RE: Question on ESX VM issue, NEED HELP
MS patches, or VMWare patches? -sc From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, August 15, 2011 1:55 PM To: NT System Admin Issues Subject: Question on ESX VM issue, NEED HELP Has anyone seen an issue with this months patches causing the TCP/IP Stack on Windows 2003 to blow up? I have already did the following. http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd =displayKCexternalId=1014169 I have even uninstall and rebooted and reinstalled the Virtual NIC and upgraded the VM tools and I get the following issue. I can assign the IP address of the physical system. I can ping 127.0.0.1 and the address. I can't ping the gateway its set correctly, 255.255.255.128 and the gateway is .129 which is also correct, also the VLAN ID for the NIC is correct accordingly. Change the IP address on that VLAN segment same issue so I knows its going down the stack issue. Any ideas? Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadminimage001.jpg
RE: Question on ESX VM issue, NEED HELP
Ms Patches I rolled them all back, I did take care of the Show_Dev_non connections=1 thing, and deleted that NIC, but still having issues getting anything routable. Might be rebuild and restore time back to last known good backup. Jeeze, Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Monday, August 15, 2011 2:00 PM To: NT System Admin Issues Subject: RE: Question on ESX VM issue, NEED HELP MS patches, or VMWare patches? -sc From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, August 15, 2011 1:55 PM To: NT System Admin Issues Subject: Question on ESX VM issue, NEED HELP Has anyone seen an issue with this months patches causing the TCP/IP Stack on Windows 2003 to blow up? I have already did the following. http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd =displayKCexternalId=1014169 I have even uninstall and rebooted and reinstalled the Virtual NIC and upgraded the VM tools and I get the following issue. I can assign the IP address of the physical system. I can ping 127.0.0.1 and the address. I can't ping the gateway its set correctly, 255.255.255.128 and the gateway is .129 which is also correct, also the VLAN ID for the NIC is correct accordingly. Change the IP address on that VLAN segment same issue so I knows its going down the stack issue. Any ideas? Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadminimage002.jpgimage003.jpg
RE: Question on ESX VM issue, NEED HELP
Have you seen this issue referred to anywhere else? Pr know which patch #? Thanks for the heads up... -sc From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, August 15, 2011 2:22 PM To: NT System Admin Issues Subject: RE: Question on ESX VM issue, NEED HELP Ms Patches I rolled them all back, I did take care of the Show_Dev_non connections=1 thing, and deleted that NIC, but still having issues getting anything routable. Might be rebuild and restore time back to last known good backup. Jeeze, Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Monday, August 15, 2011 2:00 PM To: NT System Admin Issues Subject: RE: Question on ESX VM issue, NEED HELP MS patches, or VMWare patches? -sc From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, August 15, 2011 1:55 PM To: NT System Admin Issues Subject: Question on ESX VM issue, NEED HELP Has anyone seen an issue with this months patches causing the TCP/IP Stack on Windows 2003 to blow up? I have already did the following. http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd =displayKCexternalId=1014169 I have even uninstall and rebooted and reinstalled the Virtual NIC and upgraded the VM tools and I get the following issue. I can assign the IP address of the physical system. I can ping 127.0.0.1 and the address. I can't ping the gateway its set correctly, 255.255.255.128 and the gateway is .129 which is also correct, also the VLAN ID for the NIC is correct accordingly. Change the IP address on that VLAN segment same issue so I knows its going down the stack issue. Any ideas? Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadminimage001.jpg
RE: Question on ESX VM issue, NEED HELP
I had a similar issue during a migration. It had to do with the way we had the NICs trunked up to our Cisco switch. I had to change the vswitch to 'Route based on IP hash'. Something to check anyway. Machines would work fine until a reboot, then I had to do all kinds of messing around with the IP stack to get it to reconnect. -John Kelsey From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, August 15, 2011 1:55 PM To: NT System Admin Issues Subject: Question on ESX VM issue, NEED HELP Has anyone seen an issue with this months patches causing the TCP/IP Stack on Windows 2003 to blow up? I have already did the following. http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd=displayKCexternalId=1014169 I have even uninstall and rebooted and reinstalled the Virtual NIC and upgraded the VM tools and I get the following issue. I can assign the IP address of the physical system. I can ping 127.0.0.1 and the address. I can't ping the gateway its set correctly, 255.255.255.128 and the gateway is .129 which is also correct, also the VLAN ID for the NIC is correct accordingly. Change the IP address on that VLAN segment same issue so I knows its going down the stack issue. Any ideas? Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 [cid:image001.jpg@01CC5B5C.86AD87A0] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.jpg
RE: Question on ESX VM issue, NEED HELP
Here was the solution in our case, pretty darn obsecure. http://support.microsoft.com/kb/870910 Basically when I compared with a known good system after doing a netsh int ip reset command that the IPSEC policies key was not on the system in question but was on the system that was known good. So the regsvr32 command took care of re-registering the default ipsec policy and things came up as expected. Look for event ID 4292 with Source IPSEC accordingly. I think between the patching and an issue with the VMTools not updating correctly, that was the issue that caused the Registry to go funky. That coupled with WinPcap from a installation of Wireshark ( which was already on the machine) Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Monday, August 15, 2011 2:26 PM To: NT System Admin Issues Subject: RE: Question on ESX VM issue, NEED HELP Have you seen this issue referred to anywhere else? Pr know which patch #? Thanks for the heads up... -sc From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, August 15, 2011 2:22 PM To: NT System Admin Issues Subject: RE: Question on ESX VM issue, NEED HELP Ms Patches I rolled them all back, I did take care of the Show_Dev_non connections=1 thing, and deleted that NIC, but still having issues getting anything routable. Might be rebuild and restore time back to last known good backup. Jeeze, Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Monday, August 15, 2011 2:00 PM To: NT System Admin Issues Subject: RE: Question on ESX VM issue, NEED HELP MS patches, or VMWare patches? -sc From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, August 15, 2011 1:55 PM To: NT System Admin Issues Subject: Question on ESX VM issue, NEED HELP Has anyone seen an issue with this months patches causing the TCP/IP Stack on Windows 2003 to blow up? I have already did the following. http://kb.vmware.com/selfservice/microsites/search.do?language=en_UScmd =displayKCexternalId=1014169 I have even uninstall and rebooted and reinstalled the Virtual NIC and upgraded the VM tools and I get the following issue. I can assign the IP address of the physical system. I can ping 127.0.0.1 and the address. I can't ping the gateway its set correctly, 255.255.255.128 and the gateway is .129 which is also correct, also the VLAN ID for the NIC is correct accordingly. Change the IP address on that VLAN segment same issue so I knows its going down the stack issue. Any ideas? Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadminimage002.jpgimage003.jpg