Search Results

Search found 4786 results on 192 pages for 'traffic shaping'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 118/192 | < Previous Page | 114 115 116 117 118 119 120 121 122 123 124 125  | Next Page >

  • Broadcom NIC Teaming w/ 802.3ad and Dell Powerconnect 2824

    - by Carltoncl
    We have a Poweredge R210 running WS2K8R2. The server has two Broadcom 5716C NICs running Broadcom BASP. I can team the NICs using the 802.3ad protocol on the server end no problem. I have no VLAN. Now I go to the 2824 switch (default settings all round) running in managed mode and create a LAG with ports g1 and g2. As soon as I add these ports, I lose the ability to send traffic to or from the server. I am much more of a server guy than a networking guy, what am I doing wrong here? Server Static IP Address: 10.10.61.15 Network mask: 255.255.255.0 Gateway: 10.10.61.51 The 2824 switch has an IP address of 10.10.61.51 and in turn has its gateway as our firewall server running ISA Server at 10.10.61.50.

    Read the article

  • ASA hairpining: I basicaly want to allow 2 spokes to be able to communicate with each other.

    - by Thirst4Knowledge
    ASA Spoke to Spoke Communication I have been looking at spke to spoke comms or "hairpining" for months and have posted on numerouse forums but to no avail. I have a Hub and spoke network where the HUB is an ASA Firewall version 8.2 * I basicaly want to allow 2 spokes to be able to communicate with each other. I think that I have got the concept of the ASA Config for example: same-security-traffic permit intra-interface access-list HQ-LAN extended permit ip ASA-LAN 255.255.248.0 HQ-LAN 255.255.255.0 access-list HQ-LAN extended permit ip 192.168.99.0 255.255.255.0 HQ-LAN 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 HQ-LAN 255.255.255.0 access-list no-nat extended permit ip HQ-LAN 255.255.255.0 192.168.99.0 255.255.255.0 access-list no-nat extended permit ip 192.168.99.0 255.255.255.0 HQ-LAN 255.255.255.0 I think my problem may be that the other spokes are not CIsco Firewalls and I need to work out how to do the alternative setups. I want to at least make sure that my firewall etup is correct then I can move onto the other spokes here is my config: Hostname ASA domain-name mydomain.com names ! interface Ethernet0/0 speed 100 duplex full nameif outside security-level 0 ip address 1.1.1.246 255.255.255.224 ! interface Ethernet0/1 speed 100 duplex full nameif inside security-level 100 ip address 192.168.240.33 255.255.255.224 ! interface Ethernet0/2 description DMZ VLAN-253 speed 100 duplex full nameif DMZ security-level 50 ip address 192.168.254.1 255.255.255.0 ! interface Ethernet0/3 no nameif no security-level no ip address ! boot system disk0:/asa821-k8.bin ftp mode passive clock timezone GMT/BST 0 dns server-group DefaultDNS domain-name mydomain.com same-security-traffic permit inter-interface same-security-traffic permit intra-interface object-group network ASA_LAN_Plus_HQ_LAN network-object ASA_LAN 255.255.248.0 network-object HQ-LAN 255.255.255.0 access-list outside_acl remark Exchange web access-list outside_acl extended permit tcp any host MS-Exchange_server-NAT eq https access-list outside_acl remark PPTP Encapsulation access-list outside_acl extended permit gre any host MS-ISA-Server-NAT access-list outside_acl remark PPTP access-list outside_acl extended permit tcp any host MS-ISA-Server-NAT eq pptp access-list outside_acl remark Intra Http access-list outside_acl extended permit tcp any host MS-ISA-Server-NAT eq www access-list outside_acl remark Intra Https access-list outside_acl extended permit tcp any host MS-ISA-Server-NAT eq https access-list outside_acl remark SSL Server-Https 443 access-list outside_acl remark Https 8443(Open VPN Custom port for SSLVPN client downlaod) access-list outside_acl remark FTP 20 access-list outside_acl remark Http access-list outside_acl extended permit tcp any host OpenVPN-Srvr-NAT object-group DM_INLINE_TCP_1 access-list outside_acl extended permit tcp any host OpenVPN-Srvr-NAT eq 8443 access-list outside_acl extended permit tcp any host OpenVPN-Srvr-NAT eq www access-list outside_acl remark For secure remote Managment-SSH access-list outside_acl extended permit tcp any host OpenVPN-Srvr-NAT eq ssh access-list outside_acl extended permit ip Genimage_Anyconnect 255.255.255.0 ASA_LAN 255.255.248.0 access-list ASP-Live remark Live ASP access-list ASP-Live extended permit ip ASA_LAN 255.255.248.0 192.168.60.0 255.255.255.0 access-list Bo remark Bo access-list Bo extended permit ip ASA_LAN 255.255.248.0 192.168.169.0 255.255.255.0 access-list Bill remark Bill access-list Bill extended permit ip ASA_LAN 255.255.248.0 Bill.15 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 Bill.5 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.149.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.160.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.165.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.144.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.140.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.152.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.153.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.163.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.157.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.167.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.156.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 North-Office-LAN 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.161.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.143.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.137.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.159.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 HQ-LAN 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.169.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.150.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.162.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.166.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.168.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.174.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.127.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.173.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.175.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.176.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.100.