 Welcome to Vlog Thursday number 284. And I always like how I use StreamYard for those of you wondering, the thing tells me it's showtime across there and then I can click the go live button. Provided I'm ready. That's an important aspect of it too. You can't just click it. You gotta be ready to click it. Occasionally I'm not ready to click it, which makes me late. But I feel as though I am on time. Yes, it is. I think I set it to 405 and it's 405. So we're good. So we have a hello from the UK. The thumb. Michigan looks like a hand. So thumb, yes. That's how I know people are from Michigan. They just describe where they are on a hand. So Seattle. Little trivia for those of you that don't know. Brett, who does a lot of the business management and sales and biz dev stuff at my office is also from Seattle. So it's actually originally from California, Seattle and has landed here in Michigan. So always be ready. That seems like a great thing to say. But you know, I'm excited about something. Let me find it real quick though. Where did it go? It was always the tricky part finding all those things I've been talking about. I tweeted too much today. So now I've somewhere amongst my tweets is going to be the Zen Orcishia tweet. Zen Orcishia, we'll find her Twitter and pull it up and share it. There's some new features in Zen Orcishia and I figure we'll start there before I cover some of the other things while people get in. Cause this wasn't on the list originally but it's on the list now because it's a cool thing. And I need to update to the latest version of Zen Orcishia. But they have some really cool, ooh, we got Finland in here. I from upstate Albany, Finland, Denmark. Ooh, man, another Denmark, Belgium, New York. I love seeing all these. Hopefully you're staying safe over there in Ukraine. Awesome. Northwest, Arkansas, Arkansas, I don't know, not Ike. That's me saying things wrong. I just had a smoothie and my mouth is cold. So, Atlanta. Now there's an Atlanta, Michigan. I'll assume you don't mean Atlanta, Michigan cause there's barely any internet there. Utah, Romania, Netherlands, UK, New Mexico, Texas. Got everybody here. But Zen Orchestra. So let's talk about that. Let me make sure you have the comments still scrolling. I'm gonna be doing a full video on it and I can throw a link in the live stream chat though. Hotlanta, yeah. Michigan, the Atlanta, Michigan is not hot. So it's definitely there. Can you post XO article? Yes, I just posted the link. So can you post links in chat, XO article? Absolutely. And it's just on their blog, so it's not hard to find but it's the latest update to Zen Orchestra. And this is really a cool feature. Well, a couple of them. One of them is faster backup merge. This one's just good. And it's a new opt in merge mode for Delta backups allowing zero copy on the storage. Now what they're doing is instead of storing the VHDs directly, spinning them into two mag VHD blocks. This is actually the same as a block allocation table they used for S3. So by having instead of a large file to deal with, having a bunch of chunks, essentially two mag chunks, you can now control them differently. And this is just something I wanna play with to see what the performance boost is, but I think it is really cool. And some file, ah, this is probably a really good one there. If you have 100 giga backups, it means more than 50,000 files. And with terabytes of backups, it search only four billion max files. That means eight terabyte backups are easily less from like four terabytes. Yeah, with modern file systems like ZFS but are ever sure safe. I think that's a really important cautionary note that they have in there when you start breaking it up like that. So that's a really important. I was wondering about that too, as soon as I seen how they were breaking them up into two mag blocks. Once you start breaking things into small blocks, those blocks have to be stored somewhere. So that's gonna be an issue. Someone's gonna be thrilled about IPv6 support. I'm thinking it's okay, but cool they're doing it. I know someone will be really happy about it. Backup proxies are cool. Display proxy URL, channel sync, channel, I can figure by users that are proxy channel, I'll just switch between the latest for both XOA and XOA proxy. That's cool. This is the big one though. Storage maintenance mode. This is the other one I'm particularly excited about is storage maintenance mode. This actually came up with a discussion between me and Oliver. I believe, I don't know if it was a DM or in the forum post, but need to sit down your storage for maintenance? Now you have a button for that. Yes, this is really cool. And the reason why, especially for, maybe it's selfish because it's my use case, but I don't think I'm the only one with this use case. You may have your Zen pool with multiple storage servers instead of a single sand. And by having multiple storage servers, maybe you have to maintain one of those storage servers. Being able to throw the storage server in a maintenance mode so you can reboot it, update it, load the latest version of TrueNAS on it, is a great feature. So I think this is just really cool because we have, as we have a few synologies, we have some, not just because we're a lab, but just similar production stuff, we'll have some synologies going, some TrueNAS going, and being able to say this storage server, everything on it, go somewhere else. I mean, you can manually do it, but having automation is the whole goal of Zen orchestrate, be able to orchestrate it. So you can do as in the storage, and when done, re-enable all the hosts or reconnect to it, no manual process to find. And this is the hard part, finding all the VMs related to that SR. That's the real big, there was a way to do it through the XO CLI. So when you were doing it through the XO CLI, you could actually query for running status. And it was just kind of a weird way to do it. It just wasn't available through the UI. So what they've done is really engineer that. So I think that's really cool there. That's definitely exciting. Have you seen MVME SSDs with 16K, I've never looked for SSDs with 16K native blocks. So I don't know. I don't think a lot of, I mean, it's, I guess I don't think about it. I think about storage probably too much, but yeah, I'm not gonna Google that right now. Unified DN Pro SE, do I need to switch the layer? Do I need a switch or layer three to keep the VLAN info where can I go with layer two switch? You need a switch that supports VLANs if you want to use VLANs. So I need a more extensive question to be able to sort that out. If you want VLANs, you need a VLAN aware switch. That's the important part. So look for, does the switch you're looking at support VLANs? It's good to know automatically migrates to VMs once the storage is in place and maintenance. Yeah, that's exactly, there's, that's just gonna be great, being able to do that. It's a minor thing, well, it seems like a minor thing, but it's kind of a major thing. So that's, yeah, I'm excited about that part of it. But now we can get to what I was gonna talk about inside of here. I think I have it in the title, product follow-ups. And I wanted to do that. Well, first let's play with the product first because this one's cool. People may find this part interesting. Put it back in here. So I'm close to getting a review done. I don't know and maybe the audience will tell me here. This is the new Synology DVA and it's got the deep video analytics. It's got the face recognition and that's all cool. And it's got a car counter. So let's, I wanna see how many cars we're counting today. So vehicle counting. We don't care about occupancy. And wow, it was busy today. We had 85 cars on my street. And then yesterday about the same. Was it the same? 86 at four o'clock. And between, sorry, yeah, it was between four? Yeah, about the same time. So the curve is really the same. We're tracking how many cars a day drive by Tom's house and it's quite a bit. But the question I have for the audience here is before I finished my review of the Synology DVA and the deep video analytics, how important is the license plate counting? I don't have an easy way to do it. And I mean, it supports it. I'll test that it can do it, but I know it does it. I don't know how great it is at license plate counting but you're able to create a task for vehicle. Vehicle, I believe entering, exit, maybe here. It's in there somewhere. There's a license plate option. Maybe it's not under that people and vehicle. Okay, record clips. And then there we have the D license plate recognition. What's the region you can say, you know, like United States, a lot of block icons, license plate database, and you can add license plates. So you know if a license plate, so it doesn't match them, it's in there. The problem is the cameras are in my house and I pull in forward so you can't see my license plates. So I don't know if I need to cover that aspect of it as much. So yeah, I don't know if that's gonna be important or not. Speaking of SSS, Synology Surveillance Station, I like how people type it, SSS, it's easier. I have some newer cameras seem to take over as a 10 seconds load into a layout when opening a monitor. Tringing it out, why? But I'm thinking it's a network congestion issue. Maybe I'll show you though, I have a similar issue. Watch, when I open up the monitor center, and it's not gonna do it this time. Let me try reloading the page and see if we can get it to do it again. Sometimes when I open up the monitor center, there it is, now it did it. My front porch camera. Ooh, look, there's even a package on my porch. My front porch camera will do this and it blinks out green just for a second. So yeah, I don't know. That's as close as I seen, that camera does it. The only thing different, this is the, okay, I don't remember what camera this is now, let's look at the model of that camera. So it is my porch camera. Front porch, I think these are all Amcrest. Yep, Amcrest. That's, I don't know why that one does it. The other ones don't, so okay, that happens to you too. It just doesn't for a second. It's never in a recording, it's only in the live view. It's the only time that shows up. But leave your thoughts and comments if you think I should add the license plate recognition to the review. Yeah, I, like I said, I don't know if I should or shouldn't, I can't really decide. But overall, the review is going really well because it does everything Synology Surveillance Station does, plus the face recognition database and the deep video analytics. The deep video analytics is cool. I like the fact that I can count cars. That's just kind of really novel to me to be able to count all the cars as they drive by. It's actually the, someone suggested keyframe interval. Yeah, I don't know. I'm guessing there is hardware to handle these FPG, some ASIC, any chance they could release a car and add it to a standard NAS device. I doubt it. I mean, it seems to be exclusive to their DVA devices. And I don't think, I don't envision them offering, because they don't offer Synology Surveillance Station on non-Synology devices. So I don't picture it being some type of card. So yeah, I know your current install, you're correct. Is green camera on any cameras on wifi? Nope, they're all directly connected. Yeah, I'll look at the license plate. I just don't know how much in depth. I don't have a way to capture all the license plate unless, and I don't know, this would be a weird thing to do. I had to run a really long cable across my yard and like point it at the street to capture people's license plates. That seems creepy though. That seems like drawing the line. Yeah, plate recognition is kind of neat. It's just hard to get when it's on a residential house. I'd have to set this up over at my business and go capture all the plates in the parking lot, for example. Maybe I'll do that. Maybe I can, you know, I can set up a VPN and I can see if I can capture license plates remotely over a VPN. That would be interesting. But it's hard to do, yeah. Yeah, that's the other problem. We only have rear license plates in Michigan. Front license plates are not required. Oh, a card put into standard Synology that has one PCA slot. Yeah, maybe they could do that. Possible. Hard to say. Any good asset management software, sort of like Lansweeper, Snipe IT. That's, I guess you have to be more specific about it, but Snipe IT is out there for that. I'll throw it in the chat links. Easy enough to find. Seems like every live stream, someone asked about this app. So nonetheless, don't capture license plates of cars passing by your house or maybe an issue with the law. Yeah, I have no idea if there is or not. And I don't really want to be creepy doing it. So I'll test that. I'll probably just back a car in and say, does it see the license plate? And I'll have a curiosity. Does it see my motorcycle license plate? Cause it's smaller. That's about it. I'll confirm it works, but that's everything I'll cover on that. But the overall though, I must say the, I'm still really happy with the way the system works, the advanced motion detection, which I covered the advanced motion detection in another video. That video is still relevant because the Synology Surveillance Station, and we go to the driveway, for example here, let me edit the camera, the event detection, you still have the human and vehicle detection that still is needed. Because if you have, especially the model I have is just the small one, the small one can only do a couple of tasks. So it can't do that much detection. But if you have more cameras that can do detection, then you may as well go ahead and get the nicer cameras like this one here. I cover all the details of how to set this up in my video. These cameras offer the ability to do the detection in camera, which lessens the burden on the Synology. Because one thing about running these