Search Results

Search found 22277 results on 892 pages for 'multiple addresses'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 539/892 | < Previous Page | 535 536 537 538 539 540 541 542 543 544 545 546  | Next Page >

  • Cisco IOS policy route for router originated VPN traffic

    - by Paul
    We have a Cisco IOS router with two DSL connections. One of them is intended for general traffic (ADSL), the other for VPN links (BDSL) and various other traffic. So the default route is the ADSL link, and we have a combination of static routes for the VPN traffic, and policy routes for other traffic types that should go out the BDSL link. For site to site traffic, this is fine, we just static route the public IPs and remote networks out of the BDSL line. The policy based routing works fine for any internal traffic that matches an ACL. The problem is now that there are remote VPN sites originating from dynamic addresses, so we cannot use static routes. The replies to incoming ISAKMP requests are following the default route out of the ADSL (despite there being no crypto map on that interface). I want to route the outgoing VPN traffic out of the BDSL. I have tried adding udp/500 and esp to and from the route-map acl that pushes traffic out of the BDSL line, but it doesn't match, presumably because the route-map happen earlier than the IPSec stuff. Any ideas how I can do this? IOS ver: 12.4.13T.

    Read the article

  • Varnish configuration, NamevirtualHosts, and IP Forwarding

    - by Brent
    I currently have a bunch of NameVirtualHost based websites, load balanced between 3 apache2 servers using ldirectord. I would like to insert varnish as a reverse-web-proxy between ldirectord and apache in the following way: a request comes in to ldirectord it is then load balanced between the 3 apache2 servers and varnish, with a weight of 1 for the webservers, and 99 for varnish (so if varnish is rebooted, the webservers will take over seamlessly) varnish will then load balance its requests between my apache2 servers. However, the varnish part is not working. I wonder whether this has to do with the fact that my apache servers use x.x.x.x:80 for their NameVirtualHosts, instead of *:80? (they have to do this, since each server hosts multiple IP addresses) Or perhaps it has to do with the need for IP Forwarding to be set up on the varnish server? (I did echo 1 /proc/sys/net/ipv4/ip_forward on this server, is that sufficient?) How can I debug this problem? ldirectord doesn't produce logs of what it does with each request (and if it did, I would be overwhelmed with information since I'm serving hundreds of requests per second) varnish log shows the ldirectord server connecting to it every 5 seconds, but nothing else. I have set up a test site using this configuration, but it fails - no apache access logs, no applicable varnish logs.

    Read the article

  • Adding 2008 Server to 2008 Domain

    - by Phillip
    Hello, I'm trying to create a lab for testing before I deploy solutions, I'm no experienced IT Administrator, and therefore I come here for help. I'm running 2 Virtual Servers on the same machine on a local connection between those two. They'are able to ping each other. Their names is TSDATA1 and TSDATA2 where TSDATA1 is the Domain Controller. I am able to ping between those two, on both "ping TSDATA1" and "ping 10.0.0.1" which is the IP address of TSDATA1. The IP address of TSDATA2 is 10.0.0.2. I'm trying to join the domain with TSDATA2 both I'm getting this error when trying: Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt. The following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller for domain tsdata.local: The error was: "DNS name does not exist." (error code 0x0000232B RCODE_NAME_ERROR) The query was for the SRV record for _ldap._tcp.dc._msdcs.tsdata.local Common causes of this error include the following: The DNS SRV records required to locate a AD DC for the domain are not registered in DNS. These records are registered with a DNS server automatically when a AD DC is added to a domain. They are updated by the AD DC at set intervals. This computer is configured to use DNS servers with the following IP addresses: 10.0.0.1 One or more of the following zones do not include delegation to its child zone: tsdata.local local . (the root zone) For information about correcting this problem, click Help. I've figured out it has something to do with DNS lookup, but I have no clue what to do. Can anyone help?

