Search Results

Search found 12281 results on 492 pages for 'ip blocking'.

Page 448/492 | < Previous Page | 444 445 446 447 448 449 450 451 452 453 454 455  | Next Page >

• Exchange on SBS2003 not receiving mail, but sending via telnet works

  - by YDdraigLas

  Last week we had a problem on our SBS2003 server where our external connection dropped out and I was only able to restore it by running netsh winsock reset catalog and netsh int ip reset. Thinking all was well, I went home for the weekend and came in today to find that we haven't received any external emails since before the original problems occurred. There are plenty of examples of this on the internet, usually to do with a firewall issue, but the odd thing here is that when I connect using telnet I can send an email and it goes straight through and into my inbox. When I send an email from Gmail or Hotmail nothing comes through at all. Internal emails are also unaffected, as are outgoing emails. There have also been a couple of emails that have come through for other users, both out-of-office replies, if that's relevant. I've run the CEICW several times, checked all the NIC settings, but no joy. Before I give up trying to fix this and reinstall the whole server, has anyone come across this problem before? I have only found fleeting references to this in previous searches and no real answers. Any advice gratefully received.

  Read the article

• How can I generate filesystem images that are usable on many different virtualization systems?

  - by Mark Longair

  I have written a script that generates a root filesystem image (based on Debian lenny) suitable for User-Mode Linux. (Essentially this script creates a filesystem image, mounts it with a loop device, uses debootstrap to create a lenny install, sets up a static IP for TUN/TAP networking, adds public keys for login by SSH and installs a web application.) These filesystem images work pretty well with UML, but it would be nice to be able to generate similar images that people can use on alternative virtualization software, and I'm not familiar with these options at all. In particular, since the idea is to use this image as a standalone server for testing the web application, it's important that the networking works. I wonder if anyone can suggest what would be involved in customizing such root filesystem images such that they could be used with other virtualization software, such as VMware, Xen or as an Amazon EC2 instance? Two particular concerns are: If such systems don't use a raw filesystem image (e.g. they need headers with metadata or are compressed in some particular way) do there exist tools to convert between the different formats? I assume that in the filesystem, at least /etc/network/interfaces will have to be customized, but are more involved changes likely to be necessary? Many thanks for any suggestions...

  Read the article

• No outbound internet connection after restarting CentOS 6.3

  - by wnstnsmth

  After restarting a headless CentOS 6.3 machine, it lost outbound internet connectivity, i.e. I can still connect to the server via SSH (ssh root@**.126.18.56), but stuff such as ping google.com gives google.com: unknown host, and yum list some_package gives a lot of network errors. This is what ifconfig gives: eth0 Link encap:Ethernet HWaddr 00:25:90:78:2D:5D inet addr:**.126.18.56 Bcast:**.126.18.255 Mask:255.255.255.0 inet6 addr: fe80::225:90ff:fe78:2d5d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:75594 errors:0 dropped:0 overruns:0 frame:0 TX packets:787 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:7074741 (6.7 MiB) TX bytes:144391 (141.0 KiB) Interrupt:20 Memory:f7a00000-f7a20000 eth1 Link encap:Ethernet HWaddr 00:25:90:78:2D:5C UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) Interrupt:16 Memory:f7900000-f7920000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:6 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:504 (504.0 b) TX bytes:504 (504.0 b) I have absolutely no clue how to debug this, and I find it very strange since I can still connect via ssh. EDIT: Weirdly, /etc/resolv.conf does not contain any entries, or none that I can make sense of: # Generated by NetworkManager search sui-inter.net # No nameservers found; try putting DNS servers into your # ifcfg files in /etc/sysconfig/network-scripts like so: # # DNS1=xxx.xxx.xxx.xxx # DNS2=xxx.xxx.xxx.xxx # DOMAIN=lab.foo.com bar.foo.com So is it possible that rebooting the server erased that file? It worked before at least! And how do I solve this? By the way, pinging an IP address works.