detection tools is if we go here, let's say go back to the main page, if you look at the resource meter on it, it's always running, unless I turn off those detection options, it's always pulling about 40% CPU utilization running the event detections. So there is a CPU penalty for running these and it can only run a couple tasks. So yeah, that's, yeah, yes. All right, the other Synology I wanted to talk about. So this is kind of a follow-up because I like following up on products and maybe I'll do a video on this topic. Oh, wrong one. Someone says, can you quickly explain? Oh, it's Alec. Hi, Alec. Can you quickly explain hybrid NAT, PSN, symmetrical NAT? Not quickly. There's an article on it and you can Google it and you'll find they have a write-up on it that would articulate it quicker than I could. Generally, it's not something you need to mess with. So it's more of a special use case. I think I needed to have symmetrical NAT set up with my stupid Nintendo Switch, well, my son's. But yeah, does facial detection allow a gate or in-person detection only send an alert if unknown person was detected? So yes, it's got a database for the face detection that allows you to, and this is where I have to probably edit, I have a task and we can, let's go back to that other one real quick. I have a task called who's on my porch and I, hold on, before I open it, let me minimize it. I want to make sure who's in there. I don't just like throwing everybody's face on the internet. I don't know, do I leave the Amazon drivers on there? I guess, well, we'll take them off for now. Actually, we'll just remove it, delete. There we go, that we, all right. So let me go back to sharing this. When you do the face detections, it figures out who you are. 89% thing says this is Tom, but it doesn't like Tom with a hat on because it needs more training. So, me smiling at the camera and it, my wave side-eye in the camera, where does it go? Oh, she's on the phone. She loves when I put her on camera, but it does face detection and it matches the faces, but it can alert you on who accessed based on that. So you can actually get reports based on the face database. So it does have the ability to do that. I have a wise 50, 60 thing client running backup server for all state backups. I could use it with XED Trunance or SCB OMB. I don't know anything about the wise 50, 60 thing client. So I don't know. Maybe someone else can help in that. Planning on redoing some of the cabling in major scale, my hope is that this will alleviate some of the network congestion. Yes, that definitely can help. What's the highest zoom PTZ camera you've seen? I'm on a mountain side and want to see things on the other side of the valley. I don't know. We don't really have people who even bother with the PTZ cameras, like it's at least in the purview of the people we support, we don't see it much. So I've never really dug into it. I'm sure there's some great ones out there, but I don't know the models. Back to the other Synology. So this is one I reviewed a while ago. This is that Synology rack station. I've actually, it's been almost a year or two since I reviewed it, but I think this is one of those things that's important is does it still work? Does it still work well? Did it die? What are you doing with it, Tom? And up until very recently, I was doing the surveillance station on it and I moved it over to the DVA model, but I just want to, you know, I'm probably going to put to your mind a couple of different videos on this. And basically the system has worked flawlessly with one error. I think there's an error in the control panel somewhere. Let me look here, or is that under the storage manager? I've had one drive here. It's only got four drives in it, but one gave a smart error once and that was it. They're all, and they all show healthy now, but I think that's an important aspect that was to follow up on some of these. So I'm thinking about doing maybe a couple of videos on these, what all I'm using on it, which currently, and what's set up on here is going to be the active backup. It does that. Active backup for Google Workspace, active backup for business. It actually is backing up two computers here at my house. Yeah, so 621 and it backed up this one yesterday. So it's running regular backups on my gaming system and my studio computer. And as a matter of fact, I've done restore tasks, which is kind of cool to be able to do file and folder restore tasks with it. It's been solid. It really hasn't had any problems. The active backup for business is just such a slick feature with here, but it's the first Ryzen system they've had and it's not been troublesome at all. It's on the latest version. Let me find something here. Yeah, I can't show the main page of what model it is and writes. It's an RS1221 with an AMD Ryzen V1500B. It shows my email address that I registered it to, so I can't show that in there. So, ha ha ha ha ha ha. Ah, yes, these spam bots come in here. They're better luck spamming us at eBay server sales. Yeah, they gotta know the audience here. Gotta get on that. But nonetheless, the overall with the Synology also runs and we'll throw this share back up there. I do have Plex originally running on it, but I kept running to weird issues with Plex. They were Plex problems, not Synology problems, at least I don't think they were Synology problems. Plex would stop. So I switched it over to running, is it MB? Yeah, MB server. So now it runs MB and that works great. So that hasn't had a problem at all on this. This thing is an absolutely rock solid. It's been reliable. It's, you know, just kind of a workhorse. Now, the downside is, and I covered this before in the review, that it does not have a 10 gig on it natively. You had to put a card in. That's still my complaint about their rack station model, but it's really not that big of a deal. So I don't think it's not really huge in terms of problems there, but all the Synology you've been deploying have just been very, very trouble-free overall. I've actually, that's one thing I will say about Synology. They make a really solid device. Now, the other one I mentioned here is my 45 drive server. So I reviewed that a little while ago and it's been in production for a while and let me find the picture of it. So, yeah. So that's the 45 drive server and it's been working great. You could see I was at my office when I was uploading it, but that thing has been a workhorse. So that's, I might do a follow-up video on it. I don't want to take it apart again. As I took it apart the first time, I have a whole video where I did a breakdown of it and everything else, but yeah. Overall, that's been a really cool device. We've now sold several. I did a follow-up on our petabyte project server that we did with this and we've sold a handful of other 45 drive systems and yeah, they're just work horses, man. I'm really impressed with both of those. What's his name? He has a whole video on it. So