Search Results

Search found 867 results on 35 pages for 'ipv4 depletion'.

Page 17/35 | < Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >

  • Centos 6.3 vsftp unable to upload file to apache webserver

    - by user148648
    I am new to Centos, I did work with Sun Solaris and upload files to Apache web server before. I create an end user account and manage to ftp using command prompt to the server, error message is '226 Transfer Done (but failed to open directory). Content of my vsftpd.conf as below # Example config file /etc/vsftpd/vsftpd.conf # # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. # # READ THIS: This example file is NOT an exhaustive list of vsftpd options. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=YES # ** may need to comment it back # # Uncomment this to allow local users to log in. local_enable=YES # # Uncomment this to enable any form of FTP write command. write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) #local_umask=022 local_umask=077 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. anon_upload_enable=YES # *** maybe to comment it back!!! # # Uncomment this if you want the anonymous FTP user to be able to create # new directories. anon_mkdir_write_enable=YES # ** may need to comment it back!!! # # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # # The target log file can be vsftpd_log_file or xferlog_file. # This depends on setting xferlog_std_format parameter xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #chown_username=whoever # # The name of log file when xferlog_enable=YES and xferlog_std_format=YES # WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log xferlog_file=/var/log/xferlog # # Switches between logging into vsftpd_log_file and xferlog_file files. # NO writes to vsftpd_log_file, YES to xferlog_file xferlog_std_format=YES # # You may change the default value for timing out an idle session. #idle_session_timeout=600 # # You may change the default value for timing out a data connection. #data_connection_timeout=120 # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. #nopriv_user=ftpsecure # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, # however, may confuse older FTP clients. #async_abor_enable=YES # # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that on some FTP servers, ASCII support allows a denial of service # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd # predicted this attack and has always been safe, reporting the size of the # raw file. # ASCII mangling is a horrible feature of the protocol. ascii_upload_enable=YES ascii_download_enable=YES # # You may fully customise the login banner string: ftpd_banner=Warning, only for authorize login. # # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned_emails # # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). chroot_local_user=YES chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd/chroot_list local_root=/var/www # # You may activate the "-R" option to the builtin ls. This is disabled by # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. ls_recurse_enable=YES # # When "listen" directive is enabled, vsftpd runs in standalone mode and # listens on IPv4 sockets. This directive cannot be used in conjunction # with the listen_ipv6 directive. listen=YES # # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets, you must run two copies of vsftpd with two configuration files. # Make sure, that one of the listen options is commented !! #listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES

    Read the article

  • arp problems with transparent bridge on linux

    - by Mink
    I've been trying to secure my virtual machines on my esx server by putting them behind a transparent bridge with 2 interfaces, one in front, one at the back. My intention is to put all the firewall rules in one place (instead of on each virtual server). I've been using as bridge a blank new virtual machine based on arch linux (but I suspect it doesn't matter which brand of linux it is). What I have is 2 virtual switchs (thus two Virtual Network, VN_front and VN_back), each with 2 types of ports (switched/separated or promiscious/where the machine can see all packets). On my bridge machine, I've set up 2 virtual NIC, one on VN_front, one on VN_back, both in promisc mode. I've created a bridge br0 with both NIC in it: brctl addbr br0 brctl stp br0 off brctl addif br0 front_if brctl addif br0 back_if Then brought them up: ifconfig front_if 0.0.0.0 promisc ifconfig back_if 0.0.0.0 promisc ifconfig br0 0.0.0.0 (I use promisc mode, because I'm not sure I can do without, thinking that maybe the packets don't reach the NICs) Then I took one of my virtual server sitting on VN_front, and plugged it to VN_back instead (that's the nifty use case I'm thinking about, being able to move my servers around just by changing the VN they are plugged into, without changing anything in the configuration). Then I looked into the macs "seen" by my addressless bridge using brctl showmacs br0 and it did show my server from both sides: I get something that looks like this : port no mac addr is local? ageing timer 2 00:0c:29:e1:54:75 no 9.27 1 00:0c:29:fd:86:0c no 9.27 2 00:50:56:90:05:86 no 73.38 1 00:50:56:90:05:88 no 0.10 2 00:50:56:90:05:8b yes 0.00 << FRONT VN 1 00:50:56:90:05:8c yes 0.00 << BACK VN 2 00:50:56:90:19:18 no 13.55 2 00:50:56:90:3c:cf no 13.57 the thing is that the server that are plugged in front/back are not shown on the correct port. I suspect some horrible thing happening in the ARP-world... :-/ If I ping from a front virtual server to a back virtual server, I can only see the back machine if that back machine pings something in the front. As soon as I stop the ping from the back machine, the ping from the front machine stops getting through... I've noticed that if the back machine pings, then its port on the bridge is the correct one... I've tried to play with the arp_ switch of /proc/sys, but with no clear effect on the end result... /proc/sys/net/ipv4/ip_forward doesn't seem to be of any use when using a bridge (seems it's all taken care of by brctl) /proc/sys/net/ipv4/conf//arp_ don't seem to change much either... (tried arp_announce to 2 or 8 - like suggested elsewhere - and arp_ignore to 0 or 1 ) All the examples I've seen have a different subnet on either side like 10.0.1.0/24 and 10.0.2.0/24... In my case I want 10.0.1.0/24 on both side (just like a transparent switch - except it's a hidden fw ). Turning stp on/off doesn't seem to have any impact on my issue. It's as if the arp packets where getting through the bridge, corrupting the other side with false data... I've tried to use the -arp on each interface, br0, front, back... it breaks the thing altogether... I suspect it has something to do with both side being on the same subnet... I've thought about putting all my machine behind the fw, so as to have all the same subnet at the back... but I'm stuck with my provider's gateway standing at the front with part of my subnet (in fact 3 appliance to route the whole subnet), so I'll always have ips from the same subnet on both side, whatever I do... (I'm using fixed front IPs on my delegated subnet). I'm at a loss... -_-'' Thx for your help. (As anyone tried something like this? from within ESXi?) (It's not just a stunt, the idea is to have something like fail2ban running on some servers, sending their banned IP to the bridge/fw so that it too could ban them - saving all the other servers from that same attacker in one go, allowing for some honeypot that would trigger the fw from any kind of suitable response, and stuffs of the sort... I am aware I could use something like snort, but it addresses some completely different kind of problems, in a completely different way... )

    Read the article

  • Subnet mask and how to resolve IP range [duplicate]

    - by user2789433
    This question already has an answer here: How does IPv4 Subnetting Work? 5 answers If you click on this link WHO IS query You will see the results from a who is query for a random IP address. On the line "inetnum": "122.4.0.0/14", What does it mean for the prefix to be 14? I am using this as a reference Subnet Mask Cheatsheet While resolving it, I get a very wide range which is something like 122.7.0.0-122.4.0.0 I am not able to understand how the IP range is calculate from the subnet mask and I am only able to find calculators online and not a method to solve it.

