Search Results

Search found 12281 results on 492 pages for 'ip blocking'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 133/492 | < Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >

  • How is incoming SMTP mail being delivered despite blocked port

    - by Josh
    I setup a MX mail server, everything works despite port 25 being blocked, I'm stumped as to why I am able to receive email with this setup, and what the consequences might be if I leave it this way. Here are the details: Connections to SMTP over port 25 and 587 both reliably connect over my local network. Connections to SMTP over port 25 are blocked from external IPs (the ISP is blocking the port). Connections to Submission SMTP over port 587 from external IPs are reliable. Emails sent from gmail, yahoo, and a few other addresses all are being delivered. I haven't found an email provider that fails to deliver mail to my MX. So, with port 25 blocked, I am assuming other MTA servers fallback to port 587, otherwise I can't imagine how the mail is received. I know port 25 shouldn't be blocked, but so far it works. Are there mail servers that this will not work with? Where can I find more about how this is working? -- edit More technical detail, to validate that I'm not missing something silly. Obviously in the transcript below I've replaced my actual domain with example.com. # DNS MX record points to the A record. $ dig example.com MX +short 1 example.com $ dig example.com A +short <Public IP address> # From a public server (not my ISP hosting the mail server) # We see port 25 is blocked, but port 587 is open $ telnet example.com 25 Trying <public ip>... telnet: Unable to connect to remote host: Connection refused # Let's try openssl $ openssl s_client -starttls smtp -crlf -connect example.com:25 connect: Connection refused connect:errno=111 # Again from a public server, we see port 587 is open $ telnet example.com 587 Trying <public ip>... Connected to example.com. Escape character is '^]'. 220 example.com ESMTP Postfix ehlo example.com 250-example.com 250-PIPELINING 250-SIZE 10485760 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250-BINARYMIME 250 CHUNKING quit 221 2.0.0 Bye Connection closed by foreign host. Here is a portion from the mail log when receiving a message from gmail: postfix/postscreen[93152]: CONNECT from [209.85.128.49]:48953 to [192.168.0.10]:25 postfix/postscreen[93152]: PASS NEW [209.85.128.49]:48953 postfix/smtpd[93160]: connect from mail-qe0-f49.google.com[209.85.128.49] postfix/smtpd[93160]: 7A8C31C1AA99: client=mail-qe0-f49.google.com[209.85.128.49] The log shows that a connection was made to the local IP on port 25 (I'm not doing any port mapping, so it is port 25 on the public IP too). Seeing this leads me to hypothesize that the ISP block on port 25 only occurs when a connection is made from an IP address that is not known to be a mail server. Any other theories?

    Read the article

  • Why Is ModSecurity Unable to Access the Data Directory?

    - by tommytwoeyes
    Update I think we've solved this; the problem appears to have been a result of the /modsec_storage directory having an incorrect value for its SELinux context type. However, we're still not sure, because although after I changed the SELinux context type value, Apache was able to create files in that directory for the global and ip collections (global.dir/global.pag and ip.dir/ip.pag), the new files still have zero bytes. I'm new to ModSecurity and am not sure if the files are empty because something is wrong with the configuration or if ModSecurity has simply determined it doesn't need to store IP addresses persistently after each transaction ends. Anyone able to offer guidance here? I've recently installed ModSecurity (v2.5.12 / CRS v2.0.8) on our production server, and everything works great, except for these errors that it keeps writing to the Apache error log: Failed to access DBM file "/modsec_storage/global": Permission denied [hostname "www.internationalstudent.com"] [uri "/includes/soc_bookmarks/images/delicious.png"] [unique_id "LZ6jc38AAAEAAFO6408AAABO"] Failed to access DBM file "/modsec_storage/ip": Permission denied [hostname "www.internationalstudent.com"] [uri "/includes/soc_bookmarks/images/delicious.png"] [unique_id "LZ6jc38AAAEAAFO6408AAABO"] After following the instructions for file permission settings in the ModSecurity handbook by Ivan Ristic, with no success, I created a /modsec_storage directory, set the owner & group to apache, and set the permissions for the directory recursively to 777. However, ModSecurity is still reporting the same permission errors, so I am stumped. Can anyone tell me how to fix this?

