chilifrei64

Quick question here for our Chinese users here. I have a remote office in Pu Dong Shanghai and I am trying to figure out what type of equipment/service they have. We are having consistently spotty connection problems between 9pm (EST) and 11am(EST) between our US office and China office. It is already a site to site VPN using Cisco Pix Firewalls. Everything was good up until about 3 weeks ago. They say they are on a business class Internet Service (ADSL through China Telecom, 2mb down and 384kbps up) however I have a feeling it is a residential service they have. They used to be a small office with only about 7 to 10 users, they now have about 30 and most residential service wont support 30 users. Here is a picture of the modem Obviously it says HomeAccess and that just leads to my suspicion. But IT company we have out there insists it is business class. Is this type of device commonly implemented in businesses in China or is this really a residential modem like I suspect? Thanks in advance

There were no Legacy USB settings. Just usb emulation, which was disabled. I have tried a few other things. I have updated the bios to the latest version along with the CD rom firmware from dells website. I have placed all hardware back into the laptop but disabled as much as I could. (internal modem, lan controller, wireless controller, heck even number lock, I have removed any additional boot devices except cd rom and HDD.) Still stops at registering components (12 min remaining the last 2 times). It is a PATA Drive

maybe I am forgetting something but I am trying to install XP on my sisters laptop. It is about a 3 year old Dell Inspiron. It has XP on it before but the hard drive crashed. I bought a new hard drive and the install makes it all the way down to 8 to 13 min left (at registering components) then it just hangs up. Here is what I have tried Installation Media: XP Pro Dell OEM XP Pro Sp1 Dell OEM XP Pro SP2 Dell OEM XP Home SP1 OEM XP Home SP2 Dell OEM I have also tried using Windows PE and BDD2007 to deploy XP and it craps out on me too I have NLited a few installs I have removed all hardware I can from the laptop(wireless card, modem, battery, additional ram) I even installed Windows Fundamentals for Legacy PC's just for sh!ts and giggles and it still locked up. I have installed XP probably close to a thousand times of times and have never encountered anything like this. Any other ideas I can try before I tell my sister her computer is garbage?

Windows 2003 does have DFS installed by default, however, that guide linked in the first post is for installing Windows 2003 R2 DFS which is entirely different than the built in version. Much more advanced than the built in. Is your Server R2?

Here is what I used when we migrated print servers. http://lazynetworkadmin.com/content/view/60/6/ This script will remove all printers attached to the print server specified in the script. It will not remove any other printers. So you can just run this as well as your new printer map script and they wont conflict.. Unless your adding printers from the print server you are trying to remove. Hope it helps.

This one will remove all printers attached to a specified print server (ie. you migrated to a newer print server) http://lazynetworkadmin.com/content/view/60/6/

I have used Exmerge hundreds and hundreds of times to do the exact task and have never had this happened. More specifically.. What version of Exchange are you using? what version of exmerge are you using? what version of Outlook are you opening it up in?

It all depends on your need. At my work network. All workstations run the windows firewall(no it isnt the greatest but it will stop a virus/malware spread on a network and takes up minimal resources) and all are behind a NAT router. I do this because I want to protect each pc from not only threats on the internet but also from other computers. This is because a NAT router will block unsolicited traffic from the internet from getting to the computer.. but if a user downloads it to one computer.. it can easily make it to all 300 computers in a matter of min. Yes it is real easy to just connect a computer straight to the internet and get a virus.. in most common (corporate) scenarios, this just doesnt happen.. so for me.. I have a firewall which performs NAT as well as a firewall to block my inside from the outside. From that point on.. I am more concerned with getting something from another computer within the network than I am from the outside the network. Really though we are talking about a couple different things and I guess it depends on your viewpoint. Security comes from different places. No 1 single device will do everything for you. NAT will protect you from the outside.. but what is protecting you from the other computers on the network.... nothing.. that is where a software firewall comes in.. but now that you have blocked the outside network and the inside network from accessing your computer... what about when the user downloads the threat.. you still arent protected.. this is where AV comes into play. Beyond that.. A is equal to 1 in theory.. but there is much more to it. NAT will block in general as is.. but in many scenarios NAT also performs PAT(port address translation) which allows you to take say port 80 of your IP and translate that to 1 computer inside, and take another port.. say 21 and translate that to a different computer on the inside.. Then from that point.. what is protecting your computers on those ports.. NOTHING. That is where a firewall comes into play. NAT is getting painted here with a real broad brush. As default 1 to many.. yes it will block incoming unsolicited packets. but what are we really talking about here. Network security comes from a multitude of different levels and no 1 device/software will do everything. The original question was answered.. now we are getting into much more heavy discussions which require more explaining. Now as far as how is how is it deficient.. starting with the assumption that we are using NAT in ONLY a 1 to many setup, it will ONLY block incoming from outside in, which is NOT a viable solution if we are talking a secure network as a whole (inside and outside protection.) That is how it is deficient. It is a perimeter defense. If all you are worried about is protecting your computer from outside threats and are running only 1 to many NAT with NO translations.. then you are protected............ from unsolicited packets ONLY.

completely safe.. I do it all the time..

