Search Results

Search found 5390 results on 216 pages for 'ssl vpn'.

Page 173/216 | < Previous Page | 169 170 171 172 173 174 175 176 177 178 179 180  | Next Page >

• Internal Outlook clients prompted for OWA login when only accessing local internal Exchange server?

  - by TallGuy

  Hope someone can help with this one. Scenario is an internal Exchange 2003 server. OWA front end server in the DMZ. OWA logins work fine, with SSL configured. Over the last week (3 times so far) when an internal person opens their Outlook and then tries to open an email with JPG attachments they are prompted for the webmail login. Why? Even if they enter their valid webmail OWA login it fails and reprompts once for each attachment. Once they get through the multiple login prompts, they can double-click to open the attachments, but they are all blank. Any ideas on what could cause this? Why would someone accessing an email from an internal Outlook client get prompted for details of the OWA/webmail server login?

  Read the article

• Feeding the kernels entropy source from other machines and/or increasing its maximum size

  - by David Spillett

  We have has a little trouble with a small box that acts as a VPN end-point and mail relay for our network, caused by the available entropy for /dev/random being too low (which causes TLS connection attempts by exim to fail). The machine doesn't do anything else, so the normal feed into the entropy pool (interrupt timings from things like disk access) is not enough. As a quick hack I've set a looping script that reads from /dev/hda at a couple of Mbyte/sec which keeps it topped up. Other than buying a hardware RNG, is there a clean way of piping data for entry from elsewhere, such as a copy of the data our file server uses for its entropy source? I've spotted several tips for using rng-tools to feed it from /dev/urandom on the same machine but that "feels dirty". Also, is it possible to increase the maximum pool size? It currently seems to max out at 3585.

  Read the article

• OpenVPN IPv6 over IPv4 tunnel

  - by user66779

  Today I installed OpenVPN 2.3rc2 on both my windows 7 client machine and centos 6 server. This new version of OpenVPN provides full compatibility for IPv6. The Problem: I am currently able to connect to the server (through the IPv4 tunnel) and ping the IPv6 address which is assigned to my client and I can also ping the tun0 interface on the server. However, I cannot browse to any IPv6 websites. My vps provider has given me this: 2607:f840:0044:0022:0000:0000:0000:0000/64 is routed to this server (2607:f840:0:3f:0:0:0:eda). This is ifconfig after setup with OpenVPN running: eth0 Link encap:Ethernet HWaddr 00:16:3E:12:77:54 inet addr:208.111.39.160 Bcast:208.111.39.255 Mask:255.255.255.0 inet6 addr: 2607:f740:0:3f::eda/64 Scope:Global inet6 addr: fe80::216:3eff:fe12:7754/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2317253 errors:0 dropped:7263 overruns:0 frame:0 TX packets:1977414 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1696120096 (1.5 GiB) TX bytes:1735352992 (1.6 GiB) Interrupt:29 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255 inet6 addr: 2607:f740:44:22::1/64 Scope:Global UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:739567 errors:0 dropped:0 overruns:0 frame:0 TX packets:1218240 errors:0 dropped:1542 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:46512557 (44.3 MiB) TX bytes:1559930874 (1.4 GiB) So OpenVPN is sucessfully creating a tun0 interface and assigning clients IPv6 addresses using 2607:f840:44:22::/64. The first client to connect is getting 2607:f840:44:22::1000 and the second 2607:f840:44:22::1001, and so on... plus 1 each time. After connecting as the first client, I can ping from my windows client machine 2607:f740:44:22::1 and 2607:f740:44:22::1000. However, I have no access to IPv6 websites. I believe the problem is that the tun0 IPv6 addressees are not being forwarded to the eth0 interface. This is the firewall running on the server: #!/bin/sh # # iptables configuration script # # Flush all current rules from iptables # iptables -F iptables -t nat -F # # Allow SSH connections on tcp port 22 # iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22 -j ACCEPT # # Set access for localhost # iptables -A INPUT -i lo -j ACCEPT # # Accept connections on 1195 for vpn access from client # iptables -A INPUT -i eth0 -p udp --dport 1195 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p udp --sport 1195 -m state --state ESTABLISHED -j ACCEPT # # Apply forwarding for OpenVPN Tunneling # iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 209.111.39.160 iptables -A FORWARD -j REJECT # # Enable forwarding # echo 1 > /proc/sys/net/ipv4/ip_forward # # Set default policies for INPUT, FORWARD and OUTPUT chains # iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT # # IPv6 # IP6TABLES=/sbin/ip6tables $IP6TABLES -F INPUT $IP6TABLES -F FORWARD $IP6TABLES -F OUTPUT echo -n "1" >/proc/sys/net/ipv6/conf/all/forwarding echo -n "1" >/proc/sys/net/ipv6/conf/all/proxy_ndp echo -n "0" >/proc/sys/net/ipv6/conf/all/autoconf echo -n "0" >/proc/sys/net/ipv6/conf/all/accept_ra $IP6TABLES -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT $IP6TABLES -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT $IP6TABLES -A INPUT -i eth0 -p icmpv6 -j ACCEPT $IP6TABLES -P INPUT ACCEPT $IP6TABLES -P FORWARD ACCEPT $IP6TABLES -P OUTPUT ACCEPT Server.conf: server-ipv6 2607:f840:44:22::/64 server 10.8.0.0 255.255.255.0 port 1195 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh2048.pem ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" keepalive 10 60 tls-auth ta.key 0 cipher AES-256-CBC comp-lzo user nobody group nobody persist-key persist-tun status openvpn-status.log log-append openvpn.log verb 5 Client.conf: client dev tun nobind keepalive 10 60 hand-window 15 remote 209.111.39.160 1195 udp persist-key persist-tun ca ca.crt key client1.key cert client1.crt remote-cert-tls server tls-auth ta.key 1 comp-lzo verb 3 cipher AES-256-CBC I'm not sure where I am going wrong, it could be the firewall, or something missing from server or client.conf. This version of OpenVPN was only released yesterday, and there's little info on the internet about how to setup an IPv6 over IPv4 vpn tunnel. I've read the manual for this new version of OpenVPN (parts pertaining to IPv6) and it provides very little info too. Thanks for any help.

