How to move a large number of VM’s between AVsets This topic is to introduce a new script that helps with deployments in Azure Availability Sets, I actually had a few reasons for writing the script, Capacity Errors and Proximity Groups AV Set Capacity When you deploy a new VM to an Availability Set in, […]
Azure Storage is awesome it’s a durable, highly available, massively scalable cloud storage solution with public endpoints. But what if you don’t want public endpoints. What if you want a private endpoint only? A customer asked me, how can I copy data using Azure Data Factory over my ExpressRoute link to my Azure Storage account […]
With the release of an Application in Azure AD, the configuration of F5 publishing Kerberos backend applications have just been made a whole lot easier. This we cover in this post, but as an added bonus, the previous post adds the possibility of authenticating (Forest) trusted users on the same backend server using KCD (although […]
In the previous F5 posts we did, we always used a single forest, single domain setup. Obviously, this is not always the case, certainly when cross-forest migrations are being performed. Even in these situations we could leverage F5 and AAD’s federation capabilities to provide an SSO experience. Requirements: 2 Forests with a forest trust (two-way) […]
The title being full of acronyms, this topic is about publishing Kerberos based websites behind an F5 load balancer, while using Azure AD as the authenticating service. Or in more technical terms, F5 will rely on an external SAML based token to perform Kerberos Constraint Delegation towards a backend server. Get settled in, this is […]
Running a Unifi USG gateway does have its challenges every now and then. One of my friends asked me how I would solve the problem of dynamic IP addresses being used in a S2S VPN configuration. Now normally, when you look at the USG documentation, if the S2S is managed by a single USG controller […]
Since only a few days (and for the few that read this before the Ignite launch: in a few days) the Azure Virtual Network Gateway will support P2S connections based on OpenVPN. This means that the connections from all your clients to Azure networks becomes a whole lot easier. Connect with your phone, tablet, Mac […]
[Update: seems even a Surface Pro 6 with docking station is capable of using SMB multi-channel using 2 NIC’s.. if you use the onboard NIC on the docking station, but also the USB-Ethernet converter in the dock’s USB port, you can actually achieve 2Gbps speeds as well! And, with the upgrade to a 10Gb switch, […]
As Microsoft enabled the Radius option in the Azure Gateway VPN configuration, it now means you can enable MFA on your P2S connections! There is a caveat however. It only works if you have replicated your users from an Active Directory into Azure Active Directory. If you have cloud-only user, it doesn’t work (yet..) I’ll […]
I know that many of my posts are about networking icw a Juniper SRX… as I happen to have one. But what if you don’t have such a “sophisticated” device that can handle multiple virtual routers, BGP and all the other stuff. Well I could say, buy one from e-bay.. but let’s see if I […]