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 192.168.99.0 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 10.10.10.0 255.255.255.0 access-list no-nat extended permit ip host 192.168.240.34 Cisco-admin-LAN 255.255.255.0 access-list no-nat extended permit ip ASA_LAN 255.255.248.0 Genimage_Anyconnect 255.255.255.0 access-list no-nat extended permit ip host Tunnel-DC host HQ-SDSL-Peer access-list no-nat extended permit ip HQ-LAN 255.255.255.0 North-Office-LAN 255.255.255.0 access-list no-nat extended permit ip North-Office-LAN 255.255.255.0 HQ-LAN 255.255.255.0 access-list Car remark Car access-list Car extended permit ip ASA_LAN 255.255.248.0 192.168.165.0 255.255.255.0 access-list Che remark Che access-list Che extended permit ip ASA_LAN 255.255.248.0 192.168.144.0 255.255.255.0 access-list Chi remark Chi access-list Chi extended permit ip ASA_LAN 255.255.248.0 192.168.140.0 255.255.255.0 access-list Cla remark Cla access-list Cla extended permit ip ASA_LAN 255.255.248.0 192.168.152.0 255.255.255.0 access-list Eas remark Eas access-list Eas extended permit ip ASA_LAN 255.255.248.0 192.168.149.0 255.255.255.0 access-list Ess remark Ess access-list Ess extended permit ip ASA_LAN 255.255.248.0 192.168.153.0 255.255.255.0 access-list Gat remark Gat access-list Gat extended permit ip ASA_LAN 255.255.248.0 192.168.163.0 255.255.255.0 access-list Hud remark Hud access-list Hud extended permit ip ASA_LAN 255.255.248.0 192.168.157.0 255.255.255.0 access-list Ilk remark Ilk access-list Ilk extended permit ip ASA_LAN 255.255.248.0 192.168.167.0 255.255.255.0 access-list Ken remark Ken access-list Ken extended permit ip ASA_LAN 255.255.248.0 192.168.156.0 255.255.255.0 access-list North-Office remark North-Office access-list North-Office extended permit ip ASA_LAN 255.255.248.0 North-Office-LAN 255.255.255.0 access-list inside_acl remark Inside_ad access-list inside_acl extended permit ip any any access-list Old_HQ remark Old_HQ access-list Old_HQ extended permit ip ASA_LAN 255.255.248.0 HQ-LAN 255.255.255.0 access-list Old_HQ extended permit ip HQ-LAN 255.255.255.0 192.168.99.0 255.255.255.0 access-list She remark She access-list She extended permit ip ASA_LAN 255.255.248.0 192.168.150.0 255.255.255.0 access-list Lit remark Lit access-list Lit extended permit ip ASA_LAN 255.255.248.0 192.168.143.0 255.255.255.0 access-list Mid remark Mid access-list Mid extended permit ip ASA_LAN 255.255.248.0 192.168.137.0 255.255.255.0 access-list Spi remark Spi access-list Spi extended permit ip ASA_LAN 255.255.248.0 192.168.162.0 255.255.255.0 access-list Tor remark Tor access-list Tor extended permit ip ASA_LAN 255.255.248.0 192.168.166.0 255.255.255.0 access-list Tra remark Tra access-list Tra extended permit ip ASA_LAN 255.255.248.0 192.168.168.0 255.255.255.0 access-list Tru remark Tru access-list Tru extended permit ip ASA_LAN 255.255.248.0 192.168.174.0 255.255.255.0 access-list Yo remark Yo access-list Yo extended permit ip ASA_LAN 255.255.248.0 192.168.127.0 255.255.255.0 access-list Nor remark Nor access-list Nor extended permit ip ASA_LAN 255.255.248.0 192.168.159.0 255.255.255.0 access-list Nor extended permit ip ASA_LAN 255.255.248.0 192.168.173.0 255.255.255.0 inactive access-list ST remark ST access-list ST extended permit ip ASA_LAN 255.255.248.0 192.168.175.0 255.255.255.0 access-list Le remark Le access-list Le extended permit ip ASA_LAN 255.255.248.0 192.168.161.0 255.255.255.0 access-list DMZ-ACL remark DMZ access-list DMZ-ACL extended permit ip host OpenVPN-Srvr any access-list no-nat-dmz remark DMZ -No Nat access-list no-nat-dmz extended permit ip 192.168.250.0 255.255.255.0 HQ-LAN 255.255.255.0 access-list Split_Tunnel_List remark ASA-LAN access-list Split_Tunnel_List standard permit ASA_LAN 255.255.248.0 access-list Split_Tunnel_List standard permit Genimage_Anyconnect 255.255.255.0 access-list outside_cryptomap_30 remark Po access-list outside_cryptomap_30 extended permit ip ASA_LAN 255.255.248.0 Po 255.255.255.0 access-list outside_cryptomap_24 extended permit ip ASA_LAN 255.255.248.0 192.168.100.0 255.255.255.0 access-list outside_cryptomap_16 extended permit ip ASA_LAN 255.255.248.0 192.168.99.0 255.255.255.0 access-list outside_cryptomap_34 extended permit ip ASA_LAN 255.255.248.0 10.10.10.0 255.255.255.0 access-list outside_31_cryptomap extended permit ip host 192.168.240.34 Cisco-admin-LAN 255.255.255.0 access-list outside_32_cryptomap extended permit ip host Tunnel-DC host HQ-SDSL-Peer access-list Genimage_VPN_Any_connect_pix_client remark Genimage "Any Connect" VPN access-list Genimage_VPN_Any_connect_pix_client standard permit Genimage_Anyconnect 255.255.255.0 access-list Split-Tunnel-ACL standard permit ASA_LAN 255.255.248.0 access-list nonat extended permit ip HQ-LAN 255.255.255.0 192.168.99.0 255.255.255.0 pager lines 24 logging enable logging timestamp logging console notifications logging monitor notifications logging buffered warnings logging asdm informational no logging message 106015 no logging message 313001 no logging message 313008 no logging message 106023 no logging message 710003 no logging message 106100 no logging message 302015 no logging message 302014 no logging message 302013 no logging message 302018 no logging message 302017 no logging message 302016 no logging message 302021 no logging message 302020 flow-export destination inside MS-ISA-Server 2055 flow-export destination outside 192.168.130.126 2055 flow-export template timeout-rate 1 flow-export delay flow-create 15 mtu outside 1500 mtu inside 1500 mtu DMZ 1500 mtu management 1500 ip local pool RAS-VPN 10.0.0.1.1-10.0.0.1.254 mask 255.255.255.255 icmp unreachable rate-limit 1 burst-size 1 icmp permit any unreachable outside icmp permit any echo outside icmp permit any echo-reply outside icmp permit any outside icmp permit any echo inside icmp permit any echo-reply inside icmp permit any echo DMZ icmp permit any echo-reply DMZ asdm image disk0:/asdm-621.bin no asdm history enable arp timeout 14400 nat-control global (outside) 1 interface global (inside) 1 interface nat (inside) 0 access-list no-nat nat (inside) 1 0.0.0.0 0.0.0.0 nat (DMZ) 0 access-list no-nat-dmz static (inside,outside) MS-ISA-Server-NAT MS-ISA-Server netmask 255.255.255.255 static (DMZ,outside) OpenVPN-Srvr-NAT OpenVPN-Srvr netmask 255.255.255.255 static (inside,outside) MS-Exchange_server-NAT MS-Exchange_server netmask 255.255.255.255 