    Read the article

  • How to balance the root domain using NS records?

    - by Patrick McCurley
    I have two load balancers that balance incoming traffic across multiple data centers. These work fine. I can test them out by doing an 'nslookup mydomain.com xIP' I have now taken out DNS services with DYN.com to allow me to manage the DNS Zone file so that typing mydomain.com will ask my load balancers what the IP address is to resolve. Step 1 : the NS record for www. I set up A records (glue) for ns1 & ns2, then the corresponding NS record to delegate the DNS lookup to the balancers instead of DYN.com's nameservers. ns1.mydomain.com A [ip address of load balancer 1] ns2.mydomain.com A [ip address of load balancer 1] www.mydomain.com NS ns1.mydomain.com www.mydomain.com NS ns2.mydomain.com All is well - when I type www.mydomain.com, the requests get delegated to my load balancers who provide the IP address of the endpoint and the connect is made successfully. Step 2 : the NS record for root. This is where I run into problems. I need customers to be able to type 'mydomain.com' (without the www) and ALSO get delegated to the load balancers for the IP address. However - of the research I have done, and through the DYN control panel, it seems to be not allowed to provide an NS record for the root - as this overrides the default NS servers. How can i delegate both the root, and the www. to my load balancers?

    Read the article

  • ASA 5510 Need to filter traffic log events to my iPhone

    - by drpcken
    For some reason I cannot update apps or download apps to any ios devices on my network (tried both iphone and ipads). When I'm at home on my own network everything works fine. This started about a week ago. I've configured my iphone with a static IP address and even used 4.2.2.2 as my dns to rule out that the issue is with my DNS Server. I'm looking at the SYSLOG in ASDM (Cisco ASA 5510) but Im not sure it is providing me enough info. It seems to be showing ACL blocks on my public ip address, but not individual client IP's, so I can't see whats going on. How can I setup a way to filter any incoming/outgoing traffic to my iPhone's static IP and try and troubleshoot this?

    Read the article

  • How should one manager external and internal DNS servers at the same time?

    - by erotsppa
    We run a mac network here in the office. We have an internal DNS server to manage the network. Everything is resolved to a local ip (for mail.mydomain.com etc). However, we also have an external DNS server for when our users are not in the office. However, isn't it a pain to have to manage two lists? Whenever you change something you have to change another? And you can't have one be a slave of another because the ip are sometimes different (for example mail.mydomain.com would point to a local ip in local dns server but an external ip in the external dns server). Any tricks?

