Windows 10/11 - Change Network Profile From Public to Private Using Powershell

 

Problem:

Cannot change the network connection profile from public to private from the GUI because the option does not exist in certain scenarios.

Solution:

1. Open PowerShell as Admin

2. Get-NetConnectionProfile to show all available network profiles (only shows enabled adapters).

3. Identify the Name of the network profile you wish to change.

4. Set-NetConnectionProfile -Name "nameofnetworkprofile" -NetworkCategory Private

5. or

6. Set-NetConnectionProfile -Name "nameofnetworkprofile" -NetworkCategory Public

7. Done

👽

Windows - Reset TCP/IP Stack

 

Intro:

This is just a quick list of commands you can use to reset the TCP/IP stack in Windows.

Commands (CMD run as Admin):

ipconfig /flushdns

netsh winsock reset

netsh int ip reset

netsh interface ipv4 reset

netsh interface ipv6 reset

netsh interface tcp reset

netsh int reset all 

nbtstat -R

nbtstat -RR

netsh interface tcp set global autotuninglevel=disabled

netsh advfirewall reset

PowerShell (run as admin):

Get-NetAdapter | Restart-NetAdapter

Conclusion:

I'll add to this list as I either remember forgotten commands or I come across new ones.

👽

How to Switch Network From Public to Private in Windows 10

 

Intro:

Need to change your network connection from Public to Private?

For the life of me I can't seem to remember how to get to these options. It's probably because I'm very used to the old Windows Control Panel and I am not a fan of the new Windows Settings. If it ain't broke don't fix it. I mean it's stayed the same for more than 25 years, why change it now? Well, that's another topic for another day.

There's more than one way to accomplish this:

1. The first way is the via the Windows Settings application.

2. The second way is through the registry.

Windows Settings Method:

1. Right click the Start Menu.

2. Click "Settings".

3. Click "Network & Internet".

4. You'll see your physical network connections in the list below.

5. Find the one you want and click on "Properties".

6. At this point you can now choose "Public" or "Private".

Unifi Controller - STUN Not Working Through Cloudflare

 

Intro:

I had made some changes, removed the previous CDN and started using Cloudflare on a new site. Everything seemed ok at first. Setup the DNS records Cloudflare asks for on my serving host, Cloudflare verifies you own the domain, 24 hours later, and you're good to go......sorta.

Problem:

I have a slew of DDNS names running off of another domain for clients. About a week goes by and I realize I'm not able to resolve a client's DDNS name. I figure it's part of a local outage. Later that day I try again and the issue persists so I press on.

Fix:

First off I realized that the DDNS NS records didn't get pulled in to Cloudflare.

Ok so to solve that I literally had to import in each DDNS name, mark it as a NS record, and point it back to the name server where I have the DDNS service running. Within 15 minutes all of the NS records started working again.

A few days pass and I log into to take a look at my Unifi controller. Normally it's blabbering about latency errors from every single wireless client on every single site I have. The device don't actually have an issue but Ubiquiti doesn't seem to care when you try to inform them about the situation. Anyway that's a whole other conversation for another time.

I'm seeing STUN errors on every single device. I login into the router and double check port forwarding for the standard port of 3478. It's there all right. Turns out you can't hide an IP address through Cloudflare which has a STUN server running on it. Cloudflare only port forwards a select number of HTTP and HTTPS ports. The default for STUN, 3478, is not on the list. (While using a Unifi Cloud Key you cannot change this port. I can't even SSH into the damn thing to play around with the internals. I will do this in another post). So you have to select the gray cloud icon in Cloudflare and set that A record to not be proxied. Bummer.

Extras:

Here's a link to Unifi's default ports:

https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used

Here's a link to the article on Cloudflare denoting what port are forwarded:

https://developers.cloudflare.com/fundamentals/get-started/reference/network-ports/

👽

pfSense - Delete Expired DHCP Leases Manually

 

 

Intro:

Here's a quick way to remove/purge all expired DHCP leases from pfSense if you don't feel like waiting until pfSense reclaims them.

 This is also super helpful if an IP address is mistakenly assigned to the wrong MAC via DHCP and you then need to assign it as static to a different MAC. If you're making quick changes to the DHCP server you'll find a use for this.

 

Fix:

1. Log into your pfSense box.
2. Top right, click on "Diagnostics" ➡ "Edit File".
3. Load "/var/dhcpd/var/db/dhcpd.leases".
4. Select the blocks that you need to remove. Each block of data begins with the word "leases" and ends with a curly brace, "}".
5. When done editing the file directly click on "Save" near the top left of the edit box.

 

Extras:

There may be another file with the same name but with a tilde "~" sign after it. This file indicates that it is a backup of the original "dhcpd.leases" file. To be sure you've changed it in all necessary files, go ahead and delete the leases from this backup file as well or make life easy and just copy the "dhcpd.leases" content over to the "dhcpd.leases~" file and save.

 

DHCPv6 Leases can also be deleted but the file names are slightly different as seen below, however the files reside in the same folder as the IPv4 files:

 

IPv6:

• dhcpd6.leases
• dhcpd6.leases~

IPv4:

• dhcpd.leases
• dhcpd.leases~

👽

HPE - Enable Jumbo Frames - 3500yl EDGE Switch

Info:

I usually enable jumbo frames on all my switches as part of tuning network performance. This particular setting is beneficial for large transfers, ie in the gigabyte or terabyte range. The endpoints must be able to support jumbo frames or this will not work. If you have virtual switches on the network be sure to configure them for jumbo frames as well.

Start Here:

Login to your HPE switch. Type what is in bold only. Enter is pressed after each command. (This should work with other HPE switches however I do not have an exhaustive list. Consult your manual here if you run into any syntax issues).

After login type:

    <switch># config

You are now in config mode. (After you type this command, in the rightmost column you'll see whether or not Jumbo Frames are enabled on said VLAN:

    <switch>(config)# show vlans

Do not type the < or > character; you just need to insert the VLAN ID# below:

    <switch>(config)# vlan <ID#> jumbo

Check if the setting applied successfully:

    <switch>(config)# show vlans

Save your changes to the switch:

    <switch>(config)# write memory

Logout from the switch.

Next Step:

Be sure to configure any devices in between this switch and including endpoint to support jumbo frames.

TIP:

If you'd like to disable Jumbo Frames for testing, type only what is in bold below while at the CLI:

    <switch>(config)# show vlans

    <switch>(config)# no vlan <ID#> jumbo

    <switch>(config)# show vlans

    <switch>(config)# write memory

The commands above will do the following:

1. You will see the VLAN Jumbo table.
2. You'll turn off jumbo packets for whichever VLAN ID# you type in.
3. You'll verify the setting changed.
4. Finally you'll write the changes to memory.

👽