Search Results

Search found 16748 results on 670 pages for 'port block'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 391/670 | < Previous Page | 387 388 389 390 391 392 393 394 395 396 397 398  | Next Page >

  • 3CX behind UT7.1 using a callcentric.com SIP account

    - by Corey
    Has anyone had any luck with getting 3CX working behind UT7.1 with a SIP account from callcentric.com? I am willing to reset my current UT box back to defaults, and start from there. I have a static public IP assigned to the external interface. My internal addressing is 192.168.76.0 . My 3CX box has 192.168.76.17 . Would anyone be willing to give me a step by step of changes to make in UT / 3CX. I currently have my UT box unplugged, and have replaced it with a Linksys unit. I have port forwarding setup for… TCP/UDP 5060 to 192.168.76.17 UDP 9000-9049 to 192.168.76.17 … and everything works great. I also have additional external IPs available if that helps.

    Read the article

  • 10 gigabit or 1 gigabit switch

    - by Guntis
    We are planning to move mysql to dedicated box. At this moment we have web servers and mysql is running on each. Question is: cheaper is to buy 10G switch and put 10G network card into mysql server. Or buy normal gigabit switch and connect mysql box to switch with multiple network cables. In 1G scenario then we give each web server different mysql IP address. I don't think, that mysql box with one 1G link is enough to to satisfy multiple web box mysql traffic. At this moment we have 3 servers witch are running mysql/web. Plan is to add fourth server for mysql only. Thanks. Edit: if we buy 1G switch with mini-GBIC ports. Can we put in mini-GBIC 10G connectors and then connect mysql box to that port?

    Read the article

  • How to recreate Windows Live Mail filter rules in Thunderbird?

    - by FernandoSBS
    I have some filters in Windows Live Mail that I'm trying to port to thunderbird without success. It seems Thunderbird filter is very limited. Here is an ex of a filter i'm trying to recreate: Apply this rule after the message arrives Where the From line contains '[email protected]' or '[email protected]' or 'Programa TAM Fidelidade' and Where the message body contains 'esteja visualizando' and 'por ser cadastrado no Programa TAM Fidelidade' Move it to the Deleted items folder and Stop processing more rules In Thunderbird I can´t combine a list of "or"s with some "and"s, because it only allows you to select "message matches ALL of the criteria below" or "ANY of the below". Am I missing something or it really is very limited?

    Read the article

  • Disabling URL decoding in nginx proxy

    - by Tomasz Nurkiewicz
    When I browse to this URL: http://localhost:8080/foo/%5B-%5D server (nc -l 8080) receives it as-is: GET /foo/%5B-%5D HTTP/1.1 However when I proxy this application via nginx: location /foo { proxy_pass http://localhost:8080/foo; } The same request routed through nginx port is forwarded with path decoded: GET /foo/[-] HTTP/1.1 Decoded square brackets in the GET path are causing the errors in the target server (HTTP Status 400 - Illegal character in path...) as they arrive un-escaped. Is there a way to disable URL decoding or encode it back so that the target server gets the exact same path when routed through nginx? Some clever URL rewrite rule?

    Read the article

  • Set Users as chrooted for sftp, but allow user to login in SSH

    - by Eghes
    I have setup a ssh server on debian 7, to use sftp connection. I chrooted some user, with this config: Match Group sftpusers ChrootDirectory /sftp/%u ForceCommand internal-sftp But if i want login with one of this chrooted users in ssh console, they get logged, but autoclose the connection. In logs I see: Oct 17 13:39:32 xxxxxx sshd[31100]: Accepted password for yyyyyy from zzz.zzz.zzz.zzz port 7855 ssh2 Oct 17 13:39:32 xxxxxx[31100]: pam_unix(sshd:session): session opened for user yyyyyyyyyyyy by (uid=0) Oct 17 13:39:32 d00hyr-ea1 sshd[31100]: pam_unix(sshd:session): session closed for user yyyyyyyyyyyy How can I chroot a user only for sftp, and use it as a normal user for ssh?