    Read the article

  • bind9 dlz/mysql at ubuntu segfault libmysqlclient.so

    - by Theos
    I have a big problem. I installed the bind9 nameserver to three different computer. two Ubuntu 10.04.4 LTS, and one Ubuntu 11.10 I compiled it 9.7.0, 9.7.3, 9.9.0 with this method: ./configure --prefix=/usr --sysconfdir=/etc/bind --localstatedir=/var \ --mandir=/usr/share/man --infodir=/usr/share/info \ --enable-threads --enable-largefile --with-libtool --enable-shared --enable-static \ --with-openssl=/usr --with-gssapi=/usr --with-gnu-ld \ --with-dlz-mysql=yes --with-dlz-bdb=no \ --with-dlz-filesystem=yes --with-geoip=/usr make make install After the set up for dlz/mysql, the BIND server is working perfetctly until 5-30 minute long. Ahter i got segfault. I resolve temporaly the problem with a simple process watchdog, and if the named is stopped, the watchdog is restart it, but this is not a good idea in long therm. My log output is: messages: Apr 13 19:33:51 dnsvm kernel: [ 8.088696] eth0: link up Apr 13 19:33:58 WATCHDOG: named not running. Restarting Apr 13 19:35:08 dnsvm kernel: [ 87.082572] named[1027]: segfault at 88 ip b71c4291 sp b5adfe30 error 4 in libmysqlclient.so.16.0.0[b714e000+1aa000] Apr 13 19:35:08 WATCHDOG: named not running. Restarting Apr 13 19:35:08 dnsvm kernel: [ 87.457510] named[1423]: segfault at 68 ip b71d6122 sp b52f0a40 error 4 in libmysqlclient.so.16.0.0[b7160000+1aa000] Apr 13 19:35:09 WATCHDOG: named not running. Restarting Apr 13 19:41:56 dnsvm kernel: [ 494.838206] named[1448]: segfault at 88 ip b731c291 sp b5436e30 error 4 in libmysqlclient.so.16.0.0[b72a6000+1aa000] Apr 13 19:41:57 WATCHDOG: named not running. Restarting Apr 13 19:57:26 dnsvm kernel: [ 1424.023409] named[2976]: segfault at 88 ip b72d1291 sp b6beee30 error 4 in libmysqlclient.so.16.0.0[b725b000+1aa000] Apr 13 19:57:26 WATCHDOG: named not running. Restarting Apr 13 20:11:56 dnsvm kernel: [ 2294.324663] named[6441]: segfault at 88 ip b7357291 sp b6473e30 error 4 in libmysqlclient.so.16.0.0[b72e1000+1aa000] Apr 13 20:11:57 WATCHDOG: named not running. Restarting syslog: http://pastebin.com/hjUyt8gN the first server is a native, normal x64 server (u1004lts), the second is virtualised server (u11.10) the third is also virtualised (10.04lts) This servers is only for dns providing with mysql server db. But the problem is be with all server, and all bind version. named.conf: http://pastebin.com/zwm1yP7V Can anybody help me, or any good idea?

    Read the article

  • DNS server redirect users on first visit

    - by Sihan Zheng
    I am looking for a DNS level solution, that redirects a user to a specific IP on the first visit, than directs them to the correct IP on subsequent visits. So the idea is, for example, if a user visits "malicioussite.com", the first time they try to resolve that DNS name, it resolves to the IP of an internal web server, showing them a warning. On subsequent resolves, the users would get the actual IP, so they can visit the site. How can this be achieved? I am really flexible on what I can use, as long as its on the DNS level.

    Read the article

  • can not connect to SQL running on amazon ec2 machine

    - by njj56
    I am using SQL managment studio 2008 running on an Amazon EC2 machine. I am unable to connect to the database in my asp.net application. The EC2 instance has been set to accept connections over the SQL port. I am also able to remote the machine as well as view websites hosted on the server. Listed below is part of the connection string relating to this instance. When the program is ran and this connection string is called, it returns tcp error 0 - no return response. it just times out. <add name="ProjectServer" connectionString="Data Source=*IP ADDRESS HERE*,1433;Initial Catalog=*Catalog Name*;User ID=IP-0A6ED514\Administrator;"/> I removed the ip and the catalog name for the example, but I am sure they are correct. The only thing that I could think may cause an error, is the differences in names between the user id and the server name - the server name is ip-0A6ED514\sharepoint but the user name is ip-0A6ED514\administrator when I log into the sql server manager on the EC2 instance. A password is not used. Not sure if I would need to leave in a blank string for password - also not sure if the difference between server name and user id to log in makes a difference. Any help is appreciated. Thank you. update - when this connection string is used with out the port, i get tcp provider error 40 - when the port is in there, i get error 0 edit- the sql server is using windows authentication - does this make a difference? Usually I always use SQL server authentication

    Read the article

  • IPs on home network

    - by windchime
    I have a Linksys router and a Belkin wireless router at home. The Linksys router is connected to cable modem and two computers, as well as to the Belkin wireless router. A 3rd computer is connected to the Belkin router through Wifi. The IP addresses of the computers connected to Linksys are 192.168.1.101 and 192.168.1.102. The IP address of the Linksys router on LAN is 192.168.1.1. The IP address of the Belkin wireless router is 192.168.2.1(based on the 3rd computer's routing table) and the IP address of the 3rd computer is 192.168.2.5. If I ping 192.168.1.101 from 192.168.2.5, all are well. However, if I ping 192.168.2.5 from 192.168.1.101, Destination Host Unreachable. Why?

    Read the article

  • Connect to internet through DC with 2 network interfaces

    - by Ali Foroughi
    I have a network like this : Client 1 <== Wireless ==> Access Point <== Wire ==> DC <== Wireless ==> ADSL Modem Client 1 : IP : 192.168.1.181 DG : 192.168.1.100 DNS : 192.168.1.100 Access Point : IP : 192.168.1.10 DG : 192.168.1.100 DC : IP : 192.168.1.100 DG : 192.168.1.1 DNS : 127.0.0.1 ADSL Modem : IP : 192.168.1.1 I can ping yahoo.com from client1, but cannot browse the internet. UPDATE1 : my DC has two network interfaces that I bridge together. UPDATE2 : I powered down the DC firewall UPDATE3 : I set a forwarder for my DC to 8.8.8.8 (Google dns)

    Read the article

  • Apache port forwarding with ZTE ZXV10 W300 router (provider specific firmware)

    - by dannote
    I'm trying to configure port forwarding for Apache 2.2 installed on Windows XP SP3 with ZTE ZXV10 W300 router. The computer has a static IP 192.168.1.2. Port forwarding is configured as following: Enable true Name Apache Protocol TCP (also tried TCP and UPD) WAN Host Start IP Address empty WAN Host End IP Address empty WAN Connection stream WAN Start Port 8080 WAN End Port 8080 LAN Host IP Address 192.168.1.2 LAN Host Start Port 8080 LAN Host End Port 8080 Port 8080 is open for both TCP and UPD in Windows Brandmauer. Apache configuration: Listen 192.168.1.2:8080 Router Firmware: Hardware Version V1.0.01 Software Version V8.0.02T03_CFA Boot Loader Version V1.1.2 The provider is COMSTAR. I'm not sure but it's said they flash routers with modified firmware. I have also tried to set up Bitcomet port forwarding on port 13514 and failed.

    Read the article

  • Site-to-Site vpn setup amazon ec2 openswan (left) and cisco asa 5540 (right)

    - by user197279
    Need help on this VPN set-up on amazon EC2 using openswan Left side: EC2: setup a peer ip:- according to client using cisco (must be public) encrypted network:- according to client using cisco (must be public) Right side: Cisco ASA 5540: Peer ip: 3.3.3.3 Peer host/rightsubnet: 3.3.3.30/32 (Public NAT'd ip) The goal is to setup a site-to-site vpn connection with the client and I need guidance on the setup required on EC2. Appreciate the help Thanks.

    Read the article

  • IPSec tunnel between FortiGate and iPhone / iOS - Works except for DNS / Wins

    - by user57988
    I have configured my Fortigate with a new VPN IPSec tunnel to allow the iOS Cisco client to connect. That works fine. I can RDP to my servers, browse to my servers via IP address, etc. But, the iPhone does not resolve my internal IP addresses. I have added the DNS servers that serve addresses for my internal users, as well as the WINS servers, but the iPhone acts like it doesn't see them at all. config vpn ipsec phase1-interface edit "iPhone_VPN" set type dynamic set interface "wan1" set dhgrp 2 set proposal 3des-sha1 3des-md5 set xauthtype auto set mode-cfg enable set authusrgrp "iPhone_VPN_Users" set ipv4-start-ip 10.10.99.100 set ipv4-end-ip 10.10.99.199 set ipv4-netmask 255.255.0.0 set ipv4-dns-server1 10.10.2.1 set ipv4-dns-server2 10.22.1.80 set ipv4-wins-server1 10.10.2.1 set ipv4-wins-server2 10.22.1.80 set ipv4-split-include "Dialup_VPN_Networks" set psksecret ENC xxxxx next end For whatever reason, as far as I can tell, the iPhone does not 'see' the DNS or WINS entries. I don't know how to check it...

