Search Results

Search found 20447 results on 818 pages for 'f5 big ip'.

Page 156/818 | < Previous Page | 152 153 154 155 156 157 158 159 160 161 162 163 | Next Page >

Why the VPN Network Shake-Up?

- by Brent Arias

I can RDP to another machine on my home network, only if I'm not also hooked up to my employer's VPN with the Cisco VPN client. Indeed, I can't even ping the other machine by name in this mode, because ICMP suddenly thinks that ( ping myMachine ) now means ( ping myMachine.myEmployer.com ). Of course there is no machine by that latter name, and so it fails. Even weirder, once I disconnect from the VPN I can again ping myMachine successfully, but ICMP reports the machine by its MAC address instead of its IP address. I don't think I've ever seen ping identify another machine by its MAC address. So two questions: How can I access via RDP/ping the other machine BY NAME on my local network while also connected to the VPN? Why is ping identifying a MAC address for the machine on my home network, instead of an IP address? And how can I change this so that an IP address is reported instead? For question #1, I can indeed access the other machine on my home network by IP address. I suspect if I put the name-IP pair into my HOSTS file, then I would be able to access it even when connected to the VPN. But I wonder if there is another (more elegant) solution?

Read the article
What settings need to be changed to allow EC2 instances to use Amazon's Route 53 for DNS?

- by ks78

I have a number of Amazon EC2 instances, all running Ubuntu, which I'd like to configure to use Amazon's Route 53. I setup a script, following Shlomo Swidler's article, but ran into script-related issues, which were answered here. Now, I have the script working, but my instances are still not able to access Route 53's DNS. By this I mean, they are not able to resolve hostnames to IP addresses. My instances are currently configured with the DNS server IP address Amazon pushes out to them by default, does that need to be changed when using Route 53? I'm also IP-restricting my instances using the Security Groups. Could that be the problem? Is there a certain IP address or port I should open to allow communication with Route 53? It seems that DNS requests should be originating from my instances so the Security Groups shouldn't be an issue, but I've been wrong before. If anyone has any ideas, I'd really appreciate it.

Read the article
Email hosting on home's Windows server 2003

- by klay

Hi guys, I am new to Server management, I have a static Ip address and I bought recently a domain name, I configure the domain name to target my Ip address. I am running windows server 2003 standard. what are the steps to host my email adresses? Do I need to buy anything else, or what I have is enough (static ip address, domain name, win server 2003, exchange server 2003) ?? thanks Guys

Read the article
Selecting Interface for SSH Port Forwarding

- by Eric Pruitt

I have a server that we'll call hub-server.tld with three IP addresses 100.200.130.121, 100.200.130.122, and 100.200.130.123. I have three different machines that are behind a firewall, but I want to use SSH to port forward one machine to each IP address. For example: machine-one should listen for SSH on port 22 on 100.200.130.121, while machine-two should do the same on 100.200.130.122, and so on for different services on ports that may be the same across all of the machines. The SSH man page has -R [bind_address:]port:host:hostport listed I have gateway ports enabled, but when using -R with a specific IP address, server still listens on the port across all interfaces: machine-one: # ssh -NR 100.200.130.121:22:localhost:22 [email protected] hub-server.tld (Listens for SSH on port 2222): # netstat -tan | grep LISTEN tcp 0 0 100.200.130.121:2222 0.0.0.0:* LISTEN tcp 0 0 :::22 :::* LISTEN tcp 0 0 :::80 :::* LISTEN Is there a way to make SSH forward only connections on a specific IP address to machine-one so I can listen to port 22 on the other IP addresses at the same time, or will I have to do something with iptables? Here are all the lines in my ssh config that are not comments / defaults: Port 2222 Protocol 2 SyslogFacility AUTHPRIV PasswordAuthentication yes ChallengeResponseAuthentication no GSSAPIAuthentication no GSSAPICleanupCredentials no UsePAM yes AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL AllowTcpForwarding yes GatewayPorts yes X11Forwarding yes ClientAliveInterval 30 ClientAliveCountMax 1000000 UseDNS no Subsystem sftp /usr/libexec/openssh/sftp-server

Read the article
Utilize two gateways on the same network same interface with load balancing

- by RushPL

My setup is two ISPs on a single interface and single network. I can either set my default gateway to 192.168.0.1 or 192.168.1.250 and either work. My desire is to utilize both of them with some load balancing. I have tried to follow the advice given in here http://serverfault.com/a/96586 #!/bin/sh ip route show table main | grep -Ev '^default' \ | while read ROUTE ; do ip route add table ISP1 $ROUTE done ip route add default via 192.168.1.250 table ISP1 ip route add default via 192.168.0.1 table ISP2 iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark iptables -t mangle -A PREROUTING -m mark ! --mark 0 -j ACCEPT iptables -t mangle -A PREROUTING -j MARK --set-mark 10 iptables -t mangle -A PREROUTING -m statistic --mode random --probability 0.5 -j MARK --set-mark 20 iptables -t mangle -A PREROUTING -j CONNMARK --save-mark Now then I do "traceroute somehost" repeatedly I can only get route through my default route which is 192.168.1.250. Shouldn't the packets change routes in a random manner? How to debug it?

