Search Results

Search found 11687 results on 468 pages for 'ex networking guy'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 145/468 | < Previous Page | 141 142 143 144 145 146 147 148 149 150 151 152  | Next Page >

  • VLAN for WiFi traffic separation (new to VLANing)

    - by Philip
    I run a school network with switches in different departments. All is routed through to a central switch to access the servers. I would like to install WiFi access points in the different departments and have this routed through the firewall (an Untangle box that can captive-portal the traffic, to provide authentication) before it gets onto the LAN or to the Internet. I know that the ports that the APs connect to on the relevant switches need to be set to a different VLAN. My question is how do I configure these ports. Which are tagged? Which are untagged? I obviously don't want to interrupt normal network traffic. Am I correct in saying: The majority of the ports should be UNTAGGED VLAN 1? Those that have WiFi APs attached should be UNTAGGED VLAN 2 (only) The uplinks to the central switch should be TAGGED VLAN 1 and TAGGED VLAN 2 The central switch's incoming ports from the outlying switches should also be TAGGED VLAN 1 and TAGGED VLAN 2 There will be two links to the firewall (each on its own NIC), one UNTAGGED VLAN 1 (for normal internet access traffic) and one UNTAGGED VLAN 2 (for captive portal authentication). This does mean that all wireless traffic will be routed over a single NIC which will also up the workload for the firewall. At this stage, I'm not concerned about that load.

    Read the article

  • Connect multiple WiFi networks simultaneously

    - by Tamir
    Hi all :-) I thought about connecting multiple WiFi networks simultaneously in order to leverage my bandwidth. I heared about "VirtualWifi" which is abandon by MS research. I have new Intel WiFi chipset (6200) and Win7 (64bit). Can I do such of thing somehow? Many thanks for your answers! Tamir

    Read the article

  • Waht are the best proxy servers for Mikrotik router?

    - by niren
    I want to setup proxy server for my Mikrotik router. There is inbuilt web-proxy for Mikrotik router but I can extend this upto transparent proxy(kind of proxy server) only. We need High anonymity proxy so that we can hide our LAN static IPs(we don't have private IP) from outside Intruder/hackers. And also I know I can setup NAT rule to hide our IP(only private IP not public/static IP) as per this link, but I cann't hide static/public IP. Essentially I want to hide our Public/Static IP (there is static/public IP for all systems in our company) from outside Internet. To achieve this I guess I need other software apart from Mikrotik router gateway setup. can anyone suggest me Is there any other software to achieve my requirement? I know about squid proxy but am not sure whether It can hide our static/public IP. Note: we have assigned public/Static IP to all systems of our company since we have rights to access our company's system from anywhere by dedicated laptop(given by our company with more security) through VPN connection.

    Read the article

  • RJ45 female to male fault

    - by GeoPhoenix
    i have the following - common - problem, on one end of the cable, there are RJ45 males T586 A which are connected to a 8-port switcher, on the other end, there supposed to be RJ45 females _T586 A which in turn will allow another RJ45 male to be connected. the commonly used color scheme was followed on males (having the head down) blue white blue orange white green green white orange brown white brown the problem i believe is located on female end of cable, which i try multiple time to follow the numbers designated by the module, which is the list above in reverse, and as listed resulting in no signal transmission. tried the T586B (both ends) for device to device once, but no results. Which is the proper way of handling this wiring? There were also additional RJ45 females with the numbers 6-5-4-3, but 1 to 8 isn't supposed to be used for this?

    Read the article

  • Loss of wireless network connectivity when playing video via HDMI cable

    - by Jeff Fohl
    Hi Folks - New to Super User, so I hope this question fits in with the guidelines. Very strange problem I am having, and I am at a loss as to how to continue troubleshooting this one. The basic problem is that when I attempt to watch streamed video on a particular display device (an Optoma HD180 projector), my network connectivity drops like a stone to barely measurable levels. This is my setup: I have a Dell H2C 730x running Windows 7 64bit. This particular computer has two ATI Radeon HD 4800 video cards. I have two Samsung 22" monitors connected to one card, and an Optoma HD180 digital projector connected to the other card via an HDMI cable. My internet connection is normally a reliable 6Mbps. The problem I am having occurs when I stream video (or even just browse the web) on the Optoma Projector. When I do this, my internet connection drops to practically zero (just a few kilobits per second). When I move the browser away from the projector, and over to one of my Samsung monitors, the internet connection comes right back. Note that the Optoma projector is on and enabled as a third monitor all this time. I can move the mouse around on the projector without triggering the problem. I tried pinging my router when I was playing a movie on one of the monitors, and I get a 1 millisecond response. However, when I have the movie playing on the Optoma projecter, pinging the router gives me response times in the hundreds of milliseconds, or times out completely. So, it clearly is something local to my machine - and not some sort of throttling occurring down the line. I would think that it is possibly something to do with the HDMI driver conflicting somehow with my network driver (which is a USB-based wireless connection). This one has me really stumped. Anyone have any ideas? EDIT: I am now leaning towards the possibility that the HDMI cable is somehow interfering with the wireless network, when large amounts of data are being pushed through the cable. Is this possible?

    Read the article

  • How to reliably keep an SSH tunnel open?

    - by Peltier
    I use an SSH tunnel from work to go around various idotic firewalls (it's ok with my boss :)). The problem is, after a while the ssh connection usually hangs, and the tunnel is broken. If I could at least monitor the tunnel automatically, I could restart the tunnel when it hangs, but I haven't even figured a way of doing that. Bonus points for the one who can tell me how to prevent my ssh connection from hanging, of course!

    Read the article

  • Is it better to use N WiFi or Cat5e ethernet for large file transfers?

    - by Seth
    I have a network containing 802.11 N WiFi Devices and gigabit ethernet devices, however using only Cat5e wiring. I know that if I used Cat6, the ethernet would be much faster however if I need to transfer a large file between a device thats connected normally connected via ethernet and a device thats normally connected via WiFi, would it be advantageous to bother plugging the WiFi device in to the network? or should I switch the ethernet device to WiFi? or does it really matter?

    Read the article

  • A design for watching IPTV anywhere in the house?

    - by Carlos
    I'm currently getting TV and internet via IP to my house. The service comes into an ISP-supplied Router (ST585) which is in turn connected to an IPTV box. I need to replace the router, as it's port forwarding seems to be broken, so I was thinking of getting a box with an IGMP proxy. I once mistakenly got a non-IGMP box, with the result that the internet worked, but the IPTV didn't. The trouble is, I have no idea how to set up the IPTV part of the installation. I do have a copy of the ST585 configuration, but it doesn't look anything like the Cisco stuff that I learned about at CCNA. What are the steps necessary to reproduce the IGMP setup? I was thinking of WireSharking the communications on the network, but I suppose I'd need a hub for that? As a bonus, since the packets are coming in with the TV signal, is it possible to mess with the IGMP setup so I can watch TV anywhere in the house?

    Read the article

  • A design for watching IPTV anywhere in the house?

    - by Carlos
    I'm currently getting TV and internet via IP to my house. The service comes into an ISP-supplied Router (ST585) which is in turn connected to an IPTV box. I need to replace the router, as it's port forwarding seems to be broken, so I was thinking of getting a box with an IGMP proxy. I once mistakenly got a non-IGMP box, with the result that the internet worked, but the IPTV didn't. The trouble is, I have no idea how to set up the IPTV part of the installation. I do have a copy of the ST585 configuration, but it doesn't look anything like the Cisco stuff that I learned about at CCNA. What are the steps necessary to reproduce the IGMP setup? I was thinking of WireSharking the communications on the network, but I suppose I'd need a hub for that? As a bonus, since the packets are coming in with the TV signal, is it possible to mess with the IGMP setup so I can watch TV anywhere in the house?

    Read the article

  • XP/Intel wirelss only showing 'hpsetup' ad-hoc network that isn't there

    - by ewall
    Trying to help my friend with her work XP laptop, which recently stopped seeing any wireless SSIDs except the SSID 'hpsetup' (presumably from a wireless-enabled HP printer). Relevant information: The laptop is a Lenovo T500 (Centrino 2 chipset) with XP SP3. The network adapter is Intel WiFi Link 5300 AGN (built-in). The latest version (13.5) of the Intel drivers only are installed, not the Intel config software, so XP is using the Wireless Zero-Config manager. The wireless router is a NetGear WGR614 v7 with 802.11b/g. The SSID is broadcasting, and all the other laptops in the house can see and connect to it. On the laptop, I have tried repairing the network connection, disabling power management, turning off 802.11a & n radio, and more... but it didn't help. Some of the wireless settings are managed by Group Policy from her office (I get the "At least one of your changes was not applied successfully to your wireless configuration" message). It is enforced to connect to "Access point (infrastructure) networks only". The real kicker is that my laptop does not an SSID named 'hpsetup' here, but it can see several broadcasted SSIDs including the one we want, while my friend's laptop doesn't see any SSID except 'hpsetup'. Any suggestions?

    Read the article

  • apache returning "The connection was reset"

    - by usjes
    One of my dedicated servers had some network issue today and the data center has to replace some router. Since then the sites on that server returns "The connection was reset" error most of the time. I tried installing nginx and it opens better, but it still shows the error sometimes. Everything in the config seems normal, what could be causing this error? UPDATE: Just noticed that in whm apache status there are always only 1 requests currently being processed, 8 idle workers. I know for sure the server received thousands of requests per minute. What could be limiting this to such a low number?

    Read the article

  • Encrypted WiFi with no password?

    - by Ian Boyd
    Is there any standard that allows a WiFi connection to be encrypted, but not require a password? i know that (old, weak) WEP, and newer WPA/WPA2 require a password (i.e. shared secret). Meanwhile my own wireless connections are "open", and therefore unencrypted. There is no technical reason why i can't have an encrypted link that doesn't require the user to enter any password. Such technology exists today (see public key encryption and HTTPS). But does such a standard exist for WiFi? Note: i only want to protect communications, not limit internet access. i get the sense that no such standard exists (since i'm pretty capable with Google), but i'd like it confirmed. Claraification: i want to protect communcations, not limit internet access. That means users are not required to have a password (or its moral equivalent). This means users are not required: to know a password to know a passphrase to enter a CAPTCHA to draw a secret to have a key fob to know a PIN to use a pre-shared key have a pre-shared file to possess a certificate In other words: it has the same accessibility as before, but is now encrypted.

    Read the article

  • Speed up file access on home network

    - by kurasa
    I have 2 PCs (Windows 7 Ultimate) and a Mac running Windows 7 using vmware fusion on my home network tied together using WRN1000 NETGEAR Router On one of the PC's I have a set of file (MYOB .myo). These use a data source to access the data in the files. Operations (reading,writing) to the .myo on the PC which hosts the files is fine but the other 2 it is painfully slow/unreliable and I am wondering what I can do to speed this up. Some ideas I have are 1. Turn off the Windows firewall on all the windows installations on the home network 2. Buy another router. Specifically a router which I can connect a USB flash drive on the back where I can put the .myo files and all the PC can access the files from the USB flash drive on the router (does this speed things up?) Any advice greatly appreciated on how I can speed up this access to data

    Read the article

  • Should I quit using Ifconfig?

    - by Zhen
    With the servers that mount Infiniband cards, when I use the ifconfig command I have the warning: Ifconfig uses the ioctl access method to get the full address information, which limits hardware addresses to 8 bytes. Because Infiniband address has 20 bytes, only the first 8 bytes are displayed correctly. Ifconfig is obsolete! For replacement check ip. Should I quit using ifconfig? It is deprecated in favor of ip command? Or it will be update in the near future.

    Read the article

  • Why would http & https be blocked, even in safe mode with firewall disabled?

    - by Cogwheel
    I have a windows 7 machine (dell studio xps). Everything on it seems to be in working order. The network device says it has internet connectivity, and indeed I can ping websites, transfer files via ftp, connect to vpns and remote desktop, but the web won't work. I've disabled the windows firewall and still no go. There are no other firewalls installed. The computer came with a trial of norton 360 so I also used the norton removal tool (which solved a similar problem on another computer for me previously). Any thoughts?

    Read the article

  • Why don't mails show up in the recipient's mailspool?

    - by Jason
    I have postfix dovecot running with local email system on thunderbird. I have two users on by ubuntu, mailuser 1 and mailuser 2 whom i added to thunderbird. Everything went fine, except the users dont have anything on their inbox on thunderbird and sent mails dont get through. Im using maildir as well. Checking /var/log/mail.log reveals this This what is happining: Restarting postfix and dovecot and then sending mail from one user to another user... I believe this line is the problem May 30 18:31:55 postfix/smtpd[12804]: disconnect from localhost[127.0.0.1] Why is it not connecting ? What could be wrong ? /var/log/mail.log May 30 18:30:21 dovecot: imap: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) May 30 18:30:21 dovecot: master: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) May 30 18:30:21 dovecot: imap: Server shutting down. in=467 out=475 May 30 18:30:21 dovecot: config: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) May 30 18:30:21 dovecot: log: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) May 30 18:30:21 dovecot: anvil: Warning: Killed with signal 15 (by pid=1 uid=0 code=kill) May 30 18:30:21 dovecot: master: Dovecot v2.2.9 starting up (core dumps disabled) May 30 18:30:54 dovecot: imap-login: Login: user=<mailuser2>, method=PLAIN, rip=::1, lip=::1, mpid=12638, TLS, session=<xUfQkaD66gAAAAAAAAAAAAAAAAAAAAAB> May 30 18:31:04 postfix/master[12245]: terminating on signal 15 May 30 18:31:04 postfix/master[12795]: daemon started -- version 2.11.0, configuration /etc/postfix May 30 18:31:55 postfix/postscreen[12803]: CONNECT from [127.0.0.1]:33668 to [127.0.0.1]:25 May 30 18:31:55 postfix/postscreen[12803]: WHITELISTED [127.0.0.1]:33668 May 30 18:31:55 postfix/smtpd[12804]: connect from localhost[127.0.0.1] May 30 18:31:55 postfix/smtpd[12804]: 1ED7120EB9: client=localhost[127.0.0.1] May 30 18:31:55 postfix/cleanup[12809]: 1ED7120EB9: message-id=<[email protected]> May 30 18:31:55 postfix/qmgr[12799]: 1ED7120EB9: from=<[email protected]>, size=546, nrcpt=1 (queue active) May 30 18:31:55 postfix/local[12810]: 1ED7120EB9: to=<mailuser2@mysitecom>, relay=local, delay=0.03, delays=0.02/0.01/0/0, dsn=2.0.0, status=sent (delivered to maildir) May 30 18:31:55 postfix/qmgr[12799]: 1ED7120EB9: removed May 30 18:31:55 postfix/smtpd[12804]: disconnect from localhost[127.0.0.1] May 30 18:31:55 dovecot: imap-login: Login: user=<mailuser1>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=12814, TLS, session=<sD9plaD6PgB/AAAB> This is my postfix main.cf See /usr/share/postfix/main.cf.dist for a commented, more complete version # Debian specific: Specifying a file name will cause the first # line of that file to be used as the name. The Debian default # is /etc/mailname. #myorigin = /etc/mailname smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no # appending .domain is the MUA's job. append_dot_mydomain = no # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h readme_directory = no # TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client. smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination myhostname = server mydomain = mysite.com alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = $mydomain mydestination = mysite.com #relayhost = smtp.192.168.10.1.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.10.0/24 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = all home_mailbox = Maildir / mailbox_command= All ports are listening tcp 0 0 *:imaps *:* LISTEN tcp 0 0 *:submission *:* LISTEN tcp 0 0 *:imap2 *:* LISTEN tcp 0 0 s148134.s148134.:domain *:* LISTEN tcp 0 0 192.168.56.101:domain *:* LISTEN tcp 0 0 10.0.2.15:domain *:* LISTEN tcp 0 0 localhost:domain *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 *:smtp *:* LISTEN tcp 0 0 localhost:953 *:* LISTEN tcp6 0 0 [::]:imaps [::]:* LISTEN tcp6 0 0 [::]:submission [::]:* LISTEN tcp6 0 0 [::]:imap2 [::]:* LISTEN tcp6 0 0 [::]:domain [::]:* LISTEN tcp6 0 0 [::]:ssh [::]:* LISTEN tcp6 0 0 [::]:smtp [::]:* LISTEN tcp6 0 0 localhost:953 [::]:* LISTEN

    Read the article

  • Cannot open any web page, but MSN Messenger works

    - by Steven
    I use my computer behind a router. My MSN program can connect to the Internet, but I can not open any web site with my web browser. It seems that this problem is related to DNS because when I input an IP address directly in the address bar of my web browser, the web page can be displayed. However, I don't know how to fix this problem. I choose Google Public DNS server on my computer, this problem still exists. My OS is windows XP. How to fix this problem? Any ideas?

