Search Results

Search found 5390 results on 216 pages for 'ssl vpn'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 138/216 | < Previous Page | 134 135 136 137 138 139 140 141 142 143 144 145  | Next Page >

  • HTTP 400 error for all websites

    - by Jason Sherman
    A couple of days ago, I started getting HTTP 400 responses from all websites. Nothing will go across port 80. However, everything works if I connect to VPN. The weird thing is, without VPN, other things still work; such as IM and anything else that doesn’t use port 80. Pinging also works. I haven’t noticed this behavior on any other computer on my network. The kicker is, if I log on as a local admin, everything works fine!!! I haven’t installed anything in the last couple weeks and I don’t remember changing any configuration. I ran Forefront and HouseCall and neither found any problems.

    Read the article

  • Mod_rewrite with UTF-8 accent, multiviews , .htaccess

    - by GuruJR
    Problem: with Mod_rewrite, multiview & Apache config Introduction: The website is in french and i had problem with unicode encoding and mod_rewrite within php wihtout multiviews Old server was not handling utf8 correctly (somewhere between PHP, apache mod rewrite or mysql) Updated Server to Ubuntu 11.04 , the process was destructive lost all files in var/www/ (the site was mainly 2 files index.php & static.php) lost the site specific .Htaccess file lost MySQL dbs lost old apache.conf What i have done so far: What works: Setup GNutls for SSL, Listen 443 = port.conf Created 2 Vhosts in one file for :80 and :443 = website.conf Enforce SSL = Redirecting :80 to :443 with a mod_rewrite redirect Tried to set utf-8 everywhere.. Set charset and collation , db connection , mb_settings , names utf-8 and utf8_unicode_ci, everywhere (php,mysql,apache) to be sure to serve files as UTF-8 i enabled multiview renamed index.php.utf8.fr and static.php.utf8.fr With multiview enabled, Multibytes Accents in URL works SSL TLS 1.0 What dont work: With multiview enabled , mod_rewrite works for only one of my rewriterules With multiview Disabled, i loose access to the document root as "Forbidden" With multiview Disabled, i loose Multibytes (single charater accent) The Apache Default server is full of settings. (what can i safely remove ?) these are my configuration files so far :80 Vhost file (this one work you can use this to force redirect to https) RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} LanguagePriority fr :443 Vhost file (GnuTls is working) DocumentRoot /var/www/x ServerName example.com ServerAlias www.example.com <Directory "/var/www/x"> allow from all Options FollowSymLinks +MultiViews AddLanguage fr .fr AddCharset UTF-8 .utf8 LanguagePriority fr </Directory> GnuTLSEnable on GnuTLSPriorities SECURE:+VERS-TLS1.1:+AES-256-CBC:+RSA:+SHA1:+COMP-NULL GnuTLSCertificateFile /path/to/certificate.crt GnuTLSKeyFile /path/to/certificate.key <Directory "/var/www/x/base"> </Directory> Basic .htaccess file AddDefaultCharset utf-8 Options FollowSymLinks +MultiViews RewriteEngine on RewriteRule ^api/$ /index.php.utf8.fr?v=4 [L,NC,R] RewriteRule ^contrib/$ /index.php.utf8.fr?v=2 [L,NC,R] RewriteRule ^coop/$ /index.php.utf8.fr?v=3 [L,NC,R] RewriteRule ^crowd/$ /index.php.utf8.fr?v=2 [L,NC,R] RewriteRule ^([^/]*)/([^/]*)$ /static.php.utf8.fr?VALUEONE=$2&VALUETWO=$1 [L] So my quesiton is whats wrong , what do i have missing is there extra settings that i need to kill from the apache default . in order to be sure all parts are using utf-8 at all time, and that my mod_rewrite rules work with accent Thank you all in advance for your help, I will follow this question closely , to add any needed information.

    Read the article

  • Get OWA and ActiveSync working on server using HTTP redirect in IIS 7

    - by eric
    We have two servers on our LAN. One is a Windows 2003 Server domain controller running Exchange 2003. The other is a stand-alone Windows 2008 server running IIS 7. Our company website runs on the IIS 7 (2008) server, so the firewall forwards port 80 to this. How can I get OWA and ActiveSync to work with this setup? And without using SSL. I have tried setting up a website on the IIS 7 box (mail.ourdomain.com) and using HTTP redirect to point to http://mailserver/exchange, but this doesn't work. Do we have to purchase an SSL certificate for this to work?

    Read the article

  • Improving server security [closed]

    - by Vicenç Gascó
    I've been developing webapps for a while ... and I always had a sysadmin which made the environment perfect to run my apps with no worries. But now I am starting a project on myself, and I need to set up a server, knowing near to nothing about it. All I need to do is just have a Linux, with a webserver (I usually used Apache), PHP and MySQL. I'll also need SSH, SSL to run https:// and FTP to transfer files. I know how to install almost everything (need advice about SSL) with Ubuntu Server, but I am concerned about the security topic ... say: firewall, open/closed ports, php security, etc ... Where can I found a good guide covering this topics? Everything else in the server... I don't need it, and I wanna know how to remove it, to avoid resources consumption. Final note: I'll be running the webapp at amazon-ec2 or rackspace cloud servers. Thanks in advance!!

    Read the article

  • Apache server-status when running as proxy server

    - by f-z-N
    We are running apache as a proxy server and have tomcat behind apache. We are using server_status module but when we try to access server_status as in https://host.com/server-status it redirects to tomcat and we get 404 error. I am quite new to this, tried going through apache docs but unable to figure out the solution. Fyi.We have ssl enabled Current ssl.conf settings: ProxyRequests Off ProxyPreserveHost On <Proxy http://localhost:8081/*> Order deny,allow Allow from all </Proxy> ProxyPass / http://localhost:8081/ ProxyPassReverse / http://localhost:8081/ ProxyPassReverse / http://myhost:8081/ <Location /server-status> SetHandler server-status Order deny,allow Deny from all Allow from 10.90 </Location>

    Read the article

  • How to configure remote access to multiple subnets behind a SonicWALL NSA 2400

    - by Kyle Noland
    I have a client that uses a SonicWALL NSA 2400 as their firewall. I need to setup a second LAN subnet for a handful of PC. Management has decided that there should be a second subnet even though intend to allow access across the two subnets - I know... I'm having trouble getting communication across the 2 subnets. I can ping each gateway, but I cannot ping or seem to route traffic fron subnet A to subnet B. Here is my current setup: X0 Interface: LAN zone with IP addres 192.168.1.1 X1 Interface: WAN zone with WAN IP address X2 Interface: LAN zone with IP address 192.168.75.1 I have configured ARP and routes for the secondar subnet (X2) according to this SonicWALL KB article: http://www.sonicwall.com/downloads/supporting_multiple_firewalled_subnets_on_sonicos_enhanced.pdf using "Example 1". At this point I don't minding if I have to throw the SonicWALL GVC software VPN client into the mix to make it work. It feel like I have an Access Rule issue, but for testing I made LAN LAN, WAN LAN and VPN LAN rules wide open with the same results.

    Read the article

  • Postgresql by network

    - by sev
    I have running PostgreSQL sever on 192.168.0.102:5432. postgresql.conf has this line: listen_addresses = '*' and pg_hba.conf has this one: host all all 127.0.0.1/32 trust I have Rails app with same config/database.yml development: adapter: postgresql host: 192.168.0.102 port: 5432 encoding: unicode database: test pool: 5 username: test password: But when I run rake db:migrate I get (I run this from 192.168.0.100) FATAL: no pg_hba.conf entry for host "192.168.0.100", user "test", database "postgres", SSL on FATAL: no pg_hba.conf entry for host "192.168.0.100", user "test", database "postgres", SSL off ... Who can help with this?

    Read the article

  • CentOS openLDAP cert trust issues

    - by 84104
    # LDAPTLS_CACERTDIR=/etc/ssl/certs/ ldapwhoami -x -ZZ -H ldaps://ldap.domain.tld ldap_start_tls: Can't contact LDAP server (-1) additional info: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user. # openssl s_client -connect ldap.domain.tld:636 -CApath /etc/ssl/certs <... successful tls negotiation stuff ...> Compression: 1 (zlib compression) Start Time: 1349994779 Timeout : 300 (sec) Verify return code: 0 (ok) --- openssl seems to think the certificate is fine, but openldap's libraries (pam_ldap exhibits similar behavior, which is how I got on to this mess) disagree. What am I doing wrong?

    Read the article

  • windows php curl install : recommend a good site?

    - by phill
    So I'm struggling to get php curl installed on my windows xp professional machine and I've probably tried 5 different sites which either dont' work or refers to missing file references like the ca certificates and such. I'm looking to write a php script which logs into a site ssl, captures the page data using regex and emailing it to me. Before I can get there, I need ssl curl. I was wondering if someone can recommend a better site or tutorial which effectively walks me through that step by step. thanks in advance.

    Read the article

  • EC2-like virtualisation platform with non-RDP access

    - by code'
    I'm looking into setting up a few small VMs. The trouble is the software I intend to install on them (Cisco VPN Client) blocks out networking (other than to the target VPN destination...) with no workaround. This means that Remote Desktop or other methods of connecting to VMs that go via the Internet (e.g. GoToMyPC, LogMeIn) are a non-starter. What I'm really looking for is an EC2-like platform but which gives direct access to the VM through (for example) Hyper-V Manager. Sadly the only way they all seem to offer to remote control the VMs is direct access via Remote Desktop, whereas I need to be one layer above that (if that makes sense). A viable alternative would be to run virtualisation software within a Windows EC2 instance; obviously hardware virtualisation is impossible but I wonder if there are any software virtualisation platforms that could be run and that would work. Does anyone know if something like this exists/is possible? Thanks! C

    Read the article

  • Listing the routing table takes long time to complete

    - by Rafal Rawicki
    When I print routes defined on my computer using route, it takes about 5 to 20 seconds to complete. Why does it take so much time? With VPN enabled: $ time sudo route Kernel IP routing table (...) real 0m21.423s user 0m0.000s sys 0m0.012s With no VPN, this is about 5 seconds - still, computer can do a lot in this time. I've repeated my measurements few times, getting very similar results each try. My machine is Ubuntu with 3.0.0 kernel, but as far as I know, route on the other computers works the same way.

    Read the article

  • Securing RDP access to Windows Server 2008 R2: is Network Level Authentication enough?

    - by jamesfm
    I am a dev with little admin expertise, administering a single dedicated web server remotely. A recent independent security audit of our site recommended that "RDP is not exposed to the Internet and that a robust management solution such as a VPN is considered for remote access. When used, RDP should be configured for Server Authentication to ensure that clients cannot be subjected to man-in-the-middle attacks." Having read around a bit, it seems like Network Level Authentication is a Good Thing so I have enabled the "Allow connections only from Remote Desktop with NLA" option on the server today. Is this acion enough to mitigate the risk of a Man-in-the-Middle attack? Or are there other essential steps I should be taking? If VPN is essential, how do I go about it?

    Read the article

  • LinkSys WRT54GL + AM200 in half-bridge mode - Setup guide recommendations?

    - by Peter Mounce
    I am basically looking for a good guide on how to set up my home network with this set of hardware. I need: Dynamic DNS Firewall + port-forwarding VPN Wake-on-LAN from outside firewall VOIP would be nice QoS would be nice (make torrents take lower priority to other services when those other services are happening) DHCP Wireless + WPA2 security Ability to play multiplayer computer games I am not a networking or computing neophyte, but the last time I messed with network gear was a few years ago, so am needing to dust off knowledge I kinda half have. I have read that I should be wanting to set up the AM200 in half-bridge mode, so that the WRT54GL gets the WAN IP - this sounds like a good idea, but I'd still like to be advised. I have read that the dd-wrt firmware will meet my needs (though I gather I'll need the vpn-specific build, which appears to preclude supporting VOIP), but I'm not wedded to using it. My ISP supplies me with: a block of 8 static IPs, of which 5 are usable to me a PPPoA ADSL2+ connection

    Read the article

  • Declaring multiple ports for the same VirtualHosts

    - by user65567
    Declare multiple ports for the same VirtualHosts: SSLStrictSNIVHostCheck off # Apache setup which will listen for and accept SSL connections on port 443. Listen 443 # Listen for virtual host requests on all IP addresses NameVirtualHost *:443 <VirtualHost *:443> ServerName domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/domain/public" <Directory "/Users/<my_user_name>/Sites/domain/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> How can I declare a new port ('listen', ServerName, ...) for 'domain.localhost'? If I add the following code, apache works (too much) also for all other subdomain of 'domain.localhost' (subdomain1.domain.localhost, subdomain2.domain.localhost, ...): <VirtualHost *:80> ServerName pjtmain.localhost:80 DocumentRoot "/Users/Toto85/Sites/pjtmain/public" RackEnv development <Directory "/Users/Toto85/Sites/pjtmain/public"> Order allow,deny Allow from all </Directory> </VirtualHost>

    Read the article

  • openvpn and virtualbox

    - by hyperboreean
    Hi guys, I have a linux machine on which I occasionally run Windows XP in Virtual Box. All runs wonderful, except for the openvpn in XP, which can't connect to the vpn server running on a remote machine. The vpn client works from linux ... as far as I read until now it seems to be a problem of port forwarding ... I keep getting this error: TCP/UDP: Incoming packet rejected from 10.0.2.2:1194, expected peer address: (allow this incoming source address/port by removing --remote or adding --float) , but have no idea how to fix it.

    Read the article

  • Can I increase the link speed of the RAS Server on our MS Win2k3 box?

    - by Ducain
    We are running a Win2K3 Server box, and I'm a remote employee that connects via VPN. I've been frustrated for some time by the connection speed over the VPN (the office HQ has a decent speed and I have a biz class connection here), and decided to do some checking today. This morning, I was dialed in and looked at the networking tab of the task manager, and I see that the adapter for the RAS Server (the box has 4 Gigabit adapters) has a speed that seems far too low. The speed for the RAS Server link hovers between 300 - 600 Kbps. The local connection (and others) all say 1 Gbps. Can I set this to a higher speed? Is this information accurate? Thanks for the input.

    Read the article

  • LinkSys WRT54GL + AM200 in half-bridge mode - UK setup guide recommendations?

    - by Peter Mounce
    I am basically looking for a good guide on how to set up my home network with this set of hardware. I need: Dynamic DNS Firewall + port-forwarding VPN Wake-on-LAN from outside firewall VOIP would be nice QoS would be nice (make torrents take lower priority to other services when those other services are happening) DHCP Wireless + WPA2 security Ability to play multiplayer computer games I am not a networking or computing neophyte, but the last time I messed with network gear was a few years ago, so am needing to dust off knowledge I kinda half have. I have read that I should be wanting to set up the AM200 in half-bridge mode, so that the WRT54GL gets the WAN IP - this sounds like a good idea, but I'd still like to be advised. I have read that the dd-wrt firmware will meet my needs (though I gather I'll need the vpn-specific build, which appears to preclude supporting VOIP), but I'm not wedded to using it. I live in the UK and my ISP supplies me with: a block of 8 static IPs, of which 5 are usable to me a PPPoA ADSL2+ connection

    Read the article

  • LinkSys WRT54GL + AM200 in half-bridge mode - UK setup guide recommendations?

    - by Peter Mounce
    Crossposted from here I am basically looking for a good guide on how to set up my home network with this set of hardware. I need: Dynamic DNS Firewall + port-forwarding VPN Wake-on-LAN from outside firewall VOIP would be nice QoS would be nice (make torrents take lower priority to other services when those other services are happening) DHCP Wireless + WPA2 security Ability to play multiplayer computer games I am not a networking or computing neophyte, but the last time I messed with network gear was a few years ago, so am needing to dust off knowledge I kinda half have. I have read that I should be wanting to set up the AM200 in half-bridge mode, so that the WRT54GL gets the WAN IP - this sounds like a good idea, but I'd still like to be advised. I have read that the dd-wrt firmware will meet my needs (though I gather I'll need the vpn-specific build, which appears to preclude supporting VOIP), but I'm not wedded to using it. I live in the UK and my ISP supplies me with: a block of 8 static IPs, of which 5 are usable to me a PPPoA ADSL2+ connection

    Read the article

  • Connect ADSL modem SMC7904WBRA-N to CISCO RV082

    - by Cy.
    I have a SMC7904WBRA-N ADSL modem/router that connects to the internet with a static IP given by the provider. I've received a RV082 to create a VPN connection which is having problems to connect to the remote VPN Server. After many tries we deduced that the SMC7904WBRA-N is being problematic with the NAT and I have been suggested to put the SMC router into the appropriate DSL bridging mode so the RV082 gets direct access to internet with the static IP. Can you give me any hints on how could this be done? Which mode is that?

    Read the article

  • Load balancing with Cisco router

    - by you8301083
    I have a Cisco router with two bonded T1's which are setup as a VPN to the main office. We need more bandwidth but can't get other connections (or it's too costly), so I would like to have a dsl connection installed. This DSL connection will run over a VPN to the same main office, but it won't be bonded with the T1's - so it won't act as a single connection. Since the three circuits won't act as a single connection (basically would be two connections 2 T1's + 1 DSL) we would have to split the network in half - but I don't want to do that. Instead, would it be possible to send all HTTP/HTTPS over the DSL connection but send all mission critical data (such as voice/active directory) over the T1's? I basically want to send specific ports over DSL and everything else over the T1's without separating half of the users traffic over the DSL and the rest over the T1's.

    Read the article

  • Is it possible to rewrite some query strings to HTTPS and keep everything else on HTTP?

    - by Matt
    I'm rewriting query strings to pretty URIs, example: index.php?q=/en/contact becomes /en/contact and all works nicely.. # httpd.conf # HANDLE THE QUERY RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] Is it even possible to rewrite single queries to force https and force everything else onto http? I've tried many different approaches that typically end in infinate loops. I could write a plugin to do this in PHP but figured it would be more effecient to handle this in the server conf. I'd be greatful for any advice. EDIT: To clarify, I'd like to be able to rewrite the non SSL http://example.com/index.php?q=/en/contact to the SSL enabled https://example.com/en/contact and every query that is not /en/contact get written to http://example.com/...

    Read the article

  • CentOS - Configuring Puppet to play nice with SELinux

    - by Mike Purcell
    I am running into an issue every time I attempt to start the puppetmasterd service, for which I receive the following error message: root@service1 ~ # -> /etc/init.d/puppetmaster start Starting puppetmaster: Could not prepare for execution: Got 1 failure(s) while initializing: change from absent to directory failed: Could not set 'directory on ensure: Permission denied - /etc/puppet/ssl [FAILED] Apparently there was a known issue with this scenario as outlined in this bug report, however in the bug report it states the issue has been resolved in selinux-policy-3.9.16-29.fc15, but the latest CentOS default upstream version is 3.7.19-155.el6_3.4. So I am trying to figure out the best solution. I can either create a local security policy to allow puppetmasterd the access it needs, or keep researching and install a newer version of selinux-policy outside of the default upstream channel. Anyone have any recommendations? Please don't recommend disabling SELinux... ----- Update ----- Here is the puppet.conf: [main] # The Puppet log directory. # The default value is '$vardir/log'. logdir = /var/log/puppet # Where Puppet PID files are kept. # The default value is '$vardir/run'. rundir = /var/run/puppet # Where SSL certificates are kept. # The default value is '$confdir/ssl'. ssldir = $vardir/ssl [master] certname=puppetmaster.ownij.lan dns_alt_names=puppetmaster.ownij.lan [agent] # The file in which puppetd stores a list of the classes # associated with the retrieved configuratiion. Can be loaded in # the separate ``puppet`` executable using the ``--loadclasses`` # option. # The default value is '$confdir/classes.txt'. classfile = $vardir/classes.txt # Where puppetd caches the local configuration. An # extension indicating the cache format is added automatically. # The default value is '$confdir/localconfig'. localconfig = $vardir/localconfig server=puppetmaster.ownij.lan And here are the denials per the audit log: type=AVC msg=audit(1349751364.985:666): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751364.985:666): arch=c000003e syscall=4 success=no exit=-13 a0=1391420 a1=7fffef09ed10 a2=7fffef09ed10 a3=120c500 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751365.302:667): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751365.302:667): arch=c000003e syscall=4 success=no exit=-13 a0=1d18530 a1=7fffef0d04d0 a2=7fffef0d04d0 a3=8 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751365.465:668): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751365.465:668): arch=c000003e syscall=4 success=no exit=-13 a0=1af3930 a1=7fffef0c5c70 a2=7fffef0c5c70 a3=8 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751365.467:669): avc: denied { search } for pid=15093 comm="puppetmasterd" name="/" dev=dm-2 ino=2 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:home_root_t:s0 tclass=dir type=SYSCALL msg=audit(1349751365.467:669): arch=c000003e syscall=4 success=no exit=-13 a0=1b17aa0 a1=7fffef0c5c70 a2=7fffef0c5c70 a3=8 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) type=AVC msg=audit(1349751366.401:670): avc: denied { write } for pid=15093 comm="puppetmasterd" name="puppet" dev=dm-0 ino=132035 scontext=unconfined_u:system_r:puppetmaster_t:s0 tcontext=system_u:object_r:puppet_etc_t:s0 tclass=dir type=SYSCALL msg=audit(1349751366.401:670): arch=c000003e syscall=83 success=no exit=-13 a0=2d7a400 a1=1f9 a2=2d7a40f a3=7fffef0a6df0 items=0 ppid=15092 pid=15093 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=13 comm="puppetmasterd" exe="/usr/bin/ruby" subj=unconfined_u:system_r:puppetmaster_t:s0 key=(null) And the audit log if I pass through audit2allow: root@service1 ~ # -> fgrep puppetmasterd /var/log/audit/audit.log | audit2allow -m puppetmasterd module puppetmasterd 1.0; require { type home_root_t; type puppetmaster_t; type puppet_etc_t; type puppet_var_run_t; type httpd_sys_content_t; class lnk_file { relabelfrom relabelto }; class file { relabelfrom read getattr open }; class dir { write read search getattr setattr }; } #============= puppetmaster_t ============== allow puppetmaster_t home_root_t:dir { search getattr }; allow puppetmaster_t httpd_sys_content_t:dir read; allow puppetmaster_t httpd_sys_content_t:file { read getattr open }; #!!!! The source type 'puppetmaster_t' can write to a 'dir' of the following types: # puppet_log_t, puppet_var_lib_t, puppet_var_run_t, puppetmaster_tmp_t allow puppetmaster_t puppet_etc_t:dir { write setattr }; allow puppetmaster_t puppet_etc_t:lnk_file { relabelfrom relabelto }; allow puppetmaster_t puppet_var_run_t:file relabelfrom;

    Read the article

  • Routing and Remote Access Service won't start after full disk

    - by NKCSS
    The HDD of the server was out of disk space, and after a reboot, RRAS won't start anymore on my 2008 R2 server. Error Details: Log Name: System Source: RemoteAccess Date: 2/5/2012 9:39:52 PM Event ID: 20153 Task Category: None Level: Error Keywords: Classic User: N/A Computer: Windows14111.<snip> Description: The currently configured accounting provider failed to load and initialize successfully. The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="RemoteAccess" /> <EventID Qualifiers="0">20153</EventID> <Level>2</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2012-02-05T20:39:52.000Z" /> <EventRecordID>12148869</EventRecordID> <Channel>System</Channel> <Computer>Windows14111.<snip></Computer> <Security /> </System> <EventData> <Data>The connection was prevented because of a policy configured on your RAS/VPN server. Specifically, the authentication method used by the server to verify your username and password may not match the authentication method configured in your connection profile. Please contact the Administrator of the RAS server and notify them of this error.</Data> <Binary>2C030000</Binary> </EventData> </Event> I think it has something to do with a corrupt config file, but I am unsure of what to do. I Removed the RRAS role, rebooted, and re-added, but it keeps failing with the same error. Thanks in advance. [UPDATE] If i set the accounting provider from 'Windows' to '' the service starts but VPN won't work. Any ideas how this can be repaired?

    Read the article

  • Locking down remote desktop using AD GPO

    - by Brettski
    I am currently locking down a companies remote desktop access via a VPN. What I need to do is disable remote printing, file transfer and clipboard via active directory for the workstations that will be accessed. I am having trouble figuring out which GPO's are used to restrict this. My basic approach is to restrict VPN users to port 3389 so the will be able to access their work computers remotely but nothing else (I will look into layer 7 scanning later). With this I want to ensure they are unable to transfer and data via files, printing or the clipboard. The environment is Windows Server 2003

    Read the article

  • iPlanet Authentication provider

    - by Travis
    Good day. I have stepped into project that requires a server migration that would change the means of authentication for our CAC/PKI SSL enabled website. We are using iPlanet 7 and Oracle Directory Server Enterprise 7 as our LDAP server. The situation is that the site is still CAC/PKI enabled, but at the firewall. The information we want to authenticate against is now in the http header. How do I configure iPlanet and LDAP to authenticate against the header instead of SSL? Thanks. Edit, Can this be done with IIS keeping the Directory Server EE LDAP in tact or is the ACL iPlanet only?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 134 135 136 137 138 139 140 141 142 143 144 145  | Next Page >