Read the article
Which ports to open on domain vs internet

- by zsharp

I have a web server/database/domainController. I notice that ports 137 and 138 on the public IP AND private IP are open on all machines there are also other open ports on 0.0.0.0.(ie. 135, 2002) Can and should I close 137-139 on the public IP only? will that interfere with any services.

Read the article
Multiple VLANs in the same subnet

- by A.J.

Is it possible to have multiple VLANs in the same subnet, with the same gateway address (TMG)? I want to avoid having many Subnets (and vNIC's in TMG) just to isolate sets of a few hosts. IP: 10.0.0.1 (TMG server) VLAN:1 ~ 3 IP: 10.0.0.11 ~ 20 (Hosts group 1) VLAN:1 IP: 10.0.0.21 ~ 30 (Hosts group 2) VLAN:2 IP: 10.0.0.31 ~ 40 (Hosts group 3) VLAN:3 Note that I don't want them to connect to each other, so ARP/inter-vlan routing (within the subnet) is not required. The gateway is running in a VM within ESXi 5, I can pass the VLans to the VM using VGT or VLan Range, but I don't know how the OS/TMG should handle them.

Read the article
Can't bring NAT to work

- by user31738

Hello, I bought a D-link DIR-300 wireless router and i can't bring NAT to work, i have an ssh and http service i need to forward to the internet. My connection is as follows: I have an ADSL connection, i'm using a ADSL ethernet modem connected and working, it doesnt let me put it on bridge mode. I have my router connected to my adsl modem through ethernet, it gets its ip through DHCP (and i'ts always the same) I have a desktop computer running linux with apache and openssh configured and working, it has fixed ip. I configured the NAT in the modem forwarding port 22 from the router ip to the internet. In the router i setup NAT forwarding port 22 from the desktop computer fixed ip to out there. This setup already worked with a fonera i had before, can anyone help me with this or tell me what kind of tests do i need to do? How can i test if the router is forwarding ports correctly before the modem?

Read the article
Windows 7 Default Gateway problem

- by Matt

I have a strange problem (or at least seems strange to me) the below are IP configurations for two laptops on my home network which consists of a main router 192.168.11.1 and a connected wireless router (i know this can cause problems but has always worked until I got the win7 machine) at 192.168.11.2 with DHCP disabled. Laptop 1 - Win XP IP: Dynamically assigned by main router default gateway: 192.168.11.1 (main router) This machine gets perfect connectivity. Laptop 2 - Win7 IP: dynamically assigned by main router Default Gateway: 192.168.11.2 THIS IS THE PROBLEM... I cannot seem to get this machine to default to the main router for the gateway UNLESS I go to a static configuration which I would rather not do since I regularly go between my home and public networks. Why is my Win7 machine not finding the main gateway the same way that the other laptop is? I believe that the rest of my setup is fine as it has always worked and it works perfectly when set as static ip and gateway. Please help! Thanks

Read the article
SSH: Configure ssh_config to use specific key file for a specific server fingerprint

- by Penthi

I have a key based login for a server. The IP and DNS of the server can change, because it is hosted on Amazon. Is there a way to configure the ssh client config to use the specific key file for this server only, when the fingerprint of the server matches? In other words: Normaly servers are matched by IP or DNS in the ssh client config. I want to do this by fingerprint, becaus IP and DNS can change.

Read the article
Mac OS X: pushing all traffic through a VMWare VM

- by bj99

I want to set up an Astaro (Sophos) UTM in a Virtual Machine. The Setup should be at the end the following: Cable Modem (one IP adress) | [Ethernet] Sophos UTM (running as VM [VMWare Fusion 5] on the MacMini) | [WIFI] Airport Express v2 (for sharing Local Network to wireless and wired clients) 1)| [WIFI] 2)| [Ethernet over Thunderbolt Ethernet Adapter]* Clients MacMini (Local File Server) *To have the Mini also protected behind the UTM So the setup process for the UTM works fine, but then the problems start: I just have one external IP (from my cable modem provider)== So if I put the VM in briged mode my Internet connection drops, because the MacMini also has its IP adress. If I put the VM to NAT mode the Mini itself is not protected by the UTM So: is there a way to hide the en0 interface(Ethernet) and the en1 interface (Wifi) from the MacMini, so that they not even appear in System Preferences Network section but are available to the VM? That way the Mini must connect to the en2 interface (Thunderbolt adapter) to make any Internet/LAN connection and I just use the given single IP from the Cable Modem. Thaks for any suggestions... Sebastian

Read the article
Someone used or hacked my computer to commit a crime? what defense do I have?