NAT is something that really not to many people understand. They see it thrown around on forums but they dont always know what it means. NAT is not a firewall in its self however. It it much more complex then this but really it is just a way of sharing a single public ip to many non public ip's. The mechanism it uses to perform this does block unsolicited packets, but it was not meant to be a firewall. You still need something that can do access lists and define port and protocol rules on a more granular level. I may reference this site a lot but it just contains too much information. http://www.routeralley.com/ra/docs/nat.pdf If you want to get a better understanding, read this. It is directed more towards cisco hardware but the terminology is not cisco specific.

When running NAT.. in order for a packet to go through it(TCP or UDP), there needs to be a NAT map. otherwise the router will drop it. (yes it could log it) but it will not make it to a computer so you would not see any alerts because they are not making it to you.. (unless you had the port being used mapped to you or you were on the DMZ)

If the router is performing 1 to many NAT then yes it will block them, it shouldnt matter the model router you are using. 1 to many NAT is 1 to many. If you are performing 1 to 1 NAT then no NAT will not necessarily block it. You would need some type of packet inspecting/filtering to do the blocking for you. Most home (netgear/dlink to name a few) perform 1 to many NAT and has SPI so unless you globally forwarded all ports to 1 copmputer or put 1 specific computer in the DMZ then it should block it.. If we are talking corporate type stuff.. then this gets more complicated and we would need more information because of the variety of equipment available.

This is because windows will cache the password in the event that there is no domain controller available. If you want to change this. You need to create a group policy for the domain and change the following setting Open your group policy manager and create a new Group Policy and apply it to authenticated users in your workstations OU Go to : Computer Configuration-> Windows Settings -> Security Settings -> Local Policy -> Security Options -> Interactive Logon: Number of previous logons to cache(incase domain controller is not available) Change this setting to 0

I have about 50 scripts or so on my site lazynetworkadmin.com. One was actually just recently submitted and is on the front page. Check out the Microsoft KB on my site.. I know there are a couple that might work.

Yeah, its been a while hasnt it. That is what happens when you are finishing a basement and dont know the first thing construction. But I am pretty much done and hope to contribute yet again.

glad to hear the mapping the drives are working. Not I havent had that problem but it sounds like the script did its job. It sounds more now like a driver problem. Check and make sure that the driver is compatible or that it loaded correctly.

If you look up near the top of the script.. you can comment out the on error resume next and that will give you errors if it finds a problem. The only other thing I can think of is you need WSH 5.6 installed for it to work. that shouldnt be a problem because most all computers already have that installed. Some windows 2000 machines do not

yeah.. the !! just tells the script it is a printer.. obviously no drive letter... and yes.. only the csv file

I am sorry .. I thought you wanted the drive letter to be X.... you need to change the x to the letter you want the drive letter to be

yessir.. that looks correct.. and yes.. you only need to edit the csv file..

no you just load the .vbs file there.. both files should go in the netlogon folder on the logon server(global catalog) I actually just modified it to make the connection persistent, I forgot I did that earlier last month and never updated it on the site. copy it again so you get the update.

I just use the builtin windows defrag and just run it as a scheduled task.. it wont email me all that information.. jsut a log file on the root of the c:\ drive as to if it completed or not The script is here: http://lazynetworkadmin.com/content/view/6/6/

another good resource to post... A buddy of mine is a teacher and he post really all of his classes on his website. He does a great job in his classes and on his documents. Here is the subnetting one http://www.routeralley.com/ra/docs/ipv4.pdf The rest of the site is really good too.. Obviously http://www.routeralley.com/

2 things.. 1) Install routing and remote access and follow the wizard to configure lan routing. 2) if your switch isnt working.. if you only have 1 other computer you need to get internet access through this then just plug a crossover cable from the computer to the server, this will allow them to communicate without a switch.

Here is a script that I have used/modified to work wonderfully for many of my clients. http://lazynetworkadmin.com/content/view/7/6/ No editiing of the script is necessary, just add the information to the csv file and the script will map the drives based off of AD group membership.