Search Results

Search found 15651 results on 627 pages for 'setup'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 162/627 | < Previous Page | 158 159 160 161 162 163 164 165 166 167 168 169  | Next Page >

  • UDP blocked by Windows XP Firewall when sending to local machine

    - by user36367
    I work for a software development company but the issue doesn't seem to be programming-related. Here is my setup: Windows XP Professional with Service Pack 3, all updated Program that sends UDP datagrams Program that receives UDP datagrams Windows Firewall set to allow inbound UDP datagrams on a specific port (Scope: Subnet) If I send a UDP datagram on any port to other, similar machines, it goes through. If I send the UDP datagram to the same computer running the program that sends (whether using broadcast, localhost IP or the specific IP of the machine), the receiver program gets nothing. I've traced the problem down to the Windows XP Firewall, as Windows 7 does not have this problem (and I do not wish to sully my hands with Vista). If the exception I create for that UDP port in the WinXP firewall is set for a Scope of Subnet the datagram is blocked, but if I set it to All Computers or specifically enter my network settings (192.168.2.161 or 192.168.2.0/255.255.255.0) it works fine. Using different UDP ports makes no difference. I've tried different programs to reproduce this problem (ServerTalk to send and either IP Port Spy or PortPeeker to receive) to make sure it's not our code that's the issue, and those programs' datagrams were blocked as well. Also, that computer only has one network interface, so there are no additional network weirdness. I receive my IP from a DHCP server, so this is a straightforward setup. Given that it doesn't happen in Windows 7 I must assume it's a defect in the Windows XP Firewall, but I'd think someone else would have encountered this problem before. Has anyone encountered anything like this? Any ideas?

    Read the article

  • Can't write to samba share

    - by Tiddo
    I try to setup a samba file server, but whatever I do I can't get write access to work (reading works fine). This is my current situation: I have a local fileserver with 3 harddisks mounted at /mnt/share/disk<nr>. 2 of these use the ext4 filesystem, the third one is ntfs. This file server runs Fedora 18 32-bit. The root folders of these harddisks are owned by superman:superman, and testparm outputs the following: [global] workgroup = WORKGROUP netbios name = FILE_SERVER server string = Samba Server Version %v interfaces = lo, eth0, 192.168.123.191/8 log file = /var/log/samba/log.%m max log size = 50 unix extensions = No load printers = No idmap config * : backend = tdb hosts allow = 192.168.123. cups options = raw wide links = Yes [share] comment = Home Directories path = /home/share/ write list = superman, @users force user = superman read only = No create mask = 0777 directory mask = 0777 inherit permissions = Yes guest ok = Yes I've tried a lot to get this to work: the disk are chmodded to 777, I've tried turning off selinux, I've added the samba_share_t label to the disks and as can be seen in the above output I tried to make the smb config as permissive as I could, but still I cannot write to the share (tried from Windows 7 and another Fedora installation). What can I try to be able to write to the shares? EDIT: The replies I got so far are mostly concerned with the smb.conf. I have however tried a lot of different setup, ready made configs, and solutions to similar problems for the smb.conf file, so I suspect that the real problem is somewhere else.

    Read the article

  • Can a pool of memcache daemons be used to share sessions more efficiently?

    - by Tom
    We are moving from a 1 webserver setup to a two webserver setup and I need to start sharing PHP sessions between the two load balanced machines. We already have memcached installed (and started) and so I was pleasantly surprized that I could accomplish sharing sessions between the new servers by changing only 3 lines in the php.ini file (the session.save_handler and session.save_path): I replaced: session.save_handler = files with: session.save_handler = memcache Then on the master webserver I set the session.save_path to point to localhost: session.save_path="tcp://localhost:11211" and on the slave webserver I set the session.save_path to point to the master: session.save_path="tcp://192.168.0.1:11211" Job done, I tested it and it works. But... Obviously using memcache means the sessions are in RAM and will be lost if a machine is rebooted or the memcache daemon crashes - I'm a little concerned by this but I am a bit more worried about the network traffic between the two webservers (especially as we scale up) because whenever someone is load balanced to the slave webserver their sessions will be fetched across the network from the master webserver. I was wondering if I could define two save_paths so the machines look in their own session storage before using the network. For example: Master: session.save_path="tcp://localhost:11211, tcp://192.168.0.2:11211" Slave: session.save_path="tcp://localhost:11211, tcp://192.168.0.1:11211" Would this successfully share sessions across the servers AND help performance? i.e save network traffic 50% of the time. Or is this technique only for failovers (e.g. when one memcache daemon is unreachable)? Note: I'm not really asking specifically about memcache replication - more about whether the PHP memcache client can peak inside each memcache daemon in a pool, return a session if it finds one and only create a new session if it doesn't find one in all the stores. As I'm writing this I'm thinking I'm asking a bit much from PHP, lol... Assume: no sticky-sessions, round-robin load balancing, LAMP servers.

    Read the article

  • Bad Mumble control channel performance in KVM guest

    - by aef
    I'm running a Mumble server (Murmur) on a Debian Wheezy Beta 4 KVM guest which runs on a Debian Wheezy Beta 4 KVM hypervisor. The guest machines are attached to a bridge device on the hypervisor system through Virtio network interfaces. The Hypervisor is attached to a 100Mbit/s uplink and does IP-routing between the guest machines and the remaining Internet. In this setup we're experiencing a clearly recognizable lag between double-clicking a channel in the client and the channel joining action happening. This happens with a lot of different clients between 1.2.3 and 1.2.4 on Linux and Windows systems. Voice quality and latency seems to be completely unaffected by this. Most of the times the client's information dialog states a 16ms latency for both the voice and control channel. The deviation for the control channels mostly is a lot higher than the one of the voice channels. In some situations the control channel is displayed with a 100ms ping and about 1000 deviation. It seems the TCP performance is a problem here. We had no problems on an earlier setup which was in principle quite like the new one. We used Debian Lenny based Xen hypervisor and a soft-virtualised guest machine instead and an earlier version of the Mumble 1.2.3 series. The current murmurd --version says: 1.2.3-349-g315b5f5-2.1

    Read the article

  • Private IP getting routed over Internet

    - by WernerCD
    We are setting up an internal program, on an internal server that uses the private 172.30.x.x subnet... when we ping the address 172.30.138.2, it routes across the internet: C:\>tracert 172.30.138.2 Tracing route to 172.30.138.2 over a maximum of 30 hops 1 6 ms 1 ms 1 ms xxxx.xxxxxxxxxxxxxxx.org [192.168.28.1] 2 * * * Request timed out. 3 12 ms 13 ms 9 ms xxxxxxxxxxx.xxxxxx.xx.xxx.xxxxxxx.net [68.85.xx.xx] 4 15 ms 11 ms 55 ms te-7-3-ar01.salisbury.md.bad.comcast.net [68.87.xx.xx] 5 13 ms 14 ms 18 ms xe-11-0-3-0-ar04.capitolhghts.md.bad.comcast.net [68.85.xx.xx] 6 19 ms 18 ms 14 ms te-1-0-0-4-cr01.denver.co.ibone.comcast.net [68.86.xx.xx] 7 28 ms 30 ms 30 ms pos-4-12-0-0-cr01.atlanta.ga.ibone.comcast.net [68.86.xx.xx] 8 30 ms 43 ms 30 ms 68.86.xx.xx 9 30 ms 29 ms 31 ms 172.30.138.2 Trace complete. This has a number of us confused. If we had a VPN setup, it wouldn't show up as being routed across the internet. If it hit an internet server, Private IP's (such as 192.168) shouldn't get routed. What would let a private IP address get routed across servers? would the fact that it's all comcast mean that they have their routers setup wrong?

    Read the article

  • SSH into remote server using Public-private keys

    - by maria
    Hi, I have recently setup ssh on two linux machines (lets call them server-a, client-b). I have generated two ssh auth files on client-b machine using ssh key gen and can see both public and private files in .ssh dir. I have named them 'example' and 'example.pub'. Then I have added example.pub to sever-a's auth file. When I try to ssh into server-a it still requests a password authentication where as I want a password less login (private key on client-b is setup without password). When I try to ssh with '-v' .. get the following output: debug1: Next authentication method: publickey debug1: Trying private key: /Users/abc/.ssh/identity debug1: Offering public key: /Users/abc/.ssh/id_rsa debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: /Users/abc/.ssh/id_dsa debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,keyboard-interactive debug2: we did not send a packet, disable method debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: Please help.

    Read the article

  • EFS Remote Encryption

    - by Apoulet
    We have been trying to setup EFS across our domain. Unfortunately Reading/Writing file over network share does not work, we get an "Access Denied" error. Another worrying fact is that I managed to get it working for 1 machine but no other would work. The machines are all Windows 2008R2, running as VM under ESXi host. According to: http://technet.microsoft.com/en-us/library/bb457116.aspx#EHAA We setup the involved machine to be trusted for delegation The user are not restricted and can be trusted for delegation. The users have logged-in on both side and can read/write encrypted files without issues locally. I enabled Kerberos logging in the registry and this is the relevant logs that I get on the machine that has the encrypted files. In order for all certificate that the user possess (Only Key Name changes): Event ID 5058: Audit Success, "Other System Events" Key file operation. Subject: Security ID: {MyDOMAIN}\{MyID} Account Name: {MyID} Account Domain: {MyDOMAIN} Logon ID: 0xbXXXXXXX Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: Not Available. Key Name: {CE885431-9B4F-47C2-8415-2D766B999999} Key Type: User key. Key File Operation Information: File Path: C:\Users\{MyID}\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-4585646465656-260371901-2912106767-1207\66099999999991e891f187e791277da03d_dfe9ecd8-31c4-4b0f-9b57-6fd3cab90760 Operation: Read persisted key from file. Return Code: 0x0[/code] Event ID 5061: Audit Faillure, "System Intergrity" [code]Cryptographic operation. Subject: Security ID: {MyDOMAIN}\{MyID} Account Name: {MyID} Account Domain: {MyDOMAIN} Logon ID: 0xbXXXXXXX Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: RSA Key Name: {CE885431-9B4F-47C2-8415-2D766B999999} Key Type: User key. Cryptographic Operation: Operation: Open Key. Return Code: 0x8009000b Could this be related to this error from the CryptAcquireContext function NTE_BAD_KEY_STATE 0x8009000BL The user password has changed since the private keys were encrypted. The problem is that the users I using at the moment can not change their password.

    Read the article

  • Network Load Balancing and AnyCast Routing

    - by user126917
    Hi All can anyone advise on problems with the following? I am planning on installing the following setup on my estate: I have 2 sites that both have a large amount of users. Goals are to keep things simple for the users and to have automatic failover above the database level. Our Database will exist at the primary site and be async mirrored to the secondary site with manual failover procedures.The database generate sequential ID's so distributing it is not an option. I plan to site IIS boxes at both sites with all of the business logic on them and heavy operations. The connections to SQL will be lightweight and DB reads will be cached on IIS. On this layer I plan to use Windows network load balancing and have the same IP or IPs across all IIS boxes at both sites. This way there will be automatic failover and no single point of failure. Also users can have one web address regardless of which site they are in automatically be network load balanced to their local IIS. This is great but obviously our two sites are on different subnets and as this will be one IP address with most of our traffic we can't go broadcasting everything across the link between the sites. To solve this problem we plan to use AnyCast routing over our network layer to route the traffic to the most local box that is listening which will be defined by the network load balancing. Has anyone used this setup before? Can anyone think of any issues with this? Also some specifics I can't find anywhere at the moment. If my Windows box is assigned an IP and listening on that IP but network load balancing is not accepting specific traffic then will AnyCast route away from that? Also can I AnyCast on a socket level?

    Read the article

  • Is this a solution for having multiple SSL certificates on the same IP

    - by Saif Bechan
    I am running CentOS running on a VPS. I read some guides on having multiple SSL certificates on the same system, but I can not get the basics to work. The guide I got that makes the most sense to me is the doing the following. In CentOS I can make virtual NIC's. So I made 2 virtual NIC's to start with. 192.168.10.1, 192.168.10.2. Now I work in ISP manager Pro, so this is listening on my primary ip 1.1.1.1 For each website I have them listening on 192.168.10.1:80, 192.168.10.1:443 In the hosts file I made the following 2 entries 192.168.10.1 1st.com 192.168.10.2 2nd.com Now the strange thing is that when I browser to 1st.com I do not get the website located at 192.168.10.1, I get the website located at my prim IP 1.1.1.1 Should I do something like forwarding or routing for this setup to work? And the basic question: Will this setup even work? Are the SSL certificates based on the IP adress, or are the based on the host name, 1st.com and 2nd.com.

    Read the article

  • How many reverse proxies (nginx, haproxy) is too many?

    - by Alysum
    I'm setting up a HA (high availability) cluster using nginx, haproxy & apache. I've been reading great things about nginx and haproxy. People tend to choose one or the other but I like both. Haproxy is more flexible for load balancing than nginx's simple round robin (even with the upstream-fair patch). But I'd like to keep nginx for redirecting non-https to https among other things right at the point of entry to the cluster. On the other hand, nginx is a lot faster for serving static contents and would reduce the load on the powerful apache which loves to eat a lot of RAM! Here is my planned setup: Load balancer: nginx listens on port 80/443 and proxy_forwards to haproxy on 8080 on the same server to load balance between the multiple nodes. Nodes: nginx on the node listens to requests coming from haproxy on 8080, if the content is static, serve it. But if it's a backend script (in my case PHP), proxy forward to apache2 on the same node server listenning on a different port number. Technically this setup works but my concerns are whether having the requests going through several proxies is going to slow down requests? Most of the requests will be PHP requests as the backends are services (which means groing from nginx - haproxy - nginx - apache). Thoughts? Cheers

    Read the article

  • Win7 VM @ ESXi Server @ VMWorkstation (Win7) - ping works only from VM -> HostOS, not vice versa

    - by DK2000
    right now I'm toying around with VM Ware stuff and not having any pcs then my laptop I decided to run an ESXi Server inside of VWmware Workstation. I was just curios to see if the server would allow to setup and run a VM. And after some tweaking there it was, working like a charm. Okay not that fast but startin' the VM from vSphere and "opening a console" gave my direct access to that VM. Now I wanted to see if I could ping the host from the VM (VM Workstation Network is set to "host only"). And it worked, at least from the VM I could ping the ESXi server and the host. From the host I am able to ping the ESXi Server but I can't ping the VM! I asked myself anyway where the VM got its ip adress from. At the DCHPs IP there is at no machine after all. I even tried to use that DHCP adress for my Host and it didn't work out. You can see my settings from the screenshot here (it's pretty wide so just a link): http://yfrog.com/n4desktopfeop The only thing that got me thinking was when I once changed the ESXi's IP from 192.168.92.137 to 192.168.0.137. I still was able to connect to the ESXi server via its new IP but when I tried to run the VM console from vSphere I got an error after a while that said "couldnt connect to 192.168.92.137:903". So vSphere connects just through a port of the ESXi server to the VM?!? Could I setup a Linux VM to use it as a DHCP that I'd at least have control over the IPs that are given. Which lowest end linux could be used for this purpose?!? Thank you for your time! :)

    Read the article

  • Xmonad on windows laptop

    - by Kevin L.
    I'm a Linux developer in the market for a laptop. 90% of my time is spent in Emacs, the terminal, and Google Chrome, and I want to use them within the excellent Xmonad tiling windows manager. Given these constraints, I can only see two options: Run Linux on a laptop Run Windows on the laptop, and spend all of my time working within a Linux VM. Years of experience suggest that the first option will take many frustrating hours and probably be suboptimal w.r.t. battery life, wifi, and fn keys like screen brightness or audio adjustment. For the second option, what would be the ideal setup? I've had a lot of luck with Cooperative Linux on my Samsung NC-10 netbook (Windows XP), but I would have to setup the X11 server myself. What about using VirtualBox (which includes the guest VM's GUI)? Has anyone tried this? Hardware-wise, I'm looking for something in the "Macbook Air killer" category; Samsung Series 9 laptop, Lenovo IdeaPad U300s, &c. (i.e., matte screen, 5h+ battery life, 3ish pound weight). Price is not a consideration; any suggestions?

    Read the article

  • Nginx > Varnish > Gunicorn Error Too many Redirections

    - by kollo
    I have the following config: Nginx Varnish Gunicorn Django I want to cache 2 versions of same site (mobile & web) with Varnish. Gunicorn : WEB: gunicorn_django --bind 127.0.0.1:8181 MOBILE: gunicorn_django --bind 127.0.0.1:8182 Nginx: WEB: server { listen 80; server_name www.mysite.com; location / { proxy_pass http://127.0.0.1:8282; # pass to Varnish proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } MOBILE: server { listen 80; server_name m.mysite.com; location / { proxy_pass http://127.0.0.1:8282; # pass to Varnish proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } Varnish: default.vcl backend mobile_mysite { .host = "127.0.0.1"; .port = "8182"; } backend mysite { .host = "127.0.0.1"; .port = "8181"; } sub vcl_recv { if (req.http.host ~ "(?i)^(m.)?mysite.com$") { set req.http.host = "m.mysite.com"; set req.backend = mobile_mysite; }elsif (req.http.host ~ "(?i)^(www.)?mysite.com$") { set req.http.host = "mysite.com"; set req.backend = mysite; } if (req.url ~ ".*/static") { /* do not cache static content */ return (pass); } } The problem: On Nginx if I setup Mobile version with Varnish (port 8282) and let WEB version with Gunicorn( port 8181), MOBILE is cached by varnish, both WEB & MOBILE works but WEB is not cached. If I set the proxy_pass of WEB version to Varnish (port 8282) and restart Nginx I got an error when accessing web version (www.mysite.com) "Too many redirections" . I Think my problem come from the Varnish config file, as the site works well if I setup Nginx proxy_pass to Gunicorn ports (MOBILE & WEB).

    Read the article

  • 10 GigE interfaces limits single connection throughput to 1 Gb on a ProCurve 4208vl

    - by wazoox
    The setup is as follow : 3 Linux servers with Intel CX4 10 GigE controllers and an X-Serve with a Myricom 10 GigE CX4 controller are connected to a ProCurve 4208vl switch, with a myriad of other machines connected through good ol' 1000 base-T. The interfaces are actually set up as 10 Gig, according to both the switch monitoring interface and the servers (ethtool, etc). However a single connection between two 10 GigE equipped machines through the switch is limited to exactly 1Gb. If I connect two of the 10 GigE machines directly with a CX4 cable, netperf reports the link bandwidth as 9000 Mb/s. NFS achieves about 550 MB/s transfers. But when I'm using the switch, the connection tops at 950 Mb/s through netperf and 110 MB/s with NFS. When I open several connections from 3 of the machines to the 4th, I get 350 MB/s of NFS transfer speed. So each individual 10 GigE ports actually can reach much more than 1 Gb, but individual connections are strictly limited to 1 Gb. Conclusion : the 10 GigE connection through the switch behaves exactly like a trunk of 10 1 Gb connections. That doesn't make any sense to me, unless HP planned these ports only for cascading switches or strictly for many-clients-to-single-server connection. Unfortunately this is NOT the envisioned setup, we need big throughput from machine to machine. Is this a not-so-known (or carefully hidden...) limitation of this type of switch? Should I suggest seppuku to the HP representative? Does anyone have any idea on how to enable a proper behaviour ? I upgraded for an hefty price from bonded 1Gb links to 10 GigE and see exactly ZERO gain! That's absolutely unacceptable.

    Read the article

  • AD domain on web servers behind NAT - DNS issues?

    - by Ant
    I'm trying to setup an AD domain to manage the security between two Windows Server 2008 webservers that will sooner or later use NLB to balance website requests. I've hit a problem which I think is a simple solution and is down to DNS. My website domain is mydomain.com. The two servers are running behind a NAT firewall on the 10.0.0.0 IP range. I've setup the AD domain to be called ad.mydomain.com (as recommended by MS and a few other answers to questions on here). The second web server however doesn't want to join the domain, and gives an error pinning the problem on DNS - "ensure that the domain name is typed correctly" even though it queries the SRV record successfully and gets the correct DC back - dc.ad.mydomain.com. Doing a dcdiag /test:dns on the DC gives the Delegation error 'DNS Server dc.mydomain.com Missing glue A record'. I have a feeling I need to add something to the public DNS so that it in some way knows about ad.mydomain.com. Can anyone suggest whether I'm on the right track in adding something to the public DNS? Or whether it's something else? Many thanks

    Read the article

  • SSH connection problem - allowed from LAN but not WAN

    - by Kerem Ulutas
    I tried to setup my Arch Linux installation to be an SSH host, but here is the thing: I can ssh localhost, it fails to login via public key and asks for username and password, but still able to login. When I try ssh my_wan_ip it gives ssh_exchange_identification: Connection closed by remote host error. I've read all topics about this error and none helped me. By the way, just confirmed, it gives ssh: connect to host my_dyndns_hostname port 22: Connection refused from another machine (outside of my network, it has different wan ip). I have sshd: ALL in "hosts.allow", ALL:ALL in "hosts.deny". I am able to connect to my own pc via ssh, ping my own pc, but my ssh setup seems to be the problem, it gives that annoying error when I try to ssh from wan. /etc/ssh/ssh_config /etc/ssh/sshd_config And finally, here is the debug output for both sshd and ssh: (i ran ssh command and i took output to sshd debug after that): sshd debug ssh debug I can edit my question according to your needs. Just ask for any more information needed. BTW I have no iptables running. I have one cable dsl modem connected to a asus wl-330gE wireless access point, they both have their firewall disabled. I configured NAT so port 22 is directed to the pc I'm having this trouble. Any help appreciated, thanks..

    Read the article

  • 553-Message filtered - HELO Name issue?

    - by g18c
    I am having major issues sending from my SBS2011 machine to Message labs server-13.tower-134.messagelabs.com #553-Message filtered. Refer to the Troubleshooting page at 553-http://www.symanteccloud.com/troubleshooting for more 553 information. (#5.7.1) ## I have changed the IP and hostnames from the below. I am not on any IP or domain blacklists. I have setup SPF (which includes mailchimp servers): v=spf1 mx a ip4:95.74.157.22/32 a:remote.mydomain.com include:servers.mcsv.net ~all I am sure i have setup my HELO names correctly under the Exchange Management console, sending a test email from the SBS server and looking at the header shows the following: X-Orig-To: [email protected] X-Originating-Ip: [95.74.157.22] Received: from [95.74.157.22] ([95.74.157.22:52194] helo=remote.mydomain.com) by smtp50.gate.ord1a.rsapps.net (envelope-from <[email protected]>) (ecelerity 2.2.3.49 r(42060/42061)) with ESMTP id 11/90-10010-E529C835; Mon, 02 Jun 2014 11:04:09 -0400 Received: from MYSBSSVR.mydomain.local ([fe80::3159:95a6:23f:1bef]) by MYSBSSVR.mydomain.local ([fe80::3159:95a6:23f:1bef%10]) with mapi id 14.01.0438.000; Mon, 2 Jun 2014 19:03:56 +0400 Is is the main helo name there OK and do i need to worry about the second Received block where the MYSBSVR.mydomain.local is mentioned? I have asked the ISP to set the reverse DNS for my IP to remote.mydomain.com but they have instead put remote.MYDOMAIN.com - would this case cause HELO lookups to classify this as not matching? Anything else I can do to find out why i am being filtered?

    Read the article

  • Destination NAT Onto the Same Network from internal clients

    - by mivi
    I have a DSL router which acts as NAT (SNAT & DNAT). I have setup a server on internal network (10.0.0.2 at port 43201). DSL router was configured to "port forward" (or DNAT) all incoming connections to 10.0.0.2:43201. I created a virtual server for port forwarding on DSL router. I also added following iptables rules for port forwarding. iptables -t nat -A PREROUTING -p tcp -i ppp_0_1_32_1 --dport 43201 -j DNAT --to-destination 10.0.0.2:43201 iptables -I FORWARD 1 -p tcp -m state --state NEW,ESTABLISHED,RELATED -d 10.0.0.2 --dport 43201 -j ACCEPT # ppp_0_1_32_1 is routers external interface. # routers internal IP address is 10.0.0.1 and server is setup at 10.0.0.2:43201 Problem is that connections coming from external IP addresses are able to access internal server using External IP address, but internal clients (under NAT) are not able to access server using external IP address. Example: http://<external_address>:43201 is working from external clients But, internal clients are not able to access using http://<external_address>:43201 This seems to be similar to the problem described in http://www.netfilter.org/documentation/HOWTO/NAT-HOWTO-10.html (NAT HOW-TO Destination NAT Onto the Same Network). Firstly, I am not able to understand why is this a problem for internal clients? Secondly, what iptables rule will enable internal clients to access server using external IP address? Please suggest.

    Read the article

  • Terminal Server 2008 Login: Access Denied

    - by user1236435
    When I try to RDP into a Server 2008 Terminal Server, I get a message that says "Access Denied" and an OK button. I setup the licensing mode correctly (per user) and also have setup to allow all remote connections. I get the following in the security event log: Log Name: Security Source: Microsoft-Windows-Security-Auditing Date: 28/06/2012 12:01:16 Event ID: 4656 Task Category: File System Level: Information Keywords: Audit Failure User: N/A Computer: 0BraApps1.brenntagLA.hou Description: A handle to an object was requested. Subject: Security ID: BRENNTAGLA\jaadmin Account Name: jaadmin Account Domain: BRENNTAGLA Logon ID: 0xbbe3f Object: Object Server: Security Object Type: File Object Name: C:\Windows\System32\ServerManager.msc Handle ID: 0x0 Process Information: Process ID: 0x60c Process Name: C:\Windows\System32\mmc.exe Access Request Information: Transaction ID: {00000000-0000-0000-0000-000000000000} Accesses: READ_CONTROL SYNCHRONIZE WriteData (or AddFile) AppendData (or AddSubdirectory or CreatePipeInstance) WriteEA ReadAttributes WriteAttributes Access Reasons: READ_CONTROL: Granted by D:(A;;0x1200a9;;;BA) SYNCHRONIZE: Granted by D:(A;;0x1200a9;;;BA) WriteData (or AddFile): Not granted AppendData (or AddSubdirectory or CreatePipeInstance): Not granted WriteEA: Not granted ReadAttributes: Granted by ACE on parent folder D:(A;;0x1301bf;;;BA) WriteAttributes: Not granted Access Mask: 0x120196 Privileges Used for Access Check: - Restricted SID Count: 0 Event Xml: 4656 1 0 12800 0 0x8010000000000000 1535565 Security 0BraApps1.brenntagLA.hou S-1-5-21-205301047-3902605089-2438454170-21511219 jaadmin BRENNTAGLA 0xbbe3f Security File C:\Windows\System32\ServerManager.msc 0x0 {00000000-0000-0000-0000-000000000000} %%1538 %%1541 %%4417 %%4418 %%4420 %%4423 %%4424 %%1538: %%1801 D:(A;;0x1200a9;;;BA) %%1541: %%1801 D:(A;;0x1200a9;;;BA) %%4417: %%1805 %%4418: %%1805 %%4420: %%1805 %%4423: %%1811 D:(A;;0x1301bf;;;BA) %%4424: %%1805 0x120196 - 0 0x60c C:\Windows\System32\mmc.exe Any ideas?

    Read the article

  • OpenVZ vs KVM for Linux VMs

    - by Eliasdx
    Hardware: Intel® Core™ i7-920, 12 GB DDR3 RAM, 2 x 1500 GB SATA-II HDD (no SoftRaid because Proxmox developers don't support softraid and they are sure you'll run into problems) Software: Proxmox VE with KVM and OpenVZ support and debian everywhere I want to run multiple Linux VMs on this server. One for a firewall (I want to try pfSense), one for MySQL, one VM for nginx (my stuff) and ~2 VMs with nginx for other people's web sites. I don't think that pfSense will run in an OpenVZ environment but it should run in KVM. The question is if I should setup the other VMs using KVM or OpenVZ. In OpenVZ they should have less overhead for the OS itself but I don't know about the performance. I heard that KVM is more stable but needs more RAM and CPU. I found this diagram showing a OpenVZ setup on the same hardware I'm using. This guy uses an own VM for each and every website which is running on his server. I can't think of any advantage why he's using so many VMs.

    Read the article

  • What are some of the best answer file settings for a WDS Deployment?

    - by drpcken
    I've had my head buried in answer files for days now and have gotten quite comfortable setting them up, test, etc... I use a handful of Components to help my migrations, for my unattend.xml I like: Windows-International-Core-WinPE -- this is good for setting Locales the preboot environment (en-us for us english US speakers). Keeps me from having to set these on the initial image boot. Windows-Setup_neutral -- I like the WindowsDeploymentServices -> ImageSelection, especially if I'm only pushing a single image. This keeps me from having to select it each time. My OOBE_Unattend.xml is really useful and I barely have to touch anything during this part of the installation: Windows-Shell-Setup_neutral -- This lets me put a ProductKey in for my MAK volume license (very useful and time saving). I can also set the TimeZone for the installation. Windows UnattendedJoin_neutral -- I couldn't live without this component. It joins the machine on my domain before logging in as a domain administrator. I would hate to not have this ability. Windows-International-Core -- Again this component really speeds up the OOBE process. I configure my locals and time zone so I don't have to do it by hand when the machine enteres OOBE. Windows-Shell-Setup -- Allows you to configure an autologon when the new machine is finished. I like to logon as a domain admin automatically for customizing and troubleshooting the new machine immediately after it is imaged. Also the OOBE component under here lets me skip the EULA, Hide Wireless Setup, and set my default NetworkLocation. All of this makes the entire OOBE totally automated. What are some other good components I am missing as far as helping me get these images pushed and configured as quickly as possible?

    Read the article

  • Small TCP Window on WAN between 2 Locations

    - by Brent
    Site A: Denver datacenter. 60MBPS. Site B: Chicago. 100MBPS. ICMP pings: Packets: Sent = 176, Received = 176, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 74ms, Maximum = 94ms, Average = 75ms File transfer between sites that never goes past ~7MBPS: Windows Update download at 60MBPS+: Site to site: IPSec VPN using two Cisco 5520's. CPU at 3-4% and lots of memory to spare. The latency between to two sites is very acceptable so I can't see an issue why it is performing so slow when transferring between the two sites. I have found that any type of transfer (FTP, HTTP, Windows file shares) will never go above ~7MBPS. When the WAN was first setup, I was able to get transfers at 50-60MBPS, which is what is expected due to the WAN connection at the Site A at 60MBPS. Then a few days later, I was not able to get anything going faster than ~7MBPS. Is there a upstream router between Denver and Chicago causing this? I want to take the blame away from our setup as downloads from Windows Update go blazing fast and for the first few days after the site to site VPN came up, I was transferring VM images at 50-60MBPS. Our stack: HP P2000 MSA - HP C7000 Chassis - HP Flex-10 - Cisco Gigabit switch - Cisco ASA - WAN

    Read the article

  • OpenSWAN KLIPS not working

    - by bonzi
    I am trying to setup IPSec between 2 VM launched by OpenNebula. I'm using OpenSWAN for that. This is the ipsec.conf file config setup oe=off interfaces=%defaultroute protostack=klips conn host-to-host left=10.141.0.135 # Local IP address connaddrfamily=ipv4 leftrsasigkey=key right=10.141.0.132 # Remote IP address rightrsasigkey=key ike=aes128 # IKE algorithms (AES cipher) esp=aes128 # ESP algorithns (AES cipher) auto=add pfs=yes forceencaps=yes type=tunnel I'm able to establish the connection with netkey but klips doesnt work. ipsec barf shows #71: ERROR: asynchronous network error report on eth0 (sport=500) for message to 10.141.0.132 port 500, complainant 10.141.0.135: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)] Tcpdump shows 22:50:20.592685 IP 10.141.0.132.isakmp > 10.141.0.135.isakmp: isakmp: phase 1 I ident 22:50:25.602182 ARP, Request who-has 10.141.0.135 tell 10.141.0.132, length 46 22:50:26.602082 ARP, Request who-has 10.141.0.135 tell 10.141.0.132, length 46 22:50:27.601985 ARP, Request who-has 10.141.0.135 tell 10.141.0.132, length 46 ipsec eroute shows 0 10.141.0.135/32 -> 10.141.0.132/32 => %trap What could be the problem?

    Read the article

  • How do you change a Cisco ASA 5510 management interface?

    - by Sam Sanders
    I want to add a redundant interface to my Cisco ASA 5510. The management interface is currently using Ethernet0/1 (10.1.25.254/24) one of the interface I want to use for the redundant interfaces. So I wanted to setup Management0/0 as the new management interface. The other interface I want to use is Ethernet0/2 (10.1.0.254/24) for the redundant interface. The Ethernet0/3 (10.1.251.5/24) interface is not going to be part of the redundant interface. I gave the Management0/0 an IP address of 10.1.254.5, and was able to connect a win7 box to Management0/0 and use 10.1.254.5 as a gateway; and ping another address on the (10.1.251.0/24) network, but I can't ping the interface (10.1.254.5) itself. I also can't use ASDM/SSH to log onto the ASA at 10.1.254.5. I setup rules in Configuration Device Management Management Access ASDM/HTTPS/Telnet/SSH. That look like the original rules for the Ethernet0/1 interface. The last thing I can think to try would be to change the Configuration Device Management Management Access Management Interface. I'm a bit nervous about changing it, the description of it is a bit vague. What it's going to do if I change it? What is the correct way to change a management interface?

    Read the article

  • BackupExec 2012 File System Archiving - Access is denied to Remote Agent

    - by AllisZero
    Gentlemen, I've been struggling with a Trial version of Symantec Backup Exec 2012 for about a week now. It was installed as an upgrade to our 12.5 license, and the setup completed with no issues. The reason I upgraded is solely for the File System Archiving option as I'm working to reduce the amount of live data in my servers. Backups work A-Ok and I have followed the instructions in the Admin Manual to make sure I had filled all requirements. The account BE is running under is a member of the Local administrators group as required and has been added to the test share that I'm using to evaluate the archiving function. Testing the credentials in the job setup window always works fine, and I am able to add both regular and Admin$ shares to my Archive selection. However, every time I run the Archive job, I get the following message: https://dl.dropbox.com/u/59540229/BEXec.png I've already tried to troubleshoot DNS resolution issues as suggested in the Symantec KB to no avail. The only thing I can think of, at this point, is that a trial license doesn't allow me to use the Archiving function, although that would seem silly on their part. Appreciate any assistance or information. Thanks.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 158 159 160 161 162 163 164 165 166 167 168 169  | Next Page >