    Read the article

  • Postfix as mail relay for web servers?

    - by Ben Carleton
    Hi all, I want to set up Postfix to relay mail from a group of webservers. I would like to limit senders by IP so I can restrict the box to only my webservers, so I don't have an open relay and don't have to worry about authentication. So, what I guess I need is to limit inbound access but allow mail to be sent to any outbound address. I've looked through the docs and don't even know where to start, so any tips would be appreciated. Thanks!

    Read the article

  • UDP multicast streaming of media content over WIFI

    - by sajad
    I am using vlc to stream media content over wireless network in scenario like this (from content streamer to stream receiver client): The bandwidth of wireless network is 54 Mb/s and UDP stream's required bandwidth is only 4 Mb/s; however there is trouble in receiving media stream and quality of playing specifically in multicast mode; means I can play the stream but it has jitter and does not play smoothly. In uni-cast I can stream up to 5 media streams correctly, but in multicast mode there is problem with streaming just one media! However when I stream from client some multicast streams; the wifi access-point can receive data correctly and I can see the video in "udp streamer" side correctly even when number of multicast streams increases to 9; But as you see I want to stream from streaming server and receive media in client size. Is this a typical problem of streaming real-time contents over wireless networks? Is it necessary to change configurations of my WIFI switch or it is just a software trouble? thank you

    Read the article

  • SASL - Plaintext password not accepted - Encrypted works

    - by leviathanus
    I have a very strange issue! SASL does not work properly, as it does not accept plain-text passwords (like Outlook sends them) Oct 2 10:35:09 srf cyrus/imap[4119]: accepted connection Oct 2 10:35:09 srf cyrus/imap[4119]: badlogin: [217.XX.XXX.140] plaintext [email protected] SASL(-1): generic failure: checkpass failed Now I switch to "Encrypted password" in Thunderbird. I have the same issue as Outlook above on Thunderbird if I turn on "Plain Password"): Oct 2 10:40:40 srf cyrus/imap[14644]: accepted connection Oct 2 10:40:41 srf cyrus/imap[14622]: login: [217.XX.XXX.140] [email protected] CRAM-MD5 User logged in Same with Postfix: Without Oct 2 10:42:48 srf postfix/smtpd[17980]: connect from unknown[217.XX.XXX.140] Oct 2 10:42:48 srf postfix/smtpd[17980]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied Oct 2 10:42:48 srf postfix/smtpd[17980]: warning: SASL authentication failure: Password verification failed Oct 2 10:42:48 srf postfix/smtpd[17980]: warning: unknown[217.XX.XXX.140]: SASL PLAIN authentication failed: generic failure With "Encrypted password": Oct 2 10:45:27 srf postfix/smtpd[21872]: connect from unknown[217.XX.XXX.140] Oct 2 10:45:28 srf postfix/smtpd[21872]: 50B3A332AAB: client=unknown[217.XX.XXX.140], sasl_method=CRAM-MD5, [email protected] Oct 2 10:45:28 srf postfix/cleanup[21899]: 50B3A332AAB: message-id=<[email protected]> Oct 2 10:45:28 srf postfix/qmgr[6181]: 50B3A332AAB: from=<[email protected]>, size=398, nrcpt=1 (queue active) Oct 2 10:45:28 srf postfix/smtpd[21872]: disconnect from unknown[217.XX.XXX.140] Config: /etc/imapd.conf:sasl_mech_list:LOGIN PLAIN CRAM-MD5 and /etc/postfix/sasl/smtpd.conf:mech_list: LOGIN PLAIN CRAM-MD5 I have no idea where to dig. Please advise.

