Sophos UTM 9 blocking continuity between iPhone, iPad, Mac

I just recently migrated from Untangle 11.2 to Sophos UTM to give it a ride and noticed that a lot of things are blocked (which is a good thing if you know what you are doing and need to unblock it).  Just recently I noticed that I couldn’t make any more calls by using my iPad or Mac through my iPhone.  So, continuity was not working like it was before.

I went to the Apple site (see sources), but couldn’t figure out what port or services were the one that needed to be allowed by the firewall.  So, after analyzing dropped packages by the firewall, I noticed a pattern and created the following firewall rule.  Since the creation of this firewall rule, I haven’t had any more issues with continuity nor downloading content from games in Game Center.

Overall network mapping: Internal network -> Allow ports 6384:16472 -> Any

  1. Go to “Network Protection”
  2. “Firewall”
  3. Click “New rule…”
  4. Under “Sources:” add “Internal (Network)”
  5. Under “Services” (you probably haven’t created this, so we are going to do it the long way), click on the “+” to add a new service
  6. Give it a name.  Probably “Apple Continuity”
  7. On “Destination port:” allow ports from “16384:16472”
  8.  Under “Comment” add these ports are “Real-Time Transport Protocol (RTP), Real-Time Control Protocol (RTCP)” for “iChat AV (Audio RTP, RTCP; Video RTP, RTCP), FaceTime, and Game Center”
  9. Click “Save”
  10. Under “Destinations:” add “Any”
  11. (Optional) Add comment
  12. Click “Save”

Now you should be able to use Apple continuity by handing over calls over your iPad and/or Mac from your phone under the same network.

Hopefully Sophos UTM could include this as default with their future releases.

Source: TCP and UDP ports used by Apple software products – Apple Support

How to install a new version of python in RHEL 6

So, if you have RHEL 6, you might be stuck with Python 2.6.  But, not really.  Even though you might not be able to install a new version of python using yum, you can still download a new version of python and install it in your environment.  Now, you can install it and replace the current version or you can install another version and have two python in your system.

  1. Install GCC by typing
  2. Go to
  3. Now, let’s download a release from python.org. In this example we will be using Python 3.5.0.

  4. Let’s compile

  5. Let’s build the package

  6. Now, to install it you have two options.  You can either overwrite the python executable or you can install as concurrent instance.
    1. If you want to overwrite the OS python executable

    2. If you want to install concurrent (not overwritting the OS executable)

  7. Now let’s link it so others could use it

  8. Now test it by invoking the following command

    You should have the following result

  9. If you get that result let’s continue, otherwise look back and see what step you missed.
  10. Now that you have python 3.5 install along with 2.7, you might want to install pip to handle package installations.
  11. In order to do that, let’s first download pip.

  12. Now, let’s install it

    If setuptools is not installed, get-pip.py will automatically install setuptools.

  13. To check pip if installed successfully

    You should have the following result

  14. If you want others to use pip with sudo command, you probably want to do this
  15. And there you go!  Now you have two python versions and two pip versions running concurrently on your OS.

Sources

https://www.python.org/

https://pip.pypa.io/en/stable/installing/

http://stackoverflow.com/questions/8087184/installing-python3-on-rhel

http://stackoverflow.com/questions/6587507/how-to-install-pip-with-python-3

IBM SPSS Modeler Streams with Excel export nodes fail with Insufficient memory for JVM – United States

From time to time you might run into some issues with SPSS Modeler of running out of memory on Java Virtual Memory.  The way you fix it is by expanding the allocated JVM.

So, in order to do this we mustdo the following…

  1. Close SPSS Modeler if you have it open
  2. Open C:\Program Files\IBM\SPSS\Modeler\\config\jvm.cfg as Administrator
  3. Find the line with the following
    options, "-Xmx256m"
  4. Now change "-Xmx256m" to a new value where 256m = RAM.  So if you would like to lets say allocate 1G of RAM, then you will change it to options, "-Xmx1024m".

Source: IBM Streams with Excel export nodes fail with Insufficient memory for JVM – United States

Configure full VPN tunnel in Sophos UTM – Technicus

Finally I was able to find some documentation on how to configure Sophos VPN UTM.

For years now I have had a successful split tunnel VPN with my Sophos UTM. Recently I’ve wanted to have a full tunnel option for greater security in remote areas (hotel wi-fi, etc.) Unfortunately setting up such a thing in Sophos is NOT straightforward. The biggest problem I had was that no websites would work … Continue reading Configure full VPN tunnel in Sophos UTM →

Source: Configure full VPN tunnel in Sophos UTM – Technicus

Upgrade to Windows 10 with ISO to by pass VMware issue with SVGA drivers

Just recently with the announcement of Win 10 made available for free, I wanted to upgrade, but got an error message that I can not upgrade due to SVGA drivers compatibility.  Between VMware and Microsoft, they are both pointing fingers to one another and nobody wants to take responsibility.  So, the easiest way to do it, would be to download the ISO and perform the upgrade yourself.

Here is the direct link -> https://www.microsoft.com/en-us/software-download/windows10ISO.

