Search Results

Search found 18596 results on 744 pages for 'c how to detect all ip addresses from a lan'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 156/744 | < Previous Page | 152 153 154 155 156 157 158 159 160 161 162 163  | Next Page >

  • Windows 2008 R2 IPsec encryption in tunnel mode, hosts in same subnet

    - by fission
    In Windows there appear to be two ways to set up IPsec: The IP Security Policy Management MMC snap-in (part of secpol.msc, introduced in Windows 2000). The Windows Firewall with Advanced Security MMC snap-in (wf.msc, introduced in Windows 2008/Vista). My question concerns #2 – I already figured out what I need to know for #1. (But I want to use the ‘new’ snap-in for its improved encryption capabilities.) I have two Windows Server 2008 R2 computers in the same domain (domain members), on the same subnet: server2 172.16.11.20 server3 172.16.11.30 My goal is to encrypt all communication between these two machines using IPsec in tunnel mode, so that the protocol stack is: IP ESP IP …etc. First, on each computer, I created a Connection Security Rule: Endpoint 1: (local IP address), eg 172.16.11.20 for server2 Endpoint 2: (remote IP address), eg 172.16.11.30 Protocol: Any Authentication: Require inbound and outbound, Computer (Kerberos V5) IPsec tunnel: Exempt IPsec protected connections Local tunnel endpoint: Any Remote tunnel endpoint: (remote IP address), eg 172.16.11.30 At this point, I can ping each machine, and Wireshark shows me the protocol stack; however, nothing is encrypted (which is expected at this point). I know that it's unencrypted because Wireshark can decode it (using the setting Attempt to detect/decode NULL encrypted ESP payloads) and the Monitor Security Associations Quick Mode display shows ESP Encryption: None. Then on each server, I created Inbound and Outbound Rules: Protocol: Any Local IP addresses: (local IP address), eg 172.16.11.20 Remote IP addresses: (remote IP address), eg 172.16.11.30 Action: Allow the connection if it is secure Require the connections to be encrypted The problem: Though I create the Inbound and Outbound Rules on each server to enable encryption, the data is still going over the wire (wrapped in ESP) with NULL encryption. (You can see this in Wireshark.) When the arrives at the receiving end, it's rejected (presumably because it's unencrypted). [And, disabling the Inbound rule on the receiving end causes it to lock up and/or bluescreen – fun!] The Windows Firewall log says, eg: 2014-05-30 22:26:28 DROP ICMP 172.16.11.20 172.16.11.30 - - 60 - - - - 8 0 - RECEIVE I've tried varying a few things: In the Rules, setting the local IP address to Any Toggling the Exempt IPsec protected connections setting Disabling rules (eg disabling one or both sets of Inbound or Outbound rules) Changing the protocol (eg to just TCP) But realistically there aren't that many knobs to turn. Does anyone have any ideas? Has anyone tried to set up tunnel mode between two hosts using Windows Firewall? I've successfully got it set up in transport mode (ie no tunnel) using exactly the same set of rules, so I'm a bit surprised that it didn't Just Work™ with the tunnel added.

    Read the article

  • IP camera's multicast/RTSP conflicting with 2.4GHz Wi-Fi?

    - by jayson
    Here at our business we have a Netgear R7000 running DD-WRT. I have been slowly adding IP cameras which I run using Blue Iris software. The last camera I bought (which is NOT a wireless camera), when I plug it into the network I start having really bad connection issues on the 2.4GHz Wi-Fi network. The 5GHz works fine, just the 2.4GHz all of the sudden has trouble connecting, as if it's conflicting. I've tried playing with the camera settings, different IP addresses, HTTP ports, etc, and discovered it to be a conflict with multicast. When multicast is checked, the Wi-Fi has issues but my video streams via Blue Iris. When unchecked, Wi-Fi works fine but the video won't stream through Blue Iris. The problem is there are no settings in the camera to change the RTSP port, which is set to 34567. Does anyone know something that could fix this issue? It all seems very strange to me but maybe someone has an idea?

    Read the article

  • RRAS Svr on win 2003 provides same gateway as the ip to vpn clients and subnet as 255.255.255.255

    - by Amit Phatarphekar
    Hello - I've setup a RRAS Svr on win 2003 svr, to provide VPN access to clients. I've followed all directions in microsoft documentation to finish the setup. A VPN client successfully connects when I connect to the VPN svr. But when I look at the ipconfig info, I see that the IP and Gateway are same and subnet is 255.255.255.255. Example IP - 10.0.0.121 Gateway - 10.0.0.121 subnet - 255.255.255.255 DNS - 10.0.0.12 What am I doing wrong?

    Read the article

  • How to make OS X send LOCAL IP address in www request headers?

    - by Louis W
    I need to be able to send the local IP address of a computer along with the headers when making requests to a website. Similar to the way you can get the _SERVER["REMOTE_ADDR"] in php, but the local ip (e.g. 192.168.100.1) This will be an intranet so the environment can be controlled. Anything can be installed on the computer, etc. This will be on a Mac OS X computer. Hoping for both Safari AND Firefox. But would be open to using one one. Does anyone know if this is possible? Thanks so much.

    Read the article

  • how limit the number of open TCP streams from same IP to a local port?

    - by JMW
    Hi, i would like to limit the number of concurrent open TCP streams from the the same IP to the server's (local) port. Let's say 4 concurrent conncetions. How can this be done with ip tables? the closest thing, that i've found was: In Apache, is there a way to limit the number of new connections per second/hour/day? iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --set iptables -A INPUT -p tcp --dport 80 -i eth0 -m state --state NEW -m recent --update --seconds 86400 --hitcount 100 -j REJECT But this limitation just messures the number of new connections over the time. This might be good for controlling HTTP traffic. But this is not a good solution for me, since my TCP streams usually have a lifetime between 5 minutes and 2 hours. thanks a lot in advance for any reply :)

    Read the article

  • wildcard host name bindings for multiple subdomains in multiple sites on IIS7 with a single IP address

    - by orca
    Situation: I have a single windows 2008 server with a single public IP address. I have multiple domains with wildcard A records pointing to the single IP address. I need each domain to be hosted by a different web site. (i.e. www.domain1.com by site domain1site) I need domain1.com to act like www.domain1.com I need each site to be able to have multiple subdomains (i.e. www.domain1.com, abc.domain1.com, xyz.domain1.com) Not relevant yet here it goes, I plan to handle each subdomain by a different application hosted in the same site (i.e. application /xyz in domain1site) However I found out that IIS7 does not support creating web sites with wildcard host name binding and setting it without any subdomain (i.e. domain1.com) does not work, even for www.domain1.com. Is there a simple solution? Does any IIS Extension like Application Request Routing provide such capability?

    Read the article

  • HOw to deny a particular mac address client not to obtain ip/name from dhcp & dns server..

    - by Deepak Narwal
    Hello Friends... I configures DHCP server on my rhel 5.4 machine.Clients are getting ip from this DHCP server.NO problem upto this.. NOw i want that a particular mac address client do not pick ip from this dhcp server.. Same question is with my DNS server. I want that a particular mac address client do not pick name from this dns server.. PLz discuss in little bit details i am very new in this field.I am learning these things.I hope YOu will give detailed explaiantion.. Thanks IN ADvance friends..

    Read the article

  • How to open a server port outside of an OpenVPN tunnel with a pf firewall on OSX (BSD)

    - by Timbo
    I have a Mac mini that I use as a media server running XBMC and serves media from my NAS to my stereo and TV (which has been color calibrated with a Spyder3Express, happy). The Mac runs OSX 10.8.2 and the internet connection is tunneled for general privacy over OpenVPN through Tunnelblick. I believe my anonymous VPN provider pushes "redirect_gateway" to OpenVPN/Tunnelblick because when on it effectively tunnels all non-LAN traffic in- and outbound. As an unwanted side effect that also opens the boxes server ports unprotected to the outside world and bypasses my firewall-router (Netgear SRX5308). I have run nmap from outside the LAN on the VPN IP and the server ports on the mini are clearly visible and connectable. The mini has the following ports open: ssh/22, ARD/5900 and 8080+9090 for the XBMC iOS client Constellation. I also have Synology NAS which apart from LAN file serving over AFP and WebDAV only serves up an OpenVPN/1194 and a PPTP/1732 server. When outside of the LAN I connect to this from my laptop over OpenVPN and over PPTP from my iPhone. I only want to connect through AFP/548 from the mini to the NAS. The border firewall (SRX5308) just works excellently, stable and with a very high throughput when streaming from various VOD services. My connection is a 100/10 with a close to theoretical max throughput. The ruleset is as follows Inbound: PPTP/1723 Allow always to 10.0.0.40 (NAS/VPN server) from a restricted IP range >corresponding to possible cell provider range OpenVPN/1194 Allow always to 10.0.0.40 (NAS/VPN server) from any Outbound: Default outbound policy: Allow Always OpenVPN/1194 TCP Allow always from 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) OpenVPN/1194 UDP Allow always to 10.0.0.40 (NAS) to a.b.8.1-a.b.8.254 (VPN provider) Block always from NAS to any On the Mini I have disabled the OSX Application Level Firewall because it throws popups which don't remember my choices from one time to another and that's annoying on a media server. Instead I run Little Snitch which controls outgoing connections nicely on an application level. I have configured the excellent OSX builtin firewall pf (from BSD) as follows pf.conf (Apple App firewall tie-ins removed) (# replaced with % to avoid formatting errors) ### macro name for external interface. eth_if = "en0" vpn_if = "tap0" ### wifi_if = "en1" ### %usb_if = "en3" ext_if = $eth_if LAN="{10.0.0.0/24}" ### General housekeeping rules ### ### Drop all blocked packets silently set block-policy drop ### all incoming traffic on external interface is normalized and fragmented ### packets are reassembled. scrub in on $ext_if all fragment reassemble scrub in on $vpn_if all fragment reassemble scrub out all ### exercise antispoofing on the external interface, but add the local ### loopback interface as an exception, to prevent services utilizing the ### local loop from being blocked accidentally. ### set skip on lo0 antispoof for $ext_if inet antispoof for $vpn_if inet ### spoofing protection for all interfaces block in quick from urpf-failed ############################# block all ### Access to the mini server over ssh/22 and remote desktop/5900 from LAN/en0 only pass in on $eth_if proto tcp from $LAN to any port {22, 5900, 8080, 9090} ### Allow all udp and icmp also, necessary for Constellation. Could be tightened. pass on $eth_if proto {udp, icmp} from $LAN to any ### Allow AFP to 10.0.0.40 (NAS) pass out on $eth_if proto tcp from any to 10.0.0.40 port 548 ### Allow OpenVPN tunnel setup over unprotected link (en0) only to VPN provider IPs ### and port ranges pass on $eth_if proto tcp from any to a.b.8.0/24 port 1194:1201 ### OpenVPN Tunnel rules. All traffic allowed out, only in to ports 4100-4110 ### Outgoing pings ok pass in on $vpn_if proto {tcp, udp} from any to any port 4100:4110 pass out on $vpn_if proto {tcp, udp, icmp} from any to any So what are my goals and what does the above setup achieve? (until you tell me otherwise :) 1) Full LAN access to the above ports on the mini/media server (including through my own VPN server) 2) All internet traffic from the mini/media server is anonymized and tunneled over VPN 3) If OpenVPN/Tunnelblick on the mini drops the connection, nothing is leaked both because of pf and the router outgoing ruleset. It can't even do a DNS lookup through the router. So what do I have to hide with all this? Nothing much really, I just got carried away trying to stop port scans through the VPN tunnel :) In any case this setup works perfectly and it is very stable. The Problem at last! I want to run a minecraft server and I installed that on a separate user account on the mini server (user=mc) to keep things partitioned. I don't want this server accessible through the anonymized VPN tunnel because there are lots more port scans and hacking attempts through that than over my regular IP and I don't trust java in general. So I added the following pf rule on the mini: ### Allow Minecraft public through user mc pass in on $eth_if proto {tcp,udp} from any to any port 24983 user mc pass out on $eth_if proto {tcp, udp} from any to any user mc And these additions on the border firewall: Inbound: Allow always TCP/UDP from any to 10.0.0.40 (NAS) Outbound: Allow always TCP port 80 from 10.0.0.40 to any (needed for online account checkups) This works fine but only when the OpenVPN/Tunnelblick tunnel is down. When up no connection is possbile to the minecraft server from outside of LAN. inside LAN is always OK. Everything else functions as intended. I believe the redirect_gateway push is close to the root of the problem, but I want to keep that specific VPN provider because of the fantastic throughput, price and service. The Solution? How can I open up the minecraft server port outside of the tunnel so it's only available over en0 not the VPN tunnel? Should I a static route? But I don't know which IPs will be connecting...stumbles How secure would to estimate this setup to be and do you have other improvements to share? I've searched extensively in the last few days to no avail...If you've read this far I bet you know the answer :)

    Read the article

  • Two virtual host one with Domain name one with internal ip#?

    - by Abhishek
    Is it possible to have two virtual host configurations for the same server - one with internal ip address and one with domain name? Something like <VirtualHost {{internal-ipaddress}}:80> ....... </VirtualHost> <VirtualHost {{domain-name}}:80> ....... </VirtualHost> Note that the internal IP address and the domain name belong to the same server or same server instance. I am asking this to restrict some URLs for external users, redirect to https all external access and allow everything for internal users(without https)..

    Read the article

  • Setting up a server with only subdomains, any connection to top level goes to main server on another IP?

    - by Anagio
    I'm developing a web app where users will have their own sub-domain to login to and use the application. I'm running wordpress for the main website to manage the public / front end. Our application is developed in zend framework. The zf project is currently in a subfolder on the main server. I'd like to place the zend framework project onto another server (different IP) and keep it separate from the the wordpress front end www.domain.com site. The zf application server will run nginx. I'm not sure how to setup a server to run strictly sub domains. Setting up the virtual hosts in the configuration file is no problem. To give the users username.domain.com. But what about the main default configuration file? How would that be configured since the top level domain is technically another server (wordpress) on another IP?

    Read the article

  • WAMP - phpmyadmin 403 error from localhost, but not from IP 127.0.0.1?

    - by kdub
    I was wondering if anyone can explain this to me. I installed WAMP 2.2. I opened up the dashboard menu, and clicked localhost. I was brought to the WAMP localhost home page. I clicked on phpmyadmin and get a 403 access is denied error message. However, if I type in the ip address 127.0.0.1/phpmyadmin in the address bar, then VOILA, I am in (however, I am not prompted to login to phpmyadmin, I am instantly brought to the phpmyadmin homepage) Please note, I have found the solution to get rid of the 403 error message when entering phpmyadmin from the the localhost extension (change the Deny all setting to Allow all); so I am not asking how to solve that, but my question is: Why if localhost and 127.0.0.1 go to the same spot, will when using the IP addres, I am granted access to subsequent applications and with localhost I am not? Any feedback would be greatly appreciated.

    Read the article

  • Is there a way to detect which port on an ethernet switch a device is connected to?

    - by banno
    Since the wall jack is typically always connected to the same port on the switch I would like to be able to know which device is connected at a specific location. In my case I am talking about printers. I have code to go out on the network and find the IP Address of all of my printers, but would like to be able to update a server based on a printer being swapped out of a location for maintenance or repair. Is there a method for determining a port connection?

    Read the article

  • What is the best way to get the external internet gateway IP reported periodically?

    - by basilmir
    I have a OS X Server behind an airport extreme, serving services via opened ports on the airport. The server has a 10.0.x.x local address, always the same one. The airport extreme gets it's external IP address via PPPoE, and sometimes... once a week it changes. For security reasons WE ACTUALLY like this behavior. But i need a way to know the external IP address just in case i need to connect and do something to the server while on the outside. What can i do?

    Read the article

  • What does this error mean (Can't create TCP/IP socket (24))?

    - by user105196
    I have web server with OS RHEL 6.2 and Mysql 5.5.23 on another server and the web server can read from Mysql server without problem, but some time I got this error: [Sun Sep 23 06:13:07 2012] [error] [client XXXXX] DBI connect('XXXX:192.168.1.2:3306','XXX',...) failed: Can't create TCP/IP socket (24) at /var/www/html/file.pm line 199. my question : What does this error mean (Can't create TCP/IP socket (24))? is it OS error or Mysql error ? perl -v This is perl, v5.10.1 (*) built for x86_64-linux-thread-multi mysql -V mysql Ver 14.14 Distrib 5.5.23, for Linux (x86_64) using readline 5.1 su - mysql -s /bin/bash -c 'ulimit -a' core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 127220 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 10240 cpu time (seconds, -t) unlimited max user processes (-u) 1024 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited

    Read the article

  • Access logs show someone "GET"ing a random ip, why does this return 200?

    - by Wilduck
    I have a small linux box set up with Apache as a way to teach myself Apache. I've set up port forwarding on my router so it's accessible from the outside world, and I've gotten a few strange requests for pages that don't exist from an ip address in China. Looking at my access_log shows that most of these return 404 errors, which I'm guessing is a good thing. However, there is one request that looks like this: 58.218.204.110 - - [25/Dec/2010:19:05:25 -600] "GET http://173.201.161.57/ HTTP/1.1" 200 3895 I'm curious what this request means... That ip address is unconnected to my server as far as I know, and visiting it simply tells me information about my uid. So, my questions are: How is it that this request is showing up in my access_log, why is it returning 200, and is this a bad thing (do I need to set up more security)?

    Read the article

  • Recommended Free DNS hosting for my webserve on a dynamic IP? [closed]

    - by JSchwartz
    I have finished a webserver project (for school) and the professor wants to be able to "test it" from home whenever he is free - this means I need to provide his with the URL to my webserver (which is fine). The only issue is that my IP-Address is dynamic (changes almost everyday) and I would rather not have to email him everytime - nor do I want him to try when it isn't working ... So I was looking into alternative solutions like DNS hosting (I hope that is the right terminology), so I could provide something static for him to connect to ... problem is I have never done this before... Are there any recommeneded free ones? Does Google or someone provide something good? I found http://www.no-ip.com/ which seems like it does what I want... Any feedback would be appreciated. Thanks,

    Read the article

  • Printer on different network(IP range), can i print to it?

    - by John
    Heres my situation, client PC is on the same network as the printer to start with: 192.168.1.X Thats fine and printing is fine, however our clients are required to connect to the VPN using the installed cisco client - this creates a virtual adapter and now the PC is connected to a 10.0.0.X IP range and can no longer see the printer, thus my problem! If I do an IPCONFIG/ALL the PC still has the 192.168.1.X address but it I can't ping anything on it. Is it possible to use both IP ranges at the same time?

    Read the article

  • I can't get an IP address from a VirtualBox VM on OSX from some routers (ie Internet cafes)

    - by ezrock
    On OSX 10.7.3, VirtualBox, using bridged adapter. Everything on the networking side works perfectly as expected in some networking environments, like my home router and some cafes. In others, I can't get an IP address over DHCP, and I don't know why. I suspect there is some setting on the router that is preventing me, or I have some issue with my MAC adress. When it's not working, in syslog, I'll see a few DHCPDISCOVER messages as my VM tries to find a DHCP server, and after a while, "No DHCPOFFERS received" And when I go to a "good" router, a simple "service network restart" is all I need to get an IP. Any ideas?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 152 153 154 155 156 157 158 159 160 161 162 163  | Next Page >