Search Results

Search found 24609 results on 985 pages for 'private ip'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 369/985 | < Previous Page | 365 366 367 368 369 370 371 372 373 374 375 376  | Next Page >

  • Add IPv6 support to DirectAdmin server

    - by George Boot
    I just set up an new DirectAdmin, and I want to prepare it for IPv6 use. My ISP have gave me an range of IPv6 addresses that I can use. Lets say that address is 2a01:7c8:**:1f::. My neworkadapter user DHCP to resolves its IP-addresses. When i type ifoncig eth0 I get the following result: eth0 Link encap:Ethernet HWaddr 52:**:**:**:ce:f3 inet addr:37.**.**.44 Bcast:37.**.**.255 Mask:255.255.255.0 inet6 addr: 2a01:7c8:****:1f::/64 Scope:Global inet6 addr: fe80::5054:ff:fe87:cef3/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:38941 errors:0 dropped:0 overruns:0 frame:0 TX packets:29439 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:3779534 (3.6 MiB) TX bytes:5089379 (4.8 MiB) As you can see, I have an IPv6 address set, but I can't ping6 an IPv6 host. I get the error: connect: Network is unreachable. I decided that I needed an gateway, so I tryed to add one: ip -6 route add default via 2a01:7c8:****::1 dev eth0 (2a01:7c8:**::1 is the gateway of my ISP). But it trows an error: RTNETLINK answers: No route to host. Does somebody know what to do, and how to solve this issue? Thanks a lot!

    Read the article

  • Running WordPress and Ghost on Apache with mod_proxy

    - by Jack Perry
    I currently have three WordPress sites hosted on Apache with virtual host files to direct the right domain to the right DocumentRoot. Ghost (node.js) just came out and I've wanted to tinker with it and just play around on one of my spare domains. I'm not really interested in moving over to nginx so I'm trying to get Ghost working on Apache via mod_proxy. I've managed to get Ghost working on my spare domain, but I think there's a problem with my virtual host files, as all of my other domains start pointing to Ghost as well. Here are two virtual host files, one for my main WordPress site that works fine, and the second for Ghost. Domains removed and replaced with DOMAIN and DOMAIN2. DOMAIN <VirtualHost *:80> ServerAdmin webmaster@localhost ServerName DOMAIN.com ServerAlias www.DOMAIN.com DocumentRoot /var/www/DOMAIN.com/public_html <Directory /> Options FollowSymLinks AllowOverride All </Directory> <Directory /var/www/DOMAIN.com/public_html> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny allow from all </Directory> ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ <Directory "/usr/lib/cgi-bin"> AllowOverride None Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch Order allow,deny Allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined Alias /doc/ "/usr/share/doc/" <Directory "/usr/share/doc/"> Options Indexes MultiViews FollowSymLinks AllowOverride None Order deny,allow Deny from all Allow from 127.0.0.0/255.0.0.0 ::1/128 </Directory> </VirtualHost> DOMAIN2 <VirtualHost IP:80> ServerAdmin EMAIL ServerName DOMAIN2.com ServerAlias www.DOMAIN2.com ProxyPreserveHost on ProxyPass / http://IP:2368/ </VirtualHost> I get the feeling I'm not working with virtual hosts or mod_proxy right, and Google-fu has let me down after many suggested attempts. Any ideas? Thanks!

    Read the article

  • SSH through standard Belkin router to Asus Tomato router

    - by Luke
    I've set up SSH on the Tomato firmware on an Asus N10, via port 22 with key authentication. I've tested the keys by connecting with putty directly to the router when connected to its network. That works OK. But this router is behind a Belkin (F5D7632-4) router which also acts as modem and when I try to connect through with the (dynamic) public IP it times out. I'm guessing it's something to do with the NAT? My putty settings are taken from various online tutorials, but it's set up for port 22, with the correct key as mentioned. The Belkin router has port forwarding to the Asus (192.168.2.3) for port 22 TCP and UDP set up. It's now tough to see what to do in order to connect to the Asus router with an external IP - if it's even possible. Ideally I would have liked to have only needed to use the Asus router, but as it doesn't act as a modem, I need to connect it to the Belkin to use Tomato's features. Perhaps there's a solution here too? Network: Internet -> Belkin modem/router -> Asus router (Tomato SSH) -> Devices

    Read the article

  • Macs don't connect to wifi access point but PCs will

    - by Josh
    So, as a side project I'm going to try and figure out why the wifi APs in my building exhibit the following behavior: - They typically allow all types of computers to connect without issues - Sometimes Apples can't get an IP address but will still connect to the AP's signal - Less often, PCs can't connect to the wifi (same as above - yes signal, no IP addy) - Don't let Raiders fans on no matter the time of day! My first thought was that the DHCP leases were all taken up when the Apples would try to connect, and it was just their unlucky timing, but I would then try to log on with a PC that had a new, unleased MAC address and it would work... Could this be something to do with interoperability between an apple wifi card, and the APs? Different parts of the DHCP lease being taken up first? The fact that the Seattle Mariners might actually be good this year?? If this hasn't used up everyone's patience (with my crappy sports jokes), something else I could use some help with: - We don't have the model or type of AP - This is because there is no documentation available for them, and they literally look like small white boxes with no writing on them. Also, the company that installed them is out of business, so the situation might be that no docs will ever be on the way. -- Do you guys have any ideas on how to figure out what we have? Thanks as always for all the help, and I'm looking forward to the day when I know enough to start contributing back to the site, Josh

    Read the article

  • Suggestions for accessing SQL Server from internet

    - by Ian Boyd
    i need to be able to access a customer's SQL Server, and ideally their entire LAN, remotely. They have a firewall/router, but the guy responsible for it is unwilling to open ports for SQL Server, and is unable to support PPTP forwarding. The admin did open VNC, on a non-stanrdard port, but since they have a dynamic IP it is difficult to find them all the time. In the past i have created a VPN connection that connects back to our network. But that didn't work so well, since when i need access i have to ask the computer-phobic users to double-click the icon and press Connect i did try creating a scheduled task that attempts to keep the VPN connection back to our office up at all times by running: >rasdial "vpn to me" But after a few months the VPN connection went insane, and thought it was both, and neither, connected an disconnected; and the vpn connection wouldn't work again until the server was rebooted. Can anyone think of a way where i can access the customer's LAN that doesn't involve opening ports on the router needing to know their external IP customer interaction of any kind Blah blah blah use vpn vnc protocol has known weaknesses you are unwise to lower your defenses it's not wise to expose SQL Server directly to the internet you stole that line from Empire Customer doesn't care about any of that. Customer wants things to work.

    Read the article

  • Long access time for static web page on virtual machine

    - by Karol
    My setup Windows 7 on workstation that I use at work (with domain) and home (no domain) Virtual machine (VMWare) that runs Arch Linux (I will call it just "Linux") with network interface in bridged mode. Linux serves web pages with Nginx. IP address of Linux machine is 192.168.0.16 and is added to C:\windows\system32\drivers\etc\hosts: 192.168.0.16 bridged bri IP address of Windows workstation is added to /etc/hosts: 192.168.0.10 workstation I can add more details to my setup description (I am not sure what is relevant). The question Often (but not always) it takes long time for a web browser (Firefox) to open static web page served by Linux. I am sure it is not a performance issue. To be more specific: it takes about ~20 seconds to resolve(?) the address http://bridged for a web browser. Additionally I have just installed samba service and noticed similar problem, so it is not specific to browser & http. Initial access for samba shares also takes long time.

    Read the article

  • Exchange 2007 relay from sendmail, message "Undelivered". Possible reasons?

