Connecting to a Remote Desktop Gateway behind a proxy server

Connecting to a Windows 2012 R2 RD Gateway server when you are behind a proxy server, especially one requiring authentication, may fail with the following errors:

‘Your computer can’t connect to the remote computer because an error occurred on the remote computer that you want to connect to.’

 RDPError2

Or

‘Remote Desktop can’t connect to the remote computer for one of these reasons:

  1. Remote access to the server is not enabled
  2. The remote computer is turned off
  3. The remote computer is not available on the network’

RDPError

Additionally, you will see the following event ID 4625 in the security log on the gateway server.

Log Name: Security

Source: Microsoft-Windows-Security-Auditing

Date: 8/5/2013 4:20:00 PM

Event ID: 4625

Task Category: Logon

Level: Information

Keywords: Audit Failure

User: N/A

Computer: RDGW.CONTOSO.COM

Description:

An account failed to log on.

 This issue is documented here:

 https://support.microsoft.com/en-us/kb/2903333

To fix it, set the EnforceChannelBinding registry value to 0 (zero) to ignore missing channel bindings on the Gateway server.

HKLM\Software\Microsoft\Windows NT\CurrentVersion\TerminalServerGateway\Config\Core

Type: REG_DWORD

Name: EnforceChannelBinding

Value: 0 (Decimal)

RDPError_reg

 Note By default, the EnforceChannelBinding value does not exist on the Gateway server. You must create this value. When you are done, reboot the server and it should work behind your proxy server.

Why I switched from Windows Phone to IOS

So sadly I finally switched from Windows Phone to IOS. I was a long time Windows Phone user too…had WP7 HTC Mozart, Lumia 800, HTC 8x, Lumia 925, not to mention countless Windows Mobile devices. I love Windows Phone, but at the end of the day I wanted 2 things:

  1. A phone that just works
  2. Apps that I need

Windows Phone passed the first requirement fine, unlike Android, but not the second. At first I didn’t mind this as I wanted to be along for the ride, see how the platform developed, get excited when new updates arrived etc, but unfortunately development of the platform has been so slow, most resources seeming to go into redoing the platform from the ground up every couple of years, sometimes loosing features in the process. Feature updates were far an few between, and app adoption has been far too slow. There is still no Sonos app (Phonos is not bad, but not as good). I also have no signal at home, with IOS or Android I can use WiFi calling and SMS over WiFi on my network, but no guess what no app on WP. I can also use iMessage on WiFi. Sure these are just my personal requirements, but everyone will have issues with apps that are on IOS or Android but not WP.

The phone backup solution still sucks as well, since many apps and games do not support backup. I have a huge world in Terraria that will be forever stuck on the phone since there is no way to backup it up to another device. I even got an ipad mini for the train I am embarrassed to say, and guess what my game saves work across devices.

Just to add, I have also tried several Android devices (HTC One, nvidia tablet), and had the dubious pleasure of dealing with a BYOD implementation at work. Having seen users with all manner of devices, the conclusion from that rollout was clear: IOS just works, Android is a total rats nest – users saying ‘I just need to format my device as it is running slow’, Android reporting that it was out of space even though it was not (being used by cache), very old Android versions, crappy builtin browsers that all work differently – just horrible, horrible experiences for users. Windows Phone also was fine, for the one user out of 3500 that had one. If Windows Phone had the apps that IOS has, it would be in the running for the best OS. Unfortunately as it stands, I just can’t recommend it to anyone.

I will of course be hanging on to my Lumia 925 to test out Windows Mobile 10. If Windows bridge for IOS comes off, that is the best bet that we might close the app gap, but I am not holding my breath.

Configuring Site to Site VPN from Cisco ASA to a Draytek router

Walkthrough for creating a site to site VPN from a Cisco ASA firewall to a Draytek router, using ADSM. The models used were a Cisco ASA 5505 running ADSM 7.4(2) and ASA 9.2(3)3, and a Draytek 2860 series firewall/router.

Note that there is a guide on the Draytek site here: http://www.draytek.com/index.php?option=com_k2&view=item&id=2027&Itemid=293&lang=en but I found this did not have quite enough information, and besides is for an older ASA and ADSM version.

ASA Configuration

Connection Profile:

  1. Choose Wizards>>IPsec VPN Wizard
  2. Peer IP address: Enter the WAN IP of your Draytek
  3. Local network: Choose the Network Object for your inside network
  4. Remote network: Choose or add a new Network Object for the remote network (inside the Draytek)
  5. Click Next
  6. Enter a Pre-shared key
  7. Click Next
  8. Check the box for NAT exempt (you will get asymmetric NAT errors if you do not choose this).
  9. When finished, edit the Connection profile, and under IKE v1 change the IPsec proposal to just ESP-3DES-SHA
  10. On IKE v2 choose 3DES

ASAK_IKE1

ASAK_IKE2

Access Rule:

  1. On Access Rules, click Add:
    • Interface: Inside
    • Source: Choose your inside network
    • Destination: Choose your remote network behind the Draytek
  2. Add another access rule:
    • Interface: Outside
    • Source: Choose your remote network behind the Draytek
    • Destination: Choose your inside network

Draytek Configuration

  1. Click on VPN and Remote Access
  2. Click Lan to Lan
  3. Click a free Index
  4. Enter a profile name
  5. Call direction Dial-Out
  6. Dial-Out settings: Ipsec tunnel
  7. Server IP: Enter the IP of the ASA
  8. IKE Authentication Method: enter the same key you used on the ASA
  9. IPsec Security Method: Click High, then Advanced, then choose:
    1.  IKE phase 1 proposal: 3DES_SHA1_G2
    2. IKE phase 2 proposal:  3DES_SHA1

Draytek_IKE

  1. Enter the remote network settings under TCP/IP Network Settings at the bottom.

That’s it! Then try pinging something on the other side and it should dial the tunnel. I would suggest using the logging on the ASA to troubleshoot issues, since it is more comprehensive that the syslog on the Draytek. The most common reasons for the tunnel not coming up are the phase 1 and phase 2 settings, so make sure that these match on both sides.

Fix for network card not working after Windows 10 upgrade – Intel I217V

I have had this problem on 2 separate Fujitsu LIFEBOOK E734 Notebooks. Fujitsu support for Windows 10 is poor, and there are no drivers published.

 

The issue is:

 

- After upgrade to Windows 10 from Windows 7 (either a clean Windows 7 install or the Fujitsu pre-installed image), the network card looks fine but does not work, DHCP cannot get an address and a manual IP cannot communicate. Uninstalling the adapter does not work. Consequently, it is not possible to activate the system, or do anything else for that matter, unless Wi-Fi is working.

 

The fix, is unfortunately to do a clean install. After clean install it works fine, but this can only be done once Windows 10 is activated (in order to retain Windows 10 activation status), which is tricky if there is not network. See http://www.msdonkey.com/windows10/performing-a-clean-install-of-windows-10/ for more info on doing an upgrade and then clean install.

Using Wi-Fi did work for me, so the issue seems to do with the Ethernet card and not the whole network stack.

 

So in summary, there is an issue with upgrading the Fujitsu E734 with Intel I217V Ethernet card, and others may also have this issue with this card. I recommend doing a clean install after the initial upgrade, but make sure that Windows 10 is activated first – try using Wi-Fi to do that

Fix for the Windows 7 install error: ‘A required cd/dvd device driver is missing’

How to fix the Windows 7 install error: ‘A required cd/dvd device driver is missing’. Note that this will also fix issues where your USB keyboard/mouse do not work in Windows 7 setup.

This is a frustrating problem when trying to install Windows 7, and there are various recommendations on the internet, some of which may or may not work. However, what follows is in my opinion the simplest way to resolve this issue.

The problem happens on a reasonably modern machine with USB 3 ports. One source of confusion is the lengthy post on the Microsoft answers forum here: http://answers.microsoft.com/en-us/windows/forum/windows_7-hardware/a-required-cddvd-device-driver-is-missing-usb/61eda679-66cc-4512-b175-d02871394461?auth=1, the top recommendation is to change USB ports half way through the installation. This will in fact work in some cases, but there is a simpler way to resolve this.

The problem stems from the fact that Windows 7 does not include USB 3 drivers on the installation media. So basically, if you try and use a USB 3.0 port to install Windows 7 with a bootable USB key, you will get this error.

Windows7_driver_error

The solution is as follows:

  1. Use a USB port that is not USB 3.0 (look inside the port, if the horizontal plastic strip in the middle is blue then it is 3.0, otherwise it is probably 2.0).
  2. Failing that, if all the ports are USB 3.0, you will need to change the BIOS setting to change your USB ports to 2.0. This varies by manufacturer, but on my Fujitsu E734 with Phoenix BIOS, this setting is in Advanced/Internal Device Configuration/USB3.0 (change to disabled).

Note:

Also see ‘How to Install Windows 7 with only USB 3.0 Ports’ <http://codeabitwiser.com/2014/03/how-to-install-windows-7-with-only-usb-3-0-ports/>  – this details how to inject the drivers into the boot.wim file, but frankly either of the 2 methods above are easier. I couldn’t get the boot.wim method to work even with the correct drivers for one laptop, but this is worth a try if you have no USB 2.0 ports or BIOS setting for USB 2.0.

