Sonicwall ERR_SSL_VERSION_OR_CIPHER_MISMATCH

When connecting to SonicWall web interfaces through Chrome we began to receive the following error: ERR_SSL_VERSION_OR_CIPHER_MISMATCH.

This is because multiple vulnerabilities have been round in RC4 encryption recently which prompted the IETF to prohibit the use of the protocol.

To get around the issue you can log in with Firefox and disable RC4 Encryption. You’ll need to access the hidden diagnostics page at https://sonicwall-ip/diag.html. Obviously replace sonicwall-ip with the actual IP of the device. Search for RC4 and you’ll see this:

Simply uncheck the “Enable RC4-Only Cipher Suite Support” checkbox and save the settings. Unfortunately this change will prompt and cause the SonicWall to reboot.

Once it comes back online you should now be able to use Chrome or any RC4 disable browser to access your SonicWall.

Our Delta Horror Story

I should begin by saying that we mainly fly domestically and when we do we fly southwest. That means that it is incredibly rare that we see any kind of departure or arrival delays. Somehow those planes are able to depart on time a high percentage of the time.

The story begins as we were leaving Los Angeles for Honolulu on an 8:45 am Delta flight. We were getting ready to start boarding when we were told that the flight was delated until 9:15am. We hung around and drank coffee while we waited. As 9:15am came around we were told that there was some kind of mechanical problem and they were looking for Part A. We kept waiting as they pushed the departure time back about a half hour at a time. After they installed and tested Part A they realized they needed Part B. After locating Part B they needed to wait for someone that was able to install Part B. This goes on and on all morning.

As noon came around we were notified that they had to switch out the staff at the desk since they were ready for lunch. Around that time we were also given food vouchers for $6 each which couldn’t even buy a sandwich at LAX.

After posting about this on twitter I was messaged by @DeltaAssist who I ended up direct messaging the entire time. They were giving me options for flying other airlines like a United flight leaving at 12:45pm. We never chose to go with another flight because our flight was always 30 – 45 minutes from departing. My girlfriend and I wanted to sit together and enjoy our private TVs, USB power and WiFi. Delta seems to have multiple agents using the @DeltaAssist account so responses were quick. The initial representative we were dealing with really tried to help out. Their messages ended with ^AK.

Finally some red coat guy showed up that looked all official and was talking on some red phone up at the desk. He finally told us that things looked promising and that they were moving the departure time to 1:15 but we would probably leave closer to 2pm. As 1:30pm came around the departure time jumped to 3pm with little or no explanation.

At that pont we got concerned but were still willing to wait for our nice Boing 767. We sat there patiently watching movies on our iPad and reading. We were also told by @DeltaAssist that we were “backed up” on the Delta flight at 5:45 pm so if this flight didn’t leave by then we could take that flight. 3pm rolled around and the flight was pushed back until 4pm.

As usual we kept waiting until 4pm came around and the departure time changed to 6:50 pm. After waiting there over 7 hours and thinking about how much vacation time we were missing we headed over the to the 5:45 flight. We walked from LAX terminal 6 to terminal 5 to get to the gate. We decided to talk to the gate agent to make sure our seats were available and she told us they weren’t and that the flight was sold out. When calling Delta customer service they told us that someone in Atlanta mistakenly cancelled our reservation on that flight. I was about to kill someone and my girlfriend was now crying. I messaged @DeltaAssist and my girlfriend called customer service and we were on the 6:45 American Airlines flight. Some new @DeltaAssist representative also told us that those seats we were promised were no longer available and that we were now on the American Flight.

This time we had to go to terminal 4 which meant going out through security and back in. Our seats were now on a Boeing 757 with no WiFi, USB power or TVs in each row. How is it possible that we pay for one flight, get delayed 10 hours, get on another flight missing most of the amenities, miss an entire day in Hawaii, don’t get to sit together and not get compensated? Somehow this was OK with Delta.

While waiting for the flight my girlfriend called customer service again to vent her frustration and to attempt to get her $300 change fee back. We tried to get down to Hawaii a little early for a company event they we having which we ended up missing due to the delays. They finally gave us our $300 back but we were still out what we paid for the flight.

We finally got into Honolulu around 10:30pm and made it to our resort, Disney’s Aulani Spa and Resort at 11:30pm. We had no idea when we left our hotel in LA at 6am that we would arrive at our destination almost 14 hours later.

From what Delta shared with, they spent most of the day either looking for parts or looking for the person to install the parts. If they just cancelled the flight and got those passengers on other flights that departed before noon I think everyone would be ok with it. The fact that they kept us on the hook by delaying the flight 30 minutes to an hour at a time is ridiculous. I read lots of articles in the news, INC magazine and various posts on Hacker News about how to properly handle customer service. Maybe Delta should start reading up.

I’m looking forward to sharing this story with anyone planning on flying Delta. This is something we won’t be forgetting anytime soon and will affect every travel decision we make from now on. The journey to your vacation destination should bring joy, not tears.

 

Installing BES 5 with Exchange 2010

I have recently just had the pleasure of setting up a new Exchange 2010 server along with the new Blackberry Enterprise Server 5. The installation seemed very similar to BES 4 installations but there were a few more screens of information to fill out.

The big change to note was that the new BES server configuration is all web based. Sort of like VMWare Server 2. At this point I still don’t like it because it only seems to be enabled from the local host so what is the point of having it web based anyway. I would like to see it working over a VPN on a remote computer but have not accomplished this yet. There are two authentication methods for this web based administration site called BlackBerry Administration Server (BAS). In the BAS configuration screen to can choose to use built-in BAS authentication or to use Active Directory authentication. At first I choose AD authentication but wasn’t able to get it working. I did some research on the issue and concluded that almost nobody got it working. To switch back to BAS authentication you have to fully uninstall and re-install BES.

The second issue I noticed was this error below. I haven’t been able to find anyone else having this problem but I was able to ignore the issue and everything seems to be working OK.

The last and biggest issue encountered was the fact that BES was not picking up Activation e-mails out of the user’s mailboxes. There didn’t seem to be any log entries in MAGT or any other log files. I finally found one post that mentioned turning off IP6 on the BES server and after restarting, those e-mails were being picked up and BlackBerries were activating.

Instruction for turning off IPv6 in Windows Server 2008 can be found here.