    - by garlicman
    Note: This is my re-post from Stackoverflow. I've been messing with a test environment for security purposes where a DMZ RHEL5 sendmail server is used as a relay for an Exchange 2007 server. Exchange is working in the environment, I have Vista and XP VMs using Outlook on the Domain to send e-mail to each other. I've been trying to simulate an external internet VM sending an e-mail to the DMZ sendmail relay, which forwards to the Exchange server. Before everyone thinks this is too big a problem/question, I've followed the sendmail/Exchange guides and all I want to know is how I can determine why a relayed message/e-mail in Exchange is "Undelivered". Basically I send a SMTP message to the sendmail server, which relayed to my Exchange. The /var/log/maillog shows the e-mail being relayed to Exchange. Nov 17 13:41:22 externalmailserver sendmail[9017]: pAHIfMuW009017: from=<[email protected]>, size=1233, class=0, nrcpts=1, msgid=<[email protected]>, proto=ESMTP, daemon=MTA, relay=[10.50.50.1] Nov 17 13:42:17 externalmailserver sendmail[9050]: pAHIfMuW009017: to=<[email protected]>, delay=00:00:55, xdelay=00:00:36, mailer=relay, pri=121233, relay=mailserver.xyz.local. [192.168.1.20], dsn=2.0.0, stat=Sent (<[email protected]> Queued mail for delivery) This is good, but the To never receives the e-mail from Exchange. So I started poking around Exchange. In the "Message Tracking" Troubleshooting Assistant I queried the processed messages and found this: (I had to copy and paste the cells... sorry for the format) 2011/11/17 RECEIVE SMTP <[email protected]> "Undelivered Mail Returned to Sender" [email protected] [email protected] 192.168.100.10 MAILSERVER\DMZ Relay [email protected] I just want to know if anyone has any suggestions on why the DMZ Relay Connector I setup isn't relaying and is instead returning the forwarded e-mail to sender as Undelivered? My Exchange Relay Receive Connector is pretty simple. The Exchange server's FQDN is set as the HELO response, all available IP addresses can receive relayed e-mail, and the IP address of my sendmail server is specifically set as a remote server.

    Read the article

  • A star vs internet routing pathfinding

    - by alan2here
    In many respects pathfinding algorythms like A star for finding the shortest route though graphs are similar to the pathfinding on the internet when routing trafic. However the pathfinding routers perform seem to have remarkable properties. As I understand it: It's very perfromant. New nodes can be added at any time that use a free address from a finite (not tree like) address space. It's real routing, like A*, theres never any doubling back for example. IP addresses don't have to be geographicly nearby. The network reacts quickly to changes to the networks shape, for example if a line is down. Routers share information and it takes time for new IP's to be registered everywhere, but presumably every router dosn't have to store a list of all the addresses each of it's directions leads most directly to. I can't find this information elsewhere however I don't know where to look or what search tearms to use. I'm looking for a basic, general, high level description to the algorithms workings, from the point of view of an individual router.

    Read the article

  • Monitoring multiple sites on a single server using OpsView

    - by Kev
    We have several web servers. On each of these servers there can be ~250 web sites. I need to add a HTTP check for each site on each server. Each site has a reserved host header that we know can always be resolved in the format of: w10000.hostchecks.mycompany.com w10020.hostchecks.mycompany.com w11992.hostchecks.mycompany.com ..and so on.. What I want is for there to be a master ping check on the web server's main IP address and then separate HTTP checks for each of the sites on the server. If the master ping test fails then I want the HTTP tests to cease until the master ping check goes OK. I had a stab at this and tried do the following: Create a parent host that does a ping check on the server's main ip address (e.g. server is named WEB0001). For each of the sites that reside on WEB0001: Create a separate Host with a Primary Hostname of wXXXXX.hostchecks.mycompany.com Make WEB0001 the parent host Add a monitor (HTTP check to a special url that is mapped into each site using a virtual directory: H- $HOSTADDRESS$ -u /__hostcheck/IsAlive.aspx -w 5 -c 10 -p 80 However I find that if I down the parent server (WEB0001) the http checks seem to continue. Am I going about this completely the wrong way?