    Read the article

  • What is the simplest way to confirm or to disprove that Virtual Box virtual machines support GRE protocol

    - by mbaitoff
    It is stated in VirtualBox manual (chapter 6) that VM network interfaces in "NAT" mode do not support GRE protocol. I'm currently trying to setup a pair of VMs as pptp server and client which would communicate via VM's network interfaces in "INTERNAL NETWORK" mode. I set up modern Linux OSes with pptp software on both machines and made some basic pptp configuration. However, I fail to connect the client to the server - server reports a failure when writing to GRE socket. I now need a quick proof of principal ability to use the GRE protocol between VirtualBox VMs over a network in "INTERNAL" mode, such as a several-line .c program that would try to open/send/receive/close a GRE protocol connection, or like a specific lightweight tool to diagnose the GRE availability. Any suggestions?

    Read the article

  • Slow LAN transfer from 3rd party computer

    - by Chris
    Hi Everyone, I've got an odd problem that I'm not really sure where to start the troubleshooting process. I have a 'server' with Windows Server 2008R2 (64-bit) installed and it has a couple of hard drives. If I Remote Desktop into the server and transfer files from one HD to the other, all it fine. If however, I use my workstation (Windows 7 64bit) and open up a shared resource on the server and transfer a file from one hard drive on the server to another HD on the server (not using Remote Desktop, just Windows explorer/Network places), the transfer crawls... It takes about 5mins to discover files/calculate the transfer and then starts transferring at speeds like 56KB/s - 200KB/s. Both machines have Marvel GigE network ports with a TrendNet 8-port green GigE switch. I've set Jumbo packets to 9K on both machines...

    Read the article

  • Windows VPN not authenticating from ADSL to Wireless link

    - by deanvz
    I have a normal windows VPN on a computer connecting to a 196.201.x.x/24 IP. If this VPN tries to connect from any address in the 41.x.x.x range it cant get there. The server is a normal windows 2008 server, running exchange with a PPPoE IP natted to a public IP on the public gateway of the wireless network as the server is on site and its connectivity is derived from Mikrotik RB's. The computer on the 41 range can traceroute and ping the server, but the VPN does not authenticate. When on the network or any other, the VPN works fine. Is there something that could be configured on the VPN client? All firewall settings of a standard ADSL router have been checked and found to block only ICMP's. Is this a VPN configuration problem or a network issue?

    Read the article

  • What is the advantage of iSCSI over SMB?

    - by sofakng
    At my house I'm running a Hyper-V server with a Windows Server 2008 R2 VM acting as a file server. Files are shared across my network using SMB. (Also, the machine is using a PERC 6/i RAID card but I don't think that's important) I'm thinking about setting up a dedicated SAN (iSCSI) machine and then switching my Hyper-V server to ESXi. What are the advantages of using iSCSI versus SMB? I think I would still need a file server OS (eg. Win 2k8) sharing files via SMB so I'm not sure the end result would be any different than my current setup...

    Read the article

  • How to place a virtual machine in DMZ?

    - by Giordano
    I have an Ubuntu 12.04 server running few virtual machines with KVM. I would like to expose some of these virtual machines on the internet, to make it possible for customers to test the products we're developing and make available other products for demo purposes. One of the server NICs is configured with a public IP. However before exposing anything on the web I would like to be sure that if one of the virtual machines get compromised, the attacker doesn't reach the rest of the hosts. What I would like to do is to put these virtual machines into a DMZ. These are the steps I'm planning to do: Create a tap interface in the virtualization host (let's say tap1) Create a bridge using tap1 and give it an IP in a subnet separate from the other hosts. Let's say 10.0.0.1 Attach the DMZ virtual machines to the bridge and configure their IP statically (10.0.0.2, 10.0.0.3, etc...) Using UFW, forbid any traffic from 10.0.0.0/24 to any of the internal hosts, allow the traffic from the internal hosts towards 10.0.0.0/24 and expose the virtual machines on the web using port forwarding. Do you think this setup is safe? Can you suggest any improvement or a better/safer approach? Thanks in advance!

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 141 142 143 144 145 146 147 148 149 150 151 152  | Next Page >