  Read the article

• SSH hangs when executing command remotely

  - by Serty Oan

  Client : OpenSSH_5.1p1 Debian-5ubuntu1 (Ubuntu 9.04) Server : OpenSSH_5.1p1 Debian-5 (Proxmox 2.6.24-7-pve) I use SSH to execute commands remotely on the server (module check_by_ssh of Nagios). But SSH hangs from time to time when trying to execute commands. I can log to the server via SSH but not executing a simple 'ls'. And it seems to block from all clients from the same IP address. Authentication is not the problem, may it be made by SSH keys or password. ssh -l root -p 2222 server.domain.tld 'ls' Here the client debug info debug1: Entering interactive session. debug2: callback start debug2: client_session2_setup: id 0 debug1: Sending environment. debug3: Ignored env ORBIT_SOCKETDIR *** skipping approx 40 env var ignored debug1: Sending command: ls debug2: channel 0: request exec confirm 1 It hangs there. Then after a random time, it works again (without doing anything). Killing all sshd process on the server seems to work too. It works from a Putty. I saw that some people had trouble like this due to ISP reverse DNS problem, but it does not seem to be the case here. It can work for hours and then not work for half an hour or so. What could explain this behaviour ?

  Read the article

• Portforwarding Combine Several Ports

  - by kiraitachi

  Hi I got a Raspberry Pi at A.A.A.B in my local network and I have set up a DMZ on my router so that any incoming traffic that comes to my router gets redirected to my raspberry pi wich I can connect via NO-IP adress. The problem is that I want to set up portforwarding since i got several services running on my Pi like SSH, torrent webgui, webalbum, etc. I had this already done before long time ago, but I forgot a bit the syntax and cant get to set it up. Router Help says: The Application allows you to do port forwarding, but only have the ports open when data flowing out of the trigger ports. When a program sends data out on outgoing ports called trigger ports, the device then allows incoming data on the open ports specified in your port triggering configuration. 1.Trigger Port Start Trigger Port Start Specify the start port on the device that would trigger the device to open ports for incoming data. 2.Trigger Port End Specify the end port on the device that would trigger the device to open ports for incoming data. You can enter a port number the same as the trigger port start or enter a larger port number to specify a port range. 3.Trigger Traffic Protocol Type Select the trigger traffic type. Open Port Specify all the ports to be opened. It's content could be: A single port only. A port range only. Start open port number and end port number should be separated by "-" . Combined several single port and several port ranges. Each single port or port range should be separated by "," . Open Traffic Protocol Type Select the open traffic type. This are the fields: http://es.tinypic.com/view.php?pic=n5lv1k&s=8 I think this is the syntax 1-7999,8001-9090,9092-65535. But each time I want to add it gives me an error. Any ideas?

  Read the article

• Why can't I ping a PC on my home network?

  - by AngryHacker

  Whenever I try to ping another box on my home network, it pings the wrong ip address: C:\Users\Papa>ping macmini Pinging macmini.belkin [208.68.143.55] with 32 bytes of data: Reply from 208.68.143.55: bytes=32 time=50ms TTL=110 As you can see it always appends belkin to anything I try to ping. So I hit up ipconfig and belkin happens to be Connection-specific DNS Suffix: Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : belkin IPv4 Address. . . . . . . . . . . : 192.168.2.7 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.2.1 My setup is all DHCP, so I am not sure where belkin is coming from. I looked through all the networking stuff, as you can see below: Bottom line: how do I fix this?

  Read the article

• VOIP and internet connection speeds [cable vs. fiber]

  - by microchasm

  Our office is migrating to IP telephony. We have less than 10 employees that will be using the phones. We currently have cable internet, and they just bumped the speeds: There is a data center that was just recently built in our building, and we were considering co-lo'ing there in the near future. As a result, they offered us access to their triple-redundant internet, but it's quite expensive. They are offering 3mbps committed with up to 10mbps burst for $250/month (discounted). We pay ~$120 for our cable (which the plan was to keep--at least for TV). I want the phone system and LAN to be as separate as possible. Was thinking about keeping the cable for LAN, and using the other connection for the phones (until I saw the price). Now I'm thinking it might make sense to add on to our existing cable setup, and change our phone to only have DSL as a backup for the cable. Is there any real benefit to the fiber? Especially for the price? Any other suggestions or ideas? Thanks.

  Read the article

• VPN: Disable class based route addition for Windows XP/Vista

  - by brgsousa

  Paraphrasing this SuperUser link: When you set up a VPN, the Windows default is to enable "Use default gateway on remote network." A new default route is added to the routing table pointing to the remote network's gateway, and the existing default route has its metric increased to force all Internet traffic to traverse the tunnel and use the remote network's gateway. All traffic uses the VPN, and traffic destined for the outside world is directed to the remote gateway. When the VPN drops, the route to the remote gateway is removed and the original default route is set back to the original metric. Unchecking "use default gateway on remote network" means that new default route isn't added, so Internet traffic goes out the local gateway, but a new classful route is added to the routing table, using the local adapter's IP, pointing down the VPN. Only traffic destined for the classful network of the local adapter goes down the VPN. This may not be what you want. Checking "Disable class based route addition" means that classful route isn't added to your machine when the VPN starts up, and you'll need to add the appropriate routes for networks that should be routed through the tunnel. But, the option "Disable class based route addition" is available ONLY for Windows 7. How can I do something like that for Windows XP or Vista since they don't have that option? I have searched about for that but, no solution yet.

  Read the article

• What Logs / Process Stats to monitor on a Ubuntu FTP server?

  - by Adam Salkin

  I am administering a server with Ubuntu Server which is running pureFTP. So far all is well, but I would like to know what I should be monitoring so that I can spot any potential stability and security issues. I'm not looking for sophisticated software, more an idea of what logs and process statistics are most useful for checking on the health of the system. I'm thinking that I can look at various parameters output from the "ps" command and compare to see if I have things like memory leaks. But I would like to know what experienced admins do. Also, how do I do a disk check so that when I reboot, I don't get a message saying something like "disk not checked for x days, forcing check" which delays the reboot? I assume there is command that I can run as a cron job late at night. How often should it be run? What things should I be looking at to spot intrusion attempts? The only shell access is SSH on a non-standard port through UFW firewall, and I regularly do a grep on auth.log for "Fail" or "Invalid". Is there anything else I should look at? I was logging the firewall (UFW) but I have very few open ports (FTP and SSH on a non standard port) so looking at lists of IP's that have been blocked did not seem useful. Many thanks

  Read the article

• Enterprise Redirection Services?

  - by Aaron Alton

  This is probably a case of "if I new what it was called, I could google it in 5 minutes" - but I don't know what it's called. It's probably best to explain the requirement using an example. We have a number of services (vpn, owa, etc) which we host from one of our datacenters. We have a number of datacenters, and we technically have the infrastructure already in place to support these services at a number of our datacenters. To provide access to these "services", I would create an external DNS entry (ex. VPN.MyCompany.com Gateway IP for one of my DCs), and clients will connect to it via the DNS entry. Since I have multiple datacenters that can support this service, I could theoretically offer a "highly available, geographically dispersed" solution if I could point this DNS entry to some sort of third party who offers highly available "redirection" services. If my primary site goes down, I could just make a change via some management console and configure the redirector to point to a different DC. Of course, it would be fairly straightforward to set this sort of thing up on one of our servers, but that would kinda defeat the purpose of a highly available third party. Is anyone familiar with a service like this? I'm thinking something like DynDNS, but with Enterprise availability guarantees.

  Read the article

• Query specific nameserver for a particular domain upon VPN connect

  - by MT

  Some background: I have a work laptop with Ubuntu 9.10 on it. I have a small network at home where I've been running some basic services (for myself/my family) for 10 some years. In my home network there is a nameserver (Fedora) running Bind 9 with two "views". One view is the "outside" view and it provides name resolution (to the Internet at large) for email, a wiki, and a couple of blogs. The "inside" view provides name resolution (to the internal RFC1918 addresses of theses servers) as well as all the inside hosts, network equipment, ...etc. I connect with an openvpn client to my home network from outside (such as work). What I'd like to be able to do is resolve names on my internal network across this VPN (so I get the RFC1918 "inside" responses) without fully changing my resolver to the DNS server at my hose. For example, if I connect to the VPN from work, I can change my resolver (by editing resolv.conf) to the DNS server at my house (across the VPN) and then successfully resolve all of the inside DNS names on my home network. The issue I have with this is that now I'm no longer able to resolve "inside" names provided by my work's DNS servers (because I'm using my home DNS server). Alternatively, I can connect to the VPN and access my home severs via IP addresses directly, but this is inconvenient and causes issues with Apache name-based hosting (among other things). In the end, the effect I'm trying to achieve is as follows: When I connect to the VPN I automatically start sending DNS requests for *.myhomedomain.com to my home nameserver, but any other requests continue to go the the nameserver I was using before (the one I received on my company LAN via DHCP). When I disconnect the VPN, requests for *.myhomedomain.com go back to the local LAN DNS server (e.g. all requests are going there now). I'm looking for suggestion at to how this can be accomplished.

  Read the article

• Windows VPN client connect on different port

  - by John Gardeniers

  Scenario: Two Windows Server 2003 machines running RRAS VPNs. The firewall port forwards 1723 to one of those machines for normal remote access. I'd like to find a way to connect to the second machine as well. Not because I need to but just because it's the sort of thing I reckon should be possible but can't figure out how to do. Is it possible to have the Windows PPTP VPN client (on XP in this instance) connect on a port other than 1723? If so, I can simply port forward another port to the second server. I've done a fair bit of Googling over the last few days and have only found others asking the same question but no answers. I have of course tried to add a port number in the host name or IP connection box, in various formats, but to no avail. While this might be possible with a third part client I'm really only interested in whether or not it can be done with the Windows built-in client and if so how?. Perhaps there's a registry hack I'm not aware of?

  Read the article

• RewriteRule causes POST data to get dumped before I can access it

  - by MatthewMcGovern

  I'm currently setting up my own 'webserver' (a Ubuntu Server on some old hardware) so I can have a mess around with PHP and get some experience managing a server. I'm using my own little MVC framework and I've hit a snag... In order for all requests to make it through the dispatcher, I am using: <Directory /var/www/> RewriteEngine On RewriteCond %{REQUEST_URI} !\.(png|jpg|jpeg|bmp|gif|css|js)$ [NC] RewriteRule . HomeProjects/index.php [L] </Directory> Which works great. I read on Stackoverflow to change the [L] to [P] to preserve post data. However, this causes every page to return: Not Found The requested URL <url> was not found on this server. So after some more searching, I found, "Note that you need to enable the proxy module, and the proxy_http_module in the config files for this to work." The problem is, I have no idea how to do this and everything I google has people using examples with virtual hosts and I don't know how to 'translate' that into something useful for my setup. I'm accessing my webserver via my public IP and forwarding traffic on port 80 to the web server (like I'm pretending I have a domain/server). How can I get this enabled/get post data working again? Edit: When I use the following, the server never responds and the page loads indefinately? LoadModule proxy_module /usr/lib/apache2/modules/mod_proxy.so LoadModule proxy_http_module /usr/lib/apache2/modules/mod_proxy_http.so <Directory /var/www/> RewriteEngine On RewriteCond %{HTTP_REFERER} !^http://(.+\.)?82\.6\.150\.51/ [NC] RewriteRule .*\.(jpe?g|gif|bmp|png|jpg)$ /no-hotlink.png [L] RewriteCond %{REQUEST_URI} !\.(png|jpg|jpeg|bmp|gif|css|js)$ [NC] RewriteRule . HomeProjects/index.php [P] </Directory>

  Read the article

• How do I connect to and factory reset a Catalyst 3560 Switch?

