How to regain access to a Cisco PIX firewall after locking yourself out

Today I managed to lock myself out of our PIX firewall.  We’re moving to a new network, and I needed to update the internal IP addresses so that it’ll continue serving traffic to our web servers.

What got me in trouble:  I had tried changing the inside IP address without  enabling DHCP beforehand.   No matter which IP address I used, no matter how often I rebooted the PIX, I simply couldn’t get connected back in via telnet.

This took some serious effort which I don’t want to ever have to endure again, so I’m going to note the steps that ended up working for me…

1)      Find the blue serial null modem cable (I found it in the box labelled “misc cables” and will put it back there after I’m done)

2)      Set up a Linux box that has a serial port next to the router.  Connect the cable.

3)      On the linux box, type dmesg | grep tty and look for which port is being used for the serial port.  On this machine it was ttyS0, but might be something else.

  • If the only thing that appears is tty0 (which is the console), that might mean that the BIOS has the serial port turned off.   Sure enough, that was my situation.
  • If that’s the case, restart the machine and go into the BIOS, turning it back on.

4)      Assuming you found which port is the serial port, try running the following command:  cu –l /dev/ttyS0 –s 9600

  • I figured out after a long while, that you can’t do this as root—at least not by default.  So on my Ubuntu box, I had to exit the root shell and return to my non-privileged account in order to get cu to work properly.
  • If you get a message that cu isn’t installed, go ahead and install it using apt-get install or yum install, depending on which flavor of Linux you’re running.

5)      Once I got connected, the PIX prompted for what name it should be known by, which IP address would be the inside address, the current UTC date, and a couple of other basic things like that.  I happily provided them.

6)      After I saved the updates and disconnected, I still wasn’t able to telnet into the unit.  That left me scratching my head for quite a while—I could ping the unit, but it simply refused to let me connect via telnet.  I tried shutting down my local firewall, but to no avail.  Finally, after doing some additional digging, I realized I needed to reconnect via the serial connection and tell the PIX to allow telnet.  So I connected back in, went into enable mode, issued a conf t, and added this line:  telnet 192.168.1.0 255.255.255.0 inside   (Note that the last .0 on the IP address tells the PIX to allow telnetting from any address on the 192.168.1 network.)

After a full day of wrestling with this issue, I’m finally back online.  Hope this helps someone avoid the same pitfalls.

Why Your Website Doesn’t Generate More Leads

Sometimes we optimistically assume that building a website–any website–will bring a surge of eager customers tripping over themselves in their rush to buy our products or services. Unfortunately, “If you build it, they will come” simply doesn’t apply to web development.

There are several reasons why web sites fail to generate sales. Over the next few days, I’ll outline five of the worst culprits. Here’s #1 …

1) Failure to optimize images for the web. Recent studies have demonstrated that if your pages take longer than one second to load, visitors will abandon your site in droves.

And it makes sense, doesn’t it? What’s your gut reaction when a site asks you to “PLEASE WAIT while we conjure up fabulous content for your eager eyes…” ?

If your pages take longer than one second to load … well, maybe it’s time to check your image sizes. Often the solution is simple: scale and/or crop your graphic files down to size. For example, the original file size of the photo above is almost 3 megabytes. After scaling the photo down to the intended viewing size, the file shrunk to 29K — one percent of its original size.

Resizing photos and images to fit their target space doesn’t require much time or skill. But the actual load time might spell the difference between a frustrated visitor, and a sale.

Recent updates to vbsroster.com

Several churches I’ve talked with recently say they’d like to use vbsroster.com, but it doesn’t fit their situation because they don’t host a Vacation Bible School–(at least not using the VBS nomenclature). Instead, their churches offer soccer camps.

To address this need, we’re adding the ability to switch the theme from VBS to Soccer Camp. The same student, parent and emergency contact forms will be presented to parents, but the photos will have a soccer theme.

In addition, we’ve also added additional customization capability, including:

  • Color selectors to change the header/footer color, as well as the title font color
  • Home page editing capability
  • Ability to link back to their church website (or another site).

Next on the docket: install an SSL certificate and move from beta into production.

Looks like our May 1 target is still on track!

Where To Go After FoxPro

The number of Visual FoxPro programmers dwindles ever smaller as Microsoft’s end-of-life deadline for VFP (January 13, 2015) looms closer on the horizon. Most programming companies have long since abandonded FoxPro, opting to migrate to new development platforms. (Side note: our company continues to support all versions of VFP).

Some time in the future, Visual Foxpro applications will either need to get migrated to something more current, or put out to pasture. So where does that leave savvy business owners who have invested a ton of thought, resources and money into a legacy FoxPro application?

For starters, understand that your FoxPro application(s) will likely continue to run just fine for many more years–maybe even a decade or longer. The sky will not fall just because of an arbitrary support cutoff date. FoxPro is a 32-bit application just like thousands of other 32-bit apps, which run perfectly well in Windows 7 and Windows 8. It’ll probably be quite some time before Microsoft releases a new operating system that doesn’t support 32-bit apps.

But what if your company has decided it’s time to migrate to a new development platform? Unfortunately, there’s no magic button that’ll automatically migrate your VFP application to a current development platform. But today you have more options available than ever before. It all depends on how data flows in and out of your application, whether your company has an IT policy in place, and what that policy mandates regarding preferred vendors and required databases.

For example, if your company has committed to use only Microsoft software and SQL Server, you’ll want to find a knowledgeable software developer who’s skilled at Visual Studio .NET development. On the other hand, if you run with the Open Source crowd, start by seeking out developers who know their way around LAMP (Linux / Apache / MySQL / PHP).

Another key question to ask yourself: how and where should your data be accessible? If users need to access your application and data from outside your office, developing a web or mobile application will probably narrow your needs down to an ASP.NET Developer (for Windows) or a PHP programmer (for Linux-based solutions). On the other hand, if all data entry is done from user desktops, you’ll want to find a company with experience in developing desktop applications.

If you’ve reached this point, call us for a free, no-obligation consultation. We’ll help identify your needs and how best to move forward.

Keeping an Open Mind about Open Source

What is open source? It’s software you can download from the internet for free. But it usually requires some knowhow to get the software up and working.

For example, millions of offices around the world are using Asterisk, an Open Source PBX software.
We use asterisk at our office, and can configure it for other companies so they can have a very professional phone system at a very reasonable cost.

We can add customized greetings and menus (for example, press 1 for sales, 2 for accounting, etc).

We can configure asterisk to automatically send email copies of voicemails to one or more recipients.

And we can set up phones in remote offices or home offices—anywhere that has a good internet connection.
If you run a small office in Southeast Wisconsin and you’ve outgrown your phone system, contact me for a free quote.

Not Your Average Fairy Tale

Once upon a time, in a town not far from here, there lived and worked a young office manager named Goldilocks.

Goldilocks needed to find a better way to manage the ever-increasing amount of data as her business continued to grow.

So Goldilocks called her local BigSoftwareCompany rep, who jumped at the opportunity to lease their Premium CRM solution to her, starting at only $1000 per month.

Sounded a little too big for her needs.

So then, she hopped on the internet, and purchased her very own copy of a popular Off-The-Shelf program. But she found it wasn’t quite what she needed either. It was just too small.

Then she called I/O Technologies, who sat down with her and designed a custom solution that was JUST RIGHT.

If you’re an office manager like Goldilocks, give us a call. We write software to help companies like yours live happily every after.

The End.

Totally Off-the-Shelf, Totally Custom–or Somewhere in Between?

Over the past 65 years, productivity in the US has increased by approximately 100%. On any given day, US workers now produce twice as much than their counterparts did in 1947.

Computer software technologies have certainly helped significantly along the way. Can you imagine running your business today without your laptop, GPS, cell phone or internet?

But over the years, not everyone has embraced technological advances with open arms–at least not right away. Many managers consider the cutting edge to be the bleeding edge. They’d rather let others endure the pain and scar tissue that new technology can inflict.

For others, the choice has been just too difficult: do we buy an off-the-shelf software application–paying for bells and whistles we’ll never use, or hire a programming company to write custom software? And then, how can we successfully introduce change into our system without hurting productivity–even if it’s for the short term?

You can understand why the typical office manager or production supervisor doesn’t jump up and down in breathless anticipation of the next software upgrade. How to deal with the ensuing rebellion that might occur? Some business owners just don’t have the energy to combat the “we’ve always done it this way” mindset. They’re afraid they just might kill the goose that’s laid so many golden eggs over the years. There’s something to be said for the comfort level afforded by the status quo.

What about this approach? How about introducing changes on an incremental basis? Instead of ripping out the old software and forcing employees to adapt to new software, consider implementing helper applications–ones that take the multiple manual steps down from five steps to two. Not only are they less disruptive–they’re also smaller in scope; thus cost less. With a little planning, these helper apps can gradually morph and merge into a completely new system–one step at a time.

How do you eat an elephant? One bite at a time, to be sure. But don’t bite off more than your people are able to chew.

Software Review – FreeMind

FreeMind is a cool Open Source mind-mapping software application that works the way your mind does. The premise behind the software is that our human minds don’t organize thoughts in lists so much as it organizes in clusters of related thoughts.

Remember when you had to type your first term paper, and your instructor suggested that your write each thought on a notecard–then organize the notecards in logical piles? That’s akin to what FreeMind does: When you launch it, you start by creating a blank slate (or “mind map” using FreeMind’s lingo). You add a thought (or “node”) by pressing the Insert key and adding a descriptive label. Labels can be very short, or fairly long. Here’s a screenshot of what one of my recent mind maps looks like:

There’s no limit to the number of sub-nodes and/or thoughts you can add within a node–just pop open the node, press the Insert key, and type away.

I prefer to assign a different background color to each node, but you could choose to skip specifying background colors, if you prefer. For that matter, you can choose to not envelope nodes with a border. For me, the cloud shape around each node helps keep me focused. Here’s what a node looks like when you expand it…

To minimize a node, just click on the node label again, and it’ll shrink back down to its original size. You can also set up nodes as hyperlinks–so that when you click on them, they’ll pop open PDF files, spreadsheets and the like.

For more information, or to download and install FreeMind, visit http://freemind.sourceforge.net/wiki/index.php/Main_Page

If you’d like help getting FreeMind installed on your workstation or network, feel free to contact me.

Making data Input more fun, and data Output more valuable.

Do you host your own web server inside your office? Probably not.

Our customers’ web sites are often hosted on servers hundreds or thousands of miles away–not running inside their office.

If the only purpose for your web site is to EXHALE, i.e., advertise products and list your store locations, then there’s no problem.

But what if you want to collect data from your visitors (and that’s always a good idea)? How does that data get from the web server running thousands of miles away, to you in your office?

Many web developers send the data to you in an email. But then you’re forced to copy/paste the data from the email and manually rekey it into your systems inside your office.

We can make this process more fun and easy:

  • First, we can write an interface where users just drag the emails from Outlook and drop them onto our software. The software reads the emails, then pushes the meaningful data into your internal database.
  • Or, even better– we can install a little engine out on the web server that will let you download the data directly –without using email at all.

If the prospect of having to re-key data from your web site into your internal system makes your skin crawl, give us a call!

I’m Dave Martin from I/O Technologies, where we make data Input more fun, and data Output more valuable.

Bringing Function to the Dysfunctional Office

Have you ever had a friend or family member confide in you–“you know, I sure hope Mary never decides to leave our business. She’s the only one who knows how to run the computer systems. If she left, we’d be in serious trouble.”

If you’re the manager of a dysfunctional office–one where everybody knows that if one or two key employees walked out, the business would be in jeopardy–we should talk.

We can write software that addresses the dysfunction head-on: First, we can simplify things, so if it takes 14 steps to generate invoices, we can often reduce that down to one or two steps.

Second, we can incorporate context-sensitive help. So if you don’t know how to do something, press F1 and there are the step-by-step instructions, right where you need them.

Our programmers love bringing function to dysfunctional office environments.