Search Results

Search found 2945 results on 118 pages for 'reverse tunnel'.

Page 22/118 | < Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >

  • How do I configure pfsense as an outbound VPN client?

    - by Avery Chan
    We use pfsense as a router/firewall. Because we're based in China, it is useful for us to have VPN access for all our internal clients. Instead of each individual client connecting to a VPN server stateside, I'd like to configure pfsense as a VPN client and have all the network traffic be routed through it. Most of the posts I've seen regarding pfsense and VPN are concerning connecting to the LAN from outside; this is not what I want to do. Another option would be for an SSH tunnel to be initiated on the pfsense box with the LAN traffic routed through it. How do I configure pfsense to be able to do either of these? One huge caveat is that OpenVPN cannot be used. The solution I am looking for needs to use one of the other VPN protocols.

    Read the article

  • Forwarding ports with ssh on Linux

    - by Patrick Klingemann
    I have a database server, let's call it: dbserver I have a web server with access to my dbserver, let's call it: webserver I have a development machine that I'd like to use to access a database on dbserver, let's call it: dev dbserver has a firewall rule set to allow TCP requests from webserver to dbserver:1433 I'd like to set up a tunnel from dev:1433 to dbserver:1433, so all requests to 1433 on dev are passed along to dbserver:1433 My sshd_config on webserver has the following rules set: AllowTcpForwarding yes GatewayPorts yes This is what I've tried: ssh -v -L localhost:1433:dbserver:1433 webserver In another terminal: telnet localhost 1433 Results in: Trying ::1... Connected to localhost. Escape character is '^]'. Connection closed by foreign host. Any idea what I'm doing wrong here? Thanks in advance!

    Read the article

  • Added autossh in rc.local, but the dynamic port forwarding won't work

    - by rankjie
    I am using Rasbian on my newly arrived Rasp.Pi, and decided to make it my own proxy server. Now I need to set up a ssh tunnel on the Pi to my Linode server, and make it auto start with the system. What did I do: Add this line to /etc/rc.local autossh -f theRemoteServer -N -D 5555 -L 1234:localhost:22 After I reboot, I found out that I can't use the localhost:5555 as a socks proxy. So I type the command ps -A | grep ssh then I can see the autossh and ssh all running: pi@raspberrypi ~ $ ps -A | grep ssh 2018 ? 00:00:00 sshd 2116 ? 00:00:00 autossh 2119 ? 00:00:00 sshd 2195 ? 00:00:00 sshd 3173 ? 00:00:00 ssh (I've installed autossh, and the command works if I type it manually.) (I use the passwordless key auth, so I don't have to enter password.) Much appreciated and sorry for my poor English.

    Read the article

  • Remote Desktop over SSH SOCKS proxy to bypass firewall

    - by scrumpyjack
    Hi folks, I'm trying to connect to a Windows server from my Mac using RDC2.1 for Mac. The problem is the server I need to connect to is guarded by the evil dragon - IP-based access control on a completely separate network. I have an IP I can get in on, but it's at my office (i.e. a completely separate network). Because that network isn't set up for VPN, I've set up a SOCKS proxy through an SSH tunnel (which is all working fine). (SSH proxy) Me (on my Mac) ----------> Office Linux box ----> Windows server (home network) (office network) (other network) From my Linux server in my office (the SSH server) I can telnet to port 3389 on the Windows server, no problem. But from my Mac I can't get so much as a squeak out of it. Any ideas?

    Read the article

  • SSH without portforward

    - by maigel
    I have a raspberry pi lying around in my dorm room. It's connected to campus internet which has all ports closed and I obviously don't have any access or permission to port forwarding. Now I want to ssh to the raspberry pi but this isn't possible since I can't port forward. I do however have a cheap vps doing nothing. Is there a way to make the pi connect to the vps and then use the vps as some sort of tunnel to ssh to the raspberry pi without having any port forwarding done?

    Read the article

  • is it possible in this case to get two IPv6 networks to communicate over the IPv4 Internet?

    - by user239167
    I have a setup of a laptop connected to a cellular IPv4 network (3G usb dongle) and PC connected to another IPv4/IPv6 network. Both have been configured to run as IPv6 routers and each has its IPv6 network. The laptop connects to the Internet via the 3G network with IPv4 address (private one and it is mostly changing) on one interface and has the other interface on AP mode providing its own private IPv6 network (2001:db8:444::/64). The PC connects to the Internet via the organization network with both public IPv4 and IPv6 addresses on one interface and has the other interface on AP mode providing its own private IPv6 network (2001:db8:222::/64). Both running Linux Ubuntu. Is it possible to get the two IPv6 network (2001:db8:222::/64 and 2001:db8:444::/64) to communicate over the IPv4 Internet? Is openvpn of any good in this case to get IPv6 traffic over IPv4-IPv4 tunnel? Thanks for helping in advance

    Read the article

  • Binding services to localhost and using SSH tunnels - can requests be forged?

    - by Martin
    Given a typical webserver, with Apache2, common PHP scripts and a DNS server, would it be sufficient from a security perspective to bind administration interfaces like phpmyadmin to localhost and access it via SSH tunnels? Or could somebody, who knew eg. that phpmyadmin (or any other commonly availible script) is listening at a certain port on localhost easily forge requests that would be executed if no other authentication was present? In other words: could somebody from somewhere in the internet easily forge a request, so that the webserver would accept it, thinking it originated from 127.0.0.1 if the server is listening on 127.0.0.1 only? If there were a risk, could it be somehow dealt with on a lower level than the application, eg. by using iptables? The idea being, that if someone found a weakness in a php script or apache, the network would still block this request because it did not arrive via a SSH-tunnel?

    Read the article

  • Need help configuring NAT

    - by QuinnFTW
    First of all, the router I am using is a Cisco WRVS4400N. My company runs a software which handles the MySQL database of all of their products. The software now has an e-commerce module, so I have to set up a secure tunnel from our network to the server that will be hosting our e-commerce site so that when the database is updated, the site will also be updated. The technician completeing the job said there is an IP conflict, and has asked me to NAT 192.168.0.0/24 to 192.168.115.0/24. I am not really sure how to do this, and they want to charge $150 an hour to do it for me. Can anyone help?

    Read the article

  • Multiple hops tunnels howto

    - by ard
    I wonder if anyone is able to help me with multiple tunnel hops for servers... basically my setup looks something like this... [desktop01]=====[server01]=====[server02]---------[machine01] \--------[machine02] \-------[machine03] \------[machine04] I want to setup some ssh tunnels so that from my desktop I can ssh directly to machine01 through 04 without having to ssh to each box in between in turn... So desktop01 can only see server01, server02 can only accept connections from server01 and machines 01 to 04 only accept connections from server02. Can anyone help as im really stuck with this. Thank you in advance :)

    Read the article

  • Tunnel is up but cannot ping directly connected network

    - by drmanalo
    We configured a site-to-site VPN and here is the topology. I control the network on the left but not the one on the right. All devices in our network has public IPs. Server---ASA5505---Cisco887======Internet=====ASA5510---devices I can see the tunnel is up and can do extended ping using a loopback interface. From the 10.175 and 10.165 networks, they can also ping my loopback address. I can also dial in using a Cisco VPN client, and can connect to the devices on the right. #show crypto session Crypto session current status Interface: Vlan3 Profile: xxx-profile Session status: UP-ACTIVE Peer: 213.121.x.x port 500 IKEv1 SA: local 77.245.x.x/500 remote 213.121.x.x/500 Active IPSEC FLOW: permit ip 10.0.20.0/255.255.255.240 10.175.0.0/255.255.128.0 Active SAs: 0, origin: crypto map IPSEC FLOW: permit ip 10.0.20.0/255.255.255.240 10.165.0.0/255.255.192.0 Active SAs: 2, origin: crypto map #ping 10.165.29.39 source loopback 2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.165.29.39, timeout is 2 seconds: Packet sent with a source address of 10.0.20.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms My problem is the devices on the right cannot reach my server. They could only ping the loopback address and nothing else. I'm pasting some diagnostics related to routing thinking perhaps routing is my issue. I can paste all the running-config on my side of network if needed. #show ip int brief Interface IP-Address OK? Method Status Protocol ATM0 unassigned YES NVRAM administratively down down Ethernet0 unassigned YES NVRAM administratively down down FastEthernet0 unassigned YES unset up up connected to ASA FastEthernet1 unassigned YES unset administratively down down FastEthernet2 unassigned YES unset administratively down down FastEthernet3 unassigned YES unset up up Loopback1 10.0.20.65 YES NVRAM up up Loopback2 10.0.20.1 YES NVRAM up up Virtual-Template1 77.245.x.x YES unset up down Virtual-Template2 77.245.x.x YES unset up down Vlan1 unassigned YES unset down down Vlan3 77.245.x.x YES NVRAM up up connected to the Internet #show run | section ip route ip route 0.0.0.0 0.0.0.0 77.245.x.x ip route 213.121.240.36 255.255.255.255 Vlan3 #show access-list Extended IP access list 102 10 permit ip 10.0.20.0 0.0.0.15 10.175.0.0 0.0.127.255 (3332 matches) 20 permit ip 10.0.20.0 0.0.0.15 10.165.0.0 0.0.63.255 (3498 matches) #show vlan-switch VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active 3 VLAN0003 active Fa0, Fa1, Fa2, Fa3 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup #show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override Gateway of last resort is 77.245.x.x to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 77.245.x.x 10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks C 10.0.20.0/28 is directly connected, Loopback2 L 10.0.20.1/32 is directly connected, Loopback2 C 10.0.20.64/28 is directly connected, Loopback1 L 10.0.20.65/32 is directly connected, Loopback1 S 10.165.0.0/18 [1/0] via 213.121.x.x 77.0.0.0/8 is variably subnetted, 3 subnets, 3 masks S 77.0.0.0/8 [1/0] via 77.245.x.x C 77.245.x.x/29 is directly connected, Vlan3 L 77.245.x.x/32 is directly connected, Vlan3 213.121.x.0/32 is subnetted, 1 subnets S 213.121.x.x is directly connected, Vlan3 I read some of the posts here which lead to NATing issue but I'not sure of my next step. Should I translate my public address to private and route it to the loopback address? (only guessing) CISCO VPN site to site Site-to-Site VPN between two ASA 5505s only working in one direction Hope someone could help. Thanks in advance!

    Read the article

  • How important are PTR records for Email Servers?

    - by Kyle Brandt
    Does anyone know of any studies done to show how much email will be rejected if there is not ptr record for the SMTP banner name of an email server? Are reverse checks always done when enabled, or is it sometimes configured so if an spam program considers an email 'iffy', the reverse check is done?

    Read the article

  • Messenger Thinks My Ip is Invalid

    - by Umut Benzer
    Hello. I am using Windows Live Messenger 2009 on Windows 7. I am using a 3G modem (ZTE Propietary USB Modem) I connect to the Internet using a software my ISP provided me. In last three days, my Messenger started to disconnect. Here is what I observed and tried to do: 1- I can browse web, can do FTP transfer etc. and obiviously have a valid IP. 2- I can sign in to Messenger (appear offline) but when I change my status to anything other then appear offline, Messenger says my connection to service has been lost. (However, it exists.) 3- When I run, MSN Connection Troubleshooter, it says my IP is invalid. When I click repair, it says repaired and just after that, I run the troubleshooter again, and it says my IP is invalid again. (However, it is valid and I am browsing the net.) 4- If I connect the Internet through eterhet or wireless there is no problem at all. 5- I re-installed Messenger (deleting all settings manually through registry and folders), re-installed all drivers and software related to USB 3G Modem. It doesn't work. And then, I took a full backup then formatted entire computer, installed a fresh windows 7, after 5 minutes, the same problem occured. What do you recommend? What can I do? Addition As seen on screenshot, it says Server IPv4 adress is 0.0.0.0 It seems like a problem, I don't know if it is. If it is, how can I solve it? Here is what I get, when I netstat. PPP adapter TTNET internet: Connection-specific DNS Suffix . : IPv4 Address. . . . . . . . . . . : 217.174.39.122 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : 0.0.0.0 Wireless LAN adapter Wireless Network Connection 2: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Wireless LAN adapter Wireless Network Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : ege.edu.tr Ethernet adapter Local Area Connection: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 16: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 13: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter 6TO4 Adapter: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 11: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 12: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 14: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 17: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 25: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 20: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 18: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 19: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 22: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 21: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 15: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 23: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e74:2448:3909:2a2c:eb7b Link-local IPv6 Address . . . . . : fe80::2448:3909:2a2c:eb7b%30 Default Gateway . . . . . . . . . : Tunnel adapter Local Area Connection* 24: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{CFFCFEDB-6B53-42E0-B091-548B9ADE9C9D}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 26: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 27: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 29: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 31: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 28: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter Local Area Connection* 32: Connection-specific DNS Suffix . : IPv6 Address. . . . . . . . . . . : 2002:d9ae:277a::d9ae:277a Default Gateway . . . . . . . . . : 2002:c058:6301::c058:6301 Tunnel adapter Local Area Connection* 30: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{157CF713-B3AC-4701-87A9-14C23CA60AAB}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.ege.edu.tr: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Tunnel adapter isatap.{0D3CD01B-0993-4B37-89B8-12557ECF484D}: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . :

    Read the article

  • Mod_security Logging

    - by Hekuran S. Doli
    Im trying to run mod_security as standalone service with nginx as reverse proxy everything works fine except logging. Mod_security logs reverse proxys ip addres instead of clients ip address. I would appreciate if someone can help. The following is an example of logfile where mod_security is logging 127.0.0.1 instead of clients ip address. 2012/08/29 14:18:13 [info] 206862#0: [client 127.0.0.1] ModSecurity: Access denied with code 403 (phase 2). Pattern match ...

    Read the article

  • Apache2, FastCGI, PHP-FPM, APC on virtualmin panel with nginx front end reverse proxy

    - by Ünsal Korkmaz
    My dream setup: php 5.3.6 + mysql 5.5.10 on Apache2, FastCGI, PHP-FPM, APC with nginx 1.0 front end reverse proxy. And as free server management panel: Virtualmin GPL on centos 5.6 In a new centos 5.6 setup. Using this code for installing virtualmin: wget http://software.virtualmin.com/gpl/scripts/install.sh chmod +x install.sh ./install.sh After setup, i see php is 5.1 and mysql is 5.0 version. And system not supporting php-fpm but supporting fcgid wrapper. I did following changes: wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1.0-6.ius.el5.noarch.rpm wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/epel-release-1-1.ius.el5.noarch.rpm rpm -Uvh ius-release*.rpm epel-release*.rpm yum install yum-plugin-replace yum remove mysql.i386 yum replace mysql --replace-with mysql55 service mysqld restart chkconfig mysqld on mysql_upgrade --password=1234 yum replace php --replace-with php53u yum install php53u-fpm php53u-pecl-apc service httpd restart chkconfig php-fpm on service php-fpm start I am not sure why virtualmin installing both mysql.i386 and 64 bit version together but needed to remove one of them for using yum replace. So i had php 5.3.6 + mysql 5.5.10 with PHP-FPM, APC installed. But virtualmin not supporting PHP-FPM + fastcgi and its still running on fcgid. I am ultra newbie on server management so i couldnt find workaround after this. I want to switch fcgid wrapper to PHP-FPM + fastcgi at least for 1 virtual server. And if i can find a fix for this section, i want to setup nginx 1.0 as front end reverse proxy for serving static files and passing php files to apache. http://nginxcp.com/ is what i want but its for cpanel.

    Read the article

  • Apache Reverse Proxy not working inside a VirtualHost running a Mono Web Application

    - by Arwen
    I have a mono web application running with this virtual host below. It is running on Apache 2.2.20 / Ubuntu 11.10. I tried to add a reverse proxy inside this virtualhost so I can make asynchronous or AJAX type calls back to this same domain. My asynchronous requests would have problems in many browsers calling services that are on another domain (cross domain requests problem). I am wanting to do reverse proxy calls to this other service using http://www.whatever.com/monkey/. So, I added the directive and top directive to try to make this work. It is weird though...nothing I do seems to have any effect. I can put the exact same markup in my default website virtualhost file and it works great. What is the deal? Are some of these Mono directives causing problems? <VirtualHost *:80> ServerName www.whatever.com ServerAlias whatever.com *.whatever.com ServerAdmin [email protected] DocumentRoot /home/myuser/web/whatever ProxyRequests off <Proxy *> Order allow,deny Allow from all </Proxy> <Location /monkey/> ProxyPass http://www.google.com/ ProxyPassReverse http://www.google.com/ </Location> MonoServerPath www.whatever.com "/usr/bin/mod-mono-server2" MonoSetEnv www.whatever.com MONO_IOMAP=all MonoApplications www.whatever.com "/:/home/myuser/web/whatever" <Location "/"> Allow from all Order allow,deny MonoSetServerAlias www.whatever.com SetHandler mono SetOutputFilter DEFLATE SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$" no-gzip dont-vary </Location> <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript </IfModule> </VirtualHost>

    Read the article

  • why is rdiff-backup not compatible with encfs ---reverse

    - by user330273
    I'm trying to use encfs with rdiff-backup to ensure that my backups to a remote server are encrypted. The easiest way to do this would be to use encfs --reverse - which means encfs will create a virtual encrypted file system, which I can then backup using rdiff-backup. Except that it doesn't work. Rdiff-backup fails every time with an "input/output error" on the encfs virtual filesystem. It seems I'm not the only one with this problem, but no one has said what the problem is: this person reported the same issue, but was just told to use sshfs instead (see below on that); in this question on serverfault, one of the answers just states that "rdiff-backup seems to have trouble accessing the EncFS-reverse filesystem." There's an open bug report on the Debian bug tracker(bug 731413, I can't post the link) on this bug, but it's been open since December 2013 with no response. Does anyone know what the problem actually is? Is there a workaround? I can't use the two most commonly suggested alternatives - sshfs and then running encfs on that, or using Duplicity - as both require a much higher bandwidth connection than I have access to (Duplicity requires regular full backups).

    Read the article

  • Using IIS7 as a reverse proxy

    - by Eric Petroelje
    I'm setting up a server at home to host a few small websites. One of them is .NET based and needs IIS, the others are PHP based and need Apache. So, I have both IIS 7 and Apache 2.2.x installed on my server with IIS on port 80 and Apache running on port 8080. I would like to set up IIS to work as a reverse proxy, forwarding the requests for the Apache sites to port 8080 and serving the requests for the .NET site itself based on the host headers. Like this: www.mydotnetsite.com/* -> IIS -> serve from IIS www.myapachesite.com/* -> IIS -> forward to apache on port 8080 www.myothersite.com/* -> IIS -> forward to apache on port 8080 I did a bit of googling and it seemed like the Application Request Routing feature would do what I needed, but I can't seem to get it to work the way I want it to. I can get it to forward ALL traffic to the Apache server and I can get it to forward traffic with a specific URL pattern to the Apache server, but I can't seem to get it to forward based on the host headers (e.g. "forward all requests for www.apachesite.com - localhost:8080") So the question is, how would I go about configuring ARR to do this? Or do I need a different tool? I'm also open to using Apache as the reverse proxy and forwarding the .NET site requests to IIS instead if that's easier (running Apache on port 80 and IIS on 8080).

    Read the article

  • Reverse and Forward DNS set up correctly but sometimes MapReduce job fails

    - by phodamentals
    Ever since we switched over our cluster to communicate via private interfaces and created a DNS server with correct forward and reverse lookup zones, we get this message before the M/R job runs: ERROR org.apache.hadoop.hbase.mapreduce.TableInputFormatBase - Cannot resolve the host name for /192.168.3.9 because of javax.naming.NameNotFoundException: DNS name not found [response code 3]; remaining name '9.3.168.192.in-addr.arpa' A dig and nslookup both show that the reverse and forward look-ups both get good responses with no errors from within the cluster. Shortly after these messages, the job runs...but every once in awhile we get a NPE: Exception in thread "main" java.lang.NullPointerException INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.net.DNS.reverseDns(DNS.java:93) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.hbase.mapreduce.TableInputFormatBase.reverseDNS(TableInputFormatBase.java:219) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.hbase.mapreduce.TableInputFormatBase.getSplits(TableInputFormatBase.java:184) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.mapred.JobClient.writeNewSplits(JobClient.java:1063) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.mapred.JobClient.writeSplits(JobClient.java:1080) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.mapred.JobClient.access$600(JobClient.java:174) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.mapred.JobClient$2.run(JobClient.java:992) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.mapred.JobClient$2.run(JobClient.java:945) INFO app.insights.search.SearchIndexUpdater - at java.security.AccessController.doPrivileged(Native Method) INFO app.insights.search.SearchIndexUpdater - at javax.security.auth.Subject.doAs(Subject.java:415) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.security.UserGroupInformation.doAs(UserGroupInformation.java:1408) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.mapred.JobClient.submitJobInternal(JobClient.java:945) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.mapreduce.Job.submit(Job.java:566) INFO app.insights.search.SearchIndexUpdater - at org.apache.hadoop.mapreduce.Job.waitForCompletion(Job.java:596) INFO app.insights.search.SearchIndexUpdater - at app.insights.search.correlator.comments.CommentCorrelator.main(CommentCorrelator.java:72 Does anyone else who has set-up a CDH Hadoop cluster on a private network w/DNS server get this? CDH 4.3.1 with MR1 2.0.0 and HBase 0.94.6

    Read the article

  • Total newb having SSH and remote MySQL access problems

    - by kscott
    I don't often work with linux or need to SSH into remote MySQL databases, so pardon my ignorance. For months I had been using the HeidiSQL client application to remotely access a MySQL database. Today two things happened: the DB moved to a new server and I updated HeidiSQL, now I cannot log in to the MySQL server, when attempting I get this message from Heidi: SQL Error (2003) in statement #0: Can't connect to MySQL server on 'localhost' (10061) If I use Putty, I can connect to the server and get MySQL access through command line, including fetching data from the DB. I assume this means my credentials and address are correct, but do not understand why putting those same details into HeidiSQL's SSH tunnel info won't work. I also downloaded the MySQL Workbench and attempted to set up a connection through that client and got this message: Cannot Connect to Database Server Your connection attempt failed for user 'myusername' from your host to server at localhost:3306: Lost connection to MySQL server at 'reading initial communication packet', system error: 0 Please: 1 Check that mysql is running on server localhost 2 Check that mysql is running on port 3306 (note: 3306 is the default, but this can be changed) 3 Check the myusername has rights to connect to localhost from your address (mysql rights define what clients can connect to the server and from which machines) 4 Make sure you are both providing a password if needed and using the correct password for localhost connecting from the host address you're connecting from From Googling around I see that it could be related to the MySQL bind-address, but I am a third party sub-contractor with no access to the MySQL settings of this box and the system admin is assuring me that I'm an idiot and need to figure it out on my end. This is completely possible but I don't know what else to try. Edit 1 - The client settings I am using In Heidi and MySQL Workbench I am using the following: SSH host + port: theHostnameOfTheRemoteServer.com:22 {this is the same host I can Putty to} SSH Username: mySSHusername {the same user name I use for my Putty connection} SSH Password: mySSHpassword {the same password for the Putty connection} Local port: 3307 MySQL host: theHostnameOfTheRemoteServer.com MySQL User: mySQLusername {which I can connect with once in with Putty} MySQL Password: mySQLpassword {which works once in with Putty} Port: 3306

    Read the article

  • How to remap IPs visible from local machine to IPs visible from a machine I have SSH access to?

    - by gooli
    I'm so far out of my depth I don't even know what to google for. There's a server I can connect to via SSH. Via that server I can access other server on its subnet via SSH. What I want to do is be able to access the machines that server has access to directly. Say the server IP is 192.168.7.7 and is the only one in the 192.168.x.x range I have access to. I'd like to configure things in such a way that when I to access say 192.168.7.100 on my machine, the connection will go through an SSH tunnel I open to 192.168.7.7 and out to 192.168.7.100. I would like this to work for any port if at all possible. I know I can set an HTTP proxy and even a SOCKS proxy, but I'm wondering is there is a way to actually remap some of the IP my machine sees to IP only visible from the remote machine. What would this configuration be called? IS this NAT, VPN, IP2IP or something else? How can I set up this on a Windows client box that connects via SSH to a Linux box? Sounds to me like I need to set up some kind of filtering on the network driver or possibly a virtual NIC, but I'm not sure where to go next.

    Read the article

  • Tunneling a public IP to a remote machine

    - by Jim Paris
    I have a Linux server A with a block of 5 public IP addresses, 8.8.8.122/29. Currently, 8.8.8.122 is assigned to eth0, and 8.8.8.123 is assigned to eth0:1. I have another Linux machine B in a remote location, behind NAT. I would like to set up an tunnel between the two so that B can use the IP address 8.8.8.123 as its primary IP address. OpenVPN is probably the answer, but I can't quite figure out how to set things up (topology subnet or topology p2p might be appropriate. Or should I be using Ethernet bridging?). Security and encryption is not a big concern at this point, so GRE would be fine too -- machine B will be coming from a known IP address and can be authenticated based on that. How can I do this? Can anyone suggest an OpenVPN config, or some other approach, that could work in this situation? Ideally, it would also be able to handle multiple clients (e.g. share all four of spare IPs with other machines), without letting those clients use IPs to which they are not entitled.

    Read the article

  • How does Tunlr work?

    - by gravyface
    For those of you not in the US, Tunlr uses DNS witchcraft to allow you to access US-only (and UK-only stuff like BBC radio online) services and Websites like Hulu.com, etc. without using traditional methods like a VPN or Web proxy. From their FAQ: Tunlr does not provide a virtual private network (VPN). Tunlr is a DNS (domain name system) unblocking service. We’re using sophisticated technologies (a.k.a. the Tunlr Secret Sauce ©) to re-adress certain data envelopes, tricking the receiver into thinking the envelope originated from within the U.S. For these data envelopes, Tunlr is transparently creating a network tunnel from your location to our U.S.-based servers. Any data that’s not directly related to the video or music content providers which Tunlr supports is not only left untouched, it’s also not even routed through Tunlr. In order to use Tunlr, you will have to change the DNS address. See Get started for more information. I can't really wrap my head around how this works; I have always assumed that these services performed a geolocation lookup via your client IP. Just really curious as to how this works. EDIT 2 I believe they're only proxying the initial geo check and then modifying the data stream request to include your real IP address so that the streaming is direct, not proxied.

    Read the article

  • SSH connection falling down

    - by kappa
    I've set up a connection with autossh that creates some tunnels at system startup, but if I try to connect, after successful login (with RSA key) connection fall down, here a trace: debug1: Authentication succeeded (publickey). debug1: Remote connections from LOCALHOST:5006 forwarded to local address localhost:22 debug1: Remote connections from LOCALHOST:6006 forwarded to local address localhost:80 debug1: channel 0: new [client-session] debug1: Requesting [email protected] debug1: Entering interactive session. debug1: remote forward success for: listen 5006, connect localhost:22 debug1: remote forward success for: listen 6006, connect localhost:80 debug1: All remote forwarding requests processed debug1: Sending environment. debug1: Sending env LANG = it_IT.UTF-8 debug1: Sending env LC_CTYPE = en_US.UTF-8 debug1: client_input_channel_req: channel 0 rtype exit-status reply 0 debug1: client_input_channel_req: channel 0 rtype [email protected] reply 0 debug1: channel 0: free: client-session, nchannels 1 Transferred: sent 2400, received 2312 bytes, in 1.3 seconds Bytes per second: sent 1904.2, received 1834.4 debug1: Exit status 1 What can be the problem? All this stuff is managed by a script already running on another machine (creating reverse tunnels on the same machine but with different ports)

    Read the article

  • How to stop split tunnelling over cisco VPN (OS X)?

    - by Notre
    I'm using OS X (Snow Leopard) and the built in Cisco IP Sec client to connect to my corporate VPN. Currently, everything works as designed, and desired for most people. However, I would like to be able to funnel all traffic (particularly all web browser traffic) through the VPN. (Note - I'm an end user here, not the network administrator). Is this possible? In searching around, most people are looking to do the opposite; break out the VPN and enable split tunnelling of data. I'd like to avoid the split tunnelling. Is there some setting I can make in my OS X client to make this happen? I ran across a post where routing table changes are made to force split tunnelling: how to force split tunnel routing on mac -> cisco vpn I'm thinking something similar to that might work, but I'm not a networking expert so I'm not sure where to start (or if it is even possible). Thank you! Notre

    Read the article

  • Does any Certificate Authority support both SAN and wildcards?

    - by nicholas a. evans
    My basic quandry is that wildcard certificates don't support subdomains of subdomains, nor do they help with alternate domain names. Basically, if my CN is example.com, I want a Subject Alternative Name field that looks roughly like so: DNS:example.com DNS*.example.com DNS:*.beta.example.com DNS:example.net DNS:*.example.net DNS:*.beta.example.net Using a self-signed cert, I verified that the browsers will work just fine with this. Unfortunately, none of the Certificate Authorities that I looked into (Thawte, GoDaddy, Verisign, Digicert) seemed to support both wildcard certs and Subject Alternative Name (sometimes referred to as "Multiple Domain UCC"). I even called up GoDaddy tech support to confirm. Is there a CA (trusted by 99% of browsers) that supports wildcards for the Subject Alternative Name? One little restriction: I'm saddled with Amazon EC2's single Elastic IP per instance limitation. Here are what I see as my backup plans: set up three extra EC2 instances, each configured for a different IP address and cert, and nginx reverse proxy from three of them into the app server(s) introduces latency(?), and even the cheapest EC2 instance isn't that cheap instead of dedicated reverse proxy instances, setup the four or more almost identical EC2 app servers, with nginx using the port to determine which cert to deliver, and use haproxy to distribute the traffic amongst themselves. complicated to configure and manage? I'm not using the cheapest EC2 instance type for my app servers. If I don't need 4+ app servers for the load, it raises the cost. set up an external server (outside of EC2) that doesn't have EC2's Elastic IP address restrictions, setup all of the alternate IP addresses and certificates on that server, and nginx reverse proxy from that server into the EC2 app servers. extra IP addresses are almost free (still need to pay for the server of course), but don't come with the robust "elasticity" that Amazon's Elastic IPs provide. even more latency than in the first scenario. Are these approaches crazy or reasonable? Do you have another one to suggest?

    Read the article

< Previous Page | 18 19 20 21 22 23 24 25 26 27 28 29  | Next Page >