Search Results

Search found 18781 results on 752 pages for 'ip port'.

Page 235/752 | < Previous Page | 231 232 233 234 235 236 237 238 239 240 241 242 | Next Page >

ASA firewalls: how does stateful filtering affect my access lists?

- by Nate

Ok, so assume that I have an ingress access list that looks like this: access-list outside_in extended ip permit any X.Y.Z.1 eq 25 access-group outside_in in interface outside And I want to do egress filtering. I want to allow inside machines to respond on port 80, and I want to allow ports over 1024. Given that the firewall is statefull, do I need to have the rule access-list inside_in extended ip permit X.Y.Z.1 any eq 25 in my inside_in ACL, or can I get away with just access-list inside_in extended ip permit any any gt 1024 access-group inside_in in interface inside In other words, if I apply an egress access list, do I have to explicitly allow machines to respond to requests allowed by the ingress access list, or does the statefullness of the firewall handle that for me? Thanks!

Read the article
Multiple VLANs on a single subnet

- by mstaessen

I would like to establish the setup shown below. The image is taken from (http://gcharriere.com/blog/?p=620) and explains how to set this up on a brocade device. I would like to use an ubuntu server to do the routing. Right now, the switch and the server/router are connected with a trunk and the server uses the vlan package, kernel module and (inner) subnets for routing. I would like that: no IP addresses get lost in the subnetting (outer subnet is /26, inner subnets are /28) I don't want the rigorous subdivision of my outer subnet. I want to assign a VLAN to any IP in the outer subnet. How do I need to configure my interfaces? What is the "ubuntu" translation of "ip follow ve"? Thanks!

Read the article
Iptables NAT logging

- by Gerard

I have a box setup as a router using Iptables (masquerade), logging all network traffic. The problem: Connections from LAN IPs to WAN show fine, i.e. SRC=192.168.32.10 - DST=60.242.67.190 but for traffic coming from WAN to LAN it will show the WAN IP as the source, but the routers IP as the destination, then the router - LAN IP. I.e. SRC=60.242.67.190 - DST=192.168.32.199 SRC=192.168.32.199(router) - DST=192.168.32.10 How do I configure it so that it logs the conversations correctly? SRC=192.168.32.10 - DST=60.242.67.190 SRC=60.242.67.190 DST=192.168.32.10 Any help appreciated, cheers

Read the article
tcpview cannot kill connection/process

- by Stig

I have a program that sometime misses to close a tcp connection. After the program has ended I can see that the port is taken. TCPViewer shows "non-existent" in the "Process" column. If i try to "End process" or "Close connection" nothing happens. If i reboot the server the port is released. But how can I tell Windows to release this port without a reboot? SOLUTION: It was dw20.exe (Microsoft Error Reporting) that was holding it back.

Read the article
Two mail servers, need help with dns configuration for the backup one

- by user92231

I need to run a redundant backup mail server in case the main one goes down. The settings in GoDaddy look something like the following: A (Host) Host Points to @ ip address of mail1 41.x.x.x mail1 ip address of mail1 41.x.x.x mail2 ip address of mail2 196.x.x.x MX Priority host points to 10 @ mail1.mydomain.com 20 @ mail2.mydomain.com When mail1 goes down, mail2 is able to get emails. I can access it through the browser with no problem, but I want my users to able to pop3/smtp as well without changing anything in their outlook. I dont want any impact to the users when mail1 is down. Also, I'm using the windows server DFS to keep both folders of the mails in sync. Is this the right way, or should I be using something else?

Read the article
Windows VPN not authenticating from ADSL to Wireless link

- by deanvz

I have a normal windows VPN on a computer connecting to a 196.201.x.x/24 IP. If this VPN tries to connect from any address in the 41.x.x.x range it cant get there. The server is a normal windows 2008 server, running exchange with a PPPoE IP natted to a public IP on the public gateway of the wireless network as the server is on site and its connectivity is derived from Mikrotik RB's. The computer on the 41 range can traceroute and ping the server, but the VPN does not authenticate. When on the network or any other, the VPN works fine. Is there something that could be configured on the VPN client? All firewall settings of a standard ADSL router have been checked and found to block only ICMP's. Is this a VPN configuration problem or a network issue?

Read the article
Distribute outgoing connections among multiple IPs configured on the same NIC

- by cedivad

I have a NIC with 2 aliases on it. The network interface has 3 IPs configured on it. Think about it like this: i can ping the same server by hitting .100 .101 and .102. I want the source address of the outgoing connections to be distributed among these ip. So if i have 3 opened connections, one connection will have result as having an IP address ending with .100, the other two should result as having as ip addresses .101 and .102. I'm using FreeBSD but I think this question to be Linux-Like wide.

Read the article
Brocade 200E Switch - Fibre Channel

- by Arthor

What I have: Fujitsu-Siemens PRIMERGY BX600 Brocade 200E (16 port, 4gbit fibre). My question: Imagine a QNAP with a fiber 10GBIT card connected to the Brocade 200E (16 port, 4gbit fibre). Would this work; would the card drop down to 4GBIT? Are 10GBIT fiber cards backwards completable. Update. I have the specs of my server now.... Fujitsu-Siemens PRIMERGY BX600 S3 Blade Ecosystem Blade Chassis comprising; 2 x A3C40073243 Blade Management modules 2 x A3C40089238 GBE Switch Blade SB9F 30/12 2 x A3C40085736 4Gb 10 port pass through blades 1 x A3C40083767 Digital KVM Modules 2 x A3C40073245 Fan enclosures + cooling fans 4 x A3C40073262 Power Supplies My Goals and Objectives To have a blade system in place for 8 blades for video rendering, the other 2 for database and scripts etc The system will be built on VMWARE ESXi 5 Use ISCSI on the QNAP to support HA and vmotion if needed Users to access the qnap for video editing QANAP has 12 drive (2 x (6 HDD in RAID 10)

Read the article
Client can't reach my production webserver. It's their ISP's fault, but now what?

- by MikeN

I have a customer in Michigan who can't access my production SaaS webserver that is hosted on Slicehost. All other companies across the US/Canada/Europe have no problem reaching the site. This problem is occuring intermittantly, and Slicehost customer service says it's a problem with the client's ISP. I got the IP address of my client, and ping'ing that IP address from my PROD server fails, but ping'ing the IP address from my dev box or our seperate blog server (also hosted on slicehost) works. How do I debug a problem like this? I asked the client to reach out to their local ISP and ask about this problem. A traceroute shows that the packets are getting stopped on a Comcast Michigan node which is the client's ISP. Is there anything I can do additionally to fix this problem for my client?

Read the article
Amazon EC2 - Unable to connect to MySQL

- by alexus

I'm having issue connecting from one VM to another # nmap -p3306 ip-XX-XX-XX-XX.ec2.internal Starting Nmap 6.40 ( http://nmap.org ) at 2014-06-10 17:50 EDT Nmap scan report for ip-XX-XX-XX-XX.ec2.internal (XX.XX.XX.XX) Host is up (0.000033s latency). PORT STATE SERVICE 3306/tcp closed mysql Nmap done: 1 IP address (1 host up) scanned in 1.05 seconds # in my Security Group I allowed Inbound connectivity via port TCP, portrange 3306 and Source 0.0.0.0/0, so theoratically it should work, but in reality it doesn't( I'm running red hat enterprise linux 7 on both VMs. mariadb.service running fine on another VM and I am able to connect to it locally. DB's: # netstat -anp | grep 3306 tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 2324/mysqld # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # Any ideas what else I missed?

Read the article
Cisco NAT + IPSec + Web Server Configuration Question

- by zagman76

Hello - I currently have a Cisco 881W, and it is configured with one of our static IPs to do basic NAT for the network. We also have a web server that needs it's own IP. I configured the NAT for the 2nd IP, however now traffic through our IPSec VPN doesn't route to the web server properly (well, it routes to the internet, rather than through the Tunnel). I followed the instructions here: http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml But now the outbound NAT doesn't seem to be working properly - it keeps going to the NAT of the Cisco, and not the designated IP address. If anyone can assist, I would appreciate it greatly. Let me know what you need, and I'll get it to you! Thanks!

Read the article
Shorewall SHOW DYNAMIC command doesn't work

- by Andrew Burns

Setting up shorewall dynamic zones, http://shorewall.net/Dynamic.html shows the command shorewall show dynamic zone where zone is one of your zones. I can get the add and delete commands to work, but not the show dynamic command. Here is a shell session, with output from ipset list that proves that the items are indeed there. $ ipset list CPREM_br0 Name: CPREM_br0 Type: hash:ip Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16520 References: 66 Members: 192.168.85.153 $ shorewall add br0:192.168.85.200 CPREM Host br0:192.168.85.200 added to zone CPREM $ shorewall show dynamic CPREM $ ipset list CPREM_br0 Name: CPREM_br0 Type: hash:ip Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16536 References: 66 Members: 192.168.85.153 192.168.85.200 $ shorewall delete br0:192.168.85.200 CPREM Host br0:192.168.85.200 deleted from zone CPREM $ ipset list CPREM_br0 Name: CPREM_br0 Type: hash:ip Header: family inet hashsize 1024 maxelem 65536 Size in memory: 16536 References: 66 Members: 192.168.85.153 I am using the packaged version from Ubuntu 12.04 (4.4.26.1-1)

Read the article
Ways to do simple failover with one server and two IPs

- by CrassHoppr

The setup is one server (Windows 2008) at one location with two incoming connections. As the server has to interface with various on-site devices, and will have a small number of incoming connections, a data center is not an option, and instead cable/dsl connections must be used. The goal is that users visit https://service.site.com and are sent to either the primary IP address or a secondary IP if the primary is down. I've seen advice to use round robin DNS for this, but caching an IP for a downed interface is something I'd like to avoid. Is something like this possible with these constraints?

