Search Results

Search found 5390 results on 216 pages for 'ssl vpn'.

Page 169/216 | < Previous Page | 165 166 167 168 169 170 171 172 173 174 175 176  | Next Page >

• dd-wrt Bonjour/ netbios etc on two subnets

  - by user72182

  Hi I was wondering if any clever people out there could help me. I have a network setup with two different subnets 192.168.1.0 and 192.168.0.0 one router is connected to a VPN (via OpenVPN) the other is not. Both routers have static routes to each other and a device on one can communicate to another without issues when using IP addresses. My problem is I want to use services like Bonjour, Netbios and Apple Talk across the two networks, which currently does not work. A laptop connected on one subnet will not see a laptop connected on another. Is there anyway that you can connect the two networks together so these sort of local service will work??? I guess I have to forward the boardcast packets but I have no idea how to do this. Thanks for any help...

  Read the article

• signing the web server certificate with the CA key

  - by user1064786

  I have problem in running the command below using openssl-0.9.8e and apache in Ubuntu 11.10. do you have any idea to resolve it? first i was receiving this error: No such file or directory:bss_file.c:169:fopen('openssl.cnf','rb') then i copied my modified openssl.cnf file in the /etc/ssl/ directory. now i receive an error regarding -in option: openssl ca -days 3650 –in server/requests/ciise.concordia.ca.csr –cert ./CA/ConcordiaCA.crt –keyfile ./CA/ConcordiaCA.key –out ./server/certificates/ciise.concordia.ca.crt -config openssl.cnf unknown option –in I also copied ciise.concordia.ca.csr in the upper directory, but the problem still persists I would appreciate any help:)

  Read the article

• SBS 2011 on different subnet than domain computers

  - by Ravi

  The setup is as follows: SBS 2011 in datacentre on subnet A Domain PCs at another location on subnet B There is a site-to-site VPN. The domain PCs have joined the domain and have the SBS as their primary DNS server. The domain PCs can ping the DC but the problem is that the DC cannot ping any of the remote subnet (subnet B) SBS --Switch -- Router A ------------------- Router B -- Switch -- Domain PCs What is strange is that router A can ping any host on the subnet B. Another host on Subnet A can also ping any host on subnet B. It's only the DC which cannot ping anything to that specific remote subnet B. I did a tracert from the SBS to router B. The packet reaches Router A from the SBS but then it fails. Am I missing some specific settings that needs to be done when SBS is on a different subnet than its member pcs ?

  Read the article

• OpenSSL missing during ./configure. How to fix?

  - by P K

  I was trying to install node.js and found OpenSSL support missing during ./configure. How can I fix it? Is it a mandatory step? # ./configure Checking for gcc : ok Checking for library dl : not found Checking for openssl : not found Checking for function SSL_library_init : not found Checking for header openssl/crypto.h : not found /home/ec2-user/node-v0.6.6/wscript:374: error: Could not autodetect OpenSSL support. Make sure OpenSSL development packages are installed. Use configure --without-ssl to disable this message.

  Read the article

• clam anti-virus is slowing down my server performance

  - by Scarface

  Hey guys, I just installed clam av http://sourceforge.net/projects/php-clamav/ for scanning file uploads on my linux VPN running php. The problem is that for some reason just initiating the extension in the php ini file slows down my entire network. Regular requests such as changing pages that should take less than 1 second take 5. Has anyone ever experienced this before or have a good virus scanning alternative for scanning file uploads? extension=clamav.so [clamav] clamav.dbpath="/usr/share/clamav" clamav.keeptmp=20 clamav.maxreclevel=16 clamav.maxfiles=10000 clamav.maxfilesize=26214400 clamav.maxscansize=104857600 clamav.keeptmp=0

  Read the article

• Routing to various node.js servers on same machine

  - by Dtang

  I'd like to set up multiple node.js servers on the same machine (but listening on different ports) for different projects (so I can pull any down to edit code without affecting the others). However I want to be able to access these web apps from a browser without typing in the port number, and instead map different urls to different ports: e.g. 45.23.12.01/app - 45.23.12.01:8001. I've considered using node-http-proxy for this, but it doesn't yet support SSL. My hunch is that nginx might be the most suitable. I've never set up nginx before - what configuration do I need to do? The examples of config files I've seen only deal with subdomains, which I don't have. Alternatively, is there a better (stable, hassle-free) way of hosting multiple apps under the same IP address?

  Read the article

• Shibboleth + IIS and Pound Reverse Proxy

  - by boburob

  Having a bit of a problem getting Shibboleth (SSO) working with ADFS and Pound. The main problem seems to be that: The website address will be https://website.domain.com Pound will then terminate the SSL and forward the traffic to the webserver on a different port (http://server.domain.com:8888) I have set up Shibboleth to protect the address http://server.domain.com:8888, which allows me to retrieve metadata and it all seems to be working fine. However the problem seems to be that ADFS is configured to protect the https website, so when Shibboleth attempts to recieve information from ADFS I get nothing except the following error: A token request was received for a relying party identified by the key 'https://msstagrevproxy.cwpintranet.com/shibboleth', but the request could not be fulfilled because the key does not identify any known relying party trust. Key: https://msstagrevproxy.cwpintranet.com/shibboleth I am not really sure how I can work around this as to retrieve the metadata from Shibboleth I have to use the https address but this does not actually exist in Shibboleth or IIS. Has anyone had any experience with this before or using any other SSO with a reverse proxy that works?

  Read the article

• How can I use dynamic routing with openvpn tunnels?

  - by pQd

  i'm thinking about using dynamic routing [ OSPF or RIP ] via OpenVPN tunnels. right now i have few offices connected in full mesh, but this is not scalable solution as we add more locations. i would like to avoid situation when plenty of internal traffic is affected if one of two vpn termination points that i plan to use is down. do you have similar configuration working in production? if so - what routing daemon did you use - quagga? something else? did you encounter any problems? thanks!

  Read the article

• rpd over https using a linux client

  - by Nils

  My employer switched from vpn and rdp to using what our admin calls "rdp over https". Since that switch I find myself unable to connect to the "new" rdp server. I think the progress is as follows: A rdp gateway-server is connected via tls the requested sever (different from the gateway-server) is then connected through the tls connection. In windows mstsc-settings the server name is the "internal network name" of the machine I wish to connect. And on the last tab (in German it is called "leistung" - could be activity) I go to the "connection from everywhere" settings and set the gateway-server under gateway-server. Now: Is there any way to use this scenario under linux (apart from a virtual machine running Windows)? I am interested in free ideas (e.g. is it possible to create a tls tunnel and connect through that using freerdp/rdesktop?) non-free ideas. As long as they work I'll worry about the costs later. Free ideas would be better :-)

  Read the article

• Set up linux box for hosting a-z

  - by microchasm

  I am in the process of reinstalling the OS on a machine that will be used to host a couple of apps for our business. The apps will be local only; access from external clients will be via vpn only. The prior setup used a hosting control panel (Plesk) for most of the admin, and I was looking at using another similar piece of software for the reinstall - but I figured I should finally learn how it all works. I can do most of the things the software would do for me, but am unclear on the symbiosis of it all. This is all an attempt to further distance myself from the land of Configuration Programmer/Programmer, if at all possible. I can't find a full walkthrough anywhere for what I'm looking for, so I thought I'd put up this question, and if people can help me on the way I will edit this with the answers, and document my progress/pitfalls. Hopefully someday this will help someone down the line. The details: CentOS 5.5 x86_64 httpd: Apache/2.2.3 mysql: 5.0.77 (to be upgraded) php: 5.1 (to be upgraded) The requirements: SECURITY!! Secure file transfer Secure client access (SSL Certs and CA) Secure data storage Virtualhosts/multiple subdomains Local email would be nice, but not critical The Steps: Download latest CentOS DVD-iso (torrent worked great for me). Install CentOS: While going through the install, I checked the Server Components option thinking I was going to be using another Plesk-like admin. In hindsight, considering I've decided to try to go my own way, this probably wasn't the best idea. Basic config: Setup users, networking/ip address etc. Yum update/upgrade. Upgrade PHP/MySQL: To upgrade PHP and MySQL to the latest versions, I had to look to another repo outside CentOS. IUS looks great and I'm happy I found it! Add IUS repository to our package manager cd /tmp wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/epel-release-1-1.ius.el5.noarch.rpm rpm -Uvh epel-release-1-1.ius.el5.noarch.rpm wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1-4.ius.el5.noarch.rpm rpm -Uvh ius-release-1-4.ius.el5.noarch.rpm yum list | grep -w \.ius\. # list all the packages in the IUS repository; use this to find PHP/MySQL version and libraries you want to install Remove old version of PHP and install newer version from IUS rpm -qa | grep php # to list all of the installed php packages we want to remove yum shell # open an interactive yum shell remove php-common php-mysql php-cli #remove installed PHP components install php53 php53-mysql php53-cli php53-common #add packages you want transaction solve #important!! checks for dependencies transaction run #important!! does the actual installation of packages. [control+d] #exit yum shell php -v PHP 5.3.2 (cli) (built: Apr 6 2010 18:13:45) Upgrade MySQL from IUS repository /etc/init.d/mysqld stop rpm -qa | grep mysql # to see installed mysql packages yum shell remove mysql mysql-server #remove installed MySQL components install mysql51 mysql51-server mysql51-devel transaction solve #important!! checks for dependencies transaction run #important!! does the actual installation of packages. [control+d] #exit yum shell service mysqld start mysql -v Server version: 5.1.42-ius Distributed by The IUS Community Project Upgrade instructions courtesy of IUS wiki: http://wiki.iuscommunity.org/Doc/ClientUsageGuide Install rssh (restricted shell) to provide scp and sftp access, without allowing ssh login cd /tmp wget http://dag.wieers.com/rpm/packages/rssh/rssh-2.3.2-1.2.el5.rf.x86_64.rpm rpm -ivh rssh-2.3.2-1.2.el5.rf.x86_64.rpm useradd -m -d /home/dev -s /usr/bin/rssh dev passwd dev Edit /etc/rssh.conf to grant access to SFTP to rssh users. vi /etc/rssh.conf Uncomment or add: allowscp allowsftp This allows me to connect to the machine via SFTP protocol in Transmit (my FTP program of choice; I'm sure it's similar with other FTP apps). rssh instructions appropriated (with appreciation!) from http://www.cyberciti.biz/tips/linux-unix-restrict-shell-access-with-rssh.html Set up virtual interfaces ifconfig eth1:1 192.168.1.3 up #start up the virtual interface cd /etc/sysconfig/network-scripts/ cp ifcfg-eth1 ifcfg-eth1:1 #copy default script and match name to our virtual interface vi ifcfg-eth1:1 #modify eth1:1 script #ifcfg-eth1:1 | modify so it looks like this: DEVICE=eth1:1 IPADDR=192.168.1.3 NETMASK=255.255.255.0 NETWORK=192.168.1.0 ONBOOT=yes NAME=eth1:1 Add more Virtual interfaces as needed by repeating. Because of the ONBOOT=yes line in the ifcfg-eth1:1 file, this interface will be brought up when the system boots, or the network starts/restarts. service network restart Shutting down interface eth0: [ OK ] Shutting down interface eth1: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: [ OK ] Bringing up interface eth1: [ OK ] ping 192.168.1.3 64 bytes from 192.168.1.3: icmp_seq=1 ttl=64 time=0.105 ms And this is where I'm at. I will keep editing this as I make progress. Any tips on how to Configure virtual interfaces/ip based virtual hosts for SSL, setting up a CA, or anything else would be appreciated.

  Read the article

• firefox: getting access to the list of tabs/windows to restore on startup

  - by robb

  Sometimes ffox fails to restore the previously open tabs/windows. This might be happening when some of the urls to be opened are no longer reachable (e.g. behind a vpn) or after the underlying OS (Windows) has been forcibly restarted (e.g. to complete an automated patch installation). Anyway, after restarting, can this list of urls be recovered somehow? Say for example, I was daft enough to have clicked on "start new session". Can I still get access to the old list of open urls? There is the browser history of course, but it contains a lot of stuff - the urls that were open when ffox last exited are not obvious. It would be neat if they were marked in some way - tagged for example. .robb

  Read the article

• Mikrotik server networks and Cain & Abel

  - by user269742

  I'm connected to the internet via a mikrotik server network. Recently, I read about that scaring application named Cain & Abel and all the capabilities it offered for malicious users. I don't know if anyone on my network is using or even aware of such application but my questions are: 1- How to protect myself from this program? 2- How to know if someone using such application against me? 3- Is Tor Bundle capable of protecting me from Cain & Abel? 4- If I filled my e-mail password via SSL page, Can Cain & Abel collect it? 5- Is it safe to use SKYPE or Yahoo Messenger voice chat if some one using Cain & Abel on my network?

  Read the article

• Can I optimize this mod_wsgi / apache file better?

  - by tomwolber

  Hi! I am new to Django/Python/ mod_wsgi, and I was wondering if I could optimize this file to reduce memory usage: ServerRoot "/home/<foo>/webapps/django_wsgi/apache2" LoadModule dir_module modules/mod_dir.so LoadModule env_module modules/mod_env.so LoadModule log_config_module modules/mod_log_config.so LoadModule mime_module modules/mod_mime.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule wsgi_module modules/mod_wsgi.so LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined CustomLog /home/<foo>/logs/user/access_django_wsgi.log combined ErrorLog /home/<foo>/logs/user/error_django_wsgi.log KeepAlive Off Listen 12345 MaxSpareThreads 3 MinSpareThreads 1 MaxClients 5 MaxRequestsPerChild 300 ServerLimit 4 HostnameLookups Off SetEnvIf X-Forwarded-SSL on HTTPS=1 ThreadsPerChild 5 WSGIDaemonProcess django_wsgi processes=5 python-path=/home/<foo>/webapps/django_wsgi:/home/<foo>/webapps/django_wsgi/lib/python2.6 threads=1 WSGIPythonPath /home/<foo>/webapps/django_wsgi:/home/<foo>/webapps/django_wsgi/lib/python2.6 WSGIScriptAlias /auctions /home/<foo>/webapps/django_wsgi/auctions.wsgi WSGIScriptAlias /achievers /home/<foo>/webapps/django_wsgi/achievers.wsgi

  Read the article

• What tangible security are gained by blocking all but a few outgoing ports in a firewall

  - by Frankie Dintino

  Our current hardware firewall allows for blocking incoming and outgoing ports. We have two possibilities: Block certain troublesome ports (unsecured smtp, bittorrent, etc.) Block all but a few approved ports (http, https, ssh, imap-ssl, etc.) I see several downsides with option 2. Occasionally web servers are hosted on non-standard ports and we would have to deal with the resulting issues. Also, there is nothing preventing a malicious or unwanted service from being hosted on port 80, for instance. What are are the upsides?

  Read the article

• Convert svn repository to hg - authentication fails

  - by Kim L

  I'm trying to convert an existing svn repository to a mercurial repo with the following command hg convert <repository> <folder> My problem is that the svn repository's authentication is done with p12 certificates. I'm a bit lost on how to configure the certificate for the hg client so that I can pull the svn repo and convert it. Currently, if I try to run the above command, I get initializing destination hg-client repository abort: error: _ssl.c:480: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure In other words, it cannot find the required certificate. The question is, how do I configure my hg client so that it can use my certificate? I'm using the command line hg client on linux.

  Read the article

• What is an SSH key?

  - by acidzombie24

  I signed up for github and notice the ssh key option which looked interesting. I originally expected something like an ssl key (name, co name, etc). After going through it i notice i only put a password and it is always myuser@comp-name (this is windows). Why? I thought it was a user/pass id and i can create separate keys for separate purpose for privacy reasons. Now i see i am required to use one to create a repository. Also i see something about a 'private key file' when looking at options. What exactly is an SSH Key and how can i create a separate user without creating a separate login in windows.

  Read the article

• How to get a service to listen on port 80 on Windows Server 2003

  - by Miky D

  I've coded a custom windows service that listens on TCP port 80 but when I try to install it on a Windows Server 2003 machine it fails to start because some other service is already listening on that port. So far I've disabled the IIS Admin service and the HTTP SSL service but no luck. When I run netstat -a -n -o | findstr 0.0:80 it gives me the process id 4 as the culprit, but when I look at the running processes that process id points to the "System" process. What can I do to get the System process to stop listening on port 80 and get my service to listen instead? P.S. I should point out that the service runs fine if I install it on my Windows XP or Windows 7 development boxes. Also, I should specify that this has nothing to do with it being a service. I've tried starting a regular application that attempts to bind to port 80 on the Windows Server 2003 with the same outcome - it fails because another application is already bound to that port.

  Read the article

• Monitoring ASA packet loss via SNMP

  - by dunxd

  I want to monitor packet loss on my ASA 5505 VPN endpoints using SNMP. This is so I can graph the rates in Cacti and/or get alerts in Nagios. However, I am not sure what SNMP values I should use to measure packet loss. In the ASA I can run sh interface Internet stats to show traffic statistics for the interface connected to the Internet. This shows 1 minute and 5 minute drop rates. Are these measures an indicator of packet loss? Are there SNMP values I can access that correspond to those values? Should I be looking at different values? Is the ASA even able to measure packet loss?

  Read the article

• Wamp website stop responding till restarting services [on hold]

  - by sparoww

  My first message here after many non conclusive research about my problem. So I'm administering a drupal website and I have migrate all application to new version: PHP 5.3.5 - 5.4.16 Apache 2.2.17 - 2.4.4 MySQL 5.1.36 - 5.6.12 With the new Wamp version. Also update Drupal from 6.19 to 6.30. I have update it by uninstalling everything in the server and reinstalling the new version. Since this update the website sometimes become unresponsive till we restart wamp. No warrning and no error in event log. Can somebody help me with this problem? I also cannot enable SSL, after configuring it wamp won't start. I have do many research and test but I still have many issue. Here I paste my configuration files: httpdconf: http://pastebin.com/qq1YvPKe httpdsslconf: http://pastebin.com/c4JnFyMw phpini: pastebinDOTcom/y8a30id6 Thanks in advance.

  Read the article

• Encrypt LAN and wifi traffic on small private network

  - by Grimlockz

  I need some advice about encrypt all traffic on a small private network running wi-fi and LAN traffic on 192.168.0.x network. The network would comprise of client laptops connecting to the wi-fi router (192.168.0.254) via ethernet connection or wireless. The main purpose of the server is for the client laptops to talk to two servers on different IP's (192.168.0.200 and 192.168.0.201) on ports 80 and 433. My main concern is having packet sniffers and what not getting access to the data. The only ways I see at the moment is to have VPN running on the network or use IPSec policy's to do this. Any other ways guys?

  Read the article

• Puppet apache module causing 'Error 400 on SERVER: Invalid parameter identifier'

  - by Andy Shinn

  I am receiving the following error when trying to use the latest puppetlabs-apache module from github (https://github.com/puppetlabs/puppetlabs-apache): Error: Could not retrieve catalog from remote server: Error 400 on SERVER: Invalid parameter identifier at /etc/puppet/environments/apache_update/modules/apache/manifests/mod.pp:40 on node zordon.mydomain.com Warning: Not using cache on failed catalog Error: Could not retrieve catalog; skipping run My node config looks like: node 'zordon.mydomain.com' { include template::common include template::puppetagent include template::lamp User::Create sudo::conf { 'joe': priority = 60, content = 'joe ALL=(ALL) NOPASSWD: ALL', require = User::Create['joe'], } } The template::lamp class is what uses apache module: class template::lamp { include myfirewall Firewall Firewall class { 'apache': } class { 'apache::mod::php': } class { 'apache::mod::ssl': } class { 'mysql::server': } } It looks like serverfault markup is getting garbled on Puppet realize statements. The User::Create and Firewall lines are just realizing a user and 2 firewall rules. I have verified that the /var/lib/puppet/lib/puppet/type/a2mod.rb type has the identifier parameter and it is the same MD5 as the server. I am using Puppet 3.0.1 on both agent and master. Any idea what may cause this?

  Read the article

• Is there a way to set up an SMTP relay that allows users of a web app to have the web app send email

  - by mic

  the web service sends out emails on behalf of the users to their customers. So [email protected] uses webservice and webservice sends emails . The emails should be appearing as coming from [email protected]. Currently what we are trying to do is to configure webservice to act as an email client for each user, each user being able to create their own profile in which they need to configure their smtp server credentials. But given that there are more options for configurations than you can shake your stick at -not to mention trying to explain to users what info to get from where, POP b4 smtp, TLS, SSL, AUTH,etc) I am wondering if there could be a different way. How, if at all could this be approached? Can I set up a postfix server to do what I need to without running into another admin. nightmare or being blocked for spamming? Thank you for your insights

  Read the article

• What does a red icon in XP's "Unlock Computer" dialog mean?

  - by wikiti

  A user was working from home and had a colleague turn on her computer so she could remote desktop to it. All worked fine, but when she came into the office and used her computer for a while then locked it the computer icon had a red screen, instead of blue. Like in the following mockup: Mockup of red computer screen. It didn't cause any problems and it went away when she rebooted, but I was intrigued to find out whether there was something that caused it or if it was just a windows oddity. I believe she just closed the remote desktop session (without really logging off) from home and then disconnected from the VPN before coming to the office. Any ideas?

  Read the article

• Corporate IM with video that actually works, suggestions?

  - by Erik P. Skaalerud

  Hi. Does anyone here have a suggestion for a cross-platform IM solution wich will work with voip/video on both Windows (XP and 7) and Mac OS X from 10.4 and upwards? Right now were in a kind of mixed enviroment, with some Mac users using iChat server since they need video support (conference across several offices over VPN), but it wont't work on windows clients. The rest of us are happily using Openfire+Spark, but there's no VoIP or video avaible from what i've found, unless you want to add in several 3rd party software (like red5 and asterisk). Requirements: As said before; must work on both Windows and Mac Internal server (no Skype etc) File transfer between platforms SSO (Single Sign-On) via Active Directory authentication Some sort of screen sharing would be a plus, like switching over to a screen capture (powerpoint, software training etc) We can afford to buy software if that's needed to get this working without any hiccups across platforms. Pre-thanks to anyone who gives suggestions.

  Read the article

• How to set up Windows server 2008 to receive email?

  - by Saul

  First off apologies, I'm from a medical background not a networking one, but I've got roped into setting up a windows 2008 server. So far web server running, fixed IP address assigned (within a large private network of the National Health Service in the UK if that makes any difference) and the network team have assigned a DNS entry for me which works, so the server can be addressed as nww.myserver.nhs.uk I've only got ports open on the router for 80 and 443 (http and https) at the moment, so presume I need a different port to enable email services. My need is to be able to accept an email to the domain name like [email protected] in order to pick up a confirmation mail from an SSL issuer (Comodo) I guess to confirm that I control the domain. After that I don't actually need mail services on the server. I see lots of stuff about setting up SMTP services but thought that was about mail out and re-routing, but how do you get the server to "listen" for mail to the domain (assuming I open port xyz or whatever it is) ?

  Read the article

< Previous Page | 165 166 167 168 169 170 171 172 173 174 175 176  | Next Page >