Search Results

Search found 3251 results on 131 pages for 'firewall'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 27/131 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

  • CSF Unresolved issue

    - by josephmarhee
    I began receiving service failures for CSF/LFD once the limit was reached in iptables preventing the service from working properly. I flushed all iptables rules, and redid by rules using CIDR rather than the individual IPs that were listed and the issue persists. Error: The VPS iptables rule limit (numiptent) is too low (1527/1536) - stopping firewall to prevent iptables blocking all connections, at line 1459 This is after restarting CSF, which gave me: You have an unresolved error when starting csf. You need to restart csf successfully to remove this warning CSF still seems to be trying to enforce rules that no longer exists (lists entire chains upon trying to be restarted,only to fail with that error). Any idea of what's going on?

    Read the article

  • Windows IPSec computer authentication using *user* account?

    - by Tim Brigham
    For some reason every once in a while it happens that my IPSec authentication is from a user account to a computer account, not computer to computer. How can I fix it? Sometimes - notably when I try to add a new workstation through ePO but it's happened other times as well I'm getting strange behavior from my Windows Advanced Firewall IPSec. This causes the authentication to be invalid (as the group memberships, etc all assume computer accounts). I have no idea why this is happening or how to fix it but the IDs to match up between servers (the opposite server in my second example has remote ID timb).

    Read the article

  • How can I redirect HTTPS(S) traffic to anothr gateway?

    - by PsyStyle
    I have a network like 192.168.0.0/15 with the default gateway set to 192.168.0.1. Al the workstations of the network use this gateway for all kind of accesses to the Internet. Now I am testing a new Internet connection with another provider and for this I am using a second gateway on the same subnet with 192.168.0.2 as IP address. I want to redirect only HTTP and HTTPS traffic to this second gateway without touching the address of the default gateway set inside every workstation. How can I accomplish this task? What I have to change inside the first's gateway firewall configuration or routes? I tried with a dnat like DNAT loc:192.168.0.1 loc:192.168.0.2 tcp 80 but nothing worked. I use Shorewall for simplicity in configuration but I can understand even theorical answers which I will try to adapt to my case

    Read the article

  • My Domain Is Getting Blocked As Gambling

    - by Tim Scott
    I have a site at http://slotted.co. Some of my would-be users complain that their company firewall blocking access. At least one user told me it was flagged as a gambling domain, which it is not. What can I do about this? Incidentally I own some other domains, such as signupster.com, which redirect to my site. I wonder if a quick workaround would be to make that my main domain and have slotted.co redirect? Obviously I prefer in the long terms that slotted.co is considered clean.

    Read the article

  • Request to server x Reply from server y

    - by klaasio
    I need some advice from you guys: I'm dealing with a custom loadbalancer/software for which we will use 2 main servers and about 8 slave servers. In short: User sends request to main server, main server will receive and handle the requests, sends a request to a slave server and slave server should send data DIRECTLY to the "user". User - Main server Main server - Slave server Slave server - User The reason for which data should be send directly to the user and not through the main server is because of bandwidth and low budget. Now I have the following idea's: -IPinIP, but that is not possible in Layer7 (so far i know there some expensive routers for that) -IP Spoof, using C/C++ we will make it look like the reply came from main server. But I was thinking, perhaps the reply "slave server - User" could just come from a different IP without causing issues in the firewall from the user or his anti-virus. I don't know so well about "home" firewalls/routers and/or anti-virus software. I guess the user machine wouldn't handle it well?

    Read the article

  • ipfw is blocking access to a script

    - by user225551
    I need to figure out how to troubleshoot why ipfw is blocking my script. This script parses out some rss feeds over the net. I have about 10 different feed urls. About 5 or 6 of these urls are returning xml, the others are timing out. If I turn the firewall off, they will all work. The issue I'm having is that I have no idea what port I need to open for the urls that are timing out. Is there a command that will show me this?

    Read the article

  • iptables to allow input and output traffic to and from web server only

    - by Caedmon
    I have an Elastic Search server which seems to have been exploited (it's being used for a DDoS attack having had NO firewall for about a month). As a temporary measure while I create a new one I was hoping to block all traffic to and from the server which wasn't coming from or going to our web server. Will these iptables rules achieve this: iptables -I INPUT \! --src 1.2.3.4 -m tcp -p tcp --dport 9200 -j DROP iptables -P FORWARD \! --src 1.2.3.4 DROP iptables -P OUTPUT \! --src 1.2.3.4 DROP The first rule is tried and tested but obviously wasn't preventing traffic coming from my server to other IP addresses so I was hoping I could add the second two rules to full secure it.

