Search Results

Search found 1671 results on 67 pages for 'packets'.

Page 47/67 | < Previous Page | 43 44 45 46 47 48 49 50 51 52 53 54 | Next Page >

Cisco ASA - NAT'ing VPN traffic

- by DrStalker

I have an IPsec VPN setup like this: [Remote users]-[Remote ASA] <-VPN-> [My ASA]-[Subnet A]-[Router 2]-[Subnet B] The VPN is set to handle traffic between [remote users] and [Subnet A]; it does not include [Subnet B]. Pretend the firewall rules for all routers are to permit everything. Now I want to redirect traffic that comes over the VPN to a specific IP on [subnet A] (192.168.1.102) to an IP on [Subnet B] (10.1.1.133) If I add a rule on [My ASA] to NAT traffic to original IP 192.168.1.102 to new IP 10.1.1.133, 1) Will this affect the connections coming in over the VPN? (ie: the VPN packets are unencrypted and then NAT is applied) 2) Will this work when the post-NAT target is on Subnet-B, which is not part of the VPN traffic selection?

Read the article
servers connected to a poweredge 6248 receive traffic for their 'neighbours'

- by Hannes

In the network we have a few vlans but at the moment I was investigating vlan2 which carries the most traffic. When tcpdumping on the eth0.2 interface, I see a lot of packets arriving which are not addressed to, nor coming from the server. I checked this on several servers in the network and they all have the same issues. In short, our switches don't switch the traffic but threat it like they are a hub. Can you tell me what settings on the dell poweredge 6248 should prevent this behaviour?

Read the article
How do I stop someone from saturating my line & wasting CPU cycles

- by JoshRibs

My web host shows inbound & outbound traffic with mrtg. I have a steady 3.5mbps inbound traffic from Nigeria. Even assuming the source IPs & destination ports are blocked with Iptables & verifying nothing is listening on those ports, will the traffic still always pass through the switch & "get" to my server (where my server wastes CPU cycles "dropping" the packets)? Assuming I was setup with a hardware firewall, the traffic would still show in mrtg assuming the firewall is behind the switch? So is there any way to stop someone from saturating your 100mbps line, if they also have a 100mbps line? Other than filing an abuse complaint with the kind folks in Nigeria?

Read the article
Restricting output to only allow localhost using iptables

- by Dave Forgac

I would like to restrict outbound traffic to only localhost using iptables. I already have a default DROP policy on OUTPUT and a rule REJECTing all traffic. I need to add a rule above that in the OUTPUT chain. I have seen a couple different examples for this type of rule, the most common being: -A OUTPUT -o lo -j ACCEPT and -A OUTPUT -o lo -s 127.0.0.1 -d 127.0.0.1 -j ACCEPT Is there any reason to use the latter rather than the former? Can packets on lo have an address other than 127.0.0.1?

Read the article
Is there a suitable chain for iptables when eth is in Promisc mode?

- by user1495181

I have a fron-end machine. Machine have2 eth cards. I want to use netfilter queue to do some checks on the packets. I set eth like this: ifconfig eth0 0.0.0.0 promisc up ifconfig eth1 0.0.0.0 promisc up I want to have an iptable rule like this(only example): iptables -A INPUT -i eth0 -j LOG --log-prefix " eth0 packet " but the packet is no passed through the iptables ,because it dosnt target to this MAC. Promisc mode didnt help. I saw that there is a way to add iptables chain for PROMISC, but need compilation... Is there any simplier way to have iptables rule when packet is not target to this eth. Currently i bypass this by creating a bridge between 2 eth and put rule on the FORWARD, but i done want to create bridge.

Read the article
Rate of UDP packet loss over WLAN

- by Martin

While testing something with TFTP I noticed lots of timeouts (and slow speed as result) when I used my WLAN - and no problems when using a network cable. A quick test program sending/receiving UDP revealed that there are about 3-5% packets lost. While it's obvious that WLAN has to be less reliable than LAN, I have no knowledge what loss rates are considered 'normal' - and when there is a need to further investigate the network infrastructure. Are there 'typical' packet loss rates on WLAN (and other network technologies e.g. PowerLAN, WAN, ...? Thanks

Read the article
Dns works, can ping, but cannot load web pages in browser

- by user1224595

Yesterday I changed routers, and my desktop computer started acting up. I could ping websites, and nslookup was able to resolve names to addresses, but neither chrome, firefox, nor ie could load any webpages. None of my other computers connected to the same wireless router have any problems. I connect my desktop to the router through a cheap wifi dongle. I did a wireshark capture of the browser request, and I have uploaded the pcap here. https://drive.google.com/file/d/0B7AsPdhWc-SwbTV0bUJLQXo4UUE/edit?usp=sharing One strange thing I noticed was the spamming of ssdp packets. I am not super familiar with networking, but it seems that it is not a problem with the router, as dns works, and so does dhcp (the desktop is assigned an address correctly). Any help would be appreciated.

