Search Results

Search found 15595 results on 624 pages for 'ip forward'.

Page 137/624 | < Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >

• Configuring DNS on my Amazon AWS [closed]

  - by Ricardo

  So, I have an AWS EC2, and I need to configure a dns server, I have a Ubuntu 11.04 and webmin is configured, I have a domin point to my ip. So, know I need to redirect my domain to my ip and configure BIND dns server? What configuration I have to do to redirect my domain account to my ip and create my own dns server? I see some videos on youtube but, i don´t know what is the best of for me. Thank´s for any help.

  Read the article

• nginx + varnish + apache differente IPs in VirtualHost Apache

  - by zeusgod

  Hi, My idea is put NGINX as proxy to redirect to Varnish (cache static content) and then proxy to apache with a lot of VirtualHost in different IPs. My problems is that I would know how can configure Varnish to send access to correct IP, I am going explain: NGINX: Listen in: 10.10.10.10, 20.20.20.20 and 30.30.30.30 on ports: 80 and 443 Proxy redirect to Varnish 10.10.10.10:8080, 20.20.20.20:8080 and 30.30.30.30:8080 Varnish: Port: 8080 - THIS IS THE PROBLEM Proxy content not static to Apache on port 8000 - THIS IS THE OTHER PROBLEM Apache2: Listen in: 10.10.10.10:8000, 20.20.20.20:8000 and 30.30.30.30:8000 Response correct VirtualHost This is the idea. When I try with one IP only, all work correctly, because Varnish is only listen in one IP and port and send to backend in one IP and port too. Could you help me to configure Varnish or there is a best way to configure similar scenario please?