    Read the article

  • Cisco ASA: Allowing and Denying VPN Access based on membership to an AD group

    - by milkandtang
    I have a Cisco ASA 5505 connecting to an Active Directory server for VPN authentication. Usually we'd restrict this to a particular OU, but in this case users which need access are spread across multiple OUs. So, I'd like to use a group to specify which users have remote access. I've created the group and added the users, but I'm having trouble figuring out how to deny users which aren't in that group. Right now, if someone connects they get assigned the correct group policy "companynamera" if they are in that group, so the LDAP mapping is working. However, users who are not in that group still authenticate fine, and their group policy becomes the LDAP path of their first group, i.e. CN=Domain Users,CN=Users,DC=example,DC=com, and then are still allowed access. How do I add a filter so that I can map everything that isn't "companynamera" to no access? Config I'm using (with some stuff such as ACLs and mappings removed, since they are just noise here): gateway# show run : Saved : ASA Version 8.2(1) ! hostname gateway domain-name corp.company-name.com enable password gDZcqZ.aUC9ML0jK encrypted passwd gDZcqZ.aUC9ML0jK encrypted names name 192.168.0.2 dc5 description FTP Server name 192.168.0.5 dc2 description Everything server name 192.168.0.6 dc4 description File Server name 192.168.0.7 ts1 description Light Use Terminal Server name 192.168.0.8 ts2 description Heavy Use Terminal Server name 4.4.4.82 primary-frontier name 5.5.5.26 primary-eschelon name 172.21.18.5 dmz1 description Kerio Mail Server and FTP Server name 4.4.4.84 ts-frontier name 4.4.4.85 vpn-frontier name 5.5.5.28 ts-eschelon name 5.5.5.29 vpn-eschelon name 5.5.5.27 email-eschelon name 4.4.4.83 guest-frontier name 4.4.4.86 email-frontier dns-guard ! interface Vlan1 nameif inside security-level 100 ip address 192.168.0.254 255.255.255.0 ! interface Vlan2 description Frontier FiOS nameif outside security-level 0 ip address primary-frontier 255.255.255.0 ! interface Vlan3 description Eschelon T1 nameif backup security-level 0 ip address primary-eschelon 255.255.255.248 ! interface Vlan4 nameif dmz security-level 50 ip address 172.21.18.254 255.255.255.0 ! interface Vlan5 nameif guest security-level 25 ip address 172.21.19.254 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 switchport access vlan 3 ! interface Ethernet0/2 switchport access vlan 4 ! interface Ethernet0/3 switchport access vlan 5 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive clock timezone PST -8 clock summer-time PDT recurring dns domain-lookup inside dns server-group DefaultDNS name-server dc2 domain-name corp.company-name.com same-security-traffic permit intra-interface access-list companyname_splitTunnelAcl standard permit 192.168.0.0 255.255.255.0 access-list companyname_splitTunnelAcl standard permit 172.21.18.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.20.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.18.0 255.255.255.0 access-list bypassingnat_dmz extended permit ip 172.21.18.0 255.255.255.0 192.168.0.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 12288 logging buffered warnings logging asdm notifications mtu inside 1500 mtu outside 1500 mtu backup 1500 mtu dmz 1500 mtu guest 1500 ip local pool VPNpool 172.21.20.50-172.21.20.59 mask 255.255.255.0 no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 global (outside) 1 interface global (outside) 2 email-frontier global (outside) 3 guest-frontier global (backup) 1 interface global (dmz) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 2 dc5 255.255.255.255 nat (inside) 1 192.168.0.0 255.255.255.0 nat (dmz) 0 access-list bypassingnat_dmz nat (dmz) 2 dmz1 255.255.255.255 nat (dmz) 1 172.21.18.0 255.255.255.0 access-group outside_access_in in interface outside access-group dmz_access_in in interface dmz route outside 0.0.0.0 0.0.0.0 4.4.4.1 1 track 1 route backup 0.0.0.0 0.0.0.0 5.5.5.25 254 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 ldap attribute-map RemoteAccessMap map-name memberOf IETF-Radius-Class map-value memberOf CN=RemoteAccess,CN=Users,DC=corp,DC=company-name,DC=com companynamera dynamic-access-policy-record DfltAccessPolicy aaa-server ActiveDirectory protocol ldap aaa-server ActiveDirectory (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft aaa-server ADRemoteAccess protocol ldap aaa-server ADRemoteAccess (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft ldap-attribute-map RemoteAccessMap aaa authentication enable console LOCAL aaa authentication ssh console LOCAL http server enable http 192.168.0.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart sla monitor 123 type echo protocol ipIcmpEcho 4.4.4.1 interface outside num-packets 3 frequency 10 sla monitor schedule 123 life forever start-time now crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map outside_dyn_map 20 set pfs crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 ! track 1 rtr 123 reachability telnet timeout 5 ssh 192.168.0.0 255.255.255.0 inside ssh timeout 5 ssh version 2 console timeout 0 management-access inside dhcpd auto_config outside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn group-policy companynamera internal group-policy companynamera attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com group-policy companyname internal group-policy companyname attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com username admin password IhpSqtN210ZsNaH. encrypted privilege 15 tunnel-group companyname type remote-access tunnel-group companyname general-attributes address-pool VPNpool authentication-server-group ActiveDirectory LOCAL default-group-policy companyname tunnel-group companyname ipsec-attributes pre-shared-key * tunnel-group companynamera type remote-access tunnel-group companynamera general-attributes address-pool VPNpool authentication-server-group ADRemoteAccess LOCAL default-group-policy companynamera tunnel-group companynamera ipsec-attributes pre-shared-key * ! class-map type inspect ftp match-all ftp-inspection-map class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect ftp ftp-inspection-map parameters class ftp-inspection-map policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns migrated_dns_map_1 inspect ftp inspect h323 h225 inspect h323 ras inspect http inspect ils inspect netbios inspect rsh inspect rtsp inspect skinny inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp inspect icmp inspect icmp error inspect esmtp inspect pptp ! service-policy global_policy global prompt hostname context Cryptochecksum:487525494a81c8176046fec475d17efe : end gateway# Thanks so much!

    Read the article

  • Update mysql database with arpwatch textfile database

    - by bVector
    I'm looking to keep arpwatch entries in a mysql database to crossreference with other information I'm storing based on mac addresses. I've manually imported the arpwatch database into my mysql database, but being a novice with databases I'm not sure what the best way to continually update the database with new entries without creating duplicates would be. None of the fields can be unique, as even the time is duplicated frequently. I'm not interested in the actual arpwatch events like flip flop or new station, just the mac/ip/time pairings. Would a simple bash (or sql) shell script do the trick? Would it be possible to make the mac address plus the time be a composite key of some sort? the database is called utility, table is arpwatch, columns are mac, ip, time a seperate table named 'hosts' with columns mac, ip, type, hostname, location, notes has mac as the primary key. This table will correlate different ip addresses that a mac had over time using the arpwatch column initial import was done with MySQL Workbench using INSERT INTO commands with creative search and replace on the text file

    Read the article

  • nginx + varnish + apache differente IPs in VirtualHost Apache

    - by zeusgod
    Hi, My idea is put NGINX as proxy to redirect to Varnish (cache static content) and then proxy to apache with a lot of VirtualHost in different IPs. My problems is that I would know how can configure Varnish to send access to correct IP, I am going explain: NGINX: Listen in: 10.10.10.10, 20.20.20.20 and 30.30.30.30 on ports: 80 and 443 Proxy redirect to Varnish 10.10.10.10:8080, 20.20.20.20:8080 and 30.30.30.30:8080 Varnish: Port: 8080 - THIS IS THE PROBLEM Proxy content not static to Apache on port 8000 - THIS IS THE OTHER PROBLEM Apache2: Listen in: 10.10.10.10:8000, 20.20.20.20:8000 and 30.30.30.30:8000 Response correct VirtualHost This is the idea. When I try with one IP only, all work correctly, because Varnish is only listen in one IP and port and send to backend in one IP and port too. Could you help me to configure Varnish or there is a best way to configure similar scenario please?