Performing a clean install of Windows 10

windows10-laptop

 

This post details how to do first an upgrade, and then clean install of Windows 10 using the free upgrade, making sure that your PC is activated at the end.

First, make sure that you have backed up your system.

Step 1: Get Windows 10 install files

Option 1: Get the ISOs from Microsoft

The first thing that you need to do is get hold of the ISOs. I would recommend doing it this way rather than using the Get Windows 10 app notification.

  • Go to

https://www.microsoft.com/en-us/software-download/windows10

  • Download the 32-bit or 64-bit version of the tool that matches your current version of Windows, it doesn’t matter if you are going to install a different version later.

Option 2: Download from MSDN Subscribers

You can also use the MSDN ISOs to do this, I have tested and they work fine.

Login and download from https://msdn.microsoft.com/subscriptions/

Note that you will need to use the Multiple Version ISO to do an upgrade, not Enterprise. This version includes both Home and Pro.

I recommend using Rufus to create a bootable USB key from this ISO.

Step 2: Upgrade Windows

It is important to do an in place upgrade first, in order to retain your Windows activation.

Note: You must have a machine currently running a valid copy of Windows 7 or Windows 8.1 for this to work. Note down if you have the Home or Pro version so you know which version you will upgrade to:

  • Windows 8/8.1 and Windows 7 Home Basic and Home Premium devices upgrade to Windows 10 Home
  • Windows 8/8.1 Pro and Windows 7 Professional and Ultimate devices upgrade to Windows 10 Pro
  1. Start with Win7 or 8.1 that’s properly activated.
  1. Install Win10 as an upgrade – if you have the Get Windows 10 app, I would recommend using that at this stage, as in my experience the wizard is generally less problematic, this will download Windows 10 again however. You can also run setup.exe from your install media. You could also use the Get Windows 10 app to do this, but using your media avoids downloading it twice. Do not boot from the Win10 install media at this stage, but run setup.exe from your existing Windows installation.
  1. Once Windows 10 is installed, make sure you are connected to the internet.
  1. Right click on the Start button, click System, and make sure that it says Windows 10 is activated. If not, click on the link to activate, making sure that you are connected to the internet.

Step 3: Perform a Clean Install

Once you have Windows 10 upgraded and activated, you can then optionally do a clean install, which will retain your activation status.

  1. Reboot from your bootable USB media and follow the normal steps to install, acknowledge the warning that any previous Windows installation will be lost.
  2. If you used the MSDN media, it will prompt you to choose either Home or Pro – make sure that this is the same edition as you had before (which will be the same as the version of Windows 7 i.e. Home Premium – Home etc).
  1. Choose custom install when prompted, delete all the partitions, and install away.
  1. When it first boots, you will be prompted to enter a product key, click on ‘do this later’.
  1. Once you are logged in, check again in System and it should be activated.

This works because the upgrade is what registers the machine ID with the Microsoft . Once that’s done, any time that machine does an installation, it checks with Microsoft and verifies activation on the machine ID. If the ID is in the database, it activates.

Also see the Microsoft FAQ for more information.

Once your device upgrades to Windows 10 using the free upgrade offer and activates online automatically, an entitlement is registered to your PC’s hardware for your edition of Windows 10.  (If you go to Settings  >> Update & Security >> Activation says “Windows is activated”.)  Now you will be able to clean install (i.e. boot from media and install Windows 10) the same edition of Windows 10 seamlessly without having to enter a product key.

 

  1. Make sure your PC is activated by going to the Settings >> Update & Security >> Activation.
    If the activation has not completed, you can click the Activate Now button to complete the activation process. 
  1. Create your installation media for the appropriate edition of Windows 10 by clicking here.
  1. Skip entering the product key during Windows 10 Setup. Windows 10 will activate online automatically on such devices. The skip option is only available when booting from media and launching Windows 10 setup

 

The automatic online activation will occur seamlessly after clean installing Windows 10 if the device had previously upgraded and activated online, with the same edition of Windows 10.

Final thoughts on the Surface 2

I have used a Surface 2 daily for almost a year now. I bought one as I wanted a Windows machine that was very portable, had Office, touch, was not vulnerable to viruses and spyware, and would just work. Unfortunately it failed dismally on the last requirement. I am not sure if mine is just faulty, but these are all the issues that I have with it:

  1. The nVidia display driver crashes, regularly. Often when this happens, there is a popup on the desktop saying that the driver has crashed, and then the entire operating system becomes a slideshow, and is completely unusable. You can’t even restart it, it requires a hard power off by holding the power button in. This has never been addressed by Microsoft.
  2. Sometimes the device will not wake up, the lights on the keyboard come on, but the screen remains black. Has to be powered off.
  3. Sometimes the keyboard stops working, and either requires reattaching, or rebooting the device.
  4. Sometimes no modern apps will open, requiring a reboot.
  5. It frequently stops detecting the micro SD card, and the card has to be reseated.