  - by Josh

  My company just bought another company. In their server room they had some older hardware, which I would like to repurpose. One of these is a Cisco Switch: C3560G-48TS-S. I found some instructions about this switch here but this is not a guide for a beginner. I have no idea how to connect to this thing to begin running the commands. It says Configure the PC terminal emulation software for 9600 baud, 8 data bits, no parity, 1 stop bit, and no flow control. But I can't find anything on how to do this (assuming with telnet?) or even what program to use. I also don't know how to find the IP address of the device to connect to it. My research also says once I get in there, I need to run clear config all Is this the right command? Also, what if I can't get the username and password for these devices? Is there some way to factory reset (my only experience is with devices that have a hardware reset button) EDIT: I should note that when I push the button on the front the three lights blink, which according to the documentation indicated the switch is configured and "not available for express setup"

  Read the article

• Different subnets routing with just one layer 3 switch

  - by GustavoFSx

  Our current network looks like this: Location 1: 2 Layer 2 switches | subnet 192.168.1.0/24 | Firewall for our VPN Location 2: 1 Layer 2 switch | subnet 192.168.3.0/24 | Firewall for our VPN Location 3: 1 Layer 2 switch | subnet 192.168.5.0/24 | Firewall for our VPN We just got a direct fiber connection between location 1 and 2, we also got a new HP V1910 24G layer 3 switch. I tried to follow the instructions on this site, but I can't get it to work. I think our network should look like this: Location 1: HP Switch FIBER to L2 | subnet 192.168.1.0/24 | Firewall for our VPN Location 2: 1 Layer 2 switch | subnet 192.168.3.0/24 | FIBER to L1 Location 3: 1 Layer 2 switch | subnet 192.168.5.0/24 | Firewall for our VPN So, how can I get routing working on our location 2? It's old gateway was a firewall device on ip 192.168.3.1. I'm thinking on creating a VLAN Interface on 192.168.3.1 on the switch for the Location 2. But how will I handle that on the HP switch that has a direct fiber connection with that switch? Please help, I'm not very good with networking.

  Read the article

• nginx + IIS + GET

  - by Eralde

  I have nginx on pc "A" & IIS with ASP.NET on pc "B". nginx is configured like this: ... location ~ ((Web|Script)Resource.*)$ { proxy_pass "B"/$1; proxy_redirect off; proxy_set_header REMOTE_ADDR $remote_addr; proxy_set_header REQUEST_URI $request_uri; proxy_set_header HTTP_REFERER $http_referer; #proxy_set_header REQUEST_URI $request_uri; proxy_set_header QUERY_STRING $query_string; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; }... but requests to "B"/WebScript?a=b&c=d aren't able to deliver GET data (a=b&c=d) to IIS part. Could anyone help with this? Edit: There's some additional info: nginx is also configured to proxy other data to Apache, running on "A" everything is fine there (at least GET is OK). configuration is the same as above, but for different location

  Read the article

• Issues with returned mail sent to web-based email domains

  - by Beeder

  My company is having issues with returned mail that we send out to external domains. A few weeks ago we replaced a firewall and changed ISP providers and began subsequently having issues RECEIVING emails from external sources because we hadn't updated our new IPs in the DNS records. After making the necessary configuration changes and setting up SMTP forwarding over port 25 to our mail server, everything was working fine up until a few days ago when we started having mail sent out returned to us. We aren't having any trouble communicating internally (to recipients on our domain) but it seems we're having trouble with outbound messages to web-based email recipients. (@hotmail, @live, @yahoo, @gmail...etc) Currently we are running Server 2003 SP2 and exchange 2003. I'm very unfamiliar with configuring Exchange and could really use some help in narrowing down the possibilities. I did some research and am becoming suspicious of Sender ID being the culprit due to our recent IP address change and the likelihood that Sender ID is identifying us as a fake domain. Am I going in entirely the wrong direction? Any input or guidance would be infinitely appreciated. This is the message that is returned when an outbound message fails...this particular one was sent to my @live.com account for testing purposes... Your message did not reach some or all of the intended recipients. The following recipient(s) could not be reached: [email protected] on 5/17/2012 3:02 PM There was a SMTP communication problem with the recipient's email server. Please contact your system administrator. Unfortunately, messages from xx.x.xx.x weren't sent. Please contact your Internet service provider since part of their network is on our block list. I tried a reverse DNS lookup and found that we are set up as a Forward-confirmed reverse DNS. So do I just need to contact my ISP and have them correct their DNS records or is this something I can solve on our end??

