Search Results

Search found 6525 results on 261 pages for 'restful authentication'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 119/261 | < Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >

  • HTTP 401 Challenge and HTTP 302 Login/Redirect won't work together in IIS7

    - by RandomBen
    I am developing a website using .NET 3.5 that allow users to visit the site and create logins using the standard Microsoft login controls. However, users do not need to login to do general things like view products. Now I need to setup the site so some of our Traveling Sales people are able to access it but not allow anyone else to access it. The easiest way I know how to do this is to turn on Windows Authentication for the Site in IIS7. When I do that I get all sorts of errors due to also having Forms Authentication turned on. If I turn Forms Auth then I get a different kind of error. Does anyone know how to make Forms Auth and Windows Auth play nice on a single site in IIS7 or some other way to create a required login without having me kill Forms Auth?

    Read the article

  • best practice for boolean REST results

    - by Andrew Patterson
    I have a resource /system/resource And I wish to ask the system a boolean question about the resource that can't be answered by processing on the client (i.e I can't just GET the resource and look through the actual resource data - it requires some processing on the backend using data not available to the client). eg /system/resource/related/otherresourcename I want this is either return true or false. Does anyone have any best practice examples for this type of interaction? Possibilities that come to my mind: use of HTTP status code, no returned body (smells wrong) return plain text string (True, False, 1, 0) - Not sure what string values are appropriate to use, and furthermore this seems to be ignoring the Accept media type and always returning plain text come up with a boolean object for each of my support media types and return the appropriate type (a JSON document with a single boolean result, an XML document with a single boolean field). However this seems unwieldy. I don't particularly want to get into a long discussion about the true meaning of a RESTful system etc - I have used the word REST in the title because it best expresses the general flavour of system I am designing (even if perhaps I am tending more towards RPC over the web rather than true REST). However, if someone has some thoughts on how a true RESTful system avoids this problem entirely I would be happy to hear them.

    Read the article

  • How to change 802.1x settings for Wireless in Windows XP SP3?

    - by mspoerr
    Hello, I want to configure EAP-TLS with Machine Authentication ONLY for a wireless network. The supplicant is the bulit-in supplicant in Windows XP SP3. I found the following document: http://support.microsoft.com/kb/929847 - How to enable computer-only authentication for a 802.1X-based network in Windows Vista, in Windows Server 2008, and in Windows XP Service Pack 3 But unforunately the needed command "netsh wlan" is not available in Windows XP - "Note Windows XP SP3 and earlier versions of Windows XP do not support the netsh wlan command." How can I change the settings without the "netsh wlan" command? Thanks, mspoerr

    Read the article

  • How do we keep Active Directory resilient across multiple sites?

    - by Alistair Bell
    I handle much of the IT for a company of around 100 people, spread across about five sites worldwide. We're using Active Directory for authentication, mostly served to Linux (CentOS 5) systems via LDAP. We've been suffering through a spate of events where the IP tunnel between the two major sites goes down and the secondary domain controller at one site can't contact the primary domain controller at the other. It seems that the secondary domain controller starts denying user authentication within minutes of losing connectivity to the primary. How do we make the secondary domain controller more resilient to downtime? Is there a way for it to cache the entire directory and/or at least keep enough information locally to survive a multi-hour disconnection? (We're all in a single organizational unit if that makes any difference.) (The servers here are Windows Server 2003; don't assume that we set this up correctly. I'm a software engineer, not an IT specialist.)

