Monthly Archives: October 2015

Sophos UTM 9 blocking continuity between iPhone, iPad, Mac

I just recently migrated from Untangle 11.2 to Sophos UTM to give it a ride and noticed that a lot of things are blocked (which is a good thing if you know what you are doing and need to unblock it).  Just recently I noticed that I couldn’t make any more calls by using my iPad or Mac through my iPhone.  So, continuity was not working like it was before.

I went to the Apple site (see sources), but couldn’t figure out what port or services were the one that needed to be allowed by the firewall.  So, after analyzing dropped packages by the firewall, I noticed a pattern and created the following firewall rule.  Since the creation of this firewall rule, I haven’t had any more issues with continuity nor downloading content from games in Game Center.

Overall network mapping: Internal network -> Allow ports 6384:16472 -> Any

  1. Go to “Network Protection”
  2. “Firewall”
  3. Click “New rule…”
  4. Under “Sources:” add “Internal (Network)”
  5. Under “Services” (you probably haven’t created this, so we are going to do it the long way), click on the “+” to add a new service
  6. Give it a name.  Probably “Apple Continuity”
  7. On “Destination port:” allow ports from “16384:16472”
  8.  Under “Comment” add these ports are “Real-Time Transport Protocol (RTP), Real-Time Control Protocol (RTCP)” for “iChat AV (Audio RTP, RTCP; Video RTP, RTCP), FaceTime, and Game Center”
  9. Click “Save”
  10. Under “Destinations:” add “Any”
  11. (Optional) Add comment
  12. Click “Save”

Now you should be able to use Apple continuity by handing over calls over your iPad and/or Mac from your phone under the same network.

Hopefully Sophos UTM could include this as default with their future releases.

Source: TCP and UDP ports used by Apple software products – Apple Support

How to install a new version of python in RHEL 6

So, if you have RHEL 6, you might be stuck with Python 2.6.  But, not really.  Even though you might not be able to install a new version of python using yum, you can still download a new version of python and install it in your environment.  Now, you can install it and replace the current version or you can install another version and have two python in your system.

  1. Install GCC by typing
    sudo yum install gcc
  2. Go to
    cd /usr/src/
  3. Now, let’s download a release from python.org. In this example we will be using Python 3.5.0.

    sudo wget https://www.python.org/ftp/python/3.5.0/Python-3.5.0.tar.xz sudo tar xf Python-3.5.0.tar.xz sudo cd Python-3.5.0
  4. Let’s compile
    sudo ./configure
  5. Let’s build the package
    sudo make
  6. Now, to install it you have two options.  You can either overwrite the python executable or you can install as concurrent instance.
    1. If you want to overwrite the OS python executable
       sudo make install
    2. If you want to install concurrent (not overwritting the OS executable)
       sudo make altinstall
  7. Now let’s link it so others could use it
     sudo ln -s /usr/local/bin/python3.5 /usr/bin/python3.5
  8. Now test it by invoking the following command
    python3.5 -V

    You should have the following result

    "Python 3.5.0"
  9. If you get that result let’s continue, otherwise look back and see what step you missed.
  10. Now that you have python 3.5 install along with 2.7, you might want to install pip to handle package installations.
  11. In order to do that, let’s first download pip.
    cd ~/Downloads
    wget https://bootstrap.pypa.io/get-pip.py
  12. Now, let’s install it
     sudo python3.5 get-pip.py

    If setuptools is not installed, get-pip.py will automatically install setuptools.

  13. To check pip if installed successfully
     pip3.5 -V

    You should have the following result

     "pip 7.1.2 from /usr/local/lib/python3.5/site-packages (python 3.5)"
  14. If you want others to use pip with sudo command, you probably want to do this
  15. sudo ln -s /usr/local/bin/pip3.5 /usr/bin/pip3.5
  16. And there you go!  Now you have two python versions and two pip versions running concurrently on your OS.

Sources

https://www.python.org/

https://pip.pypa.io/en/stable/installing/

http://stackoverflow.com/questions/8087184/installing-python3-on-rhel

http://stackoverflow.com/questions/6587507/how-to-install-pip-with-python-3

IBM SPSS Modeler Streams with Excel export nodes fail with Insufficient memory for JVM – United States

From time to time you might run into some issues with SPSS Modeler of running out of memory on Java Virtual Memory.  The way you fix it is by expanding the allocated JVM.

So, in order to do this we mustdo the following…

  1. Close SPSS Modeler if you have it open
  2. Open C:\Program Files\IBM\SPSS\Modeler\\config\jvm.cfg as Administrator
  3. Find the line with the following
    options, "-Xmx256m"
  4. Now change "-Xmx256m" to a new value where 256m = RAM.  So if you would like to lets say allocate 1G of RAM, then you will change it to options, "-Xmx1024m".

Source: IBM Streams with Excel export nodes fail with Insufficient memory for JVM – United States

Configure full VPN tunnel in Sophos UTM – Technicus

Finally I was able to find some documentation on how to configure Sophos VPN UTM.

For years now I have had a successful split tunnel VPN with my Sophos UTM. Recently I’ve wanted to have a full tunnel option for greater security in remote areas (hotel wi-fi, etc.) Unfortunately setting up such a thing in Sophos is NOT straightforward. The biggest problem I had was that no websites would work … Continue reading Configure full VPN tunnel in Sophos UTM →

Source: Configure full VPN tunnel in Sophos UTM – Technicus