yes, I know how it works, nut. I just don't feel like doing a video and Techno Tim has a video on nut. So I would recommend Techno Tim's video on it. Tim Nut server. So if you type in, put over here. Yeah, Techno Tim has a video on the nut server. So watch his video on it and learn how to set it up. I'm not gonna do a video on it because he's got like an hour long video because there's so much to it and he breaks down all the details and I didn't feel like repeating all that work. But yes, nut servers, what you use to set up all your graceful shutdowns and everything else. I actually have become friends with Tim. His 100 days of home lab is awesome. Just a great guy. Great person when it comes to technology. So that would help there. I'm seriously considering building my own NAS, over Synology QNAP home. 45 drives is a bit out of the price range, mainly building it so I can run some VMs on it. Any thoughts on free NAS versus on RAID? On RAID is not very performance oriented but it's really popular because they make it easier to run a lot of VMs on it. They have some easy pass through. That's what people tell me. I've never used it. I don't plan on using it. So take that for what it's worth. But true NAS with their true NAS scale offers Docker support. Now it's still a pretty new product so it's not like all flushed out, works perfectly great but it's coming along pretty well. But as far as running VMs in true NAS, not so much. Their VM support is kind of weak. It's not the best place to host virtual machines. Hey, Tom, do you have experience running Supermicro Super Server E300 as a home lab server? I don't know which one that is. You said it's the Super Server E300. I'm sure they're fine. I like a lot of the, throw it up on the screen here. I like a lot of the Supermicro stuff. They make nice stuff. So I don't see any problem running it as a virtualization server. So I don't really see a problem with it. It's got plenty of things. There's different things that drive your thing. How many courses in this? Oh, four core eight thread. That's gonna be a weak point on there only having the four core eight thread. But other than that, I'm gonna say it's not bad. We actually have, at our office, this is a consumer board by the way. So if we go over to the hosts, this is, this Ryzen system right here is a, what is it? Ryzen 5 5600G, it's a consumer processor. So yeah, we're running this and we might build another one because it runs so well. The workloads we throw at this, just no problem. It actually, I'm shocked at how well it works. And it's got 12 cores available. So or 12 threads, it's a six core, 12, yeah. So that works, building on what you have is the best thing. I mean, the other ones will probably work. We're actually finding these AMD systems to make really good lab servers. Wendell in his forbidden router video over at level one techs. He said the same thing like me and him were talking about it and he obviously just did that whole forbidden router video. The Ryzen just performs really, really well with virtualization. It's just a good, it's overall a good system and it's good bang for the buck because it's not high wattage, it's not high heat but also has relatively good performance numbers. So all those things, definitely like that. I guess, you know, the other thing we can talk about too is I didn't throw it in there, we could always talk about PF sense. I know people probably have PF sense questions, right? So, I see someone says have a 3900X running Proxmox works fine. Awesome. Running three VMs on a shuna scale works well enough. I do commission my Proxmox stocks but definitely missing some of the functionality that I'm making up for customer scripts. That's where the challenge comes in. I mean, it's not that you can't do some things. It doesn't have the same sophistication as a full hypervisor like Proxmox or Zen Orchestra and XCPNG. So you have to do things like write scripts to get the functionality you might be looking for. So, I want to say thanks for the ubiquity deep dives to help me understand their Waco ecosystem a lot better. I think all of them have Waco ecosystems. So it's not just a ubiquity thing. No one's asked about Mikrotik because I don't know why but we can talk about something else that I'll pull up here. This is what I'm playing with right now. This is stupid because I've already got some dumb problems with this that I don't know how to address. Let me open up the stupid thing. Yeah, there's no login for that. The Cisco decided to have pop-up windows instead of web forms to fill in. Who does pop-up windows in here in 2022? Like really Cisco, this is how we do this now? There we go. This is the new Cisco access points that I'm testing. I also have a Cisco switch that I'm testing as well but it's typical Cisco with a slow UI. This UI is just not snappy but I set it up today. I'll be doing some videos on it and everything else. It's, I don't know, is there a software update for it? Does it tell me? Check now? Checking, well, I guess not. It doesn't think there's an update. Pre-download image. Oh, okay, so you can send files to it. You think it work? It says, I guess it means it's up to date even though it's create out, right? I don't know. The Cisco interface is just, yes. So remember how long we had support for custom Java versions because some IBM app was stupid. Yeah, yeah, that's the thing. The old Java stuff that you had to load. And I also have some Cisco switches I'm testing so good news is the switch, look at this. Web forms, magic. This is the web form on a switch. How do I set up a Mikrotik cloud router switch to just work for the Unified Dream Machine Pro? I don't know. I never used the Mikrotik cloud routers so I have no idea. Greetings, Alexis. Yeah, Cisco's known for their easy to use interfaces but I posted this on Twitter. Can you believe this? One, there's a wizard. And by the way, do you notice I clicked on it? The switch has a reasonable interface and it has a wizard for VLANs that you can click on things. Wait, how'd that get to be a trunk interface? I'm now confused. I didn't select, I don't remember selecting as trunk but maybe I did. I don't know, I gotta play with it more. So there's my VLAN table, interface settings. I guess I must have set it to trunk. Now I do have, okay, this is where you edit that but here's the weird part about the VLAN settings. Let me see if I'm right about this. So we can add another VLAN to the table. Easy peasy. One, two, three, one, two, three, apply. That's fine. I can delete the VLAN but I can't edit the VLAN. I can edit this but it doesn't let me edit once it's created. I guess once you create it, you have to delete it. I thought that was kind of weird. It's a minor inconvenience. I was gonna change your VLAN ID and I'm like, oh, I can't. You have to delete it. And so I did, cause I created a different one. So this is the only minor problem I thought was kind of weird. You can't just edit a VLAN ID but it's not a huge deal. It's not end of the world type of deal. But the interface is not horrible. So that's, yeah. There's still hardware that requires that E6. Yeah. That webinar is actually like Cisco Step.1998. It's better than I've seen any of them out there. Juniper is popular in the data center and ISP market. Juniper comes with a price tag that fits the ISP and data center market. So they don't like a bad product or anything. They just make a really high end product. It's not seen as much in the small business world. It's just not their market. Even Arista makes a really nice switch too but Arista, they just bought on Tangle and they bought it to try to get into the small business market. So new Aruba switches are copies of Edge switch interfaces with new UI and that's funny. That's interesting. I haven't looked at the new one, Saruba. VLAN editing for Cisco via CLI as well. Oh, okay. You can only delete that change of VLAN once created. Interesting. It's not a big deal. It's kind of a minor thing but at least it works. That's the part I like. So it's functioning. I didn't have to register with Cisco to get it to work. Port utilization. All this stuff in here seems pretty straightforward. The only thing I thought was a little odd too, where's it in the dashboard? Like I get that these are some of the logs but I think it'd be better if the logs looked better. I don't know why. Like they're throwing a lot in here. Like here's my IP address logging in accepted. I guess it's just because that's the way Cisco standard logging looks. I'm just trying to nitpick it. I'm gonna do a review of it but I don't hate it. That's the first thing. I didn't see any specials. Got, here's all your different ACL options. So lots of different IPv4 ACLs. It's a usable interface to get these things done. With some next thing, yes. I'm actually shocked with Cisco doing this. And by the way, they have more than just a VLAN wizard. They have an ACL wizard to get your access control is all set up, a VLAN or a getting started wizard that'll just go through and do the basic setups of the switch itself. So I'm impressed with them. Yeah, these are the, this is specifically the Cisco CBS 350 8FP 2G. So I'll drop that number in the chat. So copy, paste, CBS 350 8FP-2G. Does it have SSH, maybe, maybe, administration? These are the things I have to figure out, right? It doesn't have these things. Locate device, tracer out. Is it only out for blink? Yeah, it'd be cool for me to beep. I don't know, maybe that wouldn't be helpful. File management, firmware options. Yeah, I'm not seeing SSH. But probably, maybe we'll just try it. I'm, jury's out. Security? Well, I'm just gonna try an SSH input. Does that'll answer the question? So we try to SSH in. Do I get SSH access? Connection refused. It may not have SSH. It's got console access. So maybe you could enable it through the console, but it doesn't appear to be enabled by default. Yeah, I don't see it unless, you know, someone sees something I don't. I don't see a place to do it. Smash the like button. Reminds me of the Meraki dashboard. I mean, they probably borrowed some UI elements. This is a PoE model. Extreme Cloud IQ or Juniper Miss. Not on my to-do list. Telnet, you know what? Let's just straight up try to telnet to it and see if that works. If Telnet works and SSH don't, and connection refused, Telnet didn't work. Ha ha ha ha ha. SSH is under system. Well, I don't have a button that says system, so that's where, is it? It has a search. Administrative file operations. Security SSH. So it's under security. Security by P radius. SSH, there we go. Hey, there's our friend Telnet. I'm not turning it on, I'm just turning SSH on. Then we go here, save. All right, SSH has been turned on. So let's try and SSH into it. Cool, no matching key exchange method. Oh, I think, I ran this problem before. They don't have the proper, I hope that's not true, that they are only using a really old SSH method. I'm getting the no matching key method found. I got that before with Cisco. Typically located under security tab. See, I'm not a Cisco person. This is a dumbest error. I'm gonna throw it in the chat just so you guys can see. It, they use, I guess it, is this deprecated? I don't know, I'm gonna have to look into this. I'm getting this message right here. No matching key, they offer Diffie-Hulman. I don't, I know how, the solve is to add this in there. You have to add Diffie-Hulman shaw one. So why, why is Cisco, why they gotta be weird? I mean, I found the answer here. It sounds like that's just a cypher. I mean, how old is that cypher? Is it a dated cypher is what I'm wondering here. That's the real question, no, he just deprecated. Let's see if that's true. All right, we're gonna go ahead and pull this up. Now that's a deprecated, it appears to be deprecated. So at least I understand it. And this is from the here, brain trust of people, help me read. We'll say this method, Shaw run, due to recent security search with Sarah. So here's the stupid problem. Here's a brand new Cisco that has a deprecated SSH key in it. Like it's brand new. What about OpenVPN? What about OpenVPN? It's a switch, not a router. Yeah, it's why I figured it was deprecated. I thought it was, and I'm confirmed it. So here's a brand new Cisco with, it's not just Shaw one, it's specifically the Diffie-Hellman Shaw one, yeah. So how does Cisco throw these old cyphers in a brand new, this is brand new. I don't get it. I don't know. This is just silly. So yeah, this will be noted in my review. Let me throw it in my review notes as I'm making them here. Like really, really guys, you can't put in your brand new Cisco, a new model, a recent Diffie-Hellman in there. So, they're gonna be called out by it. They won't be the first time I called them out on their other switches. Their 1000 series switches have the same problem. If I'm not mistaken. I'm pretty sure I had that. That's the other switch I was testing that had that same issue. Like really, you don't have, you have old cyphers and I'm new with, by the way, updated firmware. Never heard of D, Devolutions wrote desktop manager, so I've never used it. They don't want it to be too secure, just kinda secure. Yeah. Need a license to enable that. That wouldn't shock me at all. If that was the case, I'd be like, yeah, yeah. That's the Cisco thing. The cypher was used in 2006. Yeah, it's only a, what would that make it? 16 year old cypher, you know. Who needs these new modern fancy cyphers? Why would we want to do things like that? That firmware may be pretty old. Devop version version I never updated that part could be. You'd think they would. They're sending to me for review. These were sent to me by Cisco directly. So I have a, I have a handful of Cisco things. Cisco went wild and turned the box around. Cisco means business. Oops. So, yeah. Time to call David Bumble. Yeah, the other thing too, it's not that I can't, I can go in my SSH and enable it. I know how the work around, because I had to do it before. You just enable the old cypher. It's been deprecated for a reason, but you can, they're disabled for your safety, enabled for Cisco. So, yeah, I don't know. Silliness. What else do we have? I'm gonna wind this down soon because I am really thirsty and I'm all out of water. I did not fill my water up before the beginning of the show. So, I gotta keep drinking. You know, we could try passing it off to my phone, but last time that didn't go well at all. When we tried to do it on my phone last time, we were trying, I don't know if it's gotten any better at all, but nonetheless. Nope, no pizza today. No pizza. I don't really need anything to manage because we don't manage that much RDP. We don't use RDP very often at all, so it's rare we're using RDP. For us, I know other people have use cases for it, so we don't. I can't remember the last time I used RDP. I've talked before about this. We use a tool called, it's a commercial tool, this one here. Connectwise control. Oh, this is actually from a business standpoint, one of the tools we really like. So, it works well, does what we need it to do. I'm curious if this will open on my phone because last time we had trouble, but also last time I was in a hotel in another state. So, let's see if, have you used Cloud or NIT? You know, there's a write up in my forums to use it. I don't know if I'll do a video on it. Jay has a video on how to use Cloud or NIT. If you go in my forums, there's a write up on how to do Cloud or NIT in my forums. If you type in Cloud or NIT, there's a whole discussion of exactly what you need to do to get it going in XCPNG. I don't know if I'll do a video on it or not. Tom's phone, I think we gotta turn this down. Now I'm on my phone. That doesn't sound bad. That seems to work. And then we can drop that. Hey, there we go. Now you can see what's in my office. And I can go get water. I can take you with me. Can I read the chat though? Nope, that didn't work. So, huh, thought I could make that work. I remember it was screen cracked when it was rebranded. Yes. Yeah, don't put RDP behind, or always put it behind a firewall. Don't just expose it to the internet, please. Because that's a terrible idea. It leads to bad things happening. There we go. This is me from the other side. This is actually what you don't see. There's all the mess on my desk. That's things I'm testing. Recording or business, do you also manage clients for station desktops or just their service network? No, we're station desktops too. Yes, let's see. Ooh, it's Veronica. Actually, hold on. Let me finish this question. I had a low voltage company reach out for an audit. They have a Windows 7 box open to the world. Yeah, it happens all the time. Hey, Tom, ConnectWise, but I'm not sure about their MSP wide offering. Do you have a video on it? We don't use the ConnectWise, we have a video on the ConnectWise control, but we don't have a video on the other ConnectWise tools because we don't use them. We use a tool called NinjaRMM. And NinjaRMM allows for the thing similar is the way ConnectWise works, like with their whole RMM tool, but you know how to message me over on Discord if you want a breakdown of all the tools. I also have a whole video and a link in my forums I can send you that has all the tools we use for my managed services stack. I did a video on it, but it's a really short video because I just referenced that I have a forum post. Yeah, automates the tool from ConnectWise on that. Hey, no problem, any time. I don't know upstairs because I need something to drink, but this way I can take you with me. And we don't have to end the show, I just gotta go get some water. You can actually come to the house with me now. This is the cool things about this. Technology, man, I can just pass live streams along over to my phone, go to my kitchen. You guys can see my house. Which doesn't have a lot of tech in it. There's just a TV on the wall. People think I have a lot of gadgets in my house and they're wrong. All the gadgets are downstairs. There's not a bunch of cloud enabled things or any of that. Actually, well, I could probably log in through my laptop and sit outside, but I'll keep it going inside of you and go back to my basement. I like taping on the keyboard down here, but the lighting is good in here too. Ah, there we go. Set that down so it's, now I have water again. And then I can switch back and forth. And I'm back over on this one now. Hey, there we go. The whole process was easy. Oh, the wife, this is me something. All right, nothing important. Close my phone, put it back on the charger. Oh yes, this is very true. True IT techs drink their own blood from the, from the cuts from the cage nuts. Yeah, cage nuts are brutal. That's for sure. It is definitely hot outside. Yes, we have used some of the Air Max products. I don't remember which ones. Would you recommend a source template train for end users to phishing emails and how to spot emails? Posted my forums about it. Fin security is the short answer, but if you wanna post my forums, yes. I've got plenty of gadgets in my house, most of them are older than me. Yes, I love all the classic things you have. Those are devices you can trust, the classic ones. They're not gonna spy on you because they can't get online. Oh, the sound, yeah, the sound's definitely gonna be way better here. That's why I switched back to this for doing the Q&A. Oh, thank you. Message about the pizza. Do you do video on cameras, NVR, PF Sense Security as many call home? Can you do a video on cameras, NVR, and PF Sense Security as many? Just lock them, just don't give them access. Like, that's it. That's the answer. Don't give them internet access. They don't phone home then. It's not any more complicated than that. People seem to think it is, but it's really simple. I don't trust the firmware to be good or is it really secure? We'll just say that. So most of the firmware on these cameras is probably garbage. So we lock them down or don't allow internet. We don't have internet on my network. And I think I've covered that in a video about setting these up. I have my PF Sense Rules for Home video. I definitely covered it in that video specifically. Yeah, everything's in VLAN. So easy, huge pain in the beginning. There's not really any easy way to do it. You just, well, you can put it in VLANs or separate networks, but the reality is you lock down those networks so they don't have internet access. They don't need it. That's the important part. Just don't give them access. Then you mitigate the risk because you, I feel confident in saying that the firmware for any of my cameras is probably garbage. And if anyone were skilled and had access to those cameras and that firmware, they could probably find a way in and turn those devices into some type of, cause they usually run some basic Linux kernel on them. They could turn them into something stupid. So yes, that's why you don't give them access. Really, it's not any more complicated or I can't really think of any other words to use. It's just really that simple. Just go in there and now you can lock them out. But at the same time, go back and edit one of these, locking them out does not mean you can't get in. It's about how you create the rules. So the rules allow me to log into the cameras, but the cameras cannot get out. And I covered, this is the rule sets I covered is how to build these. So I can log directly into the camera. I can see what's going on, go through the setup or changes I may want to make inside the camera. But the camera does not have internet access. It has all the settings in here, but it actually can't get out. So you just lock them down. Our students turn surveillance cams into hotspots. Oh, I'm just, all kinds of fun things you can do. Thank you for all the peer tours. My pleasure. I love making all these. A major botnet tech attack from those probably. I mean, too many people leave these things publicly exposed as a whole. It's one thing to say they have internet and they're on their own network. It's a whole another level of crazy to think that people publicly expose them. That's where the real disaster is. So, yes. How long have you had your Tesla? My Tesla now has 50,000 miles on it. So my follow-up is still works great. I haven't had any problems with it. Where's the picture? I took a picture of it. So I was gonna, I'll throw that in the list. Oh, so my Tesla has also, we'll throw this in here real quick. There we go. It's Tom on the race track with the Tesla. So I took my, I took it to a track. So it's, it was even fun for that. 20, 22 likes, 120 watching, smash the like button. I always hear you're not supposed to open your network to the internet, but massive companies based themselves on the internet. How do you do that without getting hacked? Why don't we do it that way? I don't know why some people do it. It's not that hard to do. Like don't open, I mean, it is because you got to set up a VPN to get in. So in some ways it's hard and other ways it's not. It's just more effort. Once you get good at VPNs, VPNs aren't hard and you put everything behind a VPN. Obviously some companies, if they're online, you build the tool allowing it to be online. You build it from the ground up to be secure. Your web applications are an easy example of this. Facebook has to be online. Well, they don't have to be, but Zuckerberg thinks they have to be online and people who use Facebook think it has to be online. So they spend a lot of time in security engineering to have a public facing website that people can interact with, but also have security on it. So why is it when I add something to one of the SSIDs on Unify AP that is set to a VLAN, if your machine pro keeps putting the device on the main LAN network, not the VLAN? I don't know. It sounds like it's not configured properly. Thoughts on a Ford F-150 Lightning? I think it's a great truck. I think they're doing, Ford's doing a good job that I can tell. I've talked to a handful of engineers. I'm overall impressed with it. So yeah, I think they're not doing bad. Figured out the hard way Unify has four SSID limit per AP. I don't know why people need so many SSIDs. I don't, but yeah, you're right. It has a four limit unless you turn off meshing and I believe you can get eight on a lot of models. How do you set up your XCB and GMS? All client machines, one gig to the switch and host 10 gig or is everything 10 gig? Depends on the budget. If you've got the budget for 10 gig or the need for 10 gig, then we put 10 gig in. Is it possible to update the free version to XO? How important are the updates? What do they usually do? They give you new features. So I think they're important. Is it possible to update? Well, the free version gives you updates but it still stays the free version. So it just has a little update or you just click it and it goes. It's not a hard limit of four where you think you've got groups you can get four per group or something it's been a minute since I like. Yeah, it's, well, there's an option. I forget where it is too, but you can look it up. How to get eight SSIDs on a Unify. I don't know why you need eight SSIDs, but if you do, the way you're gonna do it is you're gonna turn off the meshing feature, the backhaul, which allows it to connect to other Unifies wirelessly. Like if all your Unifies are hard lined you're not using the feature anyways. So you turn off that mesh feature and it enables the other antenna on there for do it. So yeah, connectivity monitor needs to be off according to Eleg Dobler. So yeah, connectivity monitor and it's something about the backhaul or meshing. I can't remember what it's called. It's not hard to find. It's documented. It's not a secret feature. And a lot of people have asked that. Oh, I did get a new one SSID per connection. That's weird, but hey, people do that. Work on, I have, I don't hate the, well, the Aruba cloud is bad, but the Aruba equipment is good. Like it doesn't have any problems, but the Aruba cloud is just, like I did my review and I talked to the Aruba engineers. I think I did my review in 2019. They're like, we're gonna be really ramping up and out of features. Three years later, it looks almost the same. They just don't have great, the product works. It's just as very bland. And you have to take it out of the cloud to do local management if you want them, more enhanced features on the switch. Three years later, that's still the case. When I did my review and then I was gonna do a followup review and I thought about saying, yes, Aruba still sucks. Or it's more specifically, yes, the Aruba cloud still sucks. Or maybe I'll click bait it. Does the Aruba cloud still suck? Yes. Maybe someone should register that website. Did Aruba update their cloud? My preferred next gen firewall device or software. I like PF Sense. So if people have some need for filtering on Tangle has filtering. Does Unify 6 add IPv6 DNS? I don't know. I never use IPv6. So I don't know. I even had a neat, I don't have a use case for IPv6. Bum, bum, bum, bum, bum. I did pick up a new camera that I'll be using for the channel. I have it for my motorcycle right now. But I did put that up over on Twitter. He said everyone wants to follow me on Twitter. I think I did post one of my videos on it for those curious, but I got all those 360 cameras and they are novel. So I will throw my Twitter link in there if anyone wants to see it. But yeah, it's just me riding with one of those 360 cameras. They create just this cool effect. It's just really neat. Bum, bum, bum, bum, bum, bum. They give you that really sense of speed because well, I'm going fast. But I'll probably do it about 50, 55 here. But it's a 360 camera. So you get those really interesting perspectives. Because it's one camera. I'm just spinning the camera to different angles and reframing it. I like this position because it looks like it's not a stick behind me, but it eliminates the selfies. But whatever you try to selfie, wow, it does that. But yeah, the 360 cameras are really cool. I haven't used Arrow Hive in a while. Last time I used it, they sucked. Like they had a terrible, I didn't like the interface. I thought it was bad. It was workable. We also had problems, the first units they sent to us. We got contracted by someone else to do the install. We told them they should use Unify. The guy wanted to use Arrow Hive because he was a reseller and they sent us bad APs. They couldn't figure out the problems. The APs wouldn't come on. They said, oh, you're wired it wrong. I'm like, we're not even into the wiring part. We are plugging it directly into the switch and they're not coming on. Turns out the APs they sent us are bad. They exchanged them, but it took way too long. Then Arrow Hive sent us the wrong brackets twice. The project got delayed. The person got mad because of the delays and I'm like, I can't help it. We did our part. We wired it. We went to install it and it doesn't come on. So I don't know. I wasn't thrilled with them. Trying to separate where I started VLANs, Wi-Fi, OTO team and SNCCP Wi-Fi monitors. I have a whole video on that. I think I called it. I have one on, it's this video here. It's called, configuring PF Sense firewall rules for home. So that is the video title. So I have this video and I have another video which is PF Sense and Unify. They're both 2022 editions of the video. Those will tell you how to do all of those things. Have you ever used airtight wireless security? Haven't heard of it, so no. Recommendations for a four port 10 gig switch and a budget PF Sense built home lab. The cheapest one out there is still that Mikrotik as far as SFP goes. The Mikrotik switch can't be beat for price. How do you set up XO managed multiple servers? You simple as the average site to site VPN. We set up each person mostly with their own system for it. I feel like some little notes on me to get off my butt and figure my home PF Sense. Ah, yes, the bots. I haven't tested the Nekir 10G. I don't know anything about, I didn't, Nekir's never really impressed me that much. I mean, but they have some stuff that works. I guess some people seem to be happy with it. I mean, Nekir, I don't know their model line up to tell you whether or not there's a lot of good ones or not. All right, any other questions for the good of the class here? Any more questions, I'm gonna wind it down in five more minutes, because I got a few things I'm gonna go do and I've been doing this for a little while. We're an hour and 12 minutes in. So we do co-manage. You gotta understand the use case. When we're doing co-manage and we're co-managing it, we set it up their instance. If we're managing it, we manage our instance. It really, it all depends on the use case. There's not an answer that will probably satisfy you because there's, it depends. It depends on does the client wanna have in our own instance? Do they need it? Do we need to manage it? It varies quite a bit. My Intel RAID card runs very hot on my TrueNAS. How do I test that this is bad? Why would you have a RAID card in TrueNAS? You shouldn't have a RAID card. You should have like a card that does pass through a J-Bod. Plus the one thing that keeps you awake at night, zero days. Zero days are the ones you gotta worry about. The unknowns. I mean, you got ways to mitigate it. So there's a way to have open VPN when you connect using a certain IP. Yes, you tie open VPN to radius. That's, we actually do that. So yep, just get radius going. And that's how, I have a video on it. If you type in like open VPN and radius, I already got a video done on it. So well, if it's working, I'll assume it's not broken. Runs as regular state on that RAID. So yeah, if it's working, I'll assume it's not broken. If it has some error messages that it's generating, and you know you're getting some checks on failures or something, our solution is try another one. You play a video on home automation? Not really, it's not really my thing. And I don't have much home automation stuff. I mean, I have my, what do you call that? This. And it allows me to do things like, I can turn my light off. I can turn my light on. So, but I'm not, I've used home assistant, but I don't have much. So I don't know that I'll do a video. Jay's, Jay from Learn Like TV has videos on it. And it would be repetitive and less competent if I did the videos myself. So if it's required by the client to do so, we do it. That's the best answer I can give. So yes, if we can manage it from ours, if it's needed. Do you do a live session every Thursday? First time seeing this, yes. Every Thursday, roughly four o'clock, between three and four is when they start. And once in a while on Saturdays, dimming LEDs is kind of difficult. No, not really. I can't show this on camera, but this has brightness and color changing. So it depends on the LEDs you get. So it's not necessarily difficult. It's just a matter of, we have to buy ones that offer the feature. That's the important part. I wouldn't recommend using XC and XCPAG Center. That's a, I think it's deprecated. I don't know, I never use it. So, I mean, I used it years ago. I don't use it anymore. And I don't plan on using it in the future. So that's the best answer I can give on that. I don't think they're even supporting it anymore. I don't know when the last update was for it. So, all right, I think we've burned through all the questions. You mean many LEDs? Oh, any? I don't know. I have, even my overhead lights are on a dimmer. I can probably show that. Oh, not only camera's not pointing right here, yeah. Let's say I can point the camera. That's a dimmer switch on the wall back there. Right there. So, I don't know. I don't have a problem dimming them. Hey, no problem. Made applying 50 SSL search much less annoying. Awesome, that's what I like to hear. I never do thin clients, so I don't know. Open source software for thin clients. I don't really do thin clients. So, I don't really have, I don't know what to do for that. I guess it kind of depends on the use case. So, it comes, it usually comes down to the use case. That's what everything does. What's the use case? What are you trying to achieve? Is there a software to fit that goal and go from there? But, hey, thanks everyone for joining. Thanks everyone for hitting the like button. Go ahead and hit it if you haven't already and it much appreciated. Looking forward to doing more videos on all the Cisco gear that I talked about here and maybe some follow up videos and other things I talked about it. So, yes. That's all I got and thank you very much. Oh, I'll answer this question. No, because I use HA Proxy. So, I do not have, I do not have a video on XO and Let's Encrypt because I use HA Proxy. So, awesome. Hey, Veronica's hanging in here. Thanks Veronica for joining. Thanks for commenting. So, take care everyone.