    Read the article

  • Successful login with iscsiadm on target still doesn't create block device

    - by Halfgaar
    I've set up an experiment to test iscsitarget and initiator, which at some point worked. Later, I turned the setup back on and much to my dismay, the initiator machine stopped making block devices for its successful logins. As far as I know, I haven't changed anything on either machine. Some details: # iscsiadm -m node --login Logging in to [iface: default, target: iqn.2010-12.nl.ytec.arbiter:arbiter.lun1, portal: 10.0.0.1,3260] Logging in to [iface: default, target: iqn.2010-12.nl.ytec.arbiter:arbiter.lun2, portal: 10.0.0.1,3260] Login to [iface: default, target: iqn.2010-12.nl.ytec.arbiter:arbiter.lun1, portal: 10.0.0.1,3260]: successful Login to [iface: default, target: iqn.2010-12.nl.ytec.arbiter:arbiter.lun2, portal: 10.0.0.1,3260]: successful Sessions: # iscsiadm -m session tcp: [3] 10.0.0.1:3260,1 iqn.2010-12.nl.ytec.arbiter:arbiter.lun1 tcp: [4] 10.0.0.1:3260,1 iqn.2010-12.nl.ytec.arbiter:arbiter.lun2 Netstat: # netstat -n -p|grep 3260 tcp 0 0 10.0.0.2:48719 10.0.0.1:3260 ESTABLISHED 1078/iscsid tcp 0 0 10.0.0.2:48718 10.0.0.1:3260 ESTABLISHED 1078/iscsid /var/log/syslog doesn't give errors: Jan 27 11:41:49 vmnode001 kernel: [ 378.041749] scsi7 : iSCSI Initiator over TCP/IP Jan 27 11:41:49 vmnode001 kernel: [ 378.044180] scsi8 : iSCSI Initiator over TCP/IP lsscsi doesn't show my devices: [0:0:1:0] cd/dvd TSSTcorp DVD-ROM TS-L333A D100 /dev/sr0 [4:0:0:0] disk ATA Hitachi HUA72105 A74A - [4:0:1:0] disk ATA Hitachi HUA72105 A74A - [4:1:0:0] disk Dell VIRTUAL DISK 1028 /dev/sda And there are no block devices in /dev for it: # ls -1 /dev/sd* /dev/sda /dev/sda1 /dev/sda2 /dev/sda3 /dev/sda4 I tried loading all scsi kernel modules I could find, but that doesn't seem to be the problem. I reall don't get this; it used to work. I found people with similar problems (here and here) but no solution. Initiator is Debian Sqeeuze (testing), target is Debian Lenny (stable). iscsitarget is 0.4.16+svn162-3.1+lenny1, open-iscsi (initiator) is 2.0.871.3-2squeeze1. Target kernel: 2.6.26-2-amd64, initiator kernel: 2.6.32-5-amd64

    Read the article

  • Apache: How to redirect OPTIONS request with .htaccess?

    - by Milan Babuškov
    I have Apache 2.2.4 server with a lot of messages like this in the access_log: ::1 - - [15/May/2010:19:55:01 +0200] "OPTIONS * HTTP/1.0" 400 543 ::1 - - [15/May/2010:20:22:17 +0200] "OPTIONS * HTTP/1.0" 400 543 ::1 - - [15/May/2010:20:24:58 +0200] "OPTIONS * HTTP/1.0" 400 543 ::1 - - [15/May/2010:20:25:55 +0200] "OPTIONS * HTTP/1.0" 400 543 ::1 - - [15/May/2010:20:27:14 +0200] "OPTIONS * HTTP/1.0" 400 543 These are the "internal dummy connections" as explained on this page: http://wiki.apache.org/httpd/InternalDummyConnection The page also hits my main problem: "In 2.2.6 and earlier, in certain configurations, these requests may hit a heavy-weight dynamic web page and cause unnecessary load on the server. You can avoid this by using mod_rewrite to respond with a redirect when accessed with that specific User-Agent or IP address." Well, obviously I cannot use UserAgent because I minimized the server signature, but I could use IP address. However, I don't have a clue what should the RewriteCond and RewriteRule look for IPv6 address ::1. The website where this runs is using CodeIgniter, so there is already the following .htaccess in place, I just need to add to it: RewriteEngine on RewriteCond %{REQUEST_URI} ^/system.* RewriteRule ^(.*)$ /index.php?/$1 [G] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ /index.php?/$1 [L] Any idea how to write this .htaccess rule?

    Read the article

  • Ruckus wireless AP and Dell PowerConnect configuration problems

    - by DanielJay
    We are working on trying to get some Ruckus Access Points to work correctly on our network. Currently our network is as follows: VLAN 10 - Servers VLAN 11 – Computers/DHCP VLAN 12 – Voice VLAN 13 – Guest We use Dell PowerConnect 6248P switches for our switches. Port settings are as follows: ZoneDirector 1100 is plugged into this port. Should be accessing the server VLAN and then allowing all other traffic. interface ethernet 1/g2 classofservice trust ip-dscp description 'Ruckus ZoneDirector 1100' switchport mode general switchport general pvid 10 switchport general allowed vlan add 10 switchport general allowed vlan add 11-13 tagged exit Access point is plugged into this port. The port has to be on VLAN 11 in order to get DHCP. interface ethernet 1/g16 classofservice trust ip-dscp description 'Ruckus - IT' switchport mode general switchport general pvid 11 switchport general allowed vlan add 10-12 switchport general allowed vlan add 13 tagged exit If we tag the traffic from the SSID as VLAN 11 data fails. If we leave the SSID tagged as 1 the data flows correctly. Are there problems with passing tagged traffic to untagged ports? We are looking to see what we can do to get the SSID tagged as 11 instead of 1. Any suggestions?

