# Help and Support EN # Applications # Bind DNS #### Common Issues ##### Issue: server booted with a time in the future, and bind / named downloaded the trust information with a future timestamp Often you'll see this in the logs: validating ./DNSKEY: unable to find a DNSKEY which verifies the DNSKEY RRset and also matches a trusted key for '.' managed-keys-zone: No valid trust anchors for '.' Solution: 1\) shut down named 2\) delete /var/named/dynamic/managed-keys.bind.jnl and create file just containing: ;BIND LOG V9 8 3\) ensure new file is owned by the named user. 4\) start up named You'll see something like this in the logs: Apr 28 12:49:00 XXXXXX named\[4093\]: managed-keys-zone: journal rollforward failed: no more Apr 28 12:49:00 XXXXXX named\[4093\]: managed-keys-zone: unable to load from '/var/named/dynamic/managed-keys.bind.jnl'; renaming file to '/var/named/dynamic/jn-xMvuHJmM' for failure analysis and retransferring. And then your dnssec should start working again... There's probably better ways to trigger the resolution, but the above seems to work.... # E-mail Settings This chapter covers basic email settings for all platforms, as well as per platform specific guides. # Android Phone and Tablets For Android based phones, tablets, Chromebook and IoT devices, there are a number of options of e-mail clients. Some vendors supply their own developed email client however Google’s own GMAIL client is common across all legitimate android devices and we support this client. ### POP/IMAP [![image-1656323242555.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/nR1It9DKvXiCMTa7-image-1656323242555.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/nR1It9DKvXiCMTa7-image-1656323242555.png) Figure 26 go to the add account function under 'Accounts' In Android settings, or Gmail [![image-1656323255611.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/PsNlIYpX4gWXKfLL-image-1656323255611.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/PsNlIYpX4gWXKfLL-image-1656323255611.png) Figure 27 choose to add an IMAP account [![image-1656323261960.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/uEXtBfIPxRspFJnw-image-1656323261960.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/uEXtBfIPxRspFJnw-image-1656323261960.png) Figure 28 Once the email address is entered, Manual setup is unlocked. Choose **MANUAL SETUP** [![image-1656323278724.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/GhnTwp7uWb3BNAR3-image-1656323278724.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/GhnTwp7uWb3BNAR3-image-1656323278724.png) Figure 29 choose IMAP account. Optionally you may choose POP3 [![image-1656323298575.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/XyKrQXDlZDTDkCZW-image-1656323298575.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/XyKrQXDlZDTDkCZW-image-1656323298575.png) Figure 30 enter the password for the IMAP email account you wish to setup [![image-1656323309933.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/VY0tJtR57MeGiP4q-image-1656323309933.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/VY0tJtR57MeGiP4q-image-1656323309933.png) Figure 31 change the **INCOMING** mail server to **mail.rackcorp.com** [![image-1656323319715.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/f7Q5S834UMJtPayM-image-1656323319715.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/f7Q5S834UMJtPayM-image-1656323319715.png) Figure 32 change the **OUTGOING** mail server to **mail.rackcorp.com**. **Change** the port to 25 and security to **STARTTLS** If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. [![image-1656323339394.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/Xf0Q43sd0n6S5dvh-image-1656323339394.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/Xf0Q43sd0n6S5dvh-image-1656323339394.png) Figure 33 successful account configuration will result in a success message ### Exchange [![image-1656323359349.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/TtOhbjVhmWOlgSFC-image-1656323359349.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/TtOhbjVhmWOlgSFC-image-1656323359349.png) Figure 34 within GMAIL, choose add account or add another email address [![image-1656323370352.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/UwfEN0A9DJu81Yln-image-1656323370352.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/UwfEN0A9DJu81Yln-image-1656323370352.png) Figure 35 GMAIL will present a list of account types. Choose EXCHANGE [![image-1656323380566.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/JNadfqGf73TbDkoZ-image-1656323380566.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/JNadfqGf73TbDkoZ-image-1656323380566.png) .Figure 36 enter the email address for your EXCHANGE account at the prompt to begin the setup process [![image-1656323393255.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/0KYEiVm884oeOdEN-image-1656323393255.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/0KYEiVm884oeOdEN-image-1656323393255.png) Figure 37 enter the password for your exchange account when prompted [![image-1656323404575.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/CidWmWuLDYexHBss-image-1656323404575.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/CidWmWuLDYexHBss-image-1656323404575.png) Figure 38 several prompts will be made during the exchange setup process. Agree to these by pressing OK [![image-1656323413179.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/TeoDOfY3GbyLM41K-image-1656323413179.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/TeoDOfY3GbyLM41K-image-1656323413179.png) Figure 39 once your password is accepted, a further page will display a summary of your account settings. simply press NEXT [![image-1656323424557.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/0gIUwt1ml4xlqEZN-image-1656323424557.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/0gIUwt1ml4xlqEZN-image-1656323424557.png) Figure 40 several prompts will be made during the exchange setup process. Agree to these by pressing OK. [![image-1656323446837.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/RtEDPoLwWPKjSlsK-image-1656323446837.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/RtEDPoLwWPKjSlsK-image-1656323446837.png) Figure 41 To add exchange accounts to a mobile device, the exchange server requires mobile device management rules as listed to be applied to your device. Please read the above screen carefully. Changes to the security settings of your device will be made automatically and are required to add exchange mail to your device. [![image-1656323456415.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/MONMs7nV2prgdfXQ-image-1656323456415.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/MONMs7nV2prgdfXQ-image-1656323456415.png) Figure 42 when the Gmail exchange setup process is complete the success message is displayed # Apple iPhone and iPad ### POP/IMAP manual setup [![image-1656323488764.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/fUojpEJe90GyzRe4-image-1656323488764.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/fUojpEJe90GyzRe4-image-1656323488764.png) Figure 43 Navigate to the settings icon in your idevice, and then Passwords and Accounts [![image-1656323496199.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/E8Gv0nxGJyxvazHl-image-1656323496199.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/E8Gv0nxGJyxvazHl-image-1656323496199.png) Figure 44 in the Settings -> Passwords & accounts page, hit Add Account. Fetch New Data should be Push [![image-1656323513514.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/FseyRhVlsS5JFRRJ-image-1656323513514.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/FseyRhVlsS5JFRRJ-image-1656323513514.png) Figure 45 we are manually setting up an IMAP or POP account so choose Other [![image-1656323526830.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/dQzMLuBX7TySLKgR-image-1656323526830.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/dQzMLuBX7TySLKgR-image-1656323526830.png) Figure 46 Under Other - Add Mail Account [![image-1656323540640.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/ouzsqiRvfHkPpGuK-image-1656323540640.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/ouzsqiRvfHkPpGuK-image-1656323540640.png) Figure 47 Fill in your email account details as requested [![image-1656323549724.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/ux6toodwpxqx0cxo-image-1656323549724.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/ux6toodwpxqx0cxo-image-1656323549724.png) Figure 48 fill in the email account and server details as illustrated If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. [![image-1656323594389.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/zjxrV9z1HuB3SN4F-image-1656323594389.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/zjxrV9z1HuB3SN4F-image-1656323594389.png) Figure 49 once your account details are saved and tested, you can choose what data to sync to the mail server, leave the default setting [![image-1656323608297.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/wJlDYV4b5S6uLG7T-image-1656323608297.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/wJlDYV4b5S6uLG7T-image-1656323608297.png) Figure 50 on success your email account is now added to the account list in iOS ### Exchange [![image-1656323639715.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/rukqcYfyHcXCuUGB-image-1656323639715.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/rukqcYfyHcXCuUGB-image-1656323639715.png) Figure 51 we are setting up an EXCHANGE account [![image-1656323660888.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/SfJJSP17iYq5V5BL-image-1656323660888.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/SfJJSP17iYq5V5BL-image-1656323660888.png) Figure 52 enter your email address for your exchange account [![image-1656323687668.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/EdhWQ6HOF386KyHA-image-1656323687668.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/EdhWQ6HOF386KyHA-image-1656323687668.png) Figure 53 enter your password and create an account description [![image-1656323761877.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/ZDML6uE8uRMlvJ0d-image-1656323761877.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/ZDML6uE8uRMlvJ0d-image-1656323761877.png) Figure 53 enter your password and create an account description [![image-1656323772148.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/fxQ1fQQ7o0s5kzk9-image-1656323772148.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/fxQ1fQQ7o0s5kzk9-image-1656323772148.png) Figure 55 fill in your account details as follows [![image-1656323780830.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/xMW7V5szIQNh6XeM-image-1656323780830.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/xMW7V5szIQNh6XeM-image-1656323780830.png) Figure 56 once your account details are confirmed and verified, you will receive a sync options screen. Choose here what options you want to sync to your device. Syncing contacts for example will overwrite your existing contacts and upload existing contacts # Apple Mac OS ### Exchange setup ### POP3/IMAP manual setup [![image-1656323219274.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/0bNGBqMpgY4Kq72n-image-1656323219274.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/0bNGBqMpgY4Kq72n-image-1656323219274.png) Figure 23 in Mac Mail accounts, select add other mail account [![image-1656323214675.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/POzq3AXR8QGCk8hK-image-1656323214675.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/POzq3AXR8QGCk8hK-image-1656323214675.png) Figure 24 In the Mac Mail setup wizard, fill in your POP/IMAP account details [![image-1656323209631.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/BV2aUGDewXKAovZw-image-1656323209631.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/BV2aUGDewXKAovZw-image-1656323209631.png) Figure 25 Mac Mail setup wizard will then request the server names. Fill in mail.rackcorp.com If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. # Basic E-Mail Settings RackCorp supports mail auto discovery. This is a feature built into modern email clients that allows the email program to obtain the correct mail settings for a user based just on their email address and password. This works for POP, IMAP and Exchange email options on RackCorp. If you do not wish to use auto discovery, standard email settings are supported including optional SSL and TLS encryption between the end user and RackCorp mail servers. ## Email Settings | POP/IMAP Choose **POP** OR **IMAP** email server. **IMAP** is generally recommended. **POP** Email downloads entire emails to your device before they can be viewed and optionally deletes them from the server. - Pros: Useful for archival, allows inbox and mail management such as zero inbox - Cons: not ideal for multi devices, slower to look at new emails **IMAP** downloads a header of the email first so the sender, subject, date can be previewed and keeps all the mail on the server. - Pros: Lightweight and stores mail on server, ideal for multi device use and low bandwidth Cons: offline viewing of email depends on settings and if entire mail has been downloaded. ### Global Common Settings:
Username | |
Password | your\_password |
Incoming Server | mail.rackcorp.com |
Outgoing Server | mail.rackcorp.com |
Outgoing Server Type | SMTP |
Outgoing Server Username | |
Outgoing server password | your\_password |
Webmail | https://webmail.rackcorp.com |
Username | |
Password | your\_password |
Incoming Server | mail.us.rackcorp.com |
Outgoing Server | mail.us.rackcorp.com |
Outgoing Server Type | SMTP |
Outgoing Server Username | |
Outgoing server password | your\_password |
Webmail | https://webmail.us.rackcorp.com |
Username | |
Password | your\_password |
Incoming Server | mail.mn.rackcorp.com |
Outgoing Server | mail.mn.rackcorp.com |
Outgoing Server Type | SMTP |
Outgoing Server Username | |
Outgoing server password | your\_password |
Webmail | https://webmail.mn.rackcorp.com |
**POP with SSL** | **POP with TLS or STARTTLS** |
Incoming Server Port: 995 Outgoing Server Port: 465 | Incoming Server Port: 143 Outgoing Server Port: 25 |
**IMAP with SSL** | **IMAP with TLS or STARTTLS** |
Incoming Server Port: 993 Outgoing Server Port: 465 | Incoming Server Port: 143 Outgoing Server Port: 25 |
Guide for Outlook 2010,2013,2016,2019,2022 & Office 365
### Outlook 2010/2013/2016 - Standard E-Mail [![image-1656322814985.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/3MNewn5BIsb6Hzmm-image-1656322814985.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/3MNewn5BIsb6Hzmm-image-1656322814985.png) Figure 2 Microsoft Outlook account settings (File Menu) ![](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/bxZhsZO8XCbL70cM-embedded-image-alvu6ycn.png) Figure 3 Microsoft Outlook Add Account - Auto Setup ![](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/KkNcojjAM8Q8NTKB-embedded-image-rwus3fsl.png) Figure 4 Enter your account password here if prompted during the auto setup process enter it. If you are also prompted to allow server settings, press allow ![](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/oW6gCHjflMZuuXMM-embedded-image-vorel4n7.png) Figure 5 Microsoft Outlook auto account setup successful notfication ![](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/O5Xi7DyTQyM1UDvx-embedded-image-4lvo9kcr.png) Figure 6 settings for your newly added account are available from the File menu in Microsoft Outlook and selecting the appropriate account from the drop down ### Outlook 2019/Outlook 365 - Standard Email The setup screens for both these versions vary to other versions of versions of Outlook so verbal setup instructions will not be fully applicable. [![image-1656323004435.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/5q3MZ5Be2SL7TGb2-image-1656323004435.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/5q3MZ5Be2SL7TGb2-image-1656323004435.png) Figure 7 Microsoft Outlook account settings (File Menu) [![image-1656323008992.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/JUWWl5yA1q6Hpfgx-image-1656323008992.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/JUWWl5yA1q6Hpfgx-image-1656323008992.png) Figure 8 enter your email address in the Outlook welcome screen and tick manual setup [![image-1656323021228.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/vaSVMQb86AbWTKnP-image-1656323021228.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/vaSVMQb86AbWTKnP-image-1656323021228.png) Figure 9 Choose from IMAP or POP email accounts. IMAP is recommended. [![image-1656323039887.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/H0GDu6Kuomoexlnd-image-1656323039887.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/H0GDu6Kuomoexlnd-image-1656323039887.png) Figure 10 complete the email settings as illustrated, incoming and outgoing mail servers, encryption and ports If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. [![image-1656323047556.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/TqFsUxD2tVu5TVI3-image-1656323047556.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/TqFsUxD2tVu5TVI3-image-1656323047556.png) Figure 11 complete the password for your email account [![image-1656323056881.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/SgYc2eiZLSVusW5B-image-1656323056881.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/SgYc2eiZLSVusW5B-image-1656323056881.png) Figure 12 Outlook welcome process is a success message. There is a optional link selected by default that leads to a webpage describing how to install Outlook for mobile. ### Outlook 2019/Outlook 365 - Hosted Exchange [![1_add-email.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/oEJmxDZl3ZvTYkux-1-add-email.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/oEJmxDZl3ZvTYkux-1-add-email.png "Add a new account to outlook. Note the exact screen varies version to version") Figure 13. Add a new account to outlook. Note the exact screen varies version to version [![2_select.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/apkFz5x0PtNsDQBu-2-select.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/apkFz5x0PtNsDQBu-2-select.png) Fig 14. Choose **EXCHANGE** from the email selection [![3_perm.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/jJmLWeBgD86vY9xW-3-perm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/uR6CKB7ySOXctZE0-3-perm.png) Fig 15. A permissions popup will appear soon after. Select The options circled in red as screenshot. The popup might be hidden or obscured by outlook. [![4_password.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/0ZDRqazP0i3R1zBS-4-password.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/0ZDRqazP0i3R1zBS-4-password.png) Fig 16. enter your exchange password. Selecting Remeber my Password is optional. [![5_options.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/Q1ysY9Kng87g5E8V-5-options.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/Q1ysY9Kng87g5E8V-5-options.png) Fig 17. If your password is correct you will be presented with options. The defaults are sufficient. [![6_confirm.png](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/scaled-1680-/gB1zPTMslvCVpCsy-6-confirm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2024-03/gB1zPTMslvCVpCsy-6-confirm.png) Fig 18. Final Notice of Successful Addition of account # Mozilla Thunderbird Email Client Setup | Mozilla Thunderbird [![image-1656323159082.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/dppihEg3U8OJyOVi-image-1656323159082.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/dppihEg3U8OJyOVi-image-1656323159082.png) Figure 20 Mozilla Thunderbird setup, choose add mail account from the dropdown and fill in the details then press continue. [![image-1656323168119.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/hvVe4Y39pylwkeXb-image-1656323168119.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/hvVe4Y39pylwkeXb-image-1656323168119.png) Figure 21 Mozilla Thunderbird email setup - choose manual Config now if you wish to define your own mail server settings [![image-1656323180327.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/Qaw4b6gd51R4LcP3-image-1656323180327.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/Qaw4b6gd51R4LcP3-image-1656323180327.png) Figure 22 Mozilla Thunderbird setup - once the manual setup window appears, complete the mail server details, choosing IMAP or POP If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. # Windows Mail ## Windows 10 Mail ### POP/IMAP manual setup Auto discovery or manual settings can be used with Win10 Mail [![image-1656323074090.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/LTVtZSWCKLeDjdXs-image-1656323074090.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/LTVtZSWCKLeDjdXs-image-1656323074090.png) Figure 13 Windows 10 Mail setup – Click Accounts and then add account. Select Advanced setup [![image-1656323083469.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/lCVJCd239UuMXdcd-image-1656323083469.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/lCVJCd239UuMXdcd-image-1656323083469.png) Figure 14 Windows 10 mail manual setup for RackCorp POP/IMAP email - choose advanced setup If you are using our Mongolian servers, please use **mail.mn.rackcorp.com** as the mail server. [![image-1656323097525.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/92WMSV1dsblIYAj0-image-1656323097525.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/92WMSV1dsblIYAj0-image-1656323097525.png) Figure 15 Windows 10 mail manual setup for RackCorp POP/IMAP email - choose Internet email [![image-1656323106891.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/bKrYjHWQMTI16L6n-image-1656323106891.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/bKrYjHWQMTI16L6n-image-1656323106891.png) Figure 16 Windows 10 mail manual setup for RackCorp POP/IMAP email - fill in the details as illustrated, choose IMAP or POP ### Exchange At This time, there is an issue with the latest release of the email application for Windows 10, which prevents the ‘**EXCHANGE**’ option below from being chosen, **ADVANCED SETUP** must be chosen [![image-1656323121981.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/l662do881JtIMJ15-image-1656323121981.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/l662do881JtIMJ15-image-1656323121981.png) Figure 17 Windows 10 mail setup for RackCorp Hosted Exchange - choose advanced setup [![image-1656323129726.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/m9ZdTcoectgmckav-image-1656323129726.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/m9ZdTcoectgmckav-image-1656323129726.png) Figure 18 Windows 10 mail setup for RackCorp Hosted Exchange - select Exchange ActiveSync [![image-1656323142986.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/scaled-1680-/rTvt43Hn0pqtro2z-image-1656323142986.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-06/rTvt43Hn0pqtro2z-image-1656323142986.png) Figure 19 Windows 10 mail setup for RackCorp Hosted Exchange - fill in the details as illustrated. Domain is to be left blank. Once you have completed **THE ADD AN ACCOUNT** form, Windows will prompt you about security policies for your computer. Select **YES. Selecting YES may strength your windows security settings such as your password strength requirements** You will then receive an **ALL FINISHED** success message. # How to check Exchange mailbox free space How to Check your exchange mailbox free space and avoid fake spam emails regarding your mailbox. Regarding hosted exchange provided mailboxes, all folders within that mailbox count towards the account quota. If the user is frequently reaching their quota we recommend keeping the Deleted Items folder empty ("emptying the trash") or locally archiving folders to a new PST folder. There are a number of official ways to check the storage size of your hosted exchange mailbox. If you receive a message claiming your storage is full fromGenerate and grab your credentials from the RackCorp Portal
[![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/Hr0UcmxsT9Dw4Jla-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/Hr0UcmxsT9Dw4Jla-image.png) Lets enter KDTTI5TWN4L4Y1JNH837 ``` Option secret_access_key. AWS Secret Access Key (password). Leave blank for anonymous access or runtime credentials. Enter a string value. Press Enter for the default (""). secret_access_key> ```Grab your key and secret from the RackCorp portal, remembering that is is a one-time-operation and your secret will no longer be available once it is first viewed
[![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/ALw5TXAUPrwWa47x-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/ALw5TXAUPrwWa47x-image.png) ``` Option region. region - the location where your bucket will be created and your data stored. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value. 1 / Global CDN (All locations) Region \ "global" 2 / Australia (All states) \ "au" 3 / NSW (Australia) Region \ "au-nsw" 4 / QLD (Australia) Region \ "au-qld" 5 / VIC (Australia) Region \ "au-vic" 6 / Perth (Australia) Region \ "au-wa" 7 / Manila (Philippines) Region \ "ph" 8 / Bangkok (Thailand) Region \ "th" 9 / HK (Hong Kong) Region \ "hk" 10 / Ulaanbaatar (Mongolia) Region \ "mn" 11 / Bishkek (Kyrgyzstan) Region \ "kg" 12 / Jakarta (Indonesia) Region \ "id" 13 / Tokyo (Japan) Region \ "jp" 14 / SG (Singapore) Region \ "sg" 15 / Frankfurt (Germany) Region \ "de" 16 / USA (AnyCast) Region \ "us" 17 / New York (USA) Region \ "us-east-1" 18 / Freemont (USA) Region \ "us-west-1" 19 / Auckland (New Zealand) Region \ "nz" ``` Choose 2, AUS ``` Location constraint - the location where your bucket will be located and your data stored. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value. 1 / Global CDN Region \ "global" 2 / Australia (All locations) \ "au" 3 / NSW (Australia) Region \ "au-nsw" 4 / QLD (Australia) Region \ "au-qld" 5 / VIC (Australia) Region \ "au-vic" 6 / Perth (Australia) Region \ "au-wa" 7 / Manila (Philippines) Region \ "ph" 8 / Bangkok (Thailand) Region \ "th" 9 / HK (Hong Kong) Region \ "hk" 10 / Ulaanbaatar (Mongolia) Region \ "mn" 11 / Bishkek (Kyrgyzstan) Region \ "kg" 12 / Jakarta (Indonesia) Region \ "id" 13 / Tokyo (Japan) Region \ "jp" 14 / SG (Singapore) Region \ "sg" 15 / Frankfurt (Germany) Region \ "de" 16 / USA (AnyCast) Region \ "us" 17 / New York (USA) Region \ "us-east-1" 18 / Freemont (USA) Region \ "us-west-1" 19 / Auckland (New Zealand) Region \ "nz" ``` Choose 2, AUS ``` Option acl. Canned ACL used when creating buckets and storing or copying objects. This ACL is used for creating objects and if bucket_acl isn't set, for creating buckets too. For more info visit https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl Note that this ACL is applied when server-side copying objects as S3 doesn't copy the ACL from the source but rather writes a fresh one. Enter a string value. Press Enter for the default (""). Choose a number from below, or type in your own value. / Owner gets FULL_CONTROL. 1 | No one else has access rights (default). \ "private" / Owner gets FULL_CONTROL. 2 | The AllUsers group gets READ access. \ "public-read" / Owner gets FULL_CONTROL. 3 | The AllUsers group gets READ and WRITE access. | Granting this on a bucket is generally not recommended. \ "public-read-write" / Owner gets FULL_CONTROL. 4 | The AuthenticatedUsers group gets READ access. \ "authenticated-read" / Object owner gets FULL_CONTROL. 5 | Bucket owner gets READ access. | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it. \ "bucket-owner-read" / Both the object owner and the bucket owner get FULL_CONTROL over the object. 6 | If you specify this canned ACL when creating a bucket, Amazon S3 ignores it. \ "bucket-owner-full-control" ``` Choose 1 For owner full control over your files with no public access ``` Edit advanced config? y) Yes n) No (default) y/n> ``` Choose N Summary of settings is next displayed ``` [rackcorps3] type = s3 provider = RackCorp env_auth = false access_key_id = OG4CONUEWUQEIVUTFI9F secret_access_key = tA+Nswu25EF6oxEKHzW3SjDuwSBjK1k8GQ73WMQk region = au endpoint = au.s3.rackcorp.com location_constraint = au-nsw acl = private -------------------- y) Yes this is OK (default) e) Edit this remote d) Delete this remote ``` Press Y to accept changes. You are returned to the main menu. ``` Name Type ==== ==== rackcorps3 s3 e) Edit existing remote n) New remote d) Delete remote r) Rename remote c) Copy remote s) Set configuration password q) Quit config e/n/d/r/c/s/q> ``` Q to quit back to the command prompt. ##### Connect rclone to a drive letter or folder-path on the operating system Where rackcorps3: is your friendly connection name from setup and s: can be a spare drive letter not in use by your system ``` C:\Users\KngtRider\Downloads\rclone>rclone mount rackcorps3: s: The service rclone has been started. ``` [![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/W8fPbLF3iVkuFt77-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/W8fPbLF3iVkuFt77-image.png)This will launch drive letter on demand. Once the process/rclone window is closed, the drive letter will be unmounted.
[![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/pUrBMWM7ov5HdAIa-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/pUrBMWM7ov5HdAIa-image.png) ### Advanced Setup Topics #### Autostart on Windows The following code will establish a windows service that will mount the S3 drive letter on startup but via a context that is visible to all users of the computerFor this guidance, we assume the rclone is unzipped to c:\\rclone. If you are following the above instructions, change the path for rclone to the exact path you used in those instructions, eg c:\\users\\yourwindowsusername\\Downloads\\rclone
- Open a command prompt and navigate to c:\\rclone - Execute Powershell by running powershell at the cmd prompt [![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/VIYvDfSNvbKfw2RG-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/VIYvDfSNvbKfw2RG-image.png) - At the powershell prompt enter this command to create the new rclone service ``` New-Service -Name Rclone -BinaryPathName 'c:\rclone\rclone.exe mount rackcorps3: S: --config c:\rclone\rclone.conf --log-file c:\rclone\mount.txt' ``` [![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/scaled-1680-/nqk1iXZbtrTAjRAd-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-11/nqk1iXZbtrTAjRAd-image.png) Where: - c:\\rclone\\ is your path to rclone - rackcorps3: is the friendly name for your S3 instance - S: is the desired drive letter Providing all the parameters are correct including keys, the service should execute as its set to automatic mode and the drive letter S: should appear.To manually interact with the service, use 'net stop rclone' and 'net start rclone' at the windows command prompt
# Getting started with S3 storage on RackCorp Hybrid Cloud - Windows & MacThis document will cover the basics to get up and running to use RackCorp’s S3 storage service, including setting up access keys and secrets, creating buckets and transferring/manipulating your files via a number of third party client applications on Windows.
There are several ways to host your files on RackCorp S3. This document focuses on Windows Clients but most applications are also available for Mac and Linux. - FTP style application (browser) - Mounted Drive Letter application (drive) - API access for modern web applications. You are free to use a S3 compliant application of your choosing, although the following applications are validated with our service and for which we can provide limited support and assistance.Windows | MAC | LINUX |
FileZilla Pro Payware | FileZilla Pro Payware | FileZilla Pro Payware |
Cyberduck (Browser) Free | Cyberduck (Browser) Free | rclone |
Mountain Duck (Drive) Trial | Mountain Duck (Drive) Trial | |
CloudBerry MSP360 Explorer Free | Cloudberry MSP360 Explorer Free | |
rclone | rclone | |
TNT Drive Trial | Mountain Duck | |
Expan Drive | Expan Drive | |
S3Browser Freeware | ||
WinSCP |
S3 Applications | |
FileZilla Pro Payware | [https://filezillapro.com/](https://filezillapro.com/) |
Cyber Duck (Browser) Freeware | https://cyberduck.io/ |
Mountain Duck (Drive) Trial | [https://mountainduck.io](https://mountainduck.io)/ |
CloudBerry MSP360 Explorer Freeware | [https://www.msp360.com/explorer.aspx](https://www.msp360.com/explorer.aspx) |
CloudBerry MSP360 Drive Trial | [https://www.msp360.com/drive.aspx](https://www.msp360.com/drive.aspx) |
TNT Drive Trial | [https://tntdrive.com/](https://tntdrive.com/) |
S3Browser Freeware | [https://s3browser.com/](https://s3browser.com/) |
WinSCP | https://winscp.net/eng/index.php |
rclone | https://rclone.org/downloads/ |
Expan Drive | https://www.expandrive.com/ |
Please add a "amazon s3' type connection configurator, using the endpoint of your choice
[![Screenshot 2023-07-04 at 3.54.56 pm.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/OZ3QdxAXZq1SUQO8-screenshot-2023-07-04-at-3-54-56-pm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/OZ3QdxAXZq1SUQO8-screenshot-2023-07-04-at-3-54-56-pm.png) #### CloudMounter Please update to the latest version For Ventura Support and follow the below settings example to setup Cloud Mounter.Add a "amazon s3' connection and fill in the details per rackcorp portal. Substitute the Server Endpoint for the one of your choosing eg AU or AU-NSW or S3 regions s per our S3 settings page.
[![Screenshot 2023-07-04 at 3.54.14 pm.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/CsFZmnRczAfIhtto-screenshot-2023-07-04-at-3-54-14-pm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/CsFZmnRczAfIhtto-screenshot-2023-07-04-at-3-54-14-pm.png) [![Screenshot 2023-07-04 at 3.54.14 pm.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/uUbKjJoZrfoVLHwy-screenshot-2023-07-04-at-3-54-14-pm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/uUbKjJoZrfoVLHwy-screenshot-2023-07-04-at-3-54-14-pm.png) ##### Expan Drive For ExpanDrive please add a "Amazon S3" Connection [![Screenshot 2023-07-05 at 3.41.51 pm (2).png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/OMJBIuF5FbDp6Qbn-screenshot-2023-07-05-at-3-41-51-pm-2.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/OMJBIuF5FbDp6Qbn-screenshot-2023-07-05-at-3-41-51-pm-2.png) [![Screenshot 2023-07-05 at 3.44.04 pm.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/scaled-1680-/M4JfcQJ4yHPy0AfS-screenshot-2023-07-05-at-3-44-04-pm.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-07/M4JfcQJ4yHPy0AfS-screenshot-2023-07-05-at-3-44-04-pm.png) ### 4. Advanced Features This document is intended to get you up and running with the RackCorp S3 Storage service using popular Windows client applications. To use advanced features like file versioning, encryption, Access Control Lists, cross-region replication, Transfer Acceleration, bucket logging and API access, please contact your account manager for additional information. These features may require specific settings or regions to work. Document History: 008: Add Mac/Windows Expan Drive, Cloudberry for Windows 007: Added Mountain Duck and Cloud Mounter for Mac OSX Ventura 006: Added WinSCP and rclone 005: Multi Language support 004: Add support and usage guidance for Cyber Duck and Mountain Duck from iterate GmbH # Install OPNsense Firewall ## OPNsense 20.x setup workflow for RackCorp Hybrid cloud #### Summary: Setting up OPNsense is easy if one has direct access bare metal, or has a desktop virtualisation where one can define internal NICs/networks, which can be used for the LAN side management. However, since we are setting up in a hybrid public/private cloud, without a management terminal (VM) setup on the same subnet as the LAN network, we will not be able to manage and configure the OPNsense since the locked down WAN interface is the one exposed to the outside world. Additionally, limited configuration is provided through its’s terminal shell. We want to have some management ports (properly secured) exposed to the Internet. For our hybrid cloud, we shall swap the public and private interfaces in OPNsense This is the reverse of the expected setup flow. We do this because the LAN interface has a preset ‘allow all’ rule which lets us login to its management portal. This will allow us to easily configure the system remotely via web browser and then we will change the settings back to the Public IP being on the WAN interface and private IP on the LAN interfaces.The general steps to get OPNsense 20 running on RackCorp Hybrid are as follows:
Install ISO
Get access to Web GUI
Make firewall rule on WAN interface for remote management
Reassign/swap the LAN/WAN interfaces
Rekey in the correct IP address for the LAN/WAN interfaces
The WAN IP included in this guide is for example only. Please replace it with the one we have provided you
[![image-1637654675114.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637654675114.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637654675114.png) --- #### 1. Install ISO OPNsense assigns its Interfaces to NICs in the order they are assigned to in the RackCorp Portal, starting with LAN interface. So let’s ‘swap’ the interfaces so we can login to the management webpage: 1\. Start off with the following configuration for the RackCorp Portal and OPNsense in your RackCorp VM**RackCorp vNIC ID** | **RackCorp vNIC Label** | **IP** | **VLAN** | **OPNsense Interface** |
**NIC 1** | **Public** | **116.206.80.210 /27** | **<your assigned VLAN>** **Public VLAN1 for Demo** | **LAN (vtnet0)** |
**NIC 2** | **Private** | **10.0.0.1 /24** | **<your assigned VLAN> Public VLAN1 for Demo** | **WAN (vtnet1)** |
Do not run interface assignment during boot if you are going to install to HD.
[![image-1637655296211.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637655296211.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637655296211.png) 2.3 Once booted, install the system to disk using the following Login: **installer** password: **opnsense** Follow the guided instructions to install to HDD. The defaults are fine for a single disk install. Once complete, follow the prompt to reboot the OPNsense install and EJECT the ISO from the RackCorp portal. [![image-1637655411184.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637655411184.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637655411184.png) --- #### 2. Get access to Web GUI 3\. Opnsense has a built in wizard in the console menu that aids the user to setup their LAN NIC, WAN NIC, any tertiary NIC such as a DMZ or management NIC as well as IPv4/6 addressing and DHCP. Your Opnsense will have booted to this menu after install. 3.1 **SET INTERFACE IP** for **WAN** Select **NONE**, this will clear the interface and let us re-assign. 3.2 **SET INTERFACE IP** for **LAN** Select **116.206.80.210**/27 as per table. Since this example uses a 27 bit subnet, our gateway is .193 and our maximum host is .223. For DNS use RackCorp NS1 110.232.116.249 or Google DNS 8.8.8.8**Interface** | **LAN** |
**DHCP** | No |
**New LAN IP** | 116.206.80.210 |
**Subnet** | 27 |
**Gateway** | 116.206.80.193 |
**Gateway as name server** | No |
**IPv4 Name server** | 8.8.88 |
**IPv6 LAN Interface via WAN Tracking:** | No |
**IPv6 LAN Interface via DHCP:** | No |
**IPv6 Address:** | <enter> for none |
**LAN DHCP Server:** | n |
**HTTP fallback for web GUI** | n |
**Protocol:** | TCP |
**Source Port:** | Any |
**Destination port range Start:** | <Your alias name> Scroll UP in the list to find it. |
**Destination port range End:** | <Your alias name> Scroll UP in the list to find it. |
**Log Packets:** | Enabled |
**Interface** | **LAN** |
**Configure via DHCP** | No |
**New LAN IP** | 10.0.0.1 |
**Subnet** | 24 |
**Gateway** | <enter> for none |
**IPv6 LAN Interface via WAN Tracking:** | N |
**IPv6 LAN Interface via DHCP6:** | N |
**IPv6 Address:** | <enter for none |
**LAN DHCP Server:** | Y |
**SDHCP End Address:** | 10.0.0.20 |
**Revert to HTTP as web GUI protocol** | N |
**Interface** | **WAN** |
**Configure via DHCP** | N |
**New WAN IP** | 116.206.80.210 |
**Subnet** | 27 |
**Gateway** | 116.206.0.193 |
**Gateway as name server** | no |
**IPv4 Name server** | 8.8.8.8 |
**IPv6 WAN Interface via DHCP6:** | N |
**IPv6 Address:** | <enter> for none |
**Revert to HTTP as web GUI protocol** | N |
***RackCorp is currently undergoing a transition to our BGP model globally. If you notice a combination of communities is not working as you expect, please raise a support ticket as our team as it may be our issue***
**BGP Looking Glass URL** *(RackCorp is currently undergoing testing on this service and it is not currently publicly available)* https://lg.rackcorp.com/
### **Transit Management (outbound)** *(Please note while we try to pass on these communities, upstream networks may still advertise to these providers)* 56038:283 Don't advertise to CoreIX (AS31708) 56038:284 Don't advertise to Hurricane Electric (AS6939) 56038:285 Don't advertise to Constant (AS20473) 56038:297 Don't advertise to NTT (AS2914) 56038:279 Don't advertise to Vocus (AS4826) 56038:286 Don't advertise to IPTransit (AS64098) 56038:287 Don't advertise to Indonet (AS9340) 56038:288 Don't advertise to Voxility (AS3223) 56038:289 Don't advertise to China Telecom (AS58453) 56038:290 Don't advertise to Aknet (AS12764) 56038:291 Don't advertise to Cogent (AS174) 56038:292 Don't advertise to Mongolia National DC (AS56301) 56038:293 Don't advertise to Gemnet (AS45204) ### **Peering Management (outbound)** *(Please note while we try to pass on these communities, upstream networks may still advertise to peering exchanges)* 56038:300 Don't advertise to WA-IX AU 56038:301 Don't advertise to NSW-IX AU 56038:302 Don't advertise to VIC-IX AU 56038:303 Don't advertise to QLD-IX AU 56038:310 Don't advertise to Megaport WA IX AU 56038:311 Don't advertise to Megaport NSW IX AU 56038:312 Don't advertise to Megaport VIC IX AU 56038:313 Don't advertise to Megaport QLD IX AU 56038:320 Don't advertise to DEC-IX DE ### **Global Management (outbound)** 56038:666 Blackhole prefix wherever possible (only IPv4 /32 or IPv6 /128 allowed) 56038:777 Do not advertise outside of local city (Useful if deploying anycast and utilising other vendors besides RackCorp) 56038:888 Attempt to pad announcements globally with prefixes for optimal anycast traffic 56038:8880 Attempt to pad announcements globally with prefixes for optimal anycast traffic (identical to :888) 56038:8881 Attempt to pad announcements globally with prefixes for optimal anycast traffic +1 56038:8882 Attempt to pad announcements globally with prefixes for optimal anycast traffic +2 56038:8883 Attempt to pad announcements globally with prefixes for optimal anycast traffic +3 56038:8889 Do not advertise 56038:2000 Do not advertise by default (Use specific keyed communities) #### **Cloud Users next-hop (outbound)** You can use 110.232.119.254 as your next-hop. Our systems will automatically assign your VM primary IP as the next hop. #### **Keyed Management (outbound)** *(Please note while we try to pass on these communities, upstream networks may still advertise at these locations)* A: 1=Dont Advertise, 2=Advertise no padding, 3=Advertise pad x1, 4=Advertise pad x2, 5=Advertise pad x3, 6=Advertise no-export B: 0=Transit + Peering, 1=Transit Only, 2=Peering Only 56038:1AB00 Global 56038:1AB21 AU Brisbane 56038:1AB01 AU Sydney GlobalSwitch 56038:1AB26 AU Sydney Equinix 56038:1AB02 AU Melbourne 56038:1AB03 AU Perth 56038:1AB09 DE FRA8 56038:1AB08 HK 56038:1AB14 IN 56038:1AB13 JP 56038:1AB19 MN MNDC1 56038:1AB20 MN GEMNET1 56038:1AB12 NL Amsterdam 56038:1AB11 NZ 56038:1AB17 TH BKK1 56038:1AB18 TH BKK2 56038:1AB06 UK London 56038:1AB04 US Fremont 56038:1AB05 US Chicago 56038:1AB15 US Los Angeles, CA 56038:1AB16 US Reston VA 56038:1AB07 SG 56038:1AB22 KG NSP1 56038:1AB23 PH Carmona 56038:1AB24 PH Makati 56038:1AB25 ID Jakarta 56038:5070 Force local-pref 70 56038:5080 Force local-pref 80 (Default) 56038:5090 Force local-pref 90 56038:5095 Force local-pref 95 #### **Informational Communities (inbound)** 56038:3000 Received via local 56038:3001 Received via transit 56038:3002 Received via peering 56038:3003 Received via customer #### **BGP Internal Distancing (inbound)** RackCorp uses a private AS65001 to represent some internal connectors in the BGP router path and is used to indicate distance between datacenters/cities. You can make use of these internally if you wish in calculating optimal routing # RackCorp Datacenter Locations and Codes #### **Datacenter Codes and Test IPs** The codes below identify the locations of servers both at order time and on billing informationDC Code | DC Description | Test IP v4 | Test IP v6 |
RC-AU-NEXTDCB2 | AU Brisbane NextDC B2 | 185.207.10.109 | |
RC-AU-VOCUS530 | AU Melbourne Vocus 530 | 103.233.30.118 | |
RC-AU-VOCUSPER03 | AU Perth Vocus PER03 PerthIX | 103.233.31.38 | |
RC-AU-GLOBESW1 | AU Sydney GlobalSwitch | 116.206.80.238 | |
RC-AU-EQX1 | AU Sydney Equinix SYD4 | 103.43.116.87 | |
RC-DE-FRANKFURT2 | DE Frankfurt FRA8 | 103.43.118.76 | |
RC-HK-EQXHK2 | HK Hong Kong EQXHK2 | 116.206.82.37 | |
RC-ID-DCI1 | ID Jakarta DCI1 | 185.207.9.5 | |
RC-ID-AREA31 | ID Jakarta Area31 | 103.69.75.46 | |
RC-KG-NSP1 | KG Kyrgyzstan NSP1 | 137.83.12.36 | |
RC-MN-GEM1 | MN Gemnet1 | 116.206.83.60 | |
RC-MN-MNDC1 | MN National DC1 | 103.43.117.37 | |
RC-NZ-SH1 | NZ Auckland SH1 | 120.138.21.118 | |
RC-PH-CRM1 | PH Philippines Carmona | 45.250.158.14 | |
RC-PH-MAK1 | PH Philippines Makati | 103.219.70.176 | |
RC-TH-BKK2 | TH Thailand NTT BKK2 | 116.206.81.103 | |
RC-TH-TCC1 | TH Thailand TCC DC1 | 185.207.8.36 | |
RC-UK-MEMACO1 | UK Memaco House | 103.69.74.41 | 2406:4a00:1f00::4 |
RC-US-VA1 | USA Virgina CoreSite VA1 | 103.69.73.4 | |
RC-US-LA2 | USA Los Angeles LA2 | 103.69.72.4 |
Make sure to record your SECRET phrase somewhere safe. It is required for API access and cannot be retrieved, It can only reset via the API portal key details page
##### ##### **API Standards:** As described in our article [REST API Architecture and Standards](https://wiki.rackcorp.com/books/help-and-support-en/page/rest-api-architecture-and-standards), there is no definitive standard patterns that all engineers/devs should follow to create REST API for their app. In Rackcorp we keep things simple. The main structure for our REST API follows the patterns below: version: v2.8 main URL: [https://api.rackcorp.net/api](https://api.rackcorp.net/api) object data: customers | dc | network | api | dns | device URL format: [https://api.rackcorp.net/api/](https://api.rackcorp.net/api)+version+/object data/+ID item Example GET all data: [https://api.rackcorp.net/api/v2.8/device](https://api.rackcorp.net/api/v2.7/devices) Example GET one Item: [https://api.rackcorp.net/api/v2.8/device/1 ](https://api.rackcorp.net/api/v2.7/devices/1) **Bellow is some example code which you can use as example to implement your first REST API connection to our platform:****We strongly recommend that you only make REST API calls from your back-end code. Be careful when using javascript code to call a REST API url. Never add your credentials in front-end code. Speak to our team if unsure.**
In this simple introduction to code REST API, we will use PHP and PYTHON programming language. **PHP:** In the sample bellow we add a dummy API KEY and API SECRET. Please, change this data accordingly with your data ``` "dc.getall"]; $query['APIUUID'] = ""; // No authetnication required for getting datacenter list $query['APISECRET'] = ""; $curl = curl_init($url); curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($query)); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($curl); if($response) { return json_decode($response, true); } return false; ?> ``` **PYTHON:** ``` import json import logging import sys import os import glob import re from bson import json_util from flask.helpers import make_response from flask import request, jsonify version = 'v2.8' apiurl = 'https://api.rackcorp.net/api'+version+'/'+dc setheaders = { 'content-type': 'application/json', 'User-Agent': 'Mozilla', 'jwt': jwt } data = {} data['APIUUID'] = '' data['APISECRET'] = '' apiresp = None apiresp = requests.get(self.apiurl+'/sessions/logout',data=self.rcdata,headers=setheaders) ``` As you can see in both examples, the logic to connect through our API is quite simple. You just need the URL, the APIUUID and APISECRET as part of the object or array that gets passed to the API. Below you can find links with more advanced docs to use our API. Also, the complete list of REST API services (urls) explaining the query data and the expected response data for each situation. ##### **REST API GibHub Docs:** [Link: https://github.com/RackCorpCloud/rackcorp-api/wiki/RACKCORP-REST-API](https://github.com/RackCorpCloud/rackcorp-api/wiki/RACKCORP-REST-API) ##### **Swagger RACKCORP REST API:** Swagger is a suite of API developer tools from SmartBear Software and a former specification upon which the OpenAPI Specification is based. This platform displays in simple layout all REST API functions allowing you visualize what your code should expect as response for each call (GET, PUT, PUSH, DELETE). You can see through this platform the schema for each function and also, the expected JSON format response. You can also make tests to connect through your services in our servers using your real APIUUID and APISECRET. It is good for testing staging environments and make sure that your call will receive exactly what your code expects.Dont forget to select which url path API you wanna use for tests. In Swagger page you can see in Server three options. The first one is a swagger mocking URL which is not for tests. The second one is the RACKCORP Production REST API Core (please be careful to use this URL ). The third one is the RACKCORP Staging REST API which should be used for tests.