- by srguws

Hello, I need IMMEDIATE Help on a computer crime that I was arrested for. It may involve my computer, my ip, and my ex-girlfriend being the true criminal. The police do not tell you much they are very vague. I was charged though! So my questions are: -If someone did use my computer at my house and business and post a rude craigslist ad about a friend of my girlfriend at the time from a fake email address, how can I be the ONLY one as a suspect. Also how can I be charged. I noticed the last few days there are many ways to use other peoples computers, connections, etc. Here are a few things I found: You can steal or illegally use an ip addresss or mac address. Dynamic Ip is less secure and more vulnerable than static. People can sidejack and spoof your Mac, Ip, etc. There is another thing called arp spoofing. I am sure this is more things, but how can I prove that this happened to me or didnt happen to me. -The police contacted Craigslist, the victim, aol, and the two isp companies. They say they traced the IP's to my business and my home. My ex was who I lived with and had a business with has access to the computers and the keys to bothe buildings. My brother also lives and works with me. My business has many teenagers who use the computer and wifi. My brother is a college kid and also has friends over the house and they use the computer freely. So how can they say it was me because of an angry ex girlfriend.

Read the article
how're routing tables populated?

- by Robbie Mckennie

i've been reading "tcp/ip illustrated" and i started reading about ip forwarding. all about how you can receive a datagram and work out where to send it next based on the desination ip and your routing table. but what confused me is how (in a home network setting) the table itself is populated. is there a lower layer protocol at work here? does it come along with dhcp? or is it simply based on the ip address and netmask of each interface? i do know (from other books) that in the early days of ethernet one had to set up routing tables by hand, but i know i didn't do that.

Read the article
How should I configure postfix to avoid sent emails bouncing because of "Invalid HELO name"

- by Vlad Socaciu

Some mail sent from sites on my server bounce back with the following mail.log message Nov 26 17:27:53 blogu postfix/smtp[16858]: C4DD22908EC0: to=, relay=rejecting-domain.ro[rejecting-ip]:25, delay=2.5, delays=0.1/0/2.3/0.04, dsn=5.0.0, status=bounced (host rejecting-domain.ro[rejecting-ip] said: 550 Access denied - Invalid HELO name (See RFC2821 4.1.1.1) (in reply to MAIL FROM command)) On the receiving end, my emails are logged like this: 2011-11-22 15:09:35 H=static.39.80.4.46.clients.your-server.de (Ubuntu-1004-lucid-64-minimal) [my-server-ip] rejected MAIL : Access denied - Invalid HELO name (See RFC2821 4.1.1.1)

Read the article
Rebuild an existing Rackspace server from scratch?

- by Mojo

In the process of working out kinks in a server build, is it possible to re-bootstrap a server from scratch, image and all? (Same flavor, say.) By that I mean without recreating the server, keeping its IP address if nothing else. I can't find a way to do this. It would have some advantages, I should think: It wouldn't decrement the 'server create' quota. The existing server would keep its IP address. One machine of a cluster could be rebuilt to a new image without having to change the IP address. (Maybe load balancers make IP addresses a moot point, but it still seems like a worthwhile task.)

Read the article
ipconfig /release not working, why?

- by barlop

ipconfig /release is not working, why is that? here is a sequence where I put my cable in get an IP, try ipconfig /release and it tells me it can't release wireless, but there is no wireless connection. i'm just trying to release the wired one. C:\>ipconfig Windows IP Configuration Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Fine so I plug my cable in C:\>ipconfig Windows IP Configuration Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 0.0.0.0 Subnet Mask . . . . . . . . . . . : 0.0.0.0 Default Gateway . . . . . . . . . : C:\>ipconfig Windows IP Configuration Ethernet adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : IP Address. . . . . . . . . . . . : 192.168.1.8 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.1.254 Fine so from above, it clearly has an iP C:\>ipconfig /release Windows IP Configuration No operation can be performed on Wireless Network Connection while it has its me dia disconnected. C:\>