    Read the article

  • Access router set up as a bridge behind another router

    - by Alari Truuts
    I have a problem my ISP is refusing to help me with, even though they put up the whole system. Specifications: There's a Thomson TG784 router through which the internet comes in to the building, Behind that (for some reason) is a Juniper NetScreen 5XT - 105 Firewall/Router? which leads to an AMX nxa-enet24 switch that carries the connections all over the building and a series of Apple AirPorts for wifi. Problem: The first router (Thomson) is required for ipTV (by Elion). The tv or ipTV box has to be connected straight to the Thomson router. My service provider cannot see the Thomson router from their side, but see the Juniper, so we might think the Thomson has been configured as a bridge. I need a way to access the Thomson router and see it's configurations, because currently, when connecting a Samsung tv to that router (with elion app for ipTV viewing) or even a computer, it cannot access the internet and even if it could, it would update the Thomson router software, losing it's configurations which I need to preserve. I'm unable to find out the Thomson routers ip address to connect to it, and when directly conencting with a cat5 cable, it doesn't give me an ip address. Hope someone can show me the correct direction for solving my issue. Thank you all for reading, and I appreciate any help, Alari Truuts

    Read the article

  • Two DHCP servers on the same network

    - by CesarGon
    We are setting up a routing link between the Windows Server 2008 networks of two different buildings in my organisation. Each network uses a different IP addressing scheme (one uses public addresses, the other one uses private), but the goal is having a single Windows Server domain across the gap between the buildings. The link is provided by a 100-Mbps point-to-point line. I have always understood that you should not have more than one DHCP server on a network. However, we are planning to put a domain controller on each building, and each domain controller will be a DNS server and a DHCP server as well. The intention is that a machine booting up in building A gets its IP address from the DHCP server closer to it, in building A, while a machine booting up in building B gets an address from the DHCP server in building B. Since the two buildings will be linked and the network will be only one, will this work? How can I avoid that a machine booting up in building A gets an address from the DHCP server in building B (or vice versa)? Thanks.

    Read the article

  • Two DHCP servers on the same network

    - by CesarGon
    We are setting up a routing link between the Windows Server 2008 networks of two different buildings in my organisation. Each network uses a different IP addressing scheme (one uses public addresses, the other one uses private), but the goal is having a single Windows Server domain across the gap between the buildings. The link is provided by a 100-Mbps point-to-point line. I have always understood that you should not have more than one DHCP server on a network. However, we are planning to put a domain controller on each building, and each domain controller will be a DNS server and a DHCP server as well. The intention is that a machine booting up in building A gets its IP address from the DHCP server closer to it, in building A, while a machine booting up in building B gets an address from the DHCP server in building B. Since the two buildings will be linked and the network will be only one, will this work? How can I avoid that a machine booting up in building A gets an address from the DHCP server in building B (or vice versa)? Thanks.

    Read the article

  • Unable to send mail to hotmail from rackspace cloud

    - by Jo Erlang
    I'm having issue sending mail from postfix on a rackspace cloud instance for my domain. Hotmail says "550 SC-001 (SNT0-MC4-F35) Unfortunately, messages from 198.101.x.x weren't sent. Please contact your Internet service provider since part of their network is on our block list. " Here is the mail log Sep 20 08:02:59 mydomain postfix/smtpd[1810]: disconnect from localhost[127.0.0.1] Sep 20 08:02:59 mydomain postfix/smtp[1814]: 59CFF4B191: to=<[email protected]>, relay=mx3.hotmail.com[65.55.92.184]:25, delay=0.19, delays=0.1/0.01/0.06/0.01, dsn=5.0.0, status=bounced (host mx3.hotmail.com[65.55.92.184] said: 550 SC-001 (SNT0-MC4-F35) Unfortunately, messages from 198.101.x.x weren't sent. Please contact your Internet service provider since part of their network is on our block list. You can also refer your provider to http://mail.live.com/mail/troubleshooting.aspx#errors. (in reply to MAIL FROM command)) Sep 20 08:02:59 mydomain postfix/smtp[1814]: 59CFF4B191: lost connection with mx3.hotmail.com[65.55.92.184] while sending RCPT TO I have implemented rDNS, SPF and DKIM they all are looking fine. I have checked my IP and domain, on most of the spam black lists and it is listed as ok on those, (not listed as spamming IP) What should I try next?

    Read the article

  • ISC DHCPD IPv6 for multiple interfaces

    - by Seoman
    I want to assign multiple IPv6 to a server with multiple NIC. As IPv6 RFC defines, each server has a unique DUID that can have one of the 3 formats (LL, LLT or enterprise). And each NIC has an IAID. So a request from NIC1 its the DUID and the IAID of the NIC1 and the request from NIC2 its the same DUID but the IAID its different. The problem is that from a Centos box, when I ask for an IP in 2 different interfaces, I get the same IP. I can't find how to specify host entry based on DUID and the IAID. I see some people generating a unique DUID based on the MAC of the NIC but this is not IPv6 RFC says. What I tried is: host entry1 { host-identifier option dhcp6.client-id 00:01:00:01:19:fc:f8:1c:52:54:00:7e:c9:ec; option dhcp6.ia-na "00:09:40:5d"; fixed-address6 2001:db8:0:1::202; } host entry2 { host-identifier option dhcp6.client-id 00:01:00:01:19:fc:f8:1c:52:54:00:7e:c9:ec; option dhcp6.ia-na "00:7e:c9:ec"; fixed-address6 2001:db8:0:1::201; } This causes a Segmentation Fault in the client (what is scary...). I guess is not the right use for ia-na option but I don't see any other option.

    Read the article

  • How can I set up a local nameserver and modify DNS zones on it?

    - by Joe Hopfgartner
    This is a follow up to this question. I am having an issue with a Router that doesn't support hairpinning properly. See the link above for details. Now I want to set up a local DNS server that Hosts in our LAN can use to resolve public Hostnames (usual webbrowsing... ). Additionally I want to modify certain zones. In our LAN we have some servers serving resources that are not available in our public dns zone. We always have to configure our local LMHost files accordingly. For example we have a staging installation with a new feature running on a local Webserver, and we cannot access it with the IP directly because the website runs in a named virtual host container, we have to configure LMHost file to point some domain to the local IP address. And now we have also the Hair pinning issue. So my question is: What software can I use? Will bind do the job? I just need to insert some A entries into the zone. As easy as possible. We have local Linux/Ubuntu servers.

    Read the article

  • IPSec Tunnel to Amazon EC2 - Netkey, NAT, and routing problem

    - by Ernest Mueller
    Hey all, I'm working on getting an IPSec VPN working between Amazon EC2 and my on-premise. The goal is to be able to safely administer stuff, up/download data, etc. over that tunnel. I have gotten the tunnel up in openswan between a Fedora 12 instance with an elastic IP and a Cisco router that's also NATted. I think the ipsec part is OK, but I'm having trouble figuring out how to route traffic that way; there's no "ipsec0" virutal interface because on Amazon you have to use netkey and not KLIPS for the vpn. I hear iptables may be required and I'm an iptables noob. On the left (Amazon), I have a 10. network. Box 1 is privately 10.254.110.A, publically IP 184.73.168.B. Netkey tunnel is up. Box 2 is publically 130.164.26.C, privately 130.164.0.D And my .conf is: conn ni type= tunnel authby= secret left= 10.254.110.A leftid= 184.73.168.B leftnexthop= %defaultroute leftsubnet= 10.254.0.0/32 right= 130.164.26.C rightid= 130.164.0.D rightnexthop= %defaultroute rightsubnet= 130.164.0.0/18 keyexchange= ike pfs= no auto= start keyingtries= 3 disablearrivalcheck=no ikelifetime= 240m auth= esp compress= no keylife= 60m forceencaps= yes esp= 3des-md5 I added a route to box 1 (130.164.0.0/18 via 10.254.110.A dev eth0) but that doesn't do it for predictable reasons, when I traceroute the traffic's still going "around" and not through the vpn. Routing table: 10.254.110.0/23 dev eth0 proto kernel scope link src 10.254.110.A 130.164.0.0/18 via 10.254.110.178 dev eth0 src 10.254.110.A 169.254.0.0/16 dev eth0 scope link metric 1002 Anyone know how to do the routing with a netkey ipsec tunnel where both sides are NATted? Thanks...

