Search Results

Search found 12281 results on 492 pages for 'ip blocking'.

Page 351/492 | < Previous Page | 347 348 349 350 351 352 353 354 355 356 357 358 | Next Page >

How to use ssl_verify_client=ON on one virtual server and ssl_verify_client=OFF on another?

- by Alexander Artemenko

I want to force ssl client verification for on of my virtual hosts. But get "No required SSL certificate was sent" error, trying to GET something from it. Here are my test configs: # defaults ssl_certificate /etc/certs/server.cer; ssl_certificate_key /etc/certs/privkey-server.pem; ssl_client_certificate /etc/certs/allcas.pem; server { listen 1443 ssl; server_name server1.example.com; root /tmp/root/server1; ssl_verify_client off; } server { listen 1443 ssl; server_name server2.example.com; root /tmp/root/server2; ssl_verify_client on; } First server replies with 200 http code, but second returns "400 Bad Request, No required SSL certificate was sent, nginx/1.0.4". Probably, it is implossible to use ssl_verify_client on the same IP? Should I bind these servers to different IPs, will it solve my problem?

Read the article
Pasting extended ACL contents into telnet session to Cisco Router SIM

- by Kyle Brandt

I have a telnet session to a dynamips router sim. When I try to paste the contents of an actually working ACL retrieved from 'show run' into the access list, only part of gets pasted. The session is something like: enable conf t ip access-list extended Internet <PASTE of Rules> It stops right in the middle of a line: permit tcp any host 123.123.123.123 gt 1 ! should be gt 1023 Anyone know what is happening? The source is an extended access list.

Read the article
How do I change the document root of a Linux Apache server?

- by Daryl Spitzer

I'm trying to learn how to configure an Apache HTTP server (with which I have no experience) someone else has setup in a VM running Ubuntu 8.04. I know the server is running, since I get "<html><body><h1>It works!</h1></body></html>" when I go to http://1.2.3.4/ (where 1.2.3.4 is the VM's IP number). I found apache2.conf and httpd.conf (among other files) in /etc/apache2/. httpd.conf is empty. I tried adding DocumentRoot "/home/username/temp" into /etc/apache2/httpd.conf and put some simple HTML in /home/username/temp/index.html. But when I reload http://1.2.3.4/ there's no change. Do I need to restart httpd to get it to accept the change to DocumentRoot?

Read the article
Sending an Email from 2 Mail Servers

- by Ted Smith

We are currently attempting to move away from using a "local" mail(exchange) server to an cloud based offering for all our automated emails. The problem is that we send and receive thousands for emails a day and its uptime is quite critical so the business do not want to put all their eggs in one basket, so if we would like to use a cloud based offering(mailgun) they would like a backup if this goes down. So my question is: Would it be possible to set multpile A, TXT and CNAME records to multiple IP address so if one mail server goes down we can automatically start sending emails from the fallover(without them being blocked doing a reverse DNS lookup)? I know we will still need to adjust the MX record for incoming emails but that is acceptable to not receive emails for a short(1-2 hours) of time. Does this make sense?

Read the article
Can't add printer on Windows XP

- by SuperFurryToad

I've added a HP 4250 printer to about half a dozen Windows XP PCs in our office without any problems whatsoever, but for some reason I haven't been able to add it to one particular PC today. I go through the Add Printer wizard to add a local printer attached to the PC, enter the new port number as a Standard TCP/IP Port, install the driver. At the end of the wizard I get the following error message: Full error message: "windows cannot connect to the printer. either the printer name was typed incorrectly, or the specified printer has lost its connection to the server." This doesn't make any sense as I am able to ping the printer from the PC. The print spooler is running, and any firewall software on the local PC is switched off.

Read the article
CheckPoint VPN-1 SecureClient inability to navigate behind a Linksys WAG300N

- by user46819

I have a Linksys WAG300N, I'm accessing my LAN with Wifi and everything works fine on my Windows 7 Enterprise laptop. When I try to connect to my company's VPN the connection succeeds, but I cannot access any internet site either within my work network or public site like Yahoo or Google. In my Linksys control panel I already verified all types of VPNs are enable to passthrough. Normal IPSec and Windows VPN worked in the past without any problems. CheckPoint seems to have a solution, but I do not have the ability to change the IP in my client and of course using another NAT device in between is not a solution for me. Edit: adding link to the Checkpoint solution, https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk26189

Read the article
test if master dns has transfered copy to slave

- by su55

Hello, I setup my master and slave using FreeBSD. I'm currently running the Bind 9.X version, so far everything is working successfully. Just one small problem. I can't get the master copy of my DNS to transfer it to the slave server. I included transfer-allow {192.168.1.111;}; // this is the slave server's IP I ran the rndc reload command to check but I don't see the copy in the /etc/named/master/? Any help would be appreciated and if you would like the layout of my DNS, I can provide that too.

Read the article
Nginx Forward SSL for single site

- by Will.brown

I have a nginx server setup and it works fine for http however i would like to bypass the proxy for https connection. I want it so that when someone goes to my ip https:// ip1 (Nginx server) it bypasses ngix and forwards all traffic to https:// ip2(webserver) i do not need ngix to do this for any ssl website just one particular website. SO Client to https:// ip1 to https:/ /ip2 to https:// ip1 to client pc I just want the nginx to not intercept the connection and forward it on and on return forward the connection to client Im guessing i do this by nat mascarade buy not exactly sure how to do it and if i will need to tell nginx to ignore ssl aswell can someone help me please this has gone me stuck

Read the article
Nginx. How do I reject request to unlisted ssl virtual server?

- by Osw

I have a wildcard SSL certificate and several subdomains on the same ip. Now I want my nginx to handle only mentioned server names and drop connection for others so that it'd look like nginx is not running for unlisted server names (not responding, rejecting, dead, not a single byte in response). I do the following ssl_certificate tls/domain.crt; ssl_certificate_key tls/domain.key; server { listen 1.2.3.4:443 ssl; server_name validname.domain.com; // } server { listen 1.2.3.4:443 ssl; server_name _; // deny all; // return 444; // return 404; //location { // deny all; //} } I've tried almost everything in the last server block, but no success. I get either valid response from known virtual server or error code. Please help.

Read the article
Cannot access Network Shares on Windows Server 2008 running VisualSVN Server

- by mwillmott

I have installed VisualSVN server on Windows Server 2008. The server is part of a domain but not the domain controller, it is just a data server and now an SVN server. VisualSVN uses port 80 and can only be access from inside the network (i do i by going to the dns name of the server). However, ever since i have installed this, other computers on the network can no longer access the shared folders on the server EXCEPT the domain controller which has no problems accessing the shares. I am stumped, i am guessing it is something to do with Apache running and not using host-headers (or whatever the Apache equivalent may be) but just being bound to the servers DNS name or IP. Any suggestions?

Read the article
How to set up Windows server 2008 to receive email?

- by Saul

First off apologies, I'm from a medical background not a networking one, but I've got roped into setting up a windows 2008 server. So far web server running, fixed IP address assigned (within a large private network of the National Health Service in the UK if that makes any difference) and the network team have assigned a DNS entry for me which works, so the server can be addressed as nww.myserver.nhs.uk I've only got ports open on the router for 80 and 443 (http and https) at the moment, so presume I need a different port to enable email services. My need is to be able to accept an email to the domain name like [email protected] in order to pick up a confirmation mail from an SSL issuer (Comodo) I guess to confirm that I control the domain. After that I don't actually need mail services on the server. I see lots of stuff about setting up SMTP services but thought that was about mail out and re-routing, but how do you get the server to "listen" for mail to the domain (assuming I open port xyz or whatever it is) ?

Read the article
MySQL port 3306 became filtered when configured with Keepalived on Ubuntu server 12.04 lts

- by Ludwig

I'm configuring two load balancer (lb01 & lb02) with keepalived for my two mysql server (db01 & db02) with standard port 3306. There is virtual ip address (192.168.205.10) to access it also act as failover, but somehow the web server in the front can't access this mysql server using vip. Here is my config: Keepalived: Only the mysql part that i added here. LB01: virtual_server 192.168.205.10 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 192.168.205.4 3306 { weight 10 TCP_CHECK { connect_port 3306 connect_timeout 2 } } } LB02: virtual_server 192.168.205.10 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 192.168.205.6 3306 { weight 10 TCP_CHECK { connect_port 3306 connect_timeout 2 } } } I already comment out the "bind-address=127.0.0.1" part in both server my.cnf. Also, remove all the firewall prog from my ubuntu server (ufw or iptables). Any help? thanks.

Read the article
dd-wrt Bonjour/ netbios etc on two subnets

- by user72182

Hi I was wondering if any clever people out there could help me. I have a network setup with two different subnets 192.168.1.0 and 192.168.0.0 one router is connected to a VPN (via OpenVPN) the other is not. Both routers have static routes to each other and a device on one can communicate to another without issues when using IP addresses. My problem is I want to use services like Bonjour, Netbios and Apple Talk across the two networks, which currently does not work. A laptop connected on one subnet will not see a laptop connected on another. Is there anyway that you can connect the two networks together so these sort of local service will work??? I guess I have to forward the boardcast packets but I have no idea how to do this. Thanks for any help...

Read the article
Encrypt LAN and wifi traffic on small private network

- by Grimlockz

I need some advice about encrypt all traffic on a small private network running wi-fi and LAN traffic on 192.168.0.x network. The network would comprise of client laptops connecting to the wi-fi router (192.168.0.254) via ethernet connection or wireless. The main purpose of the server is for the client laptops to talk to two servers on different IP's (192.168.0.200 and 192.168.0.201) on ports 80 and 433. My main concern is having packet sniffers and what not getting access to the data. The only ways I see at the moment is to have VPN running on the network or use IPSec policy's to do this. Any other ways guys?

Read the article
Automatically allowing SSH into a machine behind a UPNP router?

- by GJ

Hi I have a MacBook connecting to the Internet from behind various routers from time to time (home, office, etc). All of the routers support UPNP. I need to allow a co-worker to SSH into the machine, without configuring each router each time to forward port 22 to the MacBook. Is there any way to get the MacBook to use UPNP (or some other method) to automatically configure any supporting router that it is behind to forward port 22 to itself? That would allow the co-worker to SSH into the MacBook but just knowing its external IP, which is easy.

Read the article
Trusted Root certificates regularly disappear on Windows 7

- by Evgeny

I've installed several self-signed certificates on my Windows 7 Ultimate x64 machine for development purposes. One was installed into Trusted Root CAs and 2 were installed into My Certificates and Trusted People. Every day or two the certificate installed into Trusted Root CAs disappears and I have to re-install it! This is annoying the hell out of me. Why is it happening and how do I stop it? The other certificates (installed into other stores) do not disappear. My first thought was some kind of Group Policy, but my machine is not part of a domain - though it does obtains its IP address from a corporate DHCP server, so I'm not sure if they can somehow still manage to apply Group Policy to me.

Read the article
Urgent SSH Local Port Redirection

- by Salina Odelva

Hi, everyone. I have a shell account but the admin has restricted ssh access to the server. The server is listening on 0.0.0.0:22 but the firewall blocks any incoming attempts to this port. He says he is doing maintenance but I don't believe him and I need to backup my stuff with ssh. My question is that: Is it possible to do this: Me (Wan IP) <- Hosting Server (tcp/8080) redirects to Hosting Server (tcp/22) I don't want to involve my own linux machine in this and I can only make use of ssh.. Thanks!!

Read the article
How Do I Change the Windows7 LAN Proxy Config from the Command Line

- by david.barkhuizen

In Windows7, Is it possible to define/change the proxy config from the command line ? So, using the gui, I would go: Start Control Panel Network and Internet Internet Options Connections LAN Settings and then - enable/disable the proxy - define IP:port of proxy server But I would like to rather do this from the command line (so that I can run the command from a batch-file with a shortcut key - enabling me to switch proxy configs using a short-cut, rather than having to wade through the MS wizard). I've looked at using netsh.exe to change the settings for WinHTTP, but this seems to be thr wrong thing to do, as the WinHTTP setting do not appear to be related to the LAN settings. Much appreciated folks.

Read the article
reverse nslookup fails for single machine

- by matt wilkie

I have a computer on a windows Active Directory network for which reverse dns lookup fails. It doesn't matter which machine runs the lookup. The problem computer is a debian vm on a windows server 2003 host. >nslookup wiki.dept Server: primary.internal.domain.org Address: 192.111.222.44 Name: wiki.dept.internal.domain.org Address: 192.111.111.185 >nslookup 192.111.111.185 Server: primary.internal.domain.org Address: 192.111.222.44 *** primary.internal.domain.org can't find 192.111.111.185: Non-existent domain Contents of /etc/resolv.conf on the debian guest: nameserver 192.111.111.244 nameserver 192.111.222.44 search internal.domain.org What is wrong? how do I get ip-to-name resolution to work for this machine? Thank you.

Read the article
iptables -L lags on non localhost or anywhere address

- by DazSlayer

I am trying to configure iptables for ubuntu 10.04 and I have a problem with iptables -L lagging on rows where the destination or source address is not localhost or anywhere. The following entries will cause lag on their row: iptables -A INPUT -p tcp --dport 111 -s 192.168.1.14 -j ACCEPT iptables -A INPUT -p tcp --dport 90 -d 192.168.1.14 -j ACCEPT while this does not: iptables -A INPUT -p tcp --dport localhost -s 192.168.1.14 -j ACCEPT iptables -A INPUT -p tcp --dport localhost -d 192.168.1.14 -j ACCEPT I feel like this might be due to iptables checking to see if the ip is reachable. If not, what is the cause, if it is how can I disable it?

Read the article
thought on real time web analytics

- by Linus

we have a few web servers and am planning to create a dashboard to show the real time stats ip address,geo-location and other custom data based on database lookups. Splunk sort of fits perfectly but wondering if there are any open source alternative . i have looked at logstash and graylog2, but to my knowledge they are more of a log analysis tools. Piwik is sort of interesting except that i cannot put any javascript on the webpages. All i have access to is apache web log. Any recommendations please..

Read the article
MySQL on Windows - how do I set the wait_timeout for connections using named pipes?

- by gustafc

I use a MySQL database running on a Windows box, and for performance reasons I'm connecting to it using named pipes. The (Java) application using the database (through Hibernate) can let the connection lie idle for quite a long time, which causes the connection to fail with the following message: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: The last packet successfully received from the server was 33 558 297 milliseconds ago. The last packet sent successfully to the server was 33 558 297 milliseconds ago. is longer than the server configured value of 'wait_timeout'. You should consider either expiring and/or testing connection validity before use in your application, increasing the server configured values for client timeouts, or using the Connector/J connection property 'autoReconnect=true' to avoid this problem. autoReconnect unfortunately has no effect (and neither does autoReconnectForPools), but the wait_timeout docs state that wait_timeout only applies "to TCP/IP and Unix socket file connections, not to connections made via named pipes, or shared memory". How can I change the wait_timeout for named pipes?

Read the article
I can access \\server via explorer but a program wont

- by Michael Savage

From ServerA I can access \\ServerB\Telephony\Files\abcdefgh.pdf using windows explorer. From the same ServerA when I try to access the same file on ServerB using a program (a program that imports files from csv file) I get "File Not Found" error. On \\ServerB\Telephony\ the Share is on and I added the service account that I used to log in to ServerA. I am clueless. Please suggest. (oh, it's a Windows 2008 R2 Server) (btw, I did try IP Address, FQDN but works with Explorer but CVS Importer wont read the path. At one time, I did get Access Denied but I dont get access denied anymore after adding the service account to the share. firewalls are off on the servers) Update: I go to My Computer Network I see many servers but ServerB is not in the list..

Read the article
Difference between tcp recv buffer and tcp receive window size?

- by pradeepchhetri

The command shows the tcp receive buffer size in bytes. $ cat /proc/sys/net/ipv4/tcp_rmem 4096 87380 4001344 where the three values signifies the min, default and max values respectively. Then I tried to find the tcp window size using tcpdump command. $ sudo tcpdump -n -i eth0 'tcp[tcpflags] & (tcp-syn|tcp-ack) == tcp-syn and port 80 and host google.com' tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 16:15:41.465037 IP 172.16.31.141.51614 > 74.125.236.73.80: Flags [S], seq 3661804272, win 14600, options [mss 1460,sackOK,TS val 4452053 ecr 0,nop,wscale 6], length 0 I got the window size to be 14600 which is 10 times the size of MSS. Can anyone please tell me the relationship between the two.

Read the article
NIC bonding with two uplinks

- by Karolis T.

Is bonding the preferred way of implementing ISP redundancy? In the texts I've seen, bond device has a netmask, gateway of it's own. How can this be obtained if there are two different gateways from two uplinks, which one to choose? Do I need any special routing rules to go with it or does simply configuring separate interfaces (using Debian, /etc/network/interfaces), i.e eth1, eth2 for their corresponding uplinks and bonding them to bond0 handle routing automatically? If I want to NAT client machines, do they use bond device's IP as a gateway? Does the bond0 device is the device that goes into iptables nat rules? Thanks

Read the article

< Previous Page | 347 348 349 350 351 352 353 354 355 356 357 358 | Next Page >