What worries me, is that if Microsoft can’t even get this working reliably with their own OS and their own hardware, with no third party applications installed, what is this a lost cause? My Surface 2 is far less reliable than my other Windows tablets and PCs, e.g. Lenovo laptops, home built PC, etc.

Regardless of the fact that the Surface 2 is now an orphaned device due to the demise of Windows RT, it is very disappointing that Microsoft never resolved these issues when they control the end to end experience, and I am worried about getting another Surface device for these reasons.

Betron YSM1000 Earphones Headphones review

betron

I chose these headphones after seeing the good reviews on here, they seemed to be good quality and have the features that I need. However, I am returning these after a couple of days. Whilst they are indeed well built and have excellent sound, and work fine with my Windows Phone, they are simply not confortable to wear for even a short time. I really wanted to like these, they are a good price and I have been looking for a quality set of earphones that does not break the bank, but unfortunately this is not the right set.

I’ll start with the good points:

  • Excellent sound – I could hear parts of music I could not with Senheiser CX300 or CX500.
  • Seem sturdy, thick cable, nice carry case
  • Call button works great with Windows Phone, and Cortana!
  • Includes lots of different types of silicone tips, including memory foam ones
  • Colour coded bands, so you can easily tell which is left and right.
  • 2 year warranty – my Senheiser always seem to last just over 1 year and the one ear dies. So these are good value.

Bad:

  • Extremely unconfortable. Despite trying nearly all of the tips, they are basically too long and too heavy. This means that they don’t stay in your ear well, and you are always pushing them back in. Not only that, but they have quite sharp edges at the front, so these dig into your ear and hurst after a few minutes.
  • Extremely noisy in the wind. Due to the large design, if it is windy they somehow seem to amplify the wind as if the outside is a microphone – all you can hear is wind, and none of the music you are playing. Forget about making a phone call.
  • Flashy, rather over the top look – shiny gold and black is not for everyone.
  • Due to their length, you could not wear these in bed or lying down.

So overall, good sound and quality, but an ergonomic disaster. Not recommended for this reason. 2 out of 5 overall.

2-out-of-5-stars

Vodafone freebee reward experiences

This post is a brief summary of my experiences trying to redeem my Vodafone ‘Freebee Rewardz’ points.

I have been unable to redeem any ‘freebee rewardz pointz’, since first trying on 02/10/14. Vodafone have been unable to help me resolve this problem to date. With their PAYG (pay as you go) SIMS, you accumulate ‘poinz’ for topping up. These can then (apparently) been redeemed for vouchers etc. See https://rewardz.vodafone.co.uk/#howitworks for details.

My first issue is that I (and many other people from the forum, including my daughter) cannot login to the rewardz site at https://rewardz.vodafone.co.uk/. We get an error when clicking on ‘spend your pointz’. The error is ‘You have entered an incorrect mobile number please try again’. Other people are able to login, but then unable to redeem any of the vouchers which are apparently offered. Using other browsers or clearing cookies/cache etc makes no difference.

After posting in the forum, I submitted a ticket on 02/10/2014 to get them to sort out my rewardz login. This was done using an email form, which you have to get access to by posting in the forum as it is not on the website.

I received some replies saying that they could not resolve the issue with the login to the site. So I then tried numerous times using chat, to get them to redeem the pointz for me manually. I was promised several times on chat, and even via email, that I would either be emailed or texted a code. Nothing was received in the post. Once I received a mysterious SMS, which said: ‘Here are your latest vouchers’ and then 5 characters. There was no explanation, and taking this into a store was met with blank faces, and I was told to ring customer services.

My experience to date has been:
– Stores cannot help with any issues with points
– Chat will say anything to get you off the phone, pretending to have resolved issues when they have not
– The staff on the support forum just tell you to raise an email ticket, and in my experience they cannot help either.
– If you try and call 191, you just get passed around in circles whilst you tell the same story over and over again.

These are just my experiences, and I invite you to share yours below. There is a link with many similar threads here http://forum.vodafone.co.uk/t5/Pay-as-you-go-services/To-anyone-unable-to-claim-their-Freebee-Rewardz/m-p/2332016/highlight/false#M56381

I complained to Ombudsman today and will see if that helps. So far almost 3 months and counting.