access-group outside_acl in interface outside access-group inside_acl in interface inside access-group DMZ-ACL in interface DMZ route outside 0.0.0.0 0.0.0.0 1.1.1.225 1 route inside 10.10.10.0 255.255.255.0 192.168.240.34 1 route outside Genimage_Anyconnect 255.255.255.0 1.1.1.225 1 route inside Open-VPN 255.255.248.0 OpenVPN-Srvr 1 route inside HQledon-Voice-LAN 255.255.255.0 192.168.240.34 1 route outside Bill 255.255.255.0 1.1.1.225 1 route outside Yo 255.255.255.0 1.1.1.225 1 route inside 192.168.129.0 255.255.255.0 192.168.240.34 1 route outside HQ-LAN 255.255.255.0 1.1.1.225 1 route outside Mid 255.255.255.0 1.1.1.225 1 route outside 192.168.140.0 255.255.255.0 1.1.1.225 1 route outside 192.168.143.0 255.255.255.0 1.1.1.225 1 route outside 192.168.144.0 255.255.255.0 1.1.1.225 1 route outside 192.168.149.0 255.255.255.0 1.1.1.225 1 route outside 192.168.152.0 255.255.255.0 1.1.1.225 1 route outside 192.168.153.0 255.255.255.0 1.1.1.225 1 route outside North-Office-LAN 255.255.255.0 1.1.1.225 1 route outside 192.168.156.0 255.255.255.0 1.1.1.225 1 route outside 192.168.157.0 255.255.255.0 1.1.1.225 1 route outside 192.168.159.0 255.255.255.0 1.1.1.225 1 route outside 192.168.160.0 255.255.255.0 1.1.1.225 1 route outside 192.168.161.0 255.255.255.0 1.1.1.225 1 route outside 192.168.162.0 255.255.255.0 1.1.1.225 1 route outside 192.168.163.0 255.255.255.0 1.1.1.225 1 route outside 192.168.165.0 255.255.255.0 1.1.1.225 1 route outside 192.168.166.0 255.255.255.0 1.1.1.225 1 route outside 192.168.167.0 255.255.255.0 1.1.1.225 1 route outside 192.168.168.0 255.255.255.0 1.1.1.225 1 route outside 192.168.173.0 255.255.255.0 1.1.1.225 1 route outside 192.168.174.0 255.255.255.0 1.1.1.225 1 route outside 192.168.175.0 255.255.255.0 1.1.1.225 1 route outside 192.168.99.0 255.255.255.0 1.1.1.225 1 route inside ASA_LAN 255.255.255.0 192.168.240.34 1 route inside 192.168.124.0 255.255.255.0 192.168.240.34 1 route inside 192.168.50.0 255.255.255.0 192.168.240.34 1 route inside 192.168.51.0 255.255.255.128 192.168.240.34 1 route inside 192.168.240.0 255.255.255.224 192.168.240.34 1 route inside 192.168.240.164 255.255.255.224 192.168.240.34 1 route inside 192.168.240.196 255.255.255.224 192.168.240.34 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy aaa-server vpn protocol radius max-failed-attempts 5 aaa-server vpn (inside) host 192.168.X.2 timeout 60 key a5a53r3t authentication-port 1812 radius-common-pw a5a53r3t aaa authentication ssh console LOCAL aaa authentication http console LOCAL http server enable http 0.0.0.0 0.0.0.0 inside http 1.1.1.2 255.255.255.255 outside http 1.1.1.234 255.255.255.255 outside http 0.0.0.0 0.0.0.0 management http 1.1.100.198 255.255.255.255 outside http 0.0.0.0 0.0.0.0 outside crypto map FW_Outside_map 1 match address Bill crypto map FW_Outside_map 1 set peer x.x.x.121 crypto map FW_Outside_map 1 set transform-set SECURE crypto map FW_Outside_map 2 match address Bo crypto map FW_Outside_map 2 set peer x.x.x.202 crypto map FW_Outside_map 2 set transform-set SECURE crypto map FW_Outside_map 3 match address ASP-Live crypto map FW_Outside_map 3 set peer x.x.x.113 crypto map FW_Outside_map 3 set transform-set SECURE crypto map FW_Outside_map 4 match address Car crypto map FW_Outside_map 4 set peer x.x.x.205 crypto map FW_Outside_map 4 set transform-set SECURE crypto map FW_Outside_map 5 match address Old_HQ crypto map FW_Outside_map 5 set peer x.x.x.2 crypto map FW_Outside_map 5 set transform-set SECURE WG crypto map FW_Outside_map 6 match address Che crypto map FW_Outside_map 6 set peer x.x.x.204 crypto map FW_Outside_map 6 set transform-set SECURE crypto map FW_Outside_map 7 match address Chi crypto map FW_Outside_map 7 set peer x.x.x.212 crypto map FW_Outside_map 7 set transform-set SECURE crypto map FW_Outside_map 8 match address Cla crypto map FW_Outside_map 8 set peer x.x.x.215 crypto map FW_Outside_map 8 set transform-set SECURE crypto map FW_Outside_map 9 match address Eas crypto map FW_Outside_map 9 set peer x.x.x.247 crypto map FW_Outside_map 9 set transform-set SECURE crypto map FW_Outside_map 10 match address Ess crypto map FW_Outside_map 10 set peer x.x.x.170 crypto map FW_Outside_map 10 set transform-set SECURE crypto map FW_Outside_map 11 match address Hud crypto map FW_Outside_map 11 set peer x.x.x.8 crypto map FW_Outside_map 11 set transform-set SECURE crypto map FW_Outside_map 12 match address Gat crypto map FW_Outside_map 12 set peer x.x.x.212 crypto map FW_Outside_map 12 set transform-set SECURE crypto map FW_Outside_map 13 match address Ken crypto map FW_Outside_map 13 set peer x.x.x.230 crypto map FW_Outside_map 13 set transform-set SECURE crypto map FW_Outside_map 14 match address She crypto map FW_Outside_map 14 set peer x.x.x.24 crypto map FW_Outside_map 14 set transform-set SECURE crypto map FW_Outside_map 15 match address North-Office crypto map FW_Outside_map 15 set peer x.x.x.94 crypto map FW_Outside_map 15 set transform-set SECURE crypto map FW_Outside_map 16 match address outside_cryptomap_16 crypto map FW_Outside_map 16 set peer x.x.x.134 crypto map FW_Outside_map 16 set transform-set SECURE crypto map FW_Outside_map 16 set security-association lifetime seconds crypto map FW_Outside_map 17 match address Lit crypto map FW_Outside_map 17 set peer x.x.x.110 crypto map FW_Outside_map 17 set transform-set SECURE crypto map FW_Outside_map 18 match address Mid crypto map FW_Outside_map 18 set peer 78.x.x.110 crypto map FW_Outside_map 18 set transform-set SECURE crypto map FW_Outside_map 19 match address Sp crypto map FW_Outside_map 19 set peer x.x.x.47 crypto map FW_Outside_map 19 set transform-set SECURE crypto map FW_Outside_map 20 match address Tor crypto map FW_Outside_map 20 set peer x.x.x.184 crypto map FW_Outside_map 20 set transform-set SECURE crypto map FW_Outside_map 21 match address Tr crypto map FW_Outside_map 21 set peer x.x.x.75 crypto map FW_Outside_map 21 set transform-set SECURE crypto map FW_Outside_map 22 match address Yo crypto map FW_Outside_map 22 set peer x.x.x.40 crypto map FW_Outside_map 22 set transform-set SECURE crypto map FW_Outside_map 23 match address Tra crypto map FW_Outside_map 23 set peer x.x.x.145 crypto map FW_Outside_map 23 set transform-set SECURE crypto map FW_Outside_map 24 match address outside_cryptomap_24 crypto map FW_Outside_map 24 set peer x.x.x.46 crypto map FW_Outside_map 24 set transform-set SECURE crypto map FW_Outside_map 24 set security-association lifetime seconds crypto map FW_Outside_map 25 match address Nor crypto map FW_Outside_map 25 set peer x.x.x.70 crypto map FW_Outside_map 25 set transform-set SECURE crypto map FW_Outside_map 26 match address Ilk crypto map FW_Outside_map 26 set peer x.x.x.65 crypto map FW_Outside_map 26 set transform-set SECURE crypto map FW_Outside_map 27 match address Nor crypto map FW_Outside_map 27 set peer x.x.x.240 crypto map FW_Outside_map 27 set transform-set SECURE crypto map FW_Outside_map 28 match address ST crypto map FW_Outside_map 28 set peer x.x.x.163 crypto map FW_Outside_map 28 set transform-set SECURE crypto map FW_Outside_map 28 set security-association lifetime seconds crypto map FW_Outside_map 28 set security-association lifetime kilobytes crypto map FW_Outside_map 29 match address Lei crypto map FW_Outside_map 29 set peer x.x.x.4 crypto map FW_Outside_map 29 set transform-set SECURE crypto map FW_Outside_map 30 match address outside_cryptomap_30 crypto map FW_Outside_map 30 set peer x.x.x.34 crypto map FW_Outside_map 30 set transform-set SECURE crypto map FW_Outside_map 31 match address outside_31_cryptomap crypto map FW_Outside_map 31 set pfs crypto map FW_Outside_map 31 set peer Cisco-admin-Peer crypto map FW_Outside_map 31 set transform-set ESP-AES-256-SHA crypto map FW_Outside_map 32 match address outside_32_cryptomap crypto map FW_Outside_map 32 set pfs crypto map FW_Outside_map 32 set peer HQ-SDSL-Peer crypto map FW_Outside_map 32 set transform-set ESP-AES-256-SHA crypto map FW_Outside_map 34 match address outside_cryptomap_34 crypto map FW_Outside_map 34 set peer x.x.x.246 crypto map FW_Outside_map 34 set transform-set ESP-AES-128-SHA ESP-AES-192-SHA ESP-AES-256-SHA crypto map FW_Outside_map 65535 ipsec-isakmp dynamic dynmap crypto map FW_Outside_map interface outside crypto map FW_outside_map 31 set peer x.x.x.45 crypto isakmp identity address crypto isakmp enable outside crypto isakmp policy 9 webvpn enable outside svc enable group-policy ASA-LAN-VPN internal group-policy ASA_LAN-VPN attributes wins-server value 192.168.x.1 192.168.x.2 dns-server value 192.168.x.1 192.168.x.2 vpn-tunnel-protocol IPSec svc split-tunnel-policy tunnelspecified split-tunnel-network-list value Split-Tunnel-ACL default-domain value MYdomain username xxxxxxxxxx password privilege 15 tunnel-group DefaultRAGroup ipsec-attributes isakmp keepalive threshold 30 retry 2 tunnel-group DefaultWEBVPNGroup ipsec-attributes isakmp keepalive threshold 30 retry 2 tunnel-group x.x.x.121 type ipsec-l2l tunnel-group x.x.x..121 ipsec-attributes pre-shared-key * isakmp keepalive threshold 30 retry 2 tunnel-group x.x.x.202 type ipsec-l2l tunnel-group x.x.x.202 ipsec-attributes pre-shared-key * isakmp keepalive threshold 30 retry 2 tunnel-group x.x.x.113 type ipsec-l2l tunnel-group x.x.x.113 ipsec-attributes pre-shared-key * isakmp keepalive threshold 30 retry 2 tunnel-group x.x.x.205 type ipsec-l2l tunnel-group x.x.x.205 ipsec-attributes pre-shared-key * isakmp keepalive threshold 30 retry 2 tunnel-group x.x.x.204 type ipsec-l2l tunnel-group x.x.x.204 ipsec-attributes pre-shared-key * isakmp keepalive threshold 30 retry 2 tunnel-group x.x.x.212 type ipsec-l2l tunnel-group x.x.x.212 ipsec-attributes pre-shared-key * tunnel-group x.x.x.215 type ipsec-l2l tunnel-group x.x.x.215 ipsec-attributes pre-shared-key * tunnel-group x.x.x.247 type ipsec-l2l tunnel-group x.x.x.247 ipsec-attributes pre-shared-key * tunnel-group x.x.x.170 type ipsec-l2l tunnel-group x.x.x.170 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x..8 type ipsec-l2l tunnel-group x.x.x.8 ipsec-attributes pre-shared-key * tunnel-group x.x.x.212 type ipsec-l2l tunnel-group x.x.x.212 ipsec-attributes pre-shared-key * tunnel-group x.x.x.230 type ipsec-l2l tunnel-group x.x.x.230 ipsec-attributes pre-shared-key * tunnel-group x.x.x.24 type ipsec-l2l tunnel-group x.x.x.24 ipsec-attributes pre-shared-key * tunnel-group x.x.x.46 type ipsec-l2l tunnel-group x.x.x.46 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x.4 type ipsec-l2l tunnel-group x.x.x.4 ipsec-attributes pre-shared-key * tunnel-group x.x.x.110 type ipsec-l2l tunnel-group x.x.x.110 ipsec-attributes pre-shared-key * tunnel-group 78.x.x.110 type ipsec-l2l tunnel-group 78.x.x.110 ipsec-attributes pre-shared-key * tunnel-group x.x.x.47 type ipsec-l2l tunnel-group x.x.x.47 ipsec-attributes pre-shared-key * tunnel-group x.x.x.34 type ipsec-l2l tunnel-group x.x.x.34 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x..129 type ipsec-l2l tunnel-group x.x.x.129 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x.94 type ipsec-l2l tunnel-group x.x.x.94 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x.40 type ipsec-l2l tunnel-group x.x.x.40 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x.65 type ipsec-l2l tunnel-group x.x.x.65 ipsec-attributes pre-shared-key * tunnel-group x.x.x.70 type ipsec-l2l tunnel-group x.x.x.70 ipsec-attributes pre-shared-key * tunnel-group x.x.x.134 type ipsec-l2l tunnel-group x.x.x.134 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x.163 type ipsec-l2l tunnel-group x.x.x.163 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x.2 type ipsec-l2l tunnel-group x.x.x.2 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group ASA-LAN-VPN type remote-access tunnel-group ASA-LAN-VPN general-attributes address-pool RAS-VPN authentication-server-group vpn authentication-server-group (outside) vpn default-group-policy ASA-LAN-VPN tunnel-group ASA-LAN-VPN ipsec-attributes pre-shared-key * tunnel-group x.x.x.184 type ipsec-l2l tunnel-group x.x.x.184 ipsec-attributes pre-shared-key * tunnel-group x.x.x.145 type ipsec-l2l tunnel-group x.x.x.145 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x.75 type ipsec-l2l tunnel-group x.x.x.75 ipsec-attributes pre-shared-key * tunnel-group x.x.x.246 type ipsec-l2l tunnel-group x.x.x.246 ipsec-attributes pre-shared-key * isakmp keepalive disable tunnel-group x.x.x.2 type ipsec-l2l tunnel-group x.x.x..2 ipsec-attributes pre-shared-key * tunnel-group x.x.x.98 type ipsec-l2l tunnel-group x.x.x.98 ipsec-attributes pre-shared-key * ! ! ! policy-map global_policy description Netflow class class-default flow-export event-type all destination MS-ISA-Server policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum 512 Anyone have a clue because Im on the verge of going postal.....