  Read the article

• Cisco ASA: Allowing and Denying VPN Access based on membership to an AD group

  - by milkandtang

  I have a Cisco ASA 5505 connecting to an Active Directory server for VPN authentication. Usually we'd restrict this to a particular OU, but in this case users which need access are spread across multiple OUs. So, I'd like to use a group to specify which users have remote access. I've created the group and added the users, but I'm having trouble figuring out how to deny users which aren't in that group. Right now, if someone connects they get assigned the correct group policy "companynamera" if they are in that group, so the LDAP mapping is working. However, users who are not in that group still authenticate fine, and their group policy becomes the LDAP path of their first group, i.e. CN=Domain Users,CN=Users,DC=example,DC=com, and then are still allowed access. How do I add a filter so that I can map everything that isn't "companynamera" to no access? Config I'm using (with some stuff such as ACLs and mappings removed, since they are just noise here): gateway# show run : Saved : ASA Version 8.2(1) ! hostname gateway domain-name corp.company-name.com enable password gDZcqZ.aUC9ML0jK encrypted passwd gDZcqZ.aUC9ML0jK encrypted names name 192.168.0.2 dc5 description FTP Server name 192.168.0.5 dc2 description Everything server name 192.168.0.6 dc4 description File Server name 192.168.0.7 ts1 description Light Use Terminal Server name 192.168.0.8 ts2 description Heavy Use Terminal Server name 4.4.4.82 primary-frontier name 5.5.5.26 primary-eschelon name 172.21.18.5 dmz1 description Kerio Mail Server and FTP Server name 4.4.4.84 ts-frontier name 4.4.4.85 vpn-frontier name 5.5.5.28 ts-eschelon name 5.5.5.29 vpn-eschelon name 5.5.5.27 email-eschelon name 4.4.4.83 guest-frontier name 4.4.4.86 email-frontier dns-guard ! interface Vlan1 nameif inside security-level 100 ip address 192.168.0.254 255.255.255.0 ! interface Vlan2 description Frontier FiOS nameif outside security-level 0 ip address primary-frontier 255.255.255.0 ! interface Vlan3 description Eschelon T1 nameif backup security-level 0 ip address primary-eschelon 255.255.255.248 ! interface Vlan4 nameif dmz security-level 50 ip address 172.21.18.254 255.255.255.0 ! interface Vlan5 nameif guest security-level 25 ip address 172.21.19.254 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 switchport access vlan 3 ! interface Ethernet0/2 switchport access vlan 4 ! interface Ethernet0/3 switchport access vlan 5 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive clock timezone PST -8 clock summer-time PDT recurring dns domain-lookup inside dns server-group DefaultDNS name-server dc2 domain-name corp.company-name.com same-security-traffic permit intra-interface access-list companyname_splitTunnelAcl standard permit 192.168.0.0 255.255.255.0 access-list companyname_splitTunnelAcl standard permit 172.21.18.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.20.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.18.0 255.255.255.0 access-list bypassingnat_dmz extended permit ip 172.21.18.0 255.255.255.0 192.168.0.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 12288 logging buffered warnings logging asdm notifications mtu inside 1500 mtu outside 1500 mtu backup 1500 mtu dmz 1500 mtu guest 1500 ip local pool VPNpool 172.21.20.50-172.21.20.59 mask 255.255.255.0 no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 global (outside) 1 interface global (outside) 2 email-frontier global (outside) 3 guest-frontier global (backup) 1 interface global (dmz) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 2 dc5 255.255.255.255 nat (inside) 1 192.168.0.0 255.255.255.0 nat (dmz) 0 access-list bypassingnat_dmz nat (dmz) 2 dmz1 255.255.255.255 nat (dmz) 1 172.21.18.0 255.255.255.0 access-group outside_access_in in interface outside access-group dmz_access_in in interface dmz route outside 0.0.0.0 0.0.0.0 4.4.4.1 1 track 1 route backup 0.0.0.0 0.0.0.0 5.5.5.25 254 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 ldap attribute-map RemoteAccessMap map-name memberOf IETF-Radius-Class map-value memberOf CN=RemoteAccess,CN=Users,DC=corp,DC=company-name,DC=com companynamera dynamic-access-policy-record DfltAccessPolicy aaa-server ActiveDirectory protocol ldap aaa-server ActiveDirectory (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft aaa-server ADRemoteAccess protocol ldap aaa-server ADRemoteAccess (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft ldap-attribute-map RemoteAccessMap aaa authentication enable console LOCAL aaa authentication ssh console LOCAL http server enable http 192.168.0.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart sla monitor 123 type echo protocol ipIcmpEcho 4.4.4.1 interface outside num-packets 3 frequency 10 sla monitor schedule 123 life forever start-time now crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map outside_dyn_map 20 set pfs crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 ! track 1 rtr 123 reachability telnet timeout 5 ssh 192.168.0.0 255.255.255.0 inside ssh timeout 5 ssh version 2 console timeout 0 management-access inside dhcpd auto_config outside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn group-policy companynamera internal group-policy companynamera attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com group-policy companyname internal group-policy companyname attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com username admin password IhpSqtN210ZsNaH. encrypted privilege 15 tunnel-group companyname type remote-access tunnel-group companyname general-attributes address-pool VPNpool authentication-server-group ActiveDirectory LOCAL default-group-policy companyname tunnel-group companyname ipsec-attributes pre-shared-key * tunnel-group companynamera type remote-access tunnel-group companynamera general-attributes address-pool VPNpool authentication-server-group ADRemoteAccess LOCAL default-group-policy companynamera tunnel-group companynamera ipsec-attributes pre-shared-key * ! class-map type inspect ftp match-all ftp-inspection-map class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect ftp ftp-inspection-map parameters class ftp-inspection-map policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns migrated_dns_map_1 inspect ftp inspect h323 h225 inspect h323 ras inspect http inspect ils inspect netbios inspect rsh inspect rtsp inspect skinny inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp inspect icmp inspect icmp error inspect esmtp inspect pptp ! service-policy global_policy global prompt hostname context Cryptochecksum:487525494a81c8176046fec475d17efe : end gateway# Thanks so much!

  Read the article

• How do I handle mysql replication in EC2 using private IPs?

  - by chris

  I am trying to set up a mysql master/slave configuration in two EC2 instances. However, every time I reboot an instance, the IP address (and hostname) changes. I could assign an Elastic IP address, but would prefer to use the internal IP address. I can't be the first person to do this, but I can't seem to find a solution. There are a lot of "getting started" guides, but none of them mention how to handle changing IP addresses. So what are the best practices to manage master/slave replication in EC2?

  Read the article

• Site-to-Site vpn setup amazon ec2 openswan (left) and cisco asa 5540 (right)

  - by user197279

  Need help on this VPN set-up on amazon EC2 using openswan Left side: EC2: setup a peer ip:- according to client using cisco (must be public) encrypted network:- according to client using cisco (must be public) Right side: Cisco ASA 5540: Peer ip: 3.3.3.3 Peer host/rightsubnet: 3.3.3.30/32 (Public NAT'd ip) The goal is to setup a site-to-site vpn connection with the client and I need guidance on the setup required on EC2. Appreciate the help Thanks.

  Read the article

• IPSec tunnel between FortiGate and iPhone / iOS - Works except for DNS / Wins

  - by user57988

  I have configured my Fortigate with a new VPN IPSec tunnel to allow the iOS Cisco client to connect. That works fine. I can RDP to my servers, browse to my servers via IP address, etc. But, the iPhone does not resolve my internal IP addresses. I have added the DNS servers that serve addresses for my internal users, as well as the WINS servers, but the iPhone acts like it doesn't see them at all. config vpn ipsec phase1-interface edit "iPhone_VPN" set type dynamic set interface "wan1" set dhgrp 2 set proposal 3des-sha1 3des-md5 set xauthtype auto set mode-cfg enable set authusrgrp "iPhone_VPN_Users" set ipv4-start-ip 10.10.99.100 set ipv4-end-ip 10.10.99.199 set ipv4-netmask 255.255.0.0 set ipv4-dns-server1 10.10.2.1 set ipv4-dns-server2 10.22.1.80 set ipv4-wins-server1 10.10.2.1 set ipv4-wins-server2 10.22.1.80 set ipv4-split-include "Dialup_VPN_Networks" set psksecret ENC xxxxx next end For whatever reason, as far as I can tell, the iPhone does not 'see' the DNS or WINS entries. I don't know how to check it...

  Read the article

• VirtualBox 4.1.12 Ubuntu Host Bridged Networking

  - by hidden_premise

  Setup Ubuntu Server 11.10 x64 VirtualBox 4.1.12 One network adapter eth0 with a static IP address My /etc/network/interfaces looks like #Local loopback auto lo iface lo inet loopback #Primary Interface auto eth0 iface eth0 inet static address 10.0.0.6 netmask 255.255.255.0 gateway 10.0.0.1 Need Static IP for Ubuntu Host Static IP for multiple Ubuntu guests My attempt Downloaded the .deb for 64bit virtual box dpkg -i virtualbox.deb Create a VM and install ubuntu server 11.10 x64 from ISO Set the networking mode to bridged and choose 'eth0' as the interface Fail. None of the guides I can find for bridged networking work because everything changed since vbox 2

  Read the article

• sudo ENV_KEEP not always preserving

  - by mafro

  When I run sudo -s, my environment is preserved. However, when running a simple sudo <command> it appears not to be preserved. The contents of my sudoers file: mafro@ip-10-xx-xx-250:~ > sudo cat /etc/sudoers.d/mafro Defaults env_reset Defaults env_keep += "HOME" mafro ALL=(ALL) NOPASSWD:ALL Using sudo -s, the ll alias is available: mafro@ip-10-xx-xx-250:~ > sudo -s root@ip-10-xx-xx-250:~ > ll total 8K drwxrwxr-x 2 mafro dev 4.0K Jun 9 23:59 bin drwxr-xr-x 20 mafro dev 4.0K Jun 9 23:59 dotfiles Using straight sudo, it is not: mafro@ip-10-xx-xx-250:~ > sudo ll sudo: ll: command not found What is happening here?

  Read the article

• Mac OS X: pushing all traffic through a VMWare VM [closed]

  - by bj99

  I want to set up an Astaro (Sophos) UTM in a Virtual Machine. The Setup should be at the end the following: Cable Modem (one IP adress) | [Ethernet] Sophos UTM (running as VM [VMWare Fusion 5] on the MacMini) | [WIFI] Airport Express v2 (for sharing Local Network to wireless and wired clients) 1)| [WIFI] 2)| [Ethernet over Thunderbolt Ethernet Adapter]* Clients MacMini (Local File Server) *To have the Mini also protected behind the UTM So the setup process for the UTM works fine, but then the problems start: I just have one external IP (from my cable modem provider)== So if I put the VM in briged mode my Internet connection drops, because the MacMini also has its IP adress. If I put the VM to NAT mode the Mini itself is not protected by the UTM So: is there a way to hide the en0 interface(Ethernet) and the en1 interface (Wifi) from the MacMini, so that they not even appear in System Preferences Network section but are available to the VM? That way the Mini must connect to the en2 interface (Thunderbolt adapter) to make any Internet/LAN connection and I just use the given single IP from the Cable Modem. Thaks for any suggestions... Sebastian

  Read the article

• VPN from Windows XP to OpenSwan: correct setup?

  - by Gnudiff

  Main question is what I am doing wrong in my OpenSwan or L2TP client setup? I am trying to create a Linux OpenSwan VPN connection from Windows XP machine, using preshared key and the builtin Windows XP L2TP IPsec option. I have followed the instructions in Linux Home networking Wiki for setting up OpenSwan and a guide to making it work with the Windows XP client, but am now stuck. The net setup is as follows: [my windows client, private IP A]<->[f/wall B]<-internet->[g/w X]<->[Linux OpenSwan server Y] A - private subnet /24 B - internet address X - internet address /24 Y - internet address on same subnet as X What I essentially want is for computer with A address to feel and work, as if it was in X subnet for purposes of outgoing and incoming TCP and UDP connections. My OpenSwan setup is as follows: /etc/ipsec.conf (AAA and YYY indicates ip address parts of A and Y addresses): conn net-to-net authby=secret left=B leftsubnet=AAA.AAA.AAA.0/24 leftnexthop=%defaultroute right=Y rightsubnet=YYY.YYY.YYY.0/24 rightnexthop=B auto=start the secret in /etc/ipsec.secrets is listed as: B Y : PSK "0xMysecretkey" where B & Y stand for respective IP adresses of gateway B and linux server Y My L2TP WinXP setup is: IP of destination: Y don't prompt for username security options: typical, require secured pass, don't require data encryption, IPSec PSK set to 0xMysecretkey networking options: VPN Type: L2TP IPSec VPN; TCPIP protocol (with automatic IP address assignment) and QOS packet schedulers enabled The error I get from Windows client is 789: "error during initial negotiation"

  Read the article

• DNS with Amazon EC2 Elastic Load Balancer

  - by user68173

  I'm told that I can't make the root of a domain (example.com) a CNAME - I have to specify an IP. Given that you can't use an IP address to point at your Elastic Load Balancer, what's the best thing to do? Currently I do this: example.com - A record to elastic IP of first server- redirects to www.example.com www.example.com CNAME to hostname of load balancer If the first server is out of action, the redirect will fail. Is there a better way to approach this?

  Read the article

• How to setup an IPSec / GRE tunnel on Windows Server 2008

  - by qbeuek

  I have a Windows Server 2008 that has a single network interface configured with a public IP address. My business partner has a private network. From my server, I need to access all the devices on his private network, and those devices must be able to access my server. My business partner has a standard solution for these requirements. They will setup an IPSec + GRE tunnel to my server. They told me, that I will need an additional public IP address for this to work. If it really is necessary, there is no problem, I can get an additional public IP address, although it will be assigned to the same physical network interface. I assume that on my server I will have both public IP addresses and also the private IP address from the tunnel (the same that is visible for the devices inside the private network). What alternatives do I have? Is it possible to configure this tunnel on my Windows Server 2008? Can it be done using only Windows tools, or do I need an additional free / commercial VPN software? If it cannot be done directly on Windows, can I setup an additional virtual machine running Linux, that will handle the IPSec + GRE tasks? How to do it? If it cannot be done on a virtual linux box, will I have to buy and setup a Cisco router to handle the IPSec + GRE tasks? Thanks for your opinions. I'm watching this question to clarify any issues or questions.

  Read the article

• Problems setting up home web server

  - by putmatrix

  Has anyone been able to get a server working with the router smcwbr14t-g? Although I have been able to get Apache set up correctly and my website works on the internal IP 192.168.2.101, I've been running into a dead end when trying to get it to show up on my external IP. In my router, there is no option for port forwarding, but there are options for a 'virtual server'. Following the manual, I have it set up like this: http://imgur.com/zrcV7.png I also disabled the firewall. I configured Apache to listen to ports 80, 81, and 443, none of which solved the problem. However, the IP's 192.168.2.101:443 and :81 load fine. The problem is that I still cannot load the web site from my external IP, either from my computer or outside.

  Read the article

• Haproxy not properly passing on X-Forwarded-For header

  - by JesseP

  I have backend web servers that receive requests by way of haproxy-nginx-fastcgi. The web app used to see multiple ip's coming through in the X-Forwarded-For header, chained together with commas (most original IP on the left). At some point in the recent past (just noticed, so not sure what caused it) something changed, and now I'm only seeing a single IP passed in the header to my web application. I've tried with haproxy 1.4.21 and 1.4.22 (recent upgrade) with the same behavior. Haproxy has the forwardfor header set: option forwardfor Nginx fastcgi_params config defines this header to be passed to the app: fastcgi_param HTTP_X_FORWARDED_FOR $http_x_forwarded_for; Anyone have any ideas on what might be going wrong here? EDIT: I just started logging the $http_x_forwarded_for variable in nginx logs, and nginx is only ever seeing a single IP, which shouldn't ever be the case, as we should always see our haproxy ip added in there, right? So, issue must either be in nginx handling of the variable coming in, or haproxy not building it properly. I'll keep digging... EDIT #2: I enabled request and response header logging in HAProxy, and it is not spitting anything out for X-Forwarded-For, which seems very odd: Oct 10 10:49:01 newark-lb1 haproxy[19989]: 66.87.95.74:47497 [10/Oct/2012:10:49:01.467] http service/newark2 0/0/0/16/40 301 574 - - ---- 4/4/3/0/0 0/0 {} {} "GET /2zi HTTP/1.1" O Here are the options i set for this in my frontend: mode http option httplog capture request header X-Forwarded-For len 25 capture response header X-Forwarded-For len 25 option httpclose option forwardfor EDIT #3: It really seems like haproxy is munging the header and just passing on a single one to the backend. This is fairly impacting to our production service, so if anyone has an ideas it would be greatly appreciated. I'm stumped... :(

  Read the article

• Does Mac address base restriction is possible over Internet???

  - by sahil

  Hi Frineds, I want to restrict the access into my server on MAC Address base over internet... does it possible??? or there any other way of restriction over internet instead of IP address possible?? (My users are connection into my adito base ssl vpn server and i want to give them access on base of MAC address or any other possible method not by there IP address...because they are on roaming Internet IP. thanking you, sahil.

  Read the article

• Struggling to set-up NLB cluster

  - by Chris W

  I'm trying to set up NLB on a couple of Windows 2008 R2 virtual servers running on top of Hyper V R2. The servers each have a single vNIC for LAN access (and a second vNIC for SAN access). I'm setting up the cluster to use Multicast mode. The vNICs are each set to allow MAC spoofing. Essentially I'm finding that i can add SERVER1 as a host and it will pick up and respond to the cluster IP from a remote subnet. If I then 'stop' the node in NLB manager it still responds when I would expect it to stop answering on that IP. If I recreate the cluster and add SERVER2 as the first host, the wizard completes correctly and an IPCONFIG on the server shows that it now has the cluster IP but I can't ping the cluster IP from a remote subnet but I can from another machine on the same subnet. As a final test - with both servers in the cluster, pinging from another machine on the same subnet I still get a response from the cluster IP when both nodes are stopped according to the NLB manager. The two VMs are sat on the same physical blade and are built up exactly the same as they'll be used as SharePoint web front end servers. I'm at a loss as to what could be wrong with the second VM that prevents it taking on the address just as the sole node in the cluster, never mind the strange behaviour of the cluster when I stop/start nodes.

  Read the article

• Getting packets from one port to another on a Dell PowerConnect 2824 switch

  - by Arvo Bowen

  I have a dell PowerConnect 2824 and I have a cat 5 cable connected from port 1 to port 23. Port 1 is reserved for VLAN 1 (the only VLAN that can manage the switch) and port 18-23 belong to VLAN 112. I currently have the switch setup with ip 10.71.3.5/27 and a test machine plugged into port 22 with IP address 10.71.3.30/27. For some reason I can not ping 10.71.3.5 from my test machine (10.71.3.30). Note: When I try to ping the server plugged into port 21 (IP: 10.71.3.7/27) also VLAN 112, I get responses just fine. Note: When I plug my test machine directly into port 1, I can ping 10.71.3.5 just fine. Quick Recap: Switch IP: 10.71.3.5 Port 1 - dedicated to management - (VLAN1) Port 21 - SERVER (10.71.3.7/27) - (VLAN112) Port 22 - test machine (10.71.3.30/27) - (VLAN112) Port 23 - dedicated to management (to hop over to VLAN 1 from VLAN 112) - (VLAN112)

  Read the article

• wireless network with cable modem and access point

  - by hayri

  I have a Scientific Atlanta EPC2203 cable modem and a TP-Link TL-WA500G access point. When I connect my computer directly to modem with a CAT5e cable I have internet connection on my laptop (when i type ipconfig i see my external ip there, provided by isp). So I decided to have wireless network in the flat, allowing other devices to connect as well. I bought this wireless ap (TL-WA500G) configured Wireless security stuff, and connected it to my modem. With that configuration (by default AP has static ip of 192.168.1.254) only my computer can connect to internet over wifi, but not any other device. When I set the IP of AP to Dynamic IP (DHCP) it is the same. How should I change my configuration to enable all wifi devices to connect to internet?

  Read the article

• windows clients cannot get dns resolution until you open and close ipv4 properties page

  - by GC78

  This strange problem has started recently. Some windows clients cannot seem to get dns resolution to the internet after boot, and sometimes again at some point in the day. Internal hosts are also slow to resolve. trying to ping an interal host by name will take a long time for the hostname to resolve to ip address and trying to ping a website by name will fail to resolve. If you go into the tcp/ip v4 properties and view but not change anything, ok/close out of that then the client starts working fine, hostnames will resolve quickly. I have seen this happen on both Vista and W7 clients. ipconfig /all at a client experiencing this problem shows everything in order. proper ip addr, gateway, dns server, dns suffix ect.. ipconfig /dnsflush will not fix them, neither will /release and /renew the clients get their ip address, mask and dns server info from either one of 2 OES dhcp servers that assign addresses in different scopes in the same subnet. the internal dns server is a different OES dns server the default gateway is not assigned by the OES server but is statically put in at the client (only for those who need to get to the Internet for their job) flat network topology What can I do to get to the bottom of this? It only happens to a few of the client machines and typically the same ones. It started happening when we made a change to one of the DHCP scopes in iManager. Strangly this problem only happens to clients that get an IP address from the scope that we didn't make any changes to.

  Read the article

• Ubuntu web site hosting & free ,tk domain

  - by user5819

  Hello, I am sort of new to web hosting so sorry if I ask bad questions. I have a pc that runs ubuntu I instaled apache and now I host a web site, but I need a domain name so I found out .tk is free. The site works when typing 192.168.1.x in the browser(x= a number) but in dot.tk when I register in ip it whats one that look like 79.117.x.x so thats where I get stuck, I think I managed to make my ip address static but it still looks like 192.168.1.x and I can't put that in because it says: " This IP address is not valid". Why must it have the ip address that looks like 79.117.x.x and won't work with the internal static one and how can I do to host my site with a .tk domain name ? PS: I'm using a cisco router that's connected with computer via a cable.

  Read the article

• How do I host multiple SSL websites on a single EC2 instance using Amazon Elastic Load Balancers?

  - by Developr

  If I have 3 separate websites which all require SSL (separate certificates) that I want to host on the same EC2 instance(s) across multiple availability zones so that we have the ability to scale and be highly available, how do I achieve this using ELBs in my Amazon VPC? Each site requires a separate IP address, so I have added multiple private IPs to the EC2 instance, but I am unsure how to bind the ELB to a certain IP on the instance. I was also able to setup multiple ELB pointing to the same instance, but again, I am not seeing any way to bind each ELB to a separate IP on the instance. If this is not possible, what is the best option? Run each site on a separate EC2 instance / ELB combo (expensive and harder to maintain) Give each site a separate public IP and use Route 53 to do the load balancing (seems like a hack) Use a different load balancer option such as HAProxy that should be able to work like a normal load balancer appliance. Please help!

  Read the article

• Bind: dns not 'spreaded'

  - by realtebo

  I've elfoip.net with bind $ whois elfoip.net | grep 'Name Server' Name Server: NS.ELFOIP.NET I need elfoip.net be able to serve third levels domain, like mickymouse.elfoip.net, etc... Yes, I'm trying to create an other useless dyndns clone. i've added some third level as A RR. Eg: executing this from the server itself $ dig @localhost mattinauno.elfoip.net ;; ANSWER SECTION: mattinauno.elfoip.net. 60 IN A 192.81.221.113 I was expecting in one or two days, from my pc i can digit in browser mattinauno.elfoip.net and get page a 192.81.221.113 But this is not happening. Are there any prerequisites to satisfy to allow dns of my isp to be able to forward dns resolution of *.elfoip.net to MY dns ? (Or to ask to him and then cache ?) TTL of zone is set a 5m I've not AllowQuey directive, is it necessary for other dns to cache from mine ? I've cheched the zone with bind utility named-checkzone but no error detected. How to diagnose why other dns doesn't take in account RR from mine ? from my home pc dig @ns.elfoip.net mattinauno.elfoip.net ;; ANSWER SECTION: mattinauno.elfoip.net. 60 IN A 192.81.221.113 ;; AUTHORITY SECTION: elfoip.net. 300 IN NS ns.elfoip.net. but dig @8.8.8.8 mattinauno.elfoip.net give no answers Whole zone file: note I've used nsupdate, so this file has been re-edited and re-formatted from this utility ! root@mirko:/var/named# cat elfoip.net.db $ORIGIN . $TTL 300 ; 5 minutes elfoip.net IN SOA ns.elfoip.net. hostmaster.elfoip.net. ( 2013062314 ; serial 3600 ; refresh (1 hour) 600 ; retry (10 minutes) 86400 ; expire (1 day) 60 ; minimum (1 minute) ) NS ns.elfoip.net. A 109.168.99.6 $ORIGIN elfoip.net. $TTL 60 ; 1 minute google A 173.194.35.56 maiscai A 192.81.221.113 mattinadue A 192.81.221.113 mattinauno A 192.81.221.113 $TTL 300 ; 5 minutes ns A 109.168.99.6 $TTL 60 ; 1 minute prova A 208.67.222.222 prova2 A 13.23.34.45 A 13.23.34.46 www CNAME elfoip.net. EDIT: added named.conf.local zone "elfoip.net" { type master; // file "/etc/bind/elfoip.net.db"; file "/var/named/elfoip.net.db"; allow-update { key elfoip.net ; }; }; EDIT: I've no setup list-on directive *EDIT Added a TCPDUMP after [email protected] wwww.elfoip.net from a machine which uses my company internal dns, who allow recursive query. root@mirko:~# tcpdump -i eth0 'port 53' tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 11:57:23.293611 IP host9-210-static.22-87-b.business.telecomitalia.it.45958 > mirko.elfoip.net.domain: 61337+ A? www.elfoip.net. (32) 11:57:23.294114 IP mirko.elfoip.net.domain > host9-210-static.22-87-b.business.telecomitalia.it.45958: 61337* 2/1/1 CNAME elfoip.net., A 109.168.99.6 (95) 11:57:23.294554 IP mirko.elfoip.net.59571 > google-public-dns-a.google.com.domain: 45851+ PTR? 9.210.22.87.in-addr.arpa. (42) 11:57:23.330444 IP google-public-dns-a.google.com.domain > mirko.elfoip.net.59571: 45851 1/0/0 PTR host9-210-static.22-87-b.business.telecomitalia.it. (106) 11:57:23.331181 IP mirko.elfoip.net.44171 > google-public-dns-a.google.com.domain: 33339+ PTR? 8.8.8.8.in-addr.arpa. (38) 11:57:23.439405 IP google-public-dns-a.google.com.domain > mirko.elfoip.net.44171: 33339 1/0/0 PTR google-public-dns-a.google.com. (82) 11:57:31.350654 IP host9-210-static.22-87-b.business.telecomitalia.it.30108 > mirko.elfoip.net.domain: 38269 [1au] A? ns.elfoip.net. (42) 11:57:31.351117 IP mirko.elfoip.net.domain > host9-210-static.22-87-b.business.telecomitalia.it.30108: 38269* 1/1/1 A 109.168.99.6 (72) If i dig @8.8.8.8 www.elfoip.net, NOTHING happens in dump log !

  Read the article

• Mail server configuration

  - by Rashid Iqbal

  I want to configure mail server at my office. for this purpose I purchase on live IP and ask the ISP to set a ptr against that Live IP. in response I get the email from ISP in which three entries listed. as shown below: Live IP: xxx.xxx.xx.xxx ns1.xxx.net.xx ns2.xxx.net.xx now please help to setup at my end.

  Read the article

• Redirect specific domains with DNS

  - by user66377

  Currently we filter internet content using OpenDNS, our internal Windows DC/DNS servers point to the router's DNS, which then points to the OpenDNS servers. This works well to block all computer's on the network equally. New issue. We now need to separate what computers can go to what sites. So facebook is blocked for everyone right now, but I need to open it up to the 3 community computers now. The 3 community computers will be on an untrusted network seperate from the company computers so they can have their own DNS server, from their own router. The issue is though they still must connect to the internet using the same IP address. So OpenDNS sees the same IP and blocks them the same way. We are looking into getting a second IP, but it's not likely an option without going up to the next major level with our ISP which we don't want to do. My thought is this. Can I setup a DNS server on the untrusted network, and then depending on the request that comes in, have it send it to either OpenDNS or our ISP's DNS? Example www.facebook.com and www.youtube.com are both on the OpenDNS blacklist. So if they go to www.youtube.com, the local DNS server goes to the ISP's DNS to get the IP and thus the client gets the right IP and can go to the site. This would be manually entered for each allowed site thus creating a white list. Then if they go to www.facebook.com, since the local DNS server does not find an entry, it sends the request to OpenDNS, which then sees the site is on the blacklist, and thus sends the it's blocked webpage. The local DNS server can be either Bind on Linux or MS DNS on Window 2008. If this can be done, can you give some direction as well as I've never setup a DNS such as this before. Thanks

  Read the article

• Tomcat and IIS6 on one server, multiple websites

  - by Rafe

  Windows Server 2003 with IIS6 and Tomcat 6.0.26. Three sites running on this server. One is PHP, one is ASP and the third uses Tomcat. The first two work flawlessly. The third is being a pain. Tomcat is installed and if called on the server itself by IP address xxx.xxx.xxx.xxx:8080 shows the welcome page. Calling the same address from an external machine gives a 'could not connect' error. Calling the ip address from within the server on standard port 80 gives me an error 324 (net::ERR_EMPTY_RESPONSE). Have tried using httpcfg to force listening only on ports within the ip range I'm using in a manner similar to question 35650 located here on serverfault but with no success. There are actually ten ip addresses on this machine but I'm only using three of them at this point. Any pointers on troubleshooting this would be appreciated!

  Read the article

< Previous Page | 133 134 135 136 137 138 139 140 141 142 143 144  | Next Page >