Search Results

Search found 3844 results on 154 pages for 'firewall bypass'.

Page 27/154 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

  • Using pfSense, OpenVPN Connects but Still Can't See the Network

    - by nicorellius
    I am having an OpenVPN issue. I have a pfSense box at home configured to allow traffic through a VPN tunnel. The client computer is Windows XP Home, behind a standard Comcast connection and a Netgear wireless router. I use OpenVPN to access my work network (from where I am trying to get out of in this post) from home (with an XP Pro machine behind pfSense), and this works fine. The client config is similar but has the changes specific to my setup... Here is my XP Home config: client dev tun proto tcp remote pfsense.*.org 1194 (starred out by me) resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key ns-cert-type server comp-lzo verb 3 When I launch the OpenVPN GUI, the Tunnel TAP network connection turns red, and I can right-click that to connect to the server. Everything seems to work fine until I browse for the actual network. The Tunnel TAP connection turns green and it says connected to 10.1.1.6 (I have tried different IP pools here too with no luck). I can see the internal network fine, but my home network behind pfSense is not there. I have tried browsing there by using Tools Map Network Drive, using the browser, with no success. When I open the command line on the client and use the ipconfig -all command, I get the following: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : TAP-Win32 Adapter V9 Physical Address. . . . . . . . . : *** (starred out by me) Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 10.1.1.6 Subnet Mask . . . . . . . . . . . : 255.255.255.252 Default Gateway . . . . . . . . . : DHCP Server . . . . . . . . . . . : 10.1.1.5 Lease Obtained. . . . . . . . . . : Monday, March 15, 2010 1:18:37 PM Lease Expires . . . . . . . . . . : Tuesday, March 15, 2011 1:18:37 PM I noticed that the default gateway is not present. Could this be my problem? I am still relatively new to firewalls, VPN, and network configuration so I'm sure I am messing up something simple. Oh yah, I should note that I have firewall rules configured for pfSense to allow traffic through the WAN and the LAN. At first there was just the WAN firewall rule, because that is what I got from the literature I was reading. I then created a LAN rule as well, but I'm not sure if this was correct. Neither way works, though. Screen shots below: Any help is much appreciated.

    Read the article

  • Can't figure out error in Cisco ASA log "regular translation creation failed for icmp ..."

    - by Martijn Heemels
    Every few seconds our new Cisco ASA 5505 firewall is logging errors that I can't figure out with my limited Cisco experience. Severity Date Time Syslog ID Source IP Destination IP Description 3 Mar 25 2010 17:21:14 305006 8.8.8.8 regular translation creation failed for icmp src inside:10.10.0.200 dst outside:8.8.8.8 (type 3, code 3) 3 Mar 25 2010 17:18:37 305006 8.8.4.4 regular translation creation failed for icmp src inside:10.10.0.200 dst outside:8.8.4.4 (type 3, code 3) The logged inside IP is our internal DNS resolver, and the outside IP's are Google's public DNS servers. ICMP Type 3 Code 3 means "Port Unreachable" Our "outside" interface has a fixed IP and our "inside" interface is in the 10.10.0.0/16 subnet. The 'Inspect DNS' Service Policy is enabled, with the preset DNS inspection map. Furthermore there's an ACL that allows all inbound ICMP on the "outside" interface. I've spent hours trying to figure this one out, so any and all advice is welcome!

    Read the article

  • Windows SBS 2003 DNS taking over network

    - by Simon
    I have Windows Small Business Server 2003 premium edition on my new server box, this hosts a webapp on IIS. It has set up a DNS Server to solve requests to the webapp. I have a linux server/router that has does DNAT and portforwards port 80 to the new box. My linux router serves as a firewall and dhcp When i plug the SBS2003 server to the network, it leaves everyone on my network without web browsing, it looks like the DNS requests are going to the new server. I configured the DNS forwarders on SBS2003 to my ISP dns but it doesnt work... Is there something i am missing?