Read the article
Using gitlab behind Apache proxy all urls are wrong

- by Hippyjim

I've set up Gitlab on Ubuntu 12.04 using the default package from https://about.gitlab.com/downloads/ As I had Apache installed already I have to run nginx on localhost:8888. The problem is, all images (such as avatars) are now served from that url, and all the checkout urls Gitlab gives are also the same - instead of using my domain name. If I change /etc/gitlab/gitlab.rb to use that url, then Gitlab stops working and gives a 503. Any ideas how I can tell Gitlab what URL to present to the world, even though it's really running on localhost? /etc/gitlab/gitlab.rb looks like: # Change the external_url to the address your users will type in their browser external_url 'http://my.local.domain' redis['port'] = 6379 postgresql['port'] = 2345 unicorn['port'] = 3456 and /opt/gitlab/embedded/conf/nginx.conf looks like: server { listen localhost:8888; server_name my.local.domain;

Read the article
Configuring Wireless Network

- by Vinod K

I have vyataa router on VMware with 2 interfaces eth0 and eth1 eth0 is facing the internet eth0 is in Nat mode with dhcp on eth1 is in bridged mode with my ethernet with ip 10.0.2.34/24 The ethernet card is at ip 10.0.2.95/24 i have defined the nat rule. Hence internet is available at eth1 too. Now i am connecting a wireless router at "eth1" iball router, I have connected the router using a cable to the ethernet interface of my laptop. I have configured the WAN connection type as "Static IP" and given "10.0.2.34/24" All the clients that connect using wireless router cannot connect to the internet though. Could anyone provide me a solution for this.. Thank You!!

Read the article
How to set up hosting on Heroku and email forwarders on a WHM (cPanel)?

- by matija

I'm using DNSimple for managing my records, hosting my site at Heroku and I want to use a Linux WHM (cPanel) for managing emails forwarding (DNSimple has that feature, but it's currently not working properly). Hosting works, but I'm having a hard time getting emails to work. Here are my (pseudo-)records: Type Name TTL Points to --------------------------------------------------------- ALIAS | mydomain.com | 3600 | mydomain.herokuapp.com CNAME | www.mydomain.com | 3600 | mydomain.herokuapp.com CNAME | mail.mydomain.com | 600 | <WHM server IP address> MX | mydomain.com | 600 | <WHM server IP address> NS | mydomain.com | 3600 | ns1.dnsimple.com ... | ... | ... | ... NS | mydomain.com | 3600 | ns4.dnsimple.com There are two more records, SOA and TXT, generated by DNSimple, but I don't think those are relevant. When I add an A-record: A | mydomain.com | 3600 | WHM server IP address and change the mail CNAME and MX records to mydomain.com, emails start working, but then the hosting doesn't work anymore. Is this possible to achieve?

Read the article
Can't access network share with name defined in hosts file

- by Einar Egilsson

I have a network share on a machine that I can only reach by IP address. I then defined an alias for the IP in my hosts file so I could use that instead of the IP but then I can't log on to the share, I just get the logon prompt again and again. So basically this: \\172.17.0.48\SomeShare works but this \\myalias\SomeShare doesn't. myalias is defined in c:\windows\system32\drivers\etc\hosts as 172.17.0.48 myalias And I can use the alias for remote desktop without problems. Can anyone tell me why this doesn't work for fileshares?

Read the article
Keepalived with apache unable to bind interface on Backup server

- by davideagle

I have two debian 6 servers running keepalived 1.1.20 with one server acting as a Master and the other as a Backup. Both servers host apache 2.4 that have a global Listener on all interfaces on port 80 (Listen *:80) how ever I have some sites that require a listener for port 443 (SSL) and that is configured for each VirtualHost in the Apache config since I do not want every VirtualHost to listen on port 443. The problem is when I try to start Apache on the Backup machine that does not hold the virtual interface the VirtualHost is supposed to be listening on, I get AH00072: make_sock: could not bind to address 1.1.1.1:443. I know this is expected behavior of Apache. The real question is are there any known workarounds or solutions to this scenario?

Read the article
OpenVPN client on Amazon EC2

- by Matt Culbreth

I have an account with an OpenVPN service, and I'd like to get that running on my EC2 instance running Ubuntu 12.04. I have my config file in /etc/openvpn, and it connects fine when I run sudo openvpn --config matt.ovpn. However, I then lose connectivity to the EC2 machine, and I can't SSH back to it until I reboot. Previously I have done things like sudo ip rule add from IP_ADDRESS table 10 and then sudo ip route add default via GATEWAY_IP table 10, but that's not working on EC2. Any ideas? My private IP address right now is 10.209.29.XXX and my gateway is 10.209.29.1.

Read the article
Cisco Router 1921

- by mytempfw

I'm very new in networking and I'm trying to setup my network as follow [ISP Modem/Router/Switch] + --- + {fxp0} [Linux Firewall] {fxp1} + --- + {??} [Cisco Router 1921] {GE 0/0} + --- + [Cisco Switch] + ... Servers {GE 0/1} + --- + [Cisco Switch] + ... Servers My questions are, Since I'm using both GE 0/0 and GE 0/1 ports to connect to switch, how can I connect my Linux Firewall (Port fxp1) to my Cisco Router? I know the USB and Console port are for configuration, can I use AUX port to connect my firewall (if so is it consider a right way)? Is my setup is right? if not can someone please explain to me to do the setup in right way. Link to the picture of my router: Cisco Router 1921 Thanks

Read the article
How do I add client computers to a Windows SBS 2008 domain?

- by Jonas

We have a LAN and the router is the DHCP server. We have a server with Windows SBS 2008, it has the IP address 192.168.1.2 while the router has the IP address 192.168.1.1. I have set "DNS Relay" on the router to 192.168.1.2. I have tried to add a client computer to the SBS domain by visiting http://connect from the client computer. But that page doesn't exist. I can visit http://192.168.1.2/ then the default startpage for IIS7 is shown. I'm logged in as a local Administrator on the computer that I tries to add to the domain. How do I add the client computer to the SBS 2008 domain? The router is an D-Link DFL 200, and I have now set the "DNS Relay" to "Use address of LAN interface" instead of a specific IP-address. But it doesn't work.

Read the article
GUI session from Mac to Linux, over WAN

- by kellogs

Closest thing I could find here was this I am on Mac OS 10.5.6 with X server installed. This is the machine I am trying to get GUI session data onto. There is an Ubuntu 11.10 Linux on which I have installed an X server and GDM. This is the machine where the GUI session data should come from. Currently, I got to the point where Linux listenes on port TCP 6000 for its clients. 1 - how do I swap port 6000 for port 6767 ? 2 - how do I connect to 6767 from my Mac ? Thanks

Read the article
Accessing non-port80 web server using IPv6

- by logain

In a normal IPv4 network, I can go into any browser such as Firefox and browse a server on a IPv4 address not hosted on port 80: (add http:// - Super user stops "new" users from adding links)192.168.42.6:8080/ This accesses the server on Port 8080 on 192.168.42.6. However, if I try this with a IPv6 IP, I get no luck. This tries to access port 8080 on fe80::520:ff0f:ece0:1 : http://[fe80::520:ff0f:ece0:1]:8080/ Firefox will automatically "fix" this URL to: http://[www.fe80::520:ff0f:ece0:1.com]:8080/ which does not help me access it at all. So either I am doing something really wrong OR there's something really wrong with IPv6. Couldn't find anything that even remotely helped on the Internet. (And yes, there is a server running on the IPv6 in question)

Read the article
Very slow loading pages with router

- by user984621

I bought new router - this one: http://www.tp-link.com/en/products/details/?model=TL-WR841ND and the problem is, that the loading pages is so slow, even sometimes the pages aren't loaded at all. Is the same, when I have on the Mac OS or Windows. Below are the informations from the router-admin section: LAN IP Address: 192.168.2.1 Subnet Mask: 255.255.255.0 WAN IP Address: 192.168.1.100 Dynamic IP Subnet Mask: 255.255.255.0 Default Gateway: 192.168.1.254 DNS Server: 89.203.178.2 , 10.14.2.1 How can I fix this problem? Is almost impossible to use the internet this way.

Read the article
How to access an node of an LAN via WAN?

- by gilzero

Lets say I have a router that is connected to the Internet. An WAN IP address is given by ISP. It is using PPPoE ADSL, the IP address is not static, every time it connected, assigned a different IP address. There is an web server 192.168.0.100 running in the LAN. I heard something like DMZ + DynDNS can do the job? But not sure what these are and how they work. Any there way(s) to access the local node 192.168.0.100 via WAN, so that I can reach that node even I am not home. Thanks for any advice.

Read the article

< Previous Page | 231 232 233 234 235 236 237 238 239 240 241 242 | Next Page >