    Read the article

  • getUserPrincipal() in JCIFS / Lan-Manager authentitation level setting in Windows 2k8

    - by Chris
    I have to find out in which exact format JCIFS stores the user principal in the "getUserPrincipal()" property. Therefor i created a test Environment like this: Windows Server 2008 Domain Controller Domain named "MYDOMAIN" Many Testusers in Active Directory Tomcat Application Server with my Web Application (which simply reads the user Principal and displays its values). The user should be logged in to the web-application with SSO therefor i need the format that jcifs is using to store the user. (For example user@MYDOMAIN or MYDOMAIN\user...) I tested the Authentication with other SSO frameworks with Kerberos Method and it works as expected. I'm now trying to use SSO through the NTLMHttpFilter of JCIFS. When i try to login i get the following error message: jcifs.smb.SmbException: The parameter is incorrect. jcifs.smb.SmbTransport.checkStatus(SmbTransport.java:541) jcifs.smb.SmbTransport.send(SmbTransport.java:641) jcifs.smb.SmbSession.sessionSetup(SmbSession.java:322) jcifs.smb.SmbSession.send(SmbSession.java:224) jcifs.smb.SmbTree.treeConnect(SmbTree.java:176) jcifs.smb.SmbSession.logon(SmbSession.java:153) jcifs.smb.SmbSession.logon(SmbSession.java:146) jcifs.http.NtlmHttpFilter.negotiate(NtlmHttpFilter.java:189) jcifs.http.NtlmHttpFilter.doFilter(NtlmHttpFilter.java:121) Regarding to the documentation i'm using to configure this, this is a know issue with the Group policy. It is stated there, that i have to change the Group policy "Networkaccess: lan-manager authentication level" to respond to NTLMv1 request. I have done this, but it's still not working. So what i also have to configure is the same policy on the client computer. I have to change the policy, so that the client computer sends NTLMv1. But it is always sending NTLMv2 tokens. The problem now is that i'm somehow not able to change this setting. (I already was before) because the dropdown box to choose the authentication method is "greyed out". edit: just to make this clear, this dialog is on the client-side in the "local-security policies" As you can see from this screenshot, the chosen method is "Only send NTLMv2 responses" which is the wrong setting and i'm pretty sure that this is causing the error above. My question is now, why can't i change this setting? Why is it greyd out?

    Read the article

  • Apache Reverse Proxy server and SSL NTLM SharePoint

    - by user50211
    Hi, I'm trying to set Apache as proxy server to an internal SharePoint server. I have previously configured Apache to run as a proxy server to export internal webpages and web applications. However, the Sharepoint is using SSL and NTLM authentication, and this is new to me :( I have tried many options, the traffic seems to be forwared as I get the authentication popup window, but when I insert the user/pass, I get back to the same popup window. Anybody has configured Apache to do so? Here is a part of my httpd.conf: <VirtualHost *:443> ServerName repository.out.com SSLProxyEngine On RequestHeader set Front-End-Https "On" ProxyRequests Off ProxyPreserveHost On ProxyPass / https://sharepoint.in.com ProxyPassReverse / https://sharepoint.in.com CacheDisable * SetEnv force-proxy-request-1.0 1 SetEnv proxy-nokeepalive 1 ErrorLog logs/jlanza_log CustomLog logs/jlanza_log common </VirtualHost>

    Read the article

  • Cisco login on-failure using syslog doesn't show username on failure?

    - by Jim
    interesting issue I am running into. I am trying to get syslog rmeote logging working with a Cisco switch. i have it working and logging for both on-success and on-failure. However when it is a failed login attempt it does not show the user name that tried to log in in the logs? Here is what the log looks like after a failed login: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: ] [Source: 10.0. 0.6] [localport: 23] [Reason: Login Authentication Failed] Here is what I ahve in the sh run: login block-for 60 attempts 3 within 60 login delay 1 login on-failure log login on-success log archive log config logging enable notify syslog contenttype plaintext logging trap notifications logging facility local4 logging 10.0.0.8 aaa new-model aaa authentication login default local group tacacs+ aaa authorization config-commands aaa authorization exec default local group tacacs+

