Posts Tagged Exchange

Blocking ICMP

This is old news, real old, but I still run across it from time to time.  Customers block ICMP in their firewall or other places.

Internet Control Messaging Protocol is more than just ping (I remember the early Mac’s didn’t implement ICMP or at least echo/ping in their IP stack).

ICMP among other things tells equipment up and down the line a few interesting things, not least is when they need to fragment a packet into smaller packets.  Symptoms range from telnet or web works and email or ftp don’t, some of the time.  In short to the casual observer (known as a user), it is one more thing that works randomly.

Nowadays it’s more important then ever with the proliferation of VPN’s,  to get your fragging done as thoroughly as possible, before the packet gets sucked into the VPN terminus.  Why?  You cant fragment an encrypted packet, in fact it’s not even TCP (IP Protocol type 9) anymore it is type 50/ESP or type 47/GRE, and because it’s encrypted you really cant bust it into smaller parts and calculate checksums, etc.

Exchange clients don’t work on all workstations across VPN’s?  There were various versions of MS patches hat appeared to break the MTU discovery mechanism that says use smaller packets.


, , , , , , , , , ,

No Comments

GoDaddy SSL Certs and PalmOS

Just re-upped my cert for my exchange server to talk to my Treo 750.  I bought a 750 because the 650 broke,  Sprint said that the 750 would just replace my 650 and nothing else would change.

Well many bills later and many calls to their billing department we got the bill down to within $14 a month of what it used to be, they claimed that they didn’t offer a month to month unlimited data plan in spite of the fact that that’s what had been on my 650.  They also kept putting some form of picture sharing charge or some such thing.

But the most noticeable thing was that Veramail no longer worked with self signed SSL certs on my Exchange server.  I did everything suggested which was loading an executable to modify some registry type setting on the palm to no avail, including opening the non-SSL port which was the whole point of a cert (required for the first part of the handshake when using self-signed certs).

So I bought a GoDaddy Cert.  Problem solved for a year

This year however I found out that the new GoDaddy Class 2 certs don’t work with PalmOS.  They don’t.  Google for the reason why, I am just trying to save time.

GoDaddy SSL Certs dont work with Palm OS


, , , , , , ,

No Comments