Search Results

Search found 2143 results on 86 pages for 'vpn'.

Page 33/86 | < Previous Page | 29 30 31 32 33 34 35 36 37 38 39 40  | Next Page >

  • Is a VPN a good method for protecting data in an untrusted network? [closed]

    - by john
    I will be connecting my laptop in an untrusted network. If I setup OpenVpn on a server and use a vpn client on the laptop to connect through it, is it enough? Can someone perform a MITM attack or otherwise eavesdrop on my traffic? If someone on the local network port-scans my laptop, will the open ports be accessible to him while I use the VPN tunnel? Is there anything else I should keep in mind?

    Read the article

  • Routing only some local IPs through VPN on dd-wrt

    - by bo-inge-ostberg
    Much similar to this entry: http://serverfault.com/questions/94283/using-dd-wrt-to-connect-to-vpn-and-forward-all-traffic-of-certain-devices-through , I have set up my router with dd-wrt + OpenVPN to connect to a VPN. This works fine, and all traffic from behind the router goes through the VPN. How do I route(?) traffic in the router so that only certain IPs from the LAN will go through the VPN, while the others take the "normal" route? Is it also possible to allow traffic from certain local IPs to go ONLY through the VPN, making it impossible for them to use the regular internet connection if the VPN is down? I know this question was answered in the post I linked to, but that just doesn't seem to work for me. The routing table and rules change, but traffic still just goes through the VPN.

    Read the article

  • How to use multiple dns?

    - by Enrichman
    When I connect at work the net is going to assign me a dns that is working fine. After that when I connect to VPN I'm going to receive a different dns. With this one I can reach the server of the vpn owner but I'm not able to go to the internet. BUT if I switch the dns with the old ones I'm able to surf again (still connected to the vpn, but I cannot surf their server). Recap: DNS1) MyPC - CompanyProxy - Internet DNS2) MyPc - CompanyProxy - VPN - NoInternet (can Ping vpn servers) DNS1) MyPC - CompanyProxy - VPN - Internet (cannot ping vpn servers) Weirdest thing: I'm able to do a nslookup from anywhere, but ping is going to fail. Is possible to use both DNS? Or setup a dns just on the browser? I'm quite lost..

    Read the article

  • Windows file sharing with a private LAN when a public VPN is connected?

    - by netvope
    OS: Windows Vista My LAN interface is configured as a "private network". I want to have all the sharing and discovery features (Network Discovery, File Sharing, Public Folder Sharing, Printer Sharing, Password Protected Sharing, and Media Sharing), so I enabled them all. My VPN interfaces are configured as "public networks", and I do NOT want to have any of the above features. Now the problem is that if I disabled these sharing features while a VPN is connected, it affects both interfaces. I guess the Network and Sharing Center is probably an oversimplified tool that may not support multiple interfaces. Where can I tell Windows to enable sharing features for the private networks and not the public networks? For file sharing, I think I can disable "File and Printer Sharing for MS Networks" in each of the VPNs' properties. However, I will need to disable it every time I add a new VPN. Moreover, I can't find how to disable Media Sharing by this way. If this can be more easily done in Windows XP or 7, please let me know.

    Read the article

  • Windows Server 2008 R2 creating a multi-year client certificate using the IIS certsrv page while deploying SSTP VPN

    - by Warren P
    I am trying to follow instructions on Technet about deploying a Standard (non-enterprise) SSTP based VPN) that were originally written for Server 2008, but I am using Server 2008 R2, I have gotten as far as the part where it asks you to create a request a Server Authentication certificate. I have deployed IIS, and Active Directory Certificate Services, and chose "Standalone" and "Standard" (non-enterprise) Certificate Authority because I don't have an OID and don't think I should have to get one for a simple deployment of SSTP. The resulting certificates made by the Certification Authority "Issue" command, only have a 1 year period of validity, I want a multi-year certificate. At no point in this process is there any way to input this information unless it's through the Attributes text input area on the Advance Certificate Request page, which appears to be generated using an old ActiveX control, which means I can only do this using the workarounds in the article that I linked at the top, and only using Internet Explorer. Update:: It may be that this question is pointless since self-signed keys do not appear to work, when I try them, using Windows 8 as the VPN client. The problem is that the keys that are self-created by the technique shown here do not have any Certificate Revocation Server URLs and so you get an error "The revocation function was unable to check revocation", and the VPN connection fails.