  Read the article

• Password Self-serve Active Directory via LAMP environment

  - by keithosu

  I would like to be able to change active directory passwords via a Linux/Apache based webpage. This would be a self serve web page for the user. I have SSL-LDAP setup on the Active Directory to make this happen. Is there any project or code out there that will do this? I've looked at this phpadadmin and I cannot get it to work. I think this is for IIS/php/mySQL Another thing to note is I would like the user to authenticate to change their own password. The product/service should not need a privileged account to run. Thanks Keith

  Read the article

• Can I optimize this mod_wsgi / apache file better?

  - by tomwolber

  I am new to Django/Python/ mod_wsgi, and I was wondering if I could optimize this file to reduce memory usage: ServerRoot "/home/<foo>/webapps/django_wsgi/apache2" LoadModule dir_module modules/mod_dir.so LoadModule env_module modules/mod_env.so LoadModule log_config_module modules/mod_log_config.so LoadModule mime_module modules/mod_mime.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule wsgi_module modules/mod_wsgi.so LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined CustomLog /home/<foo>/logs/user/access_django_wsgi.log combined ErrorLog /home/<foo>/logs/user/error_django_wsgi.log KeepAlive Off Listen 12345 MaxSpareThreads 3 MinSpareThreads 1 MaxClients 5 MaxRequestsPerChild 300 ServerLimit 4 HostnameLookups Off SetEnvIf X-Forwarded-SSL on HTTPS=1 ThreadsPerChild 5 WSGIDaemonProcess django_wsgi processes=5 python-path=/home/<foo>/webapps/django_wsgi:/home/<foo>/webapps/django_wsgi/lib/python2.6 threads=1 WSGIPythonPath /home/<foo>/webapps/django_wsgi:/home/<foo>/webapps/django_wsgi/lib/python2.6 WSGIScriptAlias /auctions /home/<foo>/webapps/django_wsgi/auctions.wsgi WSGIScriptAlias /achievers /home/<foo>/webapps/django_wsgi/achievers.wsgi

  Read the article

• Add iphones, ipads to existing OpenVPN server

  - by Zoran

  Could someone please provide me with info How to connect iphone and ipad to a existing OpenVPN server based on Ubuntu 8.04? I saw similar posts (such is Simplest VPN setup for iphone on Debian Linux?) but I haven't seen answer which will help me. Most of our client machines (whic are connecting to OpenVPN) are Windows 7 & Vista. Now I have to add several iphone and ipad users. How to accomplish that task? EDIT: One more thing, I can not use GuizmoVPN since that I wil have to jailbreak iphone which is not possoble solution

  Read the article

• How to choose an open source, Asterisk friendly firewall?

  - by Lucas

  I'm in pain. We are moving to a SIP based VOIP system and for whatever reason, we could not get our hosted Asterisk solution to work with our Sonicwall. Our VOIP provider gave up and is recommending an open source vendor, pfSense. A little background: We have about 30 users in our network. We use a few IPSec VPN connections for remote networks. I would like, but don't need, application layer filtering. We're active internet users, so properly traffic shaping is probably a concern. How can I tell if an open source firewall will handle VOIP setup smoothly with a hosted Asterisk system?

  Read the article

• DNS not responding

  - by Born2win

  I have a Dlink DIR-615 router and I have it around six mounths. My internet connection is VPN (PPTP) based i.e. I have been give a username and password from my isp and my ip address is dynamic. But from few days I am experiencing a serious problem. My router connects normally (i can see yellow light) but my computer is giving "DNS not responding" error. I have tried everything (reset,reboot etc) but no sucess. Any help would be appreciated :)

  Read the article

• Which ports for IPSEC/LT2P?

  - by Matt

  I have a firewall/router (not doing NAT). I've googled and seen conflicting answers. It seems UDP 500 is the common one. But the others are confusing. 1701, 4500. And some say I need to also allow gre 50, or 47, or 50 & 51. Ok, which ports are the correct ones for IPSec/L2TP to work in a routed environment without NAT? i.e. I want to use the built in windows client to connect to a VPN behind this router/firewall.

  Read the article

• How to configure dnsmasq to forward multiple DNS servers?

  - by xiaoyi

  I'm now using public DNS over VPN to avoid some DNS pollution in China. But this come with a price that I can't take advantage of CDN. Is there a way to configure dnsmasq and let it query both DNS servers, both public one and ISP one, and return the IP with a lower metric? I knew it could be done by using server=/domain/server directive to assign a DNS server for a certain domain, but the problem is there are hundreds of them. So I have to figure out something generic. Thanks in advance.

  Read the article

• Postfix configuration w.r.t. port 25

  - by Monkey Boson

  After a considerable amount of research, I have configured my postfix server to use dovecot to accept SMTPS connections over port 465 and everything works swimmingly. Unfortunately, I forgot that, unless I listen to port 25, I'm not going to receive any e-mail from the net. I'm hoping somebody knows off the top of their head how to open up port 25 on Postfix for anonymous users, but disallow relaying and any other bad things on that port. And to leave the port 465 the way it is. As to my current configuration, I changed the master.cf file: smtps inet n - n - - smtpd and the main.cf file: # Use our SSL certificates smtpd_tls_cert_file = .....cer smtpd_tls_key_file = .....key smtpd_tls_security_level = may # Use Dovecot for SASL authentication smtpd_sasl_auth_enable = yes smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_sasl_path = private/auth broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated, reject_unauth_destination Any help is appreciated!

  Read the article

• Set Valid IP On Vmware Vm's Help Please

  - by Shahin At

  I Have a VPS.And i on my vps installed vmware workstation version 9.now i have 3 valid ip's: XXX.152.193.66 XXX.152.193.101 XXX.152.193.103 Gateway: XXX.152.193.65 now tow ip's set in host and i want to 1 ip set on vm. network vm is bridge and set ip on vm but this ip from out of internal network not ping and in vm not ping to gateway. What can I do to solve this problem? my ip is unassigned and only set on vm and use bridge network mode.and gw,mask,dns is set.but not ping. i set this ip on host and without problems is worked, But I do not know why on vm not worked. my host OS Is Windows Server 2003 and firewall is off and RRAs(routing and remote access) For VPN service is Enable. Do not host or virtual machines to create a IP route?

  Read the article

• Tools to manage large network of heterogeneous web applications?

  - by Andrew

  I recently started a new job where I've been tasked with managing a global network of heterogenous web applications. There's very little documentation. My first order of business is to create an inventory of all of the web applications. Are there any tools out there to manage a large group of web apps? I'd like to collect a large dataset for each website including: logins for web based control panels logins to FTP/ssh accounts Google analytics tracking code for each site 3rd party libraries used SSL certs, issuers, and expiration dates etc I know I could keep the information in Excel or build a custom database, but I'm hoping there's already a tool out there to help me with this.

  Read the article

• Show Slave Status not working from console, nor client.

  - by Mr. Leinad

  Hello, I have a somewhat strange case. Whenever one of my coworkers executes this line: show slave status; from their MySQL clients, it works smoothly. But if I do that, it says: ERROR 1227 (42000): Access denied; you need the SUPER,REPLICATION CLIENT privilege for this operation We are all going against the same database, and if I check privileges I can see: GRANT ALL PRIVILEGES ON . TO 'usermysql'@'%' IDENTIFIED BY PASSWORD 'password' There's something wrong with my computer.. but I can't pinpoint where it is.. Thanks EDIT: It's kinda bizarre.. it goes through a VPN remotely. But if I change the internet connection, then it works.. If the previous internet connection is restored, it doesn't.. Could we classify this among the great mysteries of the world? Or someone has an idea?

  Read the article

• Mail being sent as root on Ubuntu 14.04

  - by Benjamin Allison

  I'm really struggling with this. I'm trying to set up this server to send mail using Gmail's SMTP. Google keeps bouncing the messages, saying that that Authentication is required: smtp.gmail.com[74.125.196.109]:25: 530-5.5.1 Authentication Required. Learn more at smtp.gmail.com[74.125.196.109]:25: 530 5.5.1 http://support.google.com/mail/bin/answer.py?answer=14257 But it seems my server is trying to send mail as [email protected]. I'm baffled. Here's what I've done so far: Updated mail.cf relayhost = [smtp.gmail.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_tls_CAfile = /etc/postfix/cacert.pem smtp_use_tls = yes Created /etc/postfix/sasl_passwd: [smtp.gmail.com]:587 [email protected]:password Then did the following: sudo chmod 400 /etc/postfix/sasl_passwd sudo postmap /etc/postfix/sasl_passwd cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem | sudo tee -a /etc/postfix/cacert.pem service postfix restart I can't for the life me get a mail message to send, or change the default mail user from [email protected] to [email protected] (FWIW, I'm using Google Apps, that's why it's not a .gmail address).

  Read the article

• Cisco NAT + IPSec + Web Server Configuration Question

  - by zagman76

  Hello - I currently have a Cisco 881W, and it is configured with one of our static IPs to do basic NAT for the network. We also have a web server that needs it's own IP. I configured the NAT for the 2nd IP, however now traffic through our IPSec VPN doesn't route to the web server properly (well, it routes to the internet, rather than through the Tunnel). I followed the instructions here: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml But now the outbound NAT doesn't seem to be working properly - it keeps going to the NAT of the Cisco, and not the designated IP address. If anyone can assist, I would appreciate it greatly. Let me know what you need, and I'll get it to you! Thanks!

  Read the article

• Use teamviewer for running web server [closed]

  - by Steve

  I have a PC behind NAT. I want to host a web server on it which is accessible from the internet. I cannot open any blocked ports nor do i have admin rights on the computer. But it has a teamviewer client running on it 24*7 to which i do have access(no vpn installed). I can accesss this client from anywhere using teamviewer. I want to know if somehow i can use teamviewer to get a ip/hostname that is accessible from the internet and host a webserver. Also is it possible to get an ip if i get admin access but without opening ports.

  Read the article

• Forcing exact hostname match in IIS

  - by iis_newbie

  I am looking how to force an exact hostname match within IIS when using https. For instance, I want "https://works.mysite.com/resource" to be ok, but "https://noworks.mysite.com/resource" to return 404 (assuming they both resolve to the same IP). IIUC, the default behavior of IIS when going to "https://noworks.mysite.com/resource" is to get a cert warning, if the user presses continue, the user is able to access the URL. I was able to do this by generating a *.mysite.com SSL cert, and then specify the hostname within the bindings in IIS, but without the * in the beginning, the hostname field is disabled and blank. Am I missing something simple here?

  Read the article

• my file download speed is 180-200kbps but speedtest is showing 1.7mbps and i am subsribed to 2mbps pack?

  - by edward

  i'm from Malaysia. I am subscribed to 2mbps pack from my country's ISP. But all i get is only 200kbps when download files from the internet, when i test my speed on speedtest.com , it shows me 1.7mbps. I am pretty confused , ISP should give users what they stated , yeah a 2mbps. But i only recieved 200kbps and the speedtest shows 1.7mbps which makes me confused even further. So i started googling and found out that it is related to something called VPN compression? can anyone explain to me how these things works? why am i getting much much lower speed than i have subscribe to. (I am using a D-Link DSL-2750 U modem) Thanks.

  Read the article

• Joining a network with a Virtual Windows Server 2008 R2

  - by Triztian

  Hi all, here's my case, I have set up a share in a virtual windows server 2008 R2, the server is hosted by GoDaddy my question is, how do I access the server's public folders, I need to open a file locally (on the client) and to do that I need the server to show up in my Network locations, I have the right credentials and have created a special group that has access to the particular folder that I'm sharing the problem is I don't know how to add the server to my network locations. I have tried VPN Connection but it is my understanding that it cannot be done since it is virtual share server. Any help is trully appreciated.

  Read the article

• How secure is using "Normal password" for SMTP with connection type = STARTTLS?

  - by harshath.jr

  I'm using an email client for the first time - for the most part I've always used gmail via the web interface. Now I'm setting up thunderbird to connect to an email server of my own (on my own server, own domain name, etc). The server machine (and the email server on it) was preconfigured for me. Now i figured out away by which I'm able to send and receive email, but I noticed that in the outgoing and incoming servers section, the connection type was STARTTLS (and not SSL/TLS), and the Authentication Type was "Normal Password". Does this mean that the password will be sent across in plain text? I'm very paranoid about security - its the only way that it works for me. Can someone please post links that explain how SMTP (my outbound server) and IMAP (my inbound server) servers work, and what connection type means what? Thanks! PS: If this question does not belong here, please redirect me.

  Read the article

• How to suppress "Not collecting exported resources without storeconfigs"?

  - by Andy Shinn

  I'm getting the following in my Puppet master syslog over and over: Sep 27 11:52:05 puppet1 puppet-master: Not collecting exported resources without storeconfigs Sep 27 11:52:06 puppet1 puppet-master: Not collecting exported resources without storeconfigs Sep 27 11:52:06 puppet1 puppet-master: Not collecting exported resources without storeconfigs I'm not actually using storeconfigs: [ashinn@puppet1 ~]$ cat /etc/puppet/puppet.conf [agent] server = puppet.mydomain.com environment = production report = true [main] logdir = /var/log/puppet vardir = /var/lib/puppet ssldir = /var/lib/puppet/ssl rundir = /var/run/puppet factpath = $vardir/lib/facter pluginsync = true certname = puppet1.mydomain.com [master] modulepath = $confdir/environments/$environment/modules manifest = $confdir/environments/$environment/manifests/site.pp templatedir = $confdir/templates autosign = $confdir/autosign.conf ssl_client_header = SSL_CLIENT_S_DN ssl_client_verify_header = SSL_CLIENT_VERIFY report = true reports = hipchat Any way I can suppress these messages? What do they actually come from?

  Read the article

• Get the interface and ip address used to connect to a specific host (ip)

  - by umop

  I'm sure this has been asked and answered before, but I wasn't able to find it, so hopefully this will at least link someone to the right place. I want to find out my local interface and ip address used to reach a certain host. For instance, if I had 3 adapters connected to my box and they all three went to different networks, I'd like to know which of the three (specifically, its ip address) is used to reach my.local.intranet (in this case, it would be a vpn tunnel interface). I suspect this is a job for ifconfig or traceroute, but I haven't been able to find the correct switches. I'm running OSX 10.7 (Darwin) Thanks!

  Read the article

• Installing php(suexec) for Apache

  - by John

  I've got Apache installed and running but how do i install and run PHP as fastcgi so it runs as its own user? here is my apache config: ./configure --prefix=/usr/local/apache2 --enable-rewrite=shared --enable-so --enable-suexec --disable-asis --disable-autoindex --enable-cache --enable-deflate --enable-disk-cache --enable-expires --enable-file-cache --enable-mem-cache --enable-ssl --enable-vhost-alias --with-mpm=prefork --with-port=8080 here is my php config: ./configure prefix=/usr/local/php --without-pear --enable-safe-mode --enable-magic-quotes --with-apxs2=/usr/local/apache2/bin/apxs --disable-cli --disable-cgi --enable-force-cgi-redirect --enable-fastcgi --with-mysql --with-gd --with-jpeg-dir=/usr/lib --with-png-dir=/usr/lib --with-freetype-dir=/usr/lib --enable-calendar --with-curl --enable-mbstring --with-mcrypt

  Read the article

• backuppc - how to backup remote (over the internet) clients?

  - by Scott

  I am testing out backuppc, which works great so far backing up windows clients on a LAN via SMB (no backup client/agent required). However I have quite a few laptops and desktops that are in various remote locations - some of which move around. I need some way to have that remote computer create an outgoing connection for backup purposes (Windows XP/7). I know backuppc supports smb, rsync and 'tar', but I believe these are all connections going from the server TO the client. SO, I either need a way to vpn the client on a timed basis, or it would be a lot better if the client could some how connect to the server (ssh?) and initiate it's own backup somehow (rsync?). Of course this all needs to be pre-installed by me and require no maintenance by the end user, no dialogs on their side. What do you think?

  Read the article

< Previous Page | 169 170 171 172 173 174 175 176 177 178 179 180  | Next Page >