-virus product on the front end, but damn it makes you want to throw your laptop across the room and find a sledgehammer to smash the server into pieces ala the Office Space printer on the backend.  First I ran into the msiexec.exe access is denied error which was apparently fixed by installing the .NET 1.1 Framework.  Really?  The documentation calls for .NET 2.0 or higher.   Two days later after fighting through one KBXXXX article after another, it’s installed.

Seriously, if you want people to buy this…make the install a little bit easier.  If Symantec can do it, why can’t you, Microsoft?

Dear Microsoft, If you are going to host TechEd in a drinking city with a hurricane problem, please don’t start activities anytime before noon.

I have an ASA 5510-BUN-K9 with an unlimited license for sale. It has some damage to the faceplate and the corners but boots and works perfectly. Make me an offer.

Microsoft TechEd 2010

I’m so excited about my upcoming trip to Microsoft TechEd 2010 in New Orleans next month!  I’ve been so deep into Cisco lately that I think I have forgotten that I was a Microsoft guy first.  I actually miss doing Exchange migrations and AD migrations (but not from Novell…I’ll never miss that!).   I may have a few AD and Exchange migrations and installs this summer so maybe that’ll help.

I’m going to be blogging and sharing my experiences from TechEd this year.  Like two years ago in Orlando, I’m going to shy away from the typical content you’ll see on everyone’s blogs….”Oooh, look Microsoft unveiled the new Windows 7 phone…it’s soo cool”.  Yeah, that’s not going to be me.   I think you’ll see some of the lighter side and maybe darker side of TechEd this year.  I did the “oooh and ahhh” thing two years ago, but now I’m a bit more jaded towards life in general so I think I’ll have some fun with it this year.

God knows I need to have some fun my life for once….2010 has been the shits so far.

976 out of 1000!!!

Thinking about doing the CCNP next, but I have some personal stuff to work out first before I take on that load.

I should have known this one.  At a customer site troubleshooting an issue where the Cisco 7925G phones would not see certain AP’s.  This was especially troubling since some locations had only one or two AP’s.

I could connect to the AP with no problem with a laptop on the same band and SSID.  Yet the phone could not.  I thought it had to be a bug, so we opened a TAC case and applied the beta 1.3.3.0.3 firmware.  This didn’t help and we were escalated to another higher engineer.  They couldn’t figure out why the phone couldn’t see the beacon, yet a laptop could.

Then enters a 7925 design engineer….  He notices that we were using channel 165 on the AP.  Both I and the TAC engineer said “Yeah, so…”.  Apparently Cisco hasn’t yet programmed support for that channel into the firmware yet.  I never would have thought of it since I had DCA turned on to manage the channels automagically.  Turns out he was right.  We scheduled a quick outage to un-check that channel and we were back in business.

Finally found the quip about this in the 7925 deployment guide…in the “World Mode” section.  WTF????

Also, make sure you have the scan mode set to “Continuous” in the phone settings on Call Manager.

I ran in into this issue while installing a new 5508 Wireless Lan Controller at a customer about a month ago.

When installing controllers I almost always put the controller either on the switch management VLAN or it’s own VLAN for scalablilty, with the AP’s on their own VLAN.

In this case, when the AP’s are moved to any other subnet other than the one with the WLC, whether they have already joined and received a config or not, find the controller, do the initial join process, then fail with “Invalid AC Message Type 4” and “Failed to handle capwap control message from controller” errors.   The failed AP is listed in the AP list, but is unconfigured and reboots constantly.

After 3 weeks and 4 levels of TAC engineers, we finally figured it out.

It appears that the WLC is having a problem establishing the DTLS Secure tunnel between the AP and the WLC when the destination mac address does not begin with 00.  The APs had a mac address, starting with 00 so when in the MGMT VLAN that were working. But since the gateway had a non-00 mac address, as soon as you put them in a different vlan, the destination mac address was non-00, and the DTLS session was failing.

As a workaround, we’ve changed the gateway to be an HSRP Standby address. Although we aren’t really running HSRP for redundant cores, adding the standby address to the vlan interface has allowed for the gateway to now have a mac address beginning with 00:00:0c, which has effectively allowed all of the APs to work.

Edit:  This issue has been fixed in MR 6.0.196.0, though I was told by a TAC engineer today that he felt that release was rushed out too soon and isn’t recommending it if you are only looking to fix this issue.  I’m holding out for 7.0 for this and other bugs I have registered with Cisco for my customers.