Search Results

Search found 5390 results on 216 pages for 'ssl vpn'.

Page 24/216 | < Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31 | Next Page >

Windows Server 2012 - SSL Cypher Suite Order Not Long Enough

- by Sam

I want to re-order the cypher suites on our new Windows Server 2012 box to help mitigate the BEAST vulnerability for our clients. I went to Local Group Policy => Computer Configuration => Administrative Templates => Network => SSL Configuration Settings, opened SSL Cypher Suite Order, enabled it, and copied the values from the SSL Cypher Suites textbox. I pasted them into notepad, re-ordered them, then copied+pasted them back into the SSL Cypher Suites textbox. However, the box isn't long enough to hold them all, despite the fact that the length didn't change. I would have to drop the last 3 cyphers (SSL_CK_DES_192_EDE3_CBC_WITH_MD5,TLS_RSA_WITH_NULL_SHA256,TLS_RSA_WITH_NULL_SHA) in order for it to fit. Should I just drop them? Other ideas?

Read the article
Emulate a VPN through ssh

- by Ian

I have a Linux server running ubuntu 10.04 server. I would like to tunnel my iPhone traffic through this server using ssh, but that's not such an easy solution. Is there a way to simulate a VPN over ssh so that I can configure my iPhone to connect to this VPN and protect my traffic? I know I could set up a real VPN server but it looks kind of complicated and "expensive" (resources I mean). Any ideas? Thanks!

Read the article
RDP over VPN only

- by shiva

I know this question has been asked many a times here. But i want to gain certain perspective here. I have enabled VPN on certain systems and then can access remote system using rdp. However they can access the remote system without rdp as well. Is this because all these systems are in same lan group? How can i ensure that rdp works only when connected to vpn? I am looking at one vpn system and people should log into that system and then connect to vpn and then access remote system using rdp. I know that this can be achieved but i am not sure how to go about it. please guide me

Read the article
iptables to block non-VPN-traffic if not through tun0

- by dacrow

I have a dedicated Webserver running Debian 6 and some Apache, Tomcat, Asterisk and Mail-stuff. Now we needed to add VPN support for a special program. We installed OpenVPN and registered with a VPN provider. The connection works well and we have a virtual tun0 interface for tunneling. To archive the goal for only tunneling a single program through VPN, we start the program with sudo -u username -g groupname command and added a iptables rule to mark all traffic coming from groupname iptables -t mangle -A OUTPUT -m owner --gid-owner groupname -j MARK --set-mark 42 Afterwards we tell iptables to to some SNAT and tell ip route to use special routing table for marked traffic packets. Problem: if the VPN failes, there is a chance that the special to-be-tunneled program communicates over the normal eth0 interface. Desired solution: All marked traffic should not be allowed to go directly through eth0, it has to go through tun0 first. I tried the following commands which didn't work: iptables -A OUTPUT -m owner --gid-owner groupname ! -o tun0 -j REJECT iptables -A OUTPUT -m owner --gid-owner groupname -o eth0 -j REJECT It might be the problem, that the above iptable-rules didn't work due to the fact, that the packets are first marked, then put into tun0 and then transmitted by eth0 while they are still marked.. I don't know how to de-mark them after in tun0 or to tell iptables, that all marked packet may pass eth0, if they where in tun0 before or if they going to the gateway of my VPN provider. Does someone has any idea to a solution? Some config infos: iptables -nL -v --line-numbers -t mangle Chain OUTPUT (policy ACCEPT 11M packets, 9798M bytes) num pkts bytes target prot opt in out source destination 1 591K 50M MARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 MARK set 0x2a 2 82812 6938K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 CONNMARK save iptables -nL -v --line-numbers -t nat Chain POSTROUTING (policy ACCEPT 393 packets, 23908 bytes) num pkts bytes target prot opt in out source destination 1 15 1052 SNAT all -- * tun0 0.0.0.0/0 0.0.0.0/0 mark match 0x2a to:VPN_IP ip rule add from all fwmark 42 lookup 42 ip route show table 42 default via VPN_IP dev tun0

Read the article
Why the VPN Network Shake-Up?

- by Brent Arias

I can RDP to another machine on my home network, only if I'm not also hooked up to my employer's VPN with the Cisco VPN client. Indeed, I can't even ping the other machine by name in this mode, because ICMP suddenly thinks that ( ping myMachine ) now means ( ping myMachine.myEmployer.com ). Of course there is no machine by that latter name, and so it fails. Even weirder, once I disconnect from the VPN I can again ping myMachine successfully, but ICMP reports the machine by its MAC address instead of its IP address. I don't think I've ever seen ping identify another machine by its MAC address. So two questions: How can I access via RDP/ping the other machine BY NAME on my local network while also connected to the VPN? Why is ping identifying a MAC address for the machine on my home network, instead of an IP address? And how can I change this so that an IP address is reported instead? For question #1, I can indeed access the other machine on my home network by IP address. I suspect if I put the name-IP pair into my HOSTS file, then I would be able to access it even when connected to the VPN. But I wonder if there is another (more elegant) solution?

Read the article
Avoid blocked URL's when on VPN from home

- by Marcus

When I'm on my home PC and on my company VPN I can't get to sites that my company blocks. Is there a way to get around this? Why do my requests to facebook.com go through the VPN? Can you configure your system to, for instance, not go through the VPN for HTTP traffic?

Read the article
Is it possible to nest VPN connections?

- by Tie-fighter

Is it possible to create an VPN connection while using site-to-site VPN? Also see: http://serverfault.com/questions/126537/is-it-possible-to-use-microsofts-secure-connection-rules-ipsec-with-vpn

Read the article
How to install SSL on current site?

- by vpoola88

So I've looked at a ton of guides, but non of them seem to get our site to work. This is what I was probably following the closest:https://www.digitalocean.com/community/articles/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-12-04 I also wanted to know why there is a default-ssl in apache2/sites-available ? Is this where I would have to put my configuration? This is my first exposure to SSL and site deployment in general. Thanks guys.

Read the article
VPN connection sharing for Ubuntu guest

- by pzico

I have Ubuntu 10.04 guest on Windows XP host. I need to use a specific VPN software that works only on Windows. How should I configure virtualbox/guest so that the VPN connection would be visible on guest? I already tried NAT and bridged network settings. With both of these options I get only normal internet connection to work, but sites requiring VPN don't work on guest, only on host.

Read the article
Recommendation for a non-standard SSL port

- by onurs

Hey guys, On our server I have a single IP, and need to host 2 different SSL sites. Sites have different owners so have different SSL certificates, and can't share the same certificate with SAN. So as a last resort I have modified the web application to give the ability to use a specified port for secure pages. For its simple look I used port 200. However I'm worried about some visitors may be unable to see the site because of their firewalls / proxies blocking the port for ssl connections. I heard some people were unable to see the website, a home user and someone from an enterprise company, don't know if this was the reason. So, any recommendations for a non-standard SSL port number (443 is used by the other site) which may work for visitors better than port 200 ? Like 8080 or 8443 perhaps? Thanks!

Read the article
No Internet access while being connected to VPN using Cisco VPN Client 5.

- by szeldon

Hi, I have an access to corporate VPN using Cisco VPN Client 5.0.00:0340, but when I'm connected to it, I don't have an Internet access. I'm using Windows XP SP3. As it was suggested here http://forums.speedguide.net/showthread.php?t=209167 , I tried to enable "Allow local LAN Access" but it doesn't work. I also tried a second solution - deleting entry using "route" command, but it didn't help. I used "route delete 192.168.100.222". It's a third day of my attempts to solve this issue and I don't have an idea what else to do. I'm not very experienced in VPN stuff, but I know something about networking. Basing on my knowledge, I think that it's theoretically possible to achieve Internet access using my local network and only corporate stuff to be routed using VPN connection. I think that theoretically this should look like this: every IP being inside by corporation - VPN interface IP every other IP - my ethernet interface I've tried many possibilities of how to change those routes, but neither of them work. I'd really appreciate any help. My route configuration before connecting to VPN: =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...00 c0 a8 de 79 01 ...... Atheros AR5006EG Wireless Network Adapter - Teefer2 Miniport 0x10005 ...02 00 4c 4f 4f 50 ...... Microsoft Loopback Card 0x160003 ...00 17 42 31 0e 16 ...... Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller - Teefer2 Miniport =========================================================================== =========================================================================== Active routes: Network Destination Netmask Gateway Interface Metrics 0.0.0.0 0.0.0.0 192.168.101.254 192.168.100.222 10 10.0.0.0 255.255.255.0 10.0.0.10 10.0.0.10 30 10.0.0.10 255.255.255.255 127.0.0.1 127.0.0.1 30 10.255.255.255 255.255.255.255 10.0.0.10 10.0.0.10 30 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.100.0 255.255.254.0 192.168.100.222 192.168.100.222 1 192.168.100.222 255.255.255.255 127.0.0.1 127.0.0.1 1 192.168.100.255 255.255.255.255 192.168.100.222 192.168.100.222 1 224.0.0.0 240.0.0.0 10.0.0.10 10.0.0.10 3 224.0.0.0 240.0.0.0 192.168.100.222 192.168.100.222 1 255.255.255.255 255.255.255.255 10.0.0.10 10.0.0.10 1 255.255.255.255 255.255.255.255 192.168.100.222 192.168.100.222 1 255.255.255.255 255.255.255.255 192.168.100.222 2 1 Default gateway: 192.168.101.254. =========================================================================== My route configuration after connection to VPN: =========================================================================== Interface List 0x1 ........................... MS TCP Loopback interface 0x2 ...00 c0 a8 de 79 01 ...... Atheros AR5006EG Wireless Network Adapter - Teefer2 Miniport 0x10005 ...02 00 4c 4f 4f 50 ...... Microsoft Loopback Card 0x160003 ...00 17 42 31 0e 16 ...... Marvell Yukon 88E8055 PCI-E Gigabit Ethernet Controller - Teefer2 Miniport 0x170006 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter - Teefer2 Miniport =========================================================================== =========================================================================== Active routes: Network Destination Netmask Gateway Interface Metrics 0.0.0.0 0.0.0.0 10.251.6.1 10.251.6.51 1 10.0.0.0 255.255.255.0 10.0.0.10 10.0.0.10 30 10.0.0.0 255.255.255.0 10.251.6.1 10.251.6.51 10 10.0.0.10 255.255.255.255 127.0.0.1 127.0.0.1 30 10.1.150.10 255.255.255.255 192.168.101.254 192.168.100.222 1 10.251.6.0 255.255.255.0 10.251.6.51 10.251.6.51 20 10.251.6.51 255.255.255.255 127.0.0.1 127.0.0.1 20 10.255.255.255 255.255.255.255 10.0.0.10 10.0.0.10 30 10.255.255.255 255.255.255.255 10.251.6.51 10.251.6.51 20 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.100.0 255.255.254.0 192.168.100.222 192.168.100.222 10 192.168.100.0 255.255.254.0 10.251.6.1 10.251.6.51 10 192.168.100.222 255.255.255.255 127.0.0.1 127.0.0.1 10 192.168.100.255 255.255.255.255 192.168.100.222 192.168.100.222 10 213.158.197.124 255.255.255.255 192.168.101.254 192.168.100.222 1 224.0.0.0 240.0.0.0 10.0.0.10 10.0.0.10 30 224.0.0.0 240.0.0.0 10.251.6.51 10.251.6.51 20 224.0.0.0 240.0.0.0 192.168.100.222 192.168.100.222 10 255.255.255.255 255.255.255.255 10.0.0.10 10.0.0.10 1 255.255.255.255 255.255.255.255 10.251.6.51 10.251.6.51 1 255.255.255.255 255.255.255.255 192.168.100.222 192.168.100.222 1 255.255.255.255 255.255.255.255 192.168.100.222 2 1 Default gateway: 10.251.6.1. ===========================================================================

Read the article
How do I remove/uninstall a corporate VPN?

- by Metro Smurf

I have a corporate VPN installed on one of my Windows XP systems that I'd like to completely uninstall. There are no programs listed in the add/remove programs dialog matching the corporate VPN name or similar. I can find the VPN being launched from here: C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Connections\Cm\<Company Name> I can see the VPN connection under network connections: Name Type Device Name Connection Manager ------------------- Connection to <Company Name> Connection Manger WAM Miniport (PPTP) Do I just need to delete the connection from Network Connections? And delete the directory? Or?

Read the article
Switching Servers, SSL domain, one vps?

- by ThomasReggi

Feeding off of this post. I have a domain with Dreamhost and i've purchased SSL certificate for it. I am moving over the server files to Linode but and setting the DNS in dreamhost to point over. Linode provides a ip but it's not dedicated. What is going to happen to SSL on that dreamhost IP when I switch over the DNS to linode? I have one virtual host can I host multiple domains while using SSL for one?

Read the article
Is SSL to the proxy good enough?

- by Josh Smeaton

We are currently trying to decide on how best to do SSL traffic in our environment. We have an externally facing Apache proxy server that is responsible for directing all traffic into our environment. It is also doing the SSL work for the majority of our servers. There are one or two IIS servers in particular that are doing their own SSL, but they are also behind the proxy. I'm wondering, is SSL to the proxy good enough? It would mean that traffic within our network is identifiable, but is that such a big deal?

Read the article
iptables to block VPN-traffic if not through tun0

- by dacrow

I have a dedicated Webserver running Debian 6 and some Apache, Tomcat, Asterisk and Mail-stuff. Now we needed to add VPN support for a special program. We installed OpenVPN and registered with a VPN provider. The connection works well and we have a virtual tun0 interface for tunneling. To archive the goal for only tunneling a single program through VPN, we start the program with sudo -u username -g groupname command and added a iptables rule to mark all traffic coming from groupname iptables -t mangle -A OUTPUT -m owner --gid-owner groupname -j MARK --set-mark 42 Afterwards we tell iptables to to some SNAT and tell ip route to use special routing table for marked traffic packets. Problem: if the VPN failes, there is a chance that the special to-be-tunneled program communicates over the normal eth0 interface. Desired solution: All marked traffic should not be allowed to go directly through eth0, it has to go through tun0 first. I tried the following commands which didn't work: iptables -A OUTPUT -m owner --gid-owner groupname ! -o tun0 -j REJECT iptables -A OUTPUT -m owner --gid-owner groupname -o eth0 -j REJECT It might be the problem, that the above iptable-rules didn't work due to the fact, that the packets are first marked, then put into tun0 and then transmitted by eth0 while they are still marked.. I don't know how to de-mark them after in tun0 or to tell iptables, that all marked packet may pass eth0, if they where in tun0 before or if they going to the gateway of my VPN provider. Does someone has any idea to a solution? Some config infos: iptables -nL -v --line-numbers -t mangle Chain OUTPUT (policy ACCEPT 11M packets, 9798M bytes) num pkts bytes target prot opt in out source destination 1 591K 50M MARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 MARK set 0x2a 2 82812 6938K CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 owner GID match 1005 CONNMARK save iptables -nL -v --line-numbers -t nat Chain POSTROUTING (policy ACCEPT 393 packets, 23908 bytes) num pkts bytes target prot opt in out source destination 1 15 1052 SNAT all -- * tun0 0.0.0.0/0 0.0.0.0/0 mark match 0x2a to:VPN_IP ip rule add from all fwmark 42 lookup 42 ip route show table 42 default via VPN_IP dev tun0

Read the article
Intermediate SSL Certificates on Azure Websites

- by amhed

I have successfully configured an Extended-Validation Certificate on an Azure Website following this article: http://www.windowsazure.com/en-us/documentation/articles/web-sites-configure-ssl-certificate/ The main (non-technical) stakeholder of the web application went through great lengths to validate that our site is secure. He went to this site to check the validity of our SSL: http://www.whynopadlock.com/ The site throw the following error: `SSL verification issue (Possibly mis-matched URL or bad intermediate cert.). Details: ERROR: no certificate subject alternative name matches`` The certificate is installed using IP Based SSL instead of SNI. This is done this way because some site visitors still use Internet Explorer 8 on Windows XP, which has no support for SNI and throws a security warning. Is my certificate correclty installed? I received three .CRT files from my SSL provider: PrimaryIntermediate.crt SecondaryIntermediate.crt EndCertificate.crt This is how I exported our certificate as a .PFX file to Azure: openssl pkcs12 -export -out myserver.pfx -inkey myserver.key -in myserver.crt

Read the article
Windows 7 VPN stops web browser

- by cantabilesoftware

Hi, I've just installed Windows 7 RTM and setup Windows VPN to work office. It all works fine except, when the VPN is connected, regular web access stops working eg: local web browser can't connect to anything. Disconnect VPN and web works again. I've tried re-ordering the priorities of network adaptors with no luck. I'm not sure where to look next. Any ideas? Brad

Read the article
Last (I think and hope) problems configuring SSL certificate with Apache and VirtualHosts

- by user65567

Finally I set apache2 to get a single certificate for all subdomains. [...] # Go ahead and accept connections for these vhosts # from non-SNI clients SSLStrictSNIVHostCheck off # Apache setup which will listen for and accept SSL connections on port 443. Listen 443 # Listen for virtual host requests on all IP addresses NameVirtualHost *:443 # Because this virtual host is defined first, it will # be used as the default if the hostname is not received # in the SSL handshake, e.g. if the browser doesn't support # SNI. <VirtualHost *:443> ServerName domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/domain/public" <Directory "/Users/<my_user_name>/Sites/domain/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> <VirtualHost *:443> ServerName subdomain1.domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/subdomain1/public" <Directory "/Users/<my_user_name>/Sites/subdomain1/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> <VirtualHost *:443> ServerName subdomain2.domain.localhost DocumentRoot "/Users/<my_user_name>/Sites/subdomain2/public" <Directory "/Users/<my_user_name>/Sites/subdomain2/public"> Order allow,deny Allow from all </Directory> # SSL Configuration SSLEngine on ... </VirtualHost> So, for example, I can correctly access https://subdomain1.domain.localhost https://subdomain2.domain.localhost ... Now, anyway, I have problems on accessing http://subdomain1.domain.localhost http://subdomain2.domain.localhost ... Since I use a Mac Os, on accessing the "http: version", I get a default page "Your website." (instead of a error). Why does it happen?

Read the article
Windows 7 VPN wont allow FTP, route FTP traffic through local network

- by Rolf Herbert

I use a VPN on my windows 7 PC for privacy and currently route all my traffic through the VPN. This arrangement is fine and its plenty fast. Unfortunately the VPN does not allow any FTP traffic so when I am updating websites I have to disconnect the VPN and work through my local connection. This is annoying and cumbersome. I have read a little about split tunnelling but this is not quite what I need, and it often talks about 'internet' traffic which is not specific to certain IPs or ports. Is it possible to route traffic on certain ports through the local connection, or is it possible to route traffic on certain IPs through the local connection using stuff built into windows 7..? Thanks

Read the article
Problem with PPTP VPN and internet

- by Enriquev

Hello, I have an internet connection the following way : Internet Modem <- FireWall(not a router, a firewall) <- PC Everything is setup so my pc has an external ip address, and my firewall takes care of blocking bad stuff. I connect by VPN to an external network, so I added a new connection using Windows Xp's "New connection wizard" (the vpn client that comes with Windows XP), it's a PPTP connection so I used all default settings. I put the PPTP server's IP, my username and password and I succesfully connected. I was able to have access to the external VPN ressources. The only problem is everytime I connect to this VPN, my computer cannot connect to the web anymore, no msn, no ping, no web. Is there anything special I should be doing?

Read the article
Auto login CISCO VPN client on linux [closed]

- by user70704

Hi, I have installed Cisco vpn client on my linux system (Fedora core 8). After login, every time, i need to run the following command VPNC to connect the VPN server. VPNC command request the input data from the user, IPSec gateway : IPSec ID: IPSec Secret: Username: Password: So, my requirement is, can i connect the VPN server through any single command?. I feel so lazy to enter the above requirements at every time. I want to connect the VPN Server on boot startup. I was try using expect script, but i can't. Thanks in advance.

Read the article
Redirection and SSL

- by Kobus Myburgh

I hope I am asking this at the correct forum. I have a client from whom I have developed a PHP based Facebook project, who is hosting their site on IIS with ASP and no access to PHP, so they have created a sub domain to point to my server to host the site. I have an SSL on www.mydomain.com, but their sub domain does not have SSL (app.theirdomain.com). Would redirection from their side be possible to SSL on my side so that the FB app works?

Read the article
iPhone VPN to iTunes Home Sharing

- by Philip Crumpton

my goal is to set up a VPN on a Windows machine that contains my iTunes library then connect to that VPN with my iPhone and be able to utilize Home Sharing remotely. I have read that this can easily be set up if the iTunes library is on a Mac (Network Beacon and YazSoft ShareTool are two products I quickly found). I can't find anyone who has had success on a Windows machine, though. In my thinking, there are two options (aside from buying a Mac): 1.) Existing utility that takes care of this for me (like the Mac-only options listed above) and is compatible with iPhone (Hamachi is NOT compatible with iPhone VPN) 2.) Manually configure a VPN to allow Bonjour multicast (can't find any information on this) FYI my router is a Linksys WRT54GL running Tomato 1.28

Read the article
OpenSwan + xl2tpd VPN: How can I share Internet connection

- by Michael

I have an OpenSwan IPSec + L2TP VPN on Linux setup working from off of my server so I can connect to it from my laptop (roadwarrior setup). I am able to connect to the VPN remotely just fine, however the internet connection is not shared. I'm assuming there is some sort of masquerading I am supposed to be doing, but I have no idea how to go about doing that (iptables?). Any help getting this working so I can essentially use my VPN connection as a proxy would be great. Thanks

Read the article
Getting VPN to work from Virtual PC

- by strobaek

Setup: Host is running Windows7. Virtual PC is a Windows Server 2008 running under VMWare workstation 6.5. From the Host I have a VPN to e.g. TFS and other resources. From the VPC I need to connect to e.g. a SQL server via the VPN. My problem is, that I cannot get a connection from the VPC. If I'm sitting on the corporate network, all is working fine (but then I don't have the VPN). From home - where the VPN is required - it does not work. I have two network adapters defined/configued. One as BRIDGED and one as Host Only. IF I change the one being BRIDTED to NATS I have no connectivity at all from the VPC. I have no problems connecting from my host to the VPC. Thanks.

Read the article

< Previous Page | 20 21 22 23 24 25 26 27 28 29 30 31 | Next Page >