    Read the article

  • help setting up an IPSEC vpn from my linux box

    - by robthewolf
    I have an office with a router and a remote server (Linux - Ubuntu 10.10). Both locations need to connect to a data supplier through a VPN. The VPN is an IPSEC gateway. I was able to configure my Linksys rv42 router to create a VPN connection successfully and now I need to do the same for Linux server. I have been messing around with this for too long. First I tried OpenVPN, but that is SSL and not IPSEC. Then I tried Shrew. I think I have the settings correct but I haven't been able to create the connection. It maybe that I have to use something else like a direct IPSEC config or something like that. If someone knows of a way to turn the following settings that I have been given below into a working IPSEC VPN connection I would be very grateful. Here are the settings I was given that must be used to connect to my supplier: Local destination network: 192.168.4.0/24 Local destination hosts: 192.168.4.100 Remote destination network: 192.167.40.0/24 Remote destination hosts: 192.168.40.27 VPN peering point: xxx.xxx.xxx.xxx Then they have given me the following details: IPSEC/ISAKMP Phase 1 Parameters: Authentication method: pre shared secret Diffie Hellman group: group 2 Encryption Algorithm: 3DES Lifetime in seconds:28800 Phase 2 parameters: IPSEC security: ESP Encryption algortims: 3DES Authentication algorithms: MD5 lifetime in seconds: 28800 pfs: disabled Here are the settings from my attempt to use shrew: n:version:2 n:network-ike-port:500 n:network-mtu-size:1380 n:client-addr-auto:0 n:network-frag-size:540 n:network-dpd-enable:1 n:network-notify-enable:1 n:client-banner-enable:1 n:client-dns-used:1 b:auth-mutual-psk:YjJzN2QzdDhyN2EyZDNpNG42ZzQ= n:phase1-dhgroup:2 n:phase1-keylen:0 n:phase1-life-secs:28800 n:phase1-life-kbytes:0 n:vendor-chkpt-enable:0 n:phase2-keylen:0 n:phase2-pfsgroup:-1 n:phase2-life-secs:28800 n:phase2-life-kbytes:0 n:policy-nailed:0 n:policy-list-auto:1 n:client-dns-auto:1 n:network-natt-port:4500 n:network-natt-rate:15 s:client-dns-addr:0.0.0.0 s:client-dns-suffix: s:network-host:xxx.xxx.xxx.xxx s:client-auto-mode:pull s:client-iface:virtual s:client-ip-addr:192.168.4.0 s:client-ip-mask:255.255.255.0 s:network-natt-mode:enable s:network-frag-mode:disable s:auth-method:mutual-psk s:ident-client-type:address s:ident-client-data:192.168.4.0 s:ident-server-type:address s:ident-server-data:192.168.40.0 s:phase1-exchange:aggressive s:phase1-cipher:3des s:phase1-hash:md5 s:phase2-transform:3des s:phase2-hmac:md5 s:ipcomp-transform:disabled Finally here is the debug output from the shrew log: 10/12/22 17:22:18 ii : ipc client process thread begin ... 10/12/22 17:22:18 < A : peer config add message 10/12/22 17:22:18 DB : peer added ( obj count = 1 ) 10/12/22 17:22:18 ii : local address 217.xxx.xxx.xxx selected for peer 10/12/22 17:22:18 DB : tunnel added ( obj count = 1 ) 10/12/22 17:22:18 < A : proposal config message 10/12/22 17:22:18 < A : proposal config message 10/12/22 17:22:18 < A : client config message 10/12/22 17:22:18 < A : local id '192.168.4.0' message 10/12/22 17:22:18 < A : remote id '192.168.40.0' message 10/12/22 17:22:18 < A : preshared key message 10/12/22 17:22:18 < A : peer tunnel enable message 10/12/22 17:22:18 DB : new phase1 ( ISAKMP initiator ) 10/12/22 17:22:18 DB : exchange type is aggressive 10/12/22 17:22:18 DB : 217.xxx.xxx.xxx:500 <- 206.xxx.xxx.xxx:500 10/12/22 17:22:18 DB : c1a8b31ac860995d:0000000000000000 10/12/22 17:22:18 DB : phase1 added ( obj count = 1 ) 10/12/22 17:22:18 : security association payload 10/12/22 17:22:18 : - proposal #1 payload 10/12/22 17:22:18 : -- transform #1 payload 10/12/22 17:22:18 : key exchange payload 10/12/22 17:22:18 : nonce payload 10/12/22 17:22:18 : identification payload 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v00 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v01 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v02 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( draft v03 ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports nat-t ( rfc ) 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local supports DPDv1 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is SHREW SOFT compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is NETSCREEN compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is SIDEWINDER compatible 10/12/22 17:22:18 : vendor id payload 10/12/22 17:22:18 ii : local is CISCO UNITY compatible 10/12/22 17:22:18 = : cookies c1a8b31ac860995d:0000000000000000 10/12/22 17:22:18 = : message 00000000 10/12/22 17:22:18 - : send IKE packet 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 ( 484 bytes ) 10/12/22 17:22:18 DB : phase1 resend event scheduled ( ref count = 2 ) 10/12/22 17:22:18 ii : opened tap device tap0 10/12/22 17:22:28 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:38 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:48 - : resend 1 phase1 packet(s) 217.xxx.xxx.xxx:500 - 206.xxx.xxx.xxx:500 10/12/22 17:22:58 ii : resend limit exceeded for phase1 exchange 10/12/22 17:22:58 ii : phase1 removal before expire time 10/12/22 17:22:58 DB : phase1 deleted ( obj count = 0 ) 10/12/22 17:22:58 ii : closed tap device tap0 10/12/22 17:22:58 DB : tunnel stats event canceled ( ref count = 1 ) 10/12/22 17:22:58 DB : removing tunnel config references 10/12/22 17:22:58 DB : removing tunnel phase2 references 10/12/22 17:22:58 DB : removing tunnel phase1 references 10/12/22 17:22:58 DB : tunnel deleted ( obj count = 0 ) 10/12/22 17:22:58 DB : removing all peer tunnel refrences 10/12/22 17:22:58 DB : peer deleted ( obj count = 0 ) 10/12/22 17:22:58 ii : ipc client process thread exit ...

    Read the article

  • Strange email coming from/to my computer

    - by Micah
    I'm running smtp4dev on my machine to trap anything going in/out of my computer on port 25 for testing purposes. Every so often this email gets trapped and I have no idea what it's from. I have Microsoft Security Essentials running on my machine and it hasn't identified and viruses or anything so I'm not sure what's going on. Here's the content of the message: Received: from [125.180.72.4] by 173.162.7.130 SMTP id O2Ncv62Ghig1vR for <[email protected]>; Fri, 24 Jun 2011 20:36:15 +0200 Received: from [125.180.72.4] by 173.162.7.130 SMTP id O2Ncv62Ghig1vR for <[email protected]>; Fri, 24 Jun 2011 20:36:15 +0200 Message-ID: <[email protected]> From: "" <[email protected]> To: <[email protected]> Subject: BC_173.162.7.130 Date: Fri, 24 Jun 11 20:36:15 GMT MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000D_01C2CC60.49F4EC70"

    Read the article

  • Difference between tcp recv buffer and tcp receive window size?

    - by pradeepchhetri
    The command shows the tcp receive buffer size in bytes. $ cat /proc/sys/net/ipv4/tcp_rmem 4096 87380 4001344 where the three values signifies the min, default and max values respectively. Then I tried to find the tcp window size using tcpdump command. $ sudo tcpdump -n -i eth0 'tcp[tcpflags] & (tcp-syn|tcp-ack) == tcp-syn and port 80 and host google.com' tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes 16:15:41.465037 IP 172.16.31.141.51614 > 74.125.236.73.80: Flags [S], seq 3661804272, win 14600, options [mss 1460,sackOK,TS val 4452053 ecr 0,nop,wscale 6], length 0 I got the window size to be 14600 which is 10 times the size of MSS. Can anyone please tell me the relationship between the two.

    Read the article

  • How to tell Windows 7 to ignore a default gateway

    - by zildjohn01
    I currently have 2 network cards in my PC -- one connected to an internal network on a router with a disconnected WAN port (10.x.x.x), and one connected to the internet through a consumer router (192.168.0.x). Windows seems to recognize them correctly (my "Network and Sharing Center" lists them as "No Internet" and "Internet" respectively), however when I try browsing the internet it always tries the internal network's default gateway, rather than the one with internet access. Trying to ping a website results in "Reply from 10.0.0.1: Destination net unreachable.". A simple "route delete 0.0.0.0 mask 0.0.0.0 10.0.0.1" fixes the problems, but they return upon reboot, or upon renewing my IP. Is there any way to tell Windows to ignore one NIC's default gateway, or to at least give them priorities?

    Read the article

  • Teredo - how to connect to host behind NAT?

    - by Signum
    All I want to achieve is to establish connection to my simple server (written in C# using TcpListener class, if it makes any difference), on my computer which is behind NAT. It has some IPv6 address (it's public IP, starting with 2001:0) on Teredo interface. However, I cannot even ping it from outside my network, for instance I'm trying to ping this address from this website http://mebsd.com/ipv6-ping-and-traceroute, result - 100% packet loss. As I understood from reading about Teredo, there is no need for some port forwarding? So where could be the problem?

    Read the article

  • Weird behaviour with OpenVPN: can not connect to a few websites

    - by Gaby Solis
    My OpenVPN server is Ubuntu 10.04.4 LTS and openvpn version is 2.x My client is on Win 7. He can access most sites but not Youtube, Facebook, Twitter, groups.google.com, etc My server.conf is: local x.x.x.x port 1194 proto udp dev tun ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key dh /etc/openvpn/keys/dh1024.pem server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" client-to-client keepalive 10 120 comp-lzo persist-key persist-tun status /etc/openvpn/keys/openvpn-status.log verb 4 I can access Youtube etc using SSH Tunnel + SOCKS Proxy, and the Ubuntu server can access all sites. so nothing is wrong with the Ubuntu server. With little information I can provide, I am not looking for a quck solution. How can I debug?

    Read the article

  • How to reset a Fritz!Box DSL router to factory settings?

    - by damluar
    I need to change the setting of router Fritz Box. The setting were set by another person. I can't connect to router using cable, may be standard port or address were changed. So the only option is to switch to factory settings. Usually there is a button which deletes all the settings. I read the documentation and they tell to call the number #991*15901590* on the router. Do I have to connect telephone to router?

    Read the article

  • XEN disk mapping problem under opensolaris

    - by Louis
    I have a system with two harddisks, i wanted to use the simplicity of ZFS for my file server and i also need to run a linux. I choosed XEN virtualization for that, supported on both system. My GRUB is well configured and i can boot both system. I would like is to run both system with solaris as a dom0 and the debian installed on the 2nd HD as a virtual machine. My problem is that i want to use the partitions of my 1st harddisk (sda1 under linux) and it does not work. I didn't find my use case on the web- Here is my Opensolaris device name of this partition : /dev/rdsk/c7d0p1 But when i use : disk = [ 'phy:rdsk/c7d0p1,sda1,w' ] as a disk mapping in my XEN configuration file i have the error : Error: Device 2049 (vbd) could not be connected. error: "rdsk/c7d0p1" is not a valid block device. I am "lost".

    Read the article

  • Monitoring on java daemon on centos

    - by user111196
    I have a java application which I run using yasjw tool as a daemon. I need to monitor it in case it goes down I need some kind of alert or even restart it. Is there any tool can help me do this on centos environment? The results of ps -ef | grep java root 3109 1 0 Apr06 ? 00:04:35 /usr/java/jdk1.6.0_18/bin/java -Dwrapper.pidfile=/var/run/wrapper.commServer.pid -Dwrapper.service=true -Dwrapper.visible=false -jar /usr/local/yajsw-beta-10.2/wrapper.jar -c /usr/local/yajsw-beta-10.2/conf/wrapper.conf root 3132 3109 0 Apr06 ? 00:25:26 /usr/java/jdk1.6.0_18/bin/java -classpath /usr/local/yajsw-beta-10.2/./wrapperApp.jar:/usr/local -Xrs -Dwrapper.service=true -Dwrapper.console.visible=false -Dwrapper.visible=false -Dwrapper.pidfile=/var/run/wrapper.commServer.pid -Dwrapper.config=/usr/local/yajsw-beta-10.2/conf/wrapper.conf -Dwrapper.port=15003 -Dwrapper.key=4276015160565963367 -Dwrapper.teeName=4276015160565963367$1333699547154 -Dwrapper.tmpPath=/tmp org.rzo.yajsw.app.WrapperJVMMain root 23986 23945 0 16:53 pts/0 00:00:00 grep java pidof java 3132 3109

    Read the article

  • Clever recording using AVFoundation

    - by martin
    Hello I am working on my master thesis and I am programming app for iOS using AVFoundation framework. I can make by myself session and attach devices to it and record video with sound. The main problem is that I need continous recording (3hours or longer). After three hours user will stop recording and user will choose time eg. 15 mins (max 30 mins) and only this last 15 mins will be stored to iphone memory. Is it possible to 'cut' video while recording or should I record it eg. in 10 minutes block and then delete old video segments and last two segments connect to one bigger? Will perform these connections (stop recording, start new recording and then connect these two segments) lags in final long video segment? Is there any way to perform this 'clever' recording? Thank you for any ideas.

    Read the article

  • Routing to various node.js servers on same machine

    - by Dtang
    I'd like to set up multiple node.js servers on the same machine (but listening on different ports) for different projects (so I can pull any down to edit code without affecting the others). However I want to be able to access these web apps from a browser without typing in the port number, and instead map different urls to different ports: e.g. 45.23.12.01/app - 45.23.12.01:8001. I've considered using node-http-proxy for this, but it doesn't yet support SSL. My hunch is that nginx might be the most suitable. I've never set up nginx before - what configuration do I need to do? The examples of config files I've seen only deal with subdomains, which I don't have. Alternatively, is there a better (stable, hassle-free) way of hosting multiple apps under the same IP address?

    Read the article

  • Shibboleth + IIS and Pound Reverse Proxy

    - by boburob
    Having a bit of a problem getting Shibboleth (SSO) working with ADFS and Pound. The main problem seems to be that: The website address will be https://website.domain.com Pound will then terminate the SSL and forward the traffic to the webserver on a different port (http://server.domain.com:8888) I have set up Shibboleth to protect the address http://server.domain.com:8888, which allows me to retrieve metadata and it all seems to be working fine. However the problem seems to be that ADFS is configured to protect the https website, so when Shibboleth attempts to recieve information from ADFS I get nothing except the following error: A token request was received for a relying party identified by the key 'https://msstagrevproxy.cwpintranet.com/shibboleth', but the request could not be fulfilled because the key does not identify any known relying party trust. Key: https://msstagrevproxy.cwpintranet.com/shibboleth I am not really sure how I can work around this as to retrieve the metadata from Shibboleth I have to use the https address but this does not actually exist in Shibboleth or IIS. Has anyone had any experience with this before or using any other SSO with a reverse proxy that works?

    Read the article

  • allowing index access only with .htaccess

    - by YsoL8
    Hello I have this in my .htaccess file, in the site root: Options -Indexes <directory ../.*> Deny from all </directory> <Files .htaccess> order allow,deny deny from all </Files> <Files index.php> Order allow,deny allow from all </Files> What I'm trying to achieve is to block folder and file access to anything that isn't called index.php, regardless of which directory is accessed. I have the folder part working perfectly and the deny from all rule is working as well - but my attempt to allow access to index.php is failing. Basically could someone tell me how to get it working?

    Read the article

  • allowing index access only with .htaccess

    - by Oliver Nourish
    Hello I have this in my .htaccess file, in the site root: Options -Indexes <directory ../.*> Deny from all </directory> <Files .htaccess> order allow,deny deny from all </Files> <Files index.php> Order allow,deny allow from all </Files> What I'm trying to achieve is to block folder and file access to anything that isn't called index.php, regardless of which directory is accessed. I have the folder part working perfectly and the deny from all rule is working as well - but my attempt to allow access to index.php is failing. Basically could someone tell me how to get it working?

    Read the article

  • allowing index access only with .htaccess

    - by YsoL8
    Hello I have this in my .htaccess file, in the site root: Options -Indexes <directory ../.*> Deny from all </directory> <Files .htaccess> order allow,deny deny from all </Files> <Files index.php> Order allow,deny allow from all </Files> What I'm trying to achieve is to block folder and file access to anything that isn't called index.php, regardless of which directory is accessed. I have the folder part working perfectly and the deny from all rule is working as well - but my attempt to allow access to index.php is failing. Basically could someone tell me how to get it working?

    Read the article

  • meld on OS X 10.7 doesn't work?

    - by klm123
    I'm installing meld on Mac OS 10.7 using port. It has downloaded all dependencies and told that everything is ok: Staging meld into destroot Installing meld @1.5.3_0 Activating meld @1.5.3_0 Cleaning meld Updating database of binaries: 100.0% Scanning binaries for linking errors: 100.0% No broken files found. but when I run: [18:28:24]~$ meld Traceback (most recent call last): File "/opt/local/bin/meld", line 75, in <module> locale.setlocale(locale.LC_ALL,'') File "/opt/local/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/locale.py", line 539, in setlocale return _setlocale(category, locale) locale.Error: unsupported locale setting what is the problem and how to deal with it?

    Read the article

  • 2 x Netgear GS724T (Dual GBIC) trunking issue

    - by Arthor
    I have the following: Netgear GS724T (Firmware Version V1.0.3_35, Protocol Version - 2.001.002) 4 x Indineon ISFP GBR/FC Settings STP Function - Enabled Fast Link - Enabled Trunking port 23,24, (21,22 - RJ45 cables, but not connected.) I have connected both switches via 2 fiber cables and want to use trunking. The problem I am having. Sometimes I get a an issue when none of the switches cannot talk with each other, nor the devices, sometime they can. The problem is irregular and no patten can be determined The statistics shows that when the switches does not work, they have RX errors If I remove one to the GBIC connections, then everything works as normal.] Question Does anyone have a solution for this please? Thanks

    Read the article

  • IPTables masquerading with one NIC

    - by Tuinslak
    Hi, I am running an OpenVPN server with only one NIC. This is my current layout: public.ip > Cisco firewall > lan.ip > OpenVPN server lan.ip = 192.168.22.70 The Cisco firewall forwards the requests to the oVPN server, thus so far everything works and clients are able to connect. However, all clients connected should be able to access 3 networks: lan1: 192.168.200.0 (vpn lan) > tun0 lan2: 192.168.110.0 (office lan) > eth1 (gw 192.168.22.1) lan3: 192.168.22.0 (server lan) > eth1 (broadcast network) So tun0 is mapped to eth1. Iptables output: # iptables-save # Generated by iptables-save v1.4.2 on Wed Feb 16 14:14:20 2011 *filter :INPUT ACCEPT [327:26098] :FORWARD DROP [305:31700] :OUTPUT ACCEPT [291:27378] -A INPUT -i lo -j ACCEPT -A INPUT -i tun0 -j ACCEPT -A INPUT -i ! tun0 -p udp -m udp --dport 67 -j REJECT --reject-with icmp-port-unreachable -A INPUT -i ! tun0 -p udp -m udp --dport 53 -j REJECT --reject-with icmp-port-unreachable -A FORWARD -d 192.168.200.0/24 -i tun0 -j DROP -A FORWARD -s 192.168.200.0/24 -i tun0 -j ACCEPT -A FORWARD -d 192.168.200.0/24 -i eth1 -j ACCEPT COMMIT # Completed on Wed Feb 16 14:14:20 2011 # Generated by iptables-save v1.4.2 on Wed Feb 16 14:14:20 2011 *nat :PREROUTING ACCEPT [302:26000] :POSTROUTING ACCEPT [3:377] :OUTPUT ACCEPT [49:3885] -A POSTROUTING -o eth1 -j MASQUERADE COMMIT # Completed on Wed Feb 16 14:14:20 2011 Yet, clients are unable to ping any ip (including 192.168.200.1, which is the oVPN's IP) When the machine was directly connected to the internet, with 2 NICs, it was quite simply solved with masquerading and adding static routes in the oVPN client's config. However, as masquerading won't accept virtual interfaces (eth0:0, etc) I am unable to get masquerading to work again (and I'm not even sure whether I need virtual interfaces). Thanks. Edit: OpenVPN server: # ifconfig eth1 Link encap:Ethernet HWaddr ba:e6:64:ec:57:ac inet addr:192.168.22.70 Bcast:192.168.22.255 Mask:255.255.255.0 inet6 addr: fe80::b8e6:64ff:feec:57ac/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:6857 errors:0 dropped:0 overruns:0 frame:0 TX packets:4044 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:584046 (570.3 KiB) TX bytes:473691 (462.5 KiB) Interrupt:14 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:334 errors:0 dropped:0 overruns:0 frame:0 TX packets:334 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:33773 (32.9 KiB) TX bytes:33773 (32.9 KiB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.200.1 P-t-P:192.168.200.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) ifconfig on a client: # ifconfig eth0 Link encap:Ethernet HWaddr 00:22:64:71:11:56 inet addr:192.168.110.94 Bcast:192.168.110.255 Mask:255.255.255.0 inet6 addr: fe80::222:64ff:fe71:1156/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:3466 errors:0 dropped:0 overruns:0 frame:0 TX packets:1838 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:997924 (974.5 KiB) TX bytes:332406 (324.6 KiB) Interrupt:17 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:37847 errors:0 dropped:0 overruns:0 frame:0 TX packets:37847 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:2922444 (2.7 MiB) TX bytes:2922444 (2.7 MiB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:192.168.200.30 P-t-P:192.168.200.29 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:689 errors:0 dropped:18 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:468778 (457.7 KiB) wlan0 Link encap:Ethernet HWaddr 00:16:ea:db:ae:86 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:704699 errors:0 dropped:0 overruns:0 frame:0 TX packets:730176 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:520385963 (496.2 MiB) TX bytes:225210422 (214.7 MiB) static routes line at the end of the client's config (I've been playing around with the 192.168.200.0 -- (un)commenting to see if anything changes): route 192.168.200.0 255.255.255.0 route 192.168.110.0 255.255.255.0 route 192.168.22.0 255.255.255.0 route on a vpn client: # route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.200.29 0.0.0.0 255.255.255.255 UH 0 0 0 tun0 192.168.22.0 192.168.200.29 255.255.255.0 UG 0 0 0 tun0 192.168.200.0 192.168.200.29 255.255.255.0 UG 0 0 0 tun0 192.168.110.0 192.168.200.29 255.255.255.0 UG 0 0 0 tun0 192.168.110.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 0.0.0.0 192.168.110.1 0.0.0.0 UG 0 0 0 eth0 edit: Weirdly enough, if I set push "redirect-gateway def1" in the server config, (and thus routes all traffic through VPN, which is not what I want), it seems to work.

    Read the article

  • smtp sasl authentication failure

    - by cromestant
    hello, I have configured and fixed almost all the problems with my postfix +courier + mysql setup for virtual mailboxes. I can now receive mail and send it from webmail (squirrel). BUT, what I can't do is authenticate from outside client. Since my isp blocks port 25 I setup postfix to work on 1025 for smtp and setup verbose loging. Here is the verbose log of a failed authentication process LOG Authentication for imap and pop3 seem to be working but this one is not. Here is the postconf -n output. Also through mysql I can verify that it is trying to validate through the system, running a query that returns the encrypted password stored in the database. I can't seem to find the error for this. thank you in advance

    Read the article

  • Laptop recommendation for home user

    - by Mehper C. Palavuzlar
    I'm going to buy a new laptop soon and I need Super Users' recommendations. The following criteria are crucial for me: Intel i series processor Min. 4 GB RAM Min. 500 GB HDD HDMI port Min. 3 USB ports Not a monster, but a good graphics card Multimedia card reader DVD-RW Double Layer No heating problems! What do you recommend me? I'm considering buying a Vaio but I'm not sure. TIA.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 387 388 389 390 391 392 393 394 395 396 397 398  | Next Page >