Search Results

Search found 527 results on 22 pages for 'wpa2 aes'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 15/22 | < Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >

  • Dlink DWA-643 ExpressCard / Atheros AR5008 can't connect to wifi networks

    - by Justin Kelly
    I've just purchased a D-Link DWA-643 Xtreme N ExpressCard Notebook Adapter - but it can't connect to my wireless network The card is listed on the FSF website and - refer links below: http://www.fsf.org/resources/hw/index_html/net/wireless/index_html/cards.html http://www.dlink.com.au/products/?pid=550 Ubuntu see the card as using the Atheros AR5008 chipset - refer image below The card lights up and I can see that available wifi networks using this card - so it seems to 'just work' on ubuntu 12.04 but when i try and connect to my networks - it fails I've tried setting the network to all the different options (WEP, WPA2, no encryption, etc.. b/g/n ) but ubuntu sill cant connect to it I've also installed wicd but still couldn't connect Has anyone got a DWA-643 to work in Ubuntu? Or does anyone have any suggestion on how to get it to connect?? Any help would be greatly appreciated Note: the laptop has built in wifi but its broadcom, works but with dialup speed connection - and i've had nothign but trouble using the boardcom drivers so purchased the FSF recommended PCI expresscard as i hoped it would 'just work' on the latest Ubuntu i've have tried to disable the built in wifi - broadcom - but even with the broadcom uninstall and unavailable it didnt help the dlink to connect previously I had MAC address filtering on the router - i've added the dlinks MAC - and also disabled MAC address filtering - still no luck lspci output below: 18:00.0 Network controller: Atheros Communications Inc. AR5008 Wireless Network Adapter (rev 01) Subsystem: D-Link System Inc Device 3a6f Flags: bus master, fast devsel, latency 0, IRQ 18 Memory at e4000000 (64-bit, non-prefetchable) [size=64K] Capabilities: [40] Power Management version 2 Capabilities: [50] MSI: Enable- Count=1/1 Maskable- 64bit- Capabilities: [60] Express Legacy Endpoint, MSI 00 Capabilities: [90] MSI-X: Enable- Count=1 Masked- Capabilities: [100] Advanced Error Reporting Capabilities: [140] Virtual Channel Kernel driver in use: ath9k Kernel modules: ath9k

    Read the article

  • Can't connect to or see my wifi ssid

    - by ant
    Today I installed ubuntu 12.04 on my laptop. I am unable to see my home SSID or even connect to it. I've tried to connect as a hidden SSID but I always get prompted for authorization although my key is correct. I'm in in Europe but my laptop is from US. I'm not sure if that is relevant. I've read around this site and saw something that has to do with setting the channel above 11. I'm not sure I did that correctly I did this : How to use Wi-Fi channels above 11? Did't help. I'm able to connect with cable but not via wifi either windows or linux. Other devices in my home can connect without any issues, even the kindle. Here is the screenshot from my router : Here is some additional info : lspci | grep -i network 08:00.0 Network controller: Qualcomm Atheros AR9285 Wireless Network Adapter (PCI-Express) (rev 01) lspci -nnk | grep -A2 0280 08:00.0 Network controller [0280]: Qualcomm Atheros AR9285 Wireless Network Adapter (PCI-Express) [168c:002b] (rev 01) Subsystem: Hewlett-Packard Company U98Z062.10 802.11bgn Wireless Half-size Mini PCIe Card [103c:303f] Kernel driver in use: ath9k m-tool NetworkManager Tool State: connected (global) Device: wlan0 ---------------------------------------------------------------- Type: 802.11 WiFi Driver: ath9k State: disconnected Default: no HW Address: 90:4C:E5:38:79:0D Capabilities: Wireless Properties WEP Encryption: yes WPA Encryption: yes WPA2 Encryption: yes I'm not sure what to do next. Any suggestions?

    Read the article

  • 12.04 GPU lockup

    - by soandos
    I was able to install Ubuntu 12.04 using the alternative version of the image, (64 bit) but when I start the system it tells me the GPU locked up, and instead presents a text only screen. I understand that this site is not for bug reports, but at the same time, I know that there are some versions of the installer than have to be compatible with my graphics card (Nvidia GTS 360M). I assumed that the mere fact that the alternative installer ran was an indication that I could get some sort of graphical interface running after the install. Is there some way of getting some type of graphical interface running on my machine? Even better would be is there a way to get the rest of the system running as normal (i.e. GPU up and running)? If an internet connection is required to download driver support or something similar, directions for how to configure a wireless connection with WPA2-Personal protection from the text-only interface (bash). Any help would be appreciated. Note: I was able to find this which tells me that the card is supported. Note 2: In the install software stage of the install, I was unable to install anything (no internet connection) Update: The exact error message is [8.591394] [drm] 0000:01:00.0: GPU Lockup - switching to software fbcon Update 2: If I try to install with the regular version of Ubuntu, the screen goes staticy. This also happens if I install with Wubi (distasteful I know) and then try to use Ubuntu. Update 3: I've tried xforcevesa, nomodeset and xforcevesa nomodeset as my wubi boot options. Update 4: Thanks to jokerdino, I can now connect to the internet, so internet tools would now be a possibility.

    Read the article

  • Connecting to wireless networks from command line

    - by Balaji
    I need to write a shell script which connects to one of the two available wi-fi connections. One is a un secure connection and the other is secure connection. My question has 2 parts- 1.How to connect to the un-secure (un-encrypted and no password required) connection from command line (or by executing a shell script) when I'm connected to the secure connection? I followed the steps in http://www.ubuntugeek.com/how-to-troubleshoot-wireless-network-connection-in-ubuntu.html for in-secure connection. I put all the commands in a script and executed it (I made sure that interface name and essid are correct) - sudo dhclient -r wlan0 - sudo ifconfig wlan0 up - sudo iwconfig wlan0 essid "UAPublic" - sudo iwconfig wlan0 mode Managed - sudo dhclient wlan0 But nothing happens - I'm not disconnected from the current network and connected to the new one 2.When I want to connect to the secure wi-fi network, I understand from http://askubuntu.com/a/138476/70665 that I need to use wpa_supplicant. But I enter a lot of details in the interface when I connect via UI security : wpa and wpa2 enterprise Authentication : PEAP CA certificate : Equifax... PEAP version : automatic inner authentication : MSCHAPv2 username : password : How to use wpa_supplicant to mention all these details in the command line? The conf file network={ ssid="ssid_name" psk="password" } doesn't work for me.

    Read the article

  • How to connect to my own WiFi using Broadcom STA drivers?

    - by Chris
    I'm trying hard to switch to Linux from Windows because of my engineering project. Unfortunately, everything is against that change! Before I have installed Broadcom STA proprietary drivers, I was seeing on NetworkManager and nm-applet only local radio-internet-access networks. After I installed Broadcom STA, I see my neighbor's wireless network (channel 11, WEP) Neither before nor after the installation is own wireless network available. Computer: Asus Lamborghini VX6 Ubuntu: 12.04 LTS 64-bit Router: ASUS N55U (A1) with newest AsusWRT firmware Network: Channel 5 (tried also 10 and 11, both on 20 and 40MHz bands), WPA2 Personal, 2,4 + 5 GHz (what is not very important, 'cause the wlan card in VX6 is only 2,4GHz). Network works fine on Windows, also through D-Link repeater on the other floor. Unfortunately, same network is invisible to Ubuntu on same machine. I have tried some combinations with other GUIs but it did not work. Are there any better drivers for Ubuntu? I need that network badly, but I'm an Ubuntu newbie, so I don't know how to solve that problem. Please help.

    Read the article

  • ubuntu 12.10 Lenovo b570e, WiFi connected but not working

    - by koogee
    I'm running ubuntu 12.10 liveUSB on a lenovo b570e. It has an atheros wifi card that connects with my home network but I can't browse AT ALL. My network is multiple clients --> router --> isp modem --> Internet I can ping my router (192.168.0.1) but not my isp's modem(192.168.15.1). I have 3 other computers connected to the same router that are working fine (infact i'm posting from one) ping -c 3 google.com unknown host google.com ping -c 3 8.8.8.8 shows 100% packet loss I think its some networking issue. I tried directly connecting it to the router via ethernet cable but same issue. It gets an ip, shows LAN connected but can't browse. If I connect it directly to the isp modem via ethernet cable it starts working fine. Connection Information shows: Interface: 802.11 wifi (wlan0) driver: ath9k security: wpa/wpa2 speed: 150mb/s ip: 192.168.0.106 broadcast: 192.168.0.255 subnet:255.255.255.0 default route: 192.168.0.1 primary dns: 192.168.15.1 i have restarted the router and modem many times. Rebooted the LiveUSB many times.

    Read the article

  • How to prevent Network Manager from auto creating network connection profiles with "available to everyone" by default

    - by airtonix
    We have several laptops at work which use Ubuntu 11.10 64bit. I have our Wifi Access Point requiring WPA2-EAP Authentication (backed by a LDAP server). I have the staff using these laptops when doing presentations by using the Guest Account. So by default when you have a wifi card, network manager will display available Wireless Access Points. So the logical course of action for a Novice(tm) user is to single left click the easy to use option in the Network Manager drop down list... At this point the Staff Member (who is logged in with the guest account) expects to just be able to connect and enter any authentication details if required. But because they are using the Guest account, they won't ever have admin permissions (nor do I want them to), and so PolKit kicks in with a request for admin authorisation. I solved this part by modifying the PolKit permissions required to allow all users to create System Network Connections... However, because these Staff members are logging onto the Wifi Access Point with Ldap Credentials and because the Network Manager is now saving those credentials as a System Connection, their password is available for the next guest user session (because system connection profiles are stored in /etc/NetworkManager/system-connections.d/* ). It creates system connections by default because "Available to all users" is ticked by default when you quickly connect to a new wifi access point. I want Network Manager to not tick this by default. This way I can revert the changes I made to Polkit and users network connection profiles will be purged when they log out.

    Read the article

  • Upgrade from 10.04 to 10.10 on netbook: now or later?

    - by jbatista
    I began with installing 9.04 in a netbook (Asus EeePC 1000H), upgraded to 9.10 and have now Lucid Lynx 10.04 (LTS). Most things tested run pretty good, with the most notable exception being wireless network due to the hardware which I first tested after the last major upgrade and a few times before giving up (failed to maintain connection to WPA2 networks). Other nuisances are not as important (e.g. some hotkeys work, a couple of them don't), but given that most everything works I'm concerned with doing an upgrade to find most things have been broken and I have to go back and dig up on how to get it to work... Once in a while, I look up for some posts elsewhere to read up on problems and to find out if they're tame enough to justify an upgrade to 10.10. I'm not in a rush, but I'm not interested in being too left behind some time from now that an upgrade becomes too costly or downright impossible (many things formatted too differently). I'm not even sure if it's possible to "easily" upgrade from LTS to LTS release... Therefore I ask if it's (in principle) possible to skip releases and only do a major upgrade much later on. For example, is it possible (or advisable) to do an upgrade only when the next LTS comes out (a couple of years from now)? Or is it preferable not to skip releases at all?

    Read the article

  • OpenVPN on Android TCP retransmissions after OpenVPN server reboot

    - by anogaki
    I raised OpenVPN on server for the first time. It worked fine until the server rebooted. The firewall configuration is unchanged. When I tcpdump from tun interface on the server, I always get TCP retransmissions on all TCP packets larger than a few bytes in Android. Using a similar(read: same) configuration on my Linux box from where I'm posting this message now works just fine; no retransmissions, no loss. It did work just fine before the server rebooted. What could possibly cause this? I already tried rebooting Android, it didn't help. Client configuration, used on both Linux PC and Android tablet: dev tun client remote 192.168.0.1 persist-key persist-tun nobind pkcs12 user.p12 mssfix 1480 cipher AES-256-CBC verb 3 1480 is below the mtu of uplink connection on server which is 1492. I tried adding tun-mtu 1480 to Android but that didn't help either.

    Read the article

  • All traffic is passed through OpenVPN although not requested

    - by BFH
    I have a bash script on a Ubuntu box which searches for the fastest openvpn server, connects, and binds one program to the tun0 interface. Unfortunately, all traffic is being passed through the VPN. Does anybody know what's going on? The relevant line follows: openvpn --daemon --config $cfile --auth-user-pass ipvanish.pass --status openvpn-status.log There don't seem to be any entries in iptables when I enter sudo iptables --list. The config files look like this: client dev tun proto tcp remote nyc-a04.ipvanish.com 443 resolv-retry infinite nobind persist-key persist-tun persist-remote-ip ca ca.ipvanish.com.crt tls-remote nyc-a04.ipvanish.com auth-user-pass comp-lzo verb 3 auth SHA256 cipher AES-256-CBC keysize 256 tls-cipher DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA There is nothing in there that would direct everything through tun0, so maybe it's a new vagary of Ubuntu? I don't remember this happening in the past.

    Read the article

  • How good is PDF password protection?

    - by Tim
    It appears that Word's password protection is not really good, at least until Office 2003, if I read this SU entry correctly. I'm under the impression that Acrobat's PDF password protection should be better (it says 128-bit AES for Acrobat 7 and higher). Is that true? Of course, it depends on the strength of the password used, but assuming I protect my PDF with a password like sd8Jf+*e8fh§$fd8sHä, am I on the safe side? Like, say, for sending confidential patient information - not really valuable, but potentially highly sensitive.

    Read the article

  • Connecting a LAN to an OpenVPN server via a windows 7 client gateway

    - by user705142
    I've got OpenVPN set up between my windows 7 client and linux server. The goal is that I'll get secure access to a webapp running on the server from any computer on the client LAN. I'm using ccd to assign static ip addresses to each client connection, with key authentication. It's working on my client machine (10.83.41.9), and when you go to the gateway IP address (10.83.41.1), it loads up the webapp. Now I really need the other computers on the client LAN to be able to connect to the webapp as well, via the windows machine. The client has a static IP address of 192.168.2.100 on the LAN, and I've enabled IP forwarding in windows (confirmed by ipconfig /all). In my router I've forwarded 10.83.41.1 / 255.255.255.255 to 192.168.2.100. In server.conf I have.. route 192.168.2.0 255.255.255.0 And in the office ccd.. ifconfig-push 10.83.41.9 10.83.41.10 iroute 192.168.2.0 255.255.255.0 The client log is as follows: Thu Mar 15 20:19:56 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011 Thu Mar 15 20:19:56 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Thu Mar 15 20:19:56 2012 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file Thu Mar 15 20:19:56 2012 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 20:19:56 2012 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 20:19:56 2012 LZO compression initialized Thu Mar 15 20:19:56 2012 Control Channel MTU parms [ L:1558 D:166 EF:66 EB:0 ET:0 EL:0 ] Thu Mar 15 20:19:56 2012 Socket Buffers: R=[8192->8192] S=[64512->64512] Thu Mar 15 20:19:56 2012 Data Channel MTU parms [ L:1558 D:1450 EF:58 EB:135 ET:0 EL:0 AF:3/1 ] Thu Mar 15 20:19:56 2012 Local Options hash (VER=V4): '9e7066d2' Thu Mar 15 20:19:56 2012 Expected Remote Options hash (VER=V4): '162b04de' Thu Mar 15 20:19:56 2012 UDPv4 link local: [undef] Thu Mar 15 20:19:56 2012 UDPv4 link remote: 111.65.224.202:1194 Thu Mar 15 20:19:56 2012 TLS: Initial packet from 111.65.224.202:1194, sid=ceb04c22 8cc6d151 Thu Mar 15 20:19:56 2012 VERIFY OK: depth=1, /C=NZ/O=XXX./CN=XXX Thu Mar 15 20:19:56 2012 VERIFY OK: nsCertType=SERVER Thu Mar 15 20:19:56 2012 VERIFY OK: depth=0, /C=NZ/O=XXX./CN=XXX Thu Mar 15 20:19:56 2012 Replay-window backtrack occurred [1] Thu Mar 15 20:19:56 2012 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Thu Mar 15 20:19:56 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 20:19:56 2012 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Thu Mar 15 20:19:56 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Thu Mar 15 20:19:56 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Thu Mar 15 20:19:56 2012 [server] Peer Connection Initiated with 111.65.224.202:1194 Thu Mar 15 20:19:58 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Thu Mar 15 20:19:59 2012 PUSH: Received control message: 'PUSH_REPLY,route 10.83.41.1,topology net30,ping 10,ping-restart 120,ifconfig 10.83.41.9 10.83.41.10' Thu Mar 15 20:19:59 2012 OPTIONS IMPORT: timers and/or timeouts modified Thu Mar 15 20:19:59 2012 OPTIONS IMPORT: --ifconfig/up options modified Thu Mar 15 20:19:59 2012 OPTIONS IMPORT: route options modified Thu Mar 15 20:19:59 2012 ROUTE default_gateway=192.168.2.1 Thu Mar 15 20:19:59 2012 TAP-WIN32 device [OpenVPN] opened: \\.\Global\{B32D85C9-1942-42E2-80BA-7E0B5BB5185F}.tap Thu Mar 15 20:19:59 2012 TAP-Win32 Driver Version 9.9 Thu Mar 15 20:19:59 2012 TAP-Win32 MTU=1500 Thu Mar 15 20:19:59 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.83.41.9/255.255.255.252 on interface {B32D85C9-1942-42E2-80BA-7E0B5BB5185F} [DHCP-serv: 10.83.41.10, lease-time: 31536000] Thu Mar 15 20:19:59 2012 Successful ARP Flush on interface [45] {B32D85C9-1942-42E2-80BA-7E0B5BB5185F} Thu Mar 15 20:20:04 2012 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up Thu Mar 15 20:20:04 2012 C:\WINDOWS\system32\route.exe ADD 10.83.41.1 MASK 255.255.255.255 10.83.41.10 Thu Mar 15 20:20:04 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Thu Mar 15 20:20:04 2012 Route addition via IPAPI succeeded [adaptive] Thu Mar 15 20:20:04 2012 Initialization Sequence Completed From the other machines I can ping 192.169.2.100, but not 10.83.41.1. In the how-to, it mentions "Make sure your network interface is in promiscuous mode." as well. I can't find in the windows network config, so this may or may not be part of it. Ideally this would be achieved without any special configuration the other LAN computers. Not sure how far I'm going to get on my own at this point, any ideas? Is there something I'm missing, or anything I should need to know?

    Read the article

  • Chrome - SSL Security issue on Windows platforms?

    - by al nik
    Fortify.net is a service that displays what's the currently encryption key used by your browser in a https connection. If I browse this site with Chrome 4.1.249.1042 in WinXp SP3 the key used is RC4 cipher, 128-bit key This encryption is weak, and it's the one used by old browsers like IE6. Chrome works fine on Fedora9 and it uses AES cipher, 256-bit key as more modern browsers do (i.e.Firefox) I consider this a security issue. I'm considering to switch back to Firefox in Windows. Do you know if it's possible to change the default encryption key in Chrome?

    Read the article

  • Fingerprint of PEM ssh key

    - by Unknown
    I have a PEM file which I add to a running ssh-agent: $ file query.pem query.pem: PEM RSA private key $ ssh-add ./query.pem Identity added: ./query.pem (./query.pem) $ ssh-add -l | grep query 2048 ef:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX ./query.pem (RSA) My question is how I can get the key fingerprint I see in ssh-agent directly from the file. I know ssh-keygen -l -f some_key works for "normal" ssh keys, but not for PEM files. If I try ssh-keygen on the .pem file, I get: $ ssh-keygen -l -f ./query.pem key_read: uudecode PRIVATE KEY----- failed key_read: uudecode PRIVATE KEY----- failed ./query.pem is not a public key file. This key starts with: -----BEGIN RSA PRIVATE KEY----- MIIEp.... etc. as opposed to a "regular" private key, which looks like: -----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-128-CBC,E15F2.... etc.

    Read the article

  • Can't access shared drive when connecting over VPN

    - by evolvd
    I can ping all network devices but it doesn't seem that DNS is resolving their hostnames. ipconfig/ all is showing that I am pointing to the correct dns server. I can "ping "dnsname"" and it will resolve but it wont resolve any other names. Split tunnel is set up so outside DNS is resolving fine So one issue might be DNS but I have the IP address of the server share so I figure I could just get to it that way. example: \10.0.0.1\ well I can't get to it that way either and I get "the specified network name is no longer available" I can ping it but I can't open the share. Below is the ASA config : ASA Version 8.2(1) ! hostname KG-ASA domain-name example.com names ! interface Vlan1 nameif inside security-level 100 ip address 10.0.0.253 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address dhcp setroute ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive clock timezone EST -5 clock summer-time EDT recurring dns domain-lookup outside dns server-group DefaultDNS name-server 10.0.0.101 domain-name blah.com access-list OUTSIDE_IN extended permit tcp any host 10.0.0.253 eq 10000 access-list OUTSIDE_IN extended permit tcp any host 10.0.0.253 eq 8333 access-list OUTSIDE_IN extended permit tcp any host 10.0.0.253 eq 902 access-list SPLIT-TUNNEL-VPN standard permit 10.0.0.0 255.0.0.0 access-list NONAT extended permit ip 10.0.0.0 255.255.255.0 10.0.1.0 255.255.255.0 pager lines 24 logging asdm informational mtu inside 1500 mtu outside 1500 ip local pool IPSECVPN-POOL 10.0.1.2-10.0.1.50 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-621.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list NONAT nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) tcp interface 10000 10.0.0.101 10000 netmask 255.255.255.255 static (inside,outside) tcp interface 8333 10.0.0.101 8333 netmask 255.255.255.255 static (inside,outside) tcp interface 902 10.0.0.101 902 netmask 255.255.255.255 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy aaa authentication enable console LOCAL aaa authentication http console LOCAL aaa authentication serial console LOCAL aaa authentication ssh console LOCAL aaa authentication telnet console LOCAL http server enable http 10.0.0.0 255.255.0.0 inside http 0.0.0.0 0.0.0.0 outside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set myset esp-aes esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map dynmap 1 set transform-set myset crypto dynamic-map dynmap 1 set reverse-route crypto map IPSEC-MAP 65535 ipsec-isakmp dynamic dynmap crypto map IPSEC-MAP interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 crypto isakmp policy 65535 authentication pre-share encryption aes hash sha group 2 lifetime 86400 telnet 0.0.0.0 0.0.0.0 inside telnet timeout 5 ssh 0.0.0.0 0.0.0.0 inside ssh 70.60.228.0 255.255.255.0 outside ssh 74.102.150.0 255.255.254.0 outside ssh 74.122.164.0 255.255.252.0 outside ssh timeout 5 console timeout 0 dhcpd dns 10.0.0.101 dhcpd lease 7200 dhcpd domain blah.com ! dhcpd address 10.0.0.110-10.0.0.170 inside dhcpd enable inside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ntp server 63.111.165.21 webvpn enable outside svc image disk0:/anyconnect-win-2.4.1012-k9.pkg 1 svc enable group-policy EASYVPN internal group-policy EASYVPN attributes dns-server value 10.0.0.101 vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn split-tunnel-policy tunnelspecified split-tunnel-network-list value SPLIT-TUNNEL-VPN ! tunnel-group client type remote-access tunnel-group client general-attributes address-pool (inside) IPSECVPN-POOL address-pool IPSECVPN-POOL default-group-policy EASYVPN dhcp-server 10.0.0.253 tunnel-group client ipsec-attributes pre-shared-key * tunnel-group CLIENTVPN type ipsec-l2l tunnel-group CLIENTVPN ipsec-attributes pre-shared-key * ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect icmp ! service-policy global_policy global prompt hostname context I'm not sure where I should go next with troubleshooting nslookup result: Default Server: blahname.blah.lan Address: 10.0.0.101

    Read the article

  • OpenVPN Configuration - Windows 7 client & debian server

    - by Guillaume
    I recently formatted my Windows 7 computer and lost my client's config files for OpenVPN. I recovered the certificates and default config that were left on the server but I haven't managed to make the whole thing work again. I assume the server's config and routing table are OK because it was working before (although quite some time ago). Would any of you experts be able to help? server.conf # Serveur TCP/666 mode server proto udp port 666 dev tun # Cles et certificats ca ca.crt cert server.crt key server.key dh dh1024.pem tls-auth ta.key 0 cipher AES-256-CBC # Reseau server 10.8.0.0 255.255.255.0 #push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" push "redirect-gateway def1" keepalive 10 120 # Securite user nobody group nogroup chroot /etc/openvpn/jail persist-key persist-tun comp-lzo # Log verb 3 mute 20 status openvpn-status.log log-append /var/log/openvpn.log client.conf # Client client dev tun proto udp remote *my server's ip address*:666 cipher AES-256-CBC # Cles ca ca.crt cert client1.crt key client1.key tls-auth ta.key 1 # Securite nobind persist-key persist-tun comp-lzo verb 3 Routing table on debian server when OpenVPN server is running: Destination Gateway Genmask Indic Metric Ref Use Iface 10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0 my server's ip * 255.255.255.0 U 0 0 0 eth0 default 72815.trg.dedic 0.0.0.0 UG 0 0 0 eth0 Routing table on Windows 7 client (OpenVPN not working) =========================================================================== Interface List 19...00 f0 8a 1b 6e 5c ......TAP-Win32 Adapter V9 12...90 2e 34 33 84 7b ......Atheros AR8151 PCI-E Gigabit Ethernet Controller ( NDIS 6.20) 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.11 276 192.168.1.11 255.255.255.255 On-link 192.168.1.11 276 192.168.1.255 255.255.255.255 On-link 192.168.1.11 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.11 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.11 276 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: [...] =========================================================================== Persistent Routes: None And when the link is established between my client and the server: The server's routing table stays the same. The client's becomes: =========================================================================== Interface List 19...00 f0 8a 1b 6e 5c ......TAP-Win32 Adapter V9 12...90 2e 34 33 84 7b ......Atheros AR8151 PCI-E Gigabit Ethernet Controller ( NDIS 6.20) 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.11 20 0.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 30 10.8.0.4 255.255.255.252 On-link 10.8.0.6 286 10.8.0.6 255.255.255.255 On-link 10.8.0.6 286 10.8.0.7 255.255.255.255 On-link 10.8.0.6 286 my server's ip 255.255.255.255 192.168.1.1 192.168.1.11 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 128.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 192.168.1.0 255.255.255.0 On-link 192.168.1.11 276 192.168.1.11 255.255.255.255 On-link 192.168.1.11 276 192.168.1.255 255.255.255.255 On-link 192.168.1.11 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.11 276 224.0.0.0 240.0.0.0 On-link 10.8.0.6 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.11 276 255.255.255.255 255.255.255.255 On-link 10.8.0.6 286 =========================================================================== Persistent Routes: None What's working: Server and client do connect to each other, SSL certificates are OK. The client gets an IP (10.8.0.6) from the server OpenVPN client is started as an administrator. But: I cannot ping the other one on either side. 'Gateway' value is empty on client's side (in the adapter's "status" window). Client has got no internet access when the link is up. Ideal configuration: I only want the client to be able to use the server's Internet access and access its resources (MySQL server in particular). I do not need or want the server to access the client's local network. The client needs to be able to access it's local network, although all Internet traffic should be redirected to the VPN link. I spent a considerable amount of time on this but it's still not working, any help would be much appreciated. Thanks :)

    Read the article

  • How to allow password protected start-stop-daemon functionality?

    - by Mahmoud Abdelkader
    I would like to use Ubuntu's start-stop-daemon to start my application, but the application protects some sensitive information, so I have a mechanism where the application prompts for a password that's then used to generate a hashkey, which is used as the secret key for a symmetric encryption (AES) to encrypt and decrypt things from a database. I'd like to daemonize this application and have it run from start-stop-daemon, so that sudo service appname stop and sudo service appname start would work, but, I'm not sure how to go about doing this with the added complexity of a password prompt. Is there something that supports this or do I have to program it from scratch? I figured I should ask first before re-inventing the wheel. Thanks in advance.

    Read the article

  • Laptop is super slow on network

    - by Gary
    So on our network we have a bunch of wireless macs and window Operating laptops, we have a network setup with 802.11g,b,n. All the laptops seem fine except one which is only getting speeds of 54Mb. I have changed the encryption from AES to TKIP and reset the connection, i have updated the drivers, tried plugging it into the LAN and still same slow speed. Apparently the laptop with the slow speed is fine on other networks. I don't know what to do, can anyone help me?

    Read the article

  • Is it possible to FORMAT an external hard disk that has been encrypted using Storagecrypt?

    - by Pandian John
    Basically the big problem is that about 680 GB of data from my Seagate 2 TB Ext HD is lost because I was experimenting with a software called storagecrypt. I used it a few months ago and today I tried it again but i didn't know that the old password is already set in the hard disk when I pressed the encrypt button. I forgot the password which is disappointing. Not to mention that software uses 128 bit AES encryption so there is no way iam going to recover that data. My question is that is it possible to Format my Hard disk which has been encrypted? What i mean is that is it possible to completely wipe the data just like it is newly bought so that I can use my External Hard disk?( I tried to format by right click-- Format. But the size of the disk is shown as 1 MB. Answers would be very much appreciated. Thanks.

    Read the article

  • IIS 6.0 mitigating BEAST

    - by D3l_Gato
    Recently, my PCI assessor informed me that my servers are vulnerable to BEAST and failed me. I did my homework and I want to change our webservers to prefer RC4 ciphers over CBC. I followed every guide I could find... I changed my reg keys for my weaker than 128bit encryption to Enabled = 0. completely removed the reg keys for the weaker encryptions. I downloaded IISCrypto and unchecked everything but RC4 128 ciphers and triple DES 168. My webserver still prefers AES-256SHA. Is there a trick in IIS 6.0 to get your webservers to prefer RC4 ciphers that I am not figuring out? It seems like in IIS 7 they made this very easy to fix but that doesn't help me now!

    Read the article

  • OpenVPN IPv6 over IPv4 tunnel

    - by user66779
    Today I installed OpenVPN 2.3rc2 on both my windows 7 client machine and centos 6 server. This new version of OpenVPN provides full compatibility for IPv6. The Problem: I am currently able to connect to the server (through the IPv4 tunnel) and ping the IPv6 address which is assigned to my client and I can also ping the tun0 interface on the server. However, I cannot browse to any IPv6 websites. My vps provider has given me this: 2607:f840:0044:0022:0000:0000:0000:0000/64 is routed to this server (2607:f840:0:3f:0:0:0:eda). This is ifconfig after setup with OpenVPN running: eth0 Link encap:Ethernet HWaddr 00:16:3E:12:77:54 inet addr:208.111.39.160 Bcast:208.111.39.255 Mask:255.255.255.0 inet6 addr: 2607:f740:0:3f::eda/64 Scope:Global inet6 addr: fe80::216:3eff:fe12:7754/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:2317253 errors:0 dropped:7263 overruns:0 frame:0 TX packets:1977414 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1696120096 (1.5 GiB) TX bytes:1735352992 (1.6 GiB) Interrupt:29 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 b) TX bytes:0 (0.0 b) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255 inet6 addr: 2607:f740:44:22::1/64 Scope:Global UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:739567 errors:0 dropped:0 overruns:0 frame:0 TX packets:1218240 errors:0 dropped:1542 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:46512557 (44.3 MiB) TX bytes:1559930874 (1.4 GiB) So OpenVPN is sucessfully creating a tun0 interface and assigning clients IPv6 addresses using 2607:f840:44:22::/64. The first client to connect is getting 2607:f840:44:22::1000 and the second 2607:f840:44:22::1001, and so on... plus 1 each time. After connecting as the first client, I can ping from my windows client machine 2607:f740:44:22::1 and 2607:f740:44:22::1000. However, I have no access to IPv6 websites. I believe the problem is that the tun0 IPv6 addressees are not being forwarded to the eth0 interface. This is the firewall running on the server: #!/bin/sh # # iptables configuration script # # Flush all current rules from iptables # iptables -F iptables -t nat -F # # Allow SSH connections on tcp port 22 # iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 22 -j ACCEPT # # Set access for localhost # iptables -A INPUT -i lo -j ACCEPT # # Accept connections on 1195 for vpn access from client # iptables -A INPUT -i eth0 -p udp --dport 1195 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p udp --sport 1195 -m state --state ESTABLISHED -j ACCEPT # # Apply forwarding for OpenVPN Tunneling # iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to 209.111.39.160 iptables -A FORWARD -j REJECT # # Enable forwarding # echo 1 > /proc/sys/net/ipv4/ip_forward # # Set default policies for INPUT, FORWARD and OUTPUT chains # iptables -P INPUT ACCEPT iptables -P FORWARD ACCEPT iptables -P OUTPUT ACCEPT # # IPv6 # IP6TABLES=/sbin/ip6tables $IP6TABLES -F INPUT $IP6TABLES -F FORWARD $IP6TABLES -F OUTPUT echo -n "1" >/proc/sys/net/ipv6/conf/all/forwarding echo -n "1" >/proc/sys/net/ipv6/conf/all/proxy_ndp echo -n "0" >/proc/sys/net/ipv6/conf/all/autoconf echo -n "0" >/proc/sys/net/ipv6/conf/all/accept_ra $IP6TABLES -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT $IP6TABLES -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT $IP6TABLES -A INPUT -i eth0 -p icmpv6 -j ACCEPT $IP6TABLES -P INPUT ACCEPT $IP6TABLES -P FORWARD ACCEPT $IP6TABLES -P OUTPUT ACCEPT Server.conf: server-ipv6 2607:f840:44:22::/64 server 10.8.0.0 255.255.255.0 port 1195 proto udp dev tun ca ca.crt cert server.crt key server.key dh dh2048.pem ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 208.67.222.222" push "dhcp-option DNS 208.67.220.220" keepalive 10 60 tls-auth ta.key 0 cipher AES-256-CBC comp-lzo user nobody group nobody persist-key persist-tun status openvpn-status.log log-append openvpn.log verb 5 Client.conf: client dev tun nobind keepalive 10 60 hand-window 15 remote 209.111.39.160 1195 udp persist-key persist-tun ca ca.crt key client1.key cert client1.crt remote-cert-tls server tls-auth ta.key 1 comp-lzo verb 3 cipher AES-256-CBC I'm not sure where I am going wrong, it could be the firewall, or something missing from server or client.conf. This version of OpenVPN was only released yesterday, and there's little info on the internet about how to setup an IPv6 over IPv4 vpn tunnel. I've read the manual for this new version of OpenVPN (parts pertaining to IPv6) and it provides very little info too. Thanks for any help.

    Read the article

  • Newly installed DIR-615 - how to connect to the wireless?

    - by JK123
    I've just installed a D-Link DIR 615, but can't figure out how to connect to the wireless.. When I double click my wireless icon in the tray, it does show the new network. Its starts the "WiFi protected setup wizard" and the first thing it asks for is the "Device Ownership Password". I have no idea what that is - I've tried the PIN and the router password. On the next page it says: SSID: _(name)__ Security type: _wpa2 personal aes ccmp_ Password: _some long key that is not what I entered during router setup_ I change the key to the one I created when setting up the router. I've also tried leaving the key as it is shown in the dialog. But it does not connect either way. All it says is "Configuration failed" So how do I connect to the new wireless network??

    Read the article

  • Using TrueCrypt (software encryption) with an SSD

    - by Shackrock
    I use full drive encryption (FDE) w/ TrueCrypt on my laptop. I have a 2nd gen I7 with AES instruction support, so honestly I can't even notice a speed change on the system with it on. My question, is for those who know about SSD's a lot. I previously (early 2011) read articles about how software encryption will negate the speed benefits that an SSD provides - because of the need for the SSD to send a delete command, then a write command, for every encrypted write - instead of just writing over data like a regular HDD would (or something like this...honestly I can't remember...ha!). Anyway, any improvements in this field? Is it pointless for me to grab an SSD if I'm using FDE? Thanks all.

    Read the article

  • Does the .NET Framework need to be reoptimized after upgrading to a new CPU microarchitecture?

    - by Louis
    I believe that the .NET Framework will optimize certain binaries targeting features specific to the machine it's installed on. After changing the CPU from an Intel Nehalem to a Haswell chip, should the optimization be run again manually? If so, what is the process for that? Between generations here are some notable additions: Westmere: AES instruction set Sandy Bridge: Advanced Vector Extensions Ivy Bridge: RdRand (hardware random number generator), F16C (16-bit Floating-point conversion instructions) Haswell: Haswell New Instructions (includes Advanced Vector Extensions 2 (AVX2), gather, BMI1, BMI2, ABM and FMA3 support) So my, albeit naive, thought process was that the optimizations could take advantage of these in general cases. For example, perhaps calls to the Random library could utilize the hardware-RNG on Ivy Bridge and later models.

    Read the article

  • Amazon S3 - Storage Class and Server Side Encryption

    - by Steven
    Ahhh! I am using Amazon S3 for some low price storage to clear down out SAN. I created the bucket and created a root folder. I set the storage class to standard and server side encryption AES. I started a copy job to move the files, some files copied over and i checked the files: Reduced Redundancy Encryption set to none WTF? So i deleted all files and folders. I manuallyed created the folder structure and again set the storage class and encryption level. I coped some files and bamm, still showing (at a file level as Reduced and no encryption). So my question is this, is it really raid'd and encrypted just not showing it properly (as the root folder is, how can the file not be??) or (b) am i being a huge tool and missing something?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 11 12 13 14 15 16 17 18 19 20 21 22  | Next Page >