Okay, well, it may not be as featureful as MS Project, but you can now finally open MPP (Microsoft Project Files) on Linux!  I am so stoked!  One more notch off the Microsoft Toolbelt!  I’m telling you… now all I need is a Visio-type of app, and I’m golden!

Yes, there are decent diagramming tools out there, and I use Dia quite a bit.  However, I still have LOADS of Visio diagrams out there, and would be nice to open them from time to time.

Anyway, where was I?  Ummm… duhh… Microsoft Project on LInux!  Yeah!  Okay, so the project is called OpenProj (clever name) and does pretty much everything I need it to do.  See the screenshots below (click for larger version):

This screenshot is from opening a previous MS Project 2003 file from my windows machine.

This screenshot was taken from the OpenProj website.

Quoted directly from the website:

OpenProj is ideal for desktop project management and is available on Linux, Unix, Mac or Windows. It even opens existing Microsoft or Primavera files. OpenProj shares the industry’s most advanced scheduling engine with Project-ON-Demand and has Gantt Charts, Network Diagrams (PERT Charts), WBS and RBS charts, Earned Value costing and more.

SAAAWEEEETTT!!!!  Rock on!

Cheers

Technorati Tags: linux, project, microsoft, openproj, scheduling, tasks

Powered by ScribeFire.

How many times has someone wanted to access the DMZ (or some other network other than "inside&quot from the VPN?  Why didn’t it work?  Did you figure it out?

Well, the problem stems from IPSec.  See, IPSec and NAT just do not get along.  Mainly due to the security inherit in the protocol.  So, how do you get around it?  Well, you tell the ASA/PIX not to NAT your VPN traffic.

Let’s assume I have two networks:  (inside) 10.10.10.0/24 and (dmz) 172.16.1.0/24 and let’s also assume that the VPN is being attached to the inside interface.

Create an access-list to match the VPN Traffic to the DMZ:

access-list DMZnoNAT permit ip 172.16.1.0 255.255.255.0 10.10.10.0 255.255.255.0

Now, apply the access-list to the NAT statement on the interfaced named ‘dmz’, so it will not be nat’d (i.e. 0)

nat (dmz) 0 access-list DMZnoNAT

Done!  You should now be able to pass VPN traffic from 10.10.10.0 to the DMZ on 172.16.1.0, because we are no longer NAT’ing the traffic, and IPSec is happy again!

Powered by Qumana

Rajan Sodhi found a very interesting story, where a UK study showed it could be beneficial to swear at work, in lueue of special circumstances.

I do agree with this. While, you probably won’t hear me cussing-out my boss, or swearing in front of my CFO anytime soon, there are some benefits to swearing to my colleagues.

I feel it expresses feelings much more so, than the socially-accepted words such as “Oh fooey”, or “Hooray”. Sometimes, I just want to say, “F*&! it, I’m tired of this sh*&!”. That seems to express my frustration more so than “Oh drat, I don’t think I can do this anymore”.

And generally, when feelings are expressed in a deeper fashion, social-networking dictates a special bond or camaraderie with another co-worker. Of course, I could just be full of ……… ((ahem))…….. nevermind.

Actually, when I first read the story, there was one person that came to mind, on top of anyone else on my list…. and it’s a pretty long list (I was in the Navy).  Anyone guess who???  hahahah

Cheers!

Another work day complete. Did I accomplish anything? Do I feel satisfied? Has anything happened today that allows me to walk away thinking… “ahhhh… another good day”.

Nope… just your normal, overwhelming day at work. I really need to get organized. My desk is a mess, paperwork is everywhere. I choose to work on creating a new VPN subnet and watching the OSPF updates, rather than completing Expense Reports. I’m burned out.

Tomorrow will be a better day. Yes, tomorrow is a good day to work on Procrastination……

Update: OSPF stands for Open Shortest Path First, and is a popular routing protocol, used to advertise networks (or lack thereof) to other routers. I mention this, in case I get comments to the effect of…. “Watching OSPF?? I don’t know what kind of sports it shows, but get back to work!……..<Administrator>, make sure to block OSPF on the internet!”

….. yeah, go ahead and block OSPF. That will go over reeealll welllll. Just make sure to tell me first, so I can call in sick……

Technorati Tags: life, work, feelings

I am sooo drooling! Oh, to get a new MacBook Pro with Leopard. Or, even a Dual G5 with dual-cinema screens using Leopard………

http://nizo.wordpress.com/2007/10/16/the-countdown-has-started-mac-os-leopard/

What’s cool?

1. Desktop: The Dock now has a “Stacking” feature, which de-clutters your desktop, and opens all those apps and files in an animated fan, as it opens to your desktop.
2. Finder: The Finder application is now more like “iTunes”. But, instead of just music or videos, it’s now all your files.
3. File Preview: You can now preview files without actually opening them. Step through multi-page documents, or view videos, just by the preview.
4. Time Machine: A VERY, very cool way to backup and restore your files.
5. Spaces: For those Linux users who loves using their virtual desktop, Mac now has it’s virtual desktop, and they call it “Spaces”
6. Boot Camp: Boot Camp comes default. This allows you to boot XP on a Mac machine (No, that does not include the XP license, just the ability to boot to it)

Well, Microsoft has done it again. As if the office and OS market wasn’t dominated enough, they are reaching their poor QA, security-exploited, wretched fingers into the voice market. Yes, I’m not much of a Microsoft fan. They have their place in the workplace, but it’s a small niche

Anyway, Office Communications Server 2007 has been released for purchase. Microsoft states that while it will complement your existing PBX today, it CAN standalone, as a seperate PBX by itself. I do not know what strides they’ve made for call centers, but if OCS doesn’t have it, it soon will.

First off, MS built OCS to use SIP. To me, that was a mistake right there. SIP does have it’s place, but not as the foundation for your voice calls. It’s up to the vendor to create their own implementation of SIP features, which means…. YEP…. another proprietary system, locked in by the ever-loving Microsoft Gods.  :(  Okay… I am exaggerating there a bit, as it may not be 100% proprietary, but they should have just gone with H.323.

I’ll be the first to admit, I’m a Cisco bigot, so I’m going to tell you to purchase Cisco Call Manager. But, if you don’t like Cisco, go with Avaya, or even Asterisk, if you feel up to the challenge. But, please don’t trust Microsoft to your phone system. I mean, the phone system is the last legacy technology that users still know will never fail. Give it to Microsoft, and you’ll be rebooting weekly…….

UPDATE: Sorry for not providing the story link.

I recently found a great blog on Cisco advice and technology.  This particular blog sponsers (or is sponsored?) by a company called Internetwork Expert.

Recently, they held a webcast called “Catalyst QoS”.  This is not your standard 5-minute brief overview of QoS technologies.  This webcast actually goes into the details (along with showing you from a console) of using QoS on a Catalyst Switch.    It is almost 1 1/2 hours long, and is a fantastic webcast!

If you are ever wanting to expand on your QoS knowledge, or plan on using QoS at the Catalyst level, you MUST review this webcast.

I’m not sure how long it will stay archived, so check it soon.  Review the comments below the post, to view the archive location.

Okay, you may have noticed I have implemented a video conferencing system across the enterprise WAN. I had to do some network re-working, however, as the Watchguard Firebox does not play nicely with H.323 for internet-based traffic. However, I had a Pix Firewall that I had been meaning to implement.

Unfortunately, I cannot just remove the Firebox. It is doing web-blocking, SMTP proxying, and countless rules that would take time to rebuild on the Pix. I only wanted the Pix to firewall my H.323 gateway. So, I had to make sure both can play nice together.

Enter Policy-based Routing…..

Basically, I wanted my H.323 Gateway (say 172.16.1.25) to go through my Pix, but still allowing EVERYTHING ELSE (172.16.1.0/24) to go through the Watchguard Firewall. For now, anyway….. Here is a basic diagram:

(Click for larger image)

From here, you can see the flow. Since my default router (172.16.1.1) is in the middle, it will be the “Traffic Cop”. It is here, that we will place a policy on how it will route the packets.

First, we need to identify the packets. We do this by creating an access-list:

default_router(config)# access-list 10 permit 172.16.1.25

Next, we build a routing map that uses the access-list. We will also throw in some precedence, for soft-QoS identification:

default_router(config)# route-map VideoConf permit 10

default_router(config-route-map)# match ip address 10

default_router(config-route-map)# set ip precedence priority

default_router(config-route-map)# set ip next-hop 172.16.1.3

Okay, in our routing map, we are doing three things:

1). We see if it matches our access-list numbered 10

2). If it does, set the precedence bit to ‘priority’ (This is video, after all)

3). Route the packet to host 172.16.1.3 (That’s the PIX).

Once our map is complete, all we have to do is apply it to an interface. In our case, the packet is being received on the inside interface (FastEthernet 0/0).

default_router(config)# interface f0/0

default_router(config-if)# ip policy route-map VideoConf

Done! NOTE, you can only have one policy applied to an interface. This is where the ‘permit 10′ comes in, on the route-map definition. You can build multiple “groups” in a route map. For example, a ‘route-map newPolicy permit 20′.

Now, all packets NOT matching the access-list will still fall-back to the default route going to 172.16.1.2. If the traffic matches access-list 10 (i.e. host 172.16.1.25), it will be applied to the route-map VideoConf, which says to route it to 172.16.1.3.

All you have to do, is make sure 172.16.1.3 can handle the traffic (for example, the proper NAT, access-lists, etc).

Good Luck! Next, I’ll post the PIX rules needed for Polycom to receive inbound calls, and make outbound calls.

Technorati Tags: pbr, policy based routing, cisco

Powered by ScribeFire.

Okay, it’s time to rant a little bit. Not too long ago, my company purchased a helpdesk system to help them track their trouble-tickets and trends. A great idea, and one that most business should be using.

Unfortunately, the product they chose is named Prop Web helpdesk. Why is this a problem. Well, for starters, I’ve just not been in the habit to use software for a LARGE and ENTERPRISE-grade business, that when you run a search for it, the top results comes from SHAREWARE sites. Don’t get me wrong, it will work great for those companies that have less than, say, 50 employees, but any greater than that, it SUCKS!

They have no idea what a normalized database structure is. They have the same field names in multiple tables, none of which, link to a common table. 3rd-party integration is completely out-of-the-question, unless their developers (I think they are up to 3 now) develop the interface. And reporting on it, just plain sucks. Oh, and if you want to run the software, you’ll have to invest in ColdFusion! Blehh.

Maybe if I have the time, I’ll post an addendum to this post, on the actual reasons for my thoughts ( I do have them, honest. I’m not just ranting for no reason) later, if I have the time. Right now, I just need to get things done.

To their defense, I am talking about PropWeb Helpdesk 6.x. Their 7.x screenshots seem to make it look better, but at this point, how good can it be, other than good eye-candy?

To be honest, I’m going to have a difficult time migrating our existing tickets and history to our Swedish helpdesk system, using AdventNet. It’s much better than PropWeb, and if you were following my NetFlow post comments prior to moving my blog, you’ll recall we discussed AdventNet’s NetFlow product too.

SIDENOTE: I’m not talking bad about those that made the decision to purchase it.  It’s a cheap software that gets the job done.  I’m talking bad about the company that created the product, and to release something better.

I wish my company would do video’s like this.  Not only does it look like alot of fun to make, but it is also informative.