    Read the article

  • Mac OS X: pushing all traffic through a VMWare VM [closed]

    - by bj99
    I want to set up an Astaro (Sophos) UTM in a Virtual Machine. The Setup should be at the end the following: Cable Modem (one IP adress) | [Ethernet] Sophos UTM (running as VM [VMWare Fusion 5] on the MacMini) | [WIFI] Airport Express v2 (for sharing Local Network to wireless and wired clients) 1)| [WIFI] 2)| [Ethernet over Thunderbolt Ethernet Adapter]* Clients MacMini (Local File Server) *To have the Mini also protected behind the UTM So the setup process for the UTM works fine, but then the problems start: I just have one external IP (from my cable modem provider)== So if I put the VM in briged mode my Internet connection drops, because the MacMini also has its IP adress. If I put the VM to NAT mode the Mini itself is not protected by the UTM So: is there a way to hide the en0 interface(Ethernet) and the en1 interface (Wifi) from the MacMini, so that they not even appear in System Preferences Network section but are available to the VM? That way the Mini must connect to the en2 interface (Thunderbolt adapter) to make any Internet/LAN connection and I just use the given single IP from the Cable Modem. Thaks for any suggestions... Sebastian

    Read the article

  • Accessing guests on virtual network when connected to host via PPTP

    - by Viktor Elofsson
    I'm setting up a development machine which runs Ubuntu 12.04 and KVM for virtualization. I have a guest running Ubuntu 12.04 which can be accessed from the host via its IP address which is assigned by libvirt. The guest can also access the internet, no problem there. However, now I want to setup PPTP so I can connect to the host (from my workstation running Windows 7) and directly access guests without relying on SSH port forwarding. I can connect from my W7-machine to the host (PPTP), but I cannot access any virtual machines (which are accessable from the host directly). Relevant configuration files cat /etc/network/interfaces auto lo iface lo inet loopback # device: eth0 auto eth0 iface eth0 inet static address x.x.x.x broadcast x.x.x.x netmask x.x.x.x gateway x.x.x.x # default route to access subnet up route add -net x.x.x.x netmask x.x.x.x gw x.x.x.x eth0 virsh net-edit default <network> <name>default</name> <uuid>xxxxxxxx-72ce-3c20-af0f-d3a010f1bef0</uuid> <forward mode='nat'/> <bridge name='virbr0' stp='on' delay='0' /> <mac address='52:54:00:xx:xx:xx'/> <ip address='192.168.122.1' netmask='255.255.255.0'> <dhcp> <range start='192.168.122.2' end='192.168.122.254' /> <host mac='52:54:00:yy:yy:yy' name='web1' ip='192.168.122.11' /> </dhcp> </ip> </network> cat /etc/pptpd.conf (commented lines removed) # TAG: option # Specifies the location of the PPP options file. # By default PPP looks in '/etc/ppp/options' # option /etc/ppp/pptpd-options # TAG: logwtmp # Use wtmp(5) to record client connections and disconnections. # logwtmp #(Recommended) localip 192.168.122.1 remoteip 192.168.122.234-238,192.168.122.245 cat /etc/ppp/chap-secrets* # Secrets for authentication using CHAP # client server secret IP addresses xxxxx * yyyyyyyyyy 192.168.122.100 I get the correct IP address when connecting my W7-machine, but when I try to ping the virtual machine at 192.168.122.11 I get Reply from 192.168.122.1: Destination port unreachable. It's probably something trivial I'm missing but I can't for the life of me figure out what it is. So I'm turning to you, serverfault.

    Read the article

  • Configuring DNS on my Amazon AWS [closed]

    - by Ricardo
    So, I have an AWS EC2, and I need to configure a dns server, I have a Ubuntu 11.04 and webmin is configured, I have a domin point to my ip. So, know I need to redirect my domain to my ip and configure BIND dns server? What configuration I have to do to redirect my domain account to my ip and create my own dns server? I see some videos on youtube but, i don´t know what is the best of for me. Thank´s for any help.