Link: [https://app.swaggerhub.com/apis/RackCorp/Rackcorp-REST-API/2.8](https://app.swaggerhub.com/apis/RackCorp/Rackcorp-REST-API/2.8 "https://app.swaggerhub.com/apis/RackCorp/Rackcorp-REST-API/2.8")[ ](https://app.swaggerhub.com/apis/RackCorp/Rackcorp-REST-API/2.7) # RACKCORP REST API EXAMPLES **Reference material:** **Swagger App: [https://app.swaggerhub.com/apis-docs/RackCorp/Rackcorp-REST-API/2.8](https://app.swaggerhub.com/apis-docs/RackCorp/Rackcorp-REST-API/2.8)** **Rackcorp REST API docs: [https://wiki.rackcorp.com/books/help-and-support-en/page/rest-api-architecture-and-standards](https://wiki.rackcorp.com/books/help-and-support-en/page/rest-api-architecture-and-standards "https://wiki.rackcorp.com/books/help-and-support-en/page/rest-api-architecture-and-standards")** **PHP Code:** **Simple server creation:** ``` "FAULT", "message" => "API Error"); } return json_decode($response, true); } $customerID = 1000; // Change this to your customer ID (available in portal under ADMINISTRATION -> MY DETAILS) // locations are defined here: https://wiki.rackcorp.com/books/help-and-support-en/page/rackcorp-datacenter-locations-and-codes $neworder = "data": [ "customerid": $customerID, "currency": "AUD", "servicebilltag": "CLOUDSERVER", "productdetails": [ "BILLINGMODEL": "monthly", "NOINSTANCES": 1, "HOSTNAME": "Test Machine", "CLOUDTYPE": "public", "DCID": "89", "OS": "OS-ALMALINUX-16.1", "VMHID": "", "CPU": 2, "MEMORYGB": 4, "STORAGEGB": 20, "IPV6": 0, "IPV4": 1, "NT-SPEED": "NT-SPEED100", "TRAFFICGB": "TRAFFICGB-100", "BKP": "BKP-FREE", "SUPPORT": "SUPPORT-STD", "DDOS": "", "SECURITY":[] ] ]; // Lodge the order (this just locks pricing in for up to 72 hours but doesnt actually create any resources) // IMPORTANT - method POST $response = rackcorpAPI("/order/create/server", $neworder); var_dump($response); // You can look up the order if you want: // IMPORTANT - method GET $response = rackcorpAPI("/order/"+$response['data']["orderid"]); var_dump($response); // Then confirm the order to start provisioning: // IMPORTANT - method GET $response = rackcorpAPI("/order/confirm/server/"+$response['data']["orderid"]); var_dump($response); ?> ``` **Starting a server using cloud-init:** After creating a server, you can also choose to start it using cloud-init with your own custom code: ``` $cloudInitStartupData = Array( "cloudInit" => Array( "volumeName" => "config-2", "userData" => "#cloud-config ssh_pwauth: True users: - default - name: user1 groups: sudo shell: /bin/bash sudo: ['ALL=(ALL) NOPASSWD:ALL'] plain_text_passwd: testtest888 lock_passwd: false ", "metaData" => "instance-id: ServerTest9999 local-hostname: MyServerHostname9999 " ) ); $serverIDToStart = 9999; $tx = Array ("objId"=>$serverIDToStart, "objType"=>"DEVICE", "type"=>"STARTUP", "data"=>json_encode($cloudInitStartupData)); // See earlier example for rackcorpAPI function $response = rackcorpAPI("rctransaction.create", $tx); var_dump($response); ?> ``` # REST API Architecture and Standards REST API architecture has been create to make the procedures to access data from different services easier and more standardized. This logical architecture frequently uses json data structure to send and receive data. JSON is an open standard file format and data interchange format that uses human-readable text to store and transmit data objects consisting of attribute–value pairs and arrays. Json data example: ``` {**We strongly recommend only make REST API calls from your back-end code, be careful when use javascript code to call a REST API url. Never add your credentials in front-end code.**
**Javscript (JQUERY):** Firstly, you need to create a small logic to call the api url as the sample bellow: ```Region | Area Code |
---|---|
Australia GlobalSwitch DC1 | au-nsw-gbl1 |
Australia Equinix SYD4 | au-nsw-eqx4 |
Australia Sydney | au-nsw |
Thailand Bangkok NTT DC1 | th-bkk |
Mongolia Ulaanbaatar | mn |
Mongolia Ulaanbaatar GEMNET DC1 | mn-gem1 |
Hong Kong | hk |
Hong Kong Equinix HK2 | hk-eqx2 |
Philippines | ph |
Philippines Carmona DC1 | ph-crm1 |
Kyrgyzstan | kg |
Kyrgyzstan - NSP DC1 | kg-nsp1 |
Indonesia | id |
Indonesia - Area31 DC1 | id-area31 |
Australia LEDC NSW Datacenters | au-nsw-ledc |
Australia NSW Newcastle | au-nsw-ledc-ncle1 |
Australia NSW Dubbo | au-nsw-ledc-dbo1 |
We strongly recommend that a separate physical device such as a phone, tablet or hardware key be used for multi factor authentication.
Google authenticator for mobile devices can scan the generated QR code using the device camera to retrieve the token key and setup your authentication. For desktop authenticators such as a YubiKey hardware key, a screen capture function is available where it can capture the generated displayed QR code from the screen. Otherwise for applications such as WinAuth you will need to copy and paste the URL to the QR code image or manually input the key code into the authenticator.Once the key generator window is closed, your keys are no longer accessible using this function and need to be regenerated and you are returned to your user details.
--- ### 5. Performance check Once your authenticator is setup, it is advisable to test it before setting your user preferences to enforce Two-Factor Authentication on login, should the key be wrong technical support will need to reset the users access. Navigate to **POWER** and click **LOGOUT** [![image-1637238969363.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637238969363.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637238969363.png) You are returned to the RackCorp portal login at portal.rackcorp.com or your company's white label link [![image-1637239058915.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637239058915.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637239058915.png) At this step, using your new authenticator to generate the Security Token and input it into the field and login, log back into the portal. Should this be successful progress to step **6**. otherwise check your authenticator for most current code or contact RackCorp Technical Support. --- ### 6. Configure security token for a user Should you login successfully after configuring 2FA, The final step to Security Token setup is to select whether two factor authentication is mandatory required or not on login by selecting **REQUIRED** or **NOT REQUIRED**. [![image-1637237332766.png](https://wiki.rackcorp.com/uploads/images/gallery/2021-11/scaled-1680-/image-1637237332766.png)](http://wiki.rackcorp.com/uploads/images/gallery/2021-11/image-1637237332766.png) --- ### 7. Final test Perform a final test of your new 2FA settings. As per step **5,** log out of the RackCorp Portal and then login using your newly setup Two Factor Authentication in addition to your username and password. You should have be able to login successfully and can continue using our services. # Self-Signed SSL certificates Navigating OpenSSL can be tricky with a number of command line chains to memorise, that generate different products. Should a temporary self-sign be needed for a website initial deployment or test process, the following webpage has a all in one generator and presents all results on the page itself with nothing needed to install Only thing of note is industry now requires 1YR max SSL validitty. Some generators will mark the validity for 10 YEARS and RackCorp portal will recognise this as it is technically legitimate. This webpage generator says 1YR but will generate 3 months, typical of a free self sign 'R3' type generator [https://en.rakko.tools/tools/46/](https://en.rakko.tools/tools/46/) # Update BookStack on RackCorp- For RackCorp Web Hosting Platform Only -
1\. Login to the hosted website shell using a local user, NOT a super user. the PHP version gets misdetected as superuser --- 2\. cd /httpdocs/Bookstack --- 3\. ls to verify folder contents. note artisan, composer.