Search Results

Search found 45382 results on 1816 pages for 'two factor authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 423/1816 | < Previous Page | 419 420 421 422 423 424 425 426 427 428 429 430  | Next Page >

  • Virtualhost entries gets over-written when apache httpd.conf is rebuilt

    - by Amitabh
    Background: We have been trying to get a wildcard SSL working on multiple sub domains on a single dedicated address.. We have two sub domains next.my-personal-website.com and blog.my-personal-website.com Part of our strategy has been to edit the httpd.conf and add the NameVirtualHost xx.xx.144.72:443 directive and the virtualhost entries for port 443 for the subdomains there. This works good if we just edit the httpd.conf, add the entries, save it and restart the apache. The problem: But if we add a new sub domain from cpanel or we run the # /usr/local/cpanel/bin/apache_conf_distiller --update # /scripts/rebuildhttpdconf the virtualhost entries that we added manually are no more there in the newly generated httpd.conf file. Only the virtualhost entry for the main domain for port 443 that was there before we made edits to the httpd.conf is there(assuming we are not discussing virtualhost entries for port 80). I understand we need to put the new virtualhost entries in some include files as mentioned here in the cpanel documentation. But am not sure where to. So the question would be where do I put the NameVirtualHost xx.xx.144.72:443 directive and the two virtualhost directive for port 443, so that they are not overwritten when httpd.conf is rebuilt/regenerated later. Virtualhost entries: The two virtualhost entries for the subdomains are: <VirtualHost xx.xx.144.72:443> ServerName next.my-personal-website.com ServerAlias www.next.my-personal-website.com DocumentRoot /home/myguardi/public_html/next.my-personal-website.com ServerAdmin [email protected] UseCanonicalName On CustomLog /usr/local/apache/domlogs/next.my-personal-website.com combined CustomLog /usr/local/apache/domlogs/next.my-personal-website.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." ## User myguardi # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup myguardi myguardi </IfModule> <IfModule !mod_disable_suexec.c> SuexecUserGroup myguardi myguardi </IfModule> ScriptAlias /cgi-bin/ /home/myguardi/public_html/next.my-personal-website.com/cgi-bin/ SSLEngine on SSLCertificateFile /etc/ssl/certs/my-personal-website.com.crt SSLCertificateKeyFile /etc/ssl/private/my-personal-website.com.key SSLCACertificateFile /etc/ssl/certs/my-personal-website.com.cabundle CustomLog /usr/local/apache/domlogs/next.my-personal-website.com-ssl_log combined SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown <Directory "/home/myguardi/public_html/cgi-bin"> SSLOptions +StdEnvVars </Directory> and <VirtualHost xx.xx.144.72:443> ServerName blog.my-personal-website.com ServerAlias www.blog.my-personal-website.com DocumentRoot /home/myguardi/public_html/blog.my-personal-website.com ServerAdmin [email protected] UseCanonicalName On CustomLog /usr/local/apache/domlogs/blog.my-personal-website.com combined CustomLog /usr/local/apache/domlogs/blog.my-personal-website.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." ## User myguardi # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup myguardi myguardi </IfModule> <IfModule !mod_disable_suexec.c> SuexecUserGroup myguardi myguardi </IfModule> ScriptAlias /cgi-bin/ /home/myguardi/public_html/blog.my-personal-website.com/cgi-bin/ SSLEngine on SSLCertificateFile /etc/ssl/certs/my-personal-website.com.crt SSLCertificateKeyFile /etc/ssl/private/my-personal-website.com.key SSLCACertificateFile /etc/ssl/certs/my-personal-website.com.cabundle CustomLog /usr/local/apache/domlogs/blog.my-personal-website.com-ssl_log combined SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown <Directory "/home/myguardi/public_html/cgi-bin"> SSLOptions +StdEnvVars </Directory> and the automatically generated virtualhost entry for the main domain for port 443 is <VirtualHost xx.xx.144.72:443> ServerName my-personal-website.com ServerAlias www.my-personal-website.com DocumentRoot /home/myguardi/public_html ServerAdmin [email protected] UseCanonicalName Off CustomLog /usr/local/apache/domlogs/my-personal-website.com combined CustomLog /usr/local/apache/domlogs/my-personal-website.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." ## User myguardi # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup myguardi myguardi </IfModule> <IfModule !mod_disable_suexec.c> SuexecUserGroup myguardi myguardi </IfModule> ScriptAlias /cgi-bin/ /home/myguardi/public_html/cgi-bin/ SSLEngine on SSLCertificateFile /etc/ssl/certs/my-personal-website.com.crt SSLCertificateKeyFile /etc/ssl/private/my-personal-website.com.key SSLCACertificateFile /etc/ssl/certs/my-personal-website.com.cabundle CustomLog /usr/local/apache/domlogs/my-personal-website.com-ssl_log combined SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown <Directory "/home/myguardi/public_html/cgi-bin"> SSLOptions +StdEnvVars </Directory> # To customize this VirtualHost use an include file at the following location # Include "/usr/local/apache/conf/userdata/ssl/2/myguardi/my-personal-website.com/*.conf" I really appreciate if somebody can tell me how to proceed on this. Thank you. Update: Include directives present are: `Include "/usr/local/apache/conf/includes/pre_main_global.conf" Include "/usr/local/apache/conf/includes/pre_main_2.conf" Include "/usr/local/apache/conf/php.conf" Include "/usr/local/apache/conf/includes/errordocument.conf" Include "/usr/local/apache/conf/modsec2.conf" Include "/usr/local/apache/conf/includes/pre_virtualhost_global.conf" Include "/usr/local/apache/conf/includes/pre_virtualhost_2.conf" ` These are the entries that are generated before any virtualhost entry is defined. Towards the end of the httpd.conf file , the following two entries are added Include "/usr/local/apache/conf/includes/post_virtualhost_global.conf" Include "/usr/local/apache/conf/includes/post_virtualhost_2.conf" The older httpd.conf file before we added the virtualhost entries for sub domains for port 443 can be viewed here

    Read the article

  • Choosing what logwatch is reporting on, on Centos 5.4

    - by florin
    I have two Centos 5.4 servers that I set up within weeks of each other. One is e-mail server (let's label it EM) and the other is a web and ftp server (labeled WF). Logwatch came pre-configured and I have not altered its setup in any way -- but the log messages are quite different between the two: server EM reports ssh status while WF does not. With ntpd, the situation is reversed. I know I could start tweaking some knobs in /etc/logwatch and somesuch, but why are the results from the default configuration so different?

    Read the article

  • Windows Server 2008 R2 Software Deployment on Active Directory - Schema Issue

    - by weedave
    We have two servers, one running Windows Server 2003 SP2 and one running Windows Server 2008 R2. Both servers have their own versions of Group Policy Management (1.0.2 on 2003 and 6.0.0.1 on 2008). We are wanting to migrate everything over to the newer 2008 server, including software deployment. However, when I try to add a new software package using a .msi file, I get the following error: "The schema for the software installation data in the Active Directory does not match the required schema." I have tried two separate software packages and get the same error on the 2008 server. However, when I do the same on the 2003 server, it adds the software package without any problems. The .msi files I am using are up-to-date - one is the most recent version of Google Chrome. Is this problem caused by the different versions of the OS, or the Group Policy Management program? How do we "upgrade" our Active Directory to allow software deployment on the 2008 server? Thanks.

    Read the article

  • Connecting together DIR-615 and DIR-655

    - by ra170
    On my DIR-655 my internal network is: 192.168.0.x On my DIR-615 my internal network is: 192.168.1.x They are both connected to my firewall PIX 501 box The PIX itself is connected to the comcast modem. I briefly looked at the menu options on those router and they look similar, however I'm not sure what's the best way to connect those two together so that I can go between those networks. (printing, file browsing, etc.) I'm not sure if I have to do this somehow on those two router or on the PIX itself, or probably on all of them. If anyone has experience with something like that please let me know..

    Read the article

  • Can't type into some text fields in any browser on Windows 7

    - by Zoltán
    I can't type into e.g. facebook's log in form with my computer. I hit my keys, but nothing happens. Special characters like c, c, š, etc. work. Backspace doesn't, delete does. This goes for Internet Explorer, Firefox and Chrome. This also happens with some other sites, sometimes even with gmail (or any google's log in form). I read somewhere that the solution is to reregister some dlls: regsvr32 mshtmled.dll regsvr32 jscript.dll regsvr32 /i mshtml.dll The first two work, the third one says The module "mshtml.dll" was loaded but the entry-point DllRegisterServer.dll was not found. And of course, running just the first two didn't help. Does anyone know how to fix this problem?