Read the article
How to calculate required switch speed based on network usage?

- by tobefound

I have a 48 port HP Procurve Switch 2610 (J9088A) that can handle 13.0 million PPS (packets per second) and features wire speed switching capacity at 17.6Gbps. First off, what does that REALLY mean? Where do I start when trying to figure out if my office (with 70 employees) will be well setup with this switch? How to calculate through-put based on a user average load of X MB per day? 90% of the folks will only be sending email, access random websites, etc... the other 10% will be conducting heavier tasks like moving image files (10 MB) across network shares, constant external FTP streams through the switch to a server etc... Is this switch good enough?

Read the article
routing problems

- by user174050

I have an windows 7 laptop and I have installed openvpn 2.2x as client. The laptop has 2 ethernet cards, one of them is wireless. The wireless lan is 192.168.1.0/24 The Fix lan is 192.168.2.0/24 If I connect to the openvpn server useing the Fix lan the I can connect properly and for testing I ping to my openvpn server 10.0.0.1 that answers correctly. But if I connect to the openvpn server useing the wireless lan, I can establish the connection but pinging to the server isn´t possible. The packets goes allways lost. Why can this happen? In an other laptop where windows xp is installed and with the same lan configuratio everything works propperly. In both cases the firewall is configured to access the vnc server and the server directories useing samba. With the XP I have no problems. I will thank you for all help Ignacio

Read the article
Windows 7 with two network cards doesn't route traffic

- by Tomek

I have simple task to do: I have wni7 with two nics.I want to connect another comp(osx) to win7 through second nic to connect it to internet. I already changed the registry. Win7 interface with 192.168.2.1 has no gateway set (no point to do that) OSX interface with 192.168.2.2 has gateway set to 192.168.2.1 I do not add any routes on win7, every thing seems to be already there network on second nic is detected as "undefined network" (probably effect of no gateway) i can achieve any connectivity to internet from OSX only by enabling network connection sharing on nic with 192.168.2.1, but it enables NAT and I'm interested only in pure routing without nat(it's a setup for some research). firewall is off. It seems to me that win7 refuses to forward packets for some reason. Perhaps "undefined network" and NLA service is to blame, although i couldn't find any info about that. Below ascii schematics of my setup: internet<--router(192.168.1.1)<--(192.168.1.1) WIN7 (192.168.2.1)<--(192.168.2.2)OSX Thanks

Read the article
Process vsserv.exe attempts connection to unknown host (clients.your-server.de)

- by pushpraj

from past few day I notice a new connection is being made from my system, I discovered it within the outpost firewall, it is blocked by default with the reason Block Transit Packets in the image above you can see that the process vsserv.exe is attempting a connection to static.88-198-155-41.clients.your-server.de I tried to search on google but could not find any relevant info, however this link http://www.webmasterworld.com/search_engine_spiders/3963600.htm says that your-server.de hosts bad bots. I am bit concerned if something is not correct. Could you help me understand the same?

Read the article
Mitigating the 'firesheep' attack at the network layer?

- by pobk

What are the sysadmin's thoughts on mitigating the 'firesheep' attack for servers they manage? Firesheep is a new firefox extension that allows anyone who installs it to sidejack session it can discover. It does it's discovery by sniffing packets on the network and looking for session cookies from known sites. It is relatively easy to write plugins for the extension to listen for cookies from additional sites. From a systems/network perspective, we've discussed the possibility of encrypting the whole site, but this introduces additional load on servers and screws with site-indexing, assets and general performance. One option we've investigated is to use our firewalls to do SSL Offload, but as I mentioned earlier, this would require all of the site to be encrypted. What's the general thoughts on protecting against this attack vector? I've asked a similar question on StackOverflow, however, it would be interesting to see what the systems engineers thought.

Read the article
Load balancing + NAT issue on BNT GBE 2-7 gear

- by Clément Game

Hi guys, I've got troubles configuring an Hardware load-Balancer with NAT functions. I have the following architecture: Internet === VIP (public) LB (private ip) ==== private addressed servers When a connection is initialised from the outside (internet) , the LB correctly forwards the SYN packet to one of the private servers. But when these servers want to reply with a SYN/ACK there is a problem. the initial SYN packet had as ip header : VIP = Private_server_Address But the private servers cannot reach VIP from their side (this is normal since it's nated), and then provide a correct reply. Have you guys any solution to correctly forward the packets to their correct destination ? Note: The load balancer, which is the default gw for the servers, also has a NAT rule for "masquerading" (actually more SNAT than real masquerading) Regards, Clément.

Read the article
Cannot connect to internet with Clearwire modem.

- by ide

I'm currently using a Motorola WiMAX modem (CPEi 25725) and cannot connect to the internet. I can connect to the modem at 192.168.15.1 and check its status. It says that it has good/excellent connectivity to the internet and shows all five signal bars. Additionally it has sent and received some WiMAX packets so I believe it is connected to a tower. I'm at a loss for what the problem is. Unplugging the modem, restarting it from software, and restarting my computer (Windows 7) have not helped. Windows still reports that it is not connected to the internet. Alternatively, could this be an ISP issue? I have heard that Clearwire is a not-so-reputable ISP that blocks VoIP, and I was using Skype recently.

Read the article
internet speed and routers are controlled by whom

- by Ozgun Sunal

i need to learn two things. each is related to other a bit. The first one is, while our LAN speed is usually 100 Mbps or at gigabit levels(very big compared to WAN speeds), WAN speed for instance DSL connections are far less than this. However, we are able to download huge files at those Mb speeds. Isn't this weird? [my real concern is why WAN speed is lower than LAN speeds] Who controls those routers around the large Internet? (while we, as web clients are connected to Internet, packets travel through those routers to the destination network/s).But, are those routers all inside the ISP network and if not, who controls those large numbers of routers?

Read the article
outlook iptables configuration [update]