  Read the article

• Apache: Setting up local test server with subdomains

  - by RC

  Hi everyone, I have XAMPP running on my desktop machine, and I do all my work on it with no issue. http://localhost ---> points to public_html http://site1.localhost ---> points to site 1 http://site2.localhost ---> points to site 2 http://site3.localhost ---> points to site 3 Entering the above URLs in my web browser on the machine with Apache works great, and I can work on multiple sites within distinct subdomains. But what I want to do now is to transfer Apache and all the files to another Windows 7 machine within the LAN, but still be able to view the subdomains from my main development machine. With a vanilla XAMPP installation on the new hosting machine, entering the IP address of that machine (e.g. 192.168.1.10) into my development computer would send me to the main public_html folder. But how do I set up subdomains such that I can access it externally? For example, http://site1.devmachine Thanks for any help.

  Read the article

• IIS 6.0 https not working "connection was reset"

  - by cad

  Application Server Windows Server 2003 SP2 with IIS 6.0 IIS has a "Default Web Site" (port 18000, ssl 443, ID=1) with a certificate created by me. I have an specific site called "scj.galaxy.Weekly" (port 80, ssl 443, ID=1272369728) that is working fine. I have an entry in windows/system32/drivers/etc/hosts that links galaxy.Weekly.scjdev.ds to the server ip in both my local machine and in the application Server. These sites works: http://scj.galaxy.weekly/test.html works http://scj.galaxy.weekly/test.aspx works But https://scj.galaxy.weekly/test.html fails Error message is: The connection was reset The connection to the server was reset while the page was loading. The certificate was working fine for months. It was created with something similar to this: Selfssl /N:CN=*.scjdev.ds /V:3650 /S:1 /P:443 I have tried several options and none of them are working: 1) Create a certificate only in "Default Web Site" and link it to SecureBindings with command prompt cscript adsutil.vbs set /w3svc/1272369728/SecureBindings ":443:galaxy.Weekly.scjdev.ds" 2) Create a certificate only in "Galaxy Site" and link it to SecureBindings 3) Create a certificate in both and link them to secureBindings. Probably I am missing an step or something, but I can't see it. Here is the relevant config of Galaxy Site: <IIsWebServer Location ="/LM/W3SVC/1272369729" AuthFlags="0" LogPluginClsid="{FF160663-DE82-11CF-BC0A-00AA006111E0}" SSLCertHash="c36a514a0be90fbc121d9c19bb052842289d5aee" SSLStoreName="MY" SecureBindings=":443:galaxy.Weekly.scjdev.ds" ServerAutoStart="TRUE" ServerBindings=":80:galaxy.Weekly.scjdev.ds" ServerComment="galaxy.Weekly.scjdev.ds" > </IIsWebServer> <IIsWebVirtualDir Location ="/LM/W3SVC/1272369729/root" AccessFlags="AccessRead | AccessScript" AppFriendlyName="Default Application" AppIsolated="2" AppRoot="/LM/W3SVC/1272369729/Root" AuthFlags="AuthAnonymous | AuthNTLM" DefaultDoc="Default.aspx" DirBrowseFlags="EnableDirBrowsing | DirBrowseShowDate | DirBrowseShowTime | DirBrowseShowSize | DirBrowseShowExtension | DirBrowseShowLongDate" Path="D:\Webs\Galaxysite" ScriptMaps="some config... " > </IIsWebVirtualDir>

  Read the article

• ASA 5505 VPN setup. VPN works but still unable to reach devices in the inside network.

