[LabTech] IPBlock Windows Firewall plugin.

Block entire countries from seeing your PC on the Internet

Squidwork’s garage has released version 1 of their new IPBlock for Labtech RMM. IPBlock is a Country based Network Firewall plugin for Windows based systems. When deployed you can select different countries you do not want to have access to your IP address for any Windows Vista / 7 / 2008 or new system and block them from network access to your PC.

ipblock-main

How it works:

The plugin launches a script that goes out and refreshes a complete list of all countries and any IP ranges assigned to those countries. It imports them into the local host and stores them in zone files inside the LTSvc directory. Then based on your selection it applies each zone to the Windows firewall as a rule set.

What does this do for me?

This greatly reduces your Internet footprint and attack surface. Preventing access from countries that have large amounts of attacking systems. It also reduces your ability to be fully exploited by Trojans, Virus or Worms as if infected it makes it much harder to “Phone Home” if the attack comes from a Country you have blocked like “China”.

Version 1 only controls the lists that are applied to your PC it does not turn on or off the actual firewall on Windows. You will need to turn on firewall through the Windows control panel for rules to actually take effect. Then to stop the filtering shut down Windows firewall or go into plugin and select “None” and apply for all rule sets placed in by IPBlock to be removed.

Get Version 1.0.3 here

download

Enjoy Cubert 😎

APPAssureD – Dell AppAssure Backup Plugin For LabTech

appassured-logo600

A new plugin is under development here inside the Squidworks garage that allows Labtech MSPs to manage Dell Appassure Backup Cores servers from a common console inside of Labtech. The new plugin leverages Appassure REST API to mine data from each core and send that data back to the Labtech database. Using the same processes the plugin is able to send commands back to the cores to preform various tasks like start a new backup or replication.

The plugin provides a common view of each core at the location level console in Labtech. You can select one of many cores at any location and view the protected servers managed by that core. Selecting a protected server provides details about that server and the list of snapshots preformed on that system. We have many great features planed for this plugin so start following us now!

 Client Console5-20-look

Dashboard View

dashboard

The plugin is still under development and will we have a release  for early beta testers. Place a comment here you would like to be notified of updates and being included in the beta testing.

Get Version 1.0.1 Beta  here

download

You Will need Powershell 3 on all Cores, Here is a script to install Powershell 3 directly from LabTech

Get PS Installer Script Here

LabTech & ConnectWise Plugin – Printer Health Status

print-icon

     Printer Health Status

Mr Keigher posted on the Labtech forums that wouldn’t it be great if there was a Printer Status Plugin for Labtech that could show if there were any issues with a printer and maybe even interact with a failed printer. Well Marty your ship has come in! Let me introduce you to your new Printer Status Plugin. The team down in Squidwork’s basement went to town taking what seemed like minutes (and it looks like it) to build a Labtech plugin that would do what had to be done.

In Version 1.0.4 you have good management over printers in 2 main views; the global view and the client view. The Global view allows for the full management suite of tools to be executed on any printer being scanned and will give you a quick view in to the troubles your clients maybe having. The Client view provides the same management functions but also allows you to enable and disable scanning for a client and to include desktops in printer scans.

Lets show you what we have:

Printer Status Global Manager:

printerstatus-preview1

Printer Status at the Client Console:

printerstatus-preview2

Printer Status Exclude Printers:

printerstatus-preview3

Download Labtech Plugin – Printer Status Version 1.0.4

download

Enjoy

Cubert

LabTech & ConnectWise VMWare ESXi Heath Monitor Plugin v3

ESXi Health Monitor Plugin

weblogo

Well it’s finally here, the plugin we have all been waiting for, Vmware ESXi Health Monitor plugin for Labtech. This plugin installs into your Labtech system as a Location plugin to monitor the CIM data available in most hardware. Easy to configure controls and full view of the CIM data collected is just part of what this plugin can do. We have incorporated new functions into this plugin that are stark differences from our earlier version 2 and version 1 ESXi Health Monitors. We are now supporting multiple usernames and passwords per location for ESX hosts and only require 1 probe system to monitor all the ESX hosts at a single location. I could talk all day about the plugin but maybe it’s better if I show you.

Here is the main view of the ESXi Health Monitor plugin.

mainview

The hosts get listed with status face based on current status and when you select a host the CIM data is displayed so you can see all the reported statuses of the hardware.