Read the article
Adding subnet to a vsphere with single vcenter and esxi host

- by Ilya Rakhlin

Let me start of by saying that I do not specialize in networking, I am in the process of adding additional VMs to a testing environment and wanted some recommendations. In this case I am running a single ESXI 5.1 host and a single Vcenter management server. The problem is, I need another range of IP addresses added to the existing setup; hopefully without reconfiguring everything. Currently the esxi host is configured to IP: 192.168.100.200, gateway: 192.168.100.1 and subnet: 255.255.255.0. All of the VMs are running some version of linux with hard coded IP addresses in that range, and using that subnet. The VMs I am about to deploy I want to be on the 192.168.101.X network. Is it possible to add an additional subnet to this existing system that will also communicate with the current subnet? The esxi host has 6 physical NICs but only one connected as it is only a testing system; not sure if that matters. Are there any other ways to accomplish this hopefully without restarting or at least reconfiguring the IP addresses for each VM? Reason: Due to the configuration of the VMs to run the applications that we need I am using a large amount of the current IPs in the potential range (mostly VIPs). I will be setting up a new version of this “environment” while keeping the old one, thus potentially running out of IP addresses.

Read the article
How do I run both Tomcat and PHP on Linux on port 80?

- by Michael Gaylord

I would like to host both Tomcat and PHP on port 80 on Linux and I have 2 IP addresses available. I am only using PHP so that I can host some mailing list software, I can map it to newsletter.mydomain.com. So my question is, is it possible to run Tomcat on port 80 on 1 IP address and Apache on port 80 on another IP address?

Read the article
route http and ssh traffic normally, everything else via vpn tunnel

- by Normadize

I've read quite a bit and am close, I feel, and I'm pulling my hair out ... please help! I have an OpenVPN cliend whose server sets local routes and also changes the default gw (I know I can prevent that with --route-nopull). I'd like to have all outgoing http and ssh traffic via the local gw, and everything else via the vpn. Local IP is 192.168.1.6/24, gw 192.168.1.1. OpenVPN local IP is 10.102.1.6/32, gw 192.168.1.5 OpenVPN server is at {OPENVPN_SERVER_IP} Here's the route table after openvpn connection: # ip route show table main 0.0.0.0/1 via 10.102.1.5 dev tun0 default via 192.168.1.1 dev eth0 proto static 10.102.1.1 via 10.102.1.5 dev tun0 10.102.1.5 dev tun0 proto kernel scope link src 10.102.1.6 {OPENVPN_SERVER_IP} via 192.168.1.1 dev eth0 128.0.0.0/1 via 10.102.1.5 dev tun0 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.6 metric 1 This makes all packets go via to the VPN tunnel except those destined for 192.168.1.0/24. Doing wget -qO- http://echoip.org shows the vpn server's address, as expected, the packets have 10.102.1.6 as source address (the vpn local ip), and are routed via tun0 ... as reported by tcpdump -i tun0 (tcpdump -i eth0 sees none of this traffic). What I tried was: create a 2nd routing table holding the 192.168.1.6/24 routing info (copied from the main table above) add an iptables -t mangle -I PREROUTING rule to mark packets destined for port 80 add an ip rule to match on the mangled packet and point it to the 2nd routing table add an ip rule for to 192.168.1.6 and from 192.168.1.6 to point to the 2nd routing table (though this is superfluous) changed the ipv4 filter validation to none in net.ipv4.conf.tun0.rp_filter=0 and net.ipv4.conf.eth0.rp_filter=0 I also tried an iptables mangle output rule, iptables nat prerouting rule. It still fails and I'm not sure what I'm missing: iptables mangle prerouting: packet still goes via vpn iptables mangle output: packet times out Is it not the case that to achieve what I want, then when doing wget http://echoip.org I should change the packet's source address to 192.168.1.6 before routing it off? But if I do that, the response from the http server would be routed back to 192.168.1.6 and wget would not see it as it is still bound to tun0 (the vpn interface)? Can a kind soul please help? What commands would you execute after the openvpn connects to achieve what I want? Looking forward to hair regrowth ...

Read the article
How to I alias a hostname?

- by Jonas Byström

Is it possible to keep a network alias - without specifying the IP address in the hosts file? For instance, I have abcd.efgh.com but want abcd -> abcd.efgh.com so that ping and ssh work as they normally would. I want it to work with dynamic IP on abcd.efgh.com, that's why I don't want to state the IP address explicitly.

Read the article
Issue Connecting two home networks

- by Alex

Hi, I have a home networking question. I have two DLINK wireless/wired routers in my house, connected to the Internet ISP. There are a 2 computers on each of the two networks. Network1: has 192.168.0.0 (gateway) Valid IP'S range - 192.168.0.1 - 192.168.0.10, with COMP1 having a fixed IP of 162.168.0.1 Network2: has 192.168.0.100 (gateway) Valid IP'S range - 192.168.0.101 - 192.168.0.110 with COMP2 having a static IP of 162.168.0.101, a WIRELESS printer on 192.168.0.102 Both routers have a netmask of 255.255.255.0 My need is to connect the two routers, so that I can Remote desktop for COMP1 to COMP2 and viceversa, and COMP1 to connect to the wireless printer on Network2. can anyone help to set this up so that the both networks can talk to each other. Any help is appreciated. -Alex

Read the article
tc u32 --- how to match L2 protocols in recent kernels?

- by brownian

I have a nice shaper, with hashed filtering, built at a linux bridge. In short, br0 connects external and internal physical interfaces, VLAN tagged packets are bridged "transparently" (I mean, no VLAN interfaces are there). Now, different kernels do it differently. I can be wrong with exact kernel verions ranges, please forgive me. Thanks. 2.6.26 So, in debian, 2.6.26 and up (up to 2.6.32, I believe) --- this works: tc filter add dev internal protocol 802.1q parent 1:0 prio 100 \ u32 ht 1:64 match ip dst 192.168.1.100 flowid 1:200 Here, "kernel" matches two bytes in "protocol" field with 0x8100, but counts the beginning of ip packet as a "zero position" (sorry for my English, if I'm a bit unclear). 2.6.32 Again, in debian (I've not built vanilla kernel), 2.6.32-5 --- this works: tc filter add dev internal protocol 802.1q parent 1:0 prio 100 \ u32 ht 1:64 match ip dst 192.168.1.100 at 20 flowid 1:200 Here, "kernel" matches the same for protocol, but counts offset from the beginning of this protocol's header --- I have to add 4 bytes to offset (20, not 16 for dst address). It's ok, seems more logical, as for me. 3.2.11, the latest stable now This works --- as if there is no 802.1q tag at all: tc filter add dev internal protocol ip parent 1:0 prio 100 \ u32 ht 1:64 match ip dst 192.168.1.100 flowid 1:200 The problem is that I couldn't find a way to match 802.1q tag so far. Matching 802.1q tag at past I could do this before as follows: tc filter add dev internal protocol 802.1q parent 1:0 prio 100 \ u32 match u16 0x0ed8 0x0fff at -4 flowid 1:300 Now I'm unable to match 802.1q tag with at 0, at -2, at -4, at -6 or like that. The main issue that I have zero hits count --- this filter is not being checked at all, "wrong protocol", in other words. Please, anyone, help me :-) Thanks!

Read the article
What is automatic service location on the network?

- by Roman

I know that zeroconf does automatic service location on the local network. But what does it mean? For example there is a printer (printing is the service that it does). This printer choose randomly an IP for itself. It asks other devices if this IP is already occupied. If not, the printer occupies this IP. Then printer says to "everybody" that "printing" service is associated with this IP. Is it "automatic service location"? Or I got something wrong?

Read the article
Cisco ASA - NAT'ing VPN traffic

- by DrStalker

I have an IPsec VPN setup like this: [Remote users]-[Remote ASA] <-VPN-> [My ASA]-[Subnet A]-[Router 2]-[Subnet B] The VPN is set to handle traffic between [remote users] and [Subnet A]; it does not include [Subnet B]. Pretend the firewall rules for all routers are to permit everything. Now I want to redirect traffic that comes over the VPN to a specific IP on [subnet A] (192.168.1.102) to an IP on [Subnet B] (10.1.1.133) If I add a rule on [My ASA] to NAT traffic to original IP 192.168.1.102 to new IP 10.1.1.133, 1) Will this affect the connections coming in over the VPN? (ie: the VPN packets are unencrypted and then NAT is applied) 2) Will this work when the post-NAT target is on Subnet-B, which is not part of the VPN traffic selection?

Read the article
Connect to remote MySQL using proxy

- by hypeflow

I'm trying to connect to a remote MySQL server (with TCP access limited to a specific IP) using port forwarding via SSH, but still haven't figured out how to do it. Here's what I intend to do: Local[A] ---> Proxy[B] ---> Remote MySQL[C] [A] Local machine with Windows [B] CentOS machine with IP 123.123.123.1 (with it's own MySQL running, btw) [C] Remote MySQL server with IP 123.123.123.1 authorized on port 3306 How to achieve this? Thanks in advance.

Read the article

< Previous Page | 152 153 154 155 156 157 158 159 160 161 162 163 | Next Page >