    Read the article

  • How to bridge Debian guest VM to VPN via Cisco AnyConnect Client running on Windows Vista host

    - by bgoodr
    I am running Cisco Anyconnect VPN Client version 2.5.3054 on a laptop running Windows Vista Home Premium (version 6.0.6002) Service Pack 2. I am running the VMware Player version 4.0.2 build-591240. The host operating system running under VMware Player is Debian 6.0.2.1 i386. The laptop is connected to a wireless connection, and I can browse the web from Windows Vista using Firefox just fine. I am able to boot into the Debian VM and open up a browser and access websites on the WAN from within the VM just fine. I can ping real Linux hosts on my LAN via: ping <lan_system>.local where <lan_system> is the hostname returned from uname -a on that system on my LAN. From a DOS CMD shell, I am able to ping hosts that exist on the remote network served by the Cisco AnyConnect Client's VPN network (and without the .local suffix applied as above): ping <remote_system> However, from within the Debian VM, I expect to be able to also ping those same remote hosts (<remote_system>) that are tunnelled over the VPN set up by Cisco AnyConnect Client. Let's say that I can ping a <remote_system> called flubber from a DOS CMD prompt just fine. When I execute Linux ping command from inside the Debian VM via: ping flubber It returns immediately with this output: ping: unknown host flubber For reference since I suspect it will be useful, here is the output of the route print command from the DOS CMD prompt: route print =========================================================================== Interface List 30 ...00 05 9a 3c 7a 00 ...... Cisco AnyConnect VPN Virtual Miniport Adapter for Windows 11 ...00 1b 9e c4 de e5 ...... Atheros AR5007EG Wireless Network Adapter 26 ...00 50 56 c0 00 01 ...... VMware Virtual Ethernet Adapter for VMnet1 28 ...00 50 56 c0 00 08 ...... VMware Virtual Ethernet Adapter for VMnet8 1 ........................... Software Loopback Interface 1 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface 13 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3 32 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4 27 ...00 00 00 00 00 00 00 e0 isatap.{E5292CF6-4FBB-4320-806D-A6B366769255} 17 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2 20 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #8 22 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #10 24 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #11 25 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #12 29 ...00 00 00 00 00 00 00 e0 isatap.{C3852986-5053-4E2E-BE60-52EA2FCF5899} 41 ...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #14 =========================================================================== At the top window border of the VM, clicking on Virtual Machine, then clicking on Virtual Machine Settings, then clicking on Network Adapter, I have these two options checked: [X] Bridged: Connected directly to the physical Network [X] Replicate physical network connection state [ ] NAT: used to share the hosts's IP address [ ] Host-only: A private network shared with the host [ ] LAN segment: [ ] <LAN Segments...> <Advanced> I've toyed with the other options such as NAT and Host-only but that had no effect. Is there some way to allow the VM to access those <remote_system>'s?

    Read the article

  • Proggraming a VPN, Authontication stage - RFC not clear enough

    - by John
    I have a custom build of a unix OS. My task: Adding an IPSec to the OS. I am working on Phase I, done sending the first 2 packets. what I am trying to do now is making the Identefication Payload. I've been reading RFC 2409 (Apendix B) which discuss the keying materials (SKEYID, SKEYID_d, SKEYID_a, SKEYID_e and the IV making). Now, I use SHA1 for authontication and thus I use HMAC-SHA1 & my encryption algorithem is AES 256bit. The real problem is that the RFC is not clear enough of what should I do regarding the PRF. It says: "Use of negotiated PRFs may require the PRF output to be expanded due to the PRF feedback mechanism employed by this document." I use SHA1, does it mean I do not negotiate a PRF? In my opinion, AES is the only algorithm that needs expention (a fixed length of 256bit), so, do i need to expand only the SKEYID_e? If you happen to know a clearer, though relible, source then the RFC please post a link. Thanks in advance!

    Read the article

  • How do I prevent TCP connection freezes over an OpenVPN network?

    - by Jason R
    New details added at the end of this question; it's possible that I'm zeroing in on the cause. I have a UDP OpenVPN-based VPN set up in tap mode (I need tap because I need the VPN to pass multicast packets, which doesn't seem to be possible with tun networks) with a handful of clients across the Internet. I've been experiencing frequent TCP connection freezes over the VPN. That is, I will establish a TCP connection (e.g. an SSH connection, but other protocols have similar issues), and at some point during the session, it seems that traffic will cease being transmitted over that TCP session. This seems to be related to points at which large data transfers occur, such as if I execute an ls command in an SSH session, or if I cat a long log file. Some Google searches turn up a number of answers like this previous one on Server Fault, indicating that the likely culprit is an MTU issue: that during periods of high traffic, the VPN is trying to send packets that get dropped somewhere in the pipes between the VPN endpoints. The above-linked answer suggests using the following OpenVPN configuration settings to mitigate the problem: fragment 1400 mssfix This should limit the MTU used on the VPN to 1400 bytes and fix the TCP maximum segment size to prevent the generation of any packets larger than that. This seems to mitigate the problem a bit, but I still frequently see the freezes. I've tried a number of sizes as arguments to the fragment directive: 1200, 1000, 576, all with similar results. I can't think of any strange network topology between the two ends that could trigger such a problem: the VPN server is running on a pfSense machine connected directly to the Internet, and my client is also connected directly to the Internet at another location. One other strange piece of the puzzle: if I run the tracepath utility, then that seems to band-aid the problem. A sample run looks like: [~]$ tracepath -n 192.168.100.91 1: 192.168.100.90 0.039ms pmtu 1500 1: 192.168.100.91 40.823ms reached 1: 192.168.100.91 19.846ms reached Resume: pmtu 1500 hops 1 back 64 The above run is between two clients on the VPN: I initiated the trace from 192.168.100.90 to the destination of 192.168.100.91. Both clients were configured with fragment 1200; mssfix; in an attempt to limit the MTU used on the link. The above results would seem to suggest that tracepath was able to detect a path MTU of 1500 bytes between the two clients. I would assume that it would be somewhat smaller due to the fragmentation settings specified in the OpenVPN configuration. I found that result somewhat strange. Even stranger, however: if I have a TCP connection in the stalled state (e.g. an SSH session with a directory listing that froze in the middle), then executing the tracepath command shown above causes the connection to start up again! I can't figure out any reasonable explanation for why this would be the case, but I feel like this might be pointing toward a solution to ultimately eradicate the problem. Does anyone have any recommendations for other things to try? Edit: I've come back and looked at this a bit further, and have found only more confounding information: I set the OpenVPN connection to fragment at 1400 bytes, as shown above. Then, I connected to the VPN from across the Internet and used Wireshark to look at the UDP packets that were sent to the VPN server while the stall occurred. None were greater than the specified 1400 byte count, so the fragmentation seems to be functioning properly. To verify that even a 1400-byte MTU would be sufficient, I pinged the VPN server using the following (Linux) command: ping <host> -s 1450 -M do This (I believe) sends a 1450-byte packet with fragmentation disabled (I at least verified that it didn't work if I set it to an obviously-too-large value like 1600 bytes). These seem to work just fine; I get replies back from the host with no issue. So, maybe this isn't an MTU issue at all. I'm just confused as to what else it might be! Edit 2: The rabbit hole just keeps getting deeper: I've now isolated the problem a bit more. It seems to be related to the exact OS that the VPN client uses. I have successfully duplicated the problem on at least three Ubuntu machines (versions 12.04 through 13.04). I can reliably duplicate an SSH connection freeze within a minute or so by just cat-ing a large log file. However, if I do the same test using a CentOS 6 machine as a client, then I don't see the problem! I've tested using the exact same OpenVPN client version as I was using on the Ubuntu machines. I can cat log files for hours without seeing the connection freeze. This seems to provide some insight as to the ultimate cause, but I'm just not sure what that insight is. I have examined the traffic over the VPN using Wireshark. I'm not a TCP expert, so I'm not sure what to make of the gory details, but the gist is that at some point, a UDP packet gets dropped due to the limited bandwidth of the Internet link, causing TCP retransmissions inside the VPN tunnel. On the CentOS client, these retransmissions occur properly and things move on happily. At some point with the Ubuntu clients, though, the remote end starts retransmitting the same TCP segment over and over (with the transmit delay increasing between each retransmission). The client sends what looks like a valid TCP ACK to each retransmission, but the remote end still continues to transmit the same TCP segment periodically. This extends ad infinitum and the connection stalls. My question here would be: Does anyone have any recommendations for how to troubleshoot and/or determine the root cause of the TCP issue? It's as if the remote end isn't accepting the ACK messages sent by the VPN client. One common difference between the CentOS node and the various Ubuntu releases is that Ubuntu has a much more recent Linux kernel version (from 3.2 in Ubuntu 12.04 to 3.8 in 13.04). A pointer to some new kernel bug maybe? I'm assuming that if that were so, then I wouldn't be the only one experiencing the problem; I don't think this seems like a particularly exotic setup.

    Read the article

  • How do I install the Cisco Anyconnect VPN client?

    - by chuck
    I installed Cisco AnyConnect for Ubuntu(64) 12.04, but it failed. It can be installed on Ubuntu 10.10(64). The error log Installing Cisco AnyConnect VPN Client ... Extracting installation files to /tmp/vpn.teuSIr/vpninst096243274.tgz... Unarchiving installation files to /tmp/vpn.teuSIr... Starting the VPN agent... /opt/cisco/vpn/bin/vpnagentd: error while loading shared libraries: libxml2.so.2: cannot open shared object file: No such file or directory When I meet that, locate libxml2.so.2 /usr/lib/x86_64-linux-gnu/libxml2.so.2 /usr/lib/x86_64-linux-gnu/libxml2.so.2.7.8 So I create symbol link libxml2.so.2 in /user/lib and after I do: Installing Cisco AnyConnect VPN Client ... Extracting installation files to /tmp/vpn.5cz4FV/vpninst001442979.tgz... Unarchiving installation files to /tmp/vpn.5cz4FV... Starting the VPN agent... /opt/cisco/vpn/bin/vpnagentd: error while loading shared libraries: libxml2.so.2: wrong ELF class: ELFCLASS64 I ensure that there exist lib32 runtime lib on my device. How can I fix this?

    Read the article

  • What's the best way to share folder between guest and host machine in VMWARE over VPN?

    - by melaos
    i have a win 7 host machine and i'm running my vmware which is a win server machine. So i'm doing windows development work on my vmware. the source codes are in my win 7 machine which i access using a shared folder method. My only problem now is when my vmware connects to VPN to the deploy the codes, the folder gets disconnected. as i don't really understand the networking or the vmware architecture, what can i do so that i can share the folder from my win 7 host machine to my vmware without getting disconnected when i connect to VPN using my guest (win server) machine? please advise. stuck on vmware thanks

    Read the article

  • IKE2 VPN Server Certificate expired. How do I issue a new one

    - by Preet Sangha
    This is a completely new area for me. We are getting "13801: IKE Auth Credentials are unacceptable" messages when connecting to our VPN service on a small Windows 2008R2 domain. Doing a google search has lead me to investigate the Certificate Authority. I've looked in the Certificate Authority | Issued Certificates And the one for the VPN Reconnect is marked as expired since a couple of hours a ago. Can some one tell me what the step I need to take to regen/reissue a simillar cert please? FYI:The client certs are not expiring for a number of years so they are fine.

    Read the article

  • VPN - What is the complexity involved setting one up across less than a dozen machines?

    - by lucius
    Hello, I have never set up and configured a VPN. I was wondering what it takes to set one up across windows server 2008 servers. What is the complexity involved? How complicated is it to configure? Do I need to set up a Domain controller as a pre-requisite? I am asking because it appears SQL Server 2008 merge replication can only be set up over the internet using VPN and I am trying to gauge what I am up against. Thanks a lot.

    Read the article

  • Can a company use VPN to spy on me?

    - by orokusaki
    I'm about to work with a company on a development project, but they first need to set up a pretty complicated environment, and suggested they use VPN to work on my machine to do this. Should I be concerned that somebody can just watch me work? It would be embarrassing, if somebody could witness my work habits (e.g. Asking questions on SO and researching all day is part of my daily work regiment, and makes me feel like a noob, but it keeps me sharp. I also listen to conspiracy videos all day, and RadioLab podcasts, :). Is VPN going to introduce this possibility, and if so, is there a way around it? EDIT: Also, is there a way I can always tell when somebody is VPNed into my computer?

    Read the article

  • AnyConnect SSL VPN split tunneling for a single website?

    - by Daniel Lucas
    We have a Cisco ASA 5510. We use split tunneling for AnyConnect SSL VPN clients. All internal addresses are tunnelled. Everything else is routed through the client's own internet connection. We use a SaaS service that only responds to requests when they come from one of our own public IP addresses. Because of this, VPN users are unable to access it currently. Is there a way to specify that a specific website should be tunneled and all others should not? NOTE: Worst case we will use a web bookmark on the clientless portal to tranlate through our network, but I'd like to see if the above is possible first.

    Read the article

  • Possible to get OpenDNS to dereference Host on VPN?

    - by Scott P
    I recently changed ISPs for my home internet. I am now having some trouble getting back into the corporate network from home over the VPN. I have figured out the OpenDNS is resolving the Hosts on the VPN incorrectly when I am using TCP/IP. When I browse to one of the hosts on corporate network, i.e. \host1, from the file manager this succeeds. However, when I ping the host, i.e. ping host1, the IP address is resolving to the OpenDNS name server instead of the actual Host IP address. Does anyone know how to make this work? On a hunch, I turned off type correction. But, this did not help.

    Read the article

  • Connect macbook to my LAN through a VPN - best solution?

    - by LewisMc
    So I have a LAN connected via a ADSL/PPPoA, this is using a bog-standard DLink router supplied by my ISP (talktalk UK). I have a NAS within the LAN that is running FreeNAS and I want to be able to connect to it when I'm out and about. It's running an atom so it's quite low on juice consumption but I don't want to have it on all day and night so I've been waking it via a magic packet and booting it down from the web admin when I need it. So I want to connect to the LAN, I presume via a VPN, to be able to send a magic packet. But what is the best method to accomplish this, or is there an easier way? I've been looking at the cisco 857 integrated router and the Netgear prosafe 318(behind modem) but not sure If I'm on the right track with what I want to achieve as I've not much experience or knowledge with VPN's or networking (software engineering student). I have tried port forwarding but to no avail, either with magic packets or even connecting outside the LAN via DYNDNS. Thanks,

    Read the article

  • Can I make a