This is the ESXi host configuration tab of the ESXi health Monitor plugin.

config-tab

This is where you will add and edit your host systems to monitor, you can set the system you want to be responsible for probing the ESXi hosts for the CIM data. Then you select a system and “Set” it as the probe the plugin will launch a script against the probe to prep it for monitoring automatically. You will not need to “install” the probe software manually as this is handled by the plugin when the probe system is selected.

The ESXI Health Monitor plugin uses a custom group to locate all the probes available by using a custom search to locate all systems with the EDF of “VMware Master CIM Scanner” selected as seen it the example below. You will find this setting under the Info tab -> VMWare on any system console. Just checking it will not install probe software so you must “Set” the probe via the plugin.

master-scanner

The Custom group should look like this and have the custom search setup as seen in this example.

group-join-search

The custom group also has a scheduled script to run every 2-4 hours and I use the exclude time range as I do not need this data so bad that I can’t sleep with out it running every hour or 2. This is just my personal preference but saves on CPU cycles during backup windows and maintenance schedules. You will need to reset this when you import your group as this seems to always get rest to nothing during imports.

group-schedule-probe

You can see your probe run on the system by watching the script logs on the probe systems console. This helps when troubleshooting common issues.

probelogs

This version is in Beta! this is the first release of this plugin and as such may have odd behavior issues and or may not work for you as expected. I seriously doubt you will have any issues but as this is Beta expect a few minor glitches. We are actively working on updates and with your help we can make this a great plugin!

You can run the version 2 and version 3 side by side and they will not effect each other.

Updates:
———————————————————————————————————-

Changes in New Version 0.3.0.3

Changed Version number back to what it should of started at. It was a typo starting with (3)
Added Internal monitor called CIM –  VMWare ESXi Health Monitor
Added Client View and Global View of System Statuses
Corrected a few minor coding mistakes
Added Linux Probe Support
Updated the data views

Changes in New Version 0.3.0.5

Added Last Scan Time Stamps
Added color coded data views
Added new images

Changes in New Version 0.3.0.6

Fixed Scan Time not updating

Changes in Version 3.0.7

Updated Python Packages to 2.7.8
Fixed several SQL issues with table creation.
Minor enhancements

Changes in Version 3.0.8

Added new instant host probe from the configure tab
Fixed minor issues in plugin
Fixed issues with installer script

Changes in Version 3.0.9

Fixed CIM Monitor in LT
Fixed Versioning context
Fixed password bug when resaving the same password for esx probe.

Changes in Version 3.0.10

Fixed Issues with Installer where latest PY script requires several new Python modules.

New Client Level View

mainview

This view give you a look at all systems under the clients control. you can select the system and review the CIM data returned.

This plugin monitors the condition all the systems and will alarm when a system is found to be in error. You can customize the alarms and the methods of alerts received through the Monitors management interface in Labtech .

monitors_alarm

You can download the latest version here.

Version 3.0.10 Now Available

download

If you like what we are doing then please donate to our cause, help keep our software free.

How to install plugin

Please post here any comments and issues you may have so we can get them fixed and out in the next release.

Enjoy

Cubert 😎

LabTech & ConnectWise Office 365 User Manager

LabTech Software User manager for Office365 plugin

mainview-1.8.6

Get it here ->  Version 0.1.8.6

download

As of Version 0.1.6 we  have added several new features and some bug fixes. These new features include ability to manage Send As, Send on Behalf Of and give full permissions to users of Office365. Set forwarding email addresses and reset user passwords, Add new users, Soft delete users (30 days to recover) and update user s Active Directory information. We have also updated the user views to include mailbox sizes and item counts, provisioning status, Client license type and license counts available and consumed licenses.

New in version 0.1.7.0

Distribution Group Management: Add and delete groups and manage the members in the groups.
We rewritten the way we collect data, we now create and run shell scripts directly on the workstation verses using the powershell script cmd in LT scripting. We have combined several sub scripts in to a single script that opens one connection to O365 and grabs all user data in 1 session. This has improved the speed of data collection by several fold.
We fixed a few issues with the Plugin script and added some more error handling.

We have change the layout in version 0.1.5.0 to a tabular design to allow for more controls to be added in a logical manor, We now can restore user mailboxes and convert users to shared mailboxes.

