 Good morning, I think. Let's make sure I have audio, details. Do I have it? All right, perfect. Just wanted to double check, you know, the impromptu live stream means I wasn't really prepared. Impromptu live stream also realized, oh, I have candy that I'm eating and I should probably get rid of the candy prior to starting a live stream. So here I am, now candy free, but now I want more candy. That's a different problem. But we're not here to talk about candy. And good morning, Travis. And great meeting Travis in person. I don't, I do like meeting all the people whenever possible. That's why I want to go to some more events and things like that. It's always cool meeting the people and having more interaction than just seeing a live stream chat. So that's definitely really cool. There was a lot of people who said, hey, Tom, can you do more live streams on Saturdays because that's a more convenient time? And it was kind of voted upon by the crowd. I listened to the crowd of people here that said, let's do one on Saturday mornings because that's more conducive to a good audience, especially my people in Europe. So awesome that hopefully more of you have time to attend. And I was like, you know, it's nice outside today in my house and I'm going to go outside of my house and do things. So I thought I'll do a live stream because I don't have the time to put together a concise video where I, you know, really take the time and organize it. I always am doing that, but at some point nothing's finished that I wanted to publish today. And I'm like, live stream and then outside. So absolutely. But the man himself and Brett the other day in shirt, it was his, oh, I'm short, but he's taller than I thought. I'm assuming you mean Brett, Brett's quite tall. And Brett has commented this a couple of times for people that have met Brett. Brett is the shortest member of all of his brothers and he's got a lot of siblings and he is the shortest one of all of them. So take that into account. He is like, he doesn't feel tall because he grew up around a bunch of tall people. And by the way, Brett's quite tall. Brett's a big dude. Iceland, New York city, over to place NYC. Hello from Iceland. Iceland seems like a place I want to go. Scotland seems like a place I want to go. Those are really cool places. Do you want to, oh, do you recommend getting a Neckate 2100 if you want to learn PF Sense from scratch? Absolutely. I think the 2100 is a very affordable, solid device for learning PF Sense. The nice thing is with ever, whether you load it yourself, load it on your own hardware or buy a Neckate device, 99.9% of PF Sense is the same. The minor exception is PF Sense Plus which you can now load on your own device. So yes, for learning, it's amazing. I even had, I think one of my videos, I made a joke about it, one of my HA Proxy videos, I think I did it on either a 2100 or a SG-1100. But yes, it can run not fast. Your lower end hardware is not gonna be as fast, but from a learning concept, oh yeah, you can learn on it for sure. It may not be as fast as you think so. From Netherlands, thank you. Good time for us. Yes, I imagine, I know in Europe it's, you know, you're in the future. So it's a lot later there. So it's great. I need to start doing more of these. One of my goals was I having the studio at home means I can just start some morning live streams. And well, that's what I did today. Kind of, kind of I'm prompt to. Barcelona, here's a trivia thing. Maine is further away than I thought. I have, I was talking to my friends at 45 Drives about coming out there. They're in Nova Scotia for those of you who didn't know. And Nova Scotia is not dramatically far from Maine, but Maine and Nova Scotia are quite far from me in Detroit, Michigan. So it was interesting seeing just, I did not realize how far away Maine is. And it was still a U.S., you know, in the U.S. but geographically further than me than I expected it to be. That was my, because a flight to Maine and or a flight to Nova Scotia, I think it's slightly longer than even a flight to Florida. I always thought of Florida as a much further place. And I've been to Florida lots of times. I've been to Maine zero time. Years ago, a group of us had a huge Ireland trip plan for 2020. Oh yeah, we can, yeah, that's probably didn't happen. Spain, Australia. Do you go either I prayer for army staffs when selecting neckade appliances for our customer? You pretty much want to go by iMex because it depends on the application, of course, but for the most part, iMex traffic is just more representative of real traffic. And you'll run into that all the time with clients when you're setting things up. You want to base the VPN on what they're doing, not the maximum potential for what this particular VPN can do with a single stream of IPerp traffic because usually they're not single streaming a single application and a single data stream between two points. They may be that there's not saying no one is, but usually when you set up a VPN, they're VPNing and encapsulating a lot of different line of business applications across the VPN that in remote resources, they need access to. So you have to take that into consideration. And a lot of times we tend to end up talking to people, a lot of VPNs because they want them for the wrong reason. That's that, you know, I didn't say a lot, but quite a few times we have because they want to run QuickBooks being a more common one where QuickBooks is less well suited to run over a VPN where you're using file sharing, for example. So you always, just a bigger conversation is usually really look at what the client's using it for and then take that as the understanding before you provide the solution. Matter of fact, this is me in 45 drives and I've been going back and forth about the complexity that some people want for solutions or what they think they want versus the reality of the solution that you are best implemented for keeping it simple. I talked a little bit about this on my vlog Thursday for the same reason, just overcomplicating things. Hello from Romania, all right, there we go. I wish that Tom was the team leader for Unify to get. I don't know, so Unify is such a weird company when it comes to, I don't know their roadmap. I don't know why they don't choose to at least have a little bit more of a concise roadmap. There's nothing's really stopping them from doing it other than management. So they've decided to go in different directions based on somebody's ideas. Undoubtedly, Robert, the CEO is still influencing things the way that he wants to and he chooses not to be public or anything like that. I don't know, it comes down to it. You can't really knock it, we can complain about it. We all can, we can all play, yeah, they should do it. But from their standpoint, they're going, we're making money, we're making a lot of money, we're making a whole lot of money, tell me I'm wrong. One of my consulting friends works for some very large companies and my favorite thing he ever said is it's so hard to tell someone making their money they're wrong. This is a repeated phrase, I'm not saying he's the first one to say it, but it's certainly interesting hearing him say it, going it's really hard to tell people making money they're wrong. And this is the downfall of so many companies. If you look historically, you look at somewhere, let's take a completely out of context from tech example of General Motors. There was a time in the 70s when General Motors was like Amazon. They were so big, they were a monopoly, they couldn't believe General Motors had the size and there was no one stopping them. General Motors was this unstoppable beast of a company and they made poor decisions that led to their bankruptcy. Obviously a number of years later, but think about that to go from a company that no one could see the end of that monopoly. And this scales down smaller, look at any company that often went out of business, sometimes just because of mismanagement, but sometimes just because they held on to something. Kodak, there's an easy somewhat technical example because Kodak didn't get technical. Kodak completely contracted as a company, they did not, despite having a lot of research on the camera market, including the digital camera market, like they had a lot of knowledge, they just didn't see it, they seen as the digital camera market compromising their film market, which that's not wrong, that is a fact. The reality is, if you don't get ahead of that and someone else did, and of course that's why Kodak doesn't make the number one digital cameras, they're not even on the radar for that, they're not really the company they used to be, they lack that vision. So that's my little rant on that entire topic. Minneapolis, all right. Upper Peninsula, for those of you that are not familiar with Michigan, we're a state that is connected by a bridge, a very big bridge, the Mackinac Bridge, it connects the upper and lower parts of our state. So we have a peninsula above us, I'm in the lower peninsula, someone suggests we go to sledding in the upper peninsula, yes. Time to ever find the fact that PF Sense doesn't have a cloud component for managing multiple clients, a hindrance. We use Maraki and Palo Alto for nearly exclusively that reason. I don't know, I'm kind of, I'm so mixed on that because we use Untangle, which does, I just, I look at things very procedurally and very, you know, how we're going to do something. We have a list in a spreadsheet with all of our PF Sense clients. And when there's a version update for PF Sense or a module update for PF Sense, yes, it does require us to go through that list and we put the last update on there and we just run through the spreadsheet and do it. It's a more laborious task of updating it. It also keeps things very compartmentalized because one thing that worries me is the consolidation of more and more things because there's a big security risk. I mean, we're watching Lapsis Group. You can't deny that they have went and just slapped the face of every major company, Microsoft, Okta and go down the list of major companies. How soon until they start going after the dashboards of some of these places that provide access to this? This is what seems like a convenience today. I feel it's a tough market. And the more you consolidate into these dashboards, I feel you're almost at a security risk. And I'm completely guilty of it because I'm using Untangle with a bunch of people in the dashboard. So I don't know. I mean, yes, it does have a labor involved in it, but the expense you save on PF Sense accounts for the labor of not having rolling updates. So I don't know. I've been testing out how many I really like it, what's your opinion on using a backup? It's a great tool. Many IOs is great. I should do more videos on it maybe. I don't know if there's enough interest in it, but it's a cool thing. For those of you that are familiar, MINIO is a S3 emulation layer. S3 is not just Amazon S3 storage. S3 is also an open protocol and you can do things like run MINIO on, well, TrueNAS or even just any Linux server or you can run it all over the place. It's a free and open source tool that does have support options, but a MINIO can emulate S3 and use it as your storage target for things that support S3. Hey, Germany. All right, what are your thoughts on Arista buying Untangled? Wait and see. Hopefully Arista is a good steward of it. I don't know. I mean, Arista does a lot of nice enterprise stuff. It makes a lot of equipment. I don't, here's the problem with some of these companies. I don't know whether or not they're good for it. And I don't know if that's their thought either. There's some mechanical problems, so to speak. Well, mechanicals are everywhere, maybe. There's problems when you make too much money and when you're a U.S. company making lots of money, what do you do with all that money? I don't know, I'm gonna buy stuff. It's if you don't buy stuff, if you don't acquire companies and things like that, the taxes may be going, it sounds like you wanna turn a good profit, but then you're like, oh wait, all those realized gains in accounting have tax problems of dispersing all that money. And some of these companies, especially in the enterprise space right now, are at some of the highest margins they've ever made because they're able to get premiums for any hardware they have. If you are a company with hardware, you're able to charge more, therefore you end up with cash surpluses. I don't know what their cash surplus rate is on Arista, but then you go, how am I gonna expand? I'm gonna buy other companies. I don't know enough about Arista's management style to tell you whether or not they're going to do anything good or bad from Untangle. But Untangle's been a really solid, forward-moving product, so it may be a good thing, I don't know. Because random analysis is used to me, there's only a five-hour travel distance between driving to Central Maine and Texas for content. Yeah, yeah, and that's something to think about. And from Detroit, Travis is from Detroit, for those of you that haven't seen him in a live stream before. Do you prefer Sophos Firewall XGS or PF Sense? PF Sense all the way. Do you know the invoice engine, a way to implement recurring subscriptions, auto pay, where you can get a client agreed to it? Yes, you can do that. That is possible. We do our MSP auto recurring billing. They have to say yes and agree to that. It'll do ACH with Stripe as well. Do we ever get to see you going Proxmox back up or doing a lab setup? I don't have any reason to use Proxmox. I use that CPNG. There's not any feature that Proxmox offers me that's so compelling that we should start moving to Proxmox. We've actually done people at the opposite when they seem to have, the only way I can describe from their words, and I don't know the details, we have outgrown Proxmox. Proxmox can keep up with what we're doing. So we move them over to XCPNG. I'm not enough of a Proxmox user to see if they were just doing it wrong. I know how to tune up and set up and configure and optimize XCPNG. So when we're doing these type of migrations, I don't have an easy answer for that question, but I don't have any compelling reason to use Proxmox. I don't think it's a bad product. Don't get me wrong. And it is only, it is obviously someone who was unhappy moving, but I know lots of people, Jay from LearnLinux TV, who's really happy with Proxmox. Therefore, they like it. Matter of fact, 45 drives just did a few videos on Proxmox. They seem to like it as well. I just don't use it enough. And when I'm looking at feature sets, what would compel me to take a whole lot of time learning it? I mean, if there's some feature, go, man, if I had this feature, I'm in. Just count me in, man. If you can get this feature working, for the other, the opposite, it's more true. XCPNG has all the features I want. So Proxmox becomes much less interesting to me. Any more great log videos in future? Yes, I'm waiting because they're switching, the new version's gonna require opens. I think it's called open search instead of elastic search. So I'm waiting, I wanna do a whole new video on the installer with their new backend. It's gonna, I don't know, but I mean, soon they're gonna have a new version released and that's when I'll do a new video. I just don't wanna do any more content talking about elastic until I'm more familiar with how it works with the replacement that they're gonna require in the future. You should reinvest into the company, maybe that's buying other companies to bring into your fold, but she had better many product. Well, and with the case of Arista, Arista is in the enterprise market. Maybe they wanna be more into the mid-market that you can get into the small and mid-markets that Untangle's in. So Untangle, like I said, it's got a really good set of things. So good morning, Detroit. I already talked about that. Rewind if you didn't hear me ramble on about Untangle. Hope a few Untangle Arista products show up in the hardware, sure. Good morning, Jason. Oh, let's see. Have you ever tried supplementing building heat with servers in a closet? The heat output are cooling from outside in the winter for the servers? I've never really done much about it. It's just a bonus that my servers running creates some heat. It's just a bonus like they're in my building so they're partially heating it, especially at my office where we have a lot more servers. The downside is it's the summer months that are problem because our electric bill's already high and then cooling all the servers that are in my office adds more to that. Good morning, we got Denmark. XCB, do you usually build it or purchase it with appliance support? Oh, pretty much when we're doing the business ones, it's pushing people towards the contract. If they're using it in the business and we have some very large companies, I've talked to one of the cool builds we did. I've talked about it a couple of times. It's just we have a client that has full, top-end everything. They got like $30,000 they spent on each one of their servers. They have three of them in an HA cluster. They have a TrueNAS with HA. And of course, I mean, they're so, they were a million dollars just about into building this facility and the server equipment for everything they're doing. They have all licenses on there. Matter of fact, they think the license fees are a deal. So they buy full support. So yeah. I mean, for home users, and I always comment in when I do my videos on XCPNG, one of the things I comment a lot on is this right here. Let's see. Here we go. This is the XCPNG and you'll see that it says no support. The reason it says that is because I always try to use the no support version when I'm doing videos because that makes it prove to you it's accessible. I have videos on how to build it. I have videos on how to use it. And I'm using the same one I built from that video. That way it's a one-to-one relationship here. I'm using the thing that you can use yourself free and open source. And I usually throw a comment here and there, hey, they offer support because they do. And if you're a business, you should buy the support. If you're a homelab person wanting to learn and manage this in your homelab, download and run it. That's why they are the ones you gotta remember. They're the ones even producing a lot of the documentation and instructions for the free version. So it's really nice that they take the time to do all that. So yes, I encourage it, but I also run a lot of it to connect with the audience better. Hey, Sam, what's the best way to make a kid-friendly Wi-Fi network? I have UDM Pro. I have no idea. I don't know. I mean, I mentioned using Cloudflare's family DNS. That's probably the best way. That's easy. Hopefully that makes sense. Ooh, from Hong Kong, awesome. Oh yes, play on words. Kenny Spicer, why would you want goats on your Wi-Fi? Kid is another name for goat, the young goats. So I like play on words. I'm not gonna lie. But I know I have a bilingual audience. Well, usually more than bilingual because the people in Europe who speak English, English is just among a collection of languages as I learned, which is always fascinating to me when I have people who speak way more languages than me. It's always interesting. Because I'm an English speaker only and probably not a great English speaker. Thailand too, awesome. Hey, we got a super sticker. Thank you very much. I much appreciate it. Do you love that? Vincent, another donation. Did you already try it or possible on Tangle that you create open VPN and then the user connect that is possible to see their web browser? I don't understand the question. You want to see their browsing? When they're using it, if you tunnel them through, you should be able to see what traffic they're producing. It depends on how you configure the tunnel. My assumption is that's the question you're asking, but I don't know for sure. That's a guess on there. But yes, if you configure it with open VPN and on Tangle, you should be able to monitor the traffic tunnel through there. Moving to a new home for the lab on their, see on their joint workstation over a rack server workload is just a handful of VMs. Okay. I think that was a response to someone's question. You have to do deep inspection and install specific as an old clients if you want to view web browsing. Well, yeah, that's true. And it really comes down to how much do you want to do man in the middle? Is that effective? And what, at what expense? What will break if you're doing man in the middle? That's something not everyone realizes. Oh. Oh, sorry, Willie. I didn't know Willie was live. So I guess he said a few people over here. That's funny. So, should I ask Willie if he wants to join? I could probably do that. I wonder if Willie wants to be on here. Let's message Willie. Wanna join me? Let's see if he's got time. I can actually add other people into here, by the way, for those of you that don't know, I use StreamYard for all of this. Hello from the Netherlands. All right. When should you look at a workstation over a rack server for HomeLab? I try to look at rack servers first. That's his preference at that point. Just came from Willie's show. I'm trying to get in. Willie and me on a Saturday. So yeah, I messaged Willie after I didn't invite Casey. I didn't realize he was live streaming and things like that. I know we have similar audits, so I don't try to conflict. I said, why should you have to choose who you watch? Why not watch both of us? Oh, okay. Willie is unfortunately unable to join in right now. Because I can actually send links and bring more people in. StreamYard is what I use and it actually supports me having more people involved if I want to. So something kind of cool that I can do. Let's see. Hey, love of videos about via Sense? Willie Howe. You can find Willie Howe's got a lot of great YouTube videos as well. He talks about a lot of the same things I talk about. So yes, absolutely. What do you suggest for beginning Career and IT? I'm currently working in DevOps course. Oh, when you're doing your career in IT, figure out first what you want to do because IT is such a broad topic. You're already in IT. If you're starting like currently making a DevOps course, figure out what you want to do. If you just want to do in the IT support world, help desk jobs are a great way to get your foot in the door. Very helpful from there. So you kind of keep expanding out from that. Spokane, Washington, successful installations of WDS and Freeness, having issues drivers WS myself through Unrayed. What's W, Windows Deployment Server? I'm assuming I'm not sure what that's questions about. I think you're meaning Windows Deployment Server, but I don't know. And I don't understand. I don't use Unrayed, so I can't answer your question probably. Can you talk about, oh, this is something I'm starting a whole business channel about soon because this is a common question. And not everyone's gonna like this answer about starting your IT business. Sometimes you shouldn't. I say it like that because there's a lot of people that just aren't good at business. And I have a couple of friends that I've talked to and they have jobs that pay like 150,000 plus a year and they want to start a business. But one of the problems I was asking was what's your lead generation process? Well, I'm hoping the vendors will send them to me. I'm like, that's a big hope that you hope vendors will send you business. I've heard that a lot of times as an answer, not from one person, from many. And the biggest part is before you start your business, do you have a plan for lead generation and how do you are going to process all those leads? If you don't, you have to figure that out before you start the business. What are you going to do? And you can't just say, I'm gonna show up at some business events. Cool, are you gonna talk to people? Are you gonna close on all those leads? Read a lot of books on that aspect of it, getting to know people. The old adage is about who you know, that's true. It's not some meritocracy system where you just are the best at doing what you do and everyone's gonna hire you as a company. But you're saying, well, that sounds like it's a possible start. No, no, no, it's not possible to start. It's a realization that to start, you need to have a process. That process does include getting to know lots of people. I spend time going to public events and going places to get to know people, to engage and interact with them. And that's how you kind of work your way into business a lot. It's just part of the way it works. It's an important aspect to think about when you're doing that. That's all. It's not me, so that's why I say sometimes it's, and this is a lot of times if you don't have a good process for leads, this is what puts people out of business and bankruptcies and, you know, dissipating all the money they saved up to start it. The power switch with my Dell Tower is dodgy, but it worked when I took off the front. What do you suggest? Replacing it. Someone this morning mentioned Arista about Untangle. Yeah, I mentioned it earlier. You had to rewind the blog or my live stream here. Yeah, Arista about Untangle, there's a lot of good things coming. Morning from my Canadian friend, Cody. Compliments about you doing this for your time. I know you can see your, I love your job in sharing knowledge. Yeah, sharing knowledge is just big part of what I've been doing long before YouTube. Matter of fact, I'm going to be probably doing a few talks at an upcoming conference called PenguinCon. It's a nerd conference. I go hang out and be nerdy, but I hopefully got my fingers crossed that our talks will all be accepted. I've done talks before at conferences. I love doing that. I've been doing that. Like I said, some of that's what led to me putting things on YouTube because people couldn't get in, you know, you only fit so many people or conflicts and things like that when you're trying to do one of these events where you can't get to all the events you want. People said, hey, is this gonna be on YouTube? I threw some of these on YouTube. And away we go. You need referrals. That's true. If I started a business, people would just be knocking on my door and my phone would be ringing off the hook. Oh, yes, that's what, that is so much what people think too. It blows my mind. What's your opinion on the cheaper, fanless mini PCs from China? Some server. I mean, if it's what you can afford, they're a little bit more sketchy, but they're popular. So you can use them. There's the, I prefer the brand name stuff over the random, you know, you can find so many different things. Quotam being one of them. There's all, here's what gets more confusing is the way they're branded. There's so many different branding, if you will, that can come with it, but they are not terrible usually. And you're not, if there was some type of firmware problem with them, you're less likely to be the target that it's a whole interesting thing. Oh, we have another Canadian, Jordan's from Canada as well. So Cody and Jordan, both from Canada in here. Not as much supportive of going through improved hardware. And one of the other problems is, third party vendors sometimes do quirky things. So you can end up with quirky problems related to what the lowest costing device is. For a home lab, that might be perfectly fine. You may not be any issues. You may not run into any problems. Find a model, spend some time over on Reddit, do some reading for people that have done them and say, are these good or is some problem they've run into with them? So what's it do with an old netbook with two gigs of RAM? That depends on the speed. It might be, it turns out useful. It isn't what you want to do with it there. My router's PO since build, we have an IPN, OpenVPN working, but cannot access any of my hosts. It's containerized apps. I can ping the host, but not access their web GUI by their port. My guess is you have some type of routing or firewall issue. The problem people run into is not, is getting the routing right. Because if you come in, you're at a different route level because it'll see the ping response is going somewhere different. So you gotta make sure that there's not a firewall rule. This is a weird one for, I think Windows changed the rules in this too. I think a default Windows one, I don't know, I think it's even when it's not attached to a domain. I think Windows only will do a ping response from things on the local network. So you can ping it locally, but you can't ping it from VPN, for example. My assumption is gonna be there's something in your configuration, maybe a firewall configure, maybe it's only set to respond from local network. And it sees you coming through there in a way you go. In the firewall rule, it'll be within your Docker container or in your Linux system. That's my guess. Not a Docker expert. I did do a video on my five six. I have at least one. I at least have one on there. I don't know what people want for Wi-Fi six videos. I've always thought the testing ones were terrible. They're so inconsistent getting tests from Wi-Fi six. It's just drives me nuts. Have I used it? No, it took a while, but I finally got approved for it. I gotta dive into how it works and read through some documentation. That's where I'm at with it. It's on my to-do list. I don't know, them being a central identity management seems weird to me. I want to look at how they implemented and make sure I understand it from a technical standpoint and kind of go from there. Using POSense, my upload speed is being slowed down to 3.5 meg or 3.25 megs. But if I use a paid VPN and do CTest, I get my normal 40 suggestions on how to troubleshoot this. I have no idea. That is a weird problem you're having. Try turning off hardware offloading. Try a different network cable, but I can't, but that doesn't make a lot of sense because you're getting faster speed over VPN. Try bypassing the POSense. That's a weird one there. That's not what I've really run into, not in the commercial space. So, Wifi 6E, Wifi 7, Wifi whatever comes after this, Wifi 8. The problem is gonna be hardware. Everyone wants to talk about it. No one can get their hands on it in bulk. So, and I just don't care about Wifi. Matter of fact, I've seen a meme where I'm definitely probably gonna make some more of them. It's basically, hey, my Wifi doesn't work really well. Here's your solution, first and handy on network cable. That's what, there's a video I did do. It's gonna be another interview coming out relatively soon with David Bombal. I did one before about PFS where he did another one. And I talk about people are still, when it comes to reliability and connectivity, people are skipping the Wifi and going right to the hard lines. Sorry, that's the best answer. Everything I care about for speed is on there. I don't even care about speed when it comes to Wifi. What does that matter to me? And the same thing with businesses. They go, do we have connectivity? Do we have coverage? Great. And no one's going, hey, Tom, I need a speed test in every corner of my warehouse. Nobody asked me that. We're doing, we've done, and look at my channel, we talked about these big warehouses we do. We're doing a couple, we just did another two more warehouse beds. And we got another one on Monday. I think that'll be our third one in this last week. You know, zero times are people going, I need optimal speed. Give me Wi-Fi six and the fastest connection every corner. They're going, nope, we need connectivity. So I'm just not, I guess because I deal with it from a business standpoint, it's always home users that want it fast. But yeah. Do you have a preference of Super Micro versus Dell? I like Dell and I like Super Micro. Both of those are good choices. So a preference over them, not really. You know, which one's on sale? Which one can I get for a good deal? There's my preference. Hardware-wise, I like both of them. Super Micro does probably a better job if you're going to build it for TrueNAS. I see it like that because people have a lot of questions around, you know, getting raid and pass through to work on Dell and that can be tricky. So if you're trying to get TrueNAS to work, you want or something, anything that wants direct access to the hard drives go with the Super Micro. Other than that Dell makes out, my servers are Dell. The servers, we run a lot of our things on here. Go to our host here. So here's my R630 that runs a bunch of our lab stuff on here with 120 gigs of RAM. I still have, oops, an R720 in here as well, 64 gigs of RAM, 32 processors in here. And these are both Dell PowerEdge systems. So they work great. I really don't have any complaint with them. So is that better proof that I like Dell? What do you use for authentication? Have you tried IPA and Rocky Linux? No, a lot of our stuff is through G Suite single sign-on. That's the business side of things. Four things that need single sign-on. Other authentication we use is going to be, you know, Fido with these right here. More than one Fido key, not just UB key. This is a trust wave key. The only wifi we have is a separate number to join your phones to. That's actually where a lot of businesses are. They have wifi so people can join their phones not so they can conduct business. Yeah, reliability is always, if you do in the business sector, and Cody knows this, man, this is what everyone says. I need reliability, not speed. SMC is cheaper, Dell more enterprise. I'd feel support. Dell support if you buy it under contract is really good. So I guess the context matters. Are you buying a home lab that you are buying used or are you going to, what do you call it? Do the, you know, it comes on how much support you want. Really, that's probably a good thing. It's better context what you're doing. Wifi is a convenience. Yes. Video setup encrypted Linux boot and U2F auth. I don't like U2F auth with Linux boot as an exclusivity. It should be an extension of so it requires this and that because here's my problem. If you have, this is a tablet I know but let's pretend it's a laptop because I don't have one in reach. If you have your laptop and I require a key to boot it, the problem becomes if you take both of these things with you you have the ability to boot it. I like the password. Now maybe, and I don't know you set it up with this plus a password would be better. I don't know. Do you want to do a video on it or not? I think the demand is too low for something like that. I have videos on using Lux encryption. I use PapaOS and I encrypt with a boot password on the drive, which I think is good. So 30 plus students in the classroom, multiple devices, you kind of need them. If this goes over ships, we're moving to Wi-Fi 6. Yeah, I mean, we add a lot more density of the non-Wi-Fi 6 units because we can get them. From Rania, do you have two words about PF Sense versus OpenSense from the beginning of my view? PF Sense, use it. It's my word. I like PF Sense. Wi-Fi is just heckful for some other types of business plus is more reliable. Yeah, yep, always go with Wi-Fi. You know, the only problem, we use Duo, not me personally, but we for our clients have Duo set up in environments that it's needed. My only problem with Duo is the fact that they fail open. I don't know why. For those of you that aren't familiar with the Duo setup, the default is actually a fail open and they got bypassed because if you have something set the fail open, what fail open means, Duo, if it can't reach Duo servers, it says, I guess I'll let you in. I couldn't talk to the servers to validate you. So there was a recent incident with a company and the debrief was they got around Duo by putting a host entry in to send Duo to local host. And when they sent Duo, instead of being able to go out and contact Duo servers, it contacted local hosts. Well, that was the ability they had then to bypass Duo authentication because it was allowing people to fail open. Something to think about. You can't change it, that's the default. You can change defaults, but Duo is a good, it's a good product. Do you guys use a self-hosted VDI solution, maybe recommendation VDI solution for home labbers? Not really. I don't like a lot of the virtual desktop environment solutions. They're often clunky and problematic. They're not, there's plenty of people using them. Do I run, Windows is pretty much your place you run it. There's not a great platform besides Windows to run them on because you're putting Windows and you want to virtualize your Windows environment and you're gonna wanna do that using one of the Windows servers. That's the best way to do it. So, yes. Hello from Oakland County, awesome. Yeah, best, I think you mean Fluke, but yes, Fluke makes really good cable testers, but Klein, no slouch, Klein makes really good ones. Is there any type of client you refuse to work with? Ones that don't like spending money because they become not clients. We have people who just send us questions and we've had some of them that think we shouldn't bill them for asking questions. We don't end up working with them because they're not really ever a client at that point. I had a vlog Thursday, I did a few weeks back because someone called me a greedy bastard or something like that. They were mad that I wouldn't answer their questions and help them set up their servers for free. They thought it was ridiculous that we charged consulting time. So yeah, sometimes, I mean, those client-to-clients I guess I don't work with. I don't run Poxmox and I also don't run it on a USB. PF Sense rules that do work for, I don't understand what I would, far as I know, you can use all of those with PF Sense. I don't know anything special. I watch Amazon and Netflix and Hulu and I guess Disney Plus but I don't use a Roku but I don't know of any problems with Roku and PF Sense. Ubiqui plus a password, instead of changing your password in any days or you want, you can just generate a new secret on your Ubiqui. That wouldn't make any sense to me to do that because I don't know any way to extract, if you're using the, even if you're using Ubiqui or you're using Fido, I don't know any way to do a repeatable attack on these. Tunnel X over SSH. That's one thing that is also X to go. X to go is pretty cool as well. How common is it? Not very, it's more than zero but it's not everybody's using it. Due to complexities, it adds to the network. So not everybody's using 802X radius authentication. It's more than zero but it's certainly not 100% an option and not likely to be. You know, IPv6 doesn't really necessarily mean more or less secure but by the fact that fewer people know it means there's probably more potential for insecure options to happen due to the lack of knowledge around IPv6 but it's not directly a security problem. Best ZFS config for VMs with 67208 terabyte SATA, six of them, two RAID Z, ones on three and three. That way you're dividing up the load between them and you're gonna go, but that costs me a bunch of storage. Yeah, but do you want speed or storage? If not just put them all in one RAID Z or RAID Z2. Dream Machine Pro SSD 128, what's that for? I don't know. I don't understand the question I guess. Greedy, not giving them something for free? Oh yeah, there's definitely people who are mad about that. We get occasionally those fill on tickets in our form. We put our pricing on there. If you go to the higher S form, we filter people out by telling people we start at $200 an hour, which is our current rate right now in March or April of 2022. So we're up front about it, that's where we start. We go up from there, not down and people who just start mailing us questions and filling forms out and then get mad when we respond with, you would like to buy consulting time, I don't know how to, I'm doing everything I can to tell people up front, we charge money for this. If you want to directly interact with us, my team, that is a fee. What's your P&S core versus scale? I have a video on that and core is still being developed. I don't see that happening going away. Core is still faster by the way, there's a big reason. Starting my first IT jobs, while company 50 people, I'm the only IT to use Linux or Windows, Linux or Windows instead of a UDM Pro. I don't understand that as a question. Do I use Linux or Windows? I like Linux and what am I using instead of UDM Pro? I use PF sets. Maybe that's what you're asking. We don't do too much with Juniper Cisco. It's not zero. So we have, because we do co-managed IT, a lot of time they have different things like that in their environments. We'll work with whatever. Forty Gates is pretty popular too. I'm less than thrilled. The only one, they're all fine to me with the exception of Sonic Wall. Sonic Wall is garbage. They're just aggravating to work with. With companies moving to zero, Chust, have you seen any implementation requests of Cloudflare on PF sets? No, not from the business market. Home users all the time. Home users all the time. I haven't really seen as many business market people talking about it. It's really common among the home user questions though. Using Snort, I use Syracata. Syracata and PF Blocker. MPI needed with 10 gigi to ZFS storage? No. Just finished my CP and G lab this morning. Virtualized PF Sense, following tutorials, speed test 0.0613 down disabled hardware checksum and Gigamit came through. Yes, that's one thing. When you are doing virtualized PF Sense, you sometimes have to play around with it. So, do you have experience with Windows storage spaces in compared to Synology? I don't have any. Wendell from Level One Text has talked about how bad it is and I laughed about it and I know other people. Wendell is the only one publicly I know that I can, look up like Windows storage spaces and Wendell Level One Text. He had a little bit of a rant about it just not being great. I have no faith in Windows storage spaces to be quality work at all for Microsoft. I have no faith in them not to have an update that breaks all the storage. I have no faith in them do an update that fixes things. I mean, Print Nightmare took a year of just, I don't know, bungling by Microsoft. I find they put the minimal amount of effort into security just enough to keep out of hot water. That's it. No real effort, just enough. Because a company with the resources, the cash on hand, the reach and developers they have could do a better job in security. It is a choice at this point that Microsoft doesn't do a better job. It is a conscious choice going, what's the least we can spend and keep turning a profit at this place because we have such a stranglehold on the market that, well, they're not leaving us. So that's the problem with Microsoft in that. I wouldn't trust them for any of it. Can PF Sense do everything it's not gonna do? No, Untangle would be more. Anytime someone says, hey, Tom, I need web filtering, quit using PF Sense. That's my answer. You've asked this question, I think, before. Maybe I'm wrong. Or maybe it's a mix up with someone else. But yeah, if you need all the web filtering features, you're gonna have to go with something like Untangle. If you just need raw packet processing, PF Sense is great. You work a lot with HelloAltif? Not really. I think you really should run your PS on its own box. Instead of virtual, I do that for production, that's for sure. Ubiquity or Mikrotik? Neither, when it comes to routers. Mikrotik's confusing, Ubiquity is limited. Hello from Canada, started looking to set up a homelab for storage. Security cams hosting, some applications have had a lot of sort of start for hardware. Setting up a homelab for storage. Synology is one of the devices that will support cameras and storage. So maybe start taking a look at Synology. What do you prefer for a web activity tracker? I'm gonna need more context for that question. Web, I can just look at the history of my web. Yeah, PF Sense is solid. Storage spaces and slow and pain. Okay, there's other people chiming in on storage spaces. I am going to mute you because I don't understand your question. Dream Machine SE 128 gig. I don't know what you're asking. Thoughts on Untangle or Rista said that earlier. Continued bungling of exchange. Oh, yes, exchange was highly bungled. Do you think there's a better alternative to Piehole plus Unbound? I don't use Piehole, Piehole is neat. I use PF Blocker and I'm fine with it. Open Media Vault, never used it. Some people like it. I don't have a use case for it. Hey, Tom, do you have a current favorite white box for running PF Sense or actual hardware? I run it a lot of times for our businesses on the NetGate hardware because it's solid. NetGate makes really just, I feel comfortable when we deploy these out in the field that when we install them and we remotely have to update them that they will survive the updates and work as expected. Outside of that, at least somewhat of a brand name one, not just these generic ones. Someone actually, I said, quote, Tom earlier, someone said they're gone. One of the other ones out there is going to be Protect Telly. They're popular for that as well. So what about OpenSense with Xamar? I don't know, I don't use OpenSense. What's the minimum processor to get PF Sense? Look at the specs for the XG7100. That processor can do 10 gig, or the 6100, it can do 10 gig. I don't remember what the processor is. The SG1100, I don't know if it's, it might be three years old by now. Would you consider it for homeware? I mean, it's limited. It's not going to be your fastest device. So does it meet your speed needs? How do you integrate and connect with your website? Oh, how did you integrate ConnectWise with your website? Lookup ConnectWise is installed. If you look up there, they have an embed option in their documentation, in their public-facing documentation. You don't need to be a ConnectWise member or owner to do that. For those of you wondering, and I'll show people what he's talking about, in case you're wondering, this is some of the fun stuff we do, it's integrations, or my stupid mouse. There's my mouse. But if you go here, I should make myself smaller, hold on. Hey, there we go. This is my website, for those of you who didn't know. Anyways, yeah, thanks Captain Obvious Tom. If you get a remote support, you'll see that this is embedded in here for when we do help. This is something you can do that's part of the ConnectWise. This is commercial paid software, not open source. It's called ConnectWise Control. For those of you wondering, so that's what that is. So you could just do an embed. There's an embed option within there. All right, Travis is a Synology person too, for sure. Do you have experience with HPE Store Virtual? Nope. Does XEP version matter for servers running in a pool? You want them all the same version if you're running them in a pool. It's pretty much a really recommended thing to have everyone at the latest version. There's not a reason not to update to the latest version. Oh, we use Pyhole DNS, DHP, and I'm bound for out of shame works really well for our network. Yeah, I mean, you can use the Pyhole like that, that works. There's your RAID Z1 and the data sets in Churnias. RAID Z1 is how you're structuring the drives together. A data set is very similar to a folder with extended capabilities. It's like a folder from the way it's presented to you, but the data sets are where you set all the ZFS options within them. What's your preferred activity tracker for 10,000 devices? Are they all in the same place? Would you like to have traffic inspection? Do you want an endpoint utility? Endpoint utilities, there's tools, we use Zaurus. That's an endpoint utility. That one works, we're using that. So maybe that's what you're looking for. I don't know where your budget is for this. Try and find a way, the best way to get the strongest internet plus power to my security cameras over long distance. So I knew this, but trying to find out the best way to get the strongest internet plus power to my security cameras over long distances. Okay, how's PFs? No, you need a good, I don't understand the question. Post that in my forums if you want a better explainer on that. Firewall looks like a home user project. I don't have an interest in it. I don't see anything compelling about it, but I know it has some fancy, here's the weird part to me, it uses like a phone app and that seems strange to me. It also beacons out to their mothership to get information, which is weird the way that works. I'm a little confused by some of the stuff in it. I've never bothered to really dive into it deep enough. I don't have an interest in it really though. I've done a video on it. I'm not sure. Do you use Synology, virtual machine manager? I've done a video on that. I am from Denmark. Understanding when I talk to English as second language. Dream Machine Pro uses SSD, what's that for? To record things onto. You can, the Dream Machine Pro has video recording options. The downside of Synology, virtual machine manager is the fact that it's got really slow IO for those wondering. Firewall or Windows DHCP, all right. If you're using active directory, Windows should be your DHCP server. Have you considered solar power battery backup for any of your equipment? Not really, I haven't considered it, but I have a very wooded lot and it's not conducive to putting solar on my house. I got way too many trees, very tall old trees. So I don't have any solar here. So it's not on my radar really. For the customers, of course, in the middle, do you suggest for them? Usually we use like Endpoint with Zoras, that's our better way of managing it because so many of our clients have a dispersed workforce that are not in one place. We have so many people who are working from home. We've got, we got a nationwide client with lots of employees all over the place. And there's, what are we gonna do? We run around installing a firewall in every one of their houses that's impractical. So we use Endpoint filtering as our solution and Zoras is our Z-O-R-U-S. Matter of fact, I'll pull up their website. I may do a video on them. At some point, they have the cool website though. Look at this. Ooh, fancy. And this is Zorostech.com. I'm gonna do a video on it at some point. We've been using, we're still in testing phase so I'm not truly endorsing it but we've been using them long enough that we like their product. It seems to work pretty good. It's, you know, they have a pretty website and it does filtering and it gives us nice pretty logs and the portal to look at all the customer stuff. And it helps when you're dealing with a dispersed workforce, which is a big part of what we do is dealing with companies that don't have a central location. There's, we've taken on quite a few of those. What's your thoughts on the internet? I don't think it'll take off. Not sure either. I'm not sure. We're still playing up a year here. Have you seen the need to disable PF counter data preservation to temporarily work around latency? A rule set. I don't have any, don't run into any rule sets that big that I've run into that. Why does it? I have no idea, I don't make this. Yeah, you know, I don't know. I don't know why some things come with shorter warranties than we'd like. Oh, do we use a Linux controller? We self-host our controller, so we mostly use, we don't use any UDM pros in the field. We have our own Linux controller. Has USG been discontinued if so, any idea why? No, they made a new one recently. So the answer to that is no. XCP and Secure Boot for Windows are reset up yet? Nope, haven't really tested it. What managed AV do you resell? We are a Sentinel one and I have a video on Sentinel one that we've talked about this. So we're a Sentinel one user and we also, I've done a whole video on Sentinel one and Huntress. So before IT searching your opinion on it, do you require your staff to get certified with your experts in Azure and cloud order work clients? No, wait, no, there is no requirements that any of my staff be certified. I will pay for their certifications if they choose to pursue them. I've got deals in place with my staff who would like to pursue them. I think one or two of them may have some certs, but it's not a requirement. Oh, let's see who's messaging me. Thanks for the source. I would recommend how to do it for an endpoint. Tell them Tom said hi. They know me, of course, because I interact with them and we've helped them work over. They've been really helpful for working into some deep diving issues. They've been, that's something I will say for them. They've been really nice to work with. So I think we have it deployed at a large enough scale and enough testing being done across so many different environments that I may do a video on them, but they do have an overall nice product. There's been some things that we had some feature requests that they needed before and they've gotten that. So how do I list radar? And I don't know. I don't use radar, so I don't have an answer on that because to my knowledge, it wouldn't block it. So password manager in a business, Bitwarden. I love Bitwarden. Open media vault is perfect for home use. Yeah, someone asked that question earlier. So people seem to like it. I don't have a use case for it. I'm not saying not to use it. I just don't do it. What is the monetary value of DNS logs? I ran into a home customer routed up with an alarming to change, disable ISP, forced ECB, 60 privacy concern. Monetary value, I doubt it's very high at all. So I don't know. I'm not in that market space. I don't have millions of people's DNS to try to sell where they go. Okay, so we had a fellow Zoras user here. So yeah, their support is rock solid. That ending line matters more than anything else. Any software is gonna have problems. The question is, how do you handle those problems? Are you going, not my problem, works on my side or are you actually engaging with the client to help? Is Zoras engages with us to help? That matters. Hey, from Australia. Awesome. What does he log help with my VM storage and ice? Cause he's EFS. I did a whole video talking about how caching works. Not necessarily. Please do a bit on Zoras. Zoras is a commercial product made for commercial companies. So it's not something end users will buy by the way. Small, oh, there's a small USG. I don't, maybe there's no money in making it. I don't know. I don't know why they're not making another version of it, but I've never been there. I don't use the TNSR. So I don't have an answer on that. I don't know when I'm gonna do a video if I'll do a video on TNSR. So, all right. TNS coin. Oh, how long until we find that level of silliness? One thing I found since UDM Pro died, if you don't have a controller set, you can set a WAP3. All three features seem to be new features worked without. Okay. Have you found an IP identity management solution? I don't really look for one. Not high on my list. We don't have groups of users interacting with Linux. Just not something that we have as a challenge. So it's not that there isn't any. It's just a less popular solution. Matter of fact, even Ubuntu, I think Jay may have covered this before. Jay from WarnerLinuxTV has talked about his channel. Even Ubuntu has the ability to tie to active directory. I'm pretty sure it's something new. They added one of the more recent releases. Within the last year or two, I should say. Recent, not as like, very recent, but there's a reason AD is the way it is when it comes to all that. One thing I like about T is that IT people are good at helping each other and share knowledge. I like to encourage that. They're not all that way. And there are certainly some evasive IT people that I really don't like. I even, I've met some of the local IT people and I just, I'm turned off by people who when I start just talking shop a little bit are extremely secretive. I called someone out on this. They came and started a discussion in a private, it was a private forum, but it's public because there's like 4,000 people private because you have to ask to join, but whatever. I'm having a discussion and they came to crap on a product and talk about security of that product and what they didn't like about it. Then I comment, well, what product are you using? Because all products work this way. It was a way that AV systems handle security. Oh, I don't talk security in public forums. I'm like, but you're talking security in a public forum. I hate people who are evasive like that. They come to complain, not be helpful, tell you essentially, I'm better than you, but what are you doing better to me? Can't tell you, I'm just letting you know I'm better than you. There's too many people like that in IT and call them out. Don't engage with those people. Tell them they should change their way. 240 watching, please hit the like button. Yes, do that, absolutely. Your vid's been great help from Sunny Sonoro, Sunny Sonoro, Mexico. I may not be pronouncing that properly, but awesome. No Zeros is not open-sourced, it is a commercial product. I do use Sericata and I have videos on Sericata. No suggestions for Red Hat, sorry, in LDAP. I don't do a lot of, I mean, we've done Windows LDAP integrations but not particularly with Red Hat. Any chance of a video on secure boot? Nah, maybe. It's low on my priorities, maybe eventually. Another, this is why I do these live streams. The biggest reason I do them is the Q&A. So fire off, I like the Q&A portion of this. I just throw a bunch of stuff in a tile. Please note, there's a lack of a script in front of you right now. The script is, you got questions, I got answers or maybe point you in the right direction or maybe just say, I don't know. I'm gonna answer honestly no matter what. What kind of laptops do you sell? I love Lenovo. I really like Lenovo as well. I'm really happy with them. Someone immediately is gonna start, what about open frame or whatever? I think they're cool too. But what we have a quantity of accessible laptops that we have to deploy to clients, Lenovo's been a pretty much, they're just easy to deal with. So they've been our go-to lately for all of our deployments. Cause once again, we manage clients dispersed across the US. Like their businesses have employees everywhere and sometimes we are tasked with the fulfillment of getting those laptops configured, set up and physically shipped to where they need to go. Lenovo's been our go-to for a lot of those. Love that shirt, 45 dries. Yes, they are great. We do love it. Preferred Linux distro, pop OS. That's what I'm running on my desktop right now. I do really like it. What to use to manage encryption on client endpoints, BitLocker. What about open frame? Of course open frame, it's a great one. How do you make the chat app pop up on your screen? I'm using StreamYard. Here, we'll give you the recursion version. So you switch it and... Recursion version of it. There we go. This is what StreamYard looks like for me. This is what I'm looking at when I look, when I look just this way, I'm looking at the screen. Dell R250 Home Lab. PF Sense Overkill for VM Overkill. What's your opinion? You can't have overkill in your lab. Just keep putting things on it until it's slow. Yes, I did. For those of you that were following, this is how I know the people that follow me more. Did you get ahold of the whiskey? I got another one too. But yes, I had acquired several of these smoky. They're so good. So good. I use little laptops. Put the function key where to control p... Go into BIOS and flip it. That's, yes, I agree with you completely. The function and control p's are in a wrong spot. Lenovo fixed that. Or go into BIOS and they have an option to swap them. Saves you a lot of trouble. Can also watch Lenovo Salad laptop, especially the Carbon X series. Yes. Lenovo and T-Series, absolutely. Do you come across any Solaris and have to manage it? No, not in a while. Systems probably didn't want to admit he was using McAfee. Oh, no, no, no. We're not using McAfee. Will you do more videos with Xavier? If Xavier had time for videos, literally, if you look in my phone, I talk to Xavier exactly, what time was that? History. I can't show you the history. Well, I could, but it shows phone number and then he would not appreciate that. I talked to him yesterday a couple of times and then I talked to him a few days ago, but video-wise, no. Unfortunately, he just doesn't have time right now. He wants to. He says he wants to get back in the content game. He's working on some amazing stuff, like for what he does, but this is the good and bad. Xavier works for very large companies doing penetration testing. Therefore, he would love to talk about things he can't talk about. He is doing, we talk about it and things like that, but his NDA agreement for where he's doing things and it's just some really cool stuff. They're products you've heard of or maybe even using it right now. You can feel confident that Xavier is giving them very thorough penetration tests. So, but yeah, he doesn't have time for any videos. Yes, that's a true answer. You can reverse. Oh, good. Some other people know seeing it. PF Sense are open sense. I go, PF Sense. I got a video on that topic. Hey, thanks for your videos, your opinion. Zero tier versus wire garb versus tail scale versus W. Zero tier and tail scale are going to be your two easiest ones to use, but they're all good products. You did a video on TP-Link knockoff or beautify one of your thoughts on that solution today. Home user stuff, I wouldn't put it in businesses. First, gonna slap a faster drive in my UDM Pro. I need an NVR, but they're impossible to buy here. Yeah. Yeah, that's a challenge right now for a lot of people. Thanks for all the advice. Awesome, much appreciated the donation. You are filtering PF Sense? Is it advisable? No, it is not advisable. It's a headache. There's a long discussion in my forums on that topic. There's lots of discussions on that topic. It's a headache. That's all there is to it. Hey, awesome, seeing my talk with David. That's great to hear. We pay a fortune for you to find cameras, haven't been able to get them in your two years. Yeah, they're very shorthanded. We've had to slow down all the deployments because can't get them. Still laptops here, but mainly as I had tons of them over time and power supplies. Whiskey. Yes, you can swap them, Travis. It's great. How to update, upgrade all apps on tune and scale. Not one by one. I don't know. I won't, from the business use case, we never use the apps like that. Pretty much the businesses don't use them. It's great for consolidation in your home lab. I don't know if there's any way. There probably is a way you could script it. I don't know. That would be in Google search. That's something Tom's done. What do you use instead of Cisco and Monoq for small business? We use Unify and PF Sense. Hitting the max is $0.78 on PF Sense with decent hardware, all services fault. Start digging. The protocol you're using. Look at that. I think I have a video where I dive into some of the differences in protocols and the speed that they may offer. Set a Saturday morning cartoons to get to watch Tom as an adult. Yes. I'm a little animated though, right? Eh, eh, okay. Ever used Blue Iris? I know people using it. I've had a lot of people complain about performance problems with it. It runs on Windows. There's my reason not to use it. I don't have a reason other than that not to use it. But for, like, if you want to use it, I don't know anything wrong with it. Is wire guard okay to use? I'd go, yeah, I'm using wire guard. I like it. Can I bypass my ISP's fiber grade? We can go straight to a UDM Pro and Necki. That really depends on your ISP and whether or not they allow that type of connectivity. In your experience, what is limitations of the EMS file system? I heard pull performance drops when it reaches about 90%. Well, 90% fall can be a problem with any file system. Including ZFS. So, yeah, that's obviously an issue. If you plan to fill it up to that 95% mark, you're gonna have lesser performance and lesser abilities for all the features because there's no room for anything. So that's probably, I don't know if that's really a limitation of PF sense. You can insert names of other file systems that will have problems that too. Maybe not the same. Like, you can't snapshot if you don't have room for a snapshot. But the other side of that is there are no snapshots in other file systems. So maybe ZFS would be described as a normal file system at 95% full because you don't get those fancy features. But it still has all the other great features. Have you tried ASUS store NASs? No, don't have an interest in them. Oh, okay. I can recommend you the, I'm not sure how to say that. Port Sherlock 10, it's smoky. Okay, I'm gonna try to remember that one. Hey, how's it going? It is going well. Same speed TCP and you wouldn't want it TCP. You definitely want it UDP. But you can also look at what protocol you're using to encrypt it, try different under open VPN. You can choose different ways, like different AESs, CBC, and I have a video where I broke down which one's the fastest. I referenced my own videos, by the way, because sometimes I can't remember things. Would you use TrueNAS Enterprise Environment? We have actively installed and are consulting with companies in the Fortune 1000 list that have servers using TrueNAS. This is not uncommon. We can't say their names under NDAs type stuff, but yes, very, very large companies in the, I don't know how to describe other than Fortune 1000 in the Enterprise space are definitely using them. Well, I think one of them is in the Fortune 500. That yes, they're absolutely, we are a reseller of TrueNAS. We have put these in some very large environments. We resell IX systems hardware for some of the high availability TrueNAS systems. I mean, we've built some of these $100,000 dual systems. They're amazing. They're awesome. Yes, they're used in Enterprise. Certainly home users aren't paying $100,000 for these servers. I'm a new tech CVG, moving on my VMs from VMware. That's why all the questions XCVG. Big issue is secure boot on a couple of servers. I have learned from all years. Yeah, I just don't use secure boot much. So I don't know. I don't have a lot of opinion on it right now. It's a newer feature they've added. I just haven't taken the time to dive into it. Thanks for all your contributions, tutorials, recommendations and opinions. Awesome. Thoughts on the sand versus an ass. Do you need a sand? Do you need an ass? Get the one you need. I don't, that's not a, if you want a more in depth answer that you probably ask in the forums or, I don't, it's a very vague question. Do you need a sand? Can you afford a sand? Do you have all the tools you need to build your sand affordably and reliably? An ass is what's in your budget. I mean, it comes down to budget with any of these things. Sands are great, nothing wrong with them. But can you afford all the redundancies and building it all out and all the complexity that comes with it? Does it require whatever you're doing a sand to be able to be built? So that's, it's kind of a hard question to answer. Do you prefer a very large freight liner truck or a Dodge Ram truck that I have? It's kind of very different use cases. They will both take me places. One will take me there and be able to haul 50 extra thousand pounds. WireGuard versus OpenVPN for home. Oh, I like WireGuard for home. I even have WireGuard. I've talked about this before. I have WireGuard on my phone. I can show that. Go WireGuard, Tom's house. This is how we connect by phone to Tom's house when he's not at Tom's house. WireGuard for home is great. In the process, working with a big enterprise customer of mine was acquired. Awesome. Do you think BBS is a survival option when the internet goes down? Not really. The internet doesn't usually go down too much. And BBS, I mean, how are you gonna connect to it? People aren't running dial-up systems anymore. How do I set up Unify, Inform, URO, PSS, GCP, Auto Detect for the controller? Can you share a syntax? I don't have the syntax for it. I've not used this as an option, but I may do a video on it because I know people who have used it and set it up. I don't remember the syntax in my head. There is a syntax as a specific DHCP option, but I think there's more than one way to do it. So I actually want to, at some point I'll do a video on it, but I don't have one now. You can do some Googling. You'll find it. The answer's out there in forums. Is there any definite way to block traffic? Traffic blocking in PF Sense is not easy and just difficult to do. Have you used Windows Server Remote Access much or do you recommend OpenVPN Access? So Windows, RDP type servers are fine, but we usually put them behind OpenVPN. Gateway bypass question. What question to ask ISP? Can you use your own gateway is what you're asking. You ask if you can use your own router and directly go into it. Will they give you the information for that? Message from Jay, LearnLegsTV, ZFS is surging, drives is approximate. Lots of memory enterprise software. I don't understand the question. Unfortunately, proper TrueDancer PF Sense is hard to get. One of my clients is in MX, so hoping to find a snap one up. Okay, I'm in the process of starting to work with big enterprise for the first time after a small customer line was acquired, head of the network, never heard of WireGuard. I'm shocked. I'm not, if there's a place where people get so pigeonholed in their job and stay there for a long time, it's a lot of the enterprise people. So there is some people there that, there's two different types. There's a type that are like they're blinders on and they're focused on their job. And this is fine, they should be. But they're self-aware enough to hire people outside of their company to consult with them. I like those people, those are great. They're highly focused on their internal stack and they know when they need a project done, they reach out to consultants. Then there's the other ones that they know only what they know and set things up the only way they know how. And sometimes that includes a person who was super insistent that internet explorers should be used and no one should use any other browser. And that was last year they were recommending that. So yeah, you run into all kinds of people in IT that will sometimes have you scratching your head. Once I can finally have a decent NAS storage, hopefully I can follow with XCPD and move the VMs. I have my laptops, cool. For a newb, I don't know. I don't have enough comparison. A lot of people do like Unrayed. I'm partial to TrueNAS. But somewhere right here below it says I prefer Unrayed. Oh, these are the tough ones. I like CPNG, Snapshots. Can you rename the description? Yes, you can. If you take a snapshot of really any VM and we want to go to the snapshot. Hey, look, before I was testing it with CrowdSack, if I want to rename this too, we'll take even a new one. So new snapshot, yes, well, YouTube, right. Tube, there we go. You can rename on whatever you want. So no problem there. I don't like Windows Server RDP outside of Firewall literally. Yeah, there's been some big flaws found in it too. There's a reason there. There is no central management native for PF Sense. Connecting TrueNAS nodes at 40 gig, can you do high availability storage? No, it's not TrueNAS itself. You have to get one of the IX systems hardware to do high availability storage with it. So it's, but TrueNAS scale is building out GlusterFS storage, enterprise networks where so many great ideas go to die. You're not wrong. When a company banned and put into VPN tunnel with 2FA, unlock first, then it would open from within the corporate VPN network only. Okay, since cell calls are almost completely void, the internet goes down, nobody's going to be using dialect modems. This is very true. For what I know, the Unify uses host Unify domain as default. I guess you just need to set Unify DNS and Unify control. Yes, that's another alternative that I want to talk about sometime in a video. Let's see. Thanks for all the educational content. Do you recommend dedicated hardware for PF Sense? Yes, I do. Low budget recommendations. What do you can ever get your hands on? Internet Explorer, oh, I know. There are, there is a third type as well. I ran MSP for eight years, MSP for 15. We sold out to a PE firm three years ago, decided to go private. This go around and I'm loving every bit of it. Yeah. Network Competing Magazine is a good source for industry insight and around since the early 90s. For a new one of the ready-built devices, Synology may be a good option as well. Yeah, Synology's got a lot of functionality. It just depends on how much of the nuts and bolts you want to put your hands on for things. I don't know what fiber SAN has to do with security. Granted, it's, if you're doing a network for your storage, there shouldn't be anything else on it. It should be dedicated. That's why I said that. I know there's security implementations of it, but implementations of the way you set it up. But mostly I prefer standard networking over fiber SAN, but work with whatever you want. I don't know a reason not to use it. Say you have a bunch of, sir, you recommend for web management. I don't understand web management. Like filtering it? I got nothing on that. I'm not aware of any PF Sense, I don't use any PF Sense sexual manager. There's some third party companies out there. If you Google, you'll find them, but I don't know anything about them. Like I don't use any of them. India has lots of IT, thousands of IT companies, any plan. I don't have any plans to go to India. It's not on my list. I don't really travel overseas though. So what's the worst software encountered? Oh, I don't know, there's a lot of them. Windows. Well, maybe not the worst, but Windows is definitely some of the old versions, especially. I have a project coming down to line balance. Would you Dell, VertX with sharing storage but it's your NASA, where's the, I'd go to your NASA HHA storage. Is there a way to generate wire guard QR codes for faster deployment on PF Sense? Not that I'm aware of. There's probably a way you could do it. I just don't know how. And experience the Juniper. Juniper makes some nice stuff. I don't use a lot of them, but you can use them. They absolutely support VLAN tagging and all the fancy features you're looking for. Looks like PF Sense can be used with CrowdSec now. That is, I'm working on a video for that. So yes, it's not fully, it's still, I've tweeted it out. It's something you can find out there. It's a very new process. I am working on testing that. Do you know you open source software for remote assistance like TeamViewer? I've not vetted any of them. I think there's one called, I think it's OpenMesh. I don't use any of them, we use commercial software for that. I wish it was a great one, but none of them instill great confidence with me for doing remote support. Thoughts on Trunance prefers ECC. I think I have a video on this topic. ECC is not required. And Intel, Nick, not really, you can use, I have, and this is right for my systems. When it comes to the 10 gig and SFP cards, Chelsea IO are popular as well. P.F. Sense, what do you use to manage? I log into it. That's how I manage it. Webman versus Cockpit. Not really, there's still, I mean, there's been more things from the 45 Drives team, from Cockpit. Like they keep enhancing, they call it Houston UI, but it's all the enhancements they put on Cockpit. So Cockpit has, just follow 45 Drives YouTube channel. They keep adding more features to it. HP T620 or T730F eBay. I have no, Jeff from Craft Computing has a video on HP servers. I don't use HP servers. I wouldn't hold my breath on, yeah, P.F. Sense offering central management. Open source ITSM solution, IT service management tools, like what? That's a pretty broad word. I guess I don't know exactly what you're looking for. So the answer is no, I do not. Oh, SolarWinds and those things, these things. I had to Google that. We use, I don't anything open source. So I got nothing, I'm not saying it doesn't exist. I'm saying I don't know about it. Thoughts on guacamole, VNC, connections for internal, I don't use it. So I don't really have any thoughts on it. If you like it, I don't know any reason not to use it, but I don't have a use case for it. P.F. Sense, good for dual way and failover. Yes, I think it's great for it, but I think I have a video where I explain the difference between failover and SD-WAN because there's a lot of confusion in that market. You can do it though. Yup, central management without additional security can be single point of entry. Oh, absolutely, this is one of my big concerns. Synology versus QNAP. Oh God, Google my channel for QNAP and that way I don't have to queue up a rant about QNAP. I already have a rant about why not to use QNAP. And since my video, QNAP has even admitted to still not having some of the Linux vulnerabilities that are well-documented fixed because they're slow on getting firmware out. For all the Ruba switches reliable? Yeah, they are. Have you seen any Chinese servers like? No, I have not. Greetings from Sweden. CyberPower UPS and QNAP Ness. I don't know what the question is. CyberPower makes a good UPSs, they're decent. Synology over QNAP. Yup, I can't show the other comment but someone did have some profanity to add to their thoughts on QNAP. I'll agree with profanity should be put in front of QNAP or after or during its usage. That is correct. Aruba is HP. Let's see, what do we got here? Let me close all these crazy windows I have open. Oh, we can even go back and delete this. So, hold on, I have to move. Well, I don't feel like moving my head. You get the idea, there's a delete button under my head just like this one here. We're gonna remove the snapshot. I had my lab pulled up so in case people wanted to see some things inside my lab but nonetheless, here we are. There's a weird delay I see like that. So, all right, back over to here. Does HP stand for horrible product? There's a chance. Here are thoughts on ubiquity dream machine firewall rules. They're basic. That's the problem with the dream machine or the ubiquity routing equipment in general is they just have very basic rules. People that want really advanced things can't do it. How long have you been live and what are you talking about today? What I'm talking about today is probably in the description, which really is Q&A is what we're doing today. Use PF sense tool when increased house fees at worth it, would you need to connect to remote VPN user properly? This is where people don't understand how streams and bonding things together worked. You can't just get dual is because of the way TCP streams work they go out one or the other. You can round Robin your connection from a device to go, I have my YouTube stream over here in my Netflix stream over here out the other port to go to this device because of policies you're written but that doesn't mean you get the combined value of the two streams. Bonding is much more complicated topic than that. If you reach 500 K subs, would you move to YouTube full time? I don't want to sell my business. So I already do YouTube part time in my business part time and I don't plan on changing that has nothing to do with subs. I've talked about the money I make from YouTube and it's quite enough to pay my bills but it's not the only thing I do and it's not the only thing I wanna do. My business is where I get to do all the consulting and then I bring knowledge from all the things I do in my business to my YouTube channel. So I don't really plan to change that. Well tool to use for remote management of infrastructure or something like, I don't do any Mac management, sorry. We use Ninja one. I've got a video on that topic. So look up Ninja one review on my channel. P.F. Sense with triple-wan, awesome. Failover works like a charm. Yes, you can do, we've got clients with some very complicated configs. Yes. HS120 silent us. Okay, I don't know what that is. What are you self hosting in a moment? Lots of things. We host invoice Ninja. We host Unify. We host documentation and Windows screen connect server we host Zabhics and all kinds of stuff. Bitwarden, we host Spitwarden, we host Greylog. So, there's a few of them. Someone says option 43. It's called, I know it's called option 43. I don't remember the syntax for it. Linux has software, you nut. I think if you look at another YouTuber, I'm trying to remember who it was now. They did a whole video on nut, which is great. Do you think a cloud major SD WAN provider will be hacked in the future? Of course they will. And brick all the SD WAN size customers seems likely. We've watched lapsus just slaps us around. That's been jokes and bad puns I've come up with. But yeah, it's just a matter of time. A lot of these companies, no one's shocked every time we find out these companies don't have good Opssec. It's hard to maintain Opssec really good at large scales. And we're constantly finding out more companies that don't do it right. Ah, yes, Ninja 3000. Yes, the April Fool's jokes. Yeah, this is the thing. Me and, when we were having a frank conversation, me and David, so, you know, obviously me and David talked, we did that video on PF Sense. You can find, you know, Tom talks about real world PF Sense users by David Boomble. But we talk a lot about this. And one of the things that I try to bring is my business experience, my real world use case of it, of whatever it is I'm talking about. I don't talk about things that I reviewed, I unboxed and said, look, isn't this shiny and pretty? I talk about things maybe that I've deployed and put out in the field at scales, working at these businesses, so I can give you direct feedback for what it's really like to deploy them, which is why my use cases are so much different than many of the HomeLab uses, because this isn't based on a HomeLab experience. I like HomeLab stuff and I encourage people to get to it. But a lot of my experience comes from not Tom running it, but Tom configuring, consulting, and setting up any large scale company. Do you know any good web panel software for Windows Hyper-V? Nope. It stopped there, don't know. Well, I'll read the rest of the question. No, definitely not. Is there a Silent NAS? The Silent NAS is a QNAP device. Oh, I don't like QNAP, so. What distro are you hosting for Ninja? The new invoice Ninja is Ubuntu. That works really nice. What would you replace UDN Pro for the moment I've got a TP-Link Omata because it was cheap? Yes, it is cheap. I impartialed a PF sense in case anyone didn't know. Techno Tim, that's it. Techno Tim has a great video on Nut, so watch that video. How do you host Bitwarden, VM or container? Oh, virtual machine. I like independent virtual machines. People say, oh, but it's so inefficient. You're running full virtual stacks for things, and then there was a giant bypass that would let the potential escape for Docker. Yeah, when you're sharing a kernel, you are sharing a liability between them. So I like the fact that I run things self-contained in their own VMs. They don't take much horsepower. So, I mean, it's not that there's no need for Docker. Docker is great for certain use cases, especially if you have this much hardware, this much demand, Docker's gonna be more efficient to maybe your workload. But yeah, I run most things independent. Products under the PO Census Port WireGuard, untangle. No question, just wanna say hi. Evan, great job. I think I know who you are, and I believe you do a lot of really solid write-ups on ubiquity equipment. So I've seen your posts before, and I feel like I'm talking about the right person, assuming you're you and not an impostor of you. But yes, good job on those. Not a question, but wanna say hi from the UK, awesome. Wire where you can, wireless where you can't, yep. It's going fully static IPs, any benefit for security, tied to MAC addresses and there's a security tier. Everything makes it one step harder. By tying, if you see an IP and a MAC ever become disconnected, you know something's going on. So, nope, I don't plan any videos on multi-path TCP. Synology, VM, four cores, eight gig memory. Hey, awesome, glad that helps. Dockers not secure. Windows Admin Center. Unify is on Debian, yes. Greetings from Portugal. Good replacement for EdgeRotter 5 PoE. I like the Unify stuff. Do you think configuration for M6 drive retention data governance is better than backup? No, I mean, you need to back it up. You can't trust Microsoft to do that. That's not, don't trust Microsoft to be the only ones that do the backups. Hopefully that helps. So, back up the Office 365 installs. We outsource pen testing. We don't internally do pen testing. Not for clients, we outsource that. Have you heard of the untangled disk I bought, talked about that earlier? Thanks, yes, that is you. Your channel's been a great resource for those, awesome. Thank you very much. Some wildcard search and individual search for HA Proxy. I like wildcard search, makes my life easier. I have a video on that. Setting up a network to be HIPAA compliant. I don't feel like talking about HIPAA compliance. It's aggravating, but compliance and security are not the same thing. If you set up your network to be secure and you follow the best practices, go through the HIPAA checklist. It's not really the network that needs to be HIPAA. I mean, have you separated your management from your users? Like the ability to log into a firewall should be on a separate network than where the users are wandering around and where the phones are and where the interfaces to get to the phones and things like that. So it's not like it's the overall security posture has to be compliant. And why stop at HIPAA? Go all the way up a notch and think about how you want to deploy things in a secure manner. If I could change anything about PF Sense, what would that be? I don't know. Based on the comments here, I think the most common requested thing repeatedly in this last hour and 39 minutes has been, does PF Sense have sexual management? So that's obviously the most requested feature. You have the fine print. Oh, I'm positive their legal team has fine print. You gotta remember Bill Gates is a law school dropout by the way that Microsoft has maintained our monopoly not through good software, but through good legal teams. In case anyone was unclear about their market monopoly. Their monopoly is not sort of supported by the best software, but it is definitely without question supported by the best legal team on earth. Switch-wise, US Light POE is stocking, that's good. We don't use it so that our Synology can back up. And yes, we use Synology to back up Office 365 and Google, works great. Paying $300, $400 for an updated automation, remote access worth it or should software remote access from my phone, huh, updated automation. I don't understand the question. The cloud is just someone else's servers. You prefer to build your own servers, gain controls, security updates. It kind of is a both. Do you do infrastructure as code or do you mainly manage the clients? Infrastructure, did you consider it in the longer being cost effective, a certain number of clients? That really depends. Infrastructure as code really comes down to you need to use Terraform to define out all their servers and things like that. Is that something you need? It's not a matter of cost, it's a matter of how much time do you put in setting up servers? Would your time be better spent building automation with a tool like Terraform to do these deployments or are you deploying them? Is your job to deploy lots of servers? That is really, it's not a question that has zero to do with the number of clients because we have a client, for example, we manage like 36 servers because of the way they do their development. They have a lot of servers, a lot of development stuff on there, but they don't have the users that you would think a company with that many servers has. So the question isn't that. The question is, what tool would save you time? Are you defining and building out servers? Should you write an Ansible script to help define them? Should you use a Terraform script to integrate with XCPNG to deploy them? Those are the questions that drive the answer. Do you use Ansible? Not much, very little. You gotta remember, so much of what Tom does is manage lots and lots and lots of Windows desktops and servers. Someone's gonna find out, well, you can kind of use Ansible for them. No, you mostly use PowerShell to fix dumb Windows problems. PF Sense set up a home lab, I just need to reset my hardware as it failed. Back up your configs and resetting the hardware becomes easy. Access computers remotely, we use ScreenConnect. Microsoft can be monopoly because of piracy. Do you think Ubiquiti ever upgrade EdgeOS IDS capability? Nope, I don't think so at all. I doubt it. Microsoft Windows is free in China because they want to own the market. Do you recommend Raspberry Pi's for the home lab? Now for NAS, they're not really well performing. They're definitely, you can get some decent performance but it comes down to there. No thoughts on the cloud, I don't use it. So I don't use the Cloudflare tunnel feature so I don't have a lot of thoughts on it. Is there a cost effective way, back up your M3 studies, yeah, is it cost effective? Yes, I think so, but that comes down to there, so yes. Thoughts on SASC with Zero Trust? Zero Trust is my favorite buzzword that comes up a lot. Everything's Zero Trust. Some company said there's Zero Trust solution but I really looked at it and said, you say Zero Trust but I still have to trust you because you managed to control plain. I was just, it was a stupid argument and I don't know why I was doing it because someone was wrong on the internet. They told me there was Zero Trust but when I looked at how they implemented things I'm like, well, it requires us to trust you. So I guess you're part of my Zero Trust. Now we have the question of, I see Zero Trust but who's in that Zero Trust? We have a Zero Trust boundary of what? You trust other people so the number's not zero. That's why I think it's a dumb word. And maybe I'm just rambling about that but do other people have that same, like if I say Zero Trust, I don't trust anything else but you're saying I do trust all the things within my Zero Trust. Okay, then why don't we just call it a trust bounty? What's the word zero have to do with it? I don't know, maybe I'm ranting on this one. Maybe someone can prove me wrong. If you use a Pi compute modules, I have not. EdgeOS and BIOS, if you want to use software that continues to be developed, that's true too. Everything is Zero Trust but some more zero than others. There we go. So okay, it's not just me, right? Active backup for business is not a separate cost but backing up offsite will always, yeah, they don't, Synology doesn't charge you license fees for that. You buy the Synology device that has the office backup on there. It's up to you to provide the storage and bandwidth is bandwidth. Are you paying for bandwidth? Or are you, you're always paying for bandwidth but are you paying per the amount of data you pull? What's the caps? Those are other questions. Zero Trust is snake oil. Sure, we'll go with that. It's called Zero Trust because no client trusts that are given access without authentication. Okay, but you're just saying people within my trust boundary. What's the zero have to do with it? Because it's a number above zero if you trust something. I only trust myself as Zero Trust. I trust this YubiKey is not me and the YubiKey. I trust logins and I trust people to manage the logins in the middle. Now you're extending it out further again. Zero Trust is marketing. I think it's called Zero Trust because see, I think it's, and this is, you're not the only one. When I call out vendors on their security, they start trying to explain it and there's not even a common definition they seem to have. So Zero Trust means trust no one. That makes sense, right? And C2 is effective for, yeah, C2 is actually a good price. I've talked about this before in the past. I like C2. Oh, people like hearing it. Don't get me wrong. People love hearing Zero Trust. We're building you a Zero Trust solution. They're usually just like, yeah. People are excited. It's just like, yeah, Zero Trust. Zero Trust, I thought it meant third party has Zero Trust that can be authenticated with something about getting useful information, mathematical proof. And this is where I see lots of security vendors. VPN and mesh VPN style vendors one that I was ranting about the other day with some friends. I'm like, they control who gets on your network. The trust isn't zero. They're like, oh, our tool, and in Tailscale as an example, is Tailscale a Zero Trust platform? If someone gets a hold of the Tailscale management interface and you're not hosting it, they are. Tailscale hosts the management plane, the control plane, if you will, that adds nodes. And you're going, I only trust these nodes and someone logs into your Tailscale control plane and goes, you also trust this node. You just broke the trust boundary because you can add nodes. It's not controlled at the node level. Now they say it is because it has to send a signal to the nodes that they're done, but the system at Tailscale is the one sending the signal to the nodes of who to trust. This is the problem. This is matter of fact why Nebula was developed. So I am friends with Ryan who developed Nebula and I think is it defined networking? Anyways, his company, I've done a video on Nebula. The reason Slack uses Nebula is because Slack says Zero Trust to them means no one outside of employees directly employed by Slack get to control the control plane of how you access our servers. That's how they define it. And they said, you know what the problem is with these other tools? There's a control plane that does not run inside of Slack. So they developed the tool, which is Nebula to integrate all their backend management without trusting third parties. It's as simple as that. To me, that's a platform that I could understand the definition of, I define Zero Trust here at Slack as we don't trust anyone with our management control plane of our servers outside of Slack. Cool, we have Zero Trust for outsiders. Great, now you said Zero Trust for outsiders. You have qualified and identified how we identify that. I think that's great. Zero Trust is trust me marketing. Yes, absolutely, absolutely. That is, I think Veronica nailed it there. Do you think Unified will support WireGuard? I don't know. They don't have a roadmap. They can say it's coming. I don't know what it will look like. So I don't have an answer for that. If you lock down a resource by restricting its access to tail scale it's design fall you should need some other form of authentication as well. Sure, absolutely. Can you only run Unified Protect through your big hardware controller or can you run it through Docker and connect to cameras? No, it is Unified Protect. There's hacky projects that someone may have extracted the software to try to run it, but officially no. There's no easy or defined way to do it. EdgeOS has a plugin for WireGuard, not official. Where can I get Nekgate from these days? Good luck. I don't have an answer for that one. Yes, it is in the kernel. There's hacky ways to do support on them for, you know, there's ways to modify config files and things like that, but at that point you're paying so much for the device and now if your goal was to put the device in for that single pane of glass you end up breaking that pane of glass when you start messing with the config files. Advice for learning PF Blocker? I have videos on PF Blocker. Waiting on a 6,100 for months. Good luck is right. Yeah, I don't have an answer. Supply chain is a problem. Yeah. Xeon Core or Ryzen? It depends on your budget. I mean, don't get me wrong. We have a Ryzen server we built. It's a weird delay. What is in this? We have a Ryzen. There we go. We got this one right here. It works. We're using XEP and G on it. So you can use one. I like them. Comes onto your budget. You know, this is still one of our more performance servers we have in here. And this is a Xeon E5 V3 2.5 gigahertz with 48. So we have a lot, 48 processors available and 128 gigs RAM. This one's a little bit more performance than the other one, but both work fine. Now, the support for Ryzen can be a little bit more. They've gotten better. I've not tested all iterations, but obviously Ryzen support may be a little bit more dicey. Plan six months in advance for ordering them. Yep. I'm a student of South Africa. I'm not sure if I should get a degree in Complete Compte History, which are thoughts. I don't know the market where you're at at all, but getting certifications, if you're not sure, are at least good. It helps employers understand that you've gone through some level of training. How is the ubiquity UISP stuff different? The Unify line works in the Unify controller software. UISP is a different platform. My CPNG is running a Ryzen 3,600 with 64 gigs of RAM. Runs great. Yes. The Ryzen stuff, like I said, it's solid. We will take a moment to mention right here. Go ahead and press the like button. I just want to switch to this. Mention that right there. I do like when I see some more like buttons pushed, so if someone could do that, it helps the YouTube algorithm know that this is good content and people should watch it. We are driven in our lives by these algorithms that drive us and control us. It's the matrix, but it's our choice. Kind of, I don't know. I am going to wind this down. We are coming up on two hours, so I'll give it seven more minutes because as I said earlier, I'm going to go outside. It's actually something I do once in a while. I leave the basement and go do things. So smash that like button. Yes. Hey, Tom, hope you're well. What's the Homelab show episode that you had the most fun doing with Jay so far? What did you learn the most about? I don't know. I liked them all. I love Q&A episodes because I like interacting with people like I am right now. So yeah. I don't have anything against the risks of switches. They make nice stuff. What is outside? I can even take people outside on my phone if I wanted to. I can transfer this live stream to a phone and then go from there on it. Yes, motorbike time. No doubt. What resource do you use for Blacklist? The default ones on PF Blocker. Have a great weekend. Awesome. 45 Drives looks like a new series. Yes. I will be doing some videos with the people at 45 Drives too in the near future. Budget, HAE, ice-cozzy storage review, or else, Synology? Sure. Synology's a good budget stuff for that. Can I run PF Sense on Fujitsu S720? I have no idea. I don't know the answer to that. Gotta love StreamYard. This has been great. Awesome. I mean, I can always take the phone outside but I don't know if people really wanna see outside. So play that one, but I don't know. Maybe I'll do an outside stream at some point. I don't know. I don't know if there's any value in that. Do only 45 Drives because it's an odd number. Get the XL60 model. It's an even number. You can put 60 hard drives in it. Actually, more because you have a little backplane area. Thanks for the Q&A. Hey, I'm glad I can answer questions. You would go outside with a stream. Always enjoy your contents with GPS Sense TrueNAS. Going to build TrueNAS hardware setup for the first time. Turn up the best. You know, I'm curious. I'm curious because then in the stream, how could I get this to my phone in an easy manner? Can I message myself? Nope, but I can do this. So if I did this and pulled up this and sent a secure note to self, note to self. I'm just curious what it looks like when I transfer to my phone. So let's see. Go here and go here and go here and here and here and here. Working on phone transfer. Allow, allow. Display main. Tom's phone. All right. Okay, now on my phone. Let's see how this works. There, now we should get rid of any echo. Here in the show, how do I pull up the chat? Can I pull the chat up? Private chat, comments. That's not easy to do on here. Boy, is that close to me. I wonder if there's a way to make it further for me. How does it work on my phone? Does it work pretty good? All right, please stand by. Rift headphone user, sorry. Mobile Tom. You know, I can walk around my house now. That's the other cool part. So should we wander around? Do you guys ever wonder what it looks like for the rest of the area that I live in here? Is there a wider setting for the camera? Why? It feels like it's zoomed in. I feel it's way closer than it should be. Let's go here. All right. So, yes. I mean, there's still a bunch of you here so I guess I could do this. I should probably, hold on, let me take the comments that are on display off. I don't really need those comments on. What else? There's that. Is there anything I can do? So, no, why is it so? I guess it's just that close. I'm seeing if there's a way to switch this in StreamYard. There appears not to be. So, here we are. We're gonna go for a walk. Well, first you wanna see, here, stepping away, that's what the studio looks like. Actually, it's gonna cool so we can see where it's from again. Let's use you what I'm looking at. There's all the chat on the side there. Can I overlay the chat? Comments. Camera, sitting on the phone. Yeah. You know, I'll only chest that real quick to see. I just wanted to go wider in the settings in my camera. I usually thought there was a way to go camera one front facing, but it doesn't have any options. It just says camera front facing. It's the only option I have. So, nope. Like it's unusually, we'll have to do this. I'm only gonna get my selfie stick mode. There. That feels a little better. It looks better. I didn't want my face just taking up all of it, but give you an idea here. Wider angle of my studio. Come around the backside of it here. Window. This is my egress, because I'm in a, as I said, I'm in a basement. So, hopefully there. Let me turn more lights on. Hey, Cass. Hey, Hannah. Hey, Hannah. I'm doing a live stream. This is the other part of the basement. It's not finished. It's close, but not finished. I've talked about this a little bit. What else do we have? I gotta figure out how to pull the chat up at the same time and read that. Servers. This is, that's the studio computer where all this data is flowing through. That room's not finished either. Let's pull the chat up. Will it scroll the chat for me? Ah, yes. They keep me locked downstairs. Yes. So that's a, we'll go upstairs. Hey, Cass, I'm trying to, I'm bringing a live stream upstairs. Is that okay? Oh, I have a grand kid. It's here. I wanna see if I can transfer the live stream to my selfie stick on my phone. So I did. So, cool. Yeah, tech caves. People can see my house now. Yeah. Daughter, grandchild in the background somewhere. I wanna see them go all the way outside. Oh, your mom's still not here at all. Oh. Yeah, I'm old. I did say grandpa. This is what my plans are today. I've got bicycles and motorcycles and will it reach all the way outside? There's the, we're not gonna stand in front of my house, but you can see through my garage. I'm gonna go back into the house because I'm not wearing a jacket and it's not quite that warm. That's cool. This works. All the way back downstairs and into the studio. Then, and then we need to, oh, how do I switch it back? Which one's me? Is it? That one's me. All right, you gotta, couldn't exit it fast enough. Sorry. Couldn't get out fast enough to fix that one. So, all right. All right. Well, that's a way, we'll set this down. Though I am in focus. That's the way to end the stream, right? So, all right. I've wandered all down. I chased everybody away. Now you gotta walk around. We know I can do it on my phone now. I wasn't sure. So, yes, power tools and everything. Yes, I'm a grandpa. Nice home studio. Thank you for everyone who joined. Thank you for those of you that wandered into my garage with me. It's that's, this is a Pixel 6 Pro as far as phone goes. I like this phone works really well for doing the silliness like I was just doing. Motorcycles, yes, got that too. All the fun stuff. But thanks everyone for joining. Awesome having all of you. It was great. And I will do this again soon. Saturday was definitely a lot of fun. A lot of people on there. So everyone have a wonderful weekend. Post in the forums if you want more in depth responses and questions and not a bunch of quick answers from Tom. I take the time to hammer out answers in the forums that are a little bit more articulate. Motorcycle stream. I don't know if I'm not that interesting on a motorcycle. Maybe I'm wrong. I don't think of me as interesting on the motorcycle. So, I don't know. All right. Yes, that motorcycle or, I don't know. I need to do something outside. I've been sitting here for two hours talking though. So, yes. Everyone have wonderful weekends. Have fun building your home labs. Ask questions. Learn more. Explore. Break things that you have backups for and can fix. Have fun. That's the most important part. All right. Take care. I do have low tech hobbies, by the way. I've seen, I actually will answer that question. Yes. I have old Hondas and things. I have some older motorcycles in my other garage. I like old stuff too. So, yeah. I'd like those hobbies as well. I used to work on tractors. I grew up doing that. So, like 1940s tractors. So, I do like old hobbies. All their hair was break things. That's good enough, right? Ha ha ha ha. Time said break it. Ah, all right. Later.