    Read the article

  • OpenVPN Problems, connecting with Windows OpenVPC client to Linux OpenVPN

    - by Filip Ekberg
    After following this guide and connecting to the VPN Server, I get the following error: Sat Mar 06 19:43:08 2010 us=127000 NOTE: failed to obtain options consistency info from peer -- this could occur if the remote peer is running a version of OpenVPN before 1.5-beta8 or if there is a network connectivity problem, and will not necessarily prevent OpenVPN from running (0 bytes received from peer, 0 bytes authenticated data channel traffic) -- you can disable the options consistency check with --disable-occ. I am using Archlinux and installed openvpn with Pacman. I want to acheive the following: Connect to the VPN Server, being able to route certain made up hosts through it. Is this possible? openvpn --version gives me the following openvpn --version OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Jan 31 2010 Originally developed by James Yonan Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <[email protected]> Suggestions?

    Read the article

  • OpenVPN Problems, connecting with Windows OpenVPC client to Linux OpenVPN

    - by Filip Ekberg
    After following this guide and connecting to the VPN Server, I get the following error: Sat Mar 06 19:43:08 2010 us=127000 NOTE: failed to obtain options consistency info from peer -- this could occur if the remote peer is running a version of OpenVPN before 1.5-beta8 or if there is a network connectivity problem, and will not necessarily prevent OpenVPN from running (0 bytes received from peer, 0 bytes authenticated data channel traffic) -- you can disable the options consistency check with --disable-occ. I am using Archlinux and installed openvpn with Pacman. I want to acheive the following: Connect to the VPN Server, being able to route certain made up hosts through it. Is this possible? openvpn --version gives me the following openvpn --version OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Jan 31 2010 Originally developed by James Yonan Copyright (C) 2002-2009 OpenVPN Technologies, Inc. <[email protected]> Suggestions?

    Read the article

  • Server with IIS and Apache - how to SSL encrypt Apache with IIS

    - by GAThrawn
    I have a Windows Server 2003 box already setup and working with IIS 6. IIS is set to serve a site out over both HTTP and HTTPS connections using default ports. For various reasons I need to set Apache up on the same server and it needs to serve its pages to end-users as SSL encrypted HTTPS pages. Neither IIS or Apache are (or are ever likely to be) particularly high traffic or high usage. The way I see it there are two possible ways this could be done. Either export the SSL cert from IIS,set it up in Apache and get Apache to server the HTTPS connections itself over a non-default port. Or use IIS to proxy Apache in some way over it's existing SSL security. What is going to end up easiest to setup, configure, maintain and run? Which is going to work best? Has anyone done this sort of thing before? Any tips or things to look out for?

    Read the article

  • Started a Forum Board (with phpBB), but Now Rethinking Choice of Board App - Security

    - by nicorellius
    The main reason I even started participating on Superuser.com is because a friend ripped me a new one for using phpBB. He said, "check out StackExchange, they have their act together!" I did, and it's true. So now, after learning phpBB and implementing the board (it's still new and in its infancy), I feel slightly regretful. I would love to use the Stack Exchange tool, but the cost will eventually be the main deterrent. The attractive thing about phpBB is that it's free and open. However, I have heard that it lacks security. Has anyone had this experience, that phpBB is not secure, such that they changed board software? And, I wonder if Stack Exchange is going to introduce a cheaper option for low traffic users? Does this question belong on meta?

    Read the article

  • Using pfSense, OpenVPN Connects but Still Can't See the Network

    - by nicorellius
    I am having an OpenVPN issue. I have a pfSense box at home configured to allow traffic through a VPN tunnel. The client computer is Windows XP Home, behind a standard Comcast connection and a Netgear wireless router. I use OpenVPN to access my work network (from where I am trying to get out of in this post) from home (with an XP Pro machine behind pfSense), and this works fine. The client config is similar but has the changes specific to my setup... Here is my XP Home config: client dev tun proto tcp remote pfsense.*.org 1194 (starred out by me) resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server comp-lzo verb 3 When I launch the OpenVPN GUI, the Tunnel TAP network connection turns red, and I can right-click that to connect to the server. Everything seems to work fine until I browse for the actual network. The Tunnel TAP connection turns green and it says connected to 10.1.1.6 (I have tried different IP pools here too with no luck). I can see the internal network fine, but my home network behind pfSense is not there. I have tried browsing there by using Tools Map Network Drive, using the browser, with no success. When I open the command line on the client and use the ipconfig -all command, I get the following: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : TAP-Win32 Adapter V9 Physical Address. . . . . . . . . : *** (starred out by me) Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.1.1.6 Subnet Mask . . . . . . . . . . . : 255.255.255.252 Default Gateway . . . . . . . . . : DHCP Server . . . . . . . . . . . : 10.1.1.5 Lease Obtained. . . . . . . . . . : Monday, March 15, 2010 1:18:37 PM Lease Expires . . . . . . . . . . : Tuesday, March 15, 2011 1:18:37 PM I noticed that the default gateway is not present. Could this be my problem? I am still relatively new to firewalls, VPN, and network configuration so I'm sure I am messing up something simple. Oh yah, I should note that I have firewall rules configured for pfSense to allow traffic through the WAN and the LAN. At first there was just the WAN firewall rule, because that is what I got from the literature I was reading. I then created a LAN rule as well, but I'm not sure if this was correct. Neither way works, though. Screen shots below: Any help is much appreciated.

    Read the article

  • Managed hosting firewall vs managing own firewall

    - by ddawber
    I posted on stackoverflow as to the overall benefits of managed hosting vs non-managed hosting. The more I think about it, it seems to boil down to one question: should I use a managed host because they take care of the firewall, or would I be okay managing my own, software firewall? The sites on the box do get quite a lot of traffic but as for throughput and what-not, it's not something I know much about. Ideally, i'd take my sites over to a Linode stack and manage incoming connections using iptables or an alternative. Here are some example hardware solutions a managed host would provide: Cisco Pix 501, Pix 506, Pix 515 and ASA 5505 and ASA 5510 Firewalls, configurable in a control panel the likes of an enterprise firewall such as FortiGate 110C Aside from this, I do not need managed hosting, so I appreciate your suggestions.

    Read the article

  • Why isn't ICMP routing with iptables nat routing

    - by Scott Forsyth - MVP
    I'm using iptables on Ubuntu server to route a public IP to a private IP. I want to nat all traffic, including 80, 443 and ICMP. However, it appears that ICMP isn't routing. I have a steady ping going to the public IP and it never stops, even with NAT pointing to a bogus IP. Here are the rules that I'm using: iptables -t nat -I PREROUTING -d 206.72.119.76 -j DNAT --to-destination 10.240.5.5 iptables -t nat -I POSTROUTING -s 10.240.5.5 -j SNAT --to-source 206.72.119.76 I tried with rules for ICMP specifically, but no such luck: iptables -t nat -I PREROUTING -d 206.72.119.76 - icmp --icmp-type echo-request -j DNAT --to-destination 10.240.5.5 Any ideas?

    Read the article

  • Apache2 VirtualHost Configuration with SSL

    - by Peter
    Hello! I'm new here and I have a strange problem which needs to be solved. Previously I searched in the whole forum and I've read all of related questions but I didn't find solution to my question. We have two servers and a firewall computer. On the Server#1 there is an Apache 2.2 web server and it forwards the incoming traffic to the appropriate ports, to our subdomains by its virtual host configuration (Apache, Tomcat, IIS, Server#2 and so on). We recently bought an SSL certificate to protect one of our subdomain. I successfully installed and configured the certificate into the Apache and it works flawlessly within our local network. Our Kerio Winroute Firewall is configured to permit https traffic and it is translated to Server#1. But all of our subdomains are unavailable from outside (http & https too). Web browser shows "Failed to connect" message. Now, I enclose some parts from our httpd.conf and httpd-vhosts.conf file. httpd.conf ServerRoot "C:/Program Files/Apache Software Foundation/Apache2.2" Listen 80 ServerName dev.mydomain.hu:80 DocumentRoot "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs" LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_connect_module modules/mod_proxy_connect.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule ssl_module modules/mod_ssl.so Include conf/extra/httpd-vhosts.conf <IfModule ssl_module> SSLMutex default SSLRandomSeed startup builtin SSLRandomSeed connect builtin SSLSessionCache none </IfModule> httpd-vhosts.conf NameVirtualHost *:80 NameVirtualHost *:443 Listen 443 <VirtualHost *:80> DocumentRoot "C:/Program Files/Apache Software Foundation/Apache2.2/htdocs" ServerName localhost </VirtualHost> #-------EXCHANGE SERVER-------- <VirtualHost *:80> ServerName intra.mydomain.hu ProxyRequests Off ProxyVia On ProxyPass / http://myserver:8080/ ProxyPassReverse / http://myserver:8080/ <Proxy *:80> Order deny,allow Allow from all </Proxy> <Location /> Order allow,deny Allow from all </Location> ErrorLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/exchange.log" CustomLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/exchange_cust.log" common LogLevel info </VirtualHost> #--------FITNESSE SERVER------- <VirtualHost *:80> ServerName test.mydomain.hu ProxyRequests Off <Proxy *:80> Order deny,allow Allow from all </Proxy> ProxyPass / http://myserver:8004/ ProxyPassReverse / http://myserver:8004/ <Location /> AuthType Basic AuthName "FitNesse" AuthUserFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/password" AuthGroupFile "C:/Program Files/Apache Software Foundation/Apache2.2/auth/pwgroup" require group Users Order allow,deny Allow from all </Location> ErrorLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/fitnesse.log" CustomLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/fitnesse_cust.log" common LogLevel info </VirtualHost> #----WIKI SERVER-----(SSL)- <VirtualHost *:80 *:443> ServerName wiki.mydomain.hu ServerAlias wiki.mydomain.hu SSLEngine On SSLCertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/cert/certificate.cer" SSLCertificateKeyFile "C:/Program Files/Apache Software Foundation/Apache2.2/cert/wiki.itkodex.hu.key" ProxyRequests Off <Proxy *:80> Order deny,allow Allow from all </Proxy> ProxyPass / http://localhost:8000/ ProxyPassReverse / http://localhost:8000/ ErrorLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/wiki.log" CustomLog "c:/Program Files/Apache Software Foundation/Apache2.2/logs/wikicust.log" common LogLevel info </VirtualHost> Because this wiki is a JSPWIKI web application, runs on Apache Tomcat therefore there is no "DocumentRoot" parameter in the VirtualHost. Could anybody please help me, to solve this issue, or what should I modify in the configuration? Thanks in advance! Peter

    Read the article

  • Accessing Squid Proxy over internet

    - by user37074
    Hi, I recently finished installing Squid on a VPS I have in the US and its working fine locally (I verified by setting http_proxy variable and using lynx). I want to access this proxy over the internet (as an anonymizer) so that I can see how some ads show up for US traffic on my website. I have setup authentication so abuse is not a problem. However, I am not able to access the proxy over the internet. I have set the following rule in squid.conf http_access allow all Is this not possible to do what I want or I am missing something? The port 3128 is open in the firewall so that is not an issue. Squid is running on 0.0.0.0 Thanks

    Read the article

  • Accessing Squid Proxy over internet

    - by prateekdayal
    Hi, I recently finished installing Squid on a VPS I have in the US and its working fine locally (I verified by setting http_proxy variable and using lynx). I want to access this proxy over the internet (as an anonymizer) so that I can see how some ads show up for US traffic on my website. I have setup authentication so abuse is not a problem. However, I am not able to access the proxy over the internet. I have set the following rule in squid.conf http_access allow all Is this not possible to do what I want or I am missing something? The port 3128 is open in the firewall so that is not an issue. Squid is running on 0.0.0.0 Thanks Prateek

    Read the article

  • ESXi and Windows Server CPU parking

    - by Chris J
    For those that don't know, CPU parking is a feature in recent Windows Server releases that allows Windows to pretty much drop a CPU core to zero use, and having nothing use it. It's been introduced as a power-saving measure. There's more detail about it here, amongst other places. However what I'm curious about is whether this matter on a virtualised guest - or is CPU parking more of a hindrance than a help, given that the physical CPUs are managed by ESXi, not Windows, and that a parked CPU is less likely to deal with traffic unless the scheduler deems there's enough work to unpark the CPU? I've not found anything about this - I do suspect it will be very much based on a given workload, but I've not seen any discussion (unlike, say, whether hyper-threading has any effect, which seems to be discussed regularly). Whilst I do understand the "test with your workload" I was wondering if there was any advice/guidelines out there that I've missed.

    Read the article

  • WRT54G - how use port forwarding and VNC

    - by unknown (yahoo)
    Since I have my home network behind a WRT54G, the router has an external "real" IP address, and the PCs behind it have 192.168.xxx.xxx addresses. I would like to be able to control one of them remotely - preferably using UltraVNC, but I am open to suggestions. Since I can't directly address that PC from the internet, I figured I could address a port on my router and have the traffic forwarded to the PC (and the same in the reverse direction). Is that feasible? Can anyone tell me how to do it (or point me to an URL that does)? Thanks

    Read the article

  • Blocking yandex.ru bot

    - by Ross
    I want to block all request from yandex.ru search bot. It is very traffic intensive (2GB/day). I first blocked one C class IP range, but it seems this bot appear from different IP ranges. For example: spider31.yandex.ru - 77.88.26.27 spider79.yandex.ru - 95.108.155.251 etc.. I can put some deny in robots.txt but not sure if it respect this. I am thinking of blocking a list of IP ranges. Can somebody suggest some general solution.

    Read the article

  • asterisk/freeswitch in nat/no-nat setup

    - by pQd
    hi, my current setup - i use bunch of sip hard-phones around few offices. all devices have two sip accounts configured - one on internal sip proxy [for calls between the branches], another - at 3rd party voip providers [ since it's in different countries - those are different providers, but that's irrelevant ]. i was thinking about terminating sip calls on something like asterisk/freeswitch server and having all sip-devices log on just once to such server[s] - mostly to provide things like voicemail, groupcalls, redirections etc. it seems perfectly doable but there is one problem - i cannot find examples how to prepare for nat/no nat. for calls routed to from/to 3rd party voip operator - i'll need handling for nat/stun etc, but for handling of internal calls - i do not want any nat, all traffic should go via vpns to different branches. can you provide me some hints how to configure it? any tutorials? thanks!

    Read the article

  • Problems with wireless file copy - hangs during copy

    - by Eran Kampf
    I have this problem on my home network where when I try to copy files via wireless connection, at some point the copy fails and the machine doing the copy loses connection to the network. I'm pretty much lost as to figuring out the source for the problem... Some more details that might help: It's not OS related. I have Windows 7 machines and Leopard machines and this occurs on both I'm using a 3com OfficeConnect router Wired transfer works fine Other programs that require heavy wireless traffic work just fine:streaming large HD movies, Xbox Live! ... I'm lost as to how to even begin trying to diagnose the problem so any tips are welcome...

    Read the article

  • Need help diagnosing network performance issues

    - by tokes
    I am currently working in a developing country as a system analyst for a government department. My area of expertise is software projects, but I've come across a few issues with the network setup in my office. (Unfortunately, being a developing country, there's not a lot of professional help available for this sort of thing.) Most recently, I am trying to diagnose a problem with slowness on the network. Our office is connected to the internet via an ADSL wireless modem/router (called Router). The modem is connected via ethernet to a switch (called Switch). The modem also acts as a wireless access point (called Wireless1), though because it is in a room at the end of the floor, it's range is limited. There are ethernet ports installed around the office. The cables of these all lead back to the same switch. In closer vicinity to the bulk of the client computers, there is another wireless router that acts as an access point for those clients (called Wireless2). That router is connected via ethernet to a wall port, and therefore to Switch. There is also a Windows server which acts as a DNS server (called DNSBox) which is located in the same room and is connected directly to Switch. ---Internet----------| Router/Wireless1 192.168.10.1 ---------------| |----|=========| DNSBox | |-------------------- 192.168.10.4 --------------------| Switch |---Other clients---- | |-------------------- |----|=========| Wireless2 ------------------| 192.168.10.198 One final thing to mention about the network setup. All clients are configured with manual IP addresses. Their router/gateway is set to the IP address of Router, and their DNS server is set to the IP address of DNSBox (with a secondary IP set to an external IP - that of our ISP's DNS server). Here are the symptoms we are experiencing: Clients connected to Wireless2 AP experience slow and unstable connections to the internet. (Slow here is defined as speeds of ~1KB/s, though ping response times seem to be as normal.) Clients connected via ethernet to Switch also experience the same slowness. Clients connected to Wireless1 AP (i.e. connecting via wireless directly to the ADSL modem) experience normal connections to the internet. Clients connected via ethernet to Router (i.e. connecting via ethernet directly to the ADSL modem) also experience normal connections to the internet. I also tried to gauge the connection performance between two machines on the network via ethernet: A file transfer between two clients who were both directly connected to Switch was the fastest; A file transfer between one client directly connected to Switch, and one client directly connected to Router (which is directly connected to Switch) performed much slower; A file transfer between two clients directly connected to Router also performed slowly. Things I have attempted to diagnose the problem: Restarted Switch -- no change. We tried unplugging ethernet jacks from Switch 4 at a time and testing the internet connection. The thought here was that perhaps a client on the network has contracted a virus, and is possibly spamming the network with traffic? (Not very technical, I know.) Unfortunately we couldn't get any significant increases in performance using this method. There were a couple of times when it seemed to be better, but then the connection speed quickly dropped back to slow/dead pace. I didn't want to unplug all jacks from Switch because I was concerned that users might be affected or that I would re-plug in the jacks incorrectly (should I even be worried about that? a port is a port on a switch, right?) I tried swapping the ethernet cable used to connect Router to Switch -- no change in performance. I tried swapping the port used on Switch for Router -- no change in performance. Anyone got any ideas on what this could be? Should I be mentioning specific brand names/models of the hardware used? Virii outbreaks are common in this country/office -- what could I be doing to figure out if a virus is at fault? If it is a virus, it doesn't seem to be generating a lot of traffic to/from the internet, because a) I can still get a good speed if I am directly connected to Router / Wireless1 and b) our ISP data usage has not risen suspiciously. Thanks for your help! Update #1 Here are the specs of some of the hardware: Switch is an Edimax ES3132RL 32-Port 10/100 Rackmount Switch Router is a D-Link DSL-G604T Update #2 I just tried unplugging everything except a laptop and Router from Switch. Speeds are still slow. I guess that means that Router / Switch are not being flooded? It seems more and more likely that the cause is something to do with the interaction between Router and Switch. However, I still can't find any useful resources on setting the LAN speed for either (and I'm not well-versed in these advanced networking configurations).

    Read the article

  • dynamic routing between openvpn tunnels

    - by pQd
    i'm thinking about using dynamic routing [ OSPF or RIP ] via OpenVPN tunnels. right now i have few offices connected in full mesh, but this is not scalable solution as we add more locations. i would like to avoid situation when plenty of internal traffic is affected if one of two vpn termination points that i plan to use is down. do you have similar configuration working in production? if so - what routing daemon did you use - quagga? something else? did you encounter any problems? thanks!

    Read the article

  • Bridging with aliased Ethernet card for Virtualizing with single Ethernet card

    - by user113505
    We are having a server with good CPU and RAM,so we are planning to do XEN virtualization on ubuntu 12.04 server to handle high traffic. The plan is to keep the host machine only to manage VMs(no NAT ing). A New public IP will be assigned to that VM,For that i think we need a Bridge to external network(Since my Machine has only single ethernet card aliased with 4 different Pub IP's) Is it possible to create a bridge using aliased IP single ethernet card aliased to 4 pub IPs Do we need an additional Ethernet card to do Bridging.Only have ssh access to the machine. Any suggestions will be appreciated.

    Read the article

  • Open vSwitch and Xen Private Networks

    - by Joe
    I've read about the possibilities of using Open vSwitch with Xen to route traffic between domUs on multiple physical hosts. I'd like to be able to group the multiple domUs I have spread out across multiple physical hosts into a number of private networks. However, I've found no documentation on how to integrate Open vSwitch with Xen (rather than XenServer) and am unsure how I should go about doing so and then creating the private networks described. As you might have gathered then - from research I think Open vSwitch can do what I need it to, but I just can't find anything giving me a push in the right direction of how to actually use it to do so! This may well be because Open vSwitch is quite new (version 1.0 released on May 17). Any pointers in the right direction would be much appreciated!

    Read the article

  • What's a good, affortable router that will not give me problems when downloading torrents?

    - by Lirik
    I found several routers on newegg and they're in the $50-60 range, but I'm not sure if they'll handle the number of connections that are created when downloading torrents (100-300 seeds and around 50 peers). My roommate watches netflix movies, my brother and I download torrents, so my NETGEAR router ends up choking on the traffic and I have to restart it quite frequently. I've already posted a couple of questions on the topic and I've come to the conclusion that I need a new router. What are some routers that I should consider (my budget is in the $50 range)?

    Read the article

  • Migrating from DD-WRT to Tomato

    - by Collin Allen
    Is it possible to switch to the latest version of Tomato on a router that's already running DD-WRT? Using the default Linksys firmware on my WRT54GL v1.1, I had to upload a micro version of DD-WRT first. I imagine that, since I'm now running third-party firmware, I won't have to do that again to make the switch, but I thought I should check so as not to brick it. This router is taking a back seat to a new AirPort Extreme (for the 'n' capability), but I still want to have the soon-to-be-Tomato device sit between the AirPort Extreme and my modem for the superior traffic graphing.

    Read the article

  • SquidGuard and Active Directory groups

    - by Massimo
    I'm configuring a Linux proxy with Squid and SquidGuard to filter Internet traffic. I know how to authenticate users against Active Directory in Squid, and then how to filter access for users using SquidGuard. The question: how to use Active Directory groups in SquidGuard instead of plain user names? My goal is to be able to configure rules like "members of this group can go anywhere" or "members of this group can only visit certain sites". I know SquidGuard can't manage group membership directly, but it can do LDAP searches on its own; but the syntax to look up wheter a user is member of a given group seems to be quite cryptic, and I couldn't find any good documentation around.

    Read the article

  • Redirect as a backup trick? w/o modifying DNS?

    - by acidzombie24
    I specifically looked up how to do something like this ( Can you set a backup ip for your server in DNS? ) and the answer basically was you can't. If i say specify 2 ip addresses could i somehow use a HTTP response header to ignore it temporary (say 5mins) and go to the other IP address? Or maybe i can play dead however i'm unsure how to play dead using nginx. I then would like to be available after my box notice the other box is down and be some kind of readonly server. I'm sure something like this has been implemented i am just wondering how i might implement it with 2 boxes. I'm sure it isn't very difficult? How might i redirect traffic from a backup box to my main server without modifying the DNS?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 114 115 116 117 118 119 120 121 122 123 124 125  | Next Page >