Search Results

Search found 1139 results on 46 pages for 'isp'.

Page 39/46 | < Previous Page | 35 36 37 38 39 40 41 42 43 44 45 46 | Next Page >

TCP dies on a Linux laptop

- by Roman Cheplyaka

Once in several days I have the following problem. My laptop (Debian GNU/Linux testing) suddenly becomes unable to work with TCP connections to the internet. The following things continue to work fine: UDP (DNS), ICMP (ping) — I get instant response TCP connections to other machines in the local network (e.g. I can ssh to a neighbour laptop) everything is ok for other machines in my LAN But when I try TCP connections from my laptop, they time out (no response to SYN packets). Here's a typical curl output: % curl -v google.com * About to connect() to google.com port 80 (#0) * Trying 173.194.39.105... * Connection timed out * Trying 173.194.39.110... * Connection timed out * Trying 173.194.39.97... * Connection timed out * Trying 173.194.39.102... * Timeout * Trying 173.194.39.98... * Timeout * Trying 173.194.39.96... * Timeout * Trying 173.194.39.103... * Timeout * Trying 173.194.39.99... * Timeout * Trying 173.194.39.101... * Timeout * Trying 173.194.39.104... * Timeout * Trying 173.194.39.100... * Timeout * Trying 2a00:1450:400d:803::1009... * Failed to connect to 2a00:1450:400d:803::1009: Network is unreachable * Success * couldn't connect to host * Closing connection #0 curl: (7) Failed to connect to 2a00:1450:400d:803::1009: Network is unreachable Restarting the connection and/or reloading the network card kernel module doesn't help. The only thing that helps is reboot. Clearly something is wrong with my system (everything else works fine), but I have no idea what exactly. I don't know how to reproduce this, but as I said, it happens every several days. My setup is a wireless router that is connected to the ISP via PPPoE. Any advice?

Read the article
Having two IP Routes/Gateways of last Resort on an HP Switch

- by SteadH

We have an HP Layer 3 Switch that is doing IP routing between vlans. The general set up is that the switch has an IP address on each VLAN and IP routing is enabled. On our servers VLAN, we have a firewall that has a connection to the outside world. To set a IP route on the HP router, we use IOS command ip route 0.0.0.0 0.0.0.0 192.168.2.1 where 192.168.2.1 is the address of our firewall, and the zeros essentially mean to route all traffic that the switch doesn't know what to do with out the firewall as a gateway. We're in the middle of an ISP and firewall change. I set up the new firewall and ran the IOS command ip route 0.0.0.0 0.0.0.0 192.168.2.254 (the address of the new firewall). Things started working nicely. When I reviewed the configuration of the switch though, I noticed that it did not replace the previous ip route command, but just added another route. Now, I know how to remove the old firewall route (no ip route 0.0.0.0 0.0.0.0 192.168.2.1), but what is the effect of having these two 0.0.0.0 routes? Is it switch implosion? Will a server just respond back over the route it receives the request from? I've read elsewhere that having two default gateways is an impossibility by definition, but I'm curious about this situation that our switch allowed. Thanks!

Read the article
Set up Linux box as WAP for MyBookLive?

- by AcidFlask

I inherited an old Linux box as well as a MyBookLive and would like to make the MyBookLive available over my wireless, essentially using the Linux box as a wireless access point. I just wiped the Linux box (home) and installed Ubuntu 12.04 on it. My network setup currently looks like this: (192.168.0.1 netmask 255.255.255.0) ISP --- wireless router --- wlan0 on home (192.168.0.12) | eth0 on home --- MyBookLive MacBook (192.168.0.11) so that the MyBookLive is basically a glorified external hard drive. The router does have an Ethernet port, but it is being used by my roommate's computer so I can't plug the MyBookLive directly into it. Right now I can ping MyBookLive.local and MacBook.local from home, but I am having trouble understanding and figuring out what the correct iptables commands are to make my MacBook see my MyBookLive through the Bonjour network. Also, I'm not sure if I need to set up DNS to forward xxx.local Bonjour/Zeroconf addresses. I tried the following to forward my entire wired network (which has only my MyBookLive) to a single IP address: sysctl net.ipv4.ip_forward=1 iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT iptables -t nat -A PREROUTING -i eth0 -p tcp -j DNAT --to 192.168.0.66 iptables -t nat -A PREROUTING -i eth0 -p udp -j DNAT --to 192.168.0.66 but I can't ping this address from my MacBook. This is probably horribly wrong, but I am a complete noob at setting up this kind of network and could use some expert help with setting this up properly.

Read the article
Discover the public ip of a network without being connected

- by Martin Trigaux

Let say, I'm next to a network and can see the traffic (with airodump or similar tool) but can not decipher it (because I am not connected on the network). Is it possible to discover the public ip address of the network ? I know the MAC address of the users connected on the network but do I know the one of the router ? If yes, maybe there is a way to do the matching. I know IP addresses are not forever but some addresses are static and never change. Maybe there is a database of MAC address having recorded that. Google has a database that match MAC address and geographical coordinates so why not with IP addresses ? Other idea, if I know where am I, I can maybe guess the IP range used in the city by the ISP (is it findable ?) and then try to "ping" each IP on the range (if it is a /24, it's possible, even /16 maybe). Will I get some information like the MAC of the box or see some traffic on the network ? These are two ideas I had. I don't know if they are doable, certainly not perfect. Do you think of some others ? By trying several methods, maybe I can get a guess with a bit of luck. Thank you

Read the article
How do I Forward root's email to an external email address?

- by ErebusBat

I have a small server (Ubuntu 10.04) at my house and I would like to forward root's email to my gmail hosted domain to get security notifications and what not. I ripped everything out and started from scratch and ran into some other issues. I now have sendmail working in the sense that I can mail [email protected] and get the mail. HOWEVER, adding an address to /root/.forward does not actually forward the message. I get the following in my logs: Dec 22 14:04:37 batcave sendmail[4695]: oBML4bAT004695: to=<root@batcave>, ctladdr=aburns (1000/1000), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30075, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (oBML4bJ9004696 Message accepted for delivery) Dec 22 14:04:39 batcave sm-mta[4698]: STARTTLS=client, relay=[69.145.248.18], version=TLSv1/SSLv3, verify=FAIL, cipher=DES-CBC3-SHA, bits=168/168 Dec 22 14:04:40 batcave sm-mta[4698]: oBML4bJ9004696: to=<[email protected]>, ctladdr=<[email protected]> (1000/1000), delay=00:00:03, xdelay=00:00:03, mailer=relay, pri=120336, relay=[69.145.248.18] [69.145.248.18], dsn=2.0.0, stat=Sent (OK 01/D4-00853-216621D4) You can see where my local sendmail instance accepts it then hands it off to my ISP, but with the wrong address ([email protected]).

Read the article
Limiting bandwith on an Windows 7 machine

- by Mihai Damian

I need to limit the bandwidth on my Windows 7 x64 machine. In the past (on XP) I've been able to use NetLimiter for similar tasks. However for some reason I can't get it to work anymore. For lower limits the bandwidth tests are able to exceed the limit by 10-50%; higher limits seem to be ignored completely and the bandwidth tests report download speeds of over 10 times the speed I set. I'm using speedtest.net and some similar service from my ISP for these tests. Anyway, I don't necessarily need a program as complex as NetLimiter since I only need to throttle my machine's bandwidth, not a specific program's. In case you are wondering why in the world I'd want to cripple my Internet speed, there is a funny story behind this. Long story short, my modem gets random disconnects. Tech support comes in, says my Internet speed is abnormally high and I must be using some tools to somehow make it go faster than it's supposed to and this messes up my modem. I check the connection with another computer and it seems that my PC is the only one in my network that gets abnormal speeds. I reinstall my OS, speed looks normal at first, after I install the batch of 50 or so updates, it goes back to abnormally high speeds and the disconnect problems are not solved. Now I don't have a clue if the explanation the tech team gave me was just a strategy to lay the blame on someone else, but I was trying to give them the benefit of the doubt and see what happens if I really reduce my speed to their specification. Any help appreciated.

Read the article
Vyatta masquerade out bridge interface

- by miquella

We have set up a Vyatta Core 6.1 gateway on our network with three interfaces: eth0 - 1.1.1.1 - public gateway/router IP (to public upstream router) eth1 - 2.2.2.1/24 - public subnet (connected to a second firewall 2.2.2.2) eth2 - 10.10.0.1/24 - private subnet Our ISP provided the 1.1.1.1 address for us to use as our gateway. The 2.2.2.1 address is so the other firewall (2.2.2.2) can communicate to this gateway which then routes the traffic out through the eth0 interface. Here is our current configuration: interfaces { bridge br100 { address 2.2.2.1/24 } ethernet eth0 { address 1.1.1.1/30 vif 100 { bridge-group { bridge br100 } } } ethernet eth1 { bridge-group { bridge br100 } } ethernet eth2 { address 10.10.0.1/24 } loopback lo { } } service { nat { rule 100 { outbound-interface eth0 source { address 10.10.0.1/24 } type masquerade } } } With this configuration, it routes everything, but the source address after masquerading is 1.1.1.1, which is correct, because that's the interface it's bound to. But because of some of our requirements here, we need it to source from the 2.2.2.1 address instead (what's the point of paying for a class C public subnet if the only address we can send from is our gateway!?). I've tried binding to br100 instead of eth0, but it doesn't seem to route anything if I do that. I imagine I'm just missing something simple. Any thoughts?

Read the article
need some help figuring out clamav & monit monitoring error...unixsocket...

- by Ronedog

I need a bit of help figuring something out. First off, I'm not very well versed with FreeBSD servers, etc. but with some direction hopefully I can get this fixed. I'm using FreeBSD and installed Monit so I could monitor some of the processes that run tomcat, apache, mysql, sendmail, clamav. So far, I'm only successful in getting apache & mysql to be monitored. I'm getting this error for clamav in the log file for /var/log/monit.log 'clamavd' failed, cannot open a connection to UNIX[/usr/local/etc/rc.d/clamav-clamd] My config file for clamav in /etc/monitrc is: #################################################################### # CLAMAV Virus Checks #################################################################### check process clamavd with pidfile /var/run/clamav/clamd.pid group virus start program = "/usr/local/etc/rc.d/clamav-clamd start" stop program = "/usr/local/etc/rc.d/clamav-clamd stop" if failed unixsocket /usr/local/etc/rc.d/clamav-clamd then restart if 5 restarts within 5 cycles then timeout Honestly, I really don't know much of what's going on here. My host who helped me get the box set up basically installed clamav, but doesn't offer this kind of detail in supporting me, so I'm left to figure this stuff out on my own as I own the box, but they provide the isp service. Is there anyone who can help me troubleshoot this? Thanks for your help in advance.

Read the article
Host ::1 resolves to remote IP

- by thebuckst0p

/etc/hosts files usually have this line, ::1 localhost. I thought ::1 was the equivalent of 127.0.0.1/localhost, and from my reading it seems to be the IPv6 version. So I was using it in Apache for firewalling, "Allow from ::1" and it only allowed local. Then suddenly that stopped working, so I pinged ::1 and got a remote IP address. I tracerouted it and it went through my ISP, through some Microsoft server, then another half dozen steps of asterisks... I'm not sure why this would be (the remote IP), but it doesn't seem good. I grep'd my hard drive for the remote IP and it doesn't appear anywhere. Is this some indicator that I'm being hacked, or normal behavior? Maybe my IPv6 settings are wrong? (This is a brand new MacBookPro with Snow Leopard.) Any ideas about this would be great - what is ::1 supposed to be, why would it be remote, should I be worried, how do I get it back to localhost? Thank you!

Read the article
Looking for easiest, most simple solution to run a customised DNS Server for my local network on Windows 7.

- by Jamie G

I need to forward some websites, such as http://testing.server/ to an fixed IP address on my local network. I can do this easily on one computer using the hosts file. However, I need this to work for all machines on my network. I think the best way to do this will be to setup my own DNS Servers and add the custom DNS settings there. However, I'm looking for the simplest way possible to do this - I really don't want to spend hours setting up Unix Servers and running tricky terminal based scripts just to do this! My server is a standard Windows 7 machine. My dream would be a nice simple windows program with a GUI where I could input my ISP's DNS server and it would use those records, unless I had specifically set up my own DNS for a domain to use instead. If it had a web based admin system that was accessible from another computer on the network that would be even better. Does anyone know of anything that can do this? Many thanks indeed.

Read the article
Very Slow DSL (ethernet) speed [New Interesting Update]

- by Abhijit

Very IMPORTANT and INTERESTING UPDATE: Due to some reason I just thought to do a complete new setup and this time I decided to again have openSUSE plus ubuntu. So I first reinstall lubuntu and then I installed OpenSUSE 12.2 (64 bit). Now, my DSL speed is working very normal and fine on opensuse. So this is very scary. Is it possible for any operating system to manipulate my NIC so that it will work fine only on that operating system and not on another os? Regarding positive thinking and not being paranoid, what is it that makes ONLY suse to get my NIC to work at normal speed but ubuntu can not do it? Not even fedora? Not even linux mint? What all these OS are lacking that enables suse to work great? == ORIGINAL QUESTION == I 'was' on opensuse 12.2 when my dsl speed was normal. Yesterday I switched from opensuse to ubuntu 12.04 and speed decreased. It came to range of 7-10-13-20-25-kbps. Then I switch to linux mint, and then to fedora. Still slow speed. When I was in ubuntu I disabled ipv6 but still no luck. Now I am in fedora but this time with DIFFERENT ISP. And still I am getting very slow sped. So my guess is this is nothing to do with os. What can be wrong? Is this problem of NIC? Does NIC speed decreases over time? Does NIC life ends over time as with keyboard or mouse? Help please All the os I used are 64 bit and my laptop is Compaq Presario A965Tu Intel Centrino DUal Core. Interesting thing to notice is I get normal speed while downloading torrent inside torrent client softwares. This slow speed issue applied to download from any web browser or installing software using terminal.

Read the article
I've got very brazen pop3 attack how to protect the server?

- by Ken Tang

Today I have brazen attack to my pop3-dovecot server and mail log is full over (200MB) with this kind of information: Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<shawn>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<shop>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<sitetest>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:14 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<solar>, method=PLAIN, rip=200.233.152.111, lip=myip Nov 11 09:28:15 lax dovecot: pop3-login: Aborted login (auth failed, 1 attempts): user=<services>, method=PLAIN, rip=200.233.152.111, lip=myip I just blocked attacker's ip by iptables -A INPUT -s 200.233.152.111 -j DROP But it this can be continued anytime from other ips. My question is: Is there any method to disallow anyone to connect my pop3 server (except only me?) because my ip is dynamic from ISP side so I don't know how to make pop3 server know that it is exactly me connecting to. Thank you in advance!

Read the article
Juniper SSG20 IP settings for email server

- by codemonkie

We have 5 usable external static IP addresses leased by our ISP: .49 to .53, where .49 is assigned to the Juniper SSG20 firewall and NATed for 172.16.10.0/24 .50 is assigned to a windows box for web server and domain controller .51 is assigned to another windows box with exchange server (domain: mycompany1.com) mx record is pointing to 20x.xx.xxx.51 Currently there is a policy set for all SMTP incoming traffic addressed to .51 forward to the NATed address of the exchange server box (private IP: 172.16.10.194). We can send and receive emails for both internal and external, but the gmail is saying mails from mycomany1.com is not sent from the same IP as the mx lookup however is from 20x.xx.xxx.49: Received-SPF: neutral (google.com: 20x.xx.xxx.49 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=20x.xx.xxx.49; Authentication-Results: mx.google.com; spf=neutral (google.com: 20x.xx.xxx.49 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected] and the mx record in global dns space as well as in the domain controller .50 for mail.mycompany1.com is set to 20x.xx.xxx.51 My attempt to resolve the above issue is to Update the mx record from 20x.xx.xxx.51 to 20x.xx.xxx.49 Create a new VIP for SMTP traffic addressed to 20x.xx.xxx.49 to forward to 172.16.10.194 After my changes incoming email stopped working, I believe it has something to do with the Juniper setting that SMTP addressed to .49 is not forwarded to 172.16.10.194 Also, I have been wondering is it mandatory to assign an external static IP address to the Juniper firewall? Any helps appreciated. TIA

Read the article
Internet connection problem,ping ok , but outlook and browsers dont work

- by Ashian

Hi, From some days ago I have a big problem on my laptop( run windows xp sp3) When I connect to internet I can ping web sites but when try to browse them some times it work correctly and some times the connection to server intrupted and I have to refresh the page several times. in this case browser show a connection problem immediatly after I click on address bar or a link on page( wihtout any try to connect to server) I use FireFox and opera and both of them have this problem. try another ISP and still I have this problem. I didnt use any proxy server and check the proxy setting. In this case Outlook also can't connect to mail server. this problem anfter some time or after restart windows have been fixed for a while. I check for virus and can't find anything. Is there any idea how can I fix it? UPDATE: Thanks for your responses. I test them , also I use Open DNS setting and that dosent help me. last night I see that my local web application ( such as Adsl modem config web site , and sites that I set up on windows xo IIS ) aslo can't open and Internal Communication error apears ( Opera Message) that didnt relate to DNS settings or Internet connection.

Read the article
Hosting multiple websites from home

- by dean nolan

I have just been accepted for Microsofts Wevsite Spark program which I mainly got for the tools, Visual Studio, Blend. I also have a few of my own websites, personal and a couple of business ones. I also work freelance and sometimes I would like a place to just put a demo up of a clients project. The websites I currently have are all on differnet hosting provders and domain registrars. The WebsiteSpark comes with Windows Server 2008 and SQL Server 2008. It would be really advantagous of me to have all these in one place but also so I have complete control over the database and the environment. So I am thinking over the next 4-6 months of migrating all this to my own server that I will host from home, or maybe even setup at home and then store in a proper datacentre. I was wondering what steps I should take and what to be aware of, specifically: 1) having all these different websites on one computer and having the url got to the proper place. 2) Cost effectiveness? Having the server in home as apposed to datacentre. Most solutions I see charge over £1000 a month to have a machine in datacentre. This is mostly for my own ease of management and shared hosting which I currently have is very limited configuration wise. Would getting a server in house be beneficial for then upgrading to the cloud? What measures should I take with my ISP? I know this is a lot I've asked but just even links to good articles would be good. Thanks

Read the article
SSH Connection Error : No route to host

- by dewbot

There are three machines in this scenario: Desktop A : [email protected] Laptop A : [email protected] Machine B : [email protected] All the machines have Ubuntu 11.04 (Desktop A is a 64bit one) and have both openssh-server and openssh-client. Now when I try to connect Desktop A to Laptop A or vice-versa by ssh [email protected] I get an error as port 22: No route to host in both the cases. I own both the machines, now if I try same commands from my friend's machine, i.e. via Desktop B, I can access both my Laptop and Desktop. But if I try to access Desktop B from my Laptop or by Desktop I get port 22: Connection timed out I even tried changing ssh port no. in ssh_config file but no success. Note: that 'Laptop A' uses WiFi connection while 'Machine A' uses Ethernet Connection and 'Machine B' is on an entirely different network. Laptop A && Desktop A - Router/Nano_Rcvr provided to me by ISP. So to one Router two Machines are connected and can be accessed at the same time. here is my ifconfig output for both the machines :- Laptop wlan0 Link encap:Ethernet HWaddr X:X:X:X:00:bc inet addr:1.23.73.111 Bcast:1.23.95.255 Mask:255.255.224.0 inet6 addr: fe80::219:e3ff:fe04:bc/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:108409 errors:0 dropped:0 overruns:0 frame:0 TX packets:82523 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:44974080 (44.9 MB) TX bytes:22973031 (22.9 MB) Desktop eth0 Link encap:Ethernet HWaddr X:X:X:X:c5:78 inet addr:1.23.68.209 Bcast:1.23.95.255 Mask:255.255.224.0 inet6 addr: fe80::227:eff:fe04:c578/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:10380 errors:0 dropped:0 overruns:0 frame:0 TX packets:4509 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1790366 (1.7 MB) TX bytes:852877 (852.8 KB) Interrupt:43 Base address:0x2000

Read the article
VirtualBox with Ubuntu Server guest can't ping outside

- by Danidan

Here's my situation: an Ubuntu 12.04 Host running VirtualBox; two guest VMs running Ubuntu Server 12.04 home network, so my Host pc has a wireless connection to the router of my ISP. My problem is in one of the virtual machines: it has 3 NICs, one in NAT mode and the others in Host Only mode. My purpose is to use eth0 (NAT) for Internet access and eth1, eth2 (Host Only) for management of internal virtual network (eth1 uses a VBoxNet with this IP 192.168.69.254). Whenever I try to $ping 8.8.8.8 I get Destination Host Unreachable. While if I $ping 192.168.69.10, that is the IP of the other VM, it works. I can't also ping my Host nor my router My /etc/network/interfaces file is: auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp auto eth1 iface eth1 inet static address 192.168.69.1 netmask 255.255.255.0 auto eth2 iface ifconfig $IFACE 0.0.0.0 up up ip link set $IFACE promisc on down ip link set $IFASE promisc off down ifconfig $IFACE down $route -n returns: Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.2.2 0.0.0.0 UG 100 0 0 eth0 10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.69.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 Forgetting for now what eth2 needs to do and its setup, why I can't go outside the Host box? What can I do to help you helping me? :-)

Read the article
How can I monitor network traffic?

- by WIndy Weather

I have a home network with about 10 devices including BluRay player [netflix] and both windows and linux machines. I need to collect network traffic statistics so that if questions come up about how much traffic I'm using I have the answer independent of my ISP. I've looked at DD-WRT, but I see that even buying a new router that will be supported is a problem since I might get the wrong version of the hardware. I have a DIR-655 and a DIR-501 - neither of which is supported. I don't mind buying new hardware, but it looks like a crap-shoot to get one that will work. DD-WRT looks like a bad solution unless someone knows of a place to get a router that is guaranteed to work. Does someone know of an arduino or other SBC solution? I have plenty of NAT routers already, so I just need traffic statistics for external traffic. The network is GBit Ethernet inside and Cable / soon to be DSL outside. The DIR-655 only gives me "packets", not bytes transferred oddly enough. Thanks, ww

Read the article
FreeBSD jail IMAP/MTA config recommendations

- by kobame

I've got access to my "own" FreeBSD jail. The jail has only basic, unconfigured system, but I have full access to FreeBSD ports, and (jail)root too. Now I need to setup my jail as IMAP/MTA. The question: What packages are EASIEST for config and later administration, (the simplest possible setup, with the minimum needed configuration) when: i haven't any preferences (don't know any yet) my (one) domain is managed by ISP, so don't need DNS need only IMAP for few users (up to 20 mailboxes) need secure transport layer (IMAPS/993) password auth, no LDAP, no kerberos, nor databases, nothing like fancy things... need easy-setup easy-admin MTA, with simplest possible password SMTP auth, (again no LDAP, nor DB), secure transport layer but would be nice have virus-scan and some anti-spam protection So, what ports I should install for MTA and IMAP? MTA (Sendmail, Postfix, Exim)? antivirus (ClamAV) antispam??? IMAP(S), (Dovecot, Courier) when the main criteria are: easy setup, and easy administration. When I googled I found only complicated setups for thousands of users with LDAP, databases and so on - too big-caliber for my small (easy?) needs. Any pointer to an easy howto is very welcomed.

Read the article
SSH connection times out unless I tunnel in from a different server-

- by rm-vanda

OK, so this just started last week - Whenever we try to connect to our server via ssh (we use sftp, as well) - The connection times out. However, when you ssh to any other server and then ssh into the machine - it works flawlessly. Now, the mindblowing thing is that sometimes the ssh connection will succeed. Moments ago, I tried it from another machine, and then my own, and it worked - only to time out the next go around. Last week, simply restarting the ssh daemon worked, but this week, no such luck. I even went in and changed: /etc/hosts.allow ALL : ALL and /etc/hosts.deny is blank. The firewall config hasn't changed - but I even disabled the firewall to see if that would work - It did, for a moment - before cutting off, again. (ufw is set to "ALLOW" not "LIMIT") When I try SSH'ing in from my phone -- it works, fine -- So, it seems the problem is with our ISP/router/gateway - However, I see no log in the router/gateway that says its blocking our connections - And that wouldn't explain why we can SSH into any other server -- except for this one - from our network --- I truly appreciate any insight that anyone may have on this matter -

Read the article
Diagnosing Random Network Lag

- by uesp

I'm having trouble diagnosing some random lag on a 6 server LAMP cluster serving a MediaWiki site. While we're serving some 100 pages/sec the servers themselves are running fine with less than 0.5 load, no locked processes, no paging, no errors being logged, etc.... Lag is present on all servers and is random: one minute its fine the next it's there. DNS lookups on the servers are randomly slow. For example time nslookup google.com varies randomly from a few milliseconds to several seconds and sometimes times out entirely. While we use IP addresses internally on the cluster this may be a symptom of the root issue. We are not running our own DNS server. The Apache server-status pages randomly lag or time out. Benchmarking using ab between servers shows a few loads sometimes take 3000 ms (almost exactly). Benchmarking server-status on the local server itself usually shows no issue (it showed a lag only once among a few hundred tests). The servers are sitting behind a switch and a firewall which I don't have any access to so I don't know their setup or status. While we are under heavier than normal load a 2 Mbps incoming and 20 Mbps outgoing traffic shouldn't be stressing the switch or firewall should it? My feeling is that it is the switch/firewall or something above them in the ISP like their DNS but can't confirm it. I need some other tests or methods of diagnosing this lag to try and narrow down the ultimate cause.

Read the article
Cisco 851 (IOS) router: FastEthernet 4 (WAN) got the shutdown flag.

- by cjavapro

At a customer location there was a Cisco 851 router (which uses IOS). The PCs on location were all of a sudden unable to connect. We came on site and found that FastEthernet 4 (the WAN port) was "administratively down". We ran these commands to resolve it config t interface fa4 no shutdown exit exit write Now the mystery is how the shutdown flag got there in the first place? The router was on battery backup... but during the outage it was power cycled by the customer. It is possible that there was a short outage by the ISP and that the power cycle caused the shutdown flag to come up. There may have been a hack or an attack pattern that caused the shutdown flag to come up. There may have been a hack or an attack pattern that the router to become unavailable and then caused the shutdown flag to be added on startup. Question: Does anybody have any clues? or at least remember that they had a shutdown flag come up on their WAN port also?

Read the article
Easiest way to do host name resolution with IPA?

- by Luke

We are currently using static LAN IP addresses for our internal non-public facing servers. We don't have DHCP configured. We're using Vyatta for our router and firewall. The firewall is configured to be zone based. We want to setup IPA for centralized authentication (LDAP+Kerberos). IPA is requiring resolvable host names. I want to avoid having to enter DNS records by hand. What is the most painless way to make host names resolvable that works with IPA in a Linux only environment? We arn't using anything to resolve host names now. Up until now we've been using static ip addresses and local users on each server. We've looked at BIND, DHCP (does that even solve the problem?), and multicast DNS. At this point we're not sure which solution would work best. Is there another option we haven't considered? Security is very important. We have multiple zones where each zone has very specific or no access to another zone. DNS for public domains is forwarded from Vyatta to our ISP's DNS server.

Read the article
Trying to Set up SMTP Server on WIndows Server 2012

- by datc

I'm working on a website, and I need to test the functionality of sending email messages from ASP.NET, something like this: Dim msg As New MailMessage("email1", "email2") msg.Subject = "Subject"<br> msg.IsBodyHtml = True<br> msg.Body = "Click <a href='site'>here</a>." Dim client As SmtpClient = New SmtpClient() client.Host = "My-Server"<br> client.Port = 25<br> client.DeliveryMethod = SmtpDeliveryMethod.Network<br> client.Send(msg) This is running from a Windows 8 workstation. I've installed SMTP server on my Windows Server 2012 machine. The mail shows up in the mailroot/Queue folder and sits there, eventually getting deposited into Badmail. Now I have AT&T U-verse at home, and a few devices connected to the gateway, including let's call it "My-Server." When I run SmtpDiag from say, datc@... to [email protected] I get SOA serial number match passed, Local DNS (99-135-60-233.lightspeed.bcvloh.sbcglobal.net) & Remote DNS (hotmail.com) tests *not* passed, and ultimately, Connecting to the server failed. Error: 10060. Failed to submit mail to mx2.hotmail.com error. When I set My-Server's IP to static and equal to the external IP, 99.135.60.233, and again run SmtpDiag, I get SOA, Local DNS, and Remote DNS tests passed, but the same 10060 error. Same for yahoo.com, gmail.com, and so forth. Is it my ISP's job to fix this? Some PTR record missing somewhere? Is it at all possible to have a home-based SMTP server? All I want is to test my email code. Perhaps, my IP address is just not "trusted" somehow. Thanks.

Read the article
Watchguard Firebox "split" fibre optic line into 2 interfaces

- by fRAiLtY-

We have a requirement on our Watchguard Firebox XTM505 to be able to split our incoming external interface, in this case a fibre optic dedicated leased line, 100/100. We use the line in our office of approx 30 machines however we also re-sell to an external company who utilise it to provide wireless internet solutions to the public. The current infrastructure is as follows: Data in (Leased Line) - Juniper SRX210 managed by ISP - 1 cable out into unmanaged Netgear switch - 1 cable into our firewall and office network, 1 cable to our external providers core router managed by them. We have been informed that having the unmanaged switch in the position it is poses a security risk and that a good option would be to get our Watchguard Firewall to perform the split, by separating our office onto a trusted interface, and by "passing through" the external line to their managed router. It is alleged that the Watchguard is capable of doing this and also rate limiting the interfaces, i.e. 20mbps for the trusted interface and 80mbps for the "pass-through", however Watchguard technical support don't seem to be able to understand what we're trying to achieve. Can anyone provide any advice on whether this is possible on a Watchguard device and how or perhaps if there's a better way of achieving this, perhaps with a managed switch instead of unmanaged? Cheers

Read the article

< Previous Page | 35 36 37 38 39 40 41 42 43 44 45 46 | Next Page >