Search Results

Search found 20448 results on 818 pages for 'ip address'.

Page 176/818 | < Previous Page | 172 173 174 175 176 177 178 179 180 181 182 183  | Next Page >

• How does Windows Remote Desktop Connection Work?

  - by Devoted

  How does Windows Remote Desktop connection work? An IP address is used to connect to the computer but....how can that IP be accessed from anywhere? If, for example, the IP address is 192.168.1.55, there MUST be another 192.168.1.55 somewhere else in the world. How does Remote Desktop know which one to connect to? Thanks so much

  Read the article

• How to configure networking on an appliance such that it can plug and play on any corporate network?

  - by Joshua Lim

  I had a chance to configure a Moxa NPort device server appliance on my client's network, it was very easy to do so, done in just 2 minutes. Here's what I did:- The Moxa device server had a preset IP address of 192.168.127.254 and subnet mask 255.255.255.0 - http://www.moxa.com/doc/manual/nport/5400/NPort_5400_Series_Users_Manual_v4.pdf Moxa provides a Windows software which I used to "scan" for the device server. It worked like magic! The software returns a list of device servers found. Each device server is identified by MAC address, and by selecting the device server using the software, I can reset the default IP address and subnet mask of that device server! In comparison, during an earlier project, I spent 2 hours trying to get KVM to work for a Windows 7 embedded appliance I'm trying to install in my client's network - http://superuser.com/questions/380305/how-to-configure-windows-7-professional-appliance-pc-on-my-clients-network-usin Prior to that, I have already tried pre-configuring the IP address and subnet mask to the one which my client provided, yet the appliance still can't connect to the client's network! I've also tried cross cable, didn't work either. After KVM worked, I discovered that the network settings were "lost" after I plug the machine into the client's network. Now my question is what can I do to setup my Windows 7 embedded appliance so that it can connect to any network like that the Moxa device server? I tried experimenting this on my network using a Windows machine configured to an IP address of 192.168.127.254 and subnet mask 255.255.255.0, but it doesn't connect to my network that uses 192.168.0.*. :( EDIT: I would like to point out that the Moxa Windows configuration software seems to be able to connect to any Moxa device connected to the network even if it is on a different subnet, as long as the network adapter shows "connected". This is important because the Moxa device has no VGSM port or interface to configure the IP address.

  Read the article

• Set postfix to send email but not to receive them

  - by CodeShining

  I'm using Google Apps to handle personal email addresses for my domain name, and I set up the DNS as Google suggests. All works fine. Now since I need a SMTP to send emails from my e-commerce I installed Postfix on the server. It works fine when I send emails to any email address but it doesn't send to the same domain name, so let's say my domain is example.com, I set postfix using example.com, if I try to reset a password using [email protected] postfix doesn't send and instead reports on the mail.log Sep 20 01:09:52 ip-10-54-26-162 postfix/pickup[6809]: B09A3415D8: uid=33 from=<www-data> Sep 20 01:09:52 ip-10-54-26-162 postfix/cleanup[6854]: B09A3415D8: message-id=<20120920010952.B09A3415D8@ip-10-54-26-162.eu-west-1.compute.internal> Sep 20 01:09:52 ip-10-54-26-162 postfix/qmgr[30978]: B09A3415D8: from=<[email protected]>, size=4234, nrcpt=1 (queue active) Sep 20 01:09:52 ip-10-54-26-162 postfix/local[6856]: B09A3415D8: to=<[email protected]>, relay=local, delay=0.01, delays=0.01/0/0/0, dsn=5.1.1, status=bounced (unknown user: "myaccount") Of course it cannot find a local user "myaccount" since that account is on Google Apps... How can I tell Postfix to send the email and do not search for a local user?

  Read the article

• Multiple WAN interfaces on SonicWall TZ 100?

  - by Chad Decker

  I'm using a SonicWall TZ 100 with a basic configuration of X0 for the LAN and X1 for the WAN. The WAN uses DHCP to obtain its routable IP address. I want to obtain a second routable IP from my ISP. I'm in luck because my cable company will provide me with an additional dynamic IP for $5/mo. How do I bind this IP to my SonicWall? My additional dynamic IP will not be consecutive to the original one. It won't even be on the same class C. I think what I want to do is to use one of the empty ports/interfaces (X2, X3, or X4), tell that interface to use DHCP, and then add that interface to the WAN "zone". I can't figure out how to do this though. Here's what I've tried so far: (1) I've looked in Network Interfaces. I see X0 and X1 but the other unused interfaces don't show up. I don't see an "Add" button to add the new interfaces. (2) I've looked in Network Zones. I see that X0, X2, X3, X4 are in the LAN zone. I tried to drag X3 into the WAN zone but I can't. Nor does clicking the "Configure" button allow me to move an unused interface from LAN to WAN. (3) I've read the post entitled Splitting up multiple WAN's on Sonicwall. This doesn't seem applicable to me. Any thoughts?

  Read the article

• Not all of your nameservers are in different subnets. Single point of failure

  - by user2118559

  Using VPS hosting and dynadot (domain registrar) DNS. Checked domain name with http://www.intodns.com and get some warnings Different subnets WARNING: Not all of your nameservers are in different subnets and Different autonomous systems WARNING: Single point of failure As understand to avoid the warning must have second Ip4 address and both the addresses must point to different servers? If both Ip addresses point to the same server, it does not help? I mean each server has own Ip address. If one server down, then visitors can access website (files) on another server? Is this the reason why need more than one Ip? Tried to point website to 2 ip addresses and after some time get warning from uptimerobot Connection Timeout

  Read the article

• Routing RFC1918 addresses through dd-wrt via a switch

  - by espenfjo

  I am a bit stuck with an experiment of mine. I have a network looking somewhat like this. | Internet | | ---- |Switch| ---- | | Server w/pub IP | DD-WRT router 192.168.1.1 | | RFC1918 clients 192.168.1.0/24 What I want is for the RFC1918 clients to speak directly with each others. On the server with the public IP I have this route: 192.168.1.0/24 dev eth0 scope link and can see that packets are infact reaching the dd-wrt router for 192.168.1.1, even though if I get no answer. Trying to reach one of the RFC1918 clients from the public IP server will get no result, as the dd-wrt router is not announcing that network on to its external interface (arp who-has 192.168.1.107 tell xxx.xxx.xxx.xxx, but no answer). The router being an WLAN dd-wrt router has of course a load of routes, VLANs and interfaces: xxx.xxx.xxx.1 dev vlan2 scope link 192.168.1.0/24 dev br0 proto kernel scope link src 192.168.1.1 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.244 84.215.64.0/18 dev vlan2 proto kernel scope link src xxx.xxx.xxx.xxx 169.254.0.0/16 dev br0 proto kernel scope link src 169.254.255.1 127.0.0.0/8 dev lo scope link 0.0.0.0 via xxx.xxx.xxx.1 dev vlan2 xxx.xxx.xxx.xxx being the public IP, and xxx.xxx.xxx.1 being the default route for the public IP. I am not sure where to continue with this. I would recon that I both need routing on the dd-wrt router, as well as some iptables magic? Why do something this complex? Why not ;) Also, do not mind that "Internet" can get RFC1918 traffic, it wont go outside of the walls. EDIT 1: Following the tip from stew I do indeed get the correct ARP flowing. And adding an iptables rule for allowing traffic from that specific public IPd machine I get traffic between the systems! Oddly enough though, the speed I get from Server w/pub IP - RFC1918 clients are the same as if the traffic were routed out onto the Internet and back. Edit 2: Ok, disconnecting the external Internet connection will still give the same, crappy transfer speed. So it has to be something else. Edit 3: Ok, I guess there are other reasons for this crappy speed. Case closed. :)

  Read the article

• Domain Squatter Blacklist

  - by David Chang

  Is there a list of common ip addresses used by domain squatters (the ip addresses of the sites they resolve the domains to)? I have a list of domains and I need to remove most squatted/parked domains from the list, I can do that in a perl script (that currently removes dead domains) but I need the IP addresses the squatted domains resolve to so I can remove them as well. I know there are spam/phishing/malware blacklists available, does anyone know of a squatter blacklist? I can't find one using Google. EDIT: I am trying to remove dead domains from a list, I can already remove domains that don't resolve but I need to remove squatted domains as well so I need a list of ip addresses squatted domains resolve to so I can remove them.

  Read the article

• Cisco Switching Module and HSRP interface Tracking

  - by Kyle Brandt

  When using 4 port switching module where each port is configured to switchport access vlan ##, for HRSP should I track the vlan interface or the FastEthernet interface? interface FastEthernet0/0/0 switchport access vlan 10 interface Vlan10 ip address 12.12.12.1 255.255.255.0 int FastEthernet0/1 ip address 192.168.1.2 255.255.255.0 standyby ip 192.168.128.1 standby track ?? ! FastEthernet 0/0/0 or Vlan 10?

  Read the article

• Cluster Core Resource state of Exchange 2010 DAG

  - by Christoph

  I have two Exchange 2010 servers in a DAG and a witness server to implement mailbox resiliency. The two Exchange servers are in two subnets and the Windows failover cluster therefore has two IP address resources. I now that Exchange uses "core functionality" of Windows Server failover clustering, but it does not use all features. My setup also seems to work, but if I run the validation in the Windows Failover Cluster Manager, it complains about one of the IP address resources being offline. However, I cannot bring this resource online, because the server complains that "the specified cluster node is not the owner of the resource, or the node is not a possible owner of the resource". If I "Simulate failure of this resource", it becomes offline and the other IP becomes online. I have the vague idea that Exchange might use the state of the IP resource to identify the Primary Active Manager, but I am not sure. As it is obviously important that failover really works, I would like to be sure. Therefore, my question is: Is it normal that only one IP address resource in a Exchange 2010 DAG failover cluster is active at a time? If not, how do I bring both resources online at the same time given the error described above?

  Read the article

• How to make Virtualbox, OpenVPN, and Win2008 Web R2 like one another?

  - by Aquitaine

  Back with web developer guy wearing net admin hat. Hopefully this is an easy one. We have two servers on a public network at a hosted facility. Server A is our public-facing web server and server B is our database server. Both are running Windows 2008 Server R2 Web Edition. We want Server B isolated from everything except Server A, such that anyone who has to connect to server B goes through the VPN on Server A. It's not perfect since we have no access to do this on the router side, but it's what we've got. We've set up VirtualBox and OpenVPN Access Server on Server A. It has one network interface set to 'NAT' mode, such that OpenVPN gets its IP at 10.0.2.x, and to connect to the OpenVPN interface, I go to the local IP for the Virtualbox network adapter, 192.168.56.x, which works as I configured the appropriate ports using VBoxManage. My question is, do I need to be using Bridged Networking and give the VPN server its own IP, or is there some way to tell the server (either Windows or the Virtualbox OpenVPN) that 'any public connection on the real external IP on port X should be directed to this internal LAN address of 192.168.1.x on port Y'? OpenVPN itself doesn't seem to be aware of the server's real external IP unless we put it in Bridged networking mode; is that necessary or advisable? We're without RRAS since this is Web edition, but I feel like what we're going for is pretty simple. Thanks! Aq

  Read the article

• Configuring https access on HP A5120 Switch

  - by GerryEgan

  I am trying to configure HTTPS management on a HP a5120 switch running Version 5.20.99, Release 2215 and not having much luck. I have followed the manual by creating an SSL policy first and then enabling the HTTPS server with the SSL policy: ssl server-policy sslpol ip https ssl-server-policy sslpol ip https enable When I try and log onto the switch with Google Chrome I get the following error: Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error. When I look this up I have found references to errors due to TLS being used in SSL. I can find no way to specify the SSL version in the server policy. The manual has a configuration example that uses MSCEP to retrieve a certificate but in Windows 2008 R2 that feature is only available in Enterprise and Datacentre editions which I don't have. I have SSH configured and it is using a locally generated certificate so I'm not sure if I can use that but I'd like to if possible. Has anybody been able to setup HTTPS management on HP A series switches without MSCEP? Any and all help appreciated! here is a copy of my config with the interfaces removed: version 5.20.99, Release 2215 # sysname MYSYSNAME # irf domain 10 irf mac-address persistent timer irf auto-update enable undo irf link-delay # domain default enable system # telnet server enable # vlan 1 # vlan 100 description Management # radius scheme system primary authentication 127.0.0.1 1645 primary accounting 127.0.0.1 1646 user-name-format without-domain # domain system access-limit disable state active idle-cut disable self-service-url disable # user-group system group-attribute allow-guest # local-user admin password cipher authorization-attribute level 3 service-type ssh telnet terminal service-type web # stp enable # ssl server-policy sslpol pki-domain MYDOMAIN # interface NULL0 # interface Vlan-interface199 ip address 192.168.199.140 255.255.255.0 # interface GigabitEthernet1/0/1 poe enable stp edged-port enable # interface Ten-GigabitEthernet2/1/2 # dhcp-snooping # ntp-service unicast-server 192.168.1.71 # ssh server enable # ip https ssl-server-policy sslpol ip https enable # load xml-configuration # user-interface aux 0 1 user-interface vty 0 15 authentication-mode scheme