Source:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1011709

https://communities.vmware.com/message/2523524

http://www.imore.com/how-avoid-windows-10-upgrade-problems-vmware-fusion

Windows 10 ISO

Get HBO Go to work in Ubuntu 14.04 LTS – … and other streaming services like Amazon Prime, 4oD that are DRM-Protected Flash 

So, I tested this in Ubuntu 14.04 LTS and Firefox 38.  This tool did not worked in Chrome 43.

You will need to add the PPA to your Ubuntu box and then install the program.

  1. open “Terminal”
  2. type “sudo add-apt-repository ppa:mjblenner/ppa-hal”.  Then go through the prompts
  3. then, type “sudo apt-get update && sudo apt-get install hal”
  4. Open up Firefox and give it a ride!

Getting Amazon Prome, 4OD, Demand 5, or Google Play Movies to work on Ubuntu 13.10 requires a little bit of effort, but it can be done.

Source: Get Amazon Prime, 4oD and Other DRM-Protected Flash Working in Ubuntu 13.10 – OMG! Ubuntu!

How to make Thunderbird portable

The title to this post might be deceiving, since I am not going to walk you through on how to make Thunderbird portable, but rather how to make Thunderbird portable cross different devices by using a file sharing tool (ie. Dropbox).

Let’s say that you have two Linux, Mac, or Windows machines and would like to have your Thunderbird mailboxes and configurations to be the same.  So, whenever you make a change on one machine, it will synchronize on the other.  Key that you want to consider is how much space your Thunderbird profile is taking and if you will have enough space in Dropbox.

The following was tested in two different Ubuntu Linux machines (I also did it on Windows machines, but the steps below are for Linux).  Here is what you will need to do.

  1. Make sure that you have Thunderbird configure the way you want it/like it on PC#1
  2. Then close out Thunderbird to make the following changes
  3. Go to folder /home/pc1_user/.thunderbird/
    where pc1_user will be change to your actual user profile
  4. You will see couple of files and folders in there.  The ones that you will be interested are “profiles.ini” and “randomfoldername.default”
    where “randomfoldername.default” will be something like this “z85gg4eg.default”
  5. Move “randomfoldername.default” to your Dropbox account.  In my case I created a folder for Thunderbird where this new folder will be under.
    Here is how it looks… /home/pc1_user/Dropbox/Thunderbird/randomfoldername.default
  6. Now, let’s update “profiles.ini”.  Your configurations might look like something like this

    What you are going to do is to make some modifications to this file by changing “IsRelative” and “Path” to look this this
  7. Now you should be able to open Thunderbird on the computer with no problem :).  Just note that by doing this doesn’t fix your problem on having Thunderbird synchronized in two computer.
  8. You will need to do something similar on PC#2.
    1. Make sure that you have Thunderbird installed
    2. Make sure that you have Dropbox installed
  9. Go to folder /home/pc2_user/.thunderbird/
    where pc2_user will be change to your actual user profile
  10. You will see couple of files and folders in there.  The one that you will be interested are this time is only the “profiles.ini”.
  11. Now, let’s update “profiles.ini”.  Your configurations might look like something like this

    What you are going to do is to make some modifications to this file by changing “IsRelative” and “Path” sections to look this this
  12. There you have it!!! Now you can enjoy Thunderbird in two (or many more) machines with the same settings, mailboxes, and configurations.

Sources:
http://kb.mozillazine.org/Running_from_a_USB_drive_(Thunderbird)
http://www.makeuseof.com/tag/access-your-personalised-thunderbird-client-on-any-computer-worldwide/
http://www.lifehacker.com.au/2011/05/how-to-sync-your-desktop-email-client-across-multiple-computers/

How to make GPG4Win portable app

Lately I been using PGP more and more… and I wanted to have my portable application on a flash drive where I could carry all of the private and public keys (of course that if I loose my flash drive, I am at risk – I know that). But, there is really not good documentation that walks through a first time user on how to accomplish this.  So, here is my attempt to those first time users on how to do it.

  1. You need a Windows machine (physical or virtual)
  2. Download Gpg4Win -> http://www.gpg4win.org/
    In my case, I tested this with version 2.2.4
  3. When installing Gpg4Win, make sure that you have enable all of these options
    GnuPG 2.0.27
    Kleopatra 2.2.0-git945878c
    GPA 0.9.7
    GpgOL 1.2.1
    GpgEX 1.0.1
    Claws Mail 3.9.1
    Kompendium (de) 3.0.0
    Compendium (en) 3.0.0
  4. Once you are done with the installation, then you can run the following command in order to make your own Gpg4Win portable application.  Keep in mind that you can go two different routes.  Full or Lite.  In my example, I will show you how to have it fully loaded.
  5. Open command prompt (CLI)
  6. cd to the path where GPG4Win is located
    If you use the defaults it will be at “C:\Program Files (x86)\GNU\GnuPG\”
  7. Run “mkportable.exe –full –verbose TARGETDIR”
    where TARGETDIR in this case will be “E:\gpg4winapp”
  8. Then once the program runs, you will be able to open Kleopatra and there you have it
  9. Enjoy!!!