  - by chickenloop

  I've setup a Remote Access VPN on my Cisco ASA 5505. I'm able to connect to my ASA via my phone or the Cisco client, but I'm unable to reach devices in my inside LAN when connected via VPN. The setup is the following: Inside Network : 10.0.0.0/24 VPN_POOL: 172.16.0.0/24 Outside Network: 192.168.1.0/24 ASA is not the perimeter router, there is another device on the 192.168.1.0/24 network which is connected to my cable provider. Obviously UDP port 500 and 4500 are forwarded to the ASA's outside interface. Everything works perfectly, besides the VPN stuff. Config: interface Vlan1 nameif inside security-level 100 ip address 10.0.0.254 255.255.255.0 interface Vlan2 description Outside Interface nameif outside security-level 0 address 192.168.1.254 255.255.255.0 object network VPNPOOL subnet 172.16.0.0 255.255.255.0 object network INSIDE_LAN subnet 10.0.0.0 255.255.255.0 Then the exempt NAT rule. nat (inside,outside) source static INSIDE_LAN INSIDE_LAN destination static VPNPOOL VPNPOOL I don't think that the problem is with the VPN config, as I can successfully establish the VPN connection, but just in case I post it here: group-policy ZSOCA_ASA internal group-policy ZSOCA_ASA attributes vpn-tunnel-protocol ikev1 split-tunnel-policy tunnelspecified split-tunnel-network-list value Split-Tunnel default-domain value default.domain.invalid tunnel-group ZSOCA_ASA type remote-access tunnel-group ZSOCA_ASA general-attributes address-pool VPNPOOL default-group-policy ZSOCA_ASA tunnel-group ZSOCA_ASA ipsec-attributes ikev1 pre-shared-key ***** Any ideas are welcome. Regards.

  Read the article

• Why can't I connect to my home SSH (SFTP) server? What am I doing wrong?

  - by Rolo

  I am new to this topic of creating a SFTP server on one's computer. I would like to be able to access the folder on my Windows XP computer via SFTP from another computer or a phone. The following is what I have done so far: I have installed SSH Windows and everything is setup correctly because I can access it (the folder on my pc) via WinSCP. I however cannot access it from my phone. It doesn't connect. The phone can be on the same wireless network as the Windows XP computer, but I would prefer to be able to access this when not in the same network. Now, from what I have read and understood, the following is the information needed to connect: 1) Host Name: This would be my computer's ip address which I access by typing ipconfig in a cmd prompt (I access this easily on my computer because I simply put in localhost or 127.0.0.1) 2) Port Number: That would be port 22 (I have also added this to my router in the port forwarding section). 3) Username: This would be my Windows XP username. This however is my full name, including my middle initial followed by a period. I am wondering if this is maybe causing problems in accessing it from my phone, since the name has spaces and punctuation (the period). 4) Password: The password of my Windows XP computer Extra Info: When I say phone, I mean an Android phone and I am using an ftp / sftp app to access my pc via the phone's cellular network (I also tried the wireless, but that didn't work as well). I have tried more than one program. On one program it tells me Connection timed out and on another it tells me "timeout:socket is not established" Also, I know that I can use the site noip, but I prefer to connect this way first. Also, because I am new to this, I would like to look into what exactly noip is doing and if they would be seeing my files as they are transferred from phone to pc. Thanking you in advance for your help.

  Read the article

• cisco asa + action drop issue

  - by ghp

  Have created a tunnel between 10.x.y.z network and 122.a.b.c ..the tunnel is up and active, but when I try the packet tracer output ..I get the ACTION as drop. I have also enabled same-security-traffic permit intra-interface. Can someone help me what does this drop mean? Result: input-interface: inside input-status: up input-line-status: up output-interface: outside output-status: up output-line-status: up Action: drop Drop-reason: (acl-drop) Flow is denied by configured rule Packet Tracer output @Shane Madden: please find below the packet tracer output. CASA5K-A# CASA5K-A# config t CASA5K-A(config)# packet-tracer input inside tcp 10.x.y.112 0 122.a.b.c 0 Phase: 1 Type: ROUTE-LOOKUP Subtype: input Result: ALLOW Config: Additional Information: in 0.0.0.0 0.0.0.0 outside Phase: 2 Type: ACCESS-LIST Subtype: Result: DROP Config: Implicit Rule Additional Information: Result: input-interface: inside input-status: up input-line-status: up output-interface: outside output-status: up output-line-status: up Action: drop Drop-reason: (acl-drop) Flow is denied by configured rule CASA5K-A(config)# ======================================================================== The access-group are as follows : access-group acl-inbound in interface outside access-group acl-outbound in interface inside and the access-list's are access-list acl-inbound extended permit tcp any any gt 1023 access-list acl-outbound extended permit ip object-group net-Source object net-dest

  Read the article

• No access to Windows 2003 admin shares

  - by ARomo

  This is the environment: Several Win 2003 SP 2 servers and several Win XP SP2 & SP3 clients. All in the same LAN. Firewall is disabled everywhere. No recent Windows updates or configuration changes. This is the problem: Since last Thursday, I log on to any other server or workstation as any regular (non-admin) user and I fail to be able to open ADMIN SHARES ONLY (namely \\server1\c$, \\server1\e$ and \\server1\admin$). The error message is: "\server1\c$ is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions. Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again." I can, however, open the same shares if I use FQDN or IP address: \\server1.domain.local\c$ \\172.0.0.1\c$ Other shares do not have this issue and I can open them without any issue. Any ideas or suggestion would be truly appreciated. Thank you in advance.

  Read the article

• iptables rules to allow HTTP traffic to one domain only

  - by Zenet

  I need to configure my machine as to allow HTTP traffic to/from serverfault.com only. All other websites, services ports are not accessible. I came up with these iptables rules: #drop everything iptables -P INPUT DROP iptables -P OUTPUT DROP #Now, allow connection to website serverfault.com on port 80 iptables -A OUTPUT -p tcp -d serverfault.com --dport 80 -j ACCEPT iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT #allow loopback iptables -I INPUT 1 -i lo -j ACCEPT It doesn't work quite well: After I drop everything, and move on to rule 3: iptables -A OUTPUT -p tcp -d serverfault.com --dport 80 -j ACCEPT I get this error: iptables v1.4.4: host/network `serverfault.com' not found Try `iptables -h' or 'iptables --help' for more information. Do you think it is related to DNS? Should I allow it as well? Or should I just put IP addresses in the rules? Do you think what I'm trying to do could be achieved with simpler rules? How? I would appreciate any help or hints on this. Thanks a lot!

  Read the article

• Duplicate forwarded messages in Blackberry when using BIS

  - by Avery Payne

  Our Setup External email arrives at a Postfix server, is scanned, and then forwarded via settings in transport (using the RELAY:[{ip-address}] for a given address) to an Exchange 2007 server. Some users are on Exchange, but a few are still on the Postfix server (they will be moved in the near future). IMAPS is provided for external connections via Dovecot; in-house, IMAP is provided for the Gateway and native MAPI is used for Exchange/Outlook. Blackberries are connected via BIS, which uses Dovecot as a reverse-proxy IMAPS service to connect to Exchange (when the mailbox exists on Exchange, otherwise it connects to the mailbox on the gateway). The Issue We have a user that, when they forward an email on their Outlook client, they get a duplicate of the original message on their Blackberry. When I say duplicate, I mean that they have a copy of the forwarded version of the message (i.e. their version of the message that they obtained hitting the forward button), and a copy of the original message that shows up at the same time. The expected behavior is to just see the forwarded message, not the forwarded message and a 2nd copy of the original message. We've only seen this with Outlook users that also have a Blackberry. Other IMAP clients, such as OS X Mail or Thunderbird, do not exhibit this behavior when connecting to the Exchange server; forwarded messages work as expected. The Questions what is causing this to happen? why does it only affect Outlook/Blackberry setups, and not TBird/Blackberry or OSX-Mail/Blackberry? how do we get it to stop, before people go insane and never forward messages again?

  Read the article

< Previous Page | 444 445 446 447 448 449 450 451 452 453 454 455  | Next Page >