  Read the article

• FreeBSD jail with IPFW with loopback - unable to connect loopback interface

  - by khinester

  I am trying to configure a one IP jail with loopback interface, but I am unsure how to configure the IPFW rules to allow traffic to pass between the jail and the network card on the server. I have followed http://blog.burghardt.pl/2009/01/multiple-freebsd-jails-sharing-one-ip-address/ and https://forums.freebsd.org/viewtopic.php?&t=30063 but without success, here is what i have in my ipfw.rules # vim /usr/local/etc/ipfw.rules ext_if="igb0" jail_if="lo666" IP_PUB="192.168.0.2" IP_JAIL_WWW="10.6.6.6" NET_JAIL="10.6.6.0/24" IPF="ipfw -q add" ipfw -q -f flush #loopback $IPF 10 allow all from any to any via lo0 $IPF 20 deny all from any to 127.0.0.0/8 $IPF 30 deny all from 127.0.0.0/8 to any $IPF 40 deny tcp from any to any frag # statefull $IPF 50 check-state $IPF 60 allow tcp from any to any established $IPF 70 allow all from any to any out keep-state $IPF 80 allow icmp from any to any # open port ftp (20,21), ssh (22), mail (25) # ssh (22), , dns (53) etc $IPF 120 allow tcp from any to any 21 out $IPF 130 allow tcp from any to any 22 in $IPF 140 allow tcp from any to any 22 out $IPF 150 allow tcp from any to any 25 in $IPF 160 allow tcp from any to any 25 out $IPF 170 allow udp from any to any 53 in $IPF 175 allow tcp from any to any 53 in $IPF 180 allow udp from any to any 53 out $IPF 185 allow tcp from any to any 53 out # HTTP $IPF 300 skipto 63000 tcp from any to me http,https setup keep-state $IPF 300 skipto 63000 tcp from any to me http,https setup keep-state # deny and log everything $IPF 500 deny log all from any to any # NAT $IPF 63000 divert natd ip from any to any via $jail_if out $IPF 63000 divert natd ip from any to any via $jail_if in but when i create a jail as: # ezjail-admin create -f continental -c zfs node 10.6.6.7 /usr/jails/node/. /usr/jails/node/./etc /usr/jails/node/./etc/resolv.conf /usr/jails/node/./etc/ezjail.flavour.continental /usr/jails/node/./etc/rc.d /usr/jails/node/./etc/rc.conf 4 blocks find: /usr/jails/node/pkg/: No such file or directory Warning: IP 10.6.6.7 not configured on a local interface. Warning: Some services already seem to be listening on all IP, (including 10.6.6.7) This may cause some confusion, here they are: root syslogd 1203 6 udp6 *:514 *:* root syslogd 1203 7 udp4 *:514 *:* i get these warning and then when i go into the jail environment, i am unable to install any ports. any advice much appreciated.

  Read the article

• Bridge and OpenVPN with shorewall

  - by Javier Martinez

  I have this scenario and everything it's working OK, but I want to configure my Shorewall and I can't do it. My interfaces are: br0 (bridge of eth0) tun0 (OpenVPN) vnet* (each one of bridged interfaces with public IP's) Public Main IP: 188.165.X.Y OpenVPN IP's: 172.28.0.x Bridge: public ip's So, I have the next configuration for shorewall: /etc/shorewall/zones #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall inet ipv4 road ipv4 /etc/shorewall/interfaces #ZONE INTERFACE BROADCAST OPTIONS inet br0 detect routeback road tun+ detect routeback /etc/shorewall/policy #SOURCE DEST POLICY LOG LIMIT: CONNLIMIT: # LEVEL BURST MASK $FW all ACCEPT inet $FW DROP info road all DROP inet road DROP /etc/shorewall/tunnels #TYPE ZONE GATEWAY GATEWAY # ZONE openvpnserver:1194 inet 0.0.0.0/0 The problem is that even with shorewall running I am able to ping or connect to the virtual machines behind the bridge

  Read the article

• Networking 2 Virtual PC with one VPC as DHCP server

  - by vivek

  My host OS is Win XP Professional. The host has a real network connection via DSL and I created a second network connection using Microsoft Loopback Adapter. Internet connection sharing is enabled. The Microsoft Loopback adapter has a IP address of 192.168.0.1. I have 1 Virtual PC which has Windows Server 2003. I have setup the network connection on this VPC to use Microsoft Loopback Adapter. I setup this VPC to be the Domain Controller , DNS Server and DHCP Server. I set this to a static IP address 192.168.0.2 (on the same subnet as the MS Loopback adapter) I have a second Virtual PC which also has Windows Server 2003. The network connection on this VPC is set to "Local Only". I want this VPC to get its IP address from the 1st VPC on which I setup as a DHCP server. What i want is the 2 VPC should be in a network with one of the VPC acting as the domain controller, DNS Server and DHCP server. The second VPC shoud get its IP address from the 1st VPC. It should be a part of the domain of the 1st VPC. When i tried to make the second VPC get the IP address from the first VPC I am not succeeding. Can somebody post some suggestions on how to go about this ?

  Read the article

• pix 501, static route to d-link router (different subnet)

  - by ra170

  I have pix 501 cisco firewall with internal ip 192.168.10.1. I have connected d-link router (dir-655) to pix 501. The d-link router has internal ip 192.168.0.1 The picture would like something like that: |pix 501| has 192.168.10.1 ip |DIR-655| has 192.168.0.1 ip 1. |cable modem|----|pix 501|-------|DIR-655|-----PC 2. PC--------|pix 501|---------|DIR-655| | | |cable modem| When I'm on the wireless network (dir-655) with assigned ip of 192.168.0.x I can cross the subnet and connect to my firewall 192.168.10.1. (pic. 1) The problem is that if I'm on the 192.168.10.x network I can't connect to anything over at 192.168.0.x network. (pic.2) I've tried entering a static route like this: `route inside 192.168.0.0 255.255.255.0 192.168.10.1 1` I also tried assigning static ip to wan interface on DIR-655 to 192.168.10.30 and then tried this: route inside 192.168.0.0 255.255.255.0 192.168.10.30 1 But still, can't connect to 192.168.0.1 or anything on that subnet. Is there a way to setup a static route? Would adding a separate router between PIX 501 and DIR-655 help? I would think that static route like this should take care of it, but it doesn't. This is my route config and nat: (config)# sh route outside 0.0.0.0 0.0.0.0 (outside_IP) 1 DHCP static outside (outside_IP) 255.255.248.0 (outside_IP) 1 CONNECT static inside 192.168.0.0 255.255.255.0 192.168.10.1 1 OTHER static inside 192.168.10.0 255.255.255.0 192.168.10.1 1 CONNECT static or (route inside 192.168.0.0 255.255.255.0 192.168.10.30 1) (config)# sh nat nat (inside) 1 192.168.1.0 255.255.255.0 0 0 nat (inside) 1 192.168.10.0 255.255.255.0 0 0 nat (inside) 1 0.0.0.0 0.0.0.0 0 0 I ended up turning DIR-655 into an Access Point (turning off DHCP and pluging cable from PIX lan interface into one of the LAN interfaces on DIR-655, and leaving WAN port empty), that works as far as DIR-655 being on the same subnet now, and I can access every machine. However the question is, why can't I simply route between those two? would router between these two help? One of the reasons is, that the PIX 501 has only 10 licences, so now I'm using almost all of them. (I have few computers, iphones, ps3, print server, etc.) I would really appreciate some help! Thanks.

  Read the article

• Could local ISP capture my location whenever i launch a VPN to a VPN server?

  - by Ozgun Sunal

  I am extremely concerned that my ISP collects any information once I am connected to a VPN server. For instance, as far as I know, when I start a connection to a HotSpotShield VPN server, an IP address is assigned to me just before a successful connection. Besides, I'll be having an extra IP address at the beginning with the TAP Adapter. An encryption tunnel is set up between me and the VPN server. Whenever my request for a website reaches them (VPN server), they decrypt the data and later they encrypt the reply which returns from the web (targeted) server. This works like that. So, the ISP can not see what I am watching, displaying and writing because the connection is encrypted. But, the targeted websites see and record all actions. Still, they can not identify my real IP address. I'm really concerned about if the ISP can see "my location". OK, it has an IP address from another country as my real IP address, but how does my ISP detect the traffic going through them? Can they find out who I am? Won't they say "Hey, there is a traffic but who is and what he is doing right now?", because I get the Internet from them?

  Read the article

• Adding Netem Filter Rules

  - by fontsix

  iam new in programming and using linux. My Question is, is it possible to add Netem Filter Rules later ? I want to create an PHP-Interface for Netem and I don't know how much filters were required. This should be some kind of dynamically. In Example : A user with a static IP starts an Netem Command (Latency) with PHP Interface this means these five command werde executed by php in the first step $classid = 11; $handle = 10; "sudo tc qdisc add dev eth0 handle 1: root htb"; "sudo tc class add dev eth0 parent 1: classid 1:1 htb rate 100Mbps"; "sudo tc class add dev eth0 parent 1:1 classid 1:$classid htb rate 100Mbps"; "sudo tc qdisc add dev eth0 parent 1:$classid handle $handle: netem delay 100ms"; "sudo tc filter add dev eth0 protocol ip parent 1:0 prio 3 u32 match ip dst $dest flowid 1:$classid"; Now, if there would be a second user who wants to use Netem independent of the first user, i only want to execute the last 3 commands, like "sudo tc class add dev eth0 parent 1:1 classid 1:$classid htb rate 100Mbps"; "sudo tc qdisc add dev eth0 parent 1:$classid handle $handle: netem delay 100ms"; "sudo tc filter add dev eth0 protocol ip parent 1:0 prio 3 u32 match ip dst $dest flowid 1:$classid"; There is an Algorithmus for increasing variables $classid and $handle. This should work. Now my Question: Is it possible only to add these 3 commands to add a new class with new qdisc and a new filter rule ? Or how can i realize it ? The Apache Error_log tells me "sh: line 1: flowid: command not found" but i can't find any mistake. I hope you could help Best regards fontsix

  Read the article

• Which ports to open on domain vs internet

  - by zsharp

  I have a web server/database/domainController. I notice that ports 137 and 138 on the public IP AND private IP are open on all machines there are also other open ports on 0.0.0.0.(ie. 135, 2002) Can and should I close 137-139 on the public IP only? will that interfere with any services.

  Read the article

• ASA 5505 stops local internet when connected to VPN

  - by g18c

  Hi I have a Cisco ASA router running firmware 8.2(5) which hosts an internal LAN on 192.168.30.0/24. I have used the VPN Wizard to setup L2TP access and I can connect in fine from a Windows box and can ping hosts behind the VPN router. However, when connected to the VPN I can no longer ping out to my internet or browse web pages. I would like to be able to access the VPN, and also browse the internet at the same time - I understand this is called split tunneling (have ticked the setting in the wizard but to no effect) and if so how do I do this? Alternatively, if split tunneling is a pain to setup, then making the connected VPN client have internet access from the ASA WAN IP would be OK. Thanks, Chris names ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.30.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address 208.74.158.58 255.255.255.252 ! ftp mode passive access-list inside_nat0_outbound extended permit ip any 10.10.10.0 255.255.255.128 access-list inside_nat0_outbound extended permit ip 192.168.30.0 255.255.255.0 192.168.30.192 255.255.255.192 access-list DefaultRAGroup_splitTunnelAcl standard permit 192.168.30.0 255.255.255.0 access-list DefaultRAGroup_splitTunnelAcl_1 standard permit 192.168.30.0 255.255.255.0 pager lines 24 logging asdm informational mtu inside 1500 mtu outside 1500 ip local pool LANVPNPOOL 192.168.30.220-192.168.30.249 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 192.168.30.0 255.255.255.0 route outside 0.0.0.0 0.0.0.0 208.74.158.57 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy http server enable http 192.168.30.0 255.255.255.0 inside snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5 TRANS_ESP_3DES_SHA crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd auto_config outside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn group-policy DefaultRAGroup internal group-policy DefaultRAGroup attributes dns-server value 192.168.30.3 vpn-tunnel-protocol l2tp-ipsec split-tunnel-policy tunnelspecified split-tunnel-network-list value DefaultRAGroup_splitTunnelAcl_1 username user password Cj7W5X7wERleAewO8ENYtg== nt-encrypted privilege 0 tunnel-group DefaultRAGroup general-attributes address-pool LANVPNPOOL default-group-policy DefaultRAGroup tunnel-group DefaultRAGroup ipsec-attributes pre-shared-key ***** tunnel-group DefaultRAGroup ppp-attributes no authentication chap authentication ms-chap-v2 ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global prompt hostname context : end

  Read the article

• Is my webserver being abused for banking fraud?

  - by koffie

  Since a few weeks i'm getting a lot of 403 errors from apache in my log files that seem to be related to a bank frauding scheme. The relevant log entries look like this (The ip 1.2.3.4 is one I made up, I did not modify the rest of each line) www.bradesco.com.br:80 / 1.2.3.4 - - [01/Dec/2012:07:20:32 +0100] "GET / HTTP/1.1" 403 427 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11" www.bb.com.br:80 / 1.2.3.4 - - [01/Dec/2012:07:20:32 +0100] "GET / HTTP/1.1" 403 370 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11" www.santander.com.br:80 / 1.2.3.4 - - [01/Dec/2012:07:20:33 +0100] "GET / HTTP/1.1" 403 370 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11" www.banese.com.br:80 / 1.2.3.4 - - [01/Dec/2012:07:20:33 +0100] "GET / HTTP/1.1" 403 370 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11" the logformat I use is: LogFormat "%V:%p %U %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" The strange thing is that all these domains are domains of banks and 3 out of the 4 domains are also in the list of the bank frauding scheme described on: http://www.abuse.ch/?p=2925 I would really like to know if my server is being abused for bank frauding or not. I suspect not, because it's giving 403 to all requests. But any extra checks that I can do to ensure that my server is not being abused are welcome. I'm also curious on how the "bad guys" expected my server to behave. I.e. are they just expecting my server to act as a proxy to hide the ip of the fake site, or are they expecting that my server will actually serve the fake banking website? Is the ip 1.2.3.4 more likely to be the ip of a victim or the ip of a bad guy. I suspect a bad guy, because it's quite unlikely that a real person would visit 4 bank sites in a second. If it's from a bad guy I'm very curious at what he is trying to do.

  Read the article

• Email hosting on home's Windows server 2003

  - by klay

  Hi guys, I am new to Server management, I have a static Ip address and I bought recently a domain name, I configure the domain name to target my Ip address. I am running windows server 2003 standard. what are the steps to host my email adresses? Do I need to buy anything else, or what I have is enough (static ip address, domain name, win server 2003, exchange server 2003) ?? thanks Guys

  Read the article

• LACP : Cisco ASA 5515 & Switch ProCurve 2920

  - by user979276

  I've two ASAs 5515 connected in failover Active/Stand by (on Gi0/5) My two ASAs are connected to two Switch ProCurve 2920 to have HA if something happens. So I plug something like that (don't pay attention to the arrows) : So one the ASA, I created a Port-Channel like that : interface GigabitEthernet0/0 nameif outside security-level 0 ip address 192.168.1.3 255.255.255.0 standby 192.168.1.4 ! interface GigabitEthernet0/1 speed 1000 duplex full channel-group 1 mode passive no nameif no security-level no ip address ! interface GigabitEthernet0/2 speed 1000 duplex full channel-group 1 mode passive no nameif no security-level no ip address ! interface Port-channel1.1 vlan 1 nameif inside security-level 100 ip address 192.168.8.1 255.255.255.0 standby 192.168.8.2 ! interface Port-channel1.10 vlan 10 nameif guest security-level 50 ip address 172.16.100.2 255.255.255.224 standby 172.16.100.3 ! interface Port-channel1.16 vlan 16 nameif dmz security-level 50 ip address 192.168.16.1 255.255.255.0 standby 192.168.16.2 On the switch, I created a trunk LACP capable with the port 1 and 2 on each switch, force the speed to 1000 and put the port un full duplex mode. BUT this is not working... I tried many things and I can't make it work. In this configuration, I can't ping anything between my ASA and my Switch (or any object connected). Here what I get on my ASA : Channel group 1 LACP port Admin Oper Port Port Port Flags State Priority Key Key Number State ----------------------------------------------------------------------------- Gi0/2 SP not-bndl 32768 0x1 0x1 0x3 0xc Gi0/1 FP not-bndl 32768 0x1 0x1 0x2 0x6 And on the Switchs : PORT LACP TRUNK PORT LACP LACP NUMB ENABLED GROUP STATUS PARTNER STATUS ----- ------- ----- ------ ------- ------ 1 Active trk1 Broken Yes Failure 2 Active trk1 Broken Yes Failure If I change the Cisco interface to LACP mode On, I can ping the switch from the ASA but nothing other objects conneted on the switch. If I look at the statut of LACP on the switch I see this : PORT LACP TRUNK PORT LACP LACP NUMB ENABLED GROUP STATUS PARTNER STATUS ----- ------- ----- ------ ------- ------ 1 Active trk1 Up No Success 2 Active trk1 Up No Success I don't have any clue on what's going on so If someone have any idea and help me on this, it would be great ! Feel free to ask me anything if you need any more information ! Thanks a lot !

  Read the article

• What settings need to be changed to allow EC2 instances to use Amazon's Route 53 for DNS?

  - by ks78

  I have a number of Amazon EC2 instances, all running Ubuntu, which I'd like to configure to use Amazon's Route 53. I setup a script, following Shlomo Swidler's article, but ran into script-related issues, which were answered here. Now, I have the script working, but my instances are still not able to access Route 53's DNS. By this I mean, they are not able to resolve hostnames to IP addresses. My instances are currently configured with the DNS server IP address Amazon pushes out to them by default, does that need to be changed when using Route 53? I'm also IP-restricting my instances using the Security Groups. Could that be the problem? Is there a certain IP address or port I should open to allow communication with Route 53? It seems that DNS requests should be originating from my instances so the Security Groups shouldn't be an issue, but I've been wrong before. If anyone has any ideas, I'd really appreciate it.

  Read the article

• Issue with multiple bridging for KVM hosts

  - by Henry-Nicolas Tourneur

  I'm using KVM and libvirt on my host (Debian lenny) + 2 bridges per guest (one for mgmt, one for public traffic). That setup isn't stable at all, sometimes I can do pings to a management ip, sometimes not. I don't know if my bridging paramateres are correct, could you check ? or if there is anything wrong ... Please also note that interface on guest doesn't flap and that I got not logs on my host. Of course forwarding is enabled. iface eth3 inet manual auto bond0 iface bond0 inet manual slaves eth1 eth2 pre-up ip link set bond0 up down ip link set bond0 down auto br0 iface br0 inet static address 10.160.0.7 netmask 255.255.255.128 bridge_ports eth3 bridge_fd 9 bridge_hello 2 bridge_maxage 12 bridge_stp off auto br0:1 iface br0:1 inet static address 10.160.0.9 netmask 255.255.255.128 auto br0:2 iface br0:2 inet static address 10.160.0.10 netmask 255.255.255.128 auto br1 iface br1 inet static address 217.4.40.242 netmask 255.255.255.240 gateway 217.4.40.241 pre-up /etc/network/firewall start bridge_ports bond0 bridge_fd 9 bridge_hello 2 bridge_maxage 12 bridge_stp off auto br1:1 iface br1:1 inet static address 217.4.40.252 netmask 255.255.255.240 auto br1:2 iface br1:2 inet static address 217.4.40.253 netmask 255.255.255.240

  Read the article

• How is it possible that I can do a host lookup but not a curl?

  - by Daniel Quinn

  Has anyone ever seen this before? Note that this happens not only with google.com, but with every domain I try. It's a wireless connection (WEP), but I'm not sure how that would be relevant: $ curl -v google.com # This takes about 60s to return * getaddrinfo(3) failed for google.com:80 * Couldn't resolve host 'google.com' * Closing connection #0 curl: (6) Couldn't resolve host 'google.com' $ host google.com google.com has address 209.85.148.106 google.com has address 209.85.148.147 google.com has address 209.85.148.99 google.com has address 209.85.148.103 google.com has address 209.85.148.104 google.com has address 209.85.148.105 google.com mail is handled by 30 alt2.aspmx.l.google.com. google.com mail is handled by 40 alt3.aspmx.l.google.com. google.com mail is handled by 50 alt4.aspmx.l.google.com. google.com mail is handled by 10 aspmx.l.google.com. google.com mail is handled by 20 alt1.aspmx.l.google.com. $ cat /etc/resolv.conf # Generated by NetworkManager nameserver 192.168.1.201 $ cat /etc/hosts 127.0.0.1 localhost ::1 localhost $ netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 wlan0 127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0

  Read the article

< Previous Page | 172 173 174 175 176 177 178 179 180 181 182 183  | Next Page >