    Read the article

  • IBM Tivoli Network Manager IP Edition - Job does not run

    - by Thorsten Niehues
    Since our network discovery takes too long I tried to split the biggest job into two parts. The two parts use the same Perl script but have a different scope. I copied a Job (Agent) doing the following: Copied the .agnt file Copied the associated perl script The problem is that one or the other job (changes randomly) does not run. The Disco Process will fail eventually. In the log of the job which does not run I see the following error message: Wed Jul 18 08:48:54 2012 Warning: Failed to send on transport layer found in file CRivObjSockClient.cc at line 1293 - Client My_MacTable_Cis is not connected to service Helper How do I fix this problem?

    Read the article

  • FTP upload stalls at same point every time on FileZilla

    - by John
    On two different FTP accounts, I am having problems uploading files. I can login and see the contents of the dir, and start an upload. Using Filezilla the transfer seems to always stall at either 0.9% or 1.2% (always those two numbers) and may simply hang, or keep restarting and then again stop at the same point. WindowsXP FTP is not great but I get similar types of problems there... it starts uploading and after a short while I get a timeout error. FTP used to work fine, and I don't know if it's these accounts in particular (both have the same service provider although purchased on opposite sides of the world) or if "FTP is broken on my PC"... can that even happen?!

    Read the article

  • Development Server Blocked Only from Home

    - by theonlylos
    Recently I've been having an issue with my CentOS 6 test server running Apache and Webmin running on port 10000 where when I try accessing any part of the server - SSH/FTP and even my domains (I have two - both keep getting timeout errors) when I try accessing from any computer on my home network. However when I access via tethering or via my office networks everything loads fine. While the firewall is the first issue at mind, my router never was set to block any special ports, and even after adding port 10000 as a specific exception I'm having no luck. Also, I doubt this is an IP blacklisting issue because I have websites on other servers using CloudFlare for security and I haven't gotten any warnings. Any assistance is greatly apprecaiated. UPDATE: Just some extra details about the issue: My ISP to my knowledge only blocks off ports 25 and 80 for residential users to prevent them from running web servers - however this issue has only come up a day or two ago, before that I was using the server successfully for months. Also the server is not physically located in any of my workspaces - it's a VPS housed in a datacenter

    Read the article

  • ZFS: Redistribute zvol over all disks in the zpool?

    - by growse
    Is there a way in which ZFS can be prompted to redistribute a given filesystem over the all of the disks in its zpool? I'm thinking of a scenario where I have a fixed size ZFS volume that's exported as a LUN over FC. The current zpool is small, just two 1TB mirrored disks, and the zvol is 750GB in total. If I were to suddenly expand the size of the zpool to, say, 12 1TB disks, I believe the zvol would still effectively be 'housed' on the first two spindles only. Given that more spindles = more IOPS, what method could I use to 'redistribute' the zvol over all 12 spindles to take advantage of them?

    Read the article

  • Hyper-Threading and Dual-Core, What's the Difference?

    - by Josh Stodola
    In a conversation with the network administator, I mentioned that my machine was a dual-core. He told me it was not. I brought up the task manager, went to the perfomance tab, and showed him that there are two separate CPU usage graphs. I have a quad-core machine at home and it has four graphs. He told there were two graphs on this particular machine because of hyper-threading. I used to have a hyper-thread pentium 4 processor back in the day, but I never fully understood what it meant. So what is the difference between hyper threading and dual-core? And how do you tell which one you have?

    Read the article

  • How can I get Opera speed-dial and password management features in other browsers?

    - by Howard Guo
    I heavily rely on Opera's speed dial and password management features. Lack of these two features is really stopping me from switching to another web browser such as Chrome or Firefox. Opera's password management has two unique characteristics which I rely on heavily: It saves passwords on all pages, (apparently) despite the page's meta data asking not to save passwords. It offers keyboard shortcut and button to automatically fill in username/passwords and all other fields in a login form, then automatically submit the form. (So I'm only one key/click away from logging into a website) How can I get those functions in other browsers? Thank you! Edit: Reason being that I use other web browsers at work and I wish they could have those functions.