New in version 0.1.8.0

We resolved some issues with several features, added a new license manager, added the ability to export a list of licenses and the users to a CSV file and we now have a documentation and help center located on each tab to better assist users in managing Office 365.

New in Version 1.8.1

We added several new controls to the main application, you can now set domain password policies, manage calendar access for users and set user passwords to never expire. We also made a few fixes and added some new code to help with troubleshooting data collection issues.

New in Version 1.8.2

Several bug fixes, updated scripts and updated Windows Azure packages with latest versions.

New in Version 1.8.5

Added new feature :Powershell Session, this opens up a powershell session with Office365 and hands you the console to run any cmdlet you want on the clients Online services without the need to lookup the clients account information and building a session your self. One quick click and you accessing Microsoft Online and loading all modules needed to manager your Office 365 in the cloud.

Minor issues fixed.

New in Version 1.8.6

Added new Collector Tab that allows you to set the collector, launch new collections or test the collector for readyness.

Added script to update powershell to version 3 on all collector system with powershell 2 installed.

Office3650.1.8Office365-Permissions

Office3650.1.5-3 Office3650.1.5-4

groups-tabLicensing

collector-tab

Here is the list of things to setup:

#1 the Zip comes with scripts, a group and a search along with the plugin DLL. You will need to import these into your system and set them up if they do not setup correctly during import. You should also view the plugin first before setting up the group and scripts to mine the data. This will allow the new database tables to be created to store the data the miners will be collecting. When you import the group and search the group doesn’t schedule the Office 365 Collect Data script correctly so you may need to verify and or replace the schedule group script to run every 2-4 hours.

The scripts are:

Install AD Module for PowerShell” – Setup Powershell on any remote windows 7 x64 or 2008 R2 or newer system.
Office 365 Collect data” – Should be scheduled in Group to run every 2-4 hours. Collects the user data and keeps it current in database.
Office365_Plugin.ps1” – Must be placed in L:\Transfer\Scripts\Office365\ for plugin to function. If you are using Labtech from remote and or do not have the mapping available you can use a USB thumb drive and store the script in the same location on thumb drive and mount it as drive L:\ and you will function correctly from remote or cloud based RMM.

Next after you install the Microsoft powershell script on a system that meets the standards (Win 7 x64 +) at each client (any location and only one location needed) Add a new password to the password Tab at the “Client” Level that’s title is “Office365”, the username be the admin email address for client (Example:admin@clientname.onmicrosoft.com) and the password used. All scripts and Plugin will use this location to get the passwords needed to access each clients Office365 accounts.

office365-pass

To prep systems that will be acting as the data miner for the client you should first find a Windows 7 x64 or Windows 2008 R2 or greater system at one of the clients locations. Then run once on that machine the new Office 365 script “Install AD Modules for Powershell” on that system. Once complete the script should automatically “check” the “Windows Azure Active Directory Modules Installed” box as seen here in picture. You will need to also run this script on all workstations you plan to use to support your helpdesk, remembering to “uncheck”  the Windows Azure Active Directory Modules Installed” box for all systems on your helpdesk as you do not want them as part of the search group.

Azure-installed

You will want to install the powershell tools on all support center personal workstations that meet the minimum requirements. We use these tools in the plugin as well as scripts so console users will need tools also. Remember to go to each of those systems in Labtech and “uncheck” the box “Windows Azure Active Directory Module Installed” so that helpdesk employees do not get office 365 probe running on their systems every 2-4 hours. Next you should setup search and group, the search looks for a flag to be set in the “default” location on the Info tab of a PC. If found “checked” it will add this system to the four hour scripting of the user data fetcher.

C:\Windows\System32\WindowsPowerShell\v1.0\Modules\MSOnline
to
C:\Program Files\Windows Azure Active Directory\Powershell\MSOnline

There was a security issue with plugin accessing %windir% so we had to move the MSonline module manually to an area we could read from. I will be fixing all this in the upcoming release.

When you execute  changes using the new plugin it will launch a Powershell console to execute the connections to MSOnline, pass the information to MSOnline and then close. This can take a little time to complete depending on MSOnlines current load on system. Be patent and allow the Powershell window to close on it’s own.

O365-Execution

Import the Group and Custom search:

Whey you import the scripts, custom group and search they may not end up where they were meant to be so you may need to move things around in LT to get it setup correctly.

Once you import the group you should have under the groups drop down a new group called MSOL Office365 Hosts. There should be 1 script scheduled “Office365 MasterMiner”. It should be scheduled to run every 1-2 hours and to skip if offline. This group should be using the custom search you have imported as part of the plugin install. Just verify that this is accurate and if not reset group to use the Office365 search.

Office365-group-0.1.4

If group and search are functioning correctly you should get a list of all systems that have the “Windows Azure Active Directory Module Installed” checkbox checked. This should be only 1 system per client. You do not need to have them installed at every location. It does need to be a Windows 7 x64 or Server 2008 R2 or greater system to operate the powershell functions.

That’s about it…

Enjoy Office365 management via Labtech

Cubert

LabTech Vitals Dashboard

Today we release the next round for the Squidworks Labtech Vitals Dashboard.

The Labtech Vitals Dashboard is a set of web pages that query the local Labtech MySql database and provides visual widgets of important data on the main display of the Labtech Support Console. We currently have 17 different widgets with 10 of them having detail views.

To install the Dashboard you will need to download and install PHP 5 for windows at PHP.net on your Labtech server. Afterwards download the SWVDB zip package and unzip to c:\inetpub\wwwroot\SWVDB. Go into this directory and find the header.php file and open it with notepad. You will need to edit the LT server address, Username and password for the LT database access to work.

Once completed you should be able to browse http://your.labtech.server/SWVDB/ and get the dashboard. Now to have the dashboard auto load in the console for everyone who uses support console go to your LT config dashboard -> Config -> Control Center and set the Initial URL Value to your tested URL from above.

Get the dashboard ->  Download SWVDB here

 

Should look like this:

SWVDB-setup

Widgets:

Systems Missing AntiVirus application

SWVDB-missingAV

 

 

 

Agents missing patches

SWVDB-missingpatch

 

 

 

 

Agents Online

SWVDB-oflinesystems

 

 

 

Offline Servers Alarms

SWVDB-offlineservers

 

 

 

 

 

 

Dell Appassure 5 Backup Core Monitor

SWVDB-appassurebackups

 

 

 

ESX Hardware Health Monitor

SWVDB-ESXHardwareHealth

 

 

 

Hitman Pro Monitor

SWVDB-hitmanpro

 

 

 

Agent Monitors

SWVDBnopatch

 

 

 

 

 

ESX Monitor Details Page (Failed/Missing/All)

SWVDB-esx details

 

 

 

 

 

 

 

 

 

 

Dell Appassure Monitor Details (Completed and Failed)

SWVDB-appassure-details

 

 

 

 

 

 

Some widgets may not function correctly if you are not using the source data tables and extra monitor scripting I’ve made available like the Squidworks ESXi Health Monitor for Labtech located at ESX Health Monitor, The Dell Appassure Backups/Failures also requires my Appassure Backup Scripting to populate the database with data. You must edit the index.php page in notepad and uncomment the 5 function calls noted in index.php for ESX and Appassure counters to function. They have been commented out so that you do not get errors if tables are missing. Install both ESX and Appassure packages before uncommenting code block.

 

 

Enjoy

Cubert  😎

LabTech & ConnectWise ESXI Host Hardware Monitor

vmware-esx-monitor2

NEW ->LabTech ESXi Hardware Monitor v2.1

Squidwork’s ESX Hardware monitor is a set of scripts, a custom group and search for Labtech that will monitor the CIM data provided through the VMWare API for ESX 4 and 5. The probe will launch hourly and report back to Labtech any hardware failure or warning. The script will email an alarm to any email address you would like. The script can be modified to also set an alarm, create a ticket or anything else Labtech scripting will let you do.

New in version 2.1:

We added several checks for false alarms and socket errors to prevent alarms and emails on non failures.

We added alarm flood control, once a email goes out it will not send another until the system has reported a “all OK” then alerts are reset to go out on next fail.

Added extra EDFs to control processes.

Here is how it works:

Download the zip file, extract and import the  XML files into your Labtech system.

download

Addendum Update:

After you import “all” scripts in Version 2.1  Download this zip and import this script. This script should then be used in your group scheduled script  probe instead of the v2.1. This v.2.2 of that one script.  Download update here

Download extra files directly if import fails for any reason here.

After the import you should have a VMware script group that has 3 scripts in it.