\*, composer.phar ``` -bash-4.4$ ls -l total 2900 -rw-r--r-- 1 12425 12425 1186 Nov 7 07:04 LICENSE drwxr-xr-x 20 12425 12425 4096 Dec 20 06:38 app -rwxr-xr-x 1 12425 12425 1685 Nov 7 07:04 artisan drwxr-xr-x 3 12425 12425 4096 Dec 20 06:38 bootstrap -rw-r--r-- 1 12425 12425 57721 Nov 7 07:06 composer-setup.php -rw-r--r-- 1 12425 12425 3353 Dec 20 06:38 composer.json -rw-r--r-- 1 12425 12425 397702 Dec 20 06:38 composer.lock -rw-r--r-- 1 12425 12425 2286233 Nov 7 07:11 composer.phar -rw-r--r-- 1 12425 12425 200 Nov 7 07:04 crowdin.yml drwxr-xr-x 5 12425 12425 4096 Dec 20 06:38 database drwxr-xr-x 5 12425 12425 4096 Nov 7 07:04 dev -rw-r--r-- 1 12425 12425 1292 Nov 7 07:04 docker-compose.yml -rw-r--r-- 1 12425 12425 112666 Dec 20 06:38 package-lock.json -rw-r--r-- 1 12425 12425 1420 Dec 20 06:38 package.json -rw-r--r-- 1 12425 12425 452 Dec 20 06:38 phpstan.neon.dist -rw-r--r-- 1 12425 12425 2610 Dec 20 06:38 phpunit.xml drwxr-xr-x 5 12425 12425 4096 Dec 20 06:38 public -rw-r--r-- 1 12425 12425 14715 Dec 20 06:38 readme.md drwxr-xr-x 7 12425 12425 4096 Nov 7 07:04 resources drwxr-xr-x 2 12425 12425 4096 Dec 20 06:38 routes -rw-r--r-- 1 12425 12425 552 Nov 7 07:04 server.php drwxr-xr-x 8 12425 12425 4096 Dec 20 06:38 storage drwxr-xr-x 13 12425 12425 4096 Dec 20 06:38 tests drwxr-xr-x 2 12425 12425 4096 Nov 7 07:04 themes drwxr-xr-x 43 12425 12425 4096 Nov 7 07:11 vendor -rw-r--r-- 1 12425 12425 9 Dec 20 06:38 version ``` --- 4\. `git pull origin release && php composer.phar install --no-dev && php artisan migrate` this is different to the web instructions, we add the php runtime and .phar due to the environment, otherwise command wont work --- 5\. should see GIT run and do its changes, and then composer run and do its package installs. Any errors mean the command line is wrong for the environment, or the web documentation command line was used. ``` remote: Total 1799 (delta 1140), reused 1153 (delta 1137), pack-reused 635 Receiving objects: 100% (1799/1799), 634.53 KiB | 0 bytes/s, done. Resolving deltas: 100% (1523/1523), completed with 453 local objects. From https://github.com/BookStackApp/BookStack * branch release -> FETCH_HEAD 01cdbdb..009212a release -> origin/release Updating 01cdbdb..009212a Fast-forward .env.example.complete | 7 +- .github/translators.txt | 10 + .github/workflows/phpstan.yml | 41 + .github/workflows/phpunit.yml | 8 +- .github/workflows/test-migrations.yml | 6 +- .gitignore | 3 +- app/Actions/Activity.php | 2 +- app/Actions/ActivityService.php | 13 +- app/Actions/Comment.php | 2 + app/Actions/CommentRepo.php | 5 +- app/Actions/Tag.php | 9 + app/Actions/TagRepo.php | 53 +- app/Api/ApiDocsGenerator.php | 21 +- app/Api/ApiToken.php | 2 +- app/Api/ApiTokenGuard.php | 4 +- app/Auth/Access/ExternalBaseUserProvider.php | 19 +- app/Auth/Access/Guards/LdapSessionGuard.php | 2 +- app/Auth/Access/Ldap.php | 19 +- app/Auth/Access/LdapService.php | 2 +- ``` ``` Installing dependencies from lock file Verifying lock file contents can be installed on current platform. Package operations: 16 installs, 33 updates, 6 removals Cannot create cache directory /home/httpd/vhostmounts/local/2425/.composer/cache/files/, or directory is not writable. Proceeding without cache - Downloading composer/package-versions-deprecated (1.11.99.4) - Downloading voku/portable-ascii (1.5.6) - Downloading phpoption/phpoption (1.8.1) - Downloading graham-campbell/result-type (v1.0.4) ``` ``` Package manifest generated successfully. 58 packages you are using are looking for funding. Use the `composer fund` command to find out more! > @php artisan cache:clear Application cache cleared! > @php artisan view:clear Compiled views cleared! ************************************** * Application In Production! * ************************************** Do you really wish to run this command? (yes/no) [no]: > yes Nothing to migrate. ``` --- 6\. The install ends with caches being cleared, lets run them again according to the instructions ``` -bash-4.4$ php artisan cache:clear Application cache cleared! -bash-4.4$ php artisan config:clear Configuration cache cleared! -bash-4.4$ php artisan view:clear Compiled views cleared! -bash-4.4$ ``` --- 7\. Verify version in application # Virtual Networking RackCorp’s Cloud platform supports fully customisable interworking for your virtual machines; with regards to customisable VLANs both tagged and untagged, and definable IPv4 and IPv6 subnets. Since the RackCorp cloud platform supports a ‘many customers can have many sub customers hierarchy, as a reseller or system manager can define custom networks for each customers private clouds very easily. Once your VLANs and IP subnets are setup, these can be tied into your VMs via up to 3 virtual NICs. No end user software environment configuration is necessary. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/OBX3Ay1G4irXOqW2-embedded-image-w8dkd21j.png)VLAN and IP subnets are accessed via the SERVICES -> NETWORK menu
--- ### Add a new VLAN Click Add New on the VLANs tab an fill in the form appropriately.Leave LAN ID field blank unless you have been given a specific LAN ID to use by RackCorp support
[![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/scaled-1680-/SVKJmZznJ4PqdkQl-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/SVKJmZznJ4PqdkQl-image.png) ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/qZp5uOnFjwtbnpU1-embedded-image-3mb4lquq.png) --- ### Add a new IP Network Next, use the Add new IP network to add a new subnet to your account. Take care to assign it to your newly created desired VLAN. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/QyDx2AvbyEEnKwSg-embedded-image-csvst9ks.png)You now have a newly defined Private VLAN and IP subnet.
![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/JeahYKhFi54ePprT-embedded-image-uarqyfeb.png) Next, we assign these newly created resources to a virtual machine. --- ### Adding Virtual NICs to Virtual Machines Select your VM from the SERVICES-> SERVERS list in your RackCorp Portal Account. Click on the NETWORK tab. [![image.png](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/scaled-1680-/EQPW6We0qprZkC4g-image.png)](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/EQPW6We0qprZkC4g-image.png) For this example demonstration we will add a 2nd private vNIC to the default configuration, preserving NIC1 which is the default PUBLIC vNIC that was configured when ordering the virtual machine. 1\. Add a new PRIVATE NIC and select the desired VLAN and tagged/untagged. 2\. Review any advanced settings, leave as default if unsure: · DRIVER - Our vNIC are configured to use the RedHat virtio paravirtual driver by default. If you are using an older operating system you may select Intel E1000 · ALLOW DHCP SERVER – select if this NIC will be running a DHCP server · ONLY ALLOW REGISTERED IPs - If selected, traffic leaving this server from IPs other than that registered in the portal will be blocked. NOTE: firewalls and routers will regularly pass such traffic so you should leave this unticked for such devices. · NIC PASSTHROUGH - allows all traffic to pass through the NIC and disables stateful tracking of traffic ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/qZKCOMZvMNw6qGPe-embedded-image-loc93wqu.png)![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/ADIsW0iXXH44B8Kg-embedded-image-t3uhnhxs.png) 3. The new vNIC has been created successfully. Next, add the particular subnet to the vNIC ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/dFBhEkGPCAOECc80-embedded-image-gtwpmlu8.png) Upon selection of your new VLAN, the associated subnet is pre-populated. Enter your desired host IP address for the 2nd vNIC under IP or use auto select, then press VALAIDATE IP to check your configuration. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/FNTYD8qfPYJHl7HO-embedded-image-kpwgcf6d.png) ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-08/wrxzEYjsIl3Qy6aY-embedded-image-m8zlgmyd.png) ### Further Reading See our OPNSENSE firewall setup guide for further examples on how to use virtual NICs and VLANs with RackCorp Hybrid Cloud [https://wiki.rackcorp.com/books/help-and-support-en/page/install-opnsense-firewall](https://wiki.rackcorp.com/books/help-and-support-en/page/install-opnsense-firewall) # Virtual Server BGP Settings ### BGP Configuration for RackCorp AS56038 All RackCorp VMs globally are capable of advertising prefixes via BGP at no extra cost. The following instructions relate to customers with virtual servers who wish to advertise their public IP addresses. 1\) Preparation: Submit a support ticket via the support portal with the following information: \- Your AS (if you have one, otherwise we will advertise your IPs under AS56038). We can also accept an AS-SET. \- Any prefixes you wish to advertise. If we should render this via IRR, we can also do this. Please ensure you add the following to your whois data for your AS (RPSL): import: from AS56038 accept ANY export: to AS56038 announce ASXXXXXXXX where ASXXXXXXXX is your ASN 2\) Set up a bgp service on your VM. We recommend using bird, however you can use any daemon you wish. 3\) Note that it may initially take up to 24 hours for some of our upstreams to pick up and start carrying your prefixes. Also consider: [RackCorp BGP Communities - LINK](https://wiki.rackcorp.com/books/help-and-support-en/page/rackcorp-bgp-communities "BGP Communities") Particularly if you're using Anycast as RackCorp takes great care to try to give a globally balanced anycast network, so consider using 56038:888 community if you're using RackCorp for Anycast BGP services. #### Example BGP Configurations Bird BGP v2 example configuration Under Centos 8 / Rocky 8 Linux: ``` yum install epel-releaseFor Windows 8, 10, 11
##### **1**. Open **Control panel** and select **Network and Sharing center**. --- ##### **2**. Choose Set up a new connection or network option. --- ##### **3**. Choose Connect to a workplace option and click Next. --- ##### **4**. Click Use my Internet connection (VPN) option. --- ##### **5**. Enter IP address of ASA's WAN interface or FQDN and any name for VPN adapter which is locally significant and click Create. --- ##### **6**. On Network and Sharing Center, choose Change adapter settings option on the left pane of the window. --- ##### **7**. Right click the recently created adapterfor L2TP VPN and choose Properties. --- ##### **8**. Navigate to Security tab, choose the Type of VPN as Layer 2 Tunneling Protocol with IPsec (L2TP/IPsec) and then click on Advanced settings. --- ##### **9**. Enter the preshared key as the same mentioned in tunnel-group DefaultRAGroup and click OK. In this example, C!sc0@123 is used as the pre-shared key. [![image1.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/UfVFQbKGIGY5bSn5-image1.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/UfVFQbKGIGY5bSn5-image1.png) --- ##### **10.** Choose the authentication method as Allow these protocols and ensure that only "Microsoft CHAP Version 2 (MS-CHAP v2) checkbox is checked and click OK. [![image3.png](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/scaled-1680-/nZQCcA99kXSb5U3e-image3.png)](https://wiki.rackcorp.com/uploads/images/gallery/2022-01/nZQCcA99kXSb5U3e-image3.png) --- ##### **11**. Under network connections, right click on L2TP VPN adapter and choose Connect/Disconnect. --- ##### **12**. Networks icon will pop up and click Connect on L2TP VPN connection. --- ##### **13**. Enter the user credentials and click OK. # Virtual Machine Monitoring via SNMP To monitor parameters from within your windows virtual machines you will require two items to be installed: **a. Monitoring server** A virtual machine deployed on the VMhosts dedicated for internal monitoring for each of the clients. This will be connected to the same VLAN as the client. Example specifications: VM specifications: 1 core, 2GB RAM, 10 GB storage **b. SNMP Service (Agent) installed in the WIndows Virtual Machines you wish to monitor.** Ensure Windows firewall allows SNMP traffic. --- **Step 1:** Installing the SNMP Service, sub features and management tools: This can be done via the add remove features or via PowerShell using the following command on the nominated Server: For Wndows Powershell 2014 edition, use : ‘Add-WindowsFeature snmp-service –IncludeAllSubfeatures -IncludeManagementTools’ ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/ZJNVcLzQbRfRoTbu-embedded-image-glsype2s.png) For Windows Powershell 2016 edition, use To check if SNMP is installed, ‘Get-WindowsFeature \*SNMP\*’ To install SNMP, ‘Install-WindowsFeature SNMP-Service -IncludeAllSubFeature -IncludeManagementTools’ ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/txTyzKXjK2cQ9LBK-embedded-image-jtufg18e.png) --- **Step 2:** Open the ‘Services’ panel via Control Panel / Administrative Tools or by right clicking the start button, selecting ‘Run’ and entering services.msc followed by ‘OK’ ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/4YnlNjL1II27dVtd-embedded-image-yf8lgsm5.png) Navigate down to ‘SNMP Service’ and double click on the service, this will open a dialog box with the properties for the SNMP Service. Next we will need to click the Security tab followed by the ‘Add’ button under the ‘Accepted Community Names” title. You can now enter in a community name that’s relevant to you, for this example we have used ‘SnmpM0nitor’ ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/8mTNtUdOEJ8Iw0jy-embedded-image-ltljjr5v.png) Now we will need to configure where the server will accept SNMP Packets from, this is configured under the “Accept SNMP packets from these hosts” title, click on ‘ADD’ button and enter in the IP address/es of the SNMP Monitoring Servers you just set up. Once completed select Apply and OK to exit. Restart the service by right clicking on the ‘SNMP Service” and selecting Restart --- **Step 3:** After SNMP has been installed and configured you will need to download and install the following application “SNMP-Informant” - [http://www.wtcs.org/informant/files/informant-std-17.zip](http://www.wtcs.org/informant/files/informant-std-17.zip) This will provide SNMP the correct MIBs for the Cloud Monitoring Service – the additional MIB’s structure the collected information in a compatible format . --- **Step 4:** Firewall rules will need to be updated to allow the incoming SNMP requests, open ‘Windows Firewall with Advanced Settings” which is located in ‘Control Panel’ then ‘Administrative Tools’![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/9BIRJpfWDCFmBI4d-embedded-image-9xzlpz3t.png) Locate the existing ‘SNMP Sevice (UDP In) rules and double click the first one (which one is not important), select the ‘Advanced Tab’ and make sure ‘Domain, Private & Public’ are ticked then change the ‘Edge Traversal’ to ‘Allow Edge Traversal’. Select OK and close the remaining windows. --- **Step 5:** Within the Cloud portal, navigate to the server which has the SNMP Agent installed (Services / Servers Tab). Once on the Server Summary page select the Monitoring Tab. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/WZK0Uswh9M9jGvqE-embedded-image-0xxwbicr.png)Select ‘ADD NEW MONITOR’ followed by the ‘Monitor Type’ you are after. The following page will contain the fields required for your Cloud Monitoring System to successfully monitor the desired server. We recommend populating the following fields: **SNMP Community Name:** will be the SNMP community string previously defined in Step 2 **Alert Threshold:** If your monitoring CPU specify the CPU load that will trigger an alert. **Alert Only if Exceed for:** How long the alert threshold is exceed for in duration to trigger an alert (Important as brief CPU spikes do occur) **Alert:** This will enable alerts to be created if the alert parameters are met. **Alert Email:** Nominate a email address to receive the alert. Providing these fields are populated, then select Submit. You will be brought back to the previous page “Monitoring Tab” where you will see the new monitor appear. The metrics will start to flow in and you should see some information after 10 minutes. You can then add more monitors depending on your requirements. --- **Step 6:** This step is only required if your server has a Private IP Address and is behind a NAT Firewall. Prior to this step, it is expected that a Public IP NAT or PAT would have been made on your perimeter firewall to the nominated Server(s). NAT & PAT instructions are not included in this document due to the variety of firewalls available – we recommend you speak to you firewall management vendor to configure this for you. Once you are aware of your Servers Public IP Nat and the associated firewall rule is enabled to allow SNMP (port 161 UDP), then you will need to edit the ‘Additional Information’ field on the Server Summary Page. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/h5TqGj1qLSI9VgtP-embedded-image-ve7mq23q.png)The information to be inserted is: “SNMP NAT <ip address>” where the <ip address> will contain the Public IP provided by your Firewall Management vendor. ![](https://wiki.rackcorp.com/uploads/images/gallery/2023-09/Z94CPAtnSjXxGZ0R-embedded-image-idckh8lg.png) Navigate back to the monitor we previously set up on the ‘Monitor Tab’. Here we will need to populate the Override Polling Host/Port field with the Public IP Address previously used in the Additional Information field. If you have used AT, you will need to specify the port after the IP Address with a semi colon used as a separator. e.g. 110.232.116.11:14000 Click Submit and your monitor should being to show metrics within 10 minute. # How to change Remote Desktop Protocol (RDP) port setting in Windows Server This procedure comprises of several steps 1\. Change the port number 2\. Add the port to Windows Firewall 3\. Toggle RDP services on/off 4\. Reconfigure RackCorp VM Firewall to new port, if applicable 5\. Port Scan to verify results. --- In this example, we shall use a simple PowerShell script to enact the changes. changing RDP from 3389 to 13990 on windows server. ```powershell $portvalue = 13390 Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "PortNumber" -Value $portvalue New-NetFirewallRule -DisplayName 'RDPPORTLatest-TCP-In' -Profile 'Any' -Direction Inbound -Action Allow -Protocol TCP -LocalPort $portvalue New-NetFirewallRule -DisplayName 'RDPPORTLatest-UDP-In' -Profile 'Any' -Direction Inbound -Action Allow -Protocol UDP -LocalPort $portvalue ``` Once you have run this script, Toggle RDP in the windows remote desktop settings on and off Use https://port.tools/nmap-online-port-scan/ to verify that the applicable ports you are opening and closing come up as open or filtered # Getting Started with Hybrid Cloud Each RackCorp VM by default comes with a Public NIC and Public IPV4 IP . This can be changed at order time or after ordering when the VM is provisioned. Users can delete the public NIC for a VM after ordering and add private NICs. When adding the private NICs they can select which (or many) of their private VLANs the private NIC has access to. They can add up to three NICs per VM. They can have one public and one private if they wish. The nature of the hosted private cloud means it is isolated from the internet. We offer a number of different firewall solutions to allow connectivity to these private or Hybrid Clouds For a basic solution we can deploy a VYOS firewall VM for the customer if they want inter-VLAN firewalling and NAT. It gets deployed with basic outbound NAT and remote SSH based management by default. VYOS is strictly a command line only application A more advanced solution is a managed firewall as a service. We provide ISO27001 managed firewall for them with all changes tracked logged. We also do updates and setup high availability/monitoring.