    Read the article

  • Can't connect to Windows Server 2008 shared folders via VPN connection

    - by Pearl
    I set up an VPN connection on my 2008 server using RRAS. The VPN seems to work fine. I can connect from outside the network. I am also able to establish a remote access connection via the VPN-IP. However, I can't access my shared folders. After connecting to the VPN I can ping the server, but it is not shown in my networks. using \ip or \server-name doesn't work either, cannot be found. I checked ipconfig and this is what I found regarding the VPN: DNS-Suffix: Description: test Physical Adress: DHCP activated: No Auto-Config: Yes IPv4-Adress: 192.168.2.114 Sub: 255.255.255.255 Standard-gateway: DNS-Server: 192.168.0.1 NetBIOS: activated To clarify my IP-situation: server is connected to router with 192.168.0.x, the test-client is in an external network connected to a router with 192.168.1.x, server-client connection is using static ips with 192.168.2.x Can anyone help me with this one? The VPN should be ok since I am able to establish remote access.

    Read the article

  • Strategies for very fast delivery of webpages.

    - by Cherian
    I run a website Cucumbertown with an initial pay load of nearly 9KB zipped. All my js is delayed loaded with requirejs and modernizer is the only exception. Now all my webpages are Nginx cached and only 10-15% hits go to the backend proxy. And the cache is invalidated by logged in users as proxy_cache_bypass. So for an anonymous user its nearly always a cache hit. I have some basic OS tuning with default via ip dev eth0 initcwnd 15 net.ipv4.tcp_slow_start_after_idle 0 Despite an all cache & large initcwnd my pages still take 2.5 – 3 seconds. I have a yslow score of And page speed at Are there strategies that can help deliver webpages even faster than this? Deliver pages at 1+ second time for 10KB payload? Notes: My servers run of a fairly good data center from Linode at Fremont.

    Read the article

  • How can I disable ipv6 on Ubuntu Server 8.04?

    - by Boden
    I'm trying to run Dell OMSA on Ubuntu 8.04. However, it's binding to ipv6 and not to an ipv4 address. I can't seem to figure out how to change this behavior. So, since I don't need ipv6 support, I'd like to just disable it and see if that clears things up. I've tried blacklisting ipv6 in /etc/modprobe.d/blacklist (blacklist ipv6), and turning it off in /etc/modprobe.d/aliases (alias net-pf-10 off). I'm seeing both solutions recommended in forums and blogs, but neither works.

    Read the article

  • Where to begin with IPv6 [closed]

    - by Willem de Vries
    I am fairly familiar with setting-up IPv4 networks for bigger server configurations, only now I wanted to start familiarizing myself with doing the same for IPv6. I have been Googling for the second night in a row for things like: IPv6 network design, IPv6 for dummies, etc. So far most things you find go on about why IPv6 and the amazing amount of numbers that we have now. Yet I am looking for practical stuff, for example: what would be a good way to assign IP-number, as I understand it DHCP shouldn't be the default course of action. How do other assignment methods work with DNS configuration? what would be a good or standard way of dividing the network in to sub-nets? (database, application, web servers spread over multiple domains/applications and some what intertwined) In short I would like to find good resources with practical information books, webpages, etc.

    Read the article

  • Gre tunnel Linux Cisco

    - by mezgani
    I've created a GRE tunnel between LAN A and LAN B. LAN A is behind a router, and LAN B is behind a Linux box and this box has a pppoe interface. When i do tcpdump on Linux box i see that the traffic is routerd to Linux box (tunnel end), so my need is routing the tunnel traffic to internet. I've added these rules to my iptables script, and i stay unable to connect to internet from LAN A Permitting Linux to act as router (necessary to forward packets) echo "1" /proc/sys/net/ipv4/ip_forward iptables -A INPUT -p 47 -j ACCEPT iptables -A FORWARD -i ppp0 -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o gre0 -j MASEQUARADE What i've forgot to set in this case?

    Read the article

  • What is the command to check if a command's results mention OK?

    - by Manuel
    Alright, so I was playing around with changing MTU size and wanted to make a batch file to automatically lower it and then raise it later. This is probably simple, but I just can't figure it out. Point is, is there a way to run a command, which would normally echo out "ok" but check to see if it does say ok? And if it doesn't say ok then, to end the rest of the file from running and exit out. The command I'm using is netsh interface ipv4 set subinterface "Local Area Connection" mtu=386 store=persistent which, as I mentioned above prints out an OK. I just want to check if it did run correctly, and if not, then do __

    Read the article

  • Need IP port forwarding to access an internel service running on an internal machine

    - by appleluo
    I am trying to configure iptables to do port forwarding for certain request. The scenario is like this: Login node A can be accessed from outside Compute node B that running the service can be accessed from A but not from outside. I want to set up iptables so that a request for the service on B from outside can be accessed through A. A has two ethernet ports: Internal eth0, with ip internal_A and External eth1, with ip external_A. B has 1 ethernet port, internal eth0. let's say its ip is internal_B The service listens to internal_B:5900. We open external_A:10000 for user access. I configure my iptables with the following commands: echo 1> /proc/sys/net/ipv4/ip_forward /sbin/iptables -P FORWARD ACCEPT /sbin/iptables -t nat -A POSTROUTING -j MASQUERADE /sbin/iptables -A PREROUTING -p tcp -t nat --dport 10000 -j DNAT --to-destination interal_B:5900 /sbin/iptables -A OUTPUT -p tcp -t nat -d external_A --dport 10000 -j DNAT --to-destination internal_B:5900 But it didn't work. Can anybody help me?

    Read the article

  • PFSENSE and IPV6 , direct connect rules

    - by Bgnt44
    My question is about pfsense configuration for ipv6 In theory Ipv6 are fully routable even in a LAN For stating point i ve Using this tutorial : http://doc.pfsense.org/index.php/Using_IPv6_on_2.1_with_a_Tunnel_Broker So my Lan network has ipv4 connection and ipv6 I would like to be able to access my LAN machines by their IPV6 i'm confused with firewall rules which i need to set to be able to do that Even if i set all interfaces to pass all packets, i'm not able to directly access any machine by their IPV6 Did i miss something ? Edit : Ok i found that it work now, think it has always work but my isp seems to support ipv6 sometimes and sometimes not ... weird

    Read the article

  • Two network interfaces and two IP addresses on the same subnet in Linux

    - by Scott Duckworth
    I recently ran into a situation where I needed two IP addresses on the same subnet assigned to one Linux host so that we could run two SSL/TLS sites. My first approach was to use IP aliasing, e.g. using eth0:0, eth0:1, etc, but our network admins have some fairly strict settings in place for security that squashed this idea: They use DHCP snooping and normally don't allow static IP addresses. Static addressing is accomplished by using static DHCP entries, so the same MAC address always gets the same IP assignment. This feature can be disabled per switchport if you ask and you have a reason for it (thankfully I have a good relationship with the network guys and this isn't hard to do). With the DHCP snooping disabled on the switchport, they had to put in a rule on the switch that said MAC address X is allowed to have IP address Y. Unfortunately this had the side effect of also saying that MAC address X is ONLY allowed to have IP address Y. IP aliasing required that MAC address X was assigned two IP addresses, so this didn't work. There may have been a way around these issues on the switch configuration, but in an attempt to preserve good relations with the network admins I tried to find another way. Having two network interfaces seemed like the next logical step. Thankfully this Linux system is a virtual machine, so I was able to easily add a second network interface (without rebooting, I might add - pretty cool). A few keystrokes later I had two network interfaces up and running and both pulled IP addresses from DHCP. But then the problem came in: the network admins could see (on the switch) the ARP entry for both interfaces, but only the first network interface that I brought up would respond to pings or any sort of TCP or UDP traffic. After lots of digging and poking, here's what I came up with. It seems to work, but it also seems to be a lot of work for something that seems like it should be simple. Any alternate ideas out there? Step 1: Enable ARP filtering on all interfaces: # sysctl -w net.ipv4.conf.all.arp_filter=1 # echo "net.ipv4.conf.all.arp_filter = 1" >> /etc/sysctl.conf From the file networking/ip-sysctl.txt in the Linux kernel docs: arp_filter - BOOLEAN 1 - Allows you to have multiple network interfaces on the same subnet, and have the ARPs for each interface be answered based on whether or not the kernel would route a packet from the ARP'd IP out that interface (therefore you must use source based routing for this to work). In other words it allows control of which cards (usually 1) will respond to an arp request. 0 - (default) The kernel can respond to arp requests with addresses from other interfaces. This may seem wrong but it usually makes sense, because it increases the chance of successful communication. IP addresses are owned by the complete host on Linux, not by particular interfaces. Only for more complex setups like load- balancing, does this behaviour cause problems. arp_filter for the interface will be enabled if at least one of conf/{all,interface}/arp_filter is set to TRUE, it will be disabled otherwise Step 2: Implement source-based routing I basically just followed directions from http://lartc.org/howto/lartc.rpdb.multiple-links.html, although that page was written with a different goal in mind (dealing with two ISPs). Assume that the subnet is 10.0.0.0/24, the gateway is 10.0.0.1, the IP address for eth0 is 10.0.0.100, and the IP address for eth1 is 10.0.0.101. Define two new routing tables named eth0 and eth1 in /etc/iproute2/rt_tables: ... top of file omitted ... 1 eth0 2 eth1 Define the routes for these two tables: # ip route add default via 10.0.0.1 table eth0 # ip route add default via 10.0.0.1 table eth1 # ip route add 10.0.0.0/24 dev eth0 src 10.0.0.100 table eth0 # ip route add 10.0.0.0/24 dev eth1 src 10.0.0.101 table eth1 Define the rules for when to use the new routing tables: # ip rule add from 10.0.0.100 table eth0 # ip rule add from 10.0.0.101 table eth1 The main routing table was already taken care of by DHCP (and it's not even clear that its strictly necessary in this case), but it basically equates to this: # ip route add default via 10.0.0.1 dev eth0 # ip route add 130.127.48.0/23 dev eth0 src 10.0.0.100 # ip route add 130.127.48.0/23 dev eth1 src 10.0.0.101 And voila! Everything seems to work just fine. Sending pings to both IP addresses works fine. Sending pings from this system to other systems and forcing the ping to use a specific interface works fine (ping -I eth0 10.0.0.1, ping -I eth1 10.0.0.1). And most importantly, all TCP and UDP traffic to/from either IP address works as expected. So again, my question is: is there a better way to do this? This seems like a lot of work for a seemingly simple problem.

    Read the article

  • OpenDNS servers initial response is very slow

    - by Ben Collins
    I've got a Time Warner cable ISP package (RoadRunner), and the modem they gave me doesn't allow me to specify which DNS servers to use; it always uses whatever the upstream dhcp server gives it. I prefer to use OpenDNS on my home network, so i've configured a couple of my PCs manually in the Windows adapter settings for IPv4 such that their IP addresses are obtained via DHCP, but the DNS server settings are fixed to the OpenDNS server IPs. Now, when I startup Windows on these PCs, it always takes 2-3 minutes to start receiving responses from the DNS servers; any request before that times out. While not debilitating, this is quite annoying. Any ideas why this might be happening?