Script #1 (The Installer) will install the monitor to a Windows system. You will need to provide the FQDN or IP of the ESX host you want to monitor when you execute the installer script. When the scheduler pops up make sure to add your ESX host. The only thing you should need to do is execute the installer on a Windows system. The installer will configure the system and add the system to the custom group and search. You do not need to configure anything else at this point. The ESX user and password will be fetched from the Locations password menu for VMWare.

ESX-installer-v2

The next script (The Monitor) is assigned to the custom group “Systems that monitor ESX hosts” to run every hour. You can modify this to run at what interval you like.  The Monitor will query your “Locations” passwords database table and retrieve the VMWare user listed just like the original Labtech probes do. The monitor get the CIM health data and returns it to Labtech, It also looks to see if we are “Not OK” and fires off a email if failures are picked up.

After the Monitor runs you should see data on the Info Tab -> VMWare sub tab

esxdata

You will need to edit the monitor script updating the email address that it reports to when failures are found, you can also modify monitor script to create a ticket, fire off an alarm, set an alert or anything your heart desires. Line 39 of the script ESX Hardware Monitor V2-1 needs to be edited and the example@example.com email changed to the email you want to get the alerts.

The 3rd script is a updater script that will fetch the latest build of the Nagios Plugin:”check_esxi_hardware.py” script maintained by  www.claudiokuenzler.com   You can run this script against any Windows box that has the monitor installed and it will get the latest version of this script and deploy it to that system. This way you can keep up with all the fixes they do to this script. You may want to run this script on the group once or twice a year just to make sure you have the latest fixes and updates.

Enjoy

Cubert 😎

[How-to] Relay mail from copiers or scanners through Office 365

 Sending mail from network devices through Office 365

You just completed a migration to Office 365 for all your users but now you need to relay mail from network devices like copiers and scanners. You will need to setup a relay connector in Office 365 to allow these simple SMTP devices to relay mail to you or other 3rd party email addresses.

Below is the basic instructions on how to allow mail from a known IP address to pass through your Office 365 Exchange service.

 

  1. Obtain the public IP address  you’re using when mail goes out from scanner.
  2. Log on to the Office 365 Portal.
  3. Select Domains. Highlight one of your domains and use the wizard to obtain your MX record. The MX record will look similar to contoso.com.mail.protection.outlook.com. Make a note of the MX record for later.
  4. In the upper right, select Admin and then select Exchange from the drop down.
  5. In the Exchange Admin Center, select Mail Flow > Connectors.
  6. If no inbound connector exists,  create one.
    1. Give the connector a name.
    2. Select On-Premises for the  Connector Type.
    3. Under Domains, add a single  asterisk (*). This will allow sending to any domain. Other values in this field will limit the domains that you can send mail to.
    4. In the IP Addresses section,   add the IP address from Step 1.
    5. Leave all the other fields with their default values and select Save.
  7. In the DNS for your domain, I suggest that you modify your SPF record to include the IP address from Step 1. The finished string should look similar to this: v=spf1 ip4:10.1.2.3   include:spf.protection.outlook.com ~all   where 10.1.2.3 is your  public IP address.  Skipping this step could cause email to be sent to recipients’ junk mail folders.
  8. In the device’s settings,  specify a Smart Host value equal to the MX record value you recorded in Step 3.
  9. That’s it!

 

Enjoy

Cubert  😎

[Solved] Remote Web Workplace Stops Working on Windows SBS 2011with EventID 1309

When users attempts to click on the “Connect” link under “Computers” in attempts to launch remote web workplace nothing seems to happens. If you issue a IISreset then the system starts working again for a short time before starting to fail again. You check your logs and find EventID 1309 Event message: An unhandled exception has occurred.

It appears that it maybe  some level of memory issue in .Net 4.5 and the Remote Access web.config set to default at a given memory level.

To Fix:

Edit (via NotePad) the web.config file located at “C:\Program Files\Windows Small Business Server\Bin\WebApp\RemoteAccess

Look for the following line at the bottom of web.config

<serviceHostingEnvironmentaspNetCompatibilityEnabled=”true” />

Replace that line with: (all on one line)

<serviceHostingEnvironment aspNetCompatibilityEnabled=”true” minFreeMemoryPercentageToActivateService=”0″ />

Save file and then restart the World Wide Web services to activate the changes.

 

Your Remote Web Workplace should now stay functional.

 

Enjoy..

 

Cubert 😎

 

 

[How-to] PFSense OpenVPN Site-to-Site with (DHCP) Dynamic Internet Address

Setting up an OpenVPN site to site connection when one side is using DHCP to acquire an Internet IP Address in 5 minutes or less.

 

Here is the 5 minutes How-to on setting up 2 PFSense devices with a site to site VPN. For this example I will be using 2 Netgate m1n1wall systems that utilizes PC Engines ALIX 2D13 network boards with 3 LANs. Both are connected directly to the Internet via the WAN port and have assigned Internet IP addressing, they also have a private LAN segment that will be routed over the VPN so that site A and site B can see each other.

 

OpenVPN is a Client/Server type of process where 1 device acts as the server and the other acts as a client.  Servers provide a service and clients connect to that service. If a server is using DHCP to get a Internet IP address then it must have a host name that is always resolvable or you risk dropping the tunnel between clients and this server. For this example we are assuming that the server device has a static IP address and that the client is using DHCP to obtain it’s Internet address.

First we build the server (Device A)

1. Go to the VPN tab and select OpenVPN, Select the server tab and then click the [+] symbol to start the process to create a new server instance.

server-start

2.  Next we will fill out the information as it fits our network. The highlighted areas are required to create a successful VPN server.

server-first-save

  • Server Mode = Peer to Peer(Shared Key)
  • Protocol = UDP
  • Interface = WAN
  • Local Port = 1194
  • Description = Friendly Name (Anything)
  • Tunnel Network = 10.10.0.0/24 (Must be a new private network not currently in use)
  • Local Network = Server’s LAN subnet (You may have multiple LAN Networks so select the Network this VPN applies to)
  • Remote Network = Client’s LAN Subnet

3. Once saved you should have a new server listed under you OpenVPN server tab.

server-after-first-save

4. Select the [e] to edit this VPN, we will be copying the newly created “Shared Key” from the configurations to use when we create the client. In the middle of the configuration will be the shared key. Copy this key.

server-GetSharedKey

5. Next we need to create a WAN firewall rule on the server to allow UDP port 1194 to pass.

openvpn-firewall-rule

6. We will now have a new firewall rules tab called [OpenVPN], we will need to add an allow rule to pass traffic across the VPN tunnels. For the purpose of this how-to we will use a full allow rule to get all traffic to pass. You can firewall this tab as needed once we have verified traffic flows.

allow-tunnel-firewall-rule

 

 

Now let’s build the client (Device B)

1. On the client device (DHCP Enabled) from the VPN menu select OpenVPN, find the client tab and select the [+] to create a new client configuration.

client-start

2.  Next we will fill out the information as it fits our network. The highlighted areas are required to create a successful VPN client.

client-first-save

  • Server Mode = Peer to Peer (Shared Key)
  • Protocol = UDP
  • Device Mode = tun
  • Interface = WAN
  • Server Host = Internet IP of OpenVPN Server
  • Server Port = 1194
  • Description = Friendly Name (Anything)
  • Tunnel Network = 10.10.0.0/24 (Same as the server side)
    *note both side should have same network with no host
    IP provided, The server and client will auto-negotiate
    the actual ending address (example 10.10.0.1 & 10.10.0.2).
  • Remote Network = Servers LAN subnet

 

3. Save configuration, return to the client tab under OpenVPN and select the [e] under the new client VPN configuration.

client-edit

4. Copy the Shared Key from the server to this box, overwrite any key that may currently exist in box.

client-edit-share-key

5. Add a firewall rule under WAN of client (Not really required) to allow UDP port 1194.

openvpn-firewall-rule

6. We will now have a new firewall rules tab called [OpenVPN], we will need to add an allow rule to pass traffic across the VPN tunnels. For the purpose of this how-to we will use a full allow rule to get all traffic to pass. You can firewall this tab as needed once we have verified traffic flows.

allow-tunnel-firewall-rule

VPN is now ready to use

Once the configurations are complete the tunnel should automatically start up and you should no be able to see the status of the VPN. Under the [Status] main menu select OpenVPN to see all active VPNs.

Tunnel-is-up

As you can see from the image the tunnel is up, the Virtual Addr did auto negotiate an IP address of 10.10.0.1 and bytes are being sent across tunnel. If you have issues passing traffic (ping) from one network to another and you show an active VPN running under status then most likely a simple reboot of each firewall will clear any routing issues and the tunnels will start working fine afterwards.

Good luck and Happy VPNing!!

Cubert 😎