- by mediaexpert

I've a Debian mail server, but only the outlook users can't be able to download the emails. I've seen a lot of post about some kind of forwarding port configuration, I've tried some commands, but I don't be able to solve this problem, please help me. [LAST UPDATE] I find a lot of TIME WAIT on ipv6 netstat tcp6 0 0 my.mailserver.it:imap2 200-62-245-188.ip2:17060 TIME_WAIT - below some config files: pop3d I think the problem was here ##NAME: POP3AUTH:1 # # To advertise the SASL capability, per RFC 2449, uncomment the POP3AUTH # variable: # # POP3AUTH="LOGIN" # # If you have configured the CRAM-MD5, CRAM-SHA1 or CRAM-SHA256, set POP3AUTH # to something like this: # # POP3AUTH="LOGIN CRAM-MD5 CRAM-SHA1" POP3AUTH="" ##NAME: POP3AUTH_ORIG:1 # # For use by webadmin POP3AUTH_ORIG="PLAIN LOGIN CRAM-MD5 CRAM-SHA1 CRAM-SHA256" ##NAME: POP3AUTH_TLS:1 # # To also advertise SASL PLAIN if SSL is enabled, uncomment the # POP3AUTH_TLS environment variable: # # POP3AUTH_TLS="LOGIN PLAIN" POP3_TLS_REQUIRED = 0 POP3AUTH_TLS="" ##NAME: POP3AUTH_TLS_ORIG:0 # # For use by webadmin POP3AUTH_TLS_ORIG="LOGIN PLAIN" ##NAME: POP3_PROXY:0 # # Enable proxying. See README.proxy # # For use by webadmin POP3AUTH_TLS_ORIG="LOGIN PLAIN" ##NAME: POP3_PROXY:0 # # Enable proxying. See README.proxy POP3_PROXY=0 ##NAME: PROXY_HOSTNAME:0 # # Override value from gethostname() when checking if a proxy connection is # required. # PROXY_HOSTNAME= ##NAME: PORT:1 ##NAME: PROXY_HOSTNAME:0 # # Override value from gethostname() when checking if a proxy connection is # required. # PROXY_HOSTNAME= ##NAME: PORT:1 # # Port to listen on for connections. The default is port 110. # # Multiple port numbers can be separated by commas. When multiple port # numbers are used it is possibly to select a specific IP address for a # given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" # accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 # The ADDRESS setting is a default for ports that do not have a specified # IP address. # Port to listen on for connections. The default is port 110. # # Multiple port numbers can be separated by commas. When multiple port # numbers are used it is possibly to select a specific IP address for a # given port as "ip.port". For example, "127.0.0.1.900,192.68.0.1.900" # accepts connections on port 900 on IP addresses 127.0.0.1 and 192.68.0.1 # The ADDRESS setting is a default for ports that do not have a specified # IP address. PORT=110 ##NAME: ADDRESS:0 # # IP address to listen on. 0 means all IP addresses. ADDRESS=0 ##NAME: TCPDOPTS:0 # ##NAME: ADDRESS:0 # # IP address to listen on. 0 means all IP addresses. ADDRESS=0 ##NAME: TCPDOPTS:0 # # Other couriertcpd(1) options. The following defaults should be fine. # TCPDOPTS="-nodnslookup -noidentlookup" ##NAME: LOGGEROPTS:0 # # courierlogger(1) options. # LOGGEROPTS="-name=pop3d" ##NAME: DEFDOMAIN:0 # # Optional default domain. If the username does not contain the # first character of DEFDOMAIN, then it is appended to the username. # If DEFDOMAIN and DOMAINSEP are both set, then DEFDOMAIN is appended # only if the username does not contain any character from DOMAINSEP. # You can set different default domains based on the the interface IP # address using the -access and -accesslocal options of couriertcpd(1). DEFDOMAIN="@interzone.it" ##NAME: POP3DSTART:0 # # POP3DSTART is not referenced anywhere in the standard Courier programs # or scripts. Rather, this is a convenient flag to be read by your system # startup script in /etc/rc.d, like this: # # . /etc/courier/pop3d DEFDOMAIN="@mydomain.com" ##NAME: POP3DSTART:0 # # POP3DSTART is not referenced anywhere in the standard Courier programs # or scripts. Rather, this is a convenient flag to be read by your system # startup script in /etc/rc.d, like this: # # . /etc/courier/pop3d # case x$POP3DSTART in # x[yY]*) # /usr/lib/courier/pop3d.rc start # ;; # esac # # The default setting is going to be NO, until Courier is shipped by default # with enough platforms so that people get annoyed with having to flip it to # YES every time. # x[yY]*) # /usr/lib/courier/pop3d.rc start # ;; # esac # # The default setting is going to be NO, until Courier is shipped by default # with enough platforms so that people get annoyed with having to flip it to # YES every time. POP3DSTART=YES ##NAME: MAILDIRPATH:0 # # MAILDIRPATH - directory name of the maildir directory. # MAILDIRPATH=.maildir iptables Chain INPUT (policy DROP 20 packets, 1016 bytes) pkts bytes target prot opt in out source destination 60833 16M ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143 state NEW,ESTABLISHED 18970 971K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:110 state NEW,ESTABLISHED Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- * * 192.168.0.0/24 0.0.0.0/0 tcp dpt:110 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 192.168.1.0/24 0.0.0.0/0 tcp dpt:110 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:110 pop3d.cnf RANDFILE = /usr/lib...pop3d.rand [req] default_bits = 1024 encrypt_key = yes distinguidhed_name = req_dn x509_extensions = cert_type prompt = no [req_dn] C=US ST=NY L= New York O=Courier Mail Server OU=Automatically-generated POP3 SSL key CN=localhost [email protected] [cert_type] nsCertType = server

Read the article
Cannot connect to internet with Clearwire modem

- by ide

I'm currently using a Motorola WiMAX modem (CPEi 25725) and cannot connect to the internet. I can connect to the modem at 192.168.15.1 and check its status. It says that it has good/excellent connectivity to the internet and shows all five signal bars. Additionally it has sent and received some WiMAX packets so I believe it is connected to a tower. I'm at a loss for what the problem is. Unplugging the modem, restarting it from software, and restarting my computer (Windows 7) have not helped. Windows still reports that it is not connected to the internet. Alternatively, could this be an ISP issue? I have heard that Clearwire is a not-so-reputable ISP that blocks VoIP, and I was using Skype recently. EDIT: I called Clear's tech support and apparently their network is having significant problems at the moment. Guess there's nothing an end-user can do about it.

Read the article
Everytime I ping my server, it is pinging localhost instead?

- by esac

I recently setup a new server for use with SQL. When I tried to connect via SSMS remotely, it failed. When I pinged it, it is pinging localhost, what is going on here? Please let me know if more details will help. It is Windows Server 2008. C:\>ping 0x7F000001 Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms

Read the article
OpenVPN on port 53

- by TossUser

I have an openvpn server setup on UDP port 53 on a public IP. All the connecting clients gets pushed external DNS servers such as 8.8.8.8 and opendns. Sometimes the resolution stops working on the connected vpn clients and I get strange packets in the openvpn log. Now my question is why is that? When a VPN client, let's say 192.168.1.22 does a DNS query that query should go to 8.8.8.8:53 and then an UDP response packet should be sent back to 192.168.1.22 on a high UDP port. Any ideas? Thanks

Read the article
Vlan Tagging at Access Port in Switch

- by singh

I'm Confused from the fact that Vlan tagging is done at access port and trunk port always gets tagged packets (until its case of native vlan).But I still believe in other fact which says tagging happen only when a frame hit the trunk port which means trunk port gets untagged frame and tagging is not possible at access port. Would like to know where actually this tagging happens ? and also which command we can use to encapsulate 802.1q protocol to access port ? The way we do at trunk port is switchport trunk encapsulation dot1q Is the above command applicable for access mode also?

Read the article
how do I create a bidirectional bridge using iptables

- by Kolzoi

Setup: I have a samsung LCD TV that is connected via eth0 to a T41 Thinkpad running Ubuntu 10.10 which is wirelessly connected to the home router. I am trying to get Samsung's remote control app working on my iPad but the app won't allow me to put in an ip address and only discovers the tv if it's on the same subnet as the iPad (lame). So I need the laptop to route packets from eth0 to the wireless interface (wlan0), and I need about 3 ports on the wlan0 interface to be forwarded to the samsung tv. Hopefully all this makes sense. I've been messing around with iptables and samsung is now able to access internet via laptop wireless, but mapping from wlan0 back to the samsung tv is eluding me.

Read the article
Multicast File copy with Unicast responses

- by kirbuchi

I'm trying to do some multicast big file copies over to remote clients on the other side of a satellite link. The idea is to minimize the amount of traffic going up to the satellite. I tried using uftp without luck. The problem is that, even though we can reach clients via multicast from our central Hub, they aren't able to respond to a multicast address (it's not supported by the return link). As uftp needs to respond to a multicast address in order to report any missing packets I'm out of luck. So does anyone have any recommendations or alternatives I can use to do the trasfers? Any tip or pointer would be appreciated.

Read the article
"destination host unreachable" while ping attempt between 2 pc on 1 network

- by Roberto Sadfasdf

I have 2 computers in my network ones ip address is 192.168.2.31(PC-A) and the others is 192.168.2.33(PC-B). When I'm trying to ping from PC-B to PC-A it says: Pinging 192.168.2.33 with 32 bytes of data: Reply from 192.168.2.31: Destination host unreachable. Reply from 192.168.2.31: Destination host unreachable. Reply from 192.168.2.31: Destination host unreachable. Reply from 192.168.2.31: Destination host unreachable. Ping statistics for 192.168.2.33: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss) And when i'm trying the otherwise it tells me same message with ip address switched..They are both can connect to the Internet

Read the article
Accessing to shared folders with OpenVPN

- by Ergec

This is my first attempt to configure a vpn so I have very little knowledge about this. Network where centos server is having local IPs 192.168.123.* Network where windows machine is having local IPs 192.168.1.* I installed and configured my openpvn server on centos 5 and client on a windows machine. Generated all keys, certificates e.t.c and transferred them to client and I'm able to connect to server. Below there is a screenshot of the client log. Also on server side I can also see incoming packets with this command tcpdump -n port 1723 So I assume I did most of the things correct. But still when I try to open shared folders using \\192.168.123.33 or \\network-name I can't access folders

Read the article
Openvpn client-to-client connection reencrypted at Server?

- by user1684411

currently i'm using a site-2-site openvpn setup. The routers en/decrypt all traffic that goes from one net to another. One of them is the Openvpn server. This works but performance is not as good as possible. I think the limiting factor is the cpu power of the router. Would it be better if i use client-to-client connections and access the fileserver in the one net from a pc in the other, because the openvpn-server does not have to decrypt the (whole) packets?

Read the article

< Previous Page | 43 44 45 46 47 48 49 50 51 52 53 54 | Next Page >