    Read the article

  • Struggling to set-up NLB cluster

    - by Chris W
    I'm trying to set up NLB on a couple of Windows 2008 R2 virtual servers running on top of Hyper V R2. The servers each have a single vNIC for LAN access (and a second vNIC for SAN access). I'm setting up the cluster to use Multicast mode. The vNICs are each set to allow MAC spoofing. Essentially I'm finding that i can add SERVER1 as a host and it will pick up and respond to the cluster IP from a remote subnet. If I then 'stop' the node in NLB manager it still responds when I would expect it to stop answering on that IP. If I recreate the cluster and add SERVER2 as the first host, the wizard completes correctly and an IPCONFIG on the server shows that it now has the cluster IP but I can't ping the cluster IP from a remote subnet but I can from another machine on the same subnet. As a final test - with both servers in the cluster, pinging from another machine on the same subnet I still get a response from the cluster IP when both nodes are stopped according to the NLB manager. The two VMs are sat on the same physical blade and are built up exactly the same as they'll be used as SharePoint web front end servers. I'm at a loss as to what could be wrong with the second VM that prevents it taking on the address just as the sole node in the cluster, never mind the strange behaviour of the cluster when I stop/start nodes.

    Read the article

  • Does Mac address base restriction is possible over Internet???

    - by sahil
    Hi Frineds, I want to restrict the access into my server on MAC Address base over internet... does it possible??? or there any other way of restriction over internet instead of IP address possible?? (My users are connection into my adito base ssl vpn server and i want to give them access on base of MAC address or any other possible method not by there IP address...because they are on roaming Internet IP. thanking you, sahil.

    Read the article

  • How do I handle mysql replication in EC2 using private IPs?

    - by chris
    I am trying to set up a mysql master/slave configuration in two EC2 instances. However, every time I reboot an instance, the IP address (and hostname) changes. I could assign an Elastic IP address, but would prefer to use the internal IP address. I can't be the first person to do this, but I can't seem to find a solution. There are a lot of "getting started" guides, but none of them mention how to handle changing IP addresses. So what are the best practices to manage master/slave replication in EC2?

    Read the article

  • DNS with Amazon EC2 Elastic Load Balancer

    - by user68173
    I'm told that I can't make the root of a domain (example.com) a CNAME - I have to specify an IP. Given that you can't use an IP address to point at your Elastic Load Balancer, what's the best thing to do? Currently I do this: example.com - A record to elastic IP of first server- redirects to www.example.com www.example.com CNAME to hostname of load balancer If the first server is out of action, the redirect will fail. Is there a better way to approach this?

    Read the article

  • How to setup an IPSec / GRE tunnel on Windows Server 2008

    - by qbeuek
    I have a Windows Server 2008 that has a single network interface configured with a public IP address. My business partner has a private network. From my server, I need to access all the devices on his private network, and those devices must be able to access my server. My business partner has a standard solution for these requirements. They will setup an IPSec + GRE tunnel to my server. They told me, that I will need an additional public IP address for this to work. If it really is necessary, there is no problem, I can get an additional public IP address, although it will be assigned to the same physical network interface. I assume that on my server I will have both public IP addresses and also the private IP address from the tunnel (the same that is visible for the devices inside the private network). What alternatives do I have? Is it possible to configure this tunnel on my Windows Server 2008? Can it be done using only Windows tools, or do I need an additional free / commercial VPN software? If it cannot be done directly on Windows, can I setup an additional virtual machine running Linux, that will handle the IPSec + GRE tasks? How to do it? If it cannot be done on a virtual linux box, will I have to buy and setup a Cisco router to handle the IPSec + GRE tasks? Thanks for your opinions. I'm watching this question to clarify any issues or questions.

    Read the article

  • VirtualBox 4.1.12 Ubuntu Host Bridged Networking

    - by hidden_premise
    Setup Ubuntu Server 11.10 x64 VirtualBox 4.1.12 One network adapter eth0 with a static IP address My /etc/network/interfaces looks like #Local loopback auto lo iface lo inet loopback #Primary Interface auto eth0 iface eth0 inet static address 10.0.0.6 netmask 255.255.255.0 gateway 10.0.0.1 Need Static IP for Ubuntu Host Static IP for multiple Ubuntu guests My attempt Downloaded the .deb for 64bit virtual box dpkg -i virtualbox.deb Create a VM and install ubuntu server 11.10 x64 from ISO Set the networking mode to bridged and choose 'eth0' as the interface Fail. None of the guides I can find for bridged networking work because everything changed since vbox 2

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >