Search Results

Search found 5390 results on 216 pages for 'ssl vpn'.

Page 164/216 | < Previous Page | 160 161 162 163 164 165 166 167 168 169 170 171  | Next Page >

• IIS 7.0: Requiring Client Certificates causes error 500 and "page cannot be displayed"

  - by user48443

  I have two Windows 2008 x86 servers running IIS 7.0, one site on each server; both sites are SSL-enabled, using DoD-issued certificates. Both sites are accessible via https over port 443, but fail the moment Client Certificates are set to Require or Accept. IIS log records error 500.0.64 but nothing else. I have several Windows 2008 IIS 7 x64 servers that require client certificates and they are working as expected; it's just the two x86 servers that are being problematic.

  Read the article

• Howto WCF Service HTTPS Binding and Endpoint Configuration in IIS with Load Balancer?

  - by Mike G

  We have a WCF service that is being hosted on a set of 12 machines. There is a load balancer that is a gateway to these machines. Now the site is setup as SSL; as in a user accesses it through using an URL with https. I know this much, the URL that addresses the site is https, but none of the servers has a https binding or is setup to require SSL. This leads me to believe that the load balancer handles the https and the connection from the balancer to the servers are unencrypted (this takes place behind the firewall so no biggie there). The problem we're having is that when a Silverlight client tries to access a WCF service it is getting a "Not Found" error. I've set up a test site along with our developer machines and have made sure that the bindings and endpoints in the web.config work with the client. It seems to be the case in the production environment that we get this error. Is there anything wrong with the following web.config? Should we be setting up how https is handled in a different manner? We're at a loss on this currently since I've tried every programmatic solution with endpoints and bindings. None of the solutions I have found deal with a load balancer in the manner we're dealing. Web.config service model info: <system.serviceModel> <behaviors> <serviceBehaviors> <behavior name="TradePMR.OMS.Framework.Services.CRM.CRMServiceBehavior"> <serviceMetadata httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> <behavior name="TradePMR.OMS.Framework.Services.AccountAggregation.AccountAggregationBehavior"> <serviceMetadata httpsGetEnabled="true" /> <serviceDebug includeExceptionDetailInFaults="false" /> </behavior> </serviceBehaviors> </behaviors> <bindings> <customBinding> <binding name="SecureCRMCustomBinding"> <binaryMessageEncoding /> <httpsTransport /> </binding> <binding name="SecureAACustomBinding"> <binaryMessageEncoding /> <httpsTransport /> </binding> </customBinding> <mexHttpsBinding> <binding name="SecureMex" /> </mexHttpsBinding> </bindings> <serviceHostingEnvironment aspNetCompatibilityEnabled="true" /> <!--Defines the services to be used in the application--> <services> <service behaviorConfiguration="TradePMR.OMS.Framework.Services.CRM.CRMServiceBehavior" name="TradePMR.OMS.Framework.Services.CRM.CRMService"> <endpoint address="" binding="customBinding" bindingConfiguration="SecureCRMCustomBinding" contract="TradePMR.OMS.Framework.Services.CRM.CRMService" name="SecureCRMEndpoint" /> <!--This is required in order to be able to use the "Update Service Reference" in the Silverlight application--> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service> <service behaviorConfiguration="TradePMR.OMS.Framework.Services.AccountAggregation.AccountAggregationBehavior" name="TradePMR.OMS.Framework.Services.AccountAggregation.AccountAggregation"> <endpoint address="" binding="customBinding" bindingConfiguration="SecureAACustomBinding" contract="TradePMR.OMS.Framework.Services.AccountAggregation.AccountAggregation" name="SecureAAEndpoint" /> <!--This is required in order to be able to use the "Update Service Reference" in the Silverlight application--> <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" /> </service> </services> </system.serviceModel> </configuration> The ServiceReferences.ClientConfig looks like this: <configuration> <system.serviceModel> <bindings> <customBinding> <binding name="StandardAAEndpoint"> <binaryMessageEncoding /> <httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" /> </binding> <binding name="SecureAAEndpoint"> <binaryMessageEncoding /> <httpsTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" /> </binding> <binding name="StandardCRMEndpoint"> <binaryMessageEncoding /> <httpTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" /> </binding> <binding name="SecureCRMEndpoint"> <binaryMessageEncoding /> <httpsTransport maxReceivedMessageSize="2147483647" maxBufferSize="2147483647" /> </binding> </customBinding> </bindings> <client> <endpoint address="https://Service2.svc" binding="customBinding" bindingConfiguration="SecureAAEndpoint" contract="AccountAggregationService.AccountAggregation" name="SecureAAEndpoint" /> <endpoint address="https://Service1.svc" binding="customBinding" bindingConfiguration="SecureCRMEndpoint" contract="CRMService.CRMService" name="SecureCRMEndpoint" /> </client> </system.serviceModel> </configuration> (The addresses are of no consequence since those are dynamically built so that they will point to a dev's machine or to the production server)

  Read the article

• Specify IPSEC port range using ipsec-tools

  - by Sandman4

  Is it possible to require IPSEC on a port range ? I want to require IPSEC for all incoming connections except a few public ports like 80 and 443, but don't want to restrict outgoing connections. My SPD rules would look like: spdadd 0.0.0.0/0 0.0.0.0/0[80] tcp -P in none; spdadd 0.0.0.0/0 0.0.0.0/0[443] tcp -P in none; spdadd 0.0.0.0/0 0.0.0.0/0[0....32767] tcp -P in esp/require/transport; In setkey manpage I see IP ranges, but no mention of port ranges. (The idea is to use IPSEC as a sort of VPN to protect internal communications between multiple servers. Instead of configuring permissions basing on source IPs, or configuring specific ports, I want to demand IPSEC on anything which is not meant to be public - I feel it's less error-prone this way.)

  Read the article

• dynamic routing between openvpn tunnels

  - by pQd

  i'm thinking about using dynamic routing [ OSPF or RIP ] via OpenVPN tunnels. right now i have few offices connected in full mesh, but this is not scalable solution as we add more locations. i would like to avoid situation when plenty of internal traffic is affected if one of two vpn termination points that i plan to use is down. do you have similar configuration working in production? if so - what routing daemon did you use - quagga? something else? did you encounter any problems? thanks!

  Read the article

• Routing all Traffic through OpenVPN Tunnel

  - by Filip Ekberg

  I have installed OpenVPN server on Archlinux and am now using OpenVPN GUI on Windows 7, I can talk to other computers connected through the VPN but I have not yet figured out how to route all traffic through the tunnel. How do I do this? I figured I need to do it with route ( cmd command ) but I think i need some pointers here. I've followed the OpenVPN HowTo on the matter but that doesn't work, it simply doesn't push the "force the client to go through this gateway"-option. And changing from OpenVPN to a PPTP / IPSec alternative is not an option at the moment.

  Read the article

• OpenVPN won't start on ubuntu - PID not found

  - by you8301083

  I am running ubuntu version 12.04 LTS and I have installed OpenVPN on it. After a while of troubleshooting why my client won't connect (I have generated keys and confligured the client), I ran 'service openvpn status' from the command line and received the following error: could not access PID file for VPN 'server' I have rebooted, started and restarted the service, but each time I check the status, I receive the PID error. I'm pretty sure that I can't connect because the service isn't running. Where can I begin troubleshooting this? I don't know what to look for. Any help is greatly appreciated. Thanks!

  Read the article

• MySql Replication with a star topology

  - by Riotopsys

  My company currently operates in 3 separate locations connected by slow vpn links. Each site hosts a dedicated MySql server. I need to aggregate the data from all three of them onto a single server for corporate reporting. The powers that be have stated I cannot use circular replication or federated tables. Is there a third party tool for MySql that can replicate from multiple masters? Basically the diagram would be a daisy with the reporting server slave at center with multiple replication connections coming in from the master sites on the petals.

  Read the article

• OpenVPN make redirect-gateway optional

  - by Tuinslak

  Hi there, I'm currently running an OpenVPN server for multiple clients. All traffic is directed through the VPN (it's set up as gateway; push "redirect-gateway def1"). So far, all is working fine. However, I'd like to connect a couple of servers to this virtual private network, without these servers using the OVPN daemon as gateway. These servers have to be accessible from both their WAN as well as their LAN IP address. Certain services will be accessible only from the LAN side. Is there any way, for a client, to ignore the push redirect-gateway option? Kind regards, Tuinslak

  Read the article

• Using Google Talk with a non-apps, non-gmail Google account

  - by rymo

  I created a Google account with an existing e-mail address from a domain that is NOT hosted by Google. This address is not on an Apps domain and has no gmail service of any kind. Still I am able to add it as a Google account on an Android device with no problem. If the device is running Jelly Bean (where the Google Talk app allows switching between accounts) I can sign in and chat works fine. I can also sign into Talk with this account via the iGoogle home page. Now how can I use this account with a standalone chat client like iChat, Pidgin, or Empathy? It doesn't seem to work with login ID [email protected] using SSL to connect to server talk.google.com (tried ports 5222 and 5223). Are iGoogle and Android doing something magical that no other Jabber client is allowed, or am I just missing a step?

  Read the article

• Connecting to a remote server through OpenVPN when local network subnet conflicts with remote network's subnet

  - by John Russell

  After connecting to a remote location via OpenVPN, I am trying to access a server on a network that exists on a subnet such as 10.0.1.0/24. However, the network I am trying to access this remote server from is on the same subnet: 10.0.1.0/24. I am unable to connect to my remote server via typing in its IP because of this conflict. I am unable to even access the public internet while connected to the VPN. Does anyone know how to mitigate this issue? I have access to the OpenVPN Access Server.

  Read the article

• Why do I get error, Invalid command 'PythonHandler'?

  - by nbolton

  I'm trying to deploy a Django application, but I've hit a brick wall. On Debian (latest), I've run these commands so far: apt-get install apache2 apache2-doc apache2-mpm-prefork apache2-utils libexpat1 ssl-cert libapache2-mod-python python-django I've tried adding the module manually in the Apache 2 config files, but to be honest I'm totally lost. It's totally different to Apache version 1 which I used years ago. Syntax error on line 7 of /etc/apache2/sites-enabled/000-default: Invalid command 'PythonHandler', perhaps misspelled or defined by a module not included in the server configuration I've added the following to my sites-available/default file, between the tags. <Location "/"> SetHandler python-program PythonHandler django.core.handlers.modpython SetEnv DJANGO_SETTINGS_MODULE hellodjango1.settings PythonDebug Off </Location> Here's what tutorials I've used so far, without much luck: Django | How to use Django with Apache and mod_python | Django Documentation How To Install Django On Debian Etch (Apache2/mod_python)

  Read the article

• Suggestions for programming language and database for a high end database querying system (>50 milli

  - by mmdave

  These requirements are sketchy at the moment, but will appreciate any insights. We are exploring what would be required to build a system that can handle 50 database million queries a day - specifiically from the programming language and database choice Its not a typical website, but an API / database accessing through the internet. Speed is critical. The application will primarily receive these inputs (about a few kb each) and will have to address each of them via the database lookup. Only a few kb will be returned. The server will be run over https/ssl.

  Read the article

• SSH: Tunnel multiple ports to remote server

  - by user1594322

  See attached diagram. Host A - Windows server Host B - Linux server Host C - VMWare ESXi server From host A I can SSH to host B over the VPN tunnel. I can ping host C from host B, but not from host A. I am assuming this is because host C has lost its default gateway. Host C is a VMWware ESXi server, so I would need to tunnel several ports (80,443,902) in order to reach host C from host A. What is the correct ssh syntax to create the tunnel in order to reach host C from host A, and can I do it using a single command, or do I need to run three commands (one for each port, 80,443,902)?

  Read the article

• 2 (or 3 or 4...) websites in IIS, pointing to same ASP.NET application IIS

  - by billfredtom

  I wish to maintain a single a single code base (ASP.NET app) setup at c:\inetpub\wwwroot\myApp, and point several IIS websites at this single code base. Will this be an issue? Will IIS see this as a conflict in resource allocation? Reasons why I want to do it: Each IIS website can then have it's own IP, SSL cert, etc. Each IIS website can have it's own ISAPI filters installed for friendly URLs, etc. Easier to maintain the code base by having single point of deployment

  Read the article

• how to reference a ppp adapter in windows command?

  - by ollydbg23

  When using the windows command ipconfig /all, the result will show a PPP adapter followed by a long name closed with braces. It looks like the below image: When I try to set the DNS of my PPP adapter, I encounter this problem: netsh interface ip set dns "PPP adapter {1C43A7B0-1173-40E2-96D6-1DA6457786B0}" static 208.67.222.222 Invalid interface PPP adapter {1C43A7B0-1173-40E2-96D6-1DA6457786B0} specified. I have also used the pure string "{1C43A7B0-1173-40E2-96D6-1DA6457786B0}", but with the same result. How can I reference this PPP adapter, so that I can change its configured DNS and other settings? What does this long string mean? I do not have this PPP adapter connection on my "show all connections" panel, because I have a VPN app - when running it, this PPP adapter will be automatically created for me.

  Read the article

• Fortigate - Accessing a Virtual Server address from several interfaces

  - by Jeremy G

  I am setting up a new application in its own DMZ on our Fortigate 300C firewalls. I have defined a load-balancing configuration for part of the application, and this works fine for traffic coming in from our internal network. However, I would also like this application to be reachable from other DMZs, for inter-application traffic, and from the SSL VPN interface. I can't seem to define the required policy, and it seems this is due to Virtual Servers being bound to the client interface on the Fortigate rather than the server interface (and so my virtual IP is not accessible from any of these other interfaces) Does anyone have an idea how I might go about this ? I guess I could create other virtual IPs for each interface, but this gets complicated to handle as clients need to change the address they use depending on how they are connecting. Thanks, Jeremy G

  Read the article

• How can I provide secure web content to mobile devices that can't access an intranet?

  - by evanmcd

  I'm working with a client on development web content for their intranet. We want users to be able to access a version of the content on their mobile devices, but most of them don't have the VPN capability to get on to their intranet. I'm wondering if anyone has had experience with this and can recommend a solution. One other thing to consider is that the content is not mission critically secure. If someone outside the company gained access to it, it would not represent a major issue, only a minor annoyance. Thanks for any advice.

  Read the article

• Multiple VLANs, multiple subnets, single DHCP server?

  - by EightQuarterBit

  Hey guys! At my job we are prepping to transition from multiple LANs connected over slow VPN connections to a single MAN connected over fiber, and I've got a few questions. First of all, we are planning on making each physical site its own VLAN, but we would like to have a single DHCP server at the data center hand out IPs to each VLAN. We've pretty much got the VLAN tagging structure all worked out, but we would like to have our single DHCP server assign different subnets of IPs to each VLAN. For instance, VLAN 2 gets 10.0.2.x through 10.0.4.x, VLAN 3 gets 10.0.5.x through 10.0.7.x etc. We are an Active Directory based shop and we have a Server 2003 box handling DHCP (though we aren't averse to upgrading it to server 2008.) Is this feasible, or am I pipe-dreaming?

  Read the article

• disallow anonymous bind in openldap

  - by shashank prasad

  Folks, I have followed the instructions here http://tuxnetworks.blogspot.com/2010/06/howto-ldap-server-on-1004-lucid-lynx.html to setup my OpenLdap and its working just fine, except an anonymous user can bind to my server and see the whole user/group structure. LDAP is running over SSL. I have read online that i can add disallow bind_anon and require authc in the slapd.conf file and it will be disabled but there is no slapd.conf file to begin with and since this doesn't use slapd.conf for its configuration as i understand OpenLdap has moved to a cn=config setup so it wont read that file even if i create one. i have looked online without any luck. I believe i need to change something in here olcAccess: to attrs=userPassword by dn="cn=admin,dc=tuxnetworks,dc=com" write by anonymous auth by self write by * none olcAccess: to attrs=shadowLastChange by self write by * read olcAccess: to dn.base="" by * read olcAccess: to * by dn="cn=admin,dc=tuxnetworks,dc=com" write by * read but i am not sure what. Any help is appreciated. Thank you! -shashank

  Read the article

• OpenVPN performance: how many concurrent clients are possible?

  - by Steffen Müller

  I am evaluating a system for a client where many OpenVPN clients connect to a OpenVPN server. "Many" means 50000 - 1000000. Why do I do that? The clients are distributed embedded systems, each sitting behind the system owners dsl router. The server needs to be able to send commands to the clients. My first naive approach is to make the clients connect to the server via an openvpn network. This way, the secure communication tunnel can be used in both directions. This means that all clients are always connected to the server. There are many clients summing up over the years. The question is: does the OpenVPN server explode when reaching a certain number of clients? I am already aware of a maximum TCP connection number limit, therefore (and for other reasons) the VPN would have to use UDP transport. OpenVPN gurus, what is your opinion?

  Read the article

• Exim forwards not going out through TLS

  - by Blake

  I'm trying to get Exim to use STARTTLS to send emails that are just FORWARDS. I have a server accepting email at example-accepting.com for users. So I want [email protected] to forward all email to [email protected]. If I do this from the command like on example-accepting.com... echo "test" | mail -s "ssl/tls test" [email protected] Success!! Sent via TLS BUT, if I send an email to [email protected] the forward fails, it's NOT being sent via TLS. I've tried both forwarding the email via /etc/aliases and the user .forward file. The email is indeed sent, but NOT via TLS. Why is it when I run "mail" from the command like it's working like it should, but a .forward is not using TLS? Thanks

  Read the article

• how to escape “@” in the username when logging in through FTPES with curl?

  - by user62367

  $ curl -T "index.html" -k --ftp-ssl -u "[email protected]" MYDOMAIN.COM Enter host password for user '[email protected]': % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 57173 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>405 Method Not Allowed</title> </head><body> <h1>Method Not Allowed</h1> <p>The requested method PUT is not allowed for the URL /index.html.</p> <hr> <address>Apache/2.2.16 Server at MYDOMAIN.COM Port 80</address> </body></html> 100 57480 100 307 100 57173 284 52902 0:00:01 0:00:01 --:--:-- 53633 can someone help me? Also posted on Stack Overflow

  Read the article

• Oracle: FRM-41211 Error Message when starting a Report from Oracle Forms (64 Bit Windows Server)

  - by DB.

  After installing Oracle Forms and Reports 6.0 (Patch 18) on a Windows 2008 64 Bit server we get the following error when we try to start a report from Forms. "FRM-41211 integration error: ssl failure running another product" The problem is reproducable on another server using the same Windows OS. One of the proposed solutions (extending the REPORTS60_PATH) we have already tried but that did not help solving our problem. Another tip has been to shorten the content of the path variable before installing Oracle Forms and Reports. We will try this later on another server. Any other tips or solutions for this error would be very much appreciated.

  Read the article

• Postgres 9.0 locking up, 100% CPU

  - by Jake

  We are having a problem where our Postgres 9.0 server occasionally locks up and kills our webapp. Restarting Postgres fixes the problem. Here's what I've been able to observe: First, usage of one CPU jumps to 100% for a few minutes Disk operations drop to ~0 during this time Database operations drop to 0 (blocks and tuples per sec) Logs show during this time: WARNING: worker took too long to start; cancelled WARNING: worker took too long to start; cancelled No Queries in logs (only those over 200ms are logged) No unusually long-running queries logged before or during Then the second CPU jumps to 100% The number of postgres processes jumps from the usual 8-10 to ~20 Matched by a spike in Postgres Blocks per second (about twice normal) Logs show LOG: could not accept SSL connection: EOF detected Queries are running but slow Restarting postgres returns everything to normal Setup: Server: Amazon EC2 Large Ubuntu 10.04.2 LTS Postgres 9.0.3 Dedicated DB server Does anyone have any idea what's causing this? Or any suggestions about what else I should be checking out?

  Read the article

• Port forwarding (portmap) works only locally

  - by Tag Wint

  There are four hosts hostA winXP hostB Win2003 hostC Linux RHEL hostD Linux RHEL hostA cannot connect to C and D directly, but B can hostA connects to hostB using VPN hostB and hostC belong to the same subnet1 hostD is in subnet2 From hostA I need to connect to hostC and hostD by SSH. Now I can do it as follows: 1.connecting from hostA to hostB by RDP logon and there: 2.start putty client. I'd like to omit step 1 and connect from A to C and D directly On hostB I have admin acoount and configure port forwarding as follows: netsh interface portproxy add v4tov4 listenport=N1 connectaddress=hostC_IP connectport=N2 netsh interface portproxy add v4tov4 listenport=N3 connectaddress=hostD_IP connectport=N2 netsh interface portproxy show all: Listen on IPv4: Connect to IPv4: Address Port Address Port --------------- ---------- --------------- ---------- * N1 hostC_IP N2 * N3 hostD_IP N2 Now from hostB I can connect to either C and D: ssh localhost:N1 ssh localhost:N3 from hostA ssh hostB:N1 works too, but ssh hostB:N3 DON'T I guess the reason might be different subnets, still have no idea how to fix it. What should I do?

  Read the article

< Previous Page | 160 161 162 163 164 165 166 167 168 169 170 171  | Next Page >