    Read the article

  • Ubuntu 12.04 boot degraded raid

    - by beacon_bonanza
    I've installed Ubuntu 12.04.1 in a new server and set up the 4 hard drives with 3 RAID 1 devices, the configuration is such that the first two drives have md0 (swap space) and md1 (/) with the third and fourth drives having md2 (/var). I've been testing the operation under a drive failure and found that the system boots fine if I remove disk two but if I remove disk one then the system gets to grub and then just restarts. I'm confused as to why grub appears to be loading properly from disk two but then the boot fails. I've tried to copy the MBR from disk 1 to 2: dd if=/dev/sda of=/dev/sdb bs=512 count=1 but this didn't make a difference. Any ideas how to get it to boot from just the second disk? fdisk -l Disk /dev/sda: 2000.4 GB, 2000398934016 bytes 255 heads, 63 sectors/track, 243201 cylinders, total 3907029168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x000ccfa5 Device Boot Start End Blocks Id System /dev/sda1 2048 31250431 15624192 fd Linux RAID autodetect /dev/sda2 * 31250432 3907028991 1937889280 fd Linux RAID autodetect Disk /dev/sdb: 2000.4 GB, 2000398934016 bytes 255 heads, 63 sectors/track, 243201 cylinders, total 3907029168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x000ccfa5 Device Boot Start End Blocks Id System /dev/sdb1 2048 31250431 15624192 fd Linux RAID autodetect /dev/sdb2 * 31250432 3907028991 1937889280 fd Linux RAID autodetect Disk /dev/sdd: 2000.4 GB, 2000398934016 bytes 255 heads, 63 sectors/track, 243201 cylinders, total 3907029168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00035b05 Device Boot Start End Blocks Id System /dev/sdd1 2048 3907028991 1953513472 fd Linux RAID autodetect Disk /dev/sdc: 2000.4 GB, 2000398934016 bytes 255 heads, 63 sectors/track, 243201 cylinders, total 3907029168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x000c73aa Device Boot Start End Blocks Id System /dev/sdc1 2048 3907028991 1953513472 fd Linux RAID autodetect Disk /dev/md1: 1984.3 GB, 1984264208384 bytes 2 heads, 4 sectors/track, 484439504 cylinders, total 3875516032 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/md2: 2000.3 GB, 2000263380992 bytes 2 heads, 4 sectors/track, 488345552 cylinders, total 3906764416 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/md0: 16.0 GB, 15990652928 bytes 2 heads, 4 sectors/track, 3903968 cylinders, total 31231744 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000

    Read the article

  • Migrating data from SQL Server 2000 to SQL Server 2005

    - by Muhammad Kashif Nadeem
    I have to migrate existing data which is in SQL Server 2000 to SQL Server 2005. The schema of two databases is different. For Example Locations table in SS2000 is split into two tables and has different columns. This is one time activity. After successful migration I don't need old db anymore. What is the best way to transfer data from one SQL Server to another having different schemas? I can write stored procedures to fetch data from SQL Server 2000 and insert/update tables in SQL Server 2005. What about SSIS? I don't have any experience with this and is this better to create package of SSIS because I don't need this again and need to learn it first. Thanks.

    Read the article

  • Apache disabled virtual host domains resolve an enabled virtual host

    - by littleK
    I have three virtual hosts defined on apache on my Ubuntu server for three different domains. If I disable two of the virtual hosts (a2dissite) and try to resolve those two URL's in the browser, then the one remaining enabled site will resolve. How can I configure apache so that the domains for the disabled virtual hosts do not resolve? This is how all 3 virtual hosts are configured (info is masked): # domain: myfirstdomain.com # public: /home/me/public/myfirstdomain.com/ <VirtualHost *:80> # Admin email, Server Name (domain name), and any aliases ServerAdmin [email protected] ServerName www.myfirstdomain.com ServerAlias myfirstdomain.com # Index file and Document Root (where the public files are located) DirectoryIndex index.html index.php DocumentRoot /home/me/public/myfirstdomain.com/public # Log file locations LogLevel warn ErrorLog /home/me/public/myfirstdomain.com/log/error.log CustomLog /home/me/public/myfirstdomain.com/log/access.log combined </VirtualHost>

    Read the article

  • Auth-Type :- Reject in RADIUS users file matches inner tunnel request but sends Access-Accept

    - by mgorven
    I have WPA2 802.11x EAP authentication setup using FreeRADIUS 2.1.8 on Ubuntu 10.04.4 talking to OpenLDAP, and can successfully authenticate using PEAP/MSCHAPv2, TTLS/MSCHAPv2 and TTLS/PAP (both via the AP and using eapol_test). I am now trying to restrict access to specific SSIDs based on the LDAP groups which the user belongs to. I have configured group membership checking in /etc/freeradius/modules/ldap like so: groupname_attribute = cn groupmembership_filter = "(|(&(objectClass=posixGroup)(memberUid=%{User-Name}))(&(objectClass=posixGroup)(uniquemember=%{User-Name})))" and I have configured extraction of the SSID from Called-Station-Id into Called-Station-SSID based on the Mac Auth wiki page. In /etc/freeradius/eap.conf I have enabled copying attributes from the outer tunnel into the inner tunnel, and usage of the inner tunnel response in the outer tunnel (for both PEAP and TTLS). I had the same behaviour before changing these options however. copy_request_to_tunnel = yes use_tunneled_reply = yes I'm running eapol_test like this to test the setup: eapol_test -c peap-mschapv2.conf -a 172.16.0.16 -s testing123 -N 30:s:01-23-45-67-89-01:Example-EAP with the following peap-mschapv2.conf file: network={ ssid="Example-EAP" key_mgmt=WPA-EAP eap=PEAP identity="mgorven" anonymous_identity="anonymous" password="foobar" phase2="autheap=MSCHAPV2" } With the following in /etc/freeradius/users: DEFAULT Ldap-Group == "employees" and running freeradius-Xx, I can see that the LDAP group retrieval works, and that the SSID is extracted. Debug: [ldap] performing search in dc=example,dc=com, with filter (&(cn=employees)(|(&(objectClass=posixGroup)(memberUid=mgorven))(&(objectClass=posixGroup)(uniquemember=mgorven)))) Debug: rlm_ldap::ldap_groupcmp: User found in group employees ... Info: expand: %{7} -> Example-EAP Next I try to only allow access to users in the employees group (regardless of SSID), so I put the following in /etc/freeradius/users: DEFAULT Ldap-Group == "employees" DEFAULT Auth-Type := Reject But this immediately rejects the Access-Request in the outer tunnel because the anonymous user is not in the employees group. So I modify it to only match inner tunnel requests like so: DEFAULT Ldap-Group == "employees" DEFAULT FreeRADIUS-Proxied-To == "127.0.0.1" Auth-Type := Reject, Reply-Message = "User does not belong to any groups which may access this SSID." Now users which are in the employees group are authenticated, but so are users which are not in the employees group. I see the reject entry being matched, and the Reply-Message is set, but the client receives an Access-Accept. Debug: rlm_ldap::ldap_groupcmp: Group employees not found or user is not a member. Info: [files] users: Matched entry DEFAULT at line 209 Info: ++[files] returns ok ... Auth: Login OK: [mgorven] (from client test port 0 cli 02-00-00-00-00-01 via TLS tunnel) Info: WARNING: Empty section. Using default return values. ... Info: [peap] Got tunneled reply code 2 Auth-Type := Reject Reply-Message = "User does not belong to any groups which may access this SSID." ... Info: [peap] Got tunneled reply RADIUS code 2 Auth-Type := Reject Reply-Message = "User does not belong to any groups which may access this SSID." ... Info: [peap] Tunneled authentication was successful. Info: [peap] SUCCESS Info: [peap] Saving tunneled attributes for later ... Sending Access-Accept of id 11 to 172.16.2.44 port 60746 Reply-Message = "User does not belong to any groups which may access this SSID." User-Name = "mgorven" and eapol_test reports: RADIUS message: code=2 (Access-Accept) identifier=11 length=233 Attribute 18 (Reply-Message) length=64 Value: 'User does not belong to any groups which may access this SSID.' Attribute 1 (User-Name) length=9 Value: 'mgorven' ... SUCCESS Why isn't the request being rejected, and is this the right way to implement this?

    Read the article

  • Cant logon to domain over site-to-site vpn

    - by 3molo
    Tied together branch office with main office over two Cisco ASAs. The (internal) networks on either side can communicate with the other. I can ping, use the DC's DNS service and even join a domain on a new client. I can't however logon, I get the "domain controller is not available" error message on client. I find nothing peculiar in DC's event logs. Sicne it's site-to-site (with ping), it's always up so it should work. No firewall rules (except allow any any) between the two networks (of either side). Main site internal net: 10.10.10.0/24 Branch office net: 10.180.3.0/24 Am I overlooking something here? Where should I start investigating this?d

    Read the article

  • Linux box acting as wireless access point to share the internet connection

    - by Suresh
    A linux machine is connected to internet over two interfaces ppp0 and ppp1 using two modems. Also this machine acts as wireless access point through an interface say, eth0 with ip address 192.168.1.1 and acts as gateway for the connected devices through this network with subnet mask 255.255.255.0 Now is it possible to achieve the following: When any of the connected devices through wireless AP needs internet connection linux machine has to use ppp1 interface for internet. If any of the applications on the linux machine needs internet connection linux machine should use ppp0 interface for the internet. Can this be achieved by adding rules to chains in filter/nat tables? If the kernel routing table has a default rule to route the default traffic through interface ppp0, wil kernel completely ignore ppp1 for internet? PS: new to networking and routing concepts, If the question is not clear leave a comment, will try to give more information.

    Read the article

  • Users loggin to 3Com switches authenticated by radius not getting admin priv and no access available

    - by 3D1L
    Hi, Following the setup that I have for my Cisco devices, I got some basic level of functionality authenticating users that loggin to 3Com switches authenticated against a RADIUS server. Problem is that I can not get the user to obtain admin privileges. I'm using Microsoft's IAS service. According to 3Com documentation when configuring the access policy on IAS the value of 010600000003 have to be used to specify admin access level. That value have to be input in the Dial-in profile section: 010600000003 - indicates admin privileges 010600000002 - manager 010600000001 - monitor 010600000000 - visitor Here is the configuration on the switch: radius scheme system server-type standard primary authentication XXX.XXX.XXX.XXX accounting optional key authentication XXXXXX key accounting XXXXXX domain system scheme radius-scheme system local-user admin service-type ssh telnet terminal level 3 local-user manager service-type ssh telnet terminal level 2 local-user monitor service-type ssh telnet terminal level 1 The configuration is working with the IAS server because I can check user login events with the Eventviewer tool. Here is the output of the DISPLAY RADIUS command at the switch: [4500]disp radius SchemeName =system Index=0 Type=standard Primary Auth IP =XXX.XXX.XXX.XXX Port=1645 State=active Primary Acct IP =127.0.0.1 Port=1646 State=active Second Auth IP =0.0.0.0 Port=1812 State=block Second Acct IP =0.0.0.0 Port=1813 State=block Auth Server Encryption Key= XXXXXX Acct Server Encryption Key= XXXXXX Accounting method = optional TimeOutValue(in second)=3 RetryTimes=3 RealtimeACCT(in minute)=12 Permitted send realtime PKT failed counts =5 Retry sending times of noresponse acct-stop-PKT =500 Quiet-interval(min) =5 Username format =without-domain Data flow unit =Byte Packet unit =1 Total 1 RADIUS scheme(s). 1 listed Here is the output of the DISPLAY DOMAIN and DISPLAY CONNECTION commands after users log into the switch: [4500]display domain 0 Domain = system State = Active RADIUS Scheme = system Access-limit = Disable Domain User Template: Idle-cut = Disable Self-service = Disable Messenger Time = Disable Default Domain Name: system Total 1 domain(s).1 listed. [4500]display connection Index=0 ,Username=admin@system IP=0.0.0.0 Index=2 ,Username=user@system IP=xxx.xxx.xxx.xxx On Unit 1:Total 2 connections matched, 2 listed. Total 2 connections matched, 2 listed. [4500] Here is the DISP RADIUS STATISTICS: [4500] %Apr 2 00:23:39:957 2000 4500 SHELL/5/LOGIN:- 1 - ecajigas(xxx.xxx.xxx.xxx) in un it1 logindisp radius stat state statistic(total=1048): DEAD=1046 AuthProc=0 AuthSucc=0 AcctStart=0 RLTSend=0 RLTWait=2 AcctStop=0 OnLine=2 Stop=0 StateErr=0 Received and Sent packets statistic: Unit 1........................................ Sent PKT total :4 Received PKT total:1 Resend Times Resend total 1 1 2 1 Total 2 RADIUS received packets statistic: Code= 2,Num=1 ,Err=0 Code= 3,Num=0 ,Err=0 Code= 5,Num=0 ,Err=0 Code=11,Num=0 ,Err=0 Running statistic: RADIUS received messages statistic: Normal auth request , Num=1 , Err=0 , Succ=1 EAP auth request , Num=0 , Err=0 , Succ=0 Account request , Num=1 , Err=0 , Succ=1 Account off request , Num=0 , Err=0 , Succ=0 PKT auth timeout , Num=0 , Err=0 , Succ=0 PKT acct_timeout , Num=3 , Err=1 , Succ=2 Realtime Account timer , Num=0 , Err=0 , Succ=0 PKT response , Num=1 , Err=0 , Succ=1 EAP reauth_request , Num=0 , Err=0 , Succ=0 PORTAL access , Num=0 , Err=0 , Succ=0 Update ack , Num=0 , Err=0 , Succ=0 PORTAL access ack , Num=0 , Err=0 , Succ=0 Session ctrl pkt , Num=0 , Err=0 , Succ=0 RADIUS sent messages statistic: Auth accept , Num=0 Auth reject , Num=0 EAP auth replying , Num=0 Account success , Num=0 Account failure , Num=0 Cut req , Num=0 RecError_MSG_sum:0 SndMSG_Fail_sum :0 Timer_Err :0 Alloc_Mem_Err :0 State Mismatch :0 Other_Error :0 No-response-acct-stop packet =0 Discarded No-response-acct-stop packet for buffer overflow =0 The other problem is that when the RADIUS server is not available I can not log in to the switch. The switch have 3 local accounts but none of them works. How can I specify the switch to use the local accounts in case that the RADIUS service is not available?

    Read the article

  • Extend my LAN network

    - by user268291
    i have a patch panel and hardwiring already setup in my office. The patch panel is 24-port and all the ports are engaged. All my switch ports are engaged. Now, I have a printer connected to a wall point (RJ45) which I want to shift to a new room where there is no LAN setup. I want to have two RJ45 wall plugs in the new room so that I can connect one RJ45 port to have my LAN in the new room and the other RJ45 wall port I want to use for my printer. There is no option other than LAN (no wireless). Please help me and tell me how do I get the two RJ45 wall plate plugs in the new room up and keep my LAN running. It is a little urgent for me. Please help.

    Read the article

  • Issue in setting up VPN connection (IKEv1) using android (ICS vpn client) with Strongswan 4.5.0 server

    - by Kushagra Bhatnagar
    I am facing issues in setting up VPN connection(IKEv1) using android (ICS vpn client) and Strongswan 4.5.0 server. Below is the set up: Strongswan server is running on ubuntu linux machine which is connected to some wifi hotspot. Using the steps in this guide link, I generated CA, server and client certificate. Once certificates are generated, following (clientCert.p12 and caCert.pem) are sent to mobile via mail and installed on android device. Below are the ip addresses assigned to various interfaces Linux server wlan0 interface ip where server is running: 192.168.43.212, android device eth0 interface ip address: 192.168.43.62; Android device is also attached with the same wifi hotspot. On the Android device, I uses IPsec Xauth RSA option for setting up VPN authentication configuration. I am using the following ipsec.conf configuration: # basic configuration config setup plutodebug=all # crlcheckinterval=600 # strictcrlpolicy=yes # cachecrls=yes nat_traversal=yes # charonstart=yes plutostart=yes # Add connections here. # Sample VPN connections conn ios1 keyexchange=ikev1 authby=xauthrsasig xauth=server left=%defaultroute leftsubnet=0.0.0.0/0 leftfirewall=yes leftcert=serverCert.pem right=192.168.43.62 rightsubnet=10.0.0.0/24 rightsourceip=10.0.0.2 rightcert=clientCert.pem pfs=no auto=add      With the above configurations when I enable VPN on android device, VPN connection is not successful and it gets timed out in Authentication phase. I ran wireshark on both the android device and strongswan server, from the tcpdump below are the observations. Initially Identity Protection (Main mode) exchanges happens between device and server and all are successful. After all successful Identity Protection (Main mode) exchanges server is sending Transaction (Config mode) to device. In reply android device is sending Informational message instead of Transaction (Config mode) message. Further server is keep on sending Transaction (Config mode) message and device is again sending Identity Protection (Main mode) messages. Finally timeout happens and connection fails. I also capture Strongswan server logs and below are the snippets from the server logs which also verifies the same(described above). Apr 27 21:09:40 Linux pluto[12105]: | **parse ISAKMP Message: Apr 27 21:09:40 Linux pluto[12105]: | initiator cookie: Apr 27 21:09:40 Linux pluto[12105]: | 06 fd 61 b8 86 82 df ed Apr 27 21:09:40 Linux pluto[12105]: | responder cookie: Apr 27 21:09:40 Linux pluto[12105]: | 73 7a af 76 74 f0 39 8b Apr 27 21:09:40 Linux pluto[12105]: | next payload type: ISAKMP_NEXT_HASH Apr 27 21:09:40 Linux pluto[12105]: | ISAKMP version: ISAKMP Version 1.0 Apr 27 21:09:40 Linux pluto[12105]: | exchange type: ISAKMP_XCHG_INFO Apr 27 21:09:40 Linux pluto[12105]: | flags: ISAKMP_FLAG_ENCRYPTION Apr 27 21:09:40 Linux pluto[12105]: | message ID: a2 80 ad 82 Apr 27 21:09:40 Linux pluto[12105]: | length: 92 Apr 27 21:09:40 Linux pluto[12105]: | ICOOKIE: 06 fd 61 b8 86 82 df ed Apr 27 21:09:40 Linux pluto[12105]: | RCOOKIE: 73 7a af 76 74 f0 39 8b Apr 27 21:09:40 Linux pluto[12105]: | peer: c0 a8 2b 3e Apr 27 21:09:40 Linux pluto[12105]: | state hash entry 25 Apr 27 21:09:40 Linux pluto[12105]: | state object not found Apr 27 21:09:40 Linux pluto[12105]: packet from 192.168.43.62:500: Informational Exchange is for an unknown (expired?) SA Apr 27 21:09:40 Linux pluto[12105]: | next event EVENT_RETRANSMIT in 10 seconds for #9 Can anyone please provide update on this issue. Why the VPN connection gets timed out and why the ISAKMP exchanges are not proper between Android and strongswan server.

    Read the article

  • Installing Windows 7 destroyed my dual boot setup

    - by ped
    I have a laptop on which I have two drives with separate Windows XP installs, one barebones for music production, the other "normal" Windows XP with Office etc. (unfortunately the bios won't give a boot disk choice). Normally I would be presented with two Windows XPs on booting. Selecting the second one would get me into the "normal" installation on disk 1 (C:). Selecting the first in boot order would give me D:\ (disk 2) with the barebones XP. However, I installed Windows 7 Home onto disk 1 (C:), but there were no dual boot options anymore, even though I installed DualBoot Pro and added Windows XP disk D:. The options now show up, but selecting Windows XP just turns into a reboot back to where I started.

    Read the article

  • Macbook Pro 2.66 GHz vs. 2.8 GHz

    - by nevan
    Is there much advantage in getting the higher end Macbook Pro compared to the mid-range one? The differences between the two are: 2.66 GHz vs. 2.8 GHz 256 MB graphics memory vs. 512 MB 3 MB L2 cache vs. 6 MB 320 GB hard drive vs. 500 GB $2000 vs. $2300 I've looked around, but I can't find any direct comparisons for the two machines. I'd be using the machine for development. I generally use a computer for 3 years. I don't really play games, but do use Photoshop regularly. I've heard that once Snow Leopard arrives, the graphics chip will be used to boost the main processor, so I was wondering if getting the one with more graphics memory would be an advantage?

    Read the article

  • configure /etc/hosts file so ALL applications always use local network when it makes sense to do so?

    - by gkdsp
    I have two Linux CentOS servers setup in a local network. ServerA is 192.168.0.1 and serverB is 192.168.0.2. There's an application on serverA that communicates with serverB using host2.serverAname.com. But, the traffic is blocked on serverB because the port being used has a firewall that only allows traffic on the local network to pass. Thus, serverB needs to see traffic from serverA as originating from 192.168.0.1 (instead of host2.serverA.com). Is there a way I can configure the /etc/hosts file to ensure traffic always sent between the two servers uses local IP addresses, regardless of what hostname is in use, and for ALL applications? If so, could someone walk me through an example? I only have 2 servers, so the simpler the better.

    Read the article

  • Can I set up a VM Host's drives to appear as if they belong to the VM OS?

    - by Sinaesthetic
    A couple things. I added two of the host drives to the shared drives area of the VM. Neither of them show up in the VM's OS. What I actually would like to do is configure two of these drives that are on the host OS to appear as if they are on the VM. So that I can share them through the VM. Sounds wonkey, I know. The VM is Windows Server 2008 and the Host is Mac OSX Lion. I would like to host my media drives through windows server rather than over OSX as I have nothing but problems. I'm not sure if this is possible. Any input?

    Read the article

  • Linux and GeForce 8400 dual monitor

    - by Andrea Polci
    I'm trying to install a linux distribution on my PC. I have a GeForce 8400 GS with two connected monitors. I tried with Fedora 12 and Ubuntu 9.10 (both 64 and 32 bit) and the live cd cannot boot properly. I don't get a visible error on Ubuntu, it simply hangs up during the boot. With Fedora I get this error: [drm] Modeset on unsupported output type [drm] Table 0x0000 not found for 1/1 using first I tried to disconnect one of the two monitor and was able to install on my HD and boot from there, but if I try to connect the second monitor again I cannot boot. Do I need to install something else? (a driver for my video card for example).

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 419 420 421 422 423 424 425 426 427 428 429 430  | Next Page >