    Read the article

  • Cisco Catalyst 3550 + Alteon 184 Load-Balancing Issues...

    - by upkels
    I have just deployed a couple Cisco Catalyst 3550 switches, and a couple Alteon 184 Web Switches for load-balancing. I can ping all RIPs and VIPs to/from the Alteon. Topology Before: (server) <- (Alteon) <- (Internet) Topology Now: (server) <- (3550) <- Alteon <- (Internet) Cisco Port Configuration (Alteon Uplink Port): description LB_1_PORT_9_PRIMARY switchport access vlan 10 switchport mode access switchport nonegotiate speed 100 duplex full Alteon Port 9 Configuration (VLAN 10 WAN): >> Main# /c/port 9/cur Current Port 9 configuration: enabled pref fast, backup gig, PVID 10, BW Contract 1024 name UPLINK >> Main# /c/port 9/fast/cur Current Port 9 Fast link configuration: speed 100, mode full duplex, fctl none, auto off Cisco Configuration (Load-Balanced Servers Port): description LB_1_PORT_1_PRIMARY switchport access vlan 30 switchport mode access switchport nonegotiate speed 100 duplex full Alteon Port 1 Configuration (VLAN 30 LOAD-BALANCED LAN): >> Main# /c/port 1/cur Current Port 1 configuration: enabled pref fast, backup gig, PVID 30, BW Contract 1024 name LB_PORT_1 >> Main# /c/port 1/fast/cur Current Port 1 Fast link configuration: speed 100, mode full duplex, fctl both, auto on Each of my servers are on vlan 10 and 30, properly communicating. I have tried to turn on VLAN tagging on the Alteon, however it seems to cause all communications to stop working. When I tcpdump -i vlan30 on any of the webservers, I see normal ARP communications, and some STP communications, which may or may not be part of the problem: ... 15:00:51.035882 STP 802.1d, Config, Flags [none], bridge-id 801e.00:11:5c:62:fe:80.8041, length 42 15:00:51.493154 IP 10.1.1.254.33923 > 10.1.1.1.http: Flags [S], seq 707324510, win 8760, options [mss 1460], length 0 15:00:51.493336 IP 10.1.1.1.http > 10.1.1.254.33923: Flags [S.], seq 3981707623, ack 707324511, win 65535, options [mss 1460], len gth 0 15:00:51.493778 ARP, Request who-has 10.1.3.1 tell 10.1.3.254, length 46 etc... I'm not sure if I've provided enough information, so please let me know if any more is necessary. Thank you!

    Read the article

  • Fail2Ban adds iptable rules but they are not working?

    - by EApubs
    Fail2Ban just blocked my IP for 3 SSH attempts. It added the iptables rule and I can see it using the "sudo iptables -L -n" command. But I can still access the site and login through SSH! What might be the problem? Is it because im using CloudFlare? I have set Nginx to write the real IPs to the access logs instead of the Cloud Flare IP. Isn't it enough? Chain fail2ban-ssh (1 references) target prot opt source destination DROP all -- 119.235.14.8 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 The input chain : Chain INPUT (policy DROP) target prot opt source destination fail2ban-NoAuthFailures tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 fail2ban-nginx-dos tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,8090 fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465 fail2ban-ssh-ddos tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22 fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22 ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-track-input all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4

    Read the article

  • Error regarding DNS - "... must be able to resolve names ..." (Windows Server 2008 R2 installation)

    - by Scolytus
    I'm trying to replace our old Windows 2000 Server by a Windows Server 2008 R2. I followed the guide at MSDN. Coming to the step "Install Active Directory Domain Services..." the option to install the DNS-Server was grayed-out. According to Microsoft Support I skipped the DNS Server Installation at this point. (Because of the single-label DNS name) I then installed the DNS-Server role and created a forward-lookup-zone for the domain. When running the Best Practices Analyzer of the DNS-Server role I get these two messages for both domain controllers (the old win2k and the new win 2008 R2): The DNS server [IP address] on [adapter name] must be able to resolve names in the primary DNS domain zone The DNS server [IP address] on [adapter name] must be able to resolve names in the forest root domain name zone The TechCenter articles suggest to use a proper DNS Server - that's pointless when I try to configure a proper DNS Server. How do I configure the DNS Server in a way that it resolves these zones? Or are these errors irrelevant? dcdiag /v /test:DNS Seems to run fine...