    Read the article

  • Cisco ASA 5505 - L2TP over IPsec

    - by xraminx
    I have followed this document on cisco site to set up the L2TP over IPsec connection. When I try to establish a VPN to ASA 5505 from my Windows XP, after I click on "connect" button, the "Connecting ...." dialog box appears and after a while I get this error message: Error 800: Unable to establish VPN connection. The VPN server may be unreachable, or security parameters may not be configured properly for this connection. ASA version 7.2(4) ASDM version 5.2(4) Windows XP SP3 Windows XP and ASA 5505 are on the same LAN for test purposes. Edit 1: There are two VLANs defined on the cisco device (the standard setup on cisco ASA5505). - port 0 is on VLAN2, outside; - and ports 1 to 7 on VLAN1, inside. I run a cable from my linksys home router (10.50.10.1) to the cisco ASA5505 router on port 0 (outside). Port 0 have IP 192.168.1.1 used internally by cisco and I have also assigned the external IP 10.50.10.206 to port 0 (outside). I run a cable from Windows XP to Cisco router on port 1 (inside). Port 1 is assigned an IP from Cisco router 192.168.1.2. The Windows XP is also connected to my linksys home router via wireless (10.50.10.141). Edit 2: When I try to establish vpn, the Cisco device real time Log viewer shows 7 entries like this: Severity:5 Date:Sep 15 2009 Time: 14:51:29 SyslogID: 713904 Destination IP = 10.50.10.141, Decription: No crypto map bound to interface... dropping pkt Edit 3: This is the setup on the router right now. Result of the command: "show run" : Saved : ASA Version 7.2(4) ! hostname ciscoasa domain-name default.domain.invalid enable password HGFHGFGHFHGHGFHGF encrypted passwd NMMNMNMNMNMNMN encrypted names name 192.168.1.200 WebServer1 name 10.50.10.206 external-ip-address ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address external-ip-address 255.0.0.0 ! interface Vlan3 no nameif security-level 50 no ip address ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive dns server-group DefaultDNS domain-name default.domain.invalid object-group service l2tp udp port-object eq 1701 access-list outside_access_in remark Allow incoming tcp/http access-list outside_access_in extended permit tcp any host WebServer1 eq www access-list outside_access_in extended permit udp any any eq 1701 access-list inside_nat0_outbound extended permit ip any 192.168.1.208 255.255.255.240 access-list inside_cryptomap_1 extended permit ip interface outside interface inside pager lines 24 logging enable logging asdm informational mtu inside 1500 mtu outside 1500 ip local pool PPTP-VPN 192.168.1.210-192.168.1.220 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-524.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) tcp interface www WebServer1 www netmask 255.255.255.255 access-group outside_access_in in interface outside timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute http server enable http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport crypto ipsec transform-set TRANS_ESP_3DES_MD5 esp-3des esp-md5-hmac crypto ipsec transform-set TRANS_ESP_3DES_MD5 mode transport crypto map outside_map 1 match address inside_cryptomap_1 crypto map outside_map 1 set transform-set TRANS_ESP_3DES_MD5 crypto map outside_map interface inside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash md5 group 2 lifetime 86400 telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd auto_config outside ! dhcpd address 192.168.1.2-192.168.1.33 inside dhcpd enable inside ! group-policy DefaultRAGroup internal group-policy DefaultRAGroup attributes dns-server value 192.168.1.1 vpn-tunnel-protocol IPSec l2tp-ipsec username myusername password FGHFGHFHGFHGFGFHF nt-encrypted tunnel-group DefaultRAGroup general-attributes address-pool PPTP-VPN default-group-policy DefaultRAGroup tunnel-group DefaultRAGroup ipsec-attributes pre-shared-key * tunnel-group DefaultRAGroup ppp-attributes no authentication chap authentication ms-chap-v2 ! ! prompt hostname context Cryptochecksum:a9331e84064f27e6220a8667bf5076c1 : end

    Read the article

  • Set up proxy for vpn server on ubuntu server 12.4

    - by Morteza Soltanabadiyan
    I have a vpn server with HTTPS, L2TP, OPENVPN, and PPTP. I want to set up a proxy on the server, so all connection that comes from vpn clients, they will use that. I created the following bash script file for it, but the proxy isn't working. gsettings set org.gnome.system.proxy mode 'manual' gsettings set org.gnome.system.proxy.http enabled true gsettings set org.gnome.system.proxy.http host 'cproxy.anadolu.edu.tr' gsettings set org.gnome.system.proxy.http port 8080 gsettings set org.gnome.system.proxy.http authentication-user 'admin' gsettings set org.gnome.system.proxy.http authentication-password 'admin' gsettings set org.gnome.system.proxy use-same-proxy true export http_proxy=http://admin:[email protected]:8080 export https_proxy=http://admin:[email protected]:8080 export HTTP_PROXY=http://admin:[email protected]:8080 export HTTPS_PROXY=http://admin:[email protected]:8080 What to do to make a global proxy for server and all vpn clients to use it automatically?

    Read the article

  • Database/Web Server and SQL Server Setup - Security?

    - by Jess
    This seems really basic, but I couldn't find an answer already ... we are looking to deploy a website to an IIS server, and a database to a separate server. We aren't sure how to best secure this for access by internal users and internet. The IIS Server is not connected to the domain, and neither is the database at the moment. Should it be? Also, if we use SQL Server authentication instead of Windows Authentication, should we just hard-code the user/password into our internal apps?

    Read the article

  • How to deploy SQL Server 2005 Reporting Services on a network without a domain server?

    - by ti
    I have a small Windows network (~30 machines) and I need to deploy SQL Server 2005 Reporting Services. Because I use SQL Server Standard Edition and not Enterprise, I am forced to use Windows Authentication to the users. I am a Linux admin, and have near zero knowledge on Active Directory. As deep as my shallow knowledge goes, I think that I would need to invest in a domain server, a mirrored backup of that domain server. I think that I need to change every computer to use this domain too, and if the domain server goes down, every computer will be unavailable. Is there a easier way to deploy Windows Authentication so that users can access Reporting Services from their computers without changing the infra-structure that much? Thanks!

    Read the article

  • CREDSSP 500 errors

    - by Andy Milsark
    Hello all, We are experience a 500 http error when trying to run remote powershell on a win 2008 R2 server. I have run enable-wsmancredssp for both client and server roles on this machine. I have also run "winrm quickconfig". Also the allowfreshcredentials delegation group policy is setup correctly as well. There are active listeners running and credssp is enabled for client and service. I can connect with kerberos (by not specifing authentication type), but the following remote powershell command fails: Enter-PSSession -ComputerName serverX -credential domain\user -Authentication Credssp Error: Enter-PSSession : Connecting to remote server failed with the following error message : The WinRM client received an HTTP server error status (500), but the remote service did not include any other information about the cause of the failure. For more information, see the about_Remote_Troubleshooting Help topic. At line:1 char:16 I have not been able to find any useful information on how to troubleshoot this. I have restarted Winrm, rebooted, disabled and re-enabled credssp. Please help.

    Read the article

  • DokuWiki Segmentation Fault On Radius Auth

    - by mrduclaw
    I'm running x64 Ubuntu 12.04. I did a simple apt-get install dokuwiki to install DokuWiki. And I'm trying to follow the directions located here: http://www.dokuwiki.org/auth:radius to get Radius authentication working. Things seemed to install OK. Under Configuration Manager I selected Authentication backend to be "Radius" and filled in the Radius details at the bottom. Now, however, whenever I try to log into the Wiki, my browser gives me the following error: No data received I checked /var/log/apache2/error.log and see this: [Tue Jul 10 22:22:14 2012] [notice] child pid 5270 exit signal Segmentation fault (11) I'm fairly sure the Radius server is setup correctly as it correctly authenticates with my squid proxy and other stuff on the network. But this is about the extent of my Linux troubleshooting skills. Can anyone suggest steps for me to follow to help track down what's causing apache2 to segfault short of attaching with gdb and issuing a set follow-fork-mode? I'm also open to just hearing suggestions for simila

    Read the article

  • How to integrate Windows Server 2008 R2's NPS with Cisco switches?

    - by Massimo
    I need to evaluate in a lab environment the use of Windows Server 2008 R2's NPS for 802.1x authentication with Cisco Catalyst 3750 switches; the general idea is to only let clients connect to the company network if they can provide valid domain logon credentials, placing them in a restricted VLAN instead if they can't. NAP would also be a bonus, but it can be evaluated later; the main point now is only 802.1x authentication. Although I have very good knowledge of Windows and Active Directory (on the Microsoft side) and quite good knowledge of Catalyst switches (on the Cisco side), I'm totally new to 802.1x; I'd really like some general guidelines and help here, and some sort of implementation guide would also be very useful.

    Read the article

  • set proxy for vpn server on ubuntu server 12.4

    - by Morteza Soltanabadiyan
    I have a vpn server with HTTPS, L2TP , OPENVPN , PPTP. i want to set proxy in the server so all connection that comes from vpn clients use the proxy that i set in my server. I made a bash script file for it , but proxy not working. gsettings set org.gnome.system.proxy mode 'manual' gsettings set org.gnome.system.proxy.http enabled true gsettings set org.gnome.system.proxy.http host 'cproxy.anadolu.edu.tr' gsettings set org.gnome.system.proxy.http port 8080 gsettings set org.gnome.system.proxy.http authentication-user 'admin' gsettings set org.gnome.system.proxy.http authentication-password 'admin' gsettings set org.gnome.system.proxy use-same-proxy true export http_proxy=http://admin:[email protected]:8080 export https_proxy=http://admin:[email protected]:8080 export HTTP_PROXY=http://admin:[email protected]:8080 export HTTPS_PROXY=http://admin:[email protected]:8080 Now , i dont know what to do to make a global proxy for server and all vpn clients use it automatically.

    Read the article

  • Having problems with connecting to/seeing the local SQL server with Microsoft SQL Server Management Studio

    - by Hans-Henrik
    I'm having some difficulties when I'm trying to connect to my local SQL Server. I'm pretty sure the server is running (many of the other topics on this subject suggests that the services might not be running, so I kinda looked into it, but they do seem to be running). But when I try to access it through Microsoft SQL Server Management Studio it doesn't seem to be able to find them. Server type: Database Engine Server name: ILIZANESQL* - I'm trying to "browse for more..." to find my server, but it doesn't show up Authentication: Windows Authentication

    Read the article

  • Why would you use EAP-TTLS instead of PEAP?

    - by Ivan Macek
    As I understood EAP-TTLS and PEAP share same level of security when implemented in wireless networks. Both only provide server side authentication via certificate. The drawback of EAP-TTLS can be non native support in Microsoft Windows so every user has to install additional software. The benefit of EAP-TTLS can be support for less secure authentication mechanisms (PAP, CHAP, MS-CHAP) but why would you need them in modern and properly secure wireless system? What are you opinions? Why should I implement EAP-TTLS instead of PEAP? Let's say that I have most Windows users, medium Linux users and least iOS, OSX users.

    Read the article

  • SSH broken after homedir permissions and hostname change on EC2-hosted Ubuntu

    - by dimadima
    I changed my instance's hostname using the hostname utility and then set it in /etc/hostname so that the new name survives reboot. My main motivation was for differentiating between instances at the prompt using the \h format in PS1. EDIT I also changed permissions on my home directory. I made my home directory group writeable. Now I can no longer SSH into the machine. The short of it is the error Permission denied (publickey). Running ssh -v, the more verbose output is: debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /Users/dmitry/.ssh/id_rsa debug1: Authentications that can continue: publickey debug1: Trying private key: /Users/dmitry/.ssh/ec2key.pem debug1: read PEM private key done: type RSA debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey). Should I have done something after changing the hostname? Now I can't get into the instance! :(

    Read the article

  • Switches with 802.1x "supplicant timeout" feature?

    - by chris
    I'm looking for a complete list of switches which will allow 802.1x and normal (non-supplicant) enabled hosts to connect to the same ports on a switch. This is useful for areas where there are semi-open ports such as a lobby area or a library where corporate and guest users may use the same ports but you want them to have different access profiles and where it isn't expected that guests would have 802.1x configured on their system. For instance, Enterasys and Extreme Networks both have a feature where if the switch doesn't see an EAPOL packet from the client in a certain amount of time, it puts the port into a "guest" VLAN; if it sees an 802.1x supplicant, it tries to authenticate the user via 802.1x and if they succeed, it does what the radius server tells it to do with that port (IE put the port into a certain VLAN, apply certain ACLs, etc) Do other vendors have this sort of feature, or is it expected that a switch will do both 802.1x and MAC authentication, and the "supplicant timeout" feature is implemented with a blanket allow on the MAC authentication?

    Read the article

  • configure Heartbeat on Centos Linux - error message

    - by Elad Dotan
    I installed Heartbeat on my Centos Linux and it seems to partially work..but I'm trying to monitor a service with no success. only when I reboot the main server the backup server takes over. in the logs I get : heartbeat[30476]: 2012/03/20_18:51:57 WARN: string2msg_ll: node [node1] failed authentication heartbeat[30476]: 2012/03/20_18:51:58 WARN: string2msg_ll: node [node02] failed authentication the authkeys is identical (copied from one to another). this is my ha.cf: logfile /var/log/ha-log logfacility local0 keepalive 2 deadtime 30 initdead 120 bcast eth0 udpport 694 auto_failback on node server01.com node server02.com haresources : server01.com 38.108.117.3 aim chat any idea how to fix the problem so if a service stops the other server take over Thanks! E.

    Read the article

  • Unable to PPTP through NAT on Cisco 881

    - by MasterRoot24
    I'm trying to connect to a PPTP server which is sat behind a Cisco 881 NAT router. The server is running Ubuntu Server 12.04 and is running Poptop pptpd as the PPTP daemon listening for connections. As discussed in my other question, I'm trying to setup a Cisco 881 router to replace my old Linksys WAG320N. This same server and WAN connection worked fine with the WAG320N with no special configuration, other than allowing 1723 in through the firewall. On the Cisco 881, I'm using the newer ip nat enable or NAT NVI to setup static routes in through the firewall for the services running behind the router. My reason being that I can't run another copy of my live DNS domains internally with local IP addresses in. For the purposes of this question, though, I have rebuilt the router with ip nat inside/outside style NAT'ing, but this issue is still apparent. HTTP/SMTP/IMAP etc. all work ok from both the WAN and LAN interfaces of the router. I'm only having issues with SIP (see other question) and PPTP. My issue is that the GRE doesn't appear to be passing through NAT correctly and one end of the connection is not receiving GRE traffic when it should be, so the server hangs up the connection. Here's an example of /var/log/syslog with debug enabled in /etc/pptpd.conf: Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: MGR: Launching /usr/sbin/pptpctrl to handle client Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: local address = 192.168.1.50 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: remote address = 192.168.1.51 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: pppd options file = /etc/ppp/pptpd-options Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Client 82.132.248.216 control connection started Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Received PPTP Control Message (type: 1) Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Made a START CTRL CONN RPLY packet Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: I wrote 156 bytes to the client. Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Sent packet to client Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Received PPTP Control Message (type: 7) Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Set parameters to 100000000 maxbps, 64 window size Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Made a OUT CALL RPLY packet Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Starting call (launching pppd, opening GRE) Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: pty_fd = 6 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: tty_fd = 7 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: I wrote 32 bytes to the client. Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: CTRL: Sent packet to client Dec 11 21:06:30 <HOSTNAME> pptpd[22627]: CTRL (PPPD Launcher): program binary = /usr/sbin/pppd Dec 11 21:06:30 <HOSTNAME> pptpd[22627]: CTRL (PPPD Launcher): local address = 192.168.1.50 Dec 11 21:06:30 <HOSTNAME> pptpd[22627]: CTRL (PPPD Launcher): remote address = 192.168.1.51 Dec 11 21:06:30 <HOSTNAME> pppd[22627]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded. Dec 11 21:06:30 <HOSTNAME> pppd[22627]: pppd 2.4.5 started by root, uid 0 Dec 11 21:06:30 <HOSTNAME> pppd[22627]: Using interface ppp0 Dec 11 21:06:30 <HOSTNAME> pppd[22627]: Connect: ppp0 <--> /dev/pts/3 Dec 11 21:06:30 <HOSTNAME> pptpd[22626]: GRE: Bad checksum from pppd. Dec 11 21:06:31 <HOSTNAME> pptpd[22626]: CTRL: Received PPTP Control Message (type: 15) Dec 11 21:06:31 <HOSTNAME> pptpd[22626]: CTRL: Got a SET LINK INFO packet with standard ACCMs Dec 11 21:07:00 <HOSTNAME> pppd[22627]: LCP: timeout sending Config-Requests Dec 11 21:07:00 <HOSTNAME> pppd[22627]: Connection terminated. Dec 11 21:07:00 <HOSTNAME> avahi-daemon[1042]: Withdrawing workstation service for ppp0. Dec 11 21:07:00 <HOSTNAME> pppd[22627]: Modem hangup Dec 11 21:07:00 <HOSTNAME> pppd[22627]: Exit. Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: GRE: read(fd=6,buffer=6075a0,len=8196) from PTY failed: status = -1 error = Input/output error, usually caused by unexpected termination of pppd, check option syntax and pppd logs Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: CTRL: PTY read or GRE write failed (pty,gre)=(6,7) Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: CTRL: Reaping child PPP[22627] Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: CTRL: Client 82.132.248.216 control connection finished Dec 11 21:07:00 <HOSTNAME> pptpd[22626]: CTRL: Exiting now Dec 11 21:07:00 <HOSTNAME> pptpd[5803]: MGR: Reaped child 22626 As far as Cisco are concerned, all I need is ip nat source static tcp <SERVER LAN IP> 1723 interface FastEthernet4 1723 but of course this doesn't seem to the be helping the GRE traffic through as it should. Trying the connection to the LAN IP of the server from the same LAN as the server (behind the router), the PPTP connection works fine, so I'm confident that the server's config is ok. Furthermore, all I needed on my WAG320N was to open 1723 in the firewall. Here's my current router config: ! ! Last configuration change at 20:20:15 UTC Tue Dec 11 2012 by xxx version 15.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption ! hostname xxx ! boot-start-marker boot-end-marker ! ! enable secret 4 xxxx ! aaa new-model ! ! aaa authentication login local_auth local ! ! ! ! ! aaa session-id common ! memory-size iomem 10 ! crypto pki trustpoint TP-self-signed-xxx enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-xxx revocation-check none rsakeypair TP-self-signed-xxx ! ! crypto pki certificate chain TP-self-signed-xxx certificate self-signed 01 xxx quit ip gratuitous-arps ip auth-proxy max-login-attempts 5 ip admission max-login-attempts 5 ! ! ! ! ! ip domain list dmz.xxx.local ip domain list xxx.local ip domain name dmz.xxx.local ip name-server 192.168.1.x ip cef login block-for 3 attempts 3 within 3 no ipv6 cef ! ! multilink bundle-name authenticated license udi pid CISCO881-SEC-K9 sn xxx ! ! username admin privilege 15 secret 4 xxx username joe secret 4 xxx ! ! ! ! ! ip ssh time-out 60 ! ! ! ! ! ! ! ! ! interface FastEthernet0 no ip address ! interface FastEthernet1 no ip address ! interface FastEthernet2 no ip address ! interface FastEthernet3 switchport access vlan 2 no ip address ! interface FastEthernet4 ip address dhcp ip nat enable duplex auto speed auto ! interface Vlan1 ip address 192.168.1.x 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip nat enable ! interface Vlan2 ip address 192.168.0.x 255.255.255.0 ! ip forward-protocol nd ip http server ip http access-class 1 ip http authentication local ip http secure-server ! ! ip nat source list 1 interface FastEthernet4 overload ip nat source list 2 interface FastEthernet4 overload ip nat source static tcp 192.168.1.x 1723 interface FastEthernet4 1723 ! ! access-list 1 permit 192.168.0.0 0.0.0.255 access-list 2 permit 192.168.1.0 0.0.0.255 ! ! ! ! control-plane ! ! banner motd Authorized Access only ! line con 0 exec-timeout 15 0 login authentication local_auth line aux 0 exec-timeout 15 0 login authentication local_auth line vty 0 4 access-class 2 in login authentication local_auth length 0 transport input all ! ! end UPDATE 16/12/2012: The only progress that I have been able to make on this issue is that I'm confident that the issue is caused by the GRE tunnels (which are required for the PPTP connection to complete) are being blocked. When attempting a connection, I can see in show ip nat nvi translations that both a TCP translation on 1723 is setup and also a GRE translation is setup also. I appear to be able to see GRE related packets on the LAN that the server is on, so I am lead to believe that the server is sending(?) GRE packets, however running Wireshark on a client PC when attempting a connection shows absolutely no GRE packets. Whilst there are no configuration directives in my config posted above (that I can pin point) which would specifically block them, it would appear that the GRE packets are not being allowed in/out of the router's firewall, even though a NAT translation entry is setup to the server's LAN address. Would anyone be able to provide me with some help to ensure that GRE packets are not blocked by the router's firewall, so that this can be ruled out as a possible issue please?

    Read the article

  • Ubuntu 10.04: unable to login after fresh install

    - by Richard
    Hello All, I,ve just installed a fresh copy of Ubunutu 10.04, downloaded a couple of days ago. The installation seemed to go fine. However I can't log in: the login screen just seems to reset and asks me for my password again. It's not an authentication / incorrect password issue. If I stick in a wrong password, I get "Authentication failure". I've googled around, others report the same issue on the Ubuntu forums, but there doesn't seem to be a fix. Does anyone know of a work around or what the problem is? Have 9.10, I might end up just installing that instead. THanks

    Read the article

  • Windows Server 2008: How to tell if a user is a 'local' use or a 'domain' user

    - by David
    I'm a developer, not a server admin, so please bear with me! I've been tasked with checking the installation of some software on a Windows Server 2008 R2 machine in the cloud, within two scenarios: There is no domain, the software will use local users and groups for authentication There is a domain, the software will use domain users and groups for authentication I've done part 1, but I'm puzzled about part 2. I've just installed the Active Directory Domain Services role on the server, so now I have a domain of one computer. When I look in Active Directory Users and Computers, I see all my original local users and groups. Have they now been 'promoted' to domain users? Or do I not have any domain users yet? Is there a way I can tell the difference between domain users and local users now? Thanks

    Read the article

  • Network Path not found while joining Active Directory

    - by Chiggins
    So I have an Amazon EC2 box running Windows Server 2008 with Active Directory installed on it. I also have a Windows 7 virtual machine, which is set to use the Active Directory box as its DNS and WINS server. I'm trying to join the virtual machine to the domain, and I'm asked for authentication. I give authentication, wait a minute, and I get an error saying: The following error occurred attempting to join the domain "ad.chigs.me": The network path was not found. How can I fix this so that I'll be able to join the domain?

    Read the article

  • sasl and tls with dns load balancing

    - by achal tomar
    I am using DNS load balancing in my centOs 5 server.The mail sent to the load balancer server are balanced by sending them to 4 more servers who then pass the mails to their destinations in the network.The mails are generated by a Php script which gives all the mail to the load balancer server. Now i want sasl and tls authentication in the load balancer server so that i can prevent the mail server from spammers,Can anyone tell me how to do this. The load balancer pass the mails to other servers based on equal mx record preference,so i want sasl authentication with Dns load balancing.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 115 116 117 118 119 120 121 122 123 124 125 126  | Next Page >