    Read the article

  • PGB Multipath & return routes

    - by Dennis van der Stelt
    I'm probably a complete n00b concerning serverfault related questions, but our IT department makes a bold statement I wish to verify. I've searched the internet, but can find nothing related to my question, so I come here. We have Threat Management Gateway 2010 and we used to just route the request to IIS and it contained the ip address so we could see where it was coming from. But now they turned on "Requests apear to come the TMG server" so ip addresses aren't forwarded anymore. Every request has the ip of the TMG server. Now the idea behind this is that because of multipath bgp routes, the incoming request goes over RouteA, but the acknowledgement messages could return over RouteB. The claim is that because the request doesn't come from the first known source, our proxy, but instead from IIS, some smart routers at the visitor of our websites don't recognize the acknowledgement message and filter it out. In other words, the response never arrives. Again, this is the claim. But I cannot find ANY resources on the internet that support this claim. I do read about pgb multipath, but more in the case that there are alternative routes when the fastest route fails for some reason. So is the claim completely bogus or is there (some) truth to it? Can someone explain or point me to resources? Thanks in advance!

    Read the article

  • Web Server Routing Based On Location

    - by Eric
    I have a website that has users from both Hong Kong and Australia. Unfortunately, since the server is located in Australia, users from Hong Kong are going to suffer latency problems. Traffic has to go through US before travelling back to Australia. So I've setup a server in Hong Kong as well, and users using the .hk TLD are going to be redirected to the Hong Kong web server. It shares the same database server with the Australian server but due to aggressive SQL query caching, impact on performance from latency from SQL queries are negligible. But for users accustomed to the Hong Kong website but have since traveled to Australia, they suffer from additional latency because they go to the .hk site which redirects to the HK server even when they're in Australia. The website is targeted at international students from Hong Kong so this is an significant issue for me. Instead of redirecting users to the closest web server based on the TLD, how do I redirect users based on their location? Currently I am using nginx, postgres and Django. Say I know how to estimate users' location based on users' IP addresses, what is my next step? At what level would I work on? What topic should I read up?

    Read the article

  • Windows 8 - no internet connetction to some hosts while VPN is active

    - by HTD
    I use VPN to access the servers at work. When VPN is used, all network traffic to the Internet passes through my company network. It worked without any problems on Windows 7, now on Windows 8 some sites suddenly became inaccessible. Please note - I don't try to connect them over RDP, they are public Internet addresses, outside company network. They are inaccessible using any protocol. Ping returns "General failure.". I know it could be a misconfiguration on my company's server side, but it's very strange, since the same VPN connection used on Windows 7 works properly. What's wrong? Is it a Windows 8 bug, or is there something I could do on my company servers to make VPN work as expected with Windows 8? My company network works on Windows Server 2008 R2 and uses Microsoft TMG firewall. I couldn't find any rules blocking the traffic to mentioned sites, all network traffic for VPN users are passed through for all IPs and protocols. Any clues? UDPATE: Important - one whole day it worked. I hibernated and restarted the computer, connected and disconnected VPN - nothing could break my connection. Today it broke again, and restarting Windows didn't help. And now the solution: route add -p 0.0.0.0 MASK 255.255.255.255 192.168.1.1 Oh, OK, I know what it did, added my default gateway to routing table. But it still didn't work sometimes. So I removed my main network gateway route with: route delete -p 0.0.0.0 MASK 0.0.0.0 192.168.0.1 And added modified with: route add -p 0.0.0.0 MASK 255.255.255.255 192.168.0.1 And it works. Now. But I don't trust this. I don't know what really happened.

    Read the article

  • NETKEY IPsec and ARP

    - by Shawn J. Goff
    I'm wondering if I have the correct routing setup for an IPsec tunnel. I have control over the IPsec endpoints and the hosts connected to one side. These hosts are connecting to the tunnel so that they have access to the network on the other side of what I will call the IPsec server. I don't have control of the network upstream of this server. Normally, the IPsec server will not respond to ARP requests for the hosts on the other side of the tunnel. So when a packet arrives for one of my hosts the server gets ARP requests, but the upstream router gets no response, and cannot construct the ethernet frame to send me the packets. If I was using one of the swan stacks, I would have a separate interface, and I'd probably just need to turn on proxyarp, but I'm using NETKEY, which doesn't use a separate interface for the tunnel. To solve the problem for now, I have added an eth0.5 vlan to the IPsec server, turned on proxyarp for that interface, and added all routes my hosts addresses to that interface so that it will respond to those ARP requests (and will therefore get relevant packets routed to it). This works, but it feels wrong. What is the correct way to get the upstream router to send me the traffic for these hosts?

    Read the article

  • Outlook Shared Address book and contact not displaying

    - by user224061
    We have a shared Exchange addressbook with distribution email groups. When someone connects to the shared addressbook, composes an email to a group, the email distribution list is empty, then the distribution list is expanded. In troubleshooting, I noticed that when we expand the distribution list to view the recipients, most of the recipients are missing and only semicolons appear. CLICK HERE FOR IMAGE Further troubleshooting, I notice that when I open the distribution list with my Outlook client and click on the Update Now icon, and then go to create the email then when I expand the group the email addresses now appear. CLICK HERE FOR IMAGE Now, my Outlook profile is a cached profile. The shared contact list that I pulled the distribution list from is an online/non-cached shared contact list. What I also found is that if I switched my Outlook client to be online only(not cached) the share address book lists appear properly when expanded. Is there any way to make this list appear correctly without having to click on update now for each and every distribution list in the shared contacts list we have on the server? I would really prefer that every time one wants to use this shared contact list, they do not have o click the update not button or switch from cached mode to make this work. T.I.A

    Read the article

  • Adobe Reader Wants Sensitive Email Details

    - by KDM
    When I run Adobe Reader, it tells me: Either there is no default mail client or the current mail client cannot fulfill the messaging request. Please run Microsoft Outlook and set it as the default mail client. I have a couple of issues with this: 1) It presupposes everyone has Microsoft Office installed. Not all home users have the budget or inclination for this. 2) It presupposes everyone wants Microsoft Outlook to be their default mail client. 3) I have Microsoft Office (incl. Outlook) installed and set as my default mail client. Even if I make it the default mail client from within the Adobe Reader Preferences, that doesn't stop the dialog appearing. 4) I thought I'd give Adobe Reader a new email address in the preferences, just to get it to stop bugging me. I notice, though, that it want's the SMTP and POP addresses and the account password? They have got to be kidding? I just want to view PDF files. How do I get the message to go away without telling Adobe my life story, giving them my mother's maiden name, my favourite movie, my place of birth, the name of my first goldfish and emptying the contents of my wallet for them?

    Read the article

  • How do I get "Back to My Mac" (using MobileMe) from Windows?

    - by benzado
    I have a MobileMe subscription and a Mac at home with "Back to My Mac" enabled. When I'm away from home, this service lets me use another Mac to connect to my Mac back home and access file sharing, screen sharing, etc. As far as I know, the service doesn't use any proprietary protocols, so in theory I should also be able to get "Back to My Mac" from a Windows PC. This MacWorld article explains how it works. Basically, it uses Wide-Area Bonjour to give your Mac a domain name like hostname.username.members.mac.com. Remote computers can find your Mac using that address, then connect to it using a private VPN. The "Wide Area Bonjour" part seems to make it a little more complicated than simply a regular domain name, though. Note that I'm not interested in using the methods described by LifeHacker, which doesn't use the MobileMe service at all. I don't want to use a totally different dynamic DNS service. I'd like to use the one I'm already paying for, or at least find out why that's not possible from Windows. Also, my primary problem is finding a network route back to my mac... once I've got that I know how to enable services so that Windows can talk to it. UPDATE: Based on some additional research, it appears that Apple is only assigning IPv6 addresses to the hostname.username.members.mac.com names. So any solution will require enabling IPv6 support on Windows, if possible.

    Read the article

  • Domain joined computer unable to access servers through VPN

    - by kscott
    Our servers are in a virtual off site hosting center, our office has a vpn connection to the data center, but for reasons I don't understand we also have to connect to the Citrix Access Gateway (CAG) client in order to access the servers. I am a programmer with rather limited ops knowledge including a weak grasp of networking and terminology. Bear with me. I was just given a new laptop, which is a 64 bit Windows 7 system unlike my previous 32 bit Windows XP desktop which was able to connect without issue. My laptop has been joined to the domain so that I login with my AD credentials, I am able to connect to the CAG and get authenticated, and after doing this I can ping our servers and they resolve to the correct internal IP addresses, but I am unable to use remote desktop to the servers, connect to SQL servers through my local SQL Management Studio, navigate to them through the file system, or view any of our internal intranet websites. All of which I was able to do previously. I have tried turning off my Windows firewall and the problem remains, the DNS servers are set to the correct IPs of our domain controllers, and the ops guys here are a little stumped. Does any one have any suggestions?

    Read the article

  • Cisco router not receiving OSPF updates

    - by WebDevHobo
    Or at least, that's what I think is happening. There doesn't appear to be a debug command for this, or to see if something is in the routing table. I'm testing out this setup in Packet Tracer. I have 3 routers and a webserver From left to right, you have: Webserver - Router1 - Router2 - Router3 Router1 and Router2 can succesfully ping WebServer. Router3 cannot. Router2 has a default gateway set, to send all not-recognized data through its serial interface to Router1. Like this: ip route 0.0.0.0 0.0.0.0 Serial 0/0/1 Serial 0/0/1 being the connection to Router1 Router2 and Router3 have OSPF configured. From their "show run": Router2: router ospf 1 log-adjacency-changes passive-interface Serial0/0/1 network 10.1.1.0 0.0.0.3 area 0 default-information originate ! Router3: router ospf 1 log-adjacency-changes network 10.1.1.0 0.0.0.3 area 0 passive-interface FastEthernet0/0 ! I was under the assumption that setting default-information originate on Router2 would give Router3 the needed information. What's going wrong here? The interfaces are up. Ip addresses are with mask-range, clock rate is set at correct end. I don't know what else to check.

    Read the article

  • VPN from Windows XP to OpenSwan: correct setup?

    - by Gnudiff
    Main question is what I am doing wrong in my OpenSwan or L2TP client setup? I am trying to create a Linux OpenSwan VPN connection from Windows XP machine, using preshared key and the builtin Windows XP L2TP IPsec option. I have followed the instructions in Linux Home networking Wiki for setting up OpenSwan and a guide to making it work with the Windows XP client, but am now stuck. The net setup is as follows: [my windows client, private IP A]<->[f/wall B]<-internet->[g/w X]<->[Linux OpenSwan server Y] A - private subnet /24 B - internet address X - internet address /24 Y - internet address on same subnet as X What I essentially want is for computer with A address to feel and work, as if it was in X subnet for purposes of outgoing and incoming TCP and UDP connections. My OpenSwan setup is as follows: /etc/ipsec.conf (AAA and YYY indicates ip address parts of A and Y addresses): conn net-to-net authby=secret left=B leftsubnet=AAA.AAA.AAA.0/24 leftnexthop=%defaultroute right=Y rightsubnet=YYY.YYY.YYY.0/24 rightnexthop=B auto=start the secret in /etc/ipsec.secrets is listed as: B Y : PSK "0xMysecretkey" where B & Y stand for respective IP adresses of gateway B and linux server Y My L2TP WinXP setup is: IP of destination: Y don't prompt for username security options: typical, require secured pass, don't require data encryption, IPSec PSK set to 0xMysecretkey networking options: VPN Type: L2TP IPSec VPN; TCPIP protocol (with automatic IP address assignment) and QOS packet schedulers enabled The error I get from Windows client is 789: "error during initial negotiation"

    Read the article

  • Centos 6.2 Fresh 'Basic Server' install networking issues

    - by RWC
    I've had a /29 provisioned on a network port for a server and am trying to at least configure the machine so I can ssh into it. It's Centos 6.2 x64 with the Basic Server install. Currently not able to ping gateway or any address for that matter. For reference: Default Interface: em2 Network ID: 66.*.*.0/29 Gateway: 66.*.*.1 Broadcast: 66.*.*.7 Please see my following configs: /etc/sysconfig/network-scripts/ifcfg-em2 DEVICE=em2 NM_CONTROLLED=yes ONBOOT=yes HWADDR=Not Important TYPE=Ethernet BOOTPROTO=none IPADDR=66.*.*.2 PREFIX=29 DNS1=8.8.8.8 DNS2=8.8.4.4 DEFROUTE=yes IPV4_FAILURE_FATAL=yes IPV6INIT=no NAME="System em2" NETMASK=255.255.255.248 USERCTL=no $: route -n Destination // Gateway // Genmask // Flags // Metric // Ref // Use // Iface 66.*.*.0 0.0.0.0 255.255.255.248 U 0 0 0 em2 169.254.0.0 0.0.0.0 255.255.0.0 U 0 1003 0 em2 0.0.0.0 66.*.*.1 0.0.0.0 UG 0 0 0 em2 $: route Destination // Gateway // Genmask // Flags // Metric // Ref // Use // Iface 66.*.*.0 * 255.255.255.248 U 0 0 0 em2 link-local * 255.255.0.0 U 0 1003 0 em2 default 66.*.*.1 0.0.0.0 UG 0 0 0 em2 $: cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=excalibur.domain.com GATEWAY=66.*.*.1 Keep in mind that I cannot even currently ping the gateway which is quite confusing for me. My /etc/hosts are configured correctly with the *.2 address. I'm not concerned with getting all of the addresses on the /29 up and running yet, just one so I can at least ssh in. Thanks! Edit: Adding in ifconfig. $: ifconfig em2 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX inet addr:66.*.*.2 Bcat:66.*.*.7 Mask:255.255.255.248 inet6 addr: UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5536 errors:0 dropped:0 overruns:0 frame:0 TX packets:10 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2599469 (2.4 MiB) TX bytes: 748 (748.0 b) Interrupt:48 Memory:dc000000-dc012800 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:34 errors:0 etc etc

    Read the article

  • Understanding mail failure notices, 554

    - by goran
    I'd like to confirm the meaining of a mail failure notice. Here's the message Hi. This is the qmail-send program at mydomain.com I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. <[email protected]>: 1.2.3.4 does not like recipient. Remote host said: 554 <[email protected]>: Relay access denied Giving up on 1.2.3.4 The way I understand this is, that 1.2.3.4 is not setup to receive mail for this domain. dig domain.com MX shows ;; ANSWER SECTION: domain.com. 6245 IN MX 10 mail.domain.com. domain.com. 6245 IN MX 20 mx.anotherdomain.com. (1.2.3.4 is mx.anotherdomain.com.). The puzzling part is that I have reports that messages sent from gmail get delivered to this address. P.S. Is this a proper question for serverfault?

    Read the article

  • Cannot ping Google Public DNS on 8.8.8.8

    - by Tibor
    I have a weird problem on my Windows 7 (x64) computer. I seem to cannot ping the Google Public DNS on one of its addresses (while the other works fine). The peculiar thing is that it fails with the General failure. error message which usually means that there is a problem with a network adapter/base connectivity and not a timeout as one would expect. I checked my routing tables for any anomalies and I even flushed them but the problem seems unrelated. All the other hosts I tried ping fine (either respond or timeout). If I try to tracert or connect to the address via browser (yes, I know that it doesn't listen on port 80), it also fails instantaneously. The reason I need to ping 8.8.8.8 is that I commonly use it as a test of Internet conectivity due to it being rememberable. The problem occurs no matter where I connect to the Internet (it is a laptop computer). What could be the cause of this anomaly? Note: I use native IPv6 connectivity.

    Read the article

  • Postfix Whitelist before recipient restrictions

    - by GruffTech
    Alright. Some background. We have an anti-spam cluster trucking about 2-3 million emails per day, blocking somewhere in the range of 99% of spam email from our end users. The underlying SMTP server is Postfix 2.2.10. The "Frontline defense" before mail gets carted off to SpamAssassin/ClamAV/ ect ect, is attached below. ...basic config.... smtpd_recipient_restrictions = reject_unauth_destination, reject_rbl_client b.barracudacentral.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.mailspike.net, check_policy_service unix:postgrey/socket ...more basic config.... As you can see, standard RBL services from various companies, as well as a Postgrey service. The problem is, I have one client (out of thousands) who is very upset that we blocked an important email of theirs. It was sent through a russian freemailer who was currently blocked in two of our three RBL servers. I explained the situation to them, however they are insisting we do not block any of their emails. So i need a method of whitelisting ANY email that comes to domain.com, however i need it to take place before any of the recipient restrictions, they want no RBL or postgrey blocking at all. I've done a bit of research myself, http://www.howtoforge.com/how-to-whitelist-hosts-ip-addresses-in-postfix seemed to be a good guide at first, almost fixing my problem, But i want it to accept based on TO address, not originating server.

    Read the article

  • Emails sent through SMTP on VPS are considered to be spam

    - by Ilya
    During our business we have to make regular mailing to our clients: invoices, information emails, etc. Previously we received and sent emails using mail server of our hosting provider. But as the number of clients increased, we have to order VPS and install our own SMTP server their for performing our mailings. So, now we have default provider mail server for receiving emails, let it be business.com. We have email accounts like [email protected], etc. We use this mail server to receive emails and manage our email accounts. And we have SMTP server which is running on VPS. We use this SMTP only for sending emails with From addresses like [email protected]. VPS has default DNS records created by provider, let it be IP.AD.RE.SS <- ip-ad-re-ss.provider.com. Mailings are made using either desktop email clients or custom Java-based application which uses JavaMail for sending emails. The problem is that most of emails sent by us are placed in spam folders in clients email accounts. Clients have their email in Gmail, Yahoo, Hotmail, etc. Could you please tell what is the most probable reason and solution of described problem? Are there any service in Intranet where we can send test email and get an answer with description why this email could be considered to be spam?

    Read the article

  • Disable IPv6 on Debian VPS (Virtuozzo!)

    - by chris_l
    I have a Debian Lenny VPS, that's running virtualized by Parallels/Virtuozzo. Currently, the network interface doesn't have an IPv6 address - and that's good, because I don't have an ip6tables configuration. But I assume, that I could wake up one day, and ifconfig will show me an ipv6 address for the interface - because I have no control over the kernel or its modules - they're under the control of the hosting company. That would leave the server completely vulnerable to attacks from IPv6 addresses. What would be the best way to disable IPv6 (for the interface or maybe for the entire host)? Usually I would simply disable the kernel module, but that's not possible in this case. Update Maybe I should add, that I can use iptables and everything normally (I'm root on the VPS), but I can't make changes to the kernel or load kernel modules because of the way Virtuozzo works (shared kernel). lsmod always returns nothing. I can't call ip6tables -L (it says that I need to insmod, or that the kernel would have to be upgraded). I don't think, that changes to /etc/modprobe.d/aliases would have any effect, or do they? Networking Config? I thought, that maybe I can turn IPv6 off from /etc/network/... Is that possible? I just see, that they've set up avahi, so I should probably change the setting use-ipv6=yes to "no" in /etc/avahi/avahi.conf (?) Has anybody already tried this solution, and can I rely on it? I don't know too much about avahi. Would it actually have any effect? Or could it even bring my entire interface down, once IPv6 is enabled by the kernel?

    Read the article

  • Continuous outbound connection from QNAP NAS

    - by user192702
    I notice on my firewall that my QNAP NAS is continuously sending UDP sessions out to the Internet. Every second I have 5 - 7 connections out to addresses like the following: 2013-11-10 23:17:54 Deny 192.168.60.5 93.215.212.162 6881/udp 6881 6881 2013-11-10 23:18:05 Deny 192.168.60.5 87.76.0.83 29872/udp 6881 29872 2013-11-10 23:18:05 Deny 192.168.60.5 5.164.188.224 6881/udp 6881 6881 2013-11-10 23:18:05 Deny 192.168.60.5 80.61.45.206 6881/udp 6881 6881 2013-11-10 23:18:34 Deny 192.168.60.5 37.117.204.129 6881/udp 6881 6881 2013-11-10 23:18:34 Deny 192.168.60.5 71.67.101.30 51413/udp 6881 51413 2013-11-10 23:18:34 Deny 192.168.60.5 89.28.92.191 8621/udp 6881 8621 2013-11-10 23:18:34 Deny 192.168.60.5 94.244.157.85 28221/udp 6881 28221 2013-11-10 23:18:34 Deny 192.168.60.5 213.241.61.240 9089/udp 6881 9089 2013-11-10 23:18:45 Deny 192.168.60.5 88.163.28.100 52721/udp 6881 52721 2013-11-10 23:18:45 Deny 192.168.60.5 37.55.190.20 10027/udp 6881 10027 2013-11-10 23:18:45 Deny 192.168.60.5 62.72.188.146 14306/udp 6881 14306 2013-11-10 23:19:14 Deny 192.168.60.5 85.53.244.205 51413/udp 6881 51413 2013-11-10 23:19:14 Deny 192.168.60.5 67.163.18.215 52130/udp 6881 52130 2013-11-10 23:19:14 Deny 192.168.60.5 86.172.105.140 9089/udp 6881 9089 2013-11-10 23:19:14 Deny 192.168.60.5 99.28.56.121 52383/udp 6881 52383 2013-11-10 23:19:14 Deny 192.168.60.5 109.60.184.249 46217/udp 6881 46217 2013-11-10 23:19:25 Deny 192.168.60.5 121.107.144.174 21135/udp 6881 21135 2013-11-10 23:19:25 Deny 192.168.60.5 84.39.116.180 48446/udp 6881 48446 2013-11-10 23:19:25 Deny 192.168.60.5 183.238.254.62 openvpn/udp 6881 1194 ......... This is frightening as it seems like it's been hacked to send information out. Has anyone observed this behaviour from their QNAP NAS?

    Read the article

  • DNS, subdomain, and IPv6 -- possible to add subdomain.example.com NS record to an IPv6 host?

    - by mpbloch
    example.com is listed with a registrar -- specifically, answerable.com. I want to host a subdomain in-house, specifically home.example.com. I am using an ipv6 gateway, specifically gogo6, to have a public IPv6 address. The IP address looks like 2001:xxxx:xx47. Then http://[2001:xxxx:xx47] goes to my test site (an instance of IIS7). I can add a quad-A record for my primary site -- home.example.com AAAA 2001:xxxx:xx47. Then http//home.example.com loads correctly. Must I add an A or quad-A record for all sub.home.example.com to my answerable.com DNS manager for example.com? Or can I delegate DNS queries to *.home.example.com to the machine at [2001:xxxx:xx47]? I have tried to add a AAAA record for tunnel.example.com to [2001:xxxx:xx47], and then add an NS entry for home.example.com to tunnel.example.com, but browsing then results in "DNS lookup error" from my browser. Is this a configurable scenario? Can DNS for subdomain only be delegated to IPv4 addresses?

    Read the article

  • IIS7 binding to subdomain causing authentication errors (TFS 2010)

    - by Tommy Jakobsen
    I'm trying to bind a IIS web site (Team Foundation Services 2010) to a subdomain, which is causing authentication errors. First I'll explain what I've done to set it up. This is the fist time I do this, so please correct me if I'm wrong. The web server is a stand-alone Windows Server 2008 R2 x64, running IIS7 with .NET Framework 4. I have the following A-records, pointing to my server: server.mydomain.com *.server.mydomain.com So all subdomains of server.mydomain.com points to the server. In IIS7 I have a web site (TFS 2010) on port 8080, with a virtual directory (named tfs) that is using Windows Authentication. I have one binding on the web site pointing to all unassigned IP addresses, port 8080 and having a host name of tfs.server.mydomain.com. Now, shouldn't I be able to access the virtual directory through: http://tfs.server.mydomain.com/tfs That is not working. However, I can access it through: http://tfs.server.mydomain.com:8080/tfs But, it won't let me authenticate using a Windows account (Server\Username). A windows account that I can authenticate with, when accessing the site through http://localhost:8080/tfs. What am I missing here?

    Read the article

  • Does this prove a network bandwidth bottleneck?

    - by Yuji Tomita
    I've incorrectly assumed that my internal AB testing means my server can handle 1k concurrency @3k hits per second. My theory at at the moment is that the network is the bottleneck. The server can't send enough data fast enough. External testing from blitz.io at 1k concurrency shows my hits/s capping off at 180, with pages taking longer and longer to respond as the server is only able to return 180 per second. I've served a blank file from nginx and benched it: it scales 1:1 with concurrency. Now to rule out IO / memcached bottlenecks (nginx normally pulls from memcached), I serve up a static version of the cached page from the filesystem. The results are very similar to my original test; I'm capped at around 180 RPS. Splitting the HTML page in half gives me double the RPS, so it's definitely limited by the size of the page. If I internally ApacheBench from the local server, I get consistent results of around 4k RPS on both the Full Page and the Half Page, at high transfer rates. Transfer rate: 62586.14 [Kbytes/sec] received If I AB from an external server, I get around 180RPS - same as the blitz.io results. How do I know it's not intentional throttling? If I benchmark from multiple external servers, all results become poor which leads me to believe the problem is in MY servers outbound traffic, not a download speed issue with my benchmarking servers / blitz.io. So I'm back to my conclusion that my server can't send data fast enough. Am I right? Are there other ways to interpret this data? Is the solution/optimization to set up multiple servers + load balancing that can each serve 180 hits per second? I'm quite new to server optimization, so I'd appreciate any confirmation interpreting this data. Outbound traffic Here's more information about the outbound bandwidth: The network graph shows a maximum output of 16 Mb/s: 16 megabits per second. Doesn't sound like much at all. Due to a suggestion about throttling, I looked into this and found that linode has a 50mbps cap (which I'm not even close to hitting, apparently). I had it raised to 100mbps. Since linode caps my traffic, and I'm not even hitting it, does this mean that my server should indeed be capable of outputting up to 100mbps but is limited by some other internal bottleneck? I just don't understand how networks at this large of a scale work; can they literally send data as fast as they can read from the HDD? Is the network pipe that big? In conclusion 1: Based on the above, I'm thinking I can definitely raise my 180RPS by adding an nginx load balancer on top of a multi nginx server setup at exactly 180RPS per server behind the LB. 2: If linode has a 50/100mbit limit that I'm not hitting at all, there must be something I can do to hit that limit with my single server setup. If I can read / transmit data fast enough locally, and linode even bothers to have a 50mbit/100mbit cap, there must be an internal bottleneck that's not allowing me to hit those caps that I'm not sure how to detect. Correct? I realize the question is huge and vague now, but I'm not sure how to condense it. Any input is appreciated on any conclusion I've made.

    Read the article

  • Microsoft Windows DHCP: Steering IPv4 clients into specific scopes based on MAC

    - by Easter Sunshine
    We have visitors on our campus who bring their own laptops and devices and use our wireless and wired networks. When we receive a copyright infringement notice (typically BitTorrenting), we are required to quarantine that MAC address so that it no longer has Internet access. No matter what website it tries to visit, it is sent to a web page explaining to the user that the device has been quarantined. We have thus far implemented this in ISC DHCP on Linux. We have multiple VLANs with one or more public-IP subnets and one RFC1918 quarantine subnet each. All clients are leased IPs in the public-IP subnet(s) unless you're in a list of known bad MACs. Then, you are sent to the quarantine subnet so that your traffic is unroutable on the Internet (you are isolated by subnet only, not by VLAN). We would like to move to Windows DHCP in light of the IPAM role but I cannot figure out how to replicate this in Windows DHCP 2012 (Assign DHCP IPs for specific MAC prefixes on Windows Server 2008 R2 suggests it was not possible in 2008 R2), even while using policies. So here's what I'd like: The administrator/help desk provides and maintains a list of MAC addresses that are to be quarantined. The DHCP server places those MACs into the quarantine subnet on the respective VLAN, no matter which VLAN the client is in. I don't think reservations would work: We currently have about 300 registered bad MACs and about 12 VLANs. I don't want to make 300 x 12 reservations nor have to add 12 reservations per new MAC address. Not to mention all of the quarantine subnets are /24s. We do not have NPS/NAC. You do not have to register your MAC address get network access. We use Cisco routers/switches. Thanks.

    Read the article

  • How to setup an IPSec / GRE tunnel on Windows Server 2008

    - by qbeuek
    I have a Windows Server 2008 that has a single network interface configured with a public IP address. My business partner has a private network. From my server, I need to access all the devices on his private network, and those devices must be able to access my server. My business partner has a standard solution for these requirements. They will setup an IPSec + GRE tunnel to my server. They told me, that I will need an additional public IP address for this to work. If it really is necessary, there is no problem, I can get an additional public IP address, although it will be assigned to the same physical network interface. I assume that on my server I will have both public IP addresses and also the private IP address from the tunnel (the same that is visible for the devices inside the private network). What alternatives do I have? Is it possible to configure this tunnel on my Windows Server 2008? Can it be done using only Windows tools, or do I need an additional free / commercial VPN software? If it cannot be done directly on Windows, can I setup an additional virtual machine running Linux, that will handle the IPSec + GRE tasks? How to do it? If it cannot be done on a virtual linux box, will I have to buy and setup a Cisco router to handle the IPSec + GRE tasks? Thanks for your opinions. I'm watching this question to clarify any issues or questions.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 535 536 537 538 539 540 541 542 543 544 545 546  | Next Page >