Search Results

Search found 3251 results on 131 pages for 'firewall'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 117/131 | < Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >

  • Autossh startup on Ubuntu 10.04 - fails after powering off

    - by grant
    I'm using upstart to keep a reverse ssh tunnel alive using auto ssh similar to Using Upstart to Manage AutoSSH Reverse Tunnel. This works fine, except after a manual power down I can no longer connect to the machine through the "central server" using the tunnel. I receive "ssh_exchange_identification: Connection closed by remote host". The autossh process is running on the client. I can connect again after re-starting networking. I'm trying to figure out why this is failing consistently after a manual shutdown. Is it possible that I need to do some cleanup on startup that would allow the tunnel to work in this situation, or are there some other debugging/troubleshooting steps I can take to determine the problem? Machine A is the client machine, using autossh. This machine sits behind a firewall and uses the following command in upstart to create an ssh tunnel: /usr/bin/autossh -fN -i /keyfile -o StrictHostKeyChecking=no -R 20098:localhost:22 user@centralserver Machine B we'll call the "central server", which sits in the cloud and is the host. This machine is "centralserver" in the command above. When Machine A is hard powered off, and back on, I cannot connect to it by SSH'ing from my machine (C) to Machine B in the cloud, then using the following command to get to Machine A: ssh -p 2098 user@localhost Again, after a reboot of the client (A), this works fine. It is only after a hard power down that the problem occurs. There are autossh processes that are running on the client machine (A) after powering down and back up, but they just don't seem to doing their job.

    Read the article

  • 2.6.9 Kernel on virtual server (non upgradable) - any expected problems?

    - by chris_l
    Hi, I'm considering to rent a virtual server (for me personally). The product I'm currently looking at offers IMO fair pricing, very good hardware etc. The only problem is, that I won't be able to do an upgrade to a newer kernel than 2.6.9 (running Debian Etch). Also, I can't install my own kernel modules. (The server runs with Virtuozzo, so as far as I understand it, it just does some chroot instead of a real virtualization (?)) I want to run GlassFish, Postgres, Subversion, Trac and maybe some other things on it. It will also have to employ a firewall, and provide OpenSSL for https. Ideally, it would also be able to do AIO (asynchronous IO), which could speed up some server I/O. Should I expect problems with that old kernel version, in conjunction with the software I want to install (I'd like to use current versions of the software)? One thing I already found out, is that you can't do everything with iptables, since some kernel modules are missing/things are not build into the kernel. GlassFish v3 appears to run fine at first glance. I was able to test the server for a few hours. Installing my whole setup wasn't feasible in that time, but what I can say is, that it's amazingly fast for an entry-level vserver, especially hard disk and network performance (averaging at ca. 400MBit/s). So if the kernel won't be a problem, I'd really like to take it. Thanks, Chris PS Exact kernel version: 2.6.9-023stab051.3-smp

    Read the article

  • Better urls for this internal web server?

    - by sprugman
    I've got a server that I have admin access to, but don't fully manage. (I think it's a virtual machine, but I'm not 100% sure. It's running Apache on Windows Server 2003.) I share the ip with another user, so my sites all have to use the :8080 port. This is kind of ugly. Also, AFAIK, the only access I have is through an ip address. (I'm inside a corporate firewall and don't think I have access to a DNS server or anything.) I've adjusted my hosts file so I don't have to use the ip address on my local machine, but that's not a very generic solution. Are there any options to 1) get rid of the port requirement 2) be able to use a name (maybe a machine name) instead of the ip address in a generic way? (I'm not really a network admin -- I'm a developer managing this machine. The IT folks who really manage it are a few people away from me and tough to get to do anything, so I'm looking for a light-weight solution if possible.)

    Read the article

  • Printer deployment via Group Policy not working on a single system

    - by Aron Rotteveel
    One of my coworkers just got a new laptop running Windows 7 Pro x64. We use a GPO to deploy the printers to every system, but for some reason it is not working on this system. I have been breaking my head over this for the past 3 hours now without any result. The strange thing is that gpresult /H seems to indicate that the GPO did run. The hardware: Laptop: Windows 7 Professional x64 Print server: Windows Server 2008 x64 R1 HP Color LaserJet 2605dn HP LaserJet P2015 Driver packages on server: HP universal printer driver PCL5, both X86 as X64 Oddities and other info: GPO working flawlessly on every other system, including my own Windows 7 Ultimate X64 laptop gpresult /H shows the GPO being ran Windows Firewall completely disabled on the new laptop Below is the output for gpresult /H (in Dutch sadly, but I think you'll recognize it): Beleidsregels Windows-instellingen Printerverbindingen Pad Dominerend groepsbeleidsobject \\Server2008\HP Color LaserJet 2605dn Printers \\Server2008\HP LaserJet P2015 Printers Beheersjablonen Beleidsdefinities (ADMX-bestanden) opgehaald van de lokale computer. Configuratiescherm/Printers Beleid Instelling Dominerend groepsbeleidsobject Beperkingen van point-and-print Uitgeschakeld Printers Like I said, I have been trying to figure this out for the past few hours or so without any result, so you are my last hope. Any help is appreciated.

    Read the article

  • Using GPO to collect data about VMware view activity

    - by MoSiAc
    Our security group wants us to begin logging data for external access to our view enviroment. At first we thought that view security would be logging all source ip's that are external in nature so if for some reason there is an intrusion we would have record of it there. Of course our firewall logs all that information but correlating it to view is sketchy at best with our current implementation. We know on viewdesktops there is a set of keys in VolitateEnviroment that contains stuff such as source ip and username, etc. We have a script in place that, when run as a logon script attached to a user account in AD collects the information as we need it. If we have a GPO run the same script the information does not get collected. We feel like there is a piece of the puzzle we're missing but we don't know what. If anyone knows what we're forgetting or misconfiguring that would be great, or if you have a better way of us collecting external source ip's for view specifically we'd be interested in that as well. Thanks, EDIT CODE Batch script to dump to text file @echo off timeout 20 echo %computername%/%username% %time% %date% c:\vdi\vmware.txt echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~c:\vdi\vmware.txt reg query "HKEY_CURRENT_USER\Volatile Environment" /v "ViewClient_LoggedOn_Username"c:\vdi\vmware.txt reg query "HKEY_CURRENT_USER\Volatile Environment" /v "ViewClient_IP_Address"c:\vdi\vmware.txt echo.c:\vdi\vmware.txt VB Script to display values Const HKEY_CURRENT_USER = &H80000001 Set wmiLocator=CreateObject("WbemScripting.SWbemLocator") Set wmiNameSpace = wmiLocator.ConnectServer(".", "root\default") Set objRegistry = wmiNameSpace.Get("StdRegProv") sPath = "Volatile Environment" lRC = objRegistry.GetStringValue(HKEY_CURRENT_USER, sPath, "ViewClien_Machine_Name", vMachine) lRC = objRegistry.GetStringValue(HKEY_CURRENT_USER, sPath, "ViewClien_IP_Address", vIP) lRC = objRegistry.GetStringValue(HKEY_CURRENT_USER, sPath, "ViewClien_MAC_Address", vMAC) msgbox "The Remote Device Name is " & vMachine & " @ " & vIP & " (" & vMAC & ") " he wanted me to mention that the batch file actually runs and I can see it counting down when I reconnect but it does not grab the registry values.

    Read the article

  • Transfer iptables rules to another server (almost) real time

    - by MrShunz
    I'm running 2 cPanel servers with ConfigServer Security & Firewall plugin. One of the functions of the plugin is to block via iptables (temporarily and/or permanently) IPs which fail various authentications (POP3/IMAP, SMTP, FTP, webmail, mod_security and such). Now, i'd like to push those IP blocks to the border router to drop packets as soon as possible (and doing so protecting the other machines on the network). Keep in mind that after N failed logins IP is blocked for 5 minutes, then re-allowed. If multiple bans occours in an hour IP is blocked permanently and should be unlocked "by hand". So I need a near realtime solution. What I'm looking for is a better way than firing some cronjobs both on cPanels and border router to: dump the rules to file transfer the file to border router (via scp/sftp) load the rules from the file in the border router I'm aware that I will need some scripts to parse and modify the rules as cPanels have one ethernet interface and some aliases while border router has two ehternet interfaces and some loopbacks. All machines involved use Linux. EDIT as per @pjmorse comment. The plugin consists of a bunch of perl and config files. The part I'm intrested in is a process which scans logfiles (lfd) and installs iptables rules (and sends an alert email). Fact is, it upgrades quite often (one or two times a week) and itself is 7000 lines of perl so I'm not comfortable on tampering with it.

    Read the article

  • Exchange on SBS2003 not receiving mail, but sending via telnet works

    - by YDdraigLas
    Last week we had a problem on our SBS2003 server where our external connection dropped out and I was only able to restore it by running netsh winsock reset catalog and netsh int ip reset. Thinking all was well, I went home for the weekend and came in today to find that we haven't received any external emails since before the original problems occurred. There are plenty of examples of this on the internet, usually to do with a firewall issue, but the odd thing here is that when I connect using telnet I can send an email and it goes straight through and into my inbox. When I send an email from Gmail or Hotmail nothing comes through at all. Internal emails are also unaffected, as are outgoing emails. There have also been a couple of emails that have come through for other users, both out-of-office replies, if that's relevant. I've run the CEICW several times, checked all the NIC settings, but no joy. Before I give up trying to fix this and reinstall the whole server, has anyone come across this problem before? I have only found fleeting references to this in previous searches and no real answers. Any advice gratefully received.

    Read the article

  • Preventing back connect in Cpanel servers

    - by Fernando
    We run a Cpanel server and someone gained access to almost all accounts using the following steps: 1) Gained access to an user account due to weak password. Note: this user didn't had shell access. 2) With this user account, he accessed Cpanel and added a cron task. The cron task was a perl script that connected to his IP and he was able to send back shell commands. 3) Having a non jailed shell, he was able to change content of most websites in server specially for users who set their folders to 777 ( Unfortunately a common recommendation and sometimes a requirement for some PHP softwares ). Is there a way to prevent this? We started by disabling cron in Cpanel interface, but this is not enough. I see a lot of other options in which an user could run this perl script. We have a firewall running and blocking uncommon outgoing ports. But he used port 80 and, well, I can't block this port as a lot of processes use them to access things, even Cpanel itself.

    Read the article

  • IPTABLES syntax help to forward Remote Desktop requests to a VM [CentOS host]

    - by NVRAM
    I've a VM running MSWindows XP hosted on my CentOS 5.4 machine. I can rdesktop into it from the hosting machine and work just fine using the private ddress (192.168.122.65), but I now need to allow Remote Desktop access from other computers (not just the machine hosting the VM). [Edit] I only need to allow access for a day or so, so don't want to add a NIC (for XP activation reasons). Could someone help me with the iptables syntax? The VM is on a private/virtual network: 192.168.122.65 and my CentOS machine is on a physical network, at 10.1.3.38 (and 192.168.122.1 as the GW for the virtual net). I found this question, but none of the answers seemed to work and I'm a bit timid at blindly trying variations. My FORWARD rules are as listed. Thanks in advance. # iptables -L FORWARD Chain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere 192.168.122.0/24 state RELATED,ESTABLISHED ACCEPT all -- 192.168.122.0/24 anywhere ACCEPT all -- anywhere anywhere REJECT all -- anywhere anywhere reject-with icmp-port-unreachable REJECT all -- anywhere anywhere reject-with icmp-port-unreachable RH-Firewall-1-INPUT all -- anywhere anywhere [Edit] If I do play "blindly" is there a simple way to reset the settings on CentOS (a la service network restart)?

    Read the article

  • Troubleshoot port forwarding. Could it be ISP blocking incoming connections?

    - by Gravy
    Had a new Axis IP camera delivered yesterday. Plugged into Cisco E2400 Wireless Router but having problems. Example topology: WAN IP: 10.10.10.10 (example) Cisco Router: 192.168.1.1 Axis Camera: 192.168.1.10:80 Port forwarding rules set up on router External Port: 999 Internal Port: 80 Protocol: TCP & UDP Device IP: 192.168.1.10:80 Enabled: True Trying to connect from within the lan to 192.168.1.1:80 from within browser - Works properly. Trying to connect from within the lan to 10:10:10:10:999 from within browser - Works properly. Trying to connect from outside the LAN (e.g. via 3g or another isp) to 10:10:10:10:999 from within browser - Doesnt work. I get the following errors from different machines / browsers: Safari could not open the page because the server stopped responding (IOS) The server at xx.xx.xx.xx is taking too long to respond. (firefox) This problem is not just for the Axis camera. I am also having similar problems connecting to my NAS drive. After using a web based port scanning tool, it appears as though port 999 is closed. Not certain why when I have set up port forwarding within the router. Any troubleshooting suggestions to help me determine whether the problem is with my Cisco settings / firewall or whether it could be my ISP blocking incoming connection requests? Many thanks

    Read the article

  • Issues with returned mail sent to web-based email domains

    - by Beeder
    My company is having issues with returned mail that we send out to external domains. A few weeks ago we replaced a firewall and changed ISP providers and began subsequently having issues RECEIVING emails from external sources because we hadn't updated our new IPs in the DNS records. After making the necessary configuration changes and setting up SMTP forwarding over port 25 to our mail server, everything was working fine up until a few days ago when we started having mail sent out returned to us. We aren't having any trouble communicating internally (to recipients on our domain) but it seems we're having trouble with outbound messages to web-based email recipients. (@hotmail, @live, @yahoo, @gmail...etc) Currently we are running Server 2003 SP2 and exchange 2003. I'm very unfamiliar with configuring Exchange and could really use some help in narrowing down the possibilities. I did some research and am becoming suspicious of Sender ID being the culprit due to our recent IP address change and the likelihood that Sender ID is identifying us as a fake domain. Am I going in entirely the wrong direction? Any input or guidance would be infinitely appreciated. This is the message that is returned when an outbound message fails...this particular one was sent to my @live.com account for testing purposes... Your message did not reach some or all of the intended recipients. The following recipient(s) could not be reached: [email protected] on 5/17/2012 3:02 PM There was a SMTP communication problem with the recipient's email server. Please contact your system administrator. Unfortunately, messages from xx.x.xx.x weren't sent. Please contact your Internet service provider since part of their network is on our block list. I tried a reverse DNS lookup and found that we are set up as a Forward-confirmed reverse DNS. So do I just need to contact my ISP and have them correct their DNS records or is this something I can solve on our end??

    Read the article

  • Reverse NAT Setup for Hyper-V on Win 2008 R2

    - by sukru
    I'm trying to setup a Linux server behind a Windows Hyper-V host that will help supply some of the services (SSH, HTTPS, etc). However getting RRAS configured for reverse NAT (port forwarding) turned out to be a non trivial task. As a staring point, I tried forwarding port 22 (SSH) to the virtual machine. The virtual machine is on a public interface (i.e.: it also has a visible IP on the same network as the host). On RRAS management console I tried to add a rule, by adding "Local Area Connection" to NAT pool (Public Interface - Enable Nat), and an incoming rule for port 22 - :22. I also tried with the same port enabled on Windows Firewall (and not). The NAT management page tells there are "1 mappings" and "30+ Outbound packets transleted". However all other counters (Inbound packets translated, and respective rejected ones) are always zero. (I'm trying to access the server from an external machine). I can directly access the service if I give the VM's public IP, but not the host's one. Is there a way to enable this on RRAS?

    Read the article

  • Troubleshooting DTCPing Errors

    - by JimmyP
    So I am running DTC ping between 2 machines on our network and am getting the following error ++++++++++++++++++++++++++++++++++++++++++++++ DTCping 1.9 Report for WEB2 ++++++++++++++++++++++++++++++++++++++++++++++ RPC server is ready ++++++++++++Validating Remote Computer Name++++++++++++ 03-03, 13:39:45.099-->Start DTC connection test Name Resolution: internal-->10.20.3.236-->internal.something 03-03, 13:39:45.114-->Start RPC test (WEB2-->internal) Problem:fail to invoke remote RPC method Error(0x6BA) at dtcping.cpp @303 -->RPC pinging exception -->1722(The RPC server is unavailable.) RPC test failed I have also run RPC ping where I get what I beleive is the same error: C:\Program Files\Windows Resource Kits\Tools>rpcping -s internal Exception 1722 (0x000006BA) Number of records is: 4 ProcessID is 5876 System Time is: 3/3/2011 2:44:12:822 Generating component is 8 Status is 1722 Detection location is 323 Flags is 0 NumberOfParameters is 0 ProcessID is 5876 System Time is: 3/3/2011 2:44:12:822 Generating component is 8 Status is 1237 Detection location is 313 Flags is 0 NumberOfParameters is 0 ProcessID is 5876 System Time is: 3/3/2011 2:44:12:822 Generating component is 8 Status is 10060 Detection location is 311 Flags is 0 NumberOfParameters is 3 Long val: 135 Pointer val: 0 Pointer val: 0 ProcessID is 5876 System Time is: 3/3/2011 2:44:12:822 Generating component is 8 Status is 10060 Detection location is 318 Flags is 0 NumberOfParameters is 0 I'm pretty sure that the exception number 1722 is the key but I can't find any info about it. There may be a firewall with ports that need opening between the machines which I am checking with our sys admins now. But I can do a regular ping between the machines. Other than that I am reading a lot of articles talking about OS services and components I know nothing about and am having trouble finding any info on. Can anyone shed any light on this? FYI the machine is running Windows Server 2003 RS SP2.

    Read the article

  • Cannot access Domain Controller through VPN

    - by Markus
    In our small network there is a Windows 2008 R2 Domain Controller that also serves as Remote Access Server. For years, we could access this server and the resources in the network over a VPN connection without any problem. Since some time however, I am able to connect to the VPN, but my Windows 8 client (and another one I used for testing purposes) is not able to connect the domain controller afterwards. I can access any other server in the network, but there seems to be a problem regarding the trust between the client(s) and the server. If I connect the client to the network directly over a LAN cable, everything works as expected. Also I can connect to another server over VPN and open a RDP prompt to the DC without a problem. On the client, whenever I try to access the DC, I get an access denied message. I've tried to update the group policies both over VPN and LAN. Also, I've removed the client from the domain and re-added it. The client shows a message that Windows requires valid login information when connected to the VPN - but my credentials are valid. They work when I logon to the client when not connected to the VPN and also when connected to the LAN. Turning off the firewall on the client and the server did not change anything. DNS resolution works both on the server and the client. What else can I do to diagnose and solve the problem?

    Read the article

  • very slow connection to ssh server from client (but not other servers)

    - by AntonOfTheWoods
    I have an Ubuntu 12.04 laptop that is taking so long to connect to various servers (in different data centres) that it seems like a bit of a lottery whether I'll actually get a connection. If I connect to the servers between themselves it's instantaneous, and I've set UseDNS no AddressFamily inet On the servers I'm connecting to (and rebooted for good measure). I also put in the reverse DNS+IP of the cable connection I'm connecting from. If I connect from the laptop via telnet: telnet my.server 22 Then the connection is also instantaneous, so it doesn't appear to be a problem with an intervening firewall. I have the same behaviour whether I connect with the IP, a short name in my hosts or the FQDN. I'm connecting with a 50mbps (cable, sync) connection so that doesn't appear to be the problem, and when I do finally get a connection then it's a good, quick, stable one. I have tried listening on another port (8000) and that makes no difference. Web and other connections from the laptop to the machine are also very good. Does anyone have any ideas here?

    Read the article

  • Cannot connect to a shared network drive

    - by dublintech
    I am using windows 7, I cannot connect to a shared network drive on another machine. I can ping the machine. I can remote desktop connect to the machine. The machine is on the same subnet My friend with the exact same laptop as me (and on the same network, same workgroup) can connect to the shared folder. The machine I am trying to connect to and my friends machine can both see shared folders on my machine. I also cannot see shared folders on the friends laptop. When I select diagnose, windows tells me nothing useful. When I select see details on the error pop up, I see: Error code: 0x80004005 (google doesn't help much) I can nbtstat -a the machine who has the shared folder. When I try with my firewall turned off the same happens. I have ensured my windows 7 has all updates. I run security essentials to ensure my laptop is clean. I run ccleaner to clean up my registry. Same error. I have tried with my laptop on both wireless and ethernet. As you can imagine, I am banging my head against the wall on this one.

    Read the article

  • What ports, besides 80, need to be available to send (only send) email using phpmailer to gmail over SSL?

    - by Wobblefoot
    Using phpmailer I keep getting a 110 timeout and "Unable to connect to host" when sending email from my web server. The authentication details are right and they work on another server I have (login, pwd, ports etc and gmail acct set up for SSL connections on 465), but it's failing on my new server. FIREWALL: I allow related/established, port 80 and a port for SSH on INPUT, then this on OUTPUT: 7906 474K DROP tcp -- any any anywhere anywhere tcp dpt:smtp 0 0 ACCEPT tcp -- any any localhost.localdomain yw-in-f109.1e100.net tcp dpt:submission 0 0 ACCEPT tcp -- any any localhost.localdomain gx-in-f109.1e100.net tcp dpt:ssmtp 0 0 DROP tcp -- any any anywhere anywhere tcp dpt:submission 9 540 DROP tcp -- any any anywhere anywhere tcp dpt:ssmtp This output chain works on my other server and disabling it doesn't get mail delivered either. WEB SERVER: Varnish (80) Nginx (8088) Drupal 7 PHP5-FPM APC MySQL All works beautifully, except for outgoing email. What else could it be? I understand phpmailer does NOT require a local MTA or procmail (this is sort of the point - I don't want the security or admin overhead of a full blown MTA on my web server). Am I wrong? Do I need an MTA as well? What local ports and programs are used to authenticate over SSL and route mail using phpmailer? Any ideas at all greatly appreciated - wasted a day on this nonsense already!

    Read the article

  • Windows 7, network transmit (send) not working

    - by user326287
    My Win 7 works 2 years without problem. But now, I can't transmit (send) big data on LAN/Internet. I can: - Ping anything - Browse Internet, download files at full speed - Send e-mails with very small attachments. - Testing download speed on Speedtest.net, measure stable full speed. I can't: - Testing upload speed on Speedtest.net. Upload stuck.. - Save/send email messages with big (128k) attachment, independent from e-mail provider or e-mail box. THIS IS NOT A HARDWARE/CABLE/CARD OR OTHER NETWORK DEVICES PROBLEM! When I boot from a Linux Live CD, without ANY hardware change, all data sending, testing works correctly, at full speed. I have tried already in Win 7: - Disable Windows/3rd party Firewall completely - Reset IP stack parameters (netsh int ip reset c:\resetlog.txt) - Computer restore - Reinstall LAN driver When I inspect the packets in Wireshark in Windows, I see lot's of (maybe 60% of sent packets) "TCP Retransmission". Sometimes receive "TCP Dup Ack" or "TCP Out-of-Order". Linux don't do this. Thank you for the help.

    Read the article

  • Bing Desktop not updating the wallpaper anymore

    - by warmth
    For some reason, first my workstation and then my tablet stopped updating the wallpaper. First I thought it was my company that was avoiding the app to work properly but then I started noticing that the app itself is a mess: It has two storage and formats for the wallpapers: C:\Users\<username>\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\VersionIndependent\images with a #####.jpg (single number) image format & C:\Users\<username>\AppData\Local\Microsoft\BingDesktop\themes with a ####-##-##.jpg (date) image format. I read here that deleting the themes folder it will get remade with the new images, and it worked. However those are not the files used by the Wallpaper app and deleting the images folder won't get the same result. I have added Bing Desktop to the Firewall white list and the issue is still there. Any ideas? Currently I'm using DisplayFusion to place the wallpaper manually because the company doesn't allow change the wallpapers (policies). Note: I wrote to the DisplayFusion developers to suggest adding a feature to support Bing Wallpapers. They told me there was no API support to implement it but they will study this possibility (workaround) for the future: http://stackoverflow.com/questions/10639914/is-there-a-way-to-get-bings-photo-of-the-day

    Read the article

  • Passive mode FTP file download hangs from specific machine

    - by chiptuned
    I have a server which is an AWS instance that just cannot download files from a specific FTP server. I can connect to the FTP server fine and run some commands, but when I request a file it just hangs. Here is the debug output of the base linux ftp client after login: ---> SYST 215 UNIX Type: Apache FtpServer Remote system type is UNIX. ftp> get outgoing/catalog.gz catalog.gz local: catalog.gz remote: outgoing/catalog.gz ---> PASV 227 Entering Passive Mode (64,156,167,125,135,191) ---> RETR outgoing/catalog.gz 150 File status okay; about to open data connection. Thats it. Then it just sits there and nothing transfers. I have verified that a data connection is made but the client gets no data. ? ss -nt dst 64.156.167.125 State Recv-Q Send-Q Local Address:Port Peer Address:Port ESTAB 0 0 10.185.147.150:41190 64.156.167.125:21 ESTAB 0 0 10.185.147.150:48871 64.156.167.125:48557 The FTP server is not in my control and downloads from other FTP servers in passive mode have worked. Active mode does not work as the system is behind a firewall. Every FTP client I've tried has the same problem. The download works from other systems, even from other AWS instances I have with the same Security Group. Not necessarily the same distro or config though. I understand it may be some issue on the server side, but I want to know what it is about my particular machine where the transfer hangs and where on every other machine I can get my hands on, it works. Please let me know what the culprit on the client side could be or ideas on what else to look at.

    Read the article

  • How many iptables block rules is too many

    - by mhost
    We have a server with a Quad-Core AMD Opteron Processor 2378. It acts as our firewall for several servers. I've been asked to block all IPs from China. In a separate network, we have some small VPS machines (256MB and 512MB). I've been asked to block china on those VPS's as well. I've looked online and found lists which requires 4500 block rules. My question is will putting in all 4500 rules be a problem? I know iptables can handle far more rules than that, what I am concerned about is since these are blocks that I don't want to have access to any port, I need to put these rules before any allow. This means all legitimate traffic needs to be compared to all those rules before getting through. Will the traffic be noticeably slower after implementing this? Will those small VPS's be able to handle processing that many rules for every new packet (I'll put an established allow before the blocks)? My question is not How many rules can iptables support?, its about the effect that these rules will have on load and speed. Thanks.

    Read the article

  • Website is not accessible from server which is using proxy

    - by Bhoot
    I hosted a website in a win 2008 R2 server which runs in private domain. I set up bindings for port 80 and 443 for http & https respectively. Created inbound rule for port 80 and 443 also in windows firewall. After doing all this, i am still not able to access my website from remote machine. IE : Internet Explorer cannot display the webpage. Chrome : Oops! Google Chrome could not find xxxxxx Tried accessing website by ip address but no luck. I tried to ping that server but it says TTL expired in Transit. Now i found some more information over internet to check if the server is using any kind of proxy in between. I found my IP address at www.getip.com, but ipconfig/all gives me a different IP address. Is it really a problem if we use proxy ? I am not sure if i have concluded it correctly. But is there any way out to resolve this issue? Update ::: I figured it out. I have to call that website with external IP address. due to the proxy settings i was not able to call that website by the server's IP or name of that machine.

    Read the article

  • Need solution for Network/Servers.

    - by rehanplus
    Dear All, Please help me. I just joined a new Hospital and want some help managing my network. There are some requirements: Current Network: There is a D.S.L connection and that is terminated on a LINUX proxy and then connected to D-Link layer 2 switches and then providing internet to more then 200 PC's (Would be increasing to 1500 in couple of months). D-Link switches are not configured yet. Also there is one Database server Report server and an application server. In near Future Application should be accessed by local users as well as remote users from internet via our web server. We do have a sharing server and all these servers databases and PC's are on single sub net. Required Network: All i do want is to secure my network from outside access and just allowing specific users via web application and they will be submitting there record for patient card and appointment facility by means of application and entering there record (on our database) but not violating our network resources. Secondly in house users also need to access the same application and also internet but they must have some unique identity and rights (i.e. Finance lab dept. peoples do have limited access to that application). Notes: Should i create V LAN or break sub nets. Having a firewall will solve my issues? is a router needed on these type of scenario's. Currently all the access are restricted from Linux Proxy. Thanks.

    Read the article

  • My Ubuntu 10.04 server kills all WAN bandwidth when it's attached to my LAN. Where do you begin troubleshooting?

    - by rrc7cz
    First I should say that my Linux knowledge is minimal; just enough to set up some servers (Apache, Tomcat, Couch, etc). I built a MiniITX server to host some simple sites, act as an SSH tunnel while I'm away, and act as a torrent server. It was not properly secured for a long time (iptables was empty, all ports open, no firewall) though my router did not have much port forwarding set up beyond HTTP, FTP, and SSH. A week or two ago my bandwidth at home dropped from around 27Mbps to 2Mbps and my upload went from 7Mbps to 0.06Mbps. When I unplug the server from the LAN, by bandwidth shoots back up. I threw up a restrictive iptables, removed most of the port forwarding, and checked my router logs to see if there were any open connections from the server (malware?) but there were none. What would you do? What are the first things you'd check? I can of course reinstall everything from scratch, but I'd like to find the root cause.

    Read the article

  • Integrating external computer into a domain - some recommendations please

    - by TomTom
    Given: * A multi loation company. Every office has local routers that connect to a central VPN capable rouer in a data center. All fine so far. We now need to move a computer off site into a hosting center across the globe, to get it closer to some supplier computers we work for. it will run limited logic but latency is important, and our latency so far is too large. This computer will be in a data center and does no require incoming connections except for adminsitrative purposes, although it needs outgoing connetions. I have no real chance to put one of my VPN routers there, sadly - otherwise I would have no problem. Usage of RRAs is not recommended (we had various probblems there over time). I could deal with it. The computer MUSt integrate into the corporate structure via VPN and join the domain and be fully "tracked" (controlled for performance). What is the best suggestion? So far it looks like my best bets woudl be to log in via RRAS and deal with whatever issues arise there plus uise the local firewall the limit incoming connections to this computer to what is needed (which runs down to an emergency RDP connection allowance). Anyone a better idea?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 113 114 115 116 117 118 119 120 121 122 123 124  | Next Page >