    Read the article

  • IIS: Can't access my site

    - by Markus
    Hi I have Windows 7 Professional. With IIS 7 or 7.5 I have set up a little website. So far all works fine on http://Localhost:80 - I can see the site. Then I set up the firewall so port 80 is open. My Router routes TCP:80 to my pc. But from my second pc I cant access the site. I can ping the other pc but why I can't access the page through the LAN? Please help!

    Read the article

  • How to temporarily disable SonicWall from connecting to the internet?

    - by Jerry Dodge
    I have been doing some extensive seeking in our SonicWall TZ-215 for the source(s) of unnecessary internet traffic, as we have issues with excessive traffic. As part of my research, I need to watch the Connections Monitor, which lists me all the current connections. This list becomes quite long, with 40+ devices on the network, it's tough to pinpoint the main causes. What I would like to do is disable the SonicWall its self from letting its internal components from connecting to anything. Is there any type of trick I can do in the Firewall which can prevent the router system from connecting to anything, to clean up the connections monitor and allow only suspicious traffic?

    Read the article

  • How can I redirect HTTP(S) traffic to another gateway?

    - by PsyStyle
    I have a network like 192.168.0.0/15 with the default gateway set to 192.168.0.1. All the workstations of the network use this gateway for all kind of accesses to the Internet. Now I am testing a new Internet connection with another provider and for that I'm using a second gateway on the same subnet with 192.168.0.2 as IP address. I want to redirect only HTTP and HTTPS traffic to this second gateway keeping untouched the address of the default gateway set inside every workstation. How can I accomplish this task? What I have to change inside the first's gateway firewall configuration or routes? I tried with a DNAT like: DNAT loc:192.168.0.1 loc:192.168.0.2 tcp 80 but nothing worked. I use Shorewall for simplicity in configuration but I can understand even theorical answers which I will try to adapt to my case.

    Read the article

  • setting my mysql server - limiting domains that can connect

    - by Alex
    I am trying to setup a mysql server on my machine. I would like to limit the domains that it listens for connections to. My understanding is that you can either have it listen to 1 ip or all ip's. Therefore, if i want to connect remotely I have to say all ips. Then I would like to block all domains but the ones I know should actually be connecting.. I believe this is done through windows firewall. However, how do i do this by domain instead of IP?

    Read the article

  • Is there a good way to prevent a server from emailing a specific address (we control both servers/apps)?

    - by Bms85smb
    When testing a production app we occasionally need to pull from a live site and perform tests on a development server. There are quite a few email addresses stored in the database that we need to modify every time we restore to the development server. Occasionally someone on my team will miss one and accidentally send an email through the distribution list. The email looks legit because it is coming from a clone, it can cause quite the situation. We have a protocol we follow every time we clone the live app and it has helped a lot but I would feel better if it was impossible for the two servers to communicate. Is there a good way to do this? Can firewall rules block email? Does Plesk have a blacklist?

    Read the article

  • need to use git behind firewall: trying ssh tunneling

    - by Jacko
    Hi, I am trying to use ssh port forwarding to defeat corporate firewall: ssh git@GIT_SERVER -L9418:GIT_SERVER:9418 and in another terminal I run git clone git://localhost:repositories/project.git But I get the following error: Initialized empty Git repository in /Users/aboxer/tmp/glucosia/.git/ fatal: Unable to look up localhost (port repositories) (nodename nor servname provided, or not known) Thanks!

    Read the article

  • WCF and Firewalls

    - by Amitd
    Hi guys, As a part of learning WCF, I was trying to use a simple WCF client-server code . http://weblogs.asp.net/ralfw/archive/2007/04/14/a-truely-simple-example-to-get-started-with-wcf.aspx but I'm facing strange issues.I was trying out the following. Client(My) IP address is : 192.168.2.5 (internal behind firewall) Server IP address is : 192.168.50.30 port : 9050 (internal behind firewall) Servers LIVE/External IP (on internet ) : 121.225.xx.xx (accessible from internet) When I specify the above I.P address of server(192.168.50.30), the client connects successfully and can call servers methods. Now suppose if I want to give my friend (outside network/on internet) the client with server's live I.P, i get an ENDPOINTNOTFOUND exceptions. Surprisingly if I run the above client specifying LIVE IP(121.225.xx.xx) of server i also get the same exception. I tried to debug the problem but haven't found anything. Is it a problem with the company firewall not forwarding my request? or is it a problem with the server or client . Is something needed to be added to the server/client to overcome the same problem? Or are there any settings on the firewall that need to be changed like port forwarding? (our network admin has configured the port to be accessible from the internet.) is it a authentication issue? Code is available at . http://www.ralfw.de/weblog/wcfsimple.txt http://weblogs.asp.net/ralfw/archive/2007/04/14/a-truely-simple-example-to-get-started-with-wcf.aspx i have just separated the client and server part in separate assemblies.rest is same. using System; using System.Collections.Generic; using System.Text; using System.ServiceModel; namespace WCFSimple.Contract { [ServiceContract] public interface IService { [OperationContract] string Ping(string name); } } namespace WCFSimple.Server { [ServiceBehavior(InstanceContextMode = InstanceContextMode.PerCall)] class ServiceImplementation : WCFSimple.Contract.IService { #region IService Members public string Ping(string name) { Console.WriteLine("SERVER - Processing Ping('{0}')", name); return "Hello, " + name; } #endregion } public class Program { private static System.Threading.AutoResetEvent stopFlag = new System.Threading.AutoResetEvent(false); public static void Main() { ServiceHost svh = new ServiceHost(typeof(ServiceImplementation)); svh.AddServiceEndpoint( typeof(WCFSimple.Contract.IService), new NetTcpBinding(), "net.tcp://localhost:8000"); svh.Open(); Console.WriteLine("SERVER - Running..."); stopFlag.WaitOne(); Console.WriteLine("SERVER - Shutting down..."); svh.Close(); Console.WriteLine("SERVER - Shut down!"); } public static void Stop() { stopFlag.Set(); } } } namespace WCFSimple { class Program { static void Main(string[] args) { Console.WriteLine("WCF Simple Demo"); // start server System.Threading.Thread thServer = new System.Threading.Thread(WCFSimple.Server.Program.Main); thServer.IsBackground = true; thServer.Start(); System.Threading.Thread.Sleep(1000); // wait for server to start up // run client ChannelFactory<WCFSimple.Contract.IService> scf; scf = new ChannelFactory<WCFSimple.Contract.IService>( new NetTcpBinding(), "net.tcp://localhost:8000"); WCFSimple.Contract.IService s; s = scf.CreateChannel(); while (true) { Console.Write("CLIENT - Name: "); string name = Console.ReadLine(); if (name == "") break; string response = s.Ping(name); Console.WriteLine("CLIENT - Response from service: " + response); } (s as ICommunicationObject).Close(); // shutdown server WCFSimple.Server.Program.Stop(); thServer.Join(); } } } Any help?

    Read the article

  • Unable to Sign in to the Microsoft Online Services Signin application from Windows 7 client located behind ISA firewall

    - by Ravindra Pamidi
    A while ago i helped a customer troubleshoot authentication problem with Microsoft Online Services Signin application.  This customer was evaluating Microsoft BPOS (Business Productivity Online Services) and was having trouble using the single sign on application behind ISA 2004 firewall.The network structure is fairly simple with single Windows 2003 Active Directory domain and Windows 7 clients. On a successful logon to the Microsoft Online Services Signin application, this application provides single signon functionality to all of Microsoft online services in the BPOS package. Symptoms:When trying to signin it fails with error "The service is currently unavailable. Please try again later. If problems continue, contact your service administrator". If ISA 2004 firewall is removed from the picture the authentication succeeds.Troubleshooting: Enabled ISA Server firewall logging along with Microsoft Network Monitor tool on the Windows 7 Client while reproducing the issue. Analysis of the ISA Server Firewall logs and Microsoft Network capture revealed that the Microsoft Online Services Sign In application when sending request to ISA Server does not send the domain credentials and as a result ISA Server responds with an error code of HTTP 407 Proxy authentication required listing out the supported authentication mechanisms.  The application in question is expected to send the credentials of the domain user in response to this request. However in this case, it fails to send the logged on user's domain credentials. Bit of researching on the Internet revealed that The "Microsoft Online Services Sign In" application by default does not support Outbound Internet Proxy authentication. In order for it to send the logged on user's domain credentials we had to make  changes to its configuration file "SignIn.exe.config" located under "Program Files\Microsoft Online Services\Sign In" folder. Step by Step details to configure the configuration file are documented on Microsoft TechNet website given below.  Configure your outbound authenticating proxy serverhttp://www.microsoft.com/online/help/en-us/helphowto/cc54100d-d149-45a9-8e96-f248ecb1b596.htm After the above problem was addressed we were still not able to use the "Microsoft Online Services Sign In" application and it failed with the same error.  Analysis of another network capture revealed that the application in question is now sending the required credentials and the connection seems to terminate at a later stage. Enabled verbose logging for the "Microsoft Online Services Sign In" application and then reproduced the problem. Analysis of the logs revealed a time difference between the local client and Microsoft Online services server of around seven minutes which is above the acceptable time skew of five minutes. Excerpt from Microsoft Online Services Sign In application verbose log:  1/26/2012 1:57:51 PM Verbose SingleSignOn.GetSSOGenericInterface SSO Interface URL: https://signinservice.apac.microsoftonline.com/ssoservice/UID1/26/2012 1:57:52 PM Exception SSOSignIn.SignIn The security timestamp is invalid because its creation time ('2012-01-26T08:34:52.767Z') is in the future. Current time is '2012-01-26T08:27:52.987Z' and allowed clock skew is '00:05:00'.1/26/2012 1:57:52 PM Exception SSOSignIn.SignIn  Although the Windows 7 Clients successfully synchronized time to the domain controller for the domain, the domain controller was not configured to synchronize time with external NTP servers. This caused a gradual drift in time on the network thus resulting in the above issue. Reconfigured the domain controller holding the PDC FSMO role to synchronize time with external time source ( time.nist.gov ) and edited the system policy on the ISA server firewall to allow NTP traffic to time.nist.gov Configure the time source for the forest:Windows Time Servicehttp://technet.microsoft.com/en-us/library/cc794937(WS.10).aspx Forced synchronization of Windows time using the command w32tm /resync on the domain controller and later on the clients each of which had corrected the seven minutes difference. This resolved the problem with logon to Microsoft Online Services Sign In.

    Read the article

  • Handshake violation when trying to access one website

    - by Miguel
    I have a TZ 190 Wireless Enhanced with SonicOS Enhanced 4.2.1.0-20e. Yesterday, people could access without any problems a bank website wich uses HTTPS. Today, it is imposible to access only that website, every other ones works without problems. When checking the log message filtering to my IP only, this is what appears and I suspect is the cause of this problem, because all other websites are working: Priority: Notice Category: Network Access Message: TCP handshake violation detected; TCP connection dropped Source: X.Y.Z.3, 51997, LAN (admin) Destination: 200.14.232.18, 443, WAN Notes: Handshake Timeout Where X.Y.Z.3 is my local IP. I've tried to change TCP Settings under Firewall option, and activated this options with no success: Enforce strict TCP compliance with RFC 793 and RFC 1122 and Enable TCP checksum enforcement I've also tried to find the MTU and at first I got: Packet needs to be fragmented but DF set But when I lower the value of ping -f -l to 1468 I got: Request timeout. Also I deactivate CFS in lan and wan zones. Nothing works. Can you please help me? Any Ideas?

    Read the article

  • Endian Destination NAT

    - by Ben Swinburne
    I have installed Endian Community Firewall 2.3 and am clearly misunderstanding/doing something wrong with it. I'm trying to create some destination NAT rules to allow incoming connections to various services within the network. Router - RED I/F - x.x.x.x Router - GREEN I/F - 192.168.11.253 ECF - RED I/F - 192.168.11.254/24 ECF - GREEN I/F - 192.168.12.254/24 Target server - 192.168.12.1 Please ignore the haphazard choice of subnets and addresses- I'm trying to quickly plop Endian into an existing network before a complete rework in 6-12 months so for now. Everything works except destination NAT, so outgoing connections are fine, the routes between the two subnets are OK etc. I want to create various incoming NATs but let's take for the sake of argument, SMTP port 25 from the Internet to Target server 192.168.12.1. I've tried almost every combination of options in the Destination NAT section to achieve this and clearly am doing something wrong. I suspect my confusion must be somewhere in the Access From and/or Target section. The rest seems OK Filter Policy = Allow Service = SMTP Protocol = TCP Port = 25 Translate to type = IP DNAT Policy = NAT Insert IP = 192.168.12.1 Port Range = 25 Enabled = Checked Position = First I can't work out what I'm doing wrong, or am I doing it right and it's just not working!? Any help would be greatly appreciated.

    Read the article

  • Clicking a link in IE6 doesn't load page (internal DNS entry on our intranet)

    - by Callum
    I have a very strange problem that is only affecting some versions of IE6. The problem does affect IE 6.0.2900.5512, but does not seem to affect 6.0.3790.3959 Basically I work for a company and we have an intranet. While I'm not an expert on "internal DNS pointers", what I was able to do was create a website (let's say about football), and when an employee who is sitting behind the company firewall types the word "football" in to the web address bar of their web browser, they get redirected to a particular server. I am told this is some kind "internally pointing DNS entry". So, I've set one of these up, and I have a placed a link to it on our company intranet page. However, when the link is clicked in IE6.0.2900.5512, the page goes blank. Clicking "refresh" then loads the correct page (the one specified in the link). Can anyone help me out here. I have tried changing the way URL is formed, everything from //football to http://football/ etc. The link works fine in every other browser and IE7+, but unfoturnatly, IE6 is still the most common browser in use at my organisation.

    Read the article

  • OS X 10.6 Apply ipfw rules at startup

    - by Michael Irey
    I have a couple of firewall rules I would to like to apply at startup. I have followed the instructions from http://images.apple.com/support/security/guides/docs/SnowLeopard_Security_Config_v10.6.pdf On page 192. However, the rules do not get applied at startup. I am running 10.6.8 NON Server Edition. I can however run: (Which applies the rules correctly) sudo ipfw /etc/ipfw.conf Which results in: 00100 fwd 127.0.0.1,8080 tcp from any to any dst-port 80 in 00200 fwd 127.0.0.1,8443 tcp from any to any dst-port 443 in 65535 allow ip from any to any Here is my /etc/ipfw.conf # To get real 80 and 443 while loading vagrant vbox add fwd localhost,8080 tcp from any to any 80 in add fwd localhost,8443 tcp from any to any 443 in Here is my /Library/LaunchDaemons/ipfw.plist <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Label</key> <string>ipfw</string> <key>Program</key> <string>/sbin/ipfw</string> <key>ProgramArguments</key> <array> <string>/sbin/ipfw</string> <string>/etc/ipfw.conf</string> </array> <key>RunAtLoad</key> <true /> </dict> </plist> The permissions of all the files seem to be appropriate: -rw-rw-r-- 1 root wheel 151 Oct 11 14:11 /etc/ipfw.conf -rw-rw-r-- 1 root wheel 438 Oct 11 14:09 /Library/LaunchDaemons/ipfw.plist Any thoughts or ideas on what could be wrong would be very helpful!

    Read the article

  • Configuring port forwarding for SSH - no response outside LAN [migrated]

    - by WinnieNicklaus
    I recently moved, and at the same time purchased a new router (Linksys E1200). Prior to the move, I had my old router set up to forward a port for SSH to servers on my LAN, and I was using DynDNS to manage the external IP address. Everything worked great. I moved and set up the new router (unfortunately, the old one is busted so I can't try things out with it), updated the DynDNS address, and attempted to restore my port forwarding settings. No joy. SSH connections time out, and pings go unanswered. But here's the weird part (i.e., key to the whole thing?): I can ping and SSH just fine from within this LAN. I'm not talking about the local 192.168.1.* addresses. I can actually SSH from a computer on my LAN to the DynDNS external address. It's only when the client is outside the LAN that connections are dropped. This surely suggests a particular point of failure, but I don't know enough to figure out what it is. I can't figure out why it would make a difference where the connections originate, unless there's a filter for "trusted" IP addresses, which is perhaps just restricted to my own. No settings have been touched on the servers, and I can't find any settings suggesting this on the router admin interface. I disabled the router's SPI firewall and "Filter anonymous traffic" setting to no avail. Has anyone heard of this behavior, and what can I do to get past it?

    Read the article

  • subdomains to different VMs on one IP address

    - by efbenson
    I have a setup at home with an ESXi server Freenas server and several win7 clients. I have a domain refactoringme.com I set the @ and WWW domain record to my (current) IP address. I then forwarded port 80 to my local win2k3 server on my Linksys router and used host name matching to run the 5 test sites I have. That all works. Now I want to use the turnkey machines and move to dedicated VM servers. One for a wiki one for SVN etc. So how do I get www.refactoringme.com to go to one internal IP address and wiki.refactoringme.com to different internal IP address, while they both use the same external IP address? I added the additional record for wiki to my domain and pointed it to @. I figured it had to be involving a real firewall. So I installed PFSense on a VM and set it on the DMZ on my Linksys. From this point I haven't had any luck. I thought that maybe it would be in the DNS Forwarder or maybe in the Rules sections but neither have worked. Am I doing it wrong or on the right track but am missing something. Thanks for all the help.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >