 Welcome and happy Saturday. I decided to do a streaming Saturday because I just finished a video that didn't make me happy. I see it didn't make me happy because I did a video ranting about the Cisco business dashboard. I don't like ranting about things, but I just found it so problematic that I decided to do a video on it. Now back up a little bit. The reason I'm even talking about the Cisco dashboard is not too ranted about it, but because I've been testing some other Cisco switches and access points that tie into the Cisco dashboard is one of their selling points. Now they have their own independent Web Interfaces and they work well as well as Cisco works with the weird interfaces that Cisco has for Web Interfaces for things, but they work. And I need to address the elephant in a room when I do those switch reviews, which I'm hoping to finish next week, and say, hey, this dashboard is just goopy. And here's my other video on it that way, because I think I have three switches and a couple access points. That way, each one of those reviews that I do, I don't have to address the problems I ran into with the Cisco business switch. So nonetheless, I also am throwing this live on LinkedIn. I'm trying to do a little bit more LinkedIn because it seems to be an okay platform and I'm trying to decide if I should also and additionally set up a dedicated Facebook page for all my videos. I actually have one for my business. I thought about one for the videos because I get a decent amount of engagement I'm realizing from some of the things on Facebook. And it's just me posting all the places I have an audience. That's really what it's about. I don't think particularly fondly of Facebook, TikTok, or a lot of those other platforms. But if I have an audience there, at least I'll be putting content that's better than some of the cringy or inaccurate content because there's definitely some bad content I've seen on some of the other platforms. I especially don't like all the just misinformed people that are posting about networking on some of them. I'm like, no, that's not how that works at all. It's it's one of those someone's wrong on the Internet. I need to discuss it or something. But at least it's a it's more venues to put this on is how I how I feel reaching out to more people because obviously my goal is to educate people and you know, teach them about technology and things like that. That being said, I actually, ooh, how do I say that? Thessaloniki. Thessaloniki. I'm not Greek, so I don't speak that language. But cool. That's awesome that you're all the way over there in Greece. The only place in Greece, I used to work for a company and they were from the father was from Greece. They visited there pretty regular. They were from this. I want to say it's Desvi. I don't remember, but it was cool learning about Greece. It seems like a really cool place. A very beautiful place. I can at least say that. The new thing I've been working on that I'm going to throw out here for people. It's not completely done because there's not much there yet. But it's getting there is I'm creating a series and, you know, I'm doing this because me and Jay from learn Linux TV talked about this. And it's being able to do Lawrence.video. So Lawrence.video will take you to my YouTube. So it's an easy way to get right to my YouTube channel. But I set it up as a URL shortener. So Lawrence.video slash and I'll have like some of my playlists or videos I frequently reference that way I can easily send them out places. Same thing with like Lawrence slash business Lawrence.video slash biz to get to people in my business technicality channel. So I'm doing a little bit more content organization and curation because I have so many videos. This has been like it's as well as things I didn't realize how many videos I have. And I realized, okay, there's like 1600 videos. I have to kind of start managing these and putting them in a more concise manner. The other thing I'm doing and this is a future thing I need to hire someone for. It's got figured out exactly. I got to figure out the approach of how I want to handle it. I'm going to be doing. Well, let me go back to a tab here. And I started this project a while ago and I didn't keep up with it because I started as a process but didn't really follow through. So I need to do is work with someone. And this is another place where I'm basically embedding all of my videos and then creating a series of landing pages. So like all the Synology videos will be here for category Synology. All the TrueNAS videos can be here for all the ones on TrueNAS which by the way, this is not up to date. And the website I'm using for this is called Lawrence.technology. It's another domain I own. But I want to start having a curated list. I'm throwing a link down here for that. So I have a curated list eventually of making it easy for people to find like the latest of my tutorials. This is where it gets tricky. I need to hire someone is as I create a new series or a replacement video because, you know, it was done with TrueNAS this version and now there's a new one with the TrueNAS this version. Then I want to make sure the landing pages all reflect always the latest videos. That's where I need someone besides just me because creating the content, running a business, curating the content and going back and forth, running a business is a lot. So I'm certain I think I may be reaching my ends. And by the way, this is not a roadmap for business. You're supposed to delegate things. I delegate things in my business well. I haven't really figured out delegating any of my media creation very well. So that's been a thing that I am not great at. I need to get better at it. Well, let's see. That whole home surveillance IPcams. Are you recommending them right now? Nass, what do you prefer right now? And I've talked a lot about this. We have and we'll pull both up because I think they're we're talking about both of these. Let me log into my Unify one and I'll log into my I'll switch screens here in a second. I know I'm not showing the screen that you want to see. Share this tab instead. So here's like the Unify one and we have this set up at my office that we keep running all the time. We also have and I'll pull the other one up now. We do way more. Cernology surveillance stations than we do. Unify system. So we'll pull up this tab. So here's my one here. This is my Synology one and this is the one at our office. We still do deployments of the Unify one. Availability is one thing. Second is features. As long as the Unify has all the features you want now, it's okay. It's not a bad system. But if you go, hey, I want some extra features. That's where it's limited. You hit limitations with the Unify of it only has the features it has. There's not a lot of extensibility to add more. There's no way to back up the storage, for example. Now you can download individual videos, but if you had to have some rolling storage requirements where you have to archive back things up, that's just not a feature that Unify has. I don't know where it is in our roadmap. If you have multiple sites and you want the systems tied together in a more uniform way, I don't really know how they eventually will support, allegedly I should say, will support stacking in the future, but it's not a feature they have now. So there's some limitations of it. But our general go-to is going to be pretty much the Synology surveillance station systems. Those are our general go-tos for those for business. Watching the Cisco vid when the live stream popped up. Yeah. I'm going to get some spicy comments on that YouTube live stream for sure. What do you recommend for streaming, recording, and editing your vids? I'm not going to lie. I really like DaVinci Resolve. DaVinci Resolve. My only regret with DaVinci Resolve, and by the way, it is you can use the free version and it works amazing. It's popular for film documentaries. It's really popular amongst a lot of people on YouTube. There's a lot of great tutorials on getting started with it. Highly recommend DaVinci Resolve. Cameras. I'm using a Sony A6600 with a Sigma 1.3. Here's a thanks for the PF Sense content. Help me get loads of things set up. Awesome. It's a lot by myself for sure. You are absolutely right, Drew. It's becoming kind of... I'm going to say I'm finally getting to the point where I'm a little overwhelmed. The problem is I keep treating it like a hobby and that's why I don't delegate it very well. It's not like my business where I assign people to do things. I'm always like, hey, if someone has some time, work on this and some of my staff are always willing to help. But I always put customer stuff first and foremost and then I'll just take care of it on the back end. But now I'm to the point where I'm probably going to need to dedicate someone just to do all the things I do because I'm doing all the social media posts as well. So, whole another... That's a lot of posts because I'm a little obsessive and I waste too much time on social media. I'm not going to sugar coat that. Boot environments are cool stuff. Work in 2301, four days without problems. Awesome. I would recommend DSLR, mirrorless cameras instead of webcam, far superior quality. Yeah, I mean, the new webcams have gotten substantially better. But a lot of my videos, and even some of them with the absolute ton of views were just done on a C920. It comes down to what you're trying to do. Content is first about what's your goal? What's the outcome? Are you trying to create a cinematic look? Well, you better get a good camera. Or are you trying to create a bunch of firewall tutorials and things like that? That matters about the content, not about the camera at that point. So you think about your goals before you spend a bunch of money on things. Yeah, they just released the license plate reader for the Unify one. I haven't done any testing with it, but it's interesting. They're getting there. So that's a feature that they will have. I don't know if any of the cameras, I have to look at which cameras are supported. I don't know that my cameras support the license plate reader for Unify. DaVinci Resolve is great. Absolutely. So are you going to make templates for the next CPNG like yours, Proctox? Yes, you can. There is a template system in Zen. Matter of fact, you can take... There's an option... Where was it at? Yeah, convert to template. You can convert an existing system to a template to be redeployed. That's actually part of the VM. So yes, it does have a templating system. Playing around free PBX, having issues with PF Sense, getting phones ringing inbound with no audio. It's the way you register NAT. You need to find a provider that does... that works properly with NAT. I'm not an expert at it. It really comes on provider. If the provider doesn't support proper NAT registration, you run into that problem. If not, and even when they don't, there's a way you can load a SIP Helper in PF Sense. It's been a long time. It's been a few years since I've run into that problem. It used to be a bigger problem in today's world with most modern Voigt providers. It seems to be less of an issue. What automation tool do you use in your home lab? Not enough of them, but probably Ansible. I've done more Ansible than anything else. What is missing in Next Cloud to use instead of Google Drive or Dropbox? What is missing in Next Cloud to use it? Confidence in the security. I would describe confidence in the security being my biggest worry with that particular product. It's a lot when you're putting things exposed to the public internet. Once you have them all exposed, I always worry what is the security. There's a flaw found. How fast will it be fixed? I'm a little worried about publicly exposing Next Cloud. Feature parity? Next Cloud doesn't have email. It's probably the first one. Not any good mail clients such as Gmail does. We're still going to keep using G Suite for my Lawrence Systems business. What's the Linux port of DaVinci? The only problem I have is DaVinci doesn't support anything, but I think it's Wave format. I always have to make sure I'm embedding. I think it's like PCM Wave for audio. It's only the audio codecs that are a challenge. But all my videos are edited in DaVinci Linux. At least they have been for almost a year now. Hey, William. Thank you very much, William, for the donation. Started using Invoice Engine V5. Great update. Still on the list to do a video? Yes, still is. Hey, Doug. Is this the Ask Tom Anything stream? It sure is. I have some serious questions about some skeletons and closets. Oh, yes. Doug, do you remember when me and you were just a couple of internet, you know, who was that guy that was harassing us? That we and you had to make some stupid comments about. We should catch up sometime. Those of you who don't know, Doug is a friend of mine. He's a local IT business owner here. He's in the adjacent city. Doug's someone I've known for quite a few years. How do you back up? You're a unified controller. You're seeing you back up the database. Where is it located in Linux? I would have to show you, but it's easy enough to find. It's under, like, I don't know. I don't feel like SSHing into my Unify to show you the path. If you Google it, it's probably a first result. But it's like under Varlib Unify Auto Backup. It's under a folder called Auto Backup. And then you just back up. You tell Auto Backup to send the data there, the data that goes there. Do you know any, do you know if it makes any sense to ZFS on MVME One Tier Proxmox? Not that I can think of. Next thought is a lot of features listed, but they're not great like people. Oh yeah, photos is, Google photos, I mean, you can hate on Google for privacy problems. Anything to be right to do so. But you can also say Google photos is stupidly amazing. And it is. So Google is a great job with that. And I haven't found anything as good as Google photos. My Unify G3 Bullet can do it after two years mounted under using my garage. Cool. Yeah, awesome stuff. Yes, we were internet tough guys. That's been a while, man. I'm running Unify. I want a better schedule, restrict internet access for my kids. I like to establish schedule the simple mobile interface. I don't have any answers for you on that. There's probably some nanny software out there that'll do that for restricting kids. But it's not anything that Unify does a great job of. I'll just throw it out there. If you're looking for something good, you'll probably have to load a tool on your kid's computer to filter their internet. You're not going to, you're not likely to find it as a, in Unifying. Not that it's going to work well. Oh good. Someone else who agrees with me that chat GPT is overhyped. But overhyped is fine because it's way better than some of the other things I've seen in the news. So I don't mind that people overhype it because there's worse things we could be talking about. Have you heard about buffering issues in Unify? NBR? Worse if I connected directly in better, but not gone. Connected via council. So I am doing this. Let's go ahead and play back something. I'm doing this over a VPN. So I don't know. Here's the, let's roll it back 15 seconds. And I'm going through things. It seems to be working fine. Let's go through detections. Let's play back a detection. I'm, this is remote. I'm at my studio. This is at my building where my employees work. So this is separate. And I'm not seeing any problems with it buffering. So it's not, it's actually not a problem we've run into with Unify. They seem to do a good job of choosing different video streams in order to make it effective for working over slower connections. I mean, obviously at some point, the connection is not going to be fast enough. So Google Photos is great. And they had a drive photo photosink deprecate like so many other Google apps. I use, I loved Picasso years ago. Was it probably 2007 or eight? Picasso was amazing. That was, that was all their tools that was just, I really wish they hadn't have thrown that over into the Google graveyard, but if anyone was a Picasso user, man, it was awesome. But really smart enough to log into the wifi and the devices, tell it to phones. I had to set up always on VPN. Oh. It's HR, not an IT issue. Fun. The, oh, I do like this cup. So I started drinking this cup, but I figure I'll share with you what it says. This is from my friends at Huntress. They had a thing it was, they were giving out beer cups are called breaches and brews. It was part of their talk about security and that. I have some upcoming videos that I'm working on with my friends over at Huntress as well. Have you tried license plate protect and some models? Yeah, I need to look that up because I seen it announced that it's available, but I don't, I got to figure out which models it's even supported on. So that I have the UN VR Pro. So I don't know. Matter of fact, let's go to protect here or not protect. I'm on the version three. So I assume that's, it says it's up to date. I'll assume that's the right version and it supports it. I don't know. I got to dig into the detection on there. Excellent. Excellent. Good. Oh, I forgot to, I forgot all about this device. This is the device that checks the door. It's the UPSense device. We've been using this for a little while. I kind of forgot about it. I need to do a fully updated review and I'll mention that I have this in here as well. So, yeah. Can you encrypt files before syncing with syncing? Yes. Syncing actually supports encryption that it grabs it and lands it. You can land and have intermediary or final destination syncing devices or instances that are encrypted. So they are unaware of the data. They will synchronize it, but they're unaware of the data. And as long as you have the data encrypted in syncing, you can back it up that way. I think I've covered that in syncing, but I'm going to do a 2023 edition of syncing. I know it's been a little while since I did it. So this will probably work. Yeah. If you create a new VLAN and use DNS from Clean Browsing, but don't forget to force the kids browsers because a lot of them will try to use the DNS over TLS. So that will bypass your local DNS. Google stayed true to the word and reduced eWays for releasing new firmware for the Stadia controller. Interesting. There's actually a side note of something really good that came out of the whole Google Stadia. It's a new version of R-Sync. Well, they started with the concept of R-Sync. It's a new way to transfer files at great speed. So it's a synchronization tool that supports a lot of cool features. It's open source. So that's actually... It was what they were using in Stadia to synchronize game files. They released it on GitHub. I thought that was kind of a cool thing, too. What are the most wanted and still missing features in TrueNAS? Well, that one's pretty easy. Everyone wants, like, one-click proper deployments. Synology does a better job than TrueNAS, but Synology puts a lot more engineering to their apps than TrueNAS does. TrueNAS is trying to fix the Docker apps that they're using in scale to match the way they work in TrueNAS with their interface. So they... I think they didn't see a bigger team to get it deployed, but application control with better deployment is something they could... It's going to be room for improvement, I think, for a long time. It's a big engineering endeavor. It's not like they're not putting any effort into it. It's just a big effort you have to put to it to get that done. Can you create a view that cycles through a group of cameras? Yes, no. You can create a view that cycles through on the... Where's it at? Magic Video Tube. That's what we call it. Magic Video Tube is the U-P Viewport, and you can... Where do you put the settings in for it? Oh, here. All cams. You can create a camera view here that cycles. So there's an option to do that in here, but it only does it with the viewport. It's not something... It won't do it from here. I don't think. Is there even select view? See if we can add a view. Does it cycle an option? It doesn't look like it. I can drag the cameras in here, but I don't see any way... Yeah, nothing in here says cycle. So there's that. It doesn't look like it. Yeah. This is... I'm not sure either until I dive into reading it. Grab something here. Yeah, until I dive into reading a documentation. That's actually... That's the challenge of doing these videos is like, there's been a lot, but because it's not just automatically, it works with this. You have to understand what are all the thiss it needs in order to achieve, like license plate reading. Hello and happy Saturday. Smash the likes. I'm all for smashing some like buttons. Matter of fact, we'll... Let's kind of go into this here. How many likes do we have? So we are currently... 128 people and 27 likes. So please, mash on that like button. Only mash it once. Mash it twice. Mash it any odd number of times that makes you happy. Hey, Lord of Systems. Love your videos. Help me a ton. Get more involved in the networking before. Currently building out a network from home. Thank you very much. Awesome. Good to hear it. Would be cool if you could build an ISCSI SAN system in Shurnass with two servers and SAS-DAS Shelf Increase Liability. The way it works in Shurnass is different. Going forward, they're going to eventually have clustering and then you'll build it on top of... They're going to use Gluster with the Shurnass scale systems. With Shurnass Core, you can do the dual motherboards. I've done reviews on that. And that gives you your high availability there. So they're not doing an HA ISCSI in that same way. Where do you stand on creating VMs in Shurnass scale versus ProcNOx in a professional environment? You know, the Shurnass scale system, which I'm working on a virtualization video for it. Over here. I use it for virtualization. Would I call it professional? No. It's nothing compared to ProcNOx. I mean, ProcNOx and XCPNG ESSI are substantially better than this. It just is super basic. Here is like the most limited amount of features. There's no live transfers. There's just really basic. Even when you want to do a snapshot, please note there's not a way to snapshot it in here. There's a way to snapshot. It's just not in here. You actually would have to go to the datasets, go down to like my virtual disk here I'm going to work on a video on how it all works, but like then we go here and then I can go view the snapshots or I can go you can kind of get the idea. Like I can go here to view snapshots or let's go over here to data protection. Then we're going to go to snapshots. Come on, it's spinning. And then we can look through the snapshots here, which is all snapshots, but then we can filter them down to. Yeah, Tom, those are wrong ones. I need a bunch of ones. There we go. There we go. Before my Cisco install, here's the snapshot for this particular VM. It's just not the same as doing it in something like a foldable hypervisor. Yes, the 2023 sync thing would be great. Just been looking across both the U.S., Chrome, SDVN, container, and Android phones. Yeah, it's just great. All the features sync thing supports. The TrueNAS fixed their Docker functionality ended up running a Docker and Portainer via almost VM. No, it's so goofy. Love your videos on Cloudflare Tunnels. Do you use the warp service at all? I do not. I'm in a mixed feelings on Cloudflare Tunnels. I did the video because I know a lot of homelab people that solves a problem without a lot of effort. Therefore, lots of people use it. I dislike it because it's proprietary. It's based on Cloudflare. I don't like building things on proprietary services. That gives you vendor lock-in. Now, I do it because, as I said, it solves a problem for a lot of people. If you're stuck behind CGNAT, you have limited resources, and Cloudflare offering this for free is awesome. But it's like the same as recommending any proprietary service that has a complete dependency on a company's decision to offer that service. It's not like it's something you could say, well, Cloudflare will host it. Or here's the server tool. You just load this little tool on a server and you can spin up your own. No, not exactly. You can load the Cloudflare tunnels, but they are tunneling you to Cloudflare. That's my only problem I have. I know the code is open, so it's open source, but it's still tied to the Cloudflare service. I don't really use any of the proprietary services for them. Cloudflare is a great DDoS protection tool for business. There's someone I would recommend, if someone needed a large-scale DDoS protection, because you can't do that on your own. You really need a bigger company to be able to absorb DDoS. But that's getting onto a different topic altogether. Compatibility between devices and software can be a nightmare. AE200 review, probably another week. We've been using it now for over a month, and it works great. So too long didn't watch. It works as expected. So it's a good order one if you want one. So the problem with Gluster, and this is my understanding from talking to people who are smarter than me about this particular topic, Gluster can perform really well, Ceph scales larger, and Ceph does better with caching. The Ceph caching schema is more advanced than the way Gluster does it. So when it comes to indexing large volumes of files, there's more opportunities to configure high-end tuning. It comes down to how you configure it. And Ceph then there is Gluster. That being said, I don't know. It'll be a long time for I get around to doing videos on that because they're kind of one-off. They're used in enterprise space. I'm not saying it's not used. It's just a lot of homelab people want to do a video on it. The reality is it's kind of neat to learn, but it's probably not going to get many views on the channel. It's something a handful of people ask about when they realize it's complicated to do, they'll probably wander off from doing it. Can you run Cloudflare Tunnel app on the same device, the MIP you want to access from the internet? Yeah, probably. I mean, you can run Cloudflare Tunnels on other cloud instances as well. I have one XCPNG host in boot, and my boot drive will not boot. My VMs are in another drive. Can I just reload my boot and reattach VMs, or can I rebuild? This is tricky. So you can reload and fix your boot drive. The problem is your VMs. The metadata is all saved with an XCPNG unless you chose to back it up. If you did not back up your metadata, you will have to recreate the VMs and reattach those files. So they can be redone. They're just XVA files, but the metadata like how much RAM it had, processor settings, network settings, that was all stored in a database inside of XCPNG. That database is easy to back up, but I think you're asking because perhaps you didn't back it up. Approxima clustering and self-integration is way more mature. Probably more mature than a TrueNAS system, for sure. Tailscale solved all my tunnel needs and the wonderful team over there, the ability to share nodes across the counts is a wow moment discovered. You know, they had a security incident and it was exactly what you want from a security incident. Some researcher found a problem, was able to reproduce a problem. They tested a problem. They fixed the problem. They debriefed on all of it. They even said that they had a way to check to see if this was ever used in a while and said it wasn't. Like, awesome. Security's hard, but it's great when you're a company that doesn't leave us vaguely wondering what the hell's going on. Look at it, you last pass. So even though Tailscale's a security researcher found a flaw in it, it didn't make me less confident in the product. It made me more confident because they're listening to security researchers. They're doing their due diligence and when they do a write-up, they're not vaguely telling you, we fixed it. We don't know if this happened. They go, we checked and never found anyone else who was able to do this outside of the security researcher. Awesome. That's what you like to hear. That also means to keep good logs because you're able to look. Do you recommend installing Docker or Portainer on Proxmox itself or creating a VM in Proxmox and installing Docker there? For me, I don't use Proxmox. So I would install the, I would build a virtual machine that runs Docker and then put all your Docker and Portainer instances in there. Hi, Lawrence. Thank you for your great videos. I have a question. When you make a VLAN interface on a router, most routers do enter VLAN by default. Do you have tutorials to disable VLAN routers? No, it does not do it by default. When you create a new interface inside of PF Sense. So I guess it depends on, if you're talking about Unify, they do one by default. If I'm not mistaken, their default is still allow all, unless you create it as a guest. If you create a normal one, they allow inter-VLAN routing. So I do have videos on how to do it in PF Sense. I don't think I have any recent videos on how to do it in Unify, but I'd recommend doing it in PF Sense. Which, by the way, doesn't have rules that default allow. I saw your shorts videos on labels. Can you elaborate a new video about labels and tool recommendation? I don't know what recommendation you're looking for. I think I've mentioned before that we bought this. I'll bring it up again, because I think it's such a cool device. I'll drop a link here for everyone. I bought this thing, and I bought it... Let's see, I'll drop a link for everyone. The Nimbot, I bought it a year ago, and I'm still using it. This thing's great for doing labels. It's cheap and just works. I guess I have systems. I went with Gluster, because it runs on top of ZFS and SF was had its own system. That seems likely. Do you use S1 controller complete? And why? Complete because it does all the things. Thank you for excellent PF Sense Tutorials. S1 is Sentinel one for anyone wondering. It's a cybersecurity tool we use. I have one problem, a multi-wan config, when the WAN link goes down and automatically switches to the backup WAN. One problem. It's a problem because it switches. However, when the WAN link comes up, the Gateway does not switch back until I initiate manually. Yeah, I've done videos on this. It's explaining how states work. So I have videos explaining how states work. Look at my multi-wan. I posted these within the last month. PF Sense multi-wan. So basically states stay where they are unless you disable them. Now states eventually will wander over the other way with a few exceptions. If a state has a persistence, such as like a phone that keeps registering, it will stay on the backup WAN because the only way to get it off the backup WAN is to disrupt it. You don't want to disrupt it. The other option is going with a more expensive SD WAN solution that controls the states for you. So that's why that's doing that. Unified does this by default. PF Sense, not so much. I lost there. Hey, Tom, did you still get the other talking about virtual machine running as containers? Still want... Yeah, reach out to me on that. I want to show you some things about Metal 3. Okay. Reach out to me. Message me on LinkedIn or wherever. I don't know where we talked about it. So reach out to me again to refresh my memory. I have ubiquity edge router X looking for replacement. I want the same form factor, but just a little more powerful suggestions. Doesn't have to be from ubiquity. I... I'm partial to PF Sense. So I don't really know what else is in that form factor, though. I mean, the Nekate 2100s are, but I have no idea what your budget is. If your budget is only edge router budget, edge router X budget, then you may not like the 2100 because it's going to be a lot more. PF Sense is implicit today. Is there a default? Well, there's just no rules. When you create a new interface of PF Sense, there's no rules, so it's kind of like an implicit today because there's no rules. Oh yeah, you guys want to know why it's pink? I'll let people guess why it's pink. How do you remotely manage PF Sense deployments? You can do a reverse VPN. You can... Usually we have access to the devices behind the PF Sense, so you can remote into the client's server and connect to them that way as well. Did you get the pink one? So no one steals it on the job site. That's the winner right there. Someone knows. Do you know if Unify offers a package to sell a premium version of Wi-Fi by their... No? Unify offers a package to sell a premium version of Wi-Fi by the day or recurring. They don't really have a good system for that built in for like selling hotspots. Pay for a separate captive portal if that's what you're trying to do. With multi-user as a way if the circuit goes down, a flapping service is telling the business. Circuit goes down to keep it down. Not really a keep it down. I don't know any way to like force it. Like once you can set timeouts and thresholds, but a flapping system is what it is. Yeah, there's not... a threshold to have it down for a longer time or set the thresholds to be more sensitive to making sure it's up, but is what it is. Yeah, send me a message on Twitter. I won't lie, I forgot. So I think I vaguely remember the conversation. If you bump it back to the top, that'll be fine. You have a blue one so you can find it. Yeah. Easy to find because no one can steal. Those are also good answers. What do I think about the Cisco SPS switches they have a nice GUI to manage. Cisco has Cisco Dashboard to unify. Oh man, I probably have some hot, spicy comments. So far I've had high hopes for Cisco. I just did a video ranting about this and people are commenting. My other video is about it, but let's go ahead and pull up the switch that you're asking about. I think the Cisco Dashboard is garbage. That's my other video. But I will talk about their switches. The Dashboard they have is just bad. I did a video about how bad I think it is and I usually don't do videos about how bad something is. I don't like just ranting about stuff. That's not really my style, but I'm going to work on these reviews. This is a Cisco CBS 350 8FP 2G. Here's the model on here. You can find these. I'll drop it out of the link in here. What do I think of them? I mean, they're Cisco. They work. I think this is cool because they actually have the option to run a VLAN wizard. So I thought that was cool. You can have some configuration wizards. You have one of the slowest dashboards because this is a live stream. This is being done in real time and it's this painfully slow. It is pain to use this. When you want to do stuff in here, it's just so once you click through a few times it gets a little bit faster. But yeah, it's not the fastest dashboard to configure things. Also, I've set up the Cisco Dashboard and it just doesn't it doesn't do. I did a video. I have another video on that topic. I love to start getting pink as my default toolkit for many pieces missing on job sites over the years. Yes. Yes. Sure. Here's the big thing. DDoSing. I don't care if you have a Cisco or a NetGate. DDoSing is just not defensible by a basic firewall. You need an upstream provider who can defend you. It's not like, oh, let me check the magic DDoS box on my NetGate that'll magically stop too many packets coming to this IP address. Sorry, that's not how networking works. DDoS protection does not come from the device. It comes from being able to filter in often coordination with upstream providers the amount of traffic. So if you have an IP address and you are getting bombarded with traffic that means you have a traffic coming at you often at a rate greater than your, let's say I have a one gig connection and two gigs of traffic comes at me it's going to get thrown away. If you have a one terabyte connection and 10 terabytes, 100 terabytes of traffic comes at you, you're getting DDoSed. It doesn't matter what switch you put in there. It has to do with the upstream provider being able to mitigate that and filter it. I have some friends who work for like Arbor Networks so I'm pretty familiar with how the implementation on the back end goes on this but it's not like just buy something different. Like oh yeah Cisco protects you better against DDoS than NETCATE. That's not the case. It's because that's not where the DDoS challenges are coming in. Would your preference be Proxima's EXTER XCPNG? XCPNG all day every day. Looks like Elder Smalls Cisco switches that Cisco knocked out. Yeah. There are some EBF tools. Yes. Yeah. Why in hell did he release this? I think you're talking about the Cisco stuff. I don't know. It's... I'm not excited about the Cisco stuff. Like it works. Like if you wanted to buy this, this is a nice POE switch. It wasn't hard to set up. They made it easy to configure. They even have a wizard for configuring ACLs. So if you need to do some ACL configuration, like cool they have it. But it's just be prepared. Be patient. Not be prepared. Be prepared to be patient maybe is what I should say. Welcome to the ACL wizard. And new ACL, ACL name. Do we want to Mac? ACL. I think it's nice that they made some of these features like easy to deal with. They give you a nice look of the switch itself. I like that I can click on any of these interfaces to see the settings. I mean they did a nice job on this. This part I will give them. That's why I wanted to do that but that's why I did the separate video on the Cisco dashboard was to kind of talk about the fact that the switches are maybe something you'll consider buying, but I don't think you should consider the Cisco dashboard. My experience was terrible. What are the pros and cons between Proxmox and Zen? Good news. Got a completely dedicated video for that. Pros and cons in short though, one's built the way that Proxmox is built is not exactly the same the way at Zen. Zen overall has a more secure by design because of the way they parse everything and break everything down. There's a whole long write up, both of my video in the forum where I go into the nuances and details of how that works. Second, the sometimes people may consider this an advantage for Proxmox I look at it for a scalability of Zen. Zen uses a separate tool called Zen Orchestra to orchestrate large scale deployments. So I think Zen is better suited towards managing large deployments based on my experience of managing large deployments with Zen compared to Proxmox. But Proxmox is good and solid and when you're talking about homelab maybe you want to lean towards Proxmox but I partial to Zen myself. The dashboard needs some work. CBS switches seem to support a good set of L2 security. Can comment, stability, functionality of these. I didn't dive into every advanced feature on the switch. I can comment that the dashboard was terrible. But the switches seem fine. Like stable I've been running it for six months and it hasn't crashed. The Cisco switch. But I didn't expect it to crash. Because even I won't lie, even the TP link cheap switches seem to not crash. So you know switches working for long periods of time is kind of the norm. Matter of fact, most of the Cisco switches don't roll them out of service because they're so old not because they died. So I trust Cisco to make a long reliable device. I guess we safe for CGNAT for DDoS protection? True. It's someone else's problem at that point. After three cups of coffee for loading time. Yeah, loading time. Did you do a video on backup the boot drive at XCPG? I've been new and still learning. I did a whole video about backup and disaster recovery in Zen. I covered it in my disaster recovery, but really it's a matter of if you go to the backups and you look at the backup jobs and you find one of them well I'll just hit new to show you where they are. Backup metadata. You just choose the pool you want backed up. Pool metadata which pool? There you go. There's your metadata backup. It's easy to do with the backup tool. I covered that in my disaster recovery video. Nice alternative to Catalyst 1000. I had a full Cisco iOS simpler web management. A nice alternative. Yeah, I think I did a review of the Cisco 1000 series because I was aggravated and this comes down to Network Chuck mistakenly said they supported auto stacking and they don't. They do support stacking it's just not automated. So that's yeah. Anyone using their CX 6000 or Ruba switches. Use via mug advantage. You want to use VMware in a home lab $200 a year more secure more extensible built-in backup. That's why I like XCPNG port style not entire switches generally it's rare even I mean I'm not port is more likely to die than a whole switch but even port failure is not common. It's not a zero like it never happens but it's still statistically not something where spend a whole lot of time servicing learning networking and want to know what businesses in the real world connect multiple offices together. Do they literally just use site to site VPNs as your most supplier it varies a lot site to site VPNs are pretty common we're seeing the small business world is all connecting to the cloud so the small business world is a lot less about site to sites the larger businesses site to sites usually with their you know VPN solutions we've been deploying a lot of like PF Sense we just tied together a client that has like five locations across the US and help them build out all their servers across all their locations with PF Sense so they all talk to each other via that so kind of it's kind of varies from time to time lots of companies do use commercial products so it's kind of like not their problem. Cisco does stuff that just runs but no one wants to firmware true that that is for sure but I think you have to pay for the support I don't have the context for that do I use XEPG in my home lab my my office is my home lab so sure I it's all blended together for me so technically yes what things you consider choosing hard drives for any recommendations you know I think my my recommendation I would really go for is going to be please check the back plays hard drive stats and you'll find a lot of good information they'll tell you about failures of drives over time they've been doing this for a long time it is just crazy how many drives I mean I can only tell you my experience on maybe larger scale deployments are doing of petabytes of storage but even a petabyte of storage is only 60 drives and we sold a few of those but when you talk about someone who's done 226,000 drives I think they're going to have an even better more well rounded answer and you can get this this is just back plays hard drive stats they tell you what drives failed so that could be a good indicator if you understand and I've done videos on it before and I'll probably do a new one soon on how to read their reports which are pretty clear they have a breakdown on how to read them they're pretty great out of a thousand switches I've deployed I think I've had one switch died four ports dying 10 years so yes you're right yeah it's it's just one of the things it's just not very often the answer is not now physically damaged switch ports definitely had that different issue also a head scratching one like someone really took the effort to rip that port out like someone why didn't the Ethernet cord give out for the port did and as someone if you work in professional networking you'll see a lot of things some of those things are dangling out of switches so you're like oh look at that who thought this should dangle over there it's a popular to offer SDN solution using only open source there are SDN softwares out there for open source but what kind of software defined solution are you trying to do you have to start with what do you what's the goal just curious if there's any intention to say dive in a bit of open sense no I just don't have an interest in open sense like it doesn't have anything that makes me go man if only PF sense had this feature I would be using it and my experience from PF sense is drawing on the fact that it has features we're using it we're using this deployed at scale with a lot of businesses so you have all we have a couple different things we do we have all the businesses we manage which is I think almost 70 businesses right now we're managing us managing it then we have all the consulting and we did over 400 consultants over 400 businesses hired us for a lot of one-off consulting work some of that strong percentage of it was for PF sense integrations so you're also you know hearing from me and via me my team talking about PF sense implementation we just don't use open sense so there's not likely why would I take the time to learn it I don't really use it and that's actually one of the reasons at least in my head that I think some of my tutorials become better is because they're I'm sharing my real world deployment experience not a lab I said I do lab things out all the time especially for demos but I know the difference between the lab and the demo and the real world experiences because once you've deployed these you learn things differently so you understand how they work at scale so that's why I don't really take the time to use open sense it's just not on my roadmap you appreciate the Q&A's I do them yeah I want to do more of these on Saturdays too I saw video lines tech tips they upgraded the firewall to PF sense so they couldn't use Nick because BSD is there a TSR version with no GUI with a new BSD TSR is based on Linux not BSD and the new 2301 of PF sense has the new kernel so that problem's gone you know Linus had one minor problem which is kind of a weird one because the older version supported I don't know what what exact card he had that wasn't working but nonetheless here is my system running the 2301 which is free BSD 14 so there's free BSD 14 so you can run this now it's in release candidate and it'll have the latest drivers in it a piece of equity for marketing have a different model number than the ones found in Europe sort of tech differences frequencies I think EU may have a frequency difference but I don't know I've never really looked Tom one of those questions are you running Trunas are there any solution like Synology app support like DS Trunas are there any solutions like on Synology with app support like DS files I don't know what the question is here question is B because I mean Trunas supports like Docker Trunas scales specifically supports Docker so POS since all day every day with your experience you've already had use VLSM show up in a Cisco course no I don't know what that is uh head minor PTSD of upgrading through Cisco realizing they need to be upgraded prior to having to go on site 3M you had a tiny note that I'd missed oh yeah yeah token ring still powered on that's a scary one that's really old what's your ideal target business for your management services hi also one of those paid consultants Steve is great so Steve is one of our network engineers I think I just paid to BS with him at this point that's great anyone who needs us a lot of interest a lot of our focus is not doing help desk so people who need network engineers and storage engineers and people to manage all your windows security but you don't need us to fix your printers we do a lot of co-manage work so that co-manage is more our ideal but we have help desk we do some of that too help does is just harder to scale because you know we get companies like hey can you take on our help desk it's like we have to make sure we have enough people for it network engineering is a lot easier because it takes fewer people because the time suck is really talking to lots of people about their printer problems and things thanks for the great videos can be a sense support 50 to 100 VPN users yes probably did get a VPN it's about bandwidth more than users so does your hardware meet the bandwidth needs because maybe you have 50 users but their bandwidth needs are low maybe you have a handful of users when they're bandwidth needs are high it's really comes on to your bandwidth needs a lot of times you guys start looking at what are other solutions to your bandwidth needs is it right to stuff everybody through a VPN as well or should the application be where it's handled so authentication to an application to a cloud with some single sign-on service we're seeing more and more services move to that and less people need VPNs as more cloud applications become available different way of handling it used to EU uses different WLN channels than the US maybe that's the difference interesting pfSense I think captive portal is an awful idea no matter who does it I don't know anyone who does it good it just breaks things all the time uh Linus needs a shoe IT department looking at systems a too much shoot from the hip I'd be willing to do IT for Linus I don't know how to make that work Linus can I be your MSP he's not watching this video they have some pretty smart people there at Linus tech tips home virtual server build yes I do plan on some new videos around that I need to do some getting started with XTP and G videos soon but they're open source web based disk analyzer tools web based disk analyzer you can drill down files folders um there is a tool out there I forgot the name of it um that will allow you to do web file management um I actually think there's a app inside of here what is it called oh crap I hit the wrong button file browser you can this is actually something you can find in docker it's called file browser it's a docker image uh it'll do web based um management of files if that's what you're looking for how much free space do you keep on your OS disk as data servers both windows and link servers as much as needed it's uh not an easy question answer kind of because it depends on what your needs are what are you going to load in the program side even if open sense is better it isn't better to spend the time and money ripping out or dealing with firewalls when you cycle through neck gate it was 40 net or sonical will be different yeah uh just pure sense pro vt nick I don't know looking to look to see if free bsd 14 supports it and you can go from there they were doing this very helpful just getting to this awesome that I hear right captain portal as the same question on Thursday captain portal sucks that that's my answer every time captain I bring people in captain portal all the time captain portals a headache anyone who wants captain portal has never had to do support for networks with captive portal uh the I've done a video on the pf sense when it does work uh do you have a use case for cloud s3 what do you recommend for cloud backup ooh this is a fun one I like back plays for backups they're among the ones I use and because this is in a spinning mode let me go over here actually yeah um but we do have probably this system has it where's it at cloud sync this is one of them um we we're doing back plays back up here so back plays works rather well they do s3 compatible uh for backup so yeah there's one one I'd recommend is uh back plays you can use the Amazon one as well I just found back plays to be cost effective compared to Amazon I reuse cradle point for routers I made pf sense to play the LT module and appreciate channel um we've had we have a couple people I think they have pf senses and the secondary when has a cradle point on it file browser is super useful can you share the same surenance data set with both SMB and nfs so my windows list can access it yes but I don't think I'd recommend that that seems like a bad idea uh use SMB with your linux that's how my mounts are in my system is I'm doing um let's see where does it go here a window but if you look well let's see how does oh that's neat I make this bigger there we go it's funny because it lined up perfectly when I shared this screen with what my screen had on it but let me make this a little bit a little bigger here great now I hit the num lock button again I got this new keyboard and I keep accidentally hitting the wrong keys there it's uh one of those mini keyboards and it's annoying anyways here's all my um devices and let's stretch this out a little further so it's a little bit less wrapped I guess I'll probably shrink it just a little looks a little better now anyways here's all my uh mounts and linux and you notice these mounts are all done with SMB uh this saves me the headache of doing NFS mixing with my windows system that attaches to these two sometimes hello all I say at the time is more uh the time it is more than smart people but to dedicate the time um yeah wasabi's another alternative what about wasabi backblaze b2 storage yes I'm using backblaze b2 uh 45 drives has cockpit modules you can install on debian base systems yes cockpit I did a whole video on uh the 45 drives houston ui is what it's called my video was within the last couple weeks on that great great tool it is free and open source um everything do you use backblaze on your sonology units no since sonology came out with c2 I really like it and it's very reasonably priced uh I like the integration with the c2 backups so we're doing c2 backups for some of the synologies thanks Tommy very few people call me Tommy so I had to highlight the comment I don't mind my my name I've been called Tommy but just infrequently I have a few family members that call me that they've just always uh referred to me as Tom Tommy instead of Tom I'm fine with it it doesn't doesn't bother me like maybe people ask what you want to be called I'm like I don't know Tom seems the shortest but you can call me Thomas or Tommy and I also answer to those a lot of people call me Lawrence it's my last name but Larry I don't that goes a little outside I want to answer to Larry uh many device network of bluetooth no zero notification that damn youtube people they're just not good for virtualization I scuzy your nfs on surenance as if we call you mindful of cache async writes nfs uh is more ideal um this keyboard is a uh row cat so hold on I have a row cat keyboard but that's not the one I'm having trouble with the row cat keyboard has no problems at all make make it bigger so it's easier to see can you see it uh the cord isn't long enough row cat keyboard but the um little mechanical keyboard that I can't lift up because the cord is not long enough to get in front of the camera uh is some cheap gear head keyboard I just did it so I have a small keyboard here so I don't have to move that keyboard to this I have two monitors on the system the one that's the big monitors over here with the row cat this is just so I can um type basic commands c2 is reasonably price yes I was actually told not to call you that by my peers oh ha ha ha ha ha uh referring to the tommy thing Lawrence of networkia you know I I remember I some guy in high school it always rings in my head because his name was tommy as well and he liked to be called tommy I always went by tommy but he used to always sing and I just don't have a good context for it but he called me Lawrence of Arabia and I guess it's an old movie or something but he always called me Lawrence of Arabia because he didn't want to call me by his name he said also that you started to be shocking you know is uh is that not where you store oh that you storage is shocking is that where you not yeah as he was where I store a lot of my videos and um I just prune everything I figure out what I want to keep and I just purge some of it like I keep all my finished final videos so if something were to happen I'll reupload them but rarely do I need to keep the source footage for those videos if there's a lot of b-roll that might be used again I'll keep that but the source for for example if I did a pf-sense tutorial and I edit it down to a more concise because I've cut out some parts that were you know systems loading or mistakes made or things I said and trimmed out I don't have any value in that source so because I throw away so much source I'm just not using as much data as I expected to use running a YouTube channel that has as many videos as I have running a network issue with Linux file so if you're a way to share only one folder inside of that have several subfolder separated departments give us access to our departments you can share in Samba subfolders but honestly use something that has permissions management like TrueNAS because that is how you solve that problem I'm going to do something fun this is called Hollywood you'll understand why so now now I look like I'm hacking I think oh why did it stop there we go I clicked the wrong thing so now it can look like I'm hacking while we're talking here because why not Thomas is a hellization of the Hebrew word for twin a nickname that can be referenced that that's interesting huh only Bluetooth network is primex clocks every other bouncing it works really well oh okay interesting as IT folks are Jack of all traders Tom what's your lead tech skill Linux I don't know networking Linux storage servers I just I've been doing this since then my first job was in the 90s to give you how long I've been doing this stuff at a professional level so Pedro tool Lawrence of Arabia okay I'll look that up Hollywood hacking man it's a tool you can like install in Debian based distributions probably others too apt-get install Hollywood in you know it's the Hollywood hacker thing right on keyboards I use logic MX keys for work Corsair K 70 for a pro gaming yeah I've never seen the film never seen Lawrence of Arabia so not not one of the ones I've seen I see a few people commenting and so far no one has and I'm referring to the Cisco video I released already it's got it I only released it the same time I started the live stream so it's been out for an hour has 1100 views so far Cisco is an embarrassment that's one of the top comments I here we'll just let's do this let's let's read comments together because you guys can read my youtube comments with me because that'd be more fun right youtube comments are always lots of fun by the way not always for the right reasons present share screen let's see some of these comments are this is the I failed to my video title I don't do clickbait guys the video title is I failed to get any devices working am I wrong about how bad the Cisco dashboard is Cisco is an embarrassment I work with this stuff CCMP it's just not worth the money and it's all bugs in marketing I got a few p's working as product over a year ago I had five tickets on bugs at the p's controllers had an adoption alone I didn't have a switch to test but I had a router that was supported and also had a bug that got semi-fixed before a full fix was released they end a life the router I didn't pull the gear into controller out find it find it was a complete pile of garbage almost never worked so it's not shocking that it's all just this bad I struggled it with some time for months put it aside also I like the business products and the I have a few deployed so see this is my feelings like I've seen some of these work but these are the comments people are giving me on it it sounds like they're it's not just me and that's why I couldn't even find friends of mine that had anything nice to say about the Cisco stuff so there what a mess Bluetooth clocks sold the Cisco kit yeah could you do an explanation of the property but DNS and PF cents on port A53 the secure DNS I don't use it so I don't know that I will I don't really think I don't have much of a use case for it questions about APs with mesh when you connect to a switch will they do wireless mesh or are they smart with the access point to switch how does the messaging works it's it depends that varies by company to company if you're doing by mesh they have it essentially set up provided you have the checkbox on for meshing unified do it mostly automatically it's a rare group of us who live through Y2K and COVID oh yes we've now lived through both Cisco is rough to you sometimes good morning how's that new motorcycle that's the first question there from all the way from Australia I seen the pictures on twitter review bike I wish it wasn't so mushy outside it's been raining here it's like mud season here so hello Alexandra mud season here motorcycling is one of my hobbies to but you got to have things so they're not it's not just mud here actually everything's just gray and muddy outside like this is all mud my backyard is just so wet right now it's just nonstop rain days of rain so it's it's nothing nothing great motocross awesome we haven't had the sun in 84 years we're stopping out tons of Cisco ASU 40 gates almost as good as Palo Alto but still fun 48 had a really dumb incident recently read their latest security incident where they were slow to patch and new things were under exploit I'm fuzzy on what went wrong there but it's a good read and 40 not just is kind of like no comment on it we haven't had the sun in 84 years here in Michigan yeah something like that I don't need to look at my muddy backyard anymore oh you're up in Muskegon same thing yep don't understand your problems with Cisco guys just don't use this small business yeah have a CBS 350 24 port core switch with unify access points work nicely um the you're probably right about this and my testing with the switch seem to be fine like I don't think the switches are bad and they probably work fine I've tested with my unify they worked with my unify when they did the testing so what ones are you trying to use dashboard on just played some and can try myself was my LinkedIn message unify helpful yes I went through that I read through that I was I got to look through it a little more detail but yeah I I may do a video because the question comes up so often about VLAN hopping and Andrew actually had messaged me you know some articles on the topic now you can't do that with unify you can do that with some of the other switches but there's a lot of confusion around people thinking that about VLAN security people get it wrong a lot so that's the big thing their SSL VPN exploit recently yep that's the one now 40 49 40 gate has had a terrible security track record like they've just done some dumb security things over the years they've survived it and hopefully refactored their code they've had so many like their magic backdoor that was like the whole read what led up to that it's just so many stupid things happening you you almost would believe it was malicious it was so stupid but it was just stupid it wasn't malicious it was just poorly handled by 40 get they they had a magic backdoor that allowed you to get into people's VPNs because they accidentally goofed up the code because some client had them write a backdoor into it like their debrief on it was face-palming they didn't have one incident they've had three they've had plenty of them so if a 6g getting put by the side for pfSense again what camera do I use for if you're asking Amcrest is the outdoor cameras I have videos on the Amcrest cameras do you do stuff like data grounding of BGP or VXLAN we don't really do much of that it's used a lot like the data centers I mean we do some but not it's not enough and it's probably not work doing a video on I don't think it'd give any views if I did to add I also have 16 and 8 port unified switches hanging off the Cisco yeah cool how to pfSense to a wire guard server I use a wire guard server's IP to see my pfSense server I don't understand the question probably that's a better post to my forums just to sell Hollywood VM and laptop that's awesome I really should put that back up I was waiting for the switch enterprise pwe24 but it seems like they'll never available that's true availability is still a challenge here in 2023 is there a switch you recommend to do the same job as this one for the 2.5K I went not I mean not by unify is part of the problem so there's not I don't think there's a there's a replacement unify switch for that also I don't always understand why people like 2.5K it's not something that gets me excited I just go to 10 gig because 10 gigs cheap and 10 gig switches are really available so I try to look at the use case and go why not just go 10 10 gig is not that expensive I've been using an SG 350 10 mp got it for free from work that is the great price you have on that hard time keeping up with dashboards yes so a DOJ vendor certified list not to my knowledge but you know if you're looking for ones that are on the not China list that's pretty much access cameras this is one of those things people ask about this this is a common question so the common question is oh I don't want Chinese vendor cameras I need some you know an American camera company and literally people have just asked us that so let me pull up some of the pricing on access cameras there we go let me share this screen and because this is where people want them until they see the price on them and this isn't too bad access dome camera for like 300 bucks here bullet one for 25 but when we do like a 20 or 30 camera deployment it starts with hey I'll take the by the way two megapixel here for this one when you want some of their hiring cameras they're just they're not in the same price range as so people start out with wanting the camera that's you know us made and everything else they see the price they go never mind I guess I don't need it because you know we just did like another 10 or 15 20 cameras we quoted for someone like it's not like it's a $200 more just $200 more it's 200 times 10 and it's about whether or not you want to actually do that I'm now regretting buying a 40 get FGT 200 what else can replace Cisco ASA I would say PF Sense have you recommend sending email through PF Sense HG Proxy packet filter PF Sense what does it have to do with email I don't understand what your email has to do with PF Sense I send my email through Gmail so or Office 365 with a lot of our clients PF Sense doesn't really play a factor other than routing the traffic we love GeoVision not sure where they're from China as far as I know it's a dummy camera option yeah sorry I figured you meant DoD I said DoJ but you probably didn't mean DoD point is with security issues vendors like 40G should be pressured more I see neck gate has a few defense case studies yes PF Sense relay package yeah I'm not sure unify aggregation switcher 10 gig what's a good 10 gig switch 10 gig SAP versus RJ45 the unify switches where do they add here um switching the unify switches I think are pretty reasonable they have let me find one of their 10 gig ones they have this 10 gig one for like 599 and then they have the switch aggregation right here which is really cheap at only 269 so those are good ones that I think are good since you're exploring different DILS self-hosted centralized managing on a topic is and the topic is 48 would you be interested in exploring 40 manager no no interest in 40 manager yeah I'm familiar with the product I have a few friends with MSPs that are all in on 40 net so I'm familiar with them but 40 net has their own marketing team there's nothing about it that's interesting they're licensing and I just don't like their product line that much their licensing is not I guess it's okay but not interested interested in it like if I did a video I 40 net wanted to sponsor a video I might consider it um because like I said it cleaned up their act to some extent but I don't need to advertise their product it's not like it's something home users would use it's not like something home labs would use and it's not I know the business is using it you know you get all your 40 get training on it so TP link over neck here for home use mm TP link I don't feel like they have the best security how do you like the unify LTE light switches are the rack monable L2 um yeah I've used a couple of the light ones they seem to work 40 managers great if you're already in our ecosystem also agree on a 10 gig awesome price for 10 gig unify yes thanks for the answers hey have a good evening it must mean you're in Europe hmm propagation is 24 10 gigs few extras licensing is too expensive for home you can get a 60 for 200 bucks in eBay though yeah sorry I was unclear I want to host an email server behind PF sense not sure how you route email traffic to the server you just set your mail records to point towards the public IP address I don't recommend hosting mail servers though it's the problem getting emails one thing you get your MX records right and you can get email to work and I thought about talking about how email works because I think it's almost a lost art and I was a mail server administration mail server admin for years I use send mail I use post fix I even did some exchange management I hated exchange more than all things I never I fixed people's exchange I never wanted to take it as a contract I just thought it was broken terrible product but the bigger challenges getting email out I may do some video I just talk about it from a large overview of how it works but it's not something I really recommend doing it certainly not recommended for businesses because it's just not worth trying to host it yourself I went to power my Unify AP it has a two and a half gig with PoE 10 gig switch non PoE can you use regular PoE adapter you yeah you can just use an injector if you don't have one that's PoE just use an injector oh yeah on-prem exchange is indefensible that's the word I like to describe it Microsoft does not care about security for exchange it's your problem and your problem is you'll learn that all the sudden there's proxy shells oh my gosh all these people opening shells without credentials how would that happen oh wait was Microsoft told about this yeah did Microsoft get around to a patch sure eventually after everyone like got owned Microsoft doesn't care about security because if you don't use exchange and you're embedded in a Microsoft ecosystem you go to their cloud platform why would they care about exchange if you don't understand SPF DMARC and DKIM just don't run a mail server I used to get consulting gigs for fixing relay mail servers who remembers all the servers that people wouldn't configure properly and would be relays for everybody's mail and spammers would discover them and start using them I can't even SMTP if I use direct send to a spam house block list now modern auth isn't working SMTP is a nightmare with Office 365 now it is you can use like a mail hop I think it's called mail hop mail gun mail hop are two companies that offer like SMTP service these days just let the FBI fix the on-prem exchange yep just purchase 40 EDR for a small business we'll see how it goes as you reseller to include set up rules etc yeah exchange is best when you do offensive security it just makes your day so much easier yes you're like oh because if someone's running an exchange you really rarely have it patched the people running exchange are so often people who I don't know they have some adversion to putting it in the cloud because they don't want to spend the money they're usually an understaffed IT department responsible for handling a bunch of exchange servers and no one's like I don't know we just don't want to touch it we're happy when it boots oh crap patching what's a better solution than M365 in my opinion g-suite that's why we use g-suite it's a better solution than office 365 oh yeah exchange my favorite part was like the proxy nutshell is not only does it take a long time sometimes it doesn't take but it says it took so you you ended up with a um a patch status of patched but an actual status of not patched huh see as you move to graph and new setup for it you need to read up on the new setup yeah google google's been trying to deprecate the um they call it less secure apps but google's trying to deprecate it's not the same as actually getting it deprecated because I think it was just before 2020 like in 2019 they announced it they keep kicking it down because they know everything's going to break when they get rid of SMTP so something like fast mail or name cheap email not really um I've seen people using it I mean it probably works fine it's just not something I really run into testing are you getting the dream wall for testing look I already have one unified disappointment machine I don't know that I need some other weird thing that they have um it's not not really on high am I pretty list I don't know maybe people might ask about it the the thing with unified all comes down to their software are they going to put better software together for their routers they're they're making improvements on it it's just going slow what about zoho mail um I don't know I seen a lot of people ask about it aren't they the ones though they had all those um see security incident wasn't this is it zoho looking up real quick maybe I'm inflating her name with something else I okay here yeah it is okay it was zoho fintech furnace software database due to critical zoho flaw um this has been there's been a few flaws in the zoho system so I it's like anything else it's about keeping it up and keeping it patched and everything else so is I guess if you're really on top of it awesome as much as I like to be on top of things I don't feel I could stay on top of a public basing mail server there's a reason despite my years of experience and all the management I do for mail that I don't want to host it anymore any cards to avoid just go intel intel so cheap for 10 gig right now just go for it uh can g-suite integrate ad I think so I never integrate with ad most of the time when people are using g-suite they don't have any interest in ad because they're doing single sign-on through all their g-suite and connecting all the apps that way but I'm pretty sure there's a connection you can do between ad and g-suite dream will be good uh outbuilding rental where you want to lock it away in a closet yeah there's been some there's been a handful of times I've seen zoho be the source of attack because it's like anything else you have to patch it and sometimes people are not just looking for an alternative they're looking for something they don't have to pay for then they don't end up having any support for getting things patched uh what zfs remain at 8 4 terabyte drives currently 6 4 terabyte drives raid z2 but want to get rid of it any tips on the migrate that copied all stuff in our storage no there's no tips for doing that um my layout z2 8 drives and z2 greetings how do you stream so early it's not early for me it is 2 p.m eastern standard time right now saml adfs yeah that I think is another way to do that uh bought udm pro to replace client using usgs are on a team yeah but I wouldn't want a usg I wouldn't put any of those for clients you can connect the two but it's annoying I don't have much experience doing it but my staff does um I think Steve who we brought up earlier has done a few of them so uh 8 time any network documentations we'll use uh yeah we sit down and write it all down in a wiki uh we document networks put them in wiki put them in spreadsheets one of these days maybe sooner than later I'll set up net box but that's not today now yeah g-suite typical for educational environments uh tied to active directory g-suite is free for education yes g-suite is dominating the education environments they they kind of got a got the drop on microsoft uh for being better at it octa is another option yeah octa will glue all kinds of things together for authentication so octa is definitely another option to consider let's see how long should this stream go for do people have more questions I didn't really have any particular topics I just figured I would uh jump in a live stream and see what happens my wife my wife is working until three o'clock today right above my head so I even till then before she'll come down here and be like hey we should go somewhere um um the you know I have risky business did probably the best debrief on the act of stuff because they interviewed them I thought it was good um I don't know that it would tell me that it made it made me think um octa had a hard time because octa was not really being obtuse for obscuring things octa was dealing with disinformation from a bunch of kids so it became very confusing and this comes out you could find the risky business octa interview with other uh execs the challenge with octa was a fun one because the guy was very frank he says we have playbooks for dealing with security incidents we have playbooks for dealing with how they got in and what we need to debrief it we didn't have a playbook for a threat actor that simply made things up as they went along and started like lying about what they had access to and it became this weird like misinformation and they admitted we they said they weren't sure what to do uh so it caused them to kind of trip up their security process uh while back to be in a video about software and businesses are more recent forum posts about the current stack yes um I did it like six months ago and not much has changed in six months uh you can find it it's probably called tools we use um go here to content see what did I title that um here we go April 2022 so it's a year old so here's the video you're asking about and I'll throw a link in here for it but it's the um we'll zoom in to make it easier to read ninja one huntress set in the one and the it msd business tools we use there's a forum post uh that's the same title for a small business running xcp you recommend support for zen orchestra or both yes both um at the minimum zen orchestra so I would recommend people get support for zen orchestra uh vp insight between two pf sense boxes I would say using um and let me give you the why I would say using wire guard is ideal and I use here's my wire guard and uh 37 gigs of data has pushed across this and it's working fine um our office is connected via wire guard my phone connects um via wire guard I like wire guard a lot for site to site oh yeah the endless debate of that yeah the I don't know people I mean if you want something that just bugs you with updates all the time awesome uh but I will tell you right now Travis can answer this Travis would you want the firewalls to update all the time and then have to manage all those updates or is it more concise the way we have in pf sense where you know even this can be a challenge because especially with unmanaged clients making sure all the pf sense are on the same version if you had something that updated oh I don't know twice a month that would be even harder to handle all the updates so I don't think updates for the sake of updates is fun uh yeah cloud managed door access I got no recommendations for that uh is Citrix still involved in Zen not really um Citrix is not really uh done any of that they kind of screwed up bad and got forked is how what happened like Citrix was the steward of the Zen project Citrix screwed up ruined the community uh the team at took it over and XC PNG has been going forward which is Zen based and it's been awesome uh have used and tested genius I have review of ingenious I've reviewed one of their switches in their cloud system their cloud system is not great their switches are poorly documented but work talking about Citrix as many businesses still using this for Modesta vermin is dying oh it's uh it's very well used every time there's been a security problem we get to learn just how many people still use it that's still their bread and butter is like the Citrix apps and things like that I wouldn't recommend it to anyone but there's a lot of people legacy enterprise large-scale deployments of this out there everywhere are you going to make videos about a model model Maraki nope I made one about I'm not Maraki meeker tech I said that wrong I made a video about meeker tech it it's not like it's not my field of expertise there's a other youtube channels that do it I'll let them keep doing it because I don't use it enough to make videos on it just started a business what Linux tools use run from admin operations monitoring and getting paid what Linux tools for getting paid I don't understand that question monitoring Zavix is cool so hopefully that helps oh I use invoice stench I guess that's that's not really a Linux tool but it is open source I tried out sofas XG nope no interest in that so post UTM I just don't really care much about the so post it doesn't have anything compelling that makes me want to use it yeah Citrix just nuked the entire on group there they just went off the rails and that was it like they did a license update that removed features can soundly active backup use a storage target other than the local array can I point it at my true Nass I don't think so is backing up the whole bit word data folder syncing good only sequel nightly as go back goes pick one you can buy I would just back up the nightly backups Brevo is cloud manager access cool I never used it but Marcus says Brevo beer IVO one of our hospitals we support so uses Citrix hopefully it's passion up to date how would you replace Citrix VDI I don't have a replacement for Citrix VDI if you need Citrix VDI go with their VDI what's replacing it really comes down to cloud apps things are getting rewritten to the cloud apps and people don't need these stupid virtual desktop environment virtual desktop environments are a band-aid until some app there's enough market pressure to have something better or that app is rewritten into a cloud interface VDIs are just like temporary messes in my opinion so folks I think accident firewall market for years they made a bunch of people redundant hmm updated Zabix video online to do list just takes a long time to do those videos Zabix is so complicated as the headache it makes the video super long which means it takes lots of my time to put it all together yeah I agree with what Travis is saying here now what you can do is take the analogy like he's saying here um you can take the analogy do active backup and then back up your active backup to another target I have seen a tutorial selling PF cents on Sophos XG well Sophos XG are just x86 firewalls so that's easy enough one day I'll get the Zabix getting started video it's not my to-do list far from my done list you can host those vdrs or sister service all out of date all the time oh yeah if you think Zabix try out uh it's signa I've heard of it I've not used it Zabix just has a strange way of handling things but more and more things are moving towards web apps that's going to be have PF cents running on an XG 230 rev2 unit they're just you can also watch guard I think has some x86 foxes so there's it's popular to put PF cents on some of the watch guard device as well uh is XG moving away from sent to a space um when they need to they will uh they don't need to right now this is where me and jay just talked about distro versus appliance and because the team at vates is curating the kernel and everything within there they're keeping it patched because they're managing the whole instance of it so it's not like they're under the gun to get that fixed because they're bringing in anything relevant and handling all the patches for it um making a video about ansible playbook to deploy gray log 5 um yeah I jay hasn't got it done either I've talked to jay about it I think he ran some problems too um I actually and I think this came up on my live stream we might just do a gray log docker video instead or I might do one because it there's I don't think the documentation is all that correct um or as of the time of this video in case you're watching this in the future uh someone pointed out the documentation and wasn't correct I know when I tried to do an in-place upgrade it broke and I I don't know I I've definitely had so I'm still running gray log 4 because I just haven't gotten back to doing 5 it's not my to-do list but once again not on my done list I wasted two evening semi-cidia and uh even used to check mk mmm gipl what is gipl I've never heard of it and google didn't help um nope and I don't know what this is so I don't know what that tool is you're talking about because google didn't find it actually probably the uh probably gonna move to all more rocky true that they're looking at alternatives so that was me I have a different name in the forums documentation claims open search 2x is supported uh but that's not my experience okay yeah so there's some yeah probably means glpi open source asset management system okay jay's got some great ansible tutorials well rocky can replace centOS it doesn't mean it will replace centOS uh will there be a linux version of pf sense no there will not be because linux uh won't run pf filter and I doubt anyone's going to rewrite all the underlying things to work in linux uh pf filters not uh is what pf sense is based on that's the pf and pf sense and it's exclusive to bsd I doubt anyone there's no roadmap that puts them on the linux path at all using gray log latest release uh but they are recommending moving from elastic that's what I want to try is not using elastic but using it with open search and that's where someone had commented of the problem uh use open search 1.34 uh that one worked with gray log 5 on db 11 and then maybe that's what I was missing I only played a little bit um I was breaking the mango part of it so I will work on maybe a new video because I gray log I use a lot so that I can I like doing a video on everyone talks like centOS is dead centOS alive and kicking I use it for open sec nodes in my home lab and it's great centOS it the older versions I know they've is it called centOS stream and I got the name right I don't do much um with anything that's based on red hat uh the closer you get to linux pf sense is tnsr command line only router appliance is only limited firewall functionality yeah uh the tnsr platform is very different um but it's you know a linux routing there's also vios and things like that uh pelo alto does run on free bsd mango db upgrades can be painful if you're pretty far behind I step through four or five point upgrades before I was done rocky is my opinion the only choice they've done some questionable advertising on google uh oh yeah that happens people buy each other's ads have you seen a new solid state active cooling I tweeted about it I I don't know interesting it depends on how affordable they are oh just want to thank you there's a put me an uptime kuma never heard of before but uh fit the bill for system monitoring shiny never hurts I think uptime kuma is just awesome it's just such a neat tool uh where did it go there we go yay bitwarden it's down it's actually up it just has the I just put it in maintenance because uh because I encrypted it on boot it doesn't boot after a backup it's booted up now um but it I have to have a password typed in but yeah you can see what's up what's down uptime kuma is pretty slick what vpm pergos you recommend to use most options I see are I I like using wire guard that question doesn't have many much context red hat four seconds yeah red hat four is a long time ago will there be an open bsd pfcensus pfcensus based on very old pst 12 uh you are mistaken um it was based on free bsd version 12 which is uh reaching an older version but it's not 12 you're wrong about it being 12 years old um that is incorrect and they're moving to the the beta release candidates of are based on free bsd 14 so you are wrong there's so many new things in open bsd now there that I know of they're not moving they they're still on free bsd free bsd is still being supported is still being developed I've been trying to get up to kuma in my kubernetes cluster and I'm having a terrible time with dns resolution I have to use ip's for everything yeah I don't know I'm not the kubernetes guy I don't really use kubernetes so um any experience with checkmark monitoring no never used it some people like it uh because that got brought up before but it's not something I use so um we're just curious now share this tab instead when was free bsd 12 released free bsd 12 was released in 2018 so here's the wikipedia entry on that so 12 well then they were based on like 12.1 so or 12 point something I don't know which exact version anyways pf sense is not moving to version 14 any so that kind of doesn't matter yes pf blocker 3.10.11 is out correct I have it running with apprise notifications sent to signal uh check mk is amazing you can also send your uptime kuma uh to signal in case anyone's wondering that is that is one of the options one of those things you can do what else what else what else was that was there's so many different things I'm testing here's one of them that uh someone brought this up earlier talking about like portainer I do have one portainer set up right here that we can log into um I don't know if I'm going to do portainer videos but if you're looking for a cool project to manage your docker stuff portainer is great I definitely would recommend it um as something to play with pf sense devs might be scared of oh the version 13 yeah those of mine that berkeley still horge public ipv4s they should start uh they should start an msp haha docker composed stacks importainer are great yes I'm mix mode excited I'm expecting a new server today but the last gamma fedex was a state away at 214 so it might not come today oh that's too bad I always hate when things are so close but not quite here they're like almost here is there any new youtube comments uh no no one's anything else yeah let's see what else did I have but mmm there's something else I wanted to mention uh we'd love to have a how-to video upgrading trunas plugins in base os there's not a video for it because you just do the trunas upgrades so I don't know and by the way I don't even with the jails I'm done doing videos on it because for the most part I really feel trunas is dropping support for the jails like I don't think there's many developers working on it I think it's a dead technology like there's it's not it's on life support it's not gone but I wouldn't I wouldn't build anything new on a jail I'm using a couple jails because I know how to maintain them but I wouldn't recommend people starting out to use them so I'd recommend getting and moving away from them thanks for the content as ever good evening from the UK that's right is it evening there already yeah you guys are a few hours ahead a few hours ahead what else were you gonna pull up I gotta start I had too many tabs open I still have this one open the the pink I don't know if I should do a dedicated review on it but boy it's just a cool label maker uh is it still crappy outside the answer is yes I haven't left the house today I've been working in my basement all day in the studio because the uh I do plan to leave at some point in time but that's not this point in time 2026 and CET 2325 and Dubai okay do you have any videos on firewall rules for IPv6 nope uh you're correct that yeah each has a public well they're not they can be publicly routable it's a it's a different topic and um I'm not dealing with I just don't feel like doing videos on IPv6 I'll just say that it's a headache a line is like that Leo maker do I have experience with Threat Locker yes not directly indirect experience indirect because they have MSP friends that have used it and dropped it it works this is my understanding from other MSPs I've talked to that use it they said it works in homogenized environments with very few applications the moment you have a bunch of applications that especially line of business applications that your clients have it's just too much of a pain it doesn't work that's that seems to be for more than one person has told me that one of them was specifically because we work I have a lot I have a few accounting companies and we were talking about like accounting software they said no matter how many times they wait listed in Threat Locker every update to the accounting software broke so that was and but they said they have another client that has like a very cookie cutter they use word they use like the most basic tools and know all their line of business applications or web Threat Locker works great because they don't have any applications so take it for what it's worth you need one video on IPv6 I really thought about making that video too I won't lie I have I worked with galactic advisors I know people that work there but I've never used their product I think the people working there are nice because I was at one of the actually two different hacking events where I knew people that work there so the people there seem nice I've never used the product so I have no opinion on the product but at least I like some people I probably upgrade from core to scale at some point I use Plex yep Portainer is awesome still trying to figure out why they didn't just build Portainer into scale I have no idea you nailed it right there why didn't they just build Portainer into scale and save themselves a lot of headache I completely agree with you zero trust my favorite marketing buzzword there are a few firewalls included with pst IPF IPF and IP filter please do videos on IPv6 haha uh yeah the I don't know I it's low low low on my party list like if I got everything else I want to get done done I'll do a video on IPv6 I brought them but if you last mentioned it labeled my servers and host name added labels 10g cables and cables it's quirky but nice that's not those are the words I'll use if I do a review on it um use it with open sense can it work with five switches huh oh IPv6 yeah neither my home or office support IPv6 do you support hip-hop compliant organizations yes true to true to true pulling my hairs up saying a free IP of free ideas and certain clients good luck with that threat locker requires far too much manual intervention for me and like I said this is the same thing threat locker is a commercial software for those you're not familiar to lock down applications on the systems and yeah um it just it's one of those things like it if it creates too much management for you then it's not in your clients have a diverse ecosystem of software so it's not going to work or at least I haven't seen it working according to every MSP I've talked to that's used it it's all pf blocker and g IP feeds and section didn't show up uh it's all developed version uh yeah use the devil version uh I forget why they haven't gotten rid of the old one you want to be using the latest uh devil version DEVEL version so let me show you right here's my uh pf blocker now I'll go into system package manager but yeah make sure you're using this one here or you won't get it you won't have the right one so pf blocker devil is the next generation one I think they need to get rid of the other one I forget there's some process and I'm not sure what it is they need to do to get that gone I don't know the details once a riot client gets ransom it's easy to sell no it's not if if you sell it to a client who constantly can't get their job done it's kind of the same thing like it's it's easy for them to get really angry at you because they every time they try to launch their accounting app it doesn't work um and all of a sudden you know people are trying to process um taxes with people sitting around and the update broke all the instances because you're using a tool that locked it down too much so no it's not just an easy sell well let's see throat locker have worked well but then some even known companies like akronis and their software update just didn't work yeah uh do you deal with any PCI compliance work yes and also add on to that cmmc compliance that's our latest thing we're dealing with so cmmc I I have p I don't know it because I don't have to but I have people that do know it matter of fact uh Brett who you know from doing a lot of business management Brett now knows uh and just went to a big training event for three years on that particular topic um we don't support mac os so that's somebody else's problem we don't have a favorite rmm for mac os they're they're I think they're building support with ninja for it but I don't like supporting mac uh what do you think about dvr systems we make a video about that I do I make them about synologies because we use them and I make some about um the unify ones because we use them the other ones I've not like we actually I can't say we don't use other ones we have exact vision we have some clients that have exact vision systems I'm not going to make a video about it it's a big commercial expensive product I don't know where what the interest would be in a video for it why does anyone um it's just sometimes a headache that breaks things there's there's been devices that just don't work with it I it became a debate I think in my forums and someone's going why don't you ask for the vendors for an update you're like because vendor updates sometimes don't come and if you disable ipv6 things start working and you just kind of move on with your day Brett knows all the things with cmc cmc now yeah no one likes supporting Mac we have so few people that use Mac it's just I I don't know I don't see I don't see the big demand for it um it's in certain niche markets we rolled out hunters to 90% of our fleet and found nothing is as typical that depends do you have clients with dirty computers Huntress this is where people get so confused with Huntress they assume it needs to make noise to be working it turns out they are really really really the best in the business I can't name another company that has a lower false positive rate than Huntress that works in security Huntress doesn't have false positives is almost a true statement I haven't had any but there I have a post on LinkedIn I'll dig up Huntress's false positive rate is in the like low one percent so um yes it's typical unless you have a disastrous network you're putting it on so um good news you must have a clean network if Huntress didn't find something Travis is a resident Apple fan at your shop he doesn't even want and he doesn't want to support Mac's yeah I can confirm that DeadORM on Mac is awful half the features don't work as intended uh you said Adagy has a painless interface for supporting Mac all right uh recommended AV IPS we use Sentinel-1 combined with Huntress I was big in my head against the wall the other IPv6 getting around the firewall rules and disable IPv6 routing yeah you're probably opening up a whole new threat surface too that's another thing if you want to reduce your threat surface reduce the ability for things to potentially route or go around your firewall that may or may not be good at IPv6 turning it off you're reducing reducing threat surface is all about turning off anything you don't need all the services you don't need so there we go there's another reason not to use IPv6 I like that Huntress monitors all the process I'm doing a video soon on diving into process monitoring with them yes do you understand why people use Mac's um decent battery better than that they have too many oh I don't know I'm not the biggest I don't hate on Mac's I think they got really nice hardware um uh we use S1 complete late to the vid hope your weekend is going well my weekend is going well to all those systems deploy new servers without disabling IPv6 yeah I mean there's one of my other arguments here's how you can reduce your threat surface we'll turn off IPv6 I gotta admit like for home users I think the Apple ecosystem is very complete like it creates a nice homogenize it all just works type of ecosystem for home users I think that's something that may be really beneficial like the way they synchronize all the messages and you know your one Apple ID for all the things and that's kind of the nature of one one company owns the stack from the hardware the software the phone all the different ancillary things into one thing can be very helpful your TV your Apple TV combined with your Apple phone and your Apple uh whatever tablets and things like that so um I don't care much about two and a half gig I don't really the price they're too new so prices are going to be expensive on them but why not just go 10 gig why why do you need two and a half gig that's the part that always confuses me just go 10 10 is cheaper than two and a half very frequently Mac is mainly for creative content which really isn't your niche middle IT needs storage device printers and it's kind of um be the creatives like I would say you should be exclusive but we're seeing more and more places editing big editing companies these don't use Mac anymore so that's the thing my problem with S1 and CrowdState it's hard to get licenses for small business um I mean buying direct maybe that's why it's how companies delegate things like it's hard for a company to do a bunch of direct support so they usually reseller right here they usually use resellers like me to help mitigate the amount of support it takes to get the product out there because the reality is the small businesses have less experience IT people managing it therefore they have way more questions than larger businesses usually there's always going to be some exception to that um resellers kind of help fill that gap it's just kind of the nature of things supports expensive uh do you already use XC PNG 8.3 I might upgrade to it this weekend I've been debating about it it's I don't think it's out yet I think we're still on version um they know they haven't released it it's going to be really soon yeah 8.2 is current but the beta is out for 8.3 and I might load the beta because why not? if I had to check for wifi attacks monitor for them throw all your logs into gray log wifi attacks aren't that common uh what am I saying Apple TV can't get access new terms of service without another Apple device that's funny you mean that Apple TV requires an iPhone to accept the terms of service you know uh you can't register with Apple podcasts our podcast we had to register from an Apple device um it says you can do it without an Apple device we couldn't get it to work and it wouldn't load the page we pulled up and an Apple device worked immediately thought that was kind of strange and yes I even tried loading Safari on something else it just didn't work right what was the question? 10 any recommendations starting to push you recommendations for 10 gig what are you on a 10 gig of like use intel cards if you're asking about like building something um I've mentioned this before if you're dealing with short runs cat 5 will run 10 gig so you forgot the why in the title of learn systems yeah that sounds right that sounds like me I probably spelled something wrong set it up set it up Q&A can I change it while it's live no whatever it's spelled wrong today I fix it after can you do snapshots with ZFX on XCPNG not not via XCPNG let's see Apple good hairware oppressive software licensing and business practices have you looked at Kotex XDR kind of looks like S1 rebranded there's a handful of weird cybersecurity companies out there I don't know if they're just rebranding another product I don't have an answer for that they don't have time to track it down how's that man this is sometimes not easy to find things I'm looking for I think Sentinel-1 makes a good product so we use their platform it gets the job done we combine that with Huntress because Sentinel-1 does have some false positive, Huntress doesn't so VMware as a VN sand storage target I don't really do a lot of VSAN work henceforth we will call this SETRDA we'll go with that I am new to NASA I'm also playing SETRDA the question is I have a budget for 2 HE right now if I set the mirror you can't upgrade mirrors to RAID-Z1 Bitward and password list thoughts haven't used it so no thoughts on it I just bitwarden to do things right fortunately enough to move through the house what happened to cat5e the walls, landline guess what, there's RJ45 and switches I have two proxmox nodes getting IP from PFSAN's VLAN interface they get IP DHP but not show up in DHP leases if they get an IP address from PFSAN they're going to show up in the leases Sentinel-1 and Antivirus would be it's not yes, but it's way more than that Sentinel-1 gives you way more than just an Antivirus when will this be released ooh, I know we're close but I don't know when it'll be released we know they are targeting a January release so maybe in the next week but I just don't know do you do any fishing awareness training or fishing testing in general, yes we use fin security I have a demo of fin security I have a whole demo of their product overkill for a home it's an expensive if you're asking about Sentinel-1 the licensing may put you out of there, you need to buy a minimum number of licenses in order to use it so it may not be something that you I don't know that there's any type of way a home user can get it Fiber is being sawed, I'm looking forward to switching away from Xfinity and going to 2GIG hey, that's awesome fin is great, yes, fin is a good system for most home users I just recommend using the Microsoft one it works I'd push for recommending that what else what else are we going to talk about here see there's an, nope, no updates available closing down all these extra windows I have open for things oh I realize there's a new version of Portainer so I need to upgrade that what's the price that depends on how many endpoints you're getting I don't know, 7-8 dollars when you prepay for like a year per endpoint and you're buying like 100 and that's a per month price like 7 dollars per month 7, I don't know, something along those lines what's your current recommendation for a Shira Camera Homemade because it's a Unify but I've opened other brands well, if your current ecosystem is Unify you can't tie non-Unify cameras to a Unify to a Unify Camera System if you're willing to use a different NVR such as Synology I really like the Amcrest cameras like this camera here is a 4K Amcrest AI camera if you type in Amcrest cameras on my channel you'll find the review with all the model and part numbers in it in how they work I've had decent luck with Komodo and it's free Komodo is an awful company I've done a video where I rant about Komodo and their terrible business practices so take that for what it's worth I was running it on an X I don't know was it L480 I had an L480 Lenovo I currently have some Dell laptop that I don't remember the model number of someone showed up plugging the Unify cameras and plugging RTSP from our cameras spoofing I don't think it's worth it they've talked a little bit about their new um what do they call it Cosmic desktop is it called Cosmic the new desktop they're working on I don't know really how good it is or where it's at so I don't know I don't have too much news on it what's your pitch of Finn vs. NoB4 Finn is way more automated way more NoB4 cannot do the automation level that Finn does full disclosure I'm an investor in Finn so I actually don't just like the product I invested money into the product because I liked it that much so I will disclose that up front I'm a shareholder what's up to using for the stream is it OBS you're using Yeti mic yes this is a Yeti and big reason that it sounds decent is I built the studio with a lot of echo cancelling I'm using StreamYard for this part do you do any digital signage not really the signage pie yes I like those but I haven't done any um if you look for signage in my channel you'll find I did a review of the pie signage I haven't really used any other ones Cosmic and it's written in Rust yes okay it is called Cosmic cool the first thing anyone's channel considers purchasing at home is uh what Inet is available I was close up front just close it after the fact well yeah I've just closed it in other videos like my video for Finn I say I'm an investor at the beginning of the video so you're right technically I said I recommended Finn and then said I was an investor good point I'll I'll take it select another program for cameras audio is leaking into stream really shouldn't be it's muted or does it huh that's interesting if it uh it goes in there weird really hahaha I did not know it did that that's interesting just upgraded PFSense CE2Plus didn't realize it was free for home users boot environment feature is awesome yep uh what VoIP do you recommend as a reseller or for home use for home use VoIP.ms as a reseller call us and we'll sell you VoIP uh do you resell Finn to non-msp customers not right now um but if you contact them if you want to use it as a non-msp you could probably use it I guess I need to know like internal IT teams could use this heard the car tab audio huh for signage yo-deck is way easier I never use yo-deck I don't keep up with signage is not a big part of my business um we help the couple people with some projects a couple times it's not something that we run around doing it's not something I have a ton of experience in how do you assign IP is totally random use some other method use DHCP always use uh I try to use DHCP whenever possible it makes changing things way easier DHCP for the win could I set up VoIP for in my local network like an old intercom yes you can you can use free pp free pbx for that chris from crosstalk solution has hours and hours of tutorials on that topic uh sort of site their logo similar to use it's on the highway there today going to tell you who is sort of site I don't know who they are so I don't know how I feel about it oh their logo is not similar to mine I wouldn't that's similar to mine you know who's logo similar to mine let's just get this out of the way here there's a company that has a similar logo to me it's these guys look how much I mean they're even using orange by the way my logo predates theirs that's why this is funny um I had that logo in my logo has been since 2015 I think there's came in like 2018 so I don't know what it's worth didn't you just have snow uh why is your launch as snow comes and goes to Michigan I don't know if the 3100 can run uh zfs I don't think it can I think for some reason that one can't never about to look into upgrading pf sense plus ce is a hard process nope dead easy to do uh ce is not really lagging behind releases but the process is really static assignment on a dhcp server yeah it's just easier ltt Tom tech tips much better yeah we had snow for like two weeks here and that was about it um so let's try this I closed it so we shouldn't get this anymore um filter backyard one minute per week oh this is only going I only go back I don't have any monthly ones I thought I had a monthly one if you have a monthly one you'd be able to watch the snow change because this is what it looks like for a week but it's been muddy for a week so yeah there's no it was it was really snowy we had some snow again that's what those this is a time lapse but you can see things haven't really changed much over a week if you want pf sense for business you need to pay let's go ahead and sort that out no where's it at so here's the and I maybe I need to do an updated video on this because so many people seem to be confused by this home lab tack light so there's your tack light still no charge tack professional $400 a year so right now they offer tack light so that's their pricing on it they're talking about tack light in the future um costing $109 per year which I think is incredibly reasonable but free for home labs is their non-commercial home lab use free now I think it's actually interesting that they have a distinguishing difference I think it's just so they can track how many licenses they give out for people that claim to be easy for home versus lab but either way tack no charge and it sounds like in a future I don't know when in the future but they plan to charge $129 and you also get it for free with your pf sense hardware devices well let's see if you want SLAs you pay yep that's how that works have to pay for support not licenses essentially yeah is there any good hardware devices around pf sense to have a gig on or even one gig I mean the little protect teleboxes work so they're fine if you want to use them they're very functional sort of the cool toms I think they're good for home use I don't really recommend them for business use for business use we try to put everyone you know trying to keep them uniformly on neck gate because it's easier support and everything else tack I forgot what tack stands for it's there's what they call support is tack I forget it has a name but it's their support people are called tack technical assistance or something I don't someone someone answer for me that's better at googling what pf sense calls tack you should send LTT a jokie case cease and desist I don't want to if I knew him personally it might be a fun video but I don't know him personally I should have added good IP second remote VPC client speed that's the function of processor go with the neck gate device if you want guaranteed if you want guaranteed speed results go with the neck gate device because they haven't published I believe anyone's here at the company some for a pf sense neck gate or custom box for firewalls at home and only one firewall and client's just bloody works yes for any performance reason to run a pf directly on the appliance yes you can run into way more quirky issues if you run it virtualize it's not that you can't you just are more likely to have a problem if you do your experience may vary technical assistant center a few people have answered this found it technical assistant they have a weird name for it whatever that's how I feel as long as it works that's what matters but I don't see any reason not to upgrade generally is there a good way to optimize wire guard for better speed besides setting same M2 speed using wired instead of wireless no I mean other than I've referenced Christian McDonald's video on that setting up wire guard it's easy to find I've posted it many times in my own forums if you type in Christian McDonald pf sense wire guard setup you'll find it he outside of that no I mean the rest of it is just processor based at that point ever use piehole and unbound in a production environment no I wouldn't not not for a business we'd never use it in a business I don't even see a use case for it in business we use pf blocker because it's on pf sense but that's it running pf sense in a Dell R20 at home taking routing redone the drives doesn't make financial sense and it depends where you're at if you're in Europe power is expensive if you're here in the United States power is cheap so it comes down to where you're at what are your views on smart homes oh I don't well that's because I use this wrong one well no it's the right one it's just the one at my office I may switch to the one here so we use them here where's it at I use this this is what allows me to control the lights and everything else so I don't mind smart home because I'm in control of it I manage all these right here so there's a studio lights I if I flip any switches the camera will cut out so I'm not going to do that so I self host all that I forget how does XU work with 12 gen 50s VMware doesn't like I don't know how efficient they are there's a discussion about that in their forums what are you paying in the US for 1K I'd have to google that I don't look much I know it's reasonable 8 or 9 cents oh there's my wife she wants to go buy a new dresser so that means she's off work it's 3 o'clock all right any last questions before I stop where my wife comes down here and makes me stop she wants to go buy stuff that's a well she's buying it I just got to help carry it yep we're actually not going to IKEA she didn't find a dresser at IKEA my couch is from IKEA I love our new couch I think I have a picture right here somewhere that's the new couch we got from IKEA but I I like their their furniture is good but we couldn't find a dresser we liked so and this was at Christmas and my wife is like why are you taking pictures because that's what she does but that's my living room for anyone that cares which probably is no one I think we're all still talking about electricity and how many watts I do have a space heater by the way I can zoom in a little bit I can just turn off I don't know if you hear the clicker or not space heaters off I keep a radiator style space heater in my area because it gets cold down here in the winter but I do have my home assistant tied to my Synology I can turn the lights off behind me I think you'll see them on the screen what speakers? clips I only care that I'm jealous of how nice your home is well thank you oh my wife likes to call me a troll because I work under her she's in the room above me yeah the um matter of fact I I don't have I think I got a picture of my studio in here but yeah these are oh yeah here's my studio I have a whole video where I break down the build right here and there's a camera here I'm sitting looking at this monitor here and there's the there's the space heater that's where that is so um and on the other side of me this is the other side of my basement so it's not finished yet but like I have these doors and that door goes into where my server room is and stuff like that but anyways we built a lot of stuff at the house that's what I document as we build things like this is a studio getting built this is this is my studio look like before I built it for anyone curious like I I did most all this work myself everything from the lighting the electrical uh quite a bit of it do a YouTube shorts review of your clips you know I love home audio stuff but I don't love it enough to do YouTube videos on it maybe I'll post it on my personal channel I don't know this is not the Synology app this is Google Photos is that a smart couch? yeah my house is about 2000 square feet upstairs and another 2000 square feet downstairs it only has here's what it looks other than the walls I think I have older pictures before I built the walls but yeah here's all the dimensions this is the dimensions of my house too I laid all this out because this is we did a bunch of planning to build the studio this is my studio um somewhere near as a calculation so 741 square feet here I didn't do the square footage from my studio but it's probably another I don't know it's a lot like I said my house is roughly in each area some 2000 square feet up and 2000 square feet down roughly there's the old couch I got to do new photos because there's new and by the way these photos go all the way back to um this is there's my basement I'm sitting right here so that's before it was all built in case you're wondering I'm sitting about where these boards are so I have pictures from the very beginning on this I need MFA on the doors a video on mobile phone photo backup photo prism, sonology photos or something um I use sonology photos to back up all my personal photos now I gotta get a dresser do I have to tap the ceiling to have cast let me out yes actually she'll come down here and open the door and drag me out in a minute I have a feeling that's coming I've been doing this live stream for two and a half hours I guess I gotta go buy some furniture it's that time again so thank you everyone who joined and stayed with me while I ramble on about nothing about houses so um there's what it looked like step by step the whole time all the way to a built wanna see my attic I actually have a video I forgot about I actually showed how we wired this I never released a video I gotta put that together because this was a pain to wire but it's done the basement before it was done and then down here is the basement after it was done what a difference it looks like but nonetheless I'm gonna wind it down thank you all for joined I gotta run I will uh watch my Cisco video let me know if my opinions are right or not and appreciate all of you um I have more videos coming now that I got the Cisco dashboard one out of the way uh head in my forums for more on-depth discussion a few of you said you were gonna DM me again definitely do that so we can keep the conversation going alright and thanks