    Read the article

  • Ping, firewall or DNS problem on Win Server 2008 R2

    - by Fred Kaiser
    Hi there, I've installed windows server 2008 as a VM for the developers here to work on. Installed SQL Server 2008 as well as IIS7. I am not quite sure why, I can remote into that machine using the name I gave to it (winserverdev) but the guys that are supposed to use the bloody thing can't. One very interesting thing is that I can connect but I can't ping... not the name nor the IP address. Is there anything that I should be looking in order to make it work? Any ideas are welcome. Thanks heaps in advance, I really appreciate it. Cheers, Fred Kaiser

    Read the article

  • how to protect telnet access to smtp port 25?

    - by Michael Mao
    Hi all: Please consider the following: 192-168-1-106:~ michael$ telnet <remote_server_ip> 25 Trying <remote_server_ip>... Connected to li*****.linode.com. Escape character is '^]'. 220 mindinscription.net ESMTP Postfix (Ubuntu) quit 221 2.0.0 Bye Connection closed by foreign host. Is this very bad? how to protect port 25 from malicious attackers? I've already set up a firewall, but not very sure what to do in this case. Basically I'd like to use this server to only send emails as alert messages, not receiving any external emails. Many thanks to the help in advance.

    Read the article

  • AWS EC2 security group source

    - by greener
    I'm currently trying to configure a security group and allow MS SQL connections from my other instance. I want to be able to specify the security group's name as the source. But the connection is not going through. The instance's firewall has a rule to allow connections on the port. In fact, if I specify the IP of the machine as the source, it works. Just not the security group name. There are two other rules for the same port and they're for specific IPs only. What am I doing wrong?

    Read the article

  • Static NAT in AWS's Virtual Private Cloud (VPC)

    - by user1050797
    Currently in a VPC with a public and a private subnet, all internet bound traffic from the private subnet could be routed via an NAT instance. The NAT instance will port address translate the packet's source IP to use the NAT instance's elastic IP, so the public server can reply to this public address. This is a PAT mechanism. My question is there a way for me to do a static NAT on my NAT instance -- Using the same NAT instance to static NAT an unassociated but reserved elastic IP to a private subnet host. This NAT instance will behave like a physical firewall doing static nat'ing for a bunch of private ip's.

    Read the article

  • Running multiple services on Port 443, Tunnel SSH over HTTPS

    - by lajuette
    Situation: I want to tunnel SSH sessions through HTTPS. I have a very restrictive firewall/proxy which only allows HTTP, FTP and HTTPS traffic. What works: Setting up a tunnel through the proxy to a remote linux box that has a sshd listening at port 443 The problem: I have to have a web server (lighty) running at port 443. HTTPS traffic to other ports is forbidden by the proxy. Ideas so far: Set up a virtual host and proxy all incoming requests to localhost: (e.g. 22) $HTTP["host"] == "tunnel.mylinux.box" { proxy.server = ( "" => (("host" => "127.0.0.1", "port" => 22)) ) } Unfortunately this won't work. Am i doing something wrong, or is there a reason, that this won't work?

    Read the article

  • FTP on Linux "Failed to retrieve directory listing" not firewall issue

    - by Jaka Prasnikar
    I've got an VPS in germany running Debian X64. I have very strange issue. I have ISPConfig CP installed using proftpd and I can not connect to FTP by any means. Few hours ago I've had installed DirectAdmin on CentOS same VPS and same issue. Simply when I connect to FTP server I get these: Status: Resolving address of web02.defikon.com Status: Connecting to 130.255.190.71:21... Status: Connection established, waiting for welcome message... Response: 220---------- Welcome to Pure-FTPd [privsep] [TLS] ---------- Response: 220-You are user number 1 of 50 allowed. Response: 220-Local time is now 12:15. Server port: 21. Response: 220-This is a private system - No anonymous login Response: 220-IPv6 connections are also welcome on this server. Response: 220 You will be disconnected after 15 minutes of inactivity. Command: USER default1 Response: 331 User default1 OK. Password required Command: PASS ****** Response: 230-User default1 has group access to: client0 sshusers Response: 230 OK. Current restricted directory is / Command: OPTS UTF8 ON Response: 200 OK, UTF-8 enabled Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is your current location Command: TYPE I Response: 200 TYPE is now 8-bit binary Command: PASV Error: Connection timed out Error: Failed to retrieve directory listing I even tried telnet localhost 21 and the same happends. Once I issue command "LIST" I get time out. I've tried every thing and I can't get this to work =( Please help ! P.S.: iptables is turned off.

    Read the article

  • ADMIN$ and other shares not working remotely on XP machines

    - by makerofthings7
    I'm trying to use ADMT to migrate several XP machines to a new domain and the utility (nor command line) is able to access the admin$ share or any drive share. I've added the required registry key (HKCurrent\Services\LanMan\Param) for both servers and workstation admin sharing, rebooted the PC and still am unable to access it. How can I access the admin share on these PCs? If it helps, this machine used to have McAfee installed, and the Windows firewall enabled. I stoppped both of them and the machine is still not allowing me to access it remotely by a drive$ share.

    Read the article

  • How to redirect logs from Cisco firewall to a specific file ?

    - by nitins
    We need to redirect the logs from our Cisco firewall(SA520-K9) to syslogd server(it's a CentOS server). The settings are done on the firewall. But the messages from firewall are going to /var/log/messages and console instead of /var/log/firewall.log which is our requirent. *.info;mail.none;authpriv.none;cron.none /var/log/messages authpriv.* /var/log/secure mail.* -/var/log/maillog cron.* /var/log/cron *.emerg * uucp,news.crit /var/log/spooler local7.* /var/log/firewall.log This is our syslog config file. Any advices ?

    Read the article

  • Cookies blocked by router?

    - by Martin wiboe
    Hello, My friend has a D-Link DI-524 router that she uses for her home broadband. It's a pretty vanilla setup with the standard firewall settings, DHCP enabled etc. However, recently she has experienced something strange - cookies are not working on every computer on her LAN, whether using FF3.5 or IE8. I tried viewing the HTTP traffic using Fiddler2, and the requests come through fine (mind you, Internet browsing still works flawlessly) but whenever a website tries to set a cookie using the "Set-Cookie:" header, my computer sees that line as "Set-*ookie:" with the cookie contents removed. I have never seen anything like this - do you have any idea? Regards, Martin

    Read the article

  • How can I track down what part of pfsense is blocking website access?

    - by Chase Florell
    I've got a PFSense firewall/gateway on our network. Everything works great except for the fact that I cannot access one specific website. Pfsense is running the following packages Country Block LightSquid nmap notes squid squidGuard Strikeback I can access every single website I've ever tried aside from one that we need for business use (http://bridalnetwork.ca) here's the traceroute frodo:~ chase$ traceroute bridalnetwork.ca traceroute to bridalnetwork.ca (192.197.103.73), 64 hops max, 52 byte packets 1 rohan (192.168.5.1) 6.618 ms 1.662 ms 9.207 ms 2 * * * 3 * * rohan (192.168.5.1) 7.225 ms !H 4 rohan (192.168.5.1) 5.314 ms !H 5.701 ms !H 7.573 ms !H frodo:~ chase$ How can I figure out what the reason behind the blockage is? note: this has been tested on every computer on the network with the same results. ps: the pfsense box is 'rohan' (192.168.5.1) Here's what I get with Squid enabled and here's what I get with Squid disabled

    Read the article

  • Windows 8 Pro Remote Desktop issue

    - by Mike C.
    I have a weird issue here. I'm running Windows 8 Pro. The client computer is also running Windows 8 Pro. Remote Desktop works when I'm in the same network. I tried connecting using my external IP Address and my DynDNS account, neither works. I disabled Windows Firewall and setup DMZ for my computer on the router, still can't get remote desktop to work. I verified www.canyouseeme.org, port 3389 is open, which is obvious since I'm running DMZ! My ISP, Bell Canada (modem/router: Sagemcom F@st 2864), blocks port 80 and 25, but I don't need those for RDP, do I? The funny thing is RDP rejects the connection instantaneously for my IP or DynDNS while it takes a while for another address. Thank you, Michael

    Read the article

  • UDP packets to IP addresses other than specific ones not arriving and not shown in Wireshark

    - by Max
    I'm writing a service using UDP, but I can't manage to reply to the client. When sending to the client via the DHCP-assigned IP (192.168.1.143) Wireshark shows no sent packets. The server receives and Wireshark shows any packet sent by the client (broadcasted). If I send to a random, unassigned IP Wireshark doesn't show it. I thought the NIC would happily send it, since there is a router in the way - shouldn't Wireshark show it, even though it cannot possibly be received by a remote endpoint? If I send to either the router IP or another (specific, there is only one other) computer, the packet is shown in Wireshark. I am running Windows 7, the firewall is turned off using the control panel. Does the fact that wireshark doesn't show these packets mean that they aren't sent? What reason could there be for showing packets to one IP, but not another, on the same subnet?

    Read the article

  • Access to NTP via IP which doesn't change often

    - by faulty
    I'm trying to sync the clock of our production server located in a data center with pool.ntp.org. For security reason, our servers has no internet access unless we requested to open specific ip/port explicitly. I worked out a list of IPs based on 0.asia.ntp.org 1.asia.ntp.org 2.asia.ntp.org 3.asia.ntp.org Not realizing ntp.org is using round robin DNS and the servers being voluntary, they changes from time to time. In fact the IP I've got from 3.asia.ntp.org last month is no longer working now. I'm wondering if there's a publicly known NTP server that doesn't change as often or if there's a way to go around this without having to request an update to the firewall on a monthly basis. I believe many admin is facing the same issue here.

    Read the article

  • configure /etc/hosts file so ALL applications always use local network when it makes sense to do so?

    - by gkdsp
    I have two Linux CentOS servers setup in a local network. ServerA is 192.168.0.1 and serverB is 192.168.0.2. There's an application on serverA that communicates with serverB using host2.serverAname.com. But, the traffic is blocked on serverB because the port being used has a firewall that only allows traffic on the local network to pass. Thus, serverB needs to see traffic from serverA as originating from 192.168.0.1 (instead of host2.serverA.com). Is there a way I can configure the /etc/hosts file to ensure traffic always sent between the two servers uses local IP addresses, regardless of what hostname is in use, and for ALL applications? If so, could someone walk me through an example? I only have 2 servers, so the simpler the better.

    Read the article

  • open mysql to any connection on ubuntu

    - by ThomasReggi
    I simply want to open up mysql to be accessible from any server ip. I have already commented out the bind-address in /etc/mysql/my.conf. I have already setup the user account within mysql. I have no clue whats stopping me from connecting. The more challenging I see this being the more I realize how much of a security risk it is, and I get that, I just want to be able to do it temporarily. I think that the iptables firewall is the last thing that is preventing me from achieving this, but sudo iptables -A INPUT -p tcp -m tcp --dport 3306 -j ACCEPT is seemingly doing nothing.

    Read the article

  • PFSENSE and IPV6 , direct connect rules

    - by Bgnt44
    My question is about pfsense configuration for ipv6 In theory Ipv6 are fully routable even in a LAN For stating point i ve Using this tutorial : http://doc.pfsense.org/index.php/Using_IPv6_on_2.1_with_a_Tunnel_Broker So my Lan network has ipv4 connection and ipv6 I would like to be able to access my LAN machines by their IPV6 i'm confused with firewall rules which i need to set to be able to do that Even if i set all interfaces to pass all packets, i'm not able to directly access any machine by their IPV6 Did i miss something ? Edit : Ok i found that it work now, think it has always work but my isp seems to support ipv6 sometimes and sometimes not ... weird

    Read the article

  • iptables forward rule not working in openwrt

    - by Udit Gupta
    I am trying to apply some iptables forwarding rules in openwrt. Here is my scenario - My server has two cards ath0 and br-lan. br-lan is connected to internet and ath0 to private network. The other m/c in n/w also has ath0 that connects with this server's ath0 and they are able to ping each other. Now, I want other m/c in network to use internet using br-lan of server so I thought of using iptables forwarding rule- Here is what I tried - Server : $ ping 1.1.1.6 // <ath0-ip of client> works fine $ iptables -A FORWARD -i ath0 -o br-lan -j ACCEPT $ /etc/init.d/firewall restart Client : $ ping 1.1.1.5 // <ath0-ip of server> works fine $ ping 132.245.244.60 // <br-lan ip of server> (not working) I am new to iptables stuff and openwrt. What I am doing wrong here ?? Any other help if anyone could suggest for my scenario Edit- m/c - machine n/w - network

    Read the article

  • OSX: Why does an uninstalled program ask for inbound connections on login? How do I fix this?

    - by CT
    I uninstalled an application using AppZapper called PdaNet. It is a tethering application for my phone. Now every time I login, I am asked if I would like to allow inboud connections from PdaNet by the firewall. A search for PdaNet with spotlight does not return any results. PdaNet creates its own Ethernet in network preferences. This hung around after uninstall. I deleted it but it did not make a difference. Any ideas? Mac OS X 10.6.4

    Read the article

  • How do I expose a webapp on :8090, even though firewall allows only :80 and :22

    - by Kaustubh P
    I am a noob in Server related stuff, so bear me. I use amazon webservices (EC2) on which I have a webapp running on jetty, which runs on port 8090. I deploy the webapp through the usual method of java -jar start.jar So then to access the app, I have to add a port in the URL, like this: someIP:8090/app But just typing someIP in the browser takes me to a page that shows It works! This is the default web page for this server. The web server software is running but no content has been added, yet. which I assume is apache. I have apache, tomcat and jetty installed. What can I do so that I dont have to specify the port? Do I have to perform port-forwarding? Thanks a lot.

    Read the article

  • tcp flags in iptables: What's the difference between RST SYN and RST and SYN RST ? When to use ALL?

    - by Kris
    I'm working on a firewall for a virtual dedicated server and one of the things I'm looking into is port scanners. TCP flags are used for protection. I have 2 questions. The rule: -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP First argument says check packets with flag SYN Second argument says make sure the flags ACK,FIN,RST SYN are set And when that's the case (there's a match), drop the tcp packet First question: I understand the meaning of RST and RST/ACK but in the second argument RST SYN is being used. What's the difference between RST SYN and RST and SYN RST ? Is there a "SYN RST" flag in a 3 way handshake ? Second question is about the difference between -p tcp --tcp-flags SYN,ACK,FIN,RST SYN -j DROP and -p tcp --tcp-flags ALL SYN,ACK,FIN,RST SYN -j DROP When should ALL be used ? When I use ALL, does that mean if the tcp packet with the syn flag doesn't have the ACK "and" the FIN "and" the RST SYN flags set, there will be no match ?

    Read the article

  • How to block a program from using IPv4?

    - by Ian Boyd
    I have a program that can communicate over IPv4 (TCP and UDP) and over IPv6 (TCP and UDP). I want to block the program from being able to use IPv4. I tried the Windows Firewall: Except it blocks IP sub-protocols (e.g. TCP, UDP, encapsulated IPv6, GRE), rather than blocking IPv4 itself. In other words, I need to block IPv4: IPv4/TCP IPv4/UDP IPv4/ICMPv4 IPv4/GRE IPv4/L2TP while allowing IPv6: IPv6/TCP IPv6/UDP IPv6/ICMPv6 IPv6/GRE IPv6/L2TP Can I block a program from using IPv4? Note: If it cannot be done, then don't be afraid to add that as an answer. There's no shame in giving the correct answer to a question.

    Read the article

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >