Search Results

Search found 4906 results on 197 pages for 'ssh tunnel'.

Page 120/197 | < Previous Page | 116 117 118 119 120 121 122 123 124 125 126 127 | Next Page >

Need IPSec help on Windows 2003

- by user37456

Hey guys, I am trying to configure IPSec between a web and app server in our environment. I want all traffic between these two servers to use IPsec and be encrypted. These servers are on the same domain so i am currently using Kerebos for security, I have also tried pre-defined keys and nothing changed. When I try and ping between the servers I get "Negotiating IP Security" everytime. I have also confirmed that when I change "Require Security" to "Permit" everything works so IPSec is working, I believe its something with my security setup. Under the security tab both servers have the default 3DES keys first and then DES keys. I have also specified tunnel endpoints (the alternate server's IP). What am I missing? Thanks for any help..

Read the article
How do we keep Active Directory resilient across multiple sites?

- by Alistair Bell

I handle much of the IT for a company of around 100 people, spread across about five sites worldwide. We're using Active Directory for authentication, mostly served to Linux (CentOS 5) systems via LDAP. We've been suffering through a spate of events where the IP tunnel between the two major sites goes down and the secondary domain controller at one site can't contact the primary domain controller at the other. It seems that the secondary domain controller starts denying user authentication within minutes of losing connectivity to the primary. How do we make the secondary domain controller more resilient to downtime? Is there a way for it to cache the entire directory and/or at least keep enough information locally to survive a multi-hour disconnection? (We're all in a single organizational unit if that makes any difference.) (The servers here are Windows Server 2003; don't assume that we set this up correctly. I'm a software engineer, not an IT specialist.)

Read the article
Windows Server 2012 Essentials - Trying to setup "Anywhere Access" but the "Computer Access" list for users is blank

- by tetranz

I have a new installation of Windows Server 2012 Essentials and I'm trying to setup "Anywhere Access" for both VPN and remote desktop. The basic setup is all working. Shared folders is working but remote desktop has no computers available. On the server, if I edit a user with the Essentials Dashboard and go to "Computer access", the list is empty. The desktop computers have been joined to the domain. I can see them in AD under "Computers". I think our mistake was that we didn't use the connector tool to join the domain. We moved from a previous domain and went to Computer / Properties, changed the domain and started with a new profile. Is there something I can do now to make these desktops available for remote desktop? I can access a desktop directly no problem by going directly to it with the RDP client on port 3389. I do that from the outside world through an SSH tunnel.

Read the article
Setting up dante socks server

- by skerit

I want to tunnel all my internet traffic through my vps, so I'm trying to install a proxy server. However: I can't seem to browse the internet through Dante. I get the ERR_EMPTY_RESPONSE error. This is my config: logoutput: stderr /home/user/dantelog internal: eth1 port=1080 external: eth1 method: username pam user.privileged: proxy user.notprivileged: nobody user.libwrap: nobody client pass { from: 10.0.0.0/8 port 1-65535 to: 0.0.0.0/0 } Do I really have to run 2 proxy servers: one for http and one for socks? or is there something else I can do?

Read the article
Site to site VPN using RRAS from an untrusted network?

- by DrZaiusApeLord

Our remote office will be moving to a new space where internet will be provided. They'll be behind a router doing NAT (I do not have admin rights to this router). They will be sharing a printer with the other people on the LAN, but will need VPN to our network for email and file shares. I was thinking of just having them run the windows VPN client and connecting via PPTP like they do when they are off-site, but I have read that multiple PPTP connections from the same NAT'd address to the same destination doesn't work well or at all. I am thinking some kind of site-to-site VPN is needed so there is just one tunnel. Can I just put in a VPN gateway, set it to connect to our RRAS/PPTP server, and have them use it as their default gateway? Perhaps even use the local default gateway for internet traffic. If so, what VPN gateway/device is recommended for this? Or other solutions? Thanks.

Read the article
How can I solve Windows PPTP VPN issues?

- by Robin M

I'm having persistent problems with Windows PPTP VPN connections. The VPN appears up whilst the tunnel won't transfer traffic (ping to a remote IP within the VPN works for a while, and then fails). The client receives routing information via DHCP. When the connection fails, the routing table is still correct so I don't think it's a routing problem. My internet connection is via an ADSL2 line. There's software to deal with PPTP problems, like TunnelRat, but I don't want to install v1.1 of the .NET framework and I'd rather get to the bottom of the problem (I have multiple VPN connections and some are more unreliable than others). What can I do to get to the bottom of this? Alternatively, what can I do to keep the connection alive?

Read the article
Teredo and IPV6 web servers

- by Sandro Antonucci

Hello, I have two different questions, the first one could be stupid. I was reading about IPV6 and ended up in this site http://test-ipv6.com/ that says that I have a public IPV6 with Teredo tunneling. I don't understand if this Teredo is a software thing, does it have to with my ISP, is it enabled by Windows, how do I get that IPV6 IP, where does it come from? I have windows 7. Second question, I have a VPS with IPV6 connectivity only I can connect to it (apparently thanks to Teredo) and visit pages from the web server using IPV6 IP directly into the browser, is it possibile to host a website on there accessible by the IPV4 network? maybe some dns servers than tunnel traffic from IPV4(user) to IPV6(server)? Thank you

Read the article
rpd over https using a linux client

- by Nils

My employer switched from vpn and rdp to using what our admin calls "rdp over https". Since that switch I find myself unable to connect to the "new" rdp server. I think the progress is as follows: A rdp gateway-server is connected via tls the requested sever (different from the gateway-server) is then connected through the tls connection. In windows mstsc-settings the server name is the "internal network name" of the machine I wish to connect. And on the last tab (in German it is called "leistung" - could be activity) I go to the "connection from everywhere" settings and set the gateway-server under gateway-server. Now: Is there any way to use this scenario under linux (apart from a virtual machine running Windows)? I am interested in free ideas (e.g. is it possible to create a tls tunnel and connect through that using freerdp/rdesktop?) non-free ideas. As long as they work I'll worry about the costs later. Free ideas would be better :-)

Read the article
Weird behaviour with OpenVPN: can not connect to a few websites

- by Gaby Solis

My OpenVPN server is Ubuntu 10.04.4 LTS and openvpn version is 2.x My client is on Win 7. He can access most sites but not Youtube, Facebook, Twitter, groups.google.com, etc My server.conf is: local x.x.x.x port 1194 proto udp dev tun ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key dh /etc/openvpn/keys/dh1024.pem server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" client-to-client keepalive 10 120 comp-lzo persist-key persist-tun status /etc/openvpn/keys/openvpn-status.log verb 4 I can access Youtube etc using SSH Tunnel + SOCKS Proxy, and the Ubuntu server can access all sites. so nothing is wrong with the Ubuntu server. With little information I can provide, I am not looking for a quck solution. How can I debug?

Read the article
Route traffic on vpn to another interface on an ASA 5510

- by Dave

I have a ASA 5510 that has about 60-70 vpn tunnels. I have four interfaces on the device: 1)External, 2)192.168.1.0, 3)192.168.2.0, 4) 192.168.3.0 A VPN tunnel is configured from the remote site (192.168.200.0) to the 192.168.2.0 subnet on the ASA. I have remote applications I would like the users at the remote site to be able to access which are hosted on the 192.168.3.0 subnet. I can route traffic between the subnets that are located on the ASA. Any way I can route traffic from the remote site to the 192.168.3.0?

Read the article
How to forward UDP and TCP traffic from one IP to another

- by Rishabh Agnihotri

Well i have a server with two LAN Card Installed.I have a server in U.S and one in India.I have created a GRE tunnel to route all traffic from U.S Server to my Indian Server.My Traffic has UDP,TCP,HTTP,etc Traffic.Now i have two LAN Card on my Indian Server.Well i have configured two IPs on the system for some of my needs on the system.One is a /30 and another is a /24.Well now i want the /30 IP to talk to my /24 IP.Lets take a e.g the IPs are 180.151.130.34 - /30 and 103.243.19.254 -/24 I want to forward all the TCP,UDP,HTTP,etc like traffic coming to 180.151.130.34 to 103.243.19.254.In the sense i want to make them talk to each other in a way if a TCP/UDP Packet comes to 180.151.130.34 it should be forwarded to 103.243.19.254 and then that packet is sent back by 103.243.19.254 to 180.151.130.34.I am not able to configure this part.Can anyone tell me step by step how to do so? Well i forgot to specify i am using Windows Server 2008. Any help would be greatly appreciated.Thanks in advance.

Read the article
How can I make an infinite cave using stage3d?

- by ifree

I want to make an infinite cave in my 3d game using flash stage3d. But I got no idea about how to build that cave. Can anyone can give me some solution or hint? update: I've tried agal fragment shader like squeae tunnel in shader toy code: var fragmentProgramCode:String = AGALUtils.build() .mov("ft0","v0") .div("ft1","ft0.xy","fc3.xy") .mul("ft2","fc6.x","ft1") .sub("ft3","ft2","fc5.x")//vec2 p = -1.0 + 2.0 * gl_FragCoord.xy / resolution.xy; .mul("ft1","ft3.x","ft3.x") .mul("ft2","ft3.y","ft3.y") .pow("ft4","ft1","fc6.z")//float r = pow( pow(p.x*p.x,16.0) + pow(p.y*p.y,16.0), 1.0/32.0 ); .pow("ft5","ft2","fc6.z") .add("ft1","ft4","ft5") .pow("ft4","ft1","fc6.w") .mov("ft5","fc5")//uv .sub("ft1","fc7.x","ft4") .add("ft5.x","fc7.x","ft1")//uv.x = .5*time + 0.5/r; .mov("ft6","fc0")//for atan .atan2("ft5.y","ft3.y","ft3.x",new <String>["fc7.y","fc5.x","fc7.z","fc7.w","fc8.x","fc8.y","fc8.z","fc8.w","fc9.x","fc9.y"],"ft6") .tex("ft0","ft5","fs0","repeat","linear","nomip")//tex .mul("ft1","ft4","ft4") .mul("ft2","ft1","ft4")//r*r*r .mul("ft1","ft0.xyz","ft2") .mov("ft0.w","fc5.x") .mov("oc","ft1").toString() it can only apply one material,but my project requires different types of material (like floor,ceilling). so ,I create a 3d model Is there anyway to make that 3d model render like "infinity cave"? use agal to make each side of cave's texture move? thanks for your help

Read the article
stunnel: SSL-to-SSL? (for smtp/imap)

- by nonot1

Hello, How can I configure stunnel to accpet SSL connections, and connect then to an SSL port on a different server? Here is my setup: Our ISP's server, "Mail Server", supports smtp/imap over SSL. (Not starttls. Just over ssl.) But, I have a bunch of client machines that will only trust a specific, internal, root certificate. Thus, they can not connect to "Mail Server". For these client machines, I'd like to make a dedicated "Mail Tunnel" host that uses stunnel to listen with an in-house signed SSL certificate, and just forward data to "Mail Server" using a 2nd SSL connection. Can this be done? What would be the specific steps for Ubuntu Server 10.10? (I'm not too familiar with persistent service configuration.) Thank you

Read the article
Websocket & HTTP proxy with server between two firewalls

- by Dan

I have a server ("A") running behind a firewall, which serves HTTP and websockets. I have no control over the firewall, but do have an external server ("B") to which the internal server can connect (note that the reverse connection from B to A is not possible due to the firewall). How can I set up some sort of proxy on B such that an Internet client ("C") can access the resources on A? I'd prefer something lightweight—even a Python program or an SSH tunnel (which I've tried without success)—rather than something more heavyweight but robust.

Read the article
Testing UDP port connectivity

- by Lock

I am trying to test whether I can get to a particular port on a remote server (both of which I have access to) through UDP. Both servers are internet facing. I am using netcat to have a certain port listening. I then use nmap to check for that port to see if it is open, but it doesn't appear to be. Iptables is turned off. Any suggestions why this could be? I am eventually going to setup a VPN tunnel, but because I'm very new to tunnels, I want to make sure I have connectivity on port UDP 1194 before advancing.

Read the article
Observing flow control idle time in TCP

- by user12820842

Previously I described how to observe congestion control strategies during transmission, and here I talked about TCP's sliding window approach for handling flow control on the receive side. A neat trick would now be to put the pieces together and ask the following question - how often is TCP transmission blocked by congestion control (send-side flow control) versus a zero-sized send window (which is the receiver saying it cannot process any more data)? So in effect we are asking whether the size of the receive window of the peer or the congestion control strategy may be sub-optimal. The result of such a problem would be that we have TCP data that we could be transmitting but we are not, potentially effecting throughput. So flow control is in effect: when the congestion window is less than or equal to the amount of bytes outstanding on the connection. We can derive this from args[3]-tcps_snxt - args[3]-tcps_suna, i.e. the difference between the next sequence number to send and the lowest unacknowledged sequence number; and when the window in the TCP segment received is advertised as 0 We time from these events until we send new data (i.e. args[4]-tcp_seq = snxt value when window closes. Here's the script: #!/usr/sbin/dtrace -s #pragma D option quiet tcp:::send / (args[3]-tcps_snxt - args[3]-tcps_suna) = args[3]-tcps_cwnd / { cwndclosed[args[1]-cs_cid] = timestamp; cwndsnxt[args[1]-cs_cid] = args[3]-tcps_snxt; @numclosed["cwnd", args[2]-ip_daddr, args[4]-tcp_dport] = count(); } tcp:::send / cwndclosed[args[1]-cs_cid] && args[4]-tcp_seq = cwndsnxt[args[1]-cs_cid] / { @meantimeclosed["cwnd", args[2]-ip_daddr, args[4]-tcp_dport] = avg(timestamp - cwndclosed[args[1]-cs_cid]); @stddevtimeclosed["cwnd", args[2]-ip_daddr, args[4]-tcp_dport] = stddev(timestamp - cwndclosed[args[1]-cs_cid]); @numclosed["cwnd", args[2]-ip_daddr, args[4]-tcp_dport] = count(); cwndclosed[args[1]-cs_cid] = 0; cwndsnxt[args[1]-cs_cid] = 0; } tcp:::receive / args[4]-tcp_window == 0 && (args[4]-tcp_flags & (TH_SYN|TH_RST|TH_FIN)) == 0 / { swndclosed[args[1]-cs_cid] = timestamp; swndsnxt[args[1]-cs_cid] = args[3]-tcps_snxt; @numclosed["swnd", args[2]-ip_saddr, args[4]-tcp_dport] = count(); } tcp:::send / swndclosed[args[1]-cs_cid] && args[4]-tcp_seq = swndsnxt[args[1]-cs_cid] / { @meantimeclosed["swnd", args[2]-ip_daddr, args[4]-tcp_sport] = avg(timestamp - swndclosed[args[1]-cs_cid]); @stddevtimeclosed["swnd", args[2]-ip_daddr, args[4]-tcp_sport] = stddev(timestamp - swndclosed[args[1]-cs_cid]); swndclosed[args[1]-cs_cid] = 0; swndsnxt[args[1]-cs_cid] = 0; } END { printf("%-6s %-20s %-8s %-25s %-8s %-8s\n", "Window", "Remote host", "Port", "TCP Avg WndClosed(ns)", "StdDev", "Num"); printa("%-6s %-20s %-8d %@-25d %@-8d %@-8d\n", @meantimeclosed, @stddevtimeclosed, @numclosed); } So this script will show us whether the peer's receive window size is preventing flow ("swnd" events) or whether congestion control is limiting flow ("cwnd" events). As an example I traced on a server with a large file transfer in progress via a webserver and with an active ssh connection running "find / -depth -print". Here is the output: ^C Window Remote host Port TCP Avg WndClosed(ns) StdDev Num cwnd 10.175.96.92 80 86064329 77311705 125 cwnd 10.175.96.92 22 122068522 151039669 81 So we see in this case, the congestion window closes 125 times for port 80 connections and 81 times for ssh. The average time the window is closed is 0.086sec for port 80 and 0.12sec for port 22. So if you wish to change congestion control algorithm in Oracle Solaris 11, a useful step may be to see if congestion really is an issue on your network. Scripts like the one posted above can help assess this, but it's worth reiterating that if congestion control is occuring, that's not necessarily a problem that needs fixing. Recall that congestion control is about controlling flow to prevent large-scale drops, so looking at congestion events in isolation doesn't tell us the whole story. For example, are we seeing more congestion events with one control algorithm, but more drops/retransmission with another? As always, it's best to start with measures of throughput and latency before arriving at a specific hypothesis such as "my congestion control algorithm is sub-optimal".

Read the article
How to forward blocked ports by ISP

- by KiDo

So I've been trying to setup a TeamSpeak 3 server on my pc but ports (9987,10011,30033) are blocked by my ISP, I've contacted them to unblock them but they didn't accept, and it's the fastest ISP in my city (as living in a 3rd world country) so it's not a good idea to connect to another ISP. The thing is, I've tried Your-Freedom to connect to tunnel my connection & SocksCap. The problem is, when TS works with SocksCap it doesn't show a WAN-IP that friends will use to connect to my server It says "Needs to be Requested" and when I press the Request button, I get nothing. So, any idea what's wrong if someone has done this before? or if you have any other suggestion to run a TS server, would be very glad to hear it and really appreciate that. P.S. as I've mentioned before, living in a 3rd world country, makes me unable to buy a VPS even the cheapest one cause there's no Visa, Credit, or paypal. so that won't work. Thanks in advance.

Read the article
IPv6 6to4 on Windows Server

- by Graham Wager

I'm looking for a relatively simple guide to setting up an IPv6 tunnel properly. This network currently has a server (Windows Server 2008R2) running RRAS that establishes connectivity to the internet using a demand-dial PPPoE connection and handles the NAT. It also hosts a DNS server and DHCP. My ISP does not support IPv6, but I have a static IPv4 address. I've read about 6to4 and signed up at tunnelbroker.net, but quickly felt out of my depth. How do I configure my network to use it, and how I should configure my DHCP server with regards to IPv6 addresses?

Read the article
How secure is Remote Desktop from OSX to Windows Server 2003?

- by dwhsix

It's unclear to me exactly how secure Remote Desktop access from OSX to a Windows Server 2003 machine is. Is the communication encrypted by default? What level of encryption? Are there best practices for making this as secure as possible? I found http://www.mobydisk.com/techres/securing_remote_desktop.html but it's unclear how much of that is still relevant for current versions of RDP and Windows Server. I know I can tunnel RDP over ssh, but is that overkill or redundant? Thanks...

Read the article
Unreasonably slow stunnel

- by Kit Sunde

I setup stunnel on OSX to tunnel traffic to my Django dev server because Facebook needs HTTPS these days but I noticed it's being absurdly slow. It seems like it can only handle a single connection at a time and even the connection is slow when I'm connecting to localhost. I've tried using some performance tips found online and so my config is setup as: pid= # foreground=yes cert=./cacert.pem key=./privkey.pem libwrap=no debug=0 socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 [https] accept=8443 connect=8000 Is there a way to get more performance or more suitable way of setting up HTTPS for my dev server?

Read the article
Cisco NAT + IPSec + Web Server Configuration Question

- by zagman76

Hello - I currently have a Cisco 881W, and it is configured with one of our static IPs to do basic NAT for the network. We also have a web server that needs it's own IP. I configured the NAT for the 2nd IP, however now traffic through our IPSec VPN doesn't route to the web server properly (well, it routes to the internet, rather than through the Tunnel). I followed the instructions here: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml But now the outbound NAT doesn't seem to be working properly - it keeps going to the NAT of the Cisco, and not the designated IP address. If anyone can assist, I would appreciate it greatly. Let me know what you need, and I'll get it to you! Thanks!

Read the article
Looking for a router-like web interface for my Debian gateway.

- by marcusw

Hey, I need a web interface program for my debian gateway which has the features of a router's one. Specifically, I must be able to easily Forward ports to various clients on the LAN or the router itself (it's also a server) Manage a DHCP server preferably including DHCP reservation for certain MACs Give me a list of the connected DHCP clients (optionally) Show which clients are the most active as far as bandwidth (something like iftop) Alternatively, it could be a graphical app which I could tunnel over ssh. No command line programs please...I'm used to doing this stuff with a point-and-click interface. Not adverse to command-line setup; just need to be able to reconfigure things graphically. Have a working LAMP setup. I've tried webmin, but it didn't satisfy the "easy" part...too many clicks and too many meny options.

Read the article
IPv6 connections routed to IPv4 device

- by Yvan JANSSENS

I have an IBM 9406-250 with V5R1 and IPv4 only connectivity, and want it to be reachable over IPv6. I cannnot install an IPv6 stack on it, but I want it to be accessible by IPv6 so I can drop the requirement to VPN to my home network. I have an OpenWRT device running, which takes care of the IPv6 routing on my network and the tunnel to SIXXS, and I was wondering if it is possible to assign another IPv6 address to that device, and route it to the IPv4 IBM computer. Which software do I need for this, and how is this technique called?

Read the article
VPN service for 4in6

- by Deshene

I have a local network with internet access. But unfortunately IPv4 internet connection speed is limited to 1mbps, which is realy sad. Fortunately I have a native IPv6, and there is no connection speed limit over IPv6. So, in order to get a good internet connection I made a plan: connect to the VPN-service over IPv6, and pass all IPv4 traffic through IPv6 tunnel, or something like that, I think you get the idea. I suggested to use service like HideMyAss.com, but unfortunately they don't support IPv6. The question is: Is there any existing VPN service that will make my dreams come true, and is easy to use, which I could connect over PPTP or OpenVPN (I want to set up connection to VPN in my router settings).

Read the article
TS connection lost but not local

- by Owl

I have an office that is connected to a shared db server and terminal services server, that other offices use as well, through a vpn tunnel. For some reason all workstations in the office will lose connectivity to the remote address but will remain connected to their local internet. I have checked both firewalls to ensure all settings match accordingly. They seem to go down at routine times every day and it doesn't last longer than a minute or two. Any ideas of what this may be? OS: Windows Server 2003R2 Terminal Services 5.2 Symantec Gateway 320 & Symantec Firewall/VPN 100

Read the article

< Previous Page | 116 117 118 119 120 121 122 123 124 125 126 127 | Next Page >