Palo Alto: How to Implement a Virtual Wire between trunked interfaces

When implementing a Virtual Wire between trunked interfaces:

  1. Specify which Tags are allowed to pass through the Virtual Wire:Network Tab > Virtual WiresSelect the Virtual Wire
  2. There is an option called Tag Allowed which by default, only permits 0 (untagged traffic).  If you have VLAN’s 2, 3, 4, 5, etc…, they will need to be included with Tag Allowed, otherwise tagged traffic will not be permitted.
  3. An easy option is to permit Tags 0-4094, though the recommended option would be to specify only the required tags. The Palo Alto Networks device will consume a logical interface for each tag specified on each Virtual Wire, though this would be more resource related than performance impacting.

Image

Advertisements

SCCM2012: System Discovery fails when configure CM-discovery settings

I stumbled in to this error message today when setting up a lab environment: “Current security context is not associated with an active directory domain or forest. ”

System.DirectoryServices.ActiveDirectory.ActiveDirectoryOperationException: Current security context is not associated with an Active Directory domain or forest.
at System.DirectoryServices.ActiveDirectory.DirectoryContext.GetLoggedOnDomain()
at System.DirectoryServices.ActiveDirectory.DirectoryContext.IsContextValid(DirectoryContext context, DirectoryContextType contextType)
at System.DirectoryServices.ActiveDirectory.DirectoryContext.isDomain()
at System.DirectoryServices.ActiveDirectory.Domain.GetDomain(DirectoryContext context)
at Microsoft.ConfigurationManagement.AdminConsole.ActiveDirectory.Utils.TryParseSiteServerDomain(String domainName, String& ldapPath)
at Microsoft.ConfigurationManagement.AdminConsole.ActiveDirectory.DiscoveryPageControl.ListViewItemAdd()
at System.Windows.Forms.Control.OnClick(EventArgs e)
at System.Windows.Forms.Button.OnMouseUp(MouseEventArgs mevent)
at System.Windows.Forms.Control.WmMouseUp(Message& m, MouseButtons button, Int32 clicks)
at System.Windows.Forms.Control.WndProc(Message& m)
at System.Windows.Forms.ButtonBase.WndProc(Message& m)
at System.Windows.Forms.Button.WndProc(Message& m)
at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)

Solution? Log on with a domain account on your SCCM server, and not local administrator… 🙂 😉

//Karl

SCCM2012: SQL collation error

If you are planning on installing Configuration Manager 2012 then before you do you need to be sure that your SQL collation is set to SQL_Latin1_General_CP1_CI_AS. If you live in the US then that’s probably what it is set to already but if not, and if you are using regional settings that may change the default collation (for example Swedish) then you will need to reinstall SQL from scratch to change the SQL collation or  try some unsupported hacks to resolve your collation issues. If you are wondering why then it’s because ConfigMgr setup will not let you continue without the correct Collation. Full. Stop.

Configuration Manager 2012 requires SQL collation set toSQL_Latin1_General_CP1_CI_AS. Yup that’s it. And here’s where it states that on Technet. Expand the SQL Server Requirements section and look at the Collation field. And I quote: “The instance of SQL Server in use at each site must use the following collation: SQL_Latin1_General_CP1_CI_AS.”

If you have already install SQL and want to verify the collation settings prior to running ConfigMgr setup, then you can start SQL Server Management Studio and look at theServer Collation section of the General page as in this screenshot by right clicking on the database server and choosing properties.

How can i set the collation? If you are installing SQL server and want to set the collation manually, you can do so on the Server Configuration screen as pictured below, simply click on the collation tab.

Now you need to uninstall your SQL instance, this is what technet say about it: http://support.microsoft.com/kb/955499

  • We recommend that you use the Add or Remove Programs feature in Control Panel to uninstall SQL Server.

Then install SQL again it might complain about reporting files that may be left over. Just ignore the reporting part of the SQL installation.

 

//Karl