    Read the article

  • VPN Connection causes DNS to use wrong DNS server

    - by Bryan
    I have a Windows 7 PC on our company network (which is a member of our Active Directory). Everything works fine until I open a VPN connection to a customer's site. When I do connect, I lose network access to shares on the network, including directories such as 'Application Data' that we have a folder redirection policy for. As you can imagine, this makes working on the PC very difficult, as desktop shortcuts stop working, software stops working properly due to having 'Application Data' pulled from under it. Our network is routed (10.58.5.0/24), with other local subnets existing within the scope of 10.58.0.0/16. The remote network is on 192.168.0.0/24. I've tracked the issue down to being DNS related. As soon as I open the VPN tunnel, all my DNS traffic goes via the remote network, which explains the loss of local resources, but my question is, how can I force local DNS queries to go to our local DNS servers rather than our customers? The output of ipconfig /all when not connected to the VPN is below: Windows IP Configuration Host Name . . . . . . . . . . . . : 7k5xy4j Primary Dns Suffix . . . . . . . : mydomain.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : mydomain.local Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet Physical Address. . . . . . . . . : F0-4D-A2-DB-3B-CA DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::9457:c5e0:6f10:b298%10(Preferred) IPv4 Address. . . . . . . . . . . : 10.58.5.89(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : 31 January 2012 15:55:47 Lease Expires . . . . . . . . . . : 10 February 2012 10:11:30 Default Gateway . . . . . . . . . : 10.58.5.1 DHCP Server . . . . . . . . . . . : 10.58.3.32 DHCPv6 IAID . . . . . . . . . . . : 250629538 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-AC-76-2D-F0-4D-A2-DB-3B-CA DNS Servers . . . . . . . . . . . : 10.58.3.32 10.58.3.33 NetBIOS over Tcpip. . . . . . . . : Enabled This is the output of the same command with the VPN tunnel connected: Windows IP Configuration Host Name . . . . . . . . . . . . : 7k5xy4j Primary Dns Suffix . . . . . . . : mydomain.local Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : mydomain.local PPP adapter Customer Domain: Connection-specific DNS Suffix . : customerdomain.com Description . . . . . . . . . . . : CustomerDomain Physical Address. . . . . . . . . : DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.0.85(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : DNS Servers . . . . . . . . . . . : 192.168.0.16 192.168.0.17 Primary WINS Server . . . . . . . : 192.168.0.17 NetBIOS over Tcpip. . . . . . . . : Disabled Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet Physical Address. . . . . . . . . : F0-4D-A2-DB-3B-CA DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::9457:c5e0:6f10:b298%10(Preferred) IPv4 Address. . . . . . . . . . . : 10.58.5.89(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : 31 January 2012 15:55:47 Lease Expires . . . . . . . . . . : 10 February 2012 10:11:30 Default Gateway . . . . . . . . . : 10.58.5.1 DHCP Server . . . . . . . . . . . : 10.58.3.32 DHCPv6 IAID . . . . . . . . . . . : 250629538 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-AC-76-2D-F0-4D-A2-DB-3B-CA DNS Servers . . . . . . . . . . . : 10.58.3.32 10.58.3.33 NetBIOS over Tcpip. . . . . . . . : Enabled Routing table Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 10.58.5.1 10.58.5.89 20 10.58.5.0 255.255.255.0 On-link 10.58.5.89 276 10.58.5.89 255.255.255.255 On-link 10.58.5.89 276 10.58.5.255 255.255.255.255 On-link 10.58.5.89 276 91.194.153.42 255.255.255.255 10.58.5.1 10.58.5.89 21 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.0.0 255.255.255.0 192.168.0.95 192.168.0.85 21 192.168.0.85 255.255.255.255 On-link 192.168.0.85 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 10.58.5.89 276 224.0.0.0 240.0.0.0 On-link 192.168.0.85 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 10.58.5.89 276 255.255.255.255 255.255.255.255 On-link 192.168.0.85 276 The binding order for the interfaces is as follows: I've not configured the VPN tunnel to use the default gateway at the remote end, and network comms to nodes on both networks are fine. (i.e. I can ping any node on our network or the remote network). I've modified the PPTP connection properties to use the DNS servers 10.58.3.32 followed by 192.168.0.16, yet the query still goes to 192.168.0.16. Edit: The local resources that disappear are hosted on domain DFS roots, which might (or might not) be relevant.

    Read the article

  • Help about NAT with virtual server

    - by Thanh Tran
    I have a dedicated server running Linux CentOS 5.3 with 2 IP addresses. I've installed a virtual machine using VMware Server. The host and the guest have a host-only network. Now I want to map the 2nd IP address to the virtual machine so that it can run as a second dedicated server for me. Here is what I do: modprobe iptable_nat echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t filter -A FORWARD -s 192.168.78.128 -d 64.85.164.184 -j ACCEPT iptables -t nat -A PREROUTING -d 64.85.164.184 -i eth0 -j DNAT --to-destination 192.168.78.128 iptables -t nat -A POSTROUTING -s 192.168.78.128 -o eth0 -j SNAT --to-source 64.85.164.184</p> But it not working as intended. What is the matter?

    Read the article

  • Site-to-Site PPTP VPN connection between two Windows Server 2008 R2 servers

    - by steve_eyre
    We have two Windows Server 2008 R2 machines, one in our main office and one in a new office which we have just moved offsite. The main office has previously been handling client-to-server PPTP VPN connections. Now that we have moved our second server out of office, we want to set up a demand-dial or persistent VPN connection from the second server to the primary. Using a custom setting RRAS profile, we have successfully managed to set up a site-to-site VPN connection so that from the second server itself, it can access any of the devices in the main office and communicate back. However, any connected machines in the second office cannot use this connection, even when using the second server as gateway. The demand-dial interface is setup from the Second Server dialing into Main Server and a static route set up on RRAS for 192.168.0.0 with subnet mask 255.255.0.0 pointing down this network interface. The main office has the network of 192.168.0.0/16 (subnet mask 255.255.0.0). The second office has the network of 172.16.100.0/24 (subnet mask 255.255.255.0). What steps do we need to take to ensure traffic from the second office PCs going towards 192.168.x.x addresses use the VPN route? Many Thanks in advance for any help the community can offer. Debug Information Here is the route print output from the second server: =========================================================================== Interface List 23...........................Main Office 22...........................RAS (Dial In) Interface 16...e0 db 55 12 fa 02 ......Local Area Connection - Virtual Network 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 24...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3 =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 172.16.100.250 172.16.100.222 261 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 <MAIN OFFICE IP> 255.255.255.255 172.16.100.250 172.16.100.222 6 172.16.100.0 255.255.255.0 On-link 172.16.100.222 261 172.16.100.113 255.255.255.255 On-link 172.16.100.113 306 172.16.100.222 255.255.255.255 On-link 172.16.100.222 261 172.16.100.223 255.255.255.255 On-link 172.16.100.222 261 172.16.100.224 255.255.255.255 On-link 172.16.100.222 261 172.16.100.225 255.255.255.255 On-link 172.16.100.222 261 172.16.100.226 255.255.255.255 On-link 172.16.100.222 261 172.16.100.227 255.255.255.255 On-link 172.16.100.222 261 172.16.100.228 255.255.255.255 On-link 172.16.100.222 261 172.16.100.229 255.255.255.255 On-link 172.16.100.222 261 172.16.100.230 255.255.255.255 On-link 172.16.100.222 261 172.16.100.255 255.255.255.255 On-link 172.16.100.222 261 192.168.0.0 255.255.0.0 192.168.101.87 192.168.101.17 266 192.168.101.17 255.255.255.255 On-link 192.168.101.17 266 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 172.16.100.222 261 224.0.0.0 240.0.0.0 On-link 172.16.100.113 306 224.0.0.0 240.0.0.0 On-link 192.168.101.17 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 172.16.100.222 261 255.255.255.255 255.255.255.255 On-link 172.16.100.113 306 255.255.255.255 255.255.255.255 On-link 192.168.101.17 266 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 0.0.0.0 0.0.0.0 192.168.0.200 Default 0.0.0.0 0.0.0.0 172.16.100.250 Default =========================================================================== IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 16 261 fe80::/64 On-link 16 261 fe80::edf4:85c6:3c15:dcbe/128 On-link 1 306 ff00::/8 On-link 16 261 ff00::/8 On-link 22 306 ff00::/8 On-link =========================================================================== Persistent Routes: None And here is the route print from one of the second office PCs: =========================================================================== Interface List 11...10 78 d2 32 53 27 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 172.16.100.250 172.16.100.103 10 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 172.16.100.0 255.255.255.0 On-link 172.16.100.103 266 172.16.100.103 255.255.255.255 On-link 172.16.100.103 266 172.16.100.255 255.255.255.255 On-link 172.16.100.103 266 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 172.16.100.103 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 172.16.100.103 266 =========================================================================== Persistent Routes: None IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 11 266 fe80::/64 On-link 11 266 fe80::e973:de17:a045:aa78/128 On-link 1 306 ff00::/8 On-link 11 266 ff00::/8 On-link =========================================================================== Persistent Routes: None

    Read the article

  • Weird routing issue (updated)

    - by smccloud
    I just updated the route tables due to a mistake on my part. I am working on getting networking working correctly on a cluster of 14 virtual servers at a customer site. 11 of them work fine for routing and 3 don't work correctly for their administrative network (172.28.56.0). All are running Windows Web Server 2008R2. Default gateway is set on the production network (172.28.58.0) and not on the administrative network (handled with persistent static routes). On a working server, route print gives me the following (MACs redacted) =========================================================================== Interface List 11...XX XX XX XX XX XX ......Intel(R) PRO/1000 MT Network Connection 13...XX XX XX XX XX XX00 0c 29 85 b2 98 ......Intel(R) PRO/1000 MT Network Connection #2 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 172.28.58.1 172.28.58.11 266 10.18.1.22 255.255.255.255 172.28.58.1 172.28.58.11 11 10.32.0.0 255.255.0.0 172.28.56.1 172.28.56.201 11 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 172.28.34.0 255.255.255.0 172.28.56.1 172.28.56.201 11 172.28.42.0 255.255.255.0 172.28.56.1 172.28.56.201 11 172.28.56.0 255.255.255.0 On-link 172.28.56.201 266 172.28.56.0 255.255.255.0 172.28.56.1 172.28.56.201 11 172.28.56.201 255.255.255.255 On-link 172.28.56.201 266 172.28.56.255 255.255.255.255 On-link 172.28.56.201 266 172.28.58.0 255.255.255.224 On-link 172.28.58.11 266 172.28.58.0 255.255.255.224 172.28.58.1 172.28.58.11 11 172.28.58.1 255.255.255.255 172.28.58.1 172.28.58.11 11 172.28.58.11 255.255.255.255 On-link 172.28.58.11 266 172.28.58.31 255.255.255.255 On-link 172.28.58.11 266 172.28.60.0 255.255.255.0 172.28.56.1 172.28.56.201 11 172.28.63.0 255.255.255.0 172.28.56.1 172.28.56.201 11 192.168.0.0 255.255.0.0 172.28.56.1 172.28.56.201 11 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 172.28.56.201 266 224.0.0.0 240.0.0.0 On-link 172.28.58.11 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 172.28.56.201 266 255.255.255.255 255.255.255.255 On-link 172.28.58.11 266 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 172.28.56.0 255.255.255.0 172.28.56.1 1 172.28.63.0 255.255.255.0 172.28.56.1 1 192.168.0.0 255.255.0.0 172.28.56.1 1 172.28.60.0 255.255.255.0 172.28.56.1 1 10.32.0.0 255.255.0.0 172.28.56.1 1 172.28.34.0 255.255.255.0 172.28.56.1 1 172.28.42.0 255.255.255.0 172.28.56.1 1 0.0.0.0 0.0.0.0 172.28.58.1 Default =========================================================================== IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 1 306 ff00::/8 On-link =========================================================================== Persistent Routes: None On one of the non-working server, route print gives me the following (MACs redacted) =========================================================================== Interface List 11...XX XX XX XX XX XX ......Intel(R) PRO/1000 MT Network Connection 13...XX XX XX XX XX XX ......Intel(R) PRO/1000 MT Network Connection #2 1...........................Software Loopback Interface 1 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 172.28.58.1 172.28.58.21 266 10.32.0.0 255.255.0.0 172.28.56.1 172.28.56.211 11 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 172.28.34.0 255.255.255.0 172.28.56.1 172.28.56.211 11 172.28.42.0 255.255.255.0 172.28.56.1 172.28.56.211 11 172.28.56.0 255.255.255.0 172.28.56.1 172.28.56.211 11 172.28.56.211 255.255.255.255 On-link 172.28.56.211 266 172.28.58.0 255.255.255.0 172.28.58.1 172.28.58.21 11 172.28.58.0 255.255.255.224 On-link 172.28.58.21 266 172.28.58.21 255.255.255.255 On-link 172.28.58.21 266 172.28.58.31 255.255.255.255 On-link 172.28.58.21 266 172.28.60.0 255.255.255.0 172.28.56.1 172.28.56.211 11 172.28.63.0 255.255.255.0 172.28.56.1 172.28.56.211 11 192.168.0.0 255.255.0.0 172.28.56.1 172.28.56.211 11 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 172.28.56.211 266 224.0.0.0 240.0.0.0 On-link 172.28.58.21 266 255.255.255.255 255.255.255.255 On-link 127.0.0.1 06 255.255.255.255 255.255.255.255 On-link 172.28.56.211 266 255.255.255.255 255.255.255.255 On-link 172.28.58.21 266 =========================================================================== Persistent Routes: Network Address Netmask Gateway Address Metric 172.28.56.0 255.255.255.0 172.28.56.1 1 172.28.60.0 255.255.255.0 172.28.56.1 1 172.28.63.0 255.255.255.0 172.28.56.1 1 172.28.34.0 255.255.255.0 172.28.56.1 1 172.28.42.0 255.255.255.0 172.28.56.1 1 192.168.0.0 255.255.0.0 172.28.56.1 1 10.32.0.0 255.255.0.0 172.28.56.1 1 0.0.0.0 0.0.0.0 172.28.58.1 Default 172.28.58.0 255.255.255.0 172.28.58.1 1 =========================================================================== IPv6 Route Table =========================================================================== Active Routes: If Metric Network Destination Gateway 1 306 ::1/128 On-link 1 306 ff00::/8 On-link =========================================================================== Persistent Routes: None I am at a complete loss why the non-working servers have no On-link route for 172.28.56.0. Does anyone have any suggestions on what I should be looking at to figure this out? Also, I do have "physical" access to the console if needed through vSphere Client.

    Read the article

  • vsftpd not allowing uploads. 550 response.

    - by Josh
    I've set vsftpd up on a centos box. I keep trying to upload files but I keep getting "550 Failed to change directory" and "550 Could not get file size." Here's my vsftpd.conf # The default compiled in settings are fairly paranoid. This sample file # loosens things up a bit, to make the ftp daemon more usable. # Please see vsftpd.conf.5 for all compiled in defaults. # # READ THIS: This example file is NOT an exhaustive list of vsftpd options. # Please read the vsftpd.conf.5 manual page to get a full idea of vsftpd's # capabilities. # # Allow anonymous FTP? (Beware - allowed by default if you comment this out). anonymous_enable=YES # # Uncomment this to allow local users to log in. local_enable=YES # # Uncomment this to enable any form of FTP write command. write_enable=YES # # Default umask for local users is 077. You may wish to change this to 022, # if your users expect that (022 is used by most other ftpd's) local_umask=022 # # Uncomment this to allow the anonymous FTP user to upload files. This only # has an effect if the above global write enable is activated. Also, you will # obviously need to create a directory writable by the FTP user. anon_upload_enable=YES # # Uncomment this if you want the anonymous FTP user to be able to create # new directories. anon_mkdir_write_enable=YES anon_other_write_enable=YES # # Activate directory messages - messages given to remote users when they # go into a certain directory. dirmessage_enable=YES # # The target log file can be vsftpd_log_file or xferlog_file. # This depends on setting xferlog_std_format parameter xferlog_enable=YES # # Make sure PORT transfer connections originate from port 20 (ftp-data). connect_from_port_20=YES # # If you want, you can arrange for uploaded anonymous files to be owned by # a different user. Note! Using "root" for uploaded files is not # recommended! #chown_uploads=YES #chown_username=whoever # # The name of log file when xferlog_enable=YES and xferlog_std_format=YES # WARNING - changing this filename affects /etc/logrotate.d/vsftpd.log #xferlog_file=/var/log/xferlog # # Switches between logging into vsftpd_log_file and xferlog_file files. # NO writes to vsftpd_log_file, YES to xferlog_file xferlog_std_format=NO # # You may change the default value for timing out an idle session. #idle_session_timeout=600 # # You may change the default value for timing out a data connection. #data_connection_timeout=120 # # It is recommended that you define on your system a unique user which the # ftp server can use as a totally isolated and unprivileged user. #nopriv_user=ftpsecure # # Enable this and the server will recognise asynchronous ABOR requests. Not # recommended for security (the code is non-trivial). Not enabling it, # however, may confuse older FTP clients. #async_abor_enable=YES # # By default the server will pretend to allow ASCII mode but in fact ignore # the request. Turn on the below options to have the server actually do ASCII # mangling on files when in ASCII mode. # Beware that on some FTP servers, ASCII support allows a denial of service # attack (DoS) via the command "SIZE /big/file" in ASCII mode. vsftpd # predicted this attack and has always been safe, reporting the size of the # raw file. # ASCII mangling is a horrible feature of the protocol. #ascii_upload_enable=YES #ascii_download_enable=YES # # You may fully customise the login banner string: #ftpd_banner=Welcome to blah FTP service. # # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned_emails # # You may specify an explicit list of local users to chroot() to their home # directory. If chroot_local_user is YES, then this list becomes a list of # users to NOT chroot(). #chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd/chroot_list # # You may activate the "-R" option to the builtin ls. This is disabled by # default to avoid remote users being able to cause excessive I/O on large # sites. However, some broken FTP clients such as "ncftp" and "mirror" assume # the presence of the "-R" option, so there is a strong case for enabling it. #ls_recurse_enable=YES # # When "listen" directive is enabled, vsftpd runs in standalone mode and # listens on IPv4 sockets. This directive cannot be used in conjunction # with the listen_ipv6 directive. listen=YES # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets, you must run two copies of vsftpd whith two configuration files. # Make sure, that one of the listen options is commented !! #listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES log_ftp_protocol=YES banner_file=/etc/vsftpd/issue local_root=/var/www guest_enable=YES guest_username=ftpusr ftp_username=nobody

    Read the article

  • Ip doesn't change when switching networks, although automatic ip is set. Cause of the issue known

    - by Julio Acevedo
    I have two routers at my house. Both of them have DCHP server enabled. One of them is 192.168.1.1 and gives adresses from 192.168.1.2 to 192.168.1.32 The other one is 192.168.1.50 and gives adresses from 192.168.1.51 to 192.168.1.99 The problem is that I only have internet access in one because my ip is 192.168.1.7, and when I switch to the other one, the ip remains 192.168.1.7, even though I have automatically get a ip adress in Ipv4. When I manually change my ip to one in the range allowed by the router, I can browse the internet. Any ideas how to solve this? Thank you.

    Read the article

  • use of tcp_delack_min on redhat linux (kernel 2.6.18)

    - by user41466
    Hello, we're moving from Solaris to Redhat Linux, and trying to duplicate our low-latency setup, that, on solaris, includes the ndd settings related to TCP NO DELAY, and NAGLE ALGORITHM. I got the impression that those parameters are not all configurable system-wide, but still found some info. we have configured our applications to run with no nagle algorithm, but that is not sufficient. we have found an interesting RH article talking presenting the tcp_delack_min parameter, however, when browsing /proc/sys/net/ipv4/ , I can't find it there. would it be safe to assume that simply "adding" the parameter as it's said on the doc would be enough, or rather that the option is not supported by this version (would be strange, as RH specify that it "can be performed on a standard Red Hat Enterprise Linux installation") ? any other idea / recommendation to improve latency further ? thanks

    Read the article

  • Commercial version of Freenet6

    - by grnbeagle
    I've been using Freenet6 from gogoNET to make my mobile device publicly accessible via IPv6. It works quite well except that the service is not as stable because it's non-commercial usage only as their servers are hosted for free by different operators around the world. Apparently gogoNET sells hardware called gogoSERVER which allows one to build a service similar to Freenet6. I've inquired their sales team, but they were unable to tell me which companies have a commercial, production-quality implementation of Freenet6. Specifically I'm looking for the following features in IPv6 service provider: Client-based IPv6 connectivity for mobile devices: gogoCLIENT (gw6c) is ideal for mobile devices since it allows a device to go online regardless of the device's location. API for account maintenance: so that we can create device accounts from our software Static IPv6 address: (or maybe I mean IPv4 address) by this I mean, just like gogoNET6 service (username.broker.freenet6.net), we want to provide our users with a permanent URL for their device Any info on commercial IPv6 service provider utilizing gogoSERVER is appreciated. Thanks.

    Read the article

  • mail server administration

    - by kibs
    MY postfix does not show that it is listening to the smtp daemon getting mesaage below: The message WAS NOT relayed Reporting-MTA: dns; mail.mak.ac.ug Received-From-MTA: smtp; mail.mak.ac.ug ([127.0.0.1]) Arrival-Date: Wed, 19 May 2010 12:45:20 +0300 (EAT) Original-Recipient: rfc822;[email protected] Final-Recipient: rfc822;[email protected] Action: failed Status: 5.4.0 Remote-MTA: dns; 127.0.0.1 Diagnostic-Code: smtp; 554 5.4.0 Error: too many hops Last-Attempt-Date: Wed, 19 May 2010 12:45:20 +0300 (EAT) Final-Log-ID: 23434-08/A38QHg8z+0r7 undeliverable mail MTA BLOCKED OUTPUT FROM lsof -i tcp:25 command master 3014 root 12u IPv4 9429 TCP *:smtp (LISTEN) (Postfix as a user is missing )

    Read the article

  • Very Large number of connections in TIME_WAIT state; Server is slow, ipconntrac

    - by Sparsh Gupta
    I have a nginx server with load balancing and reverse proxy. Right now its behing another nginx but very soon I plan to make it front, where it will receive TCP connections from clients directly at a rate of 500req/second I am having some big troubles with the server. I have pasted my configurations here and I am kinda sure that the problem is with ipconntrac and similar things which are alient to me http://paste.org/pastebin/view/28543 root@load_balancer:/proc/sys/net/ipv4# netstat -an|awk '/tcp/ {print $6}'|sort|uniq -c 67 CLOSING 727 ESTABLISHED 173 FIN_WAIT1 183 FIN_WAIT2 19 LAST_ACK 5 LISTEN 447 SYN_RECV 1 SYN_SENT 27970 TIME_WAIT Its a ubuntu machine with mainly nginx (load balancer and reverse proxy) installed. It surely isnt great. Can you help me understand whats going on and how can I fix it. This is my live server and I am sure its in a bad shape right now. Any document or commands to fix this, or settings I should make to make this better and reduce time wait and fin_wait1/2 better would be awesome.

    Read the article

  • "This computer has dynamically assigned IP addresses" error when installing Active Directory Domain Controller

    - by smhnaji
    This is a working Windows Server 2008 that I should install Active Directory on it. I found http://www.howtogeek.com/99323/ and followed the steps. After Additional Domain Controller Options, I'm asked the question "This computer has dynamically assigned IP addresses". As I see, the message states that Dynamic IP addressing has been used for the server, while this is wrong. When I come to Network And Sharing Center, and click on Local Area Connections - Properties - Internet Protocol Version 4 (TCP/IPv4) - Properties, I see that the main IP address (as well as DNS Server) and also all other IP addresses are assigned statically. So it should be OK. I cannot believe any server using dynamic IP(s)! Note: No IPv6 has been set for the server. Please tell me why the error is given and which of the options available, should I choose? Note that it's a production server and is working with many users in WORKGROUP. No change should be affected nor to the IPs, neither to users connecting to the server.

    Read the article

  • OpenVPN stopped working, what could have happened?

    - by jaja
    I have Openvpn, and it worked great when I used it on PC (Windows 8), then I copied all files (Certificates and config) to an Android 4 phone to use them. Now, Openvpn works on the phone, but not the PC. Specifically, when I open Google I get: The server at www.google.com can't be found, because the DNS lookup failed, but the VPN seems to be connected. I have a simple question, could the problem be because I copied the same files? Routing table before connecting:- IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.101 25 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.1.0 255.255.255.0 On-link 192.168.1.101 281 192.168.1.101 255.255.255.255 On-link 192.168.1.101 281 192.168.1.255 255.255.255.255 On-link 192.168.1.101 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.101 281 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.101 281 =========================================================================== Routing table after connecting:- IPv4 Route Table =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.101 25 0.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 30 10.8.0.4 255.255.255.252 On-link 10.8.0.6 286 10.8.0.6 255.255.255.255 On-link 10.8.0.6 286 10.8.0.7 255.255.255.255 On-link 10.8.0.6 286 **.**.***.** 255.255.255.255 192.168.1.254 192.168.1.101 25 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 128.0.0.0 128.0.0.0 10.8.0.5 10.8.0.6 30 192.168.1.0 255.255.255.0 On-link 192.168.1.101 281 192.168.1.101 255.255.255.255 On-link 192.168.1.101 281 192.168.1.255 255.255.255.255 On-link 192.168.1.101 281 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.1.101 281 224.0.0.0 240.0.0.0 On-link 10.8.0.6 286 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.1.101 281 255.255.255.255 255.255.255.255 On-link 10.8.0.6 286 =========================================================================== Server conf:- port 1194 proto udp dev tun ca ca.crt cert myservername.crt key myservername.key dh dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt duplicate-cn keepalive 10 120 comp-lzo persist-key persist-tun status openvpn-status.log verb 3 push "redirect-gateway def1" Client conf:- client dev tun proto udp remote 89.32.148.35 1194 resolv-retry infinite nobind persist-key persist-tun mute-replay-warnings ca ca.crt cert client1.crt key client1.key verb 3 comp-lzo redirect-gateway def1 Here is the log file:- Tue Dec 18 16:34:27 2012 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2] [PKCS11] built on Dec 15 2011 Tue Dec 18 16:34:27 2012 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Tue Dec 18 16:34:27 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Tue Dec 18 16:34:27 2012 LZO compression initialized Tue Dec 18 16:34:27 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ] Tue Dec 18 16:34:27 2012 Socket Buffers: R=[65536-65536] S=[65536-65536] Tue Dec 18 16:34:27 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ] Tue Dec 18 16:34:27 2012 Local Options hash (VER=V4): '41690919' Tue Dec 18 16:34:27 2012 Expected Remote Options hash (VER=V4): '530fdded' Tue Dec 18 16:34:27 2012 UDPv4 link local: [undef] Tue Dec 18 16:34:27 2012 UDPv4 link remote: ..*.:1194 Tue Dec 18 16:34:27 2012 TLS: Initial packet from ..*.:1194, sid=4d1496ad 2079a5fa Tue Dec 18 16:34:28 2012 VERIFY OK: depth=1, /C=/ST=/L=/O=/OU=/CN=/name=/emailAddress= Tue Dec 18 16:34:28 2012 VERIFY OK: depth=0, /C=/ST=/L=/O=/OU=/CN=/name=/emailAddress= Tue Dec 18 16:34:29 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Dec 18 16:34:29 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Dec 18 16:34:29 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Tue Dec 18 16:34:29 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Tue Dec 18 16:34:29 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Tue Dec 18 16:34:29 2012 [myservername] Peer Connection Initiated with ..*.:1194 Tue Dec 18 16:34:32 2012 SENT CONTROL [myservername]: 'PUSH_REQUEST' (status=1) Tue Dec 18 16:34:32 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' Tue Dec 18 16:34:32 2012 OPTIONS IMPORT: timers and/or timeouts modified Tue Dec 18 16:34:32 2012 OPTIONS IMPORT: --ifconfig/up options modified Tue Dec 18 16:34:32 2012 OPTIONS IMPORT: route options modified Tue Dec 18 16:34:32 2012 ROUTE default_gateway=192.168.1.254 Tue Dec 18 16:34:32 2012 TAP-WIN32 device [Local Area Connection] opened: \.\Global{F0CFEBBF-9B1B-4CFB-8A82-027330974C30}.tap Tue Dec 18 16:34:32 2012 TAP-Win32 Driver Version 9.9 Tue Dec 18 16:34:32 2012 TAP-Win32 MTU=1500 Tue Dec 18 16:34:32 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {F0CFEBBF-9B1B-4CFB-8A82-027330974C30} [DHCP-serv: 10.8.0.5, lease-time: 31536000] Tue Dec 18 16:34:32 2012 Successful ARP Flush on interface [26] {F0CFEBBF-9B1B-4CFB-8A82-027330974C30} Tue Dec 18 16:34:37 2012 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up Tue Dec 18 16:34:37 2012 C:\WINDOWS\system32\route.exe ADD ..*. MASK 255.255.255.255 192.168.1.254 Tue Dec 18 16:34:37 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4 Tue Dec 18 16:34:37 2012 Route addition via IPAPI succeeded [adaptive] Tue Dec 18 16:34:37 2012 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5 Tue Dec 18 16:34:37 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Tue Dec 18 16:34:37 2012 Route addition via IPAPI succeeded [adaptive] Tue Dec 18 16:34:37 2012 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5 Tue Dec 18 16:34:37 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Tue Dec 18 16:34:37 2012 Route addition via IPAPI succeeded [adaptive] Tue Dec 18 16:34:37 2012 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5 Tue Dec 18 16:34:37 2012 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4 Tue Dec 18 16:34:37 2012 Route addition via IPAPI succeeded [adaptive] Tue Dec 18 16:34:37 2012 Initialization Sequence Completed

    Read the article

< Previous Page | 13 14 15 16 17 18 19 20 21 22 23 24  | Next Page >