    Read the article

  • router only assigns small number of IPs

    - by Liam Coates
    Been having a problem with my router for a while now, might just be because it is really old but here's the problem: If a lot of computers are connected to my home network someone will get disconnected. They are assigned IPs and it seems like at a certain point (and I don't know how many) you either get assigned the same IP as someone else or something else is happening and you get disconnected - until i soft reset it and it works again which takes 30 secs. I'd say my tablet, my PC, my sisters iPad, 2 laptops and a netbook is the most that can be connected at one time so that is 6 but that should be fine. The only way I know this is the problem is because I turned on my tablet and I was online on my PC, got disconnected but my tablet was still connected, this is just after i turned the tablet on so I know my router is having difficulty with IPs, it is like it assigned the same IP to the tablet which then clashed with my desktop and knocked me off. I see that sometimes the following solves it as well so I wrote a batch file with a menu to execute these commands as I have to do it so often. ipconfig /release ipconfig /flushdns ipconfig /renew Any ideas? Or shall I just get a new router as this one is old and maybe can't handle giving out that many IPs? Cheers!

    Read the article

  • Cisco Router - Add a missing MIB file

    - by Jonathan Rioux
    I have a Cisco 881w, and I would like to setup NBAR in my NetFlow Analyzer. But it says that my router misses this MIB in order to allow NFA to poll the router with snmp to get NBAR infos. From the FAQ page of the NetFlow Analyzer website, it responds to my error: Q. I am able to issue the command "ip nbar protocol-discovery" on the router and see the results. But NFA says my router does not support NBAR, Why? A. Earlier version of IOS supports NBAR discovery only on router. So you can very well execute the command "ip nbar protocol-discovery" on the router and see the results. But NBAR Protocol Discovery MIB(CISCO-NBAR-PROTOCOL-DISCOVERY-MIB) support came only on later releases. This is needed for collecting data via SNMP. Please verify that whether your router IOS supports CISCO-NBAR-PROTOCOL-DISCOVERY-MIB. The missing MIB is: CISCO-NBAR-PROTOCOL-DISCOVERY-MIB I found it here: ftp://ftp.cisco.com/pub/mibs/v2/CISCO-NBAR-PROTOCOL-DISCOVERY-MIB.my But how can I add this MIB into the router? The IOS of my router is: c880data-universalk9-mz.151-3.T1.bin

    Read the article

  • ServerName wildcards in Apache name-based virtual hosts?

    - by Martijn Heemels
    On our LAN I've set up several 'fake' TLDs in the DNS server, with the intention of using them for Apache name-based virtual hosting. I'd like to combine this with mass-virtual-hosting (i.e. VirtualDocumentRoot) on an Ubuntu 10.04 LAMP server. However, I can't get it to select the right vhost! Here is a summary of the Apache config: NameVirtualHost 10.10.0.205 <VirtualHost 10.10.0.205> ServerName *.test VirtualDocumentRoot /var/www/%-3.0.%-2/test/%1/ CustomLog /var/log/apache2/access.log vhost_combined </VirtualHost> <VirtualHost 10.10.0.205> ServerName *.dev VirtualDocumentRoot /var/www/%-3.0.%-2/dev/%1/ CustomLog /var/log/apache2/access.log vhost_combined </VirtualHost> A hostname such as www.domain.com.dev, correctly resolves to 10.10.0.205, but always selects the top vhost, instead of the bottom one, which matches more closely. I was under the impression that Apache would first try to match the ServerName before defaulting to the top vhost for a given IP. What am I doing wrong? Or is this not possible and must I use another IP for each TLD? apachectl -S outputs (trimmed): 10.10.0.205:* is a NameVirtualHost default server *.test port * namevhost *.test port * namevhost *.dev

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 365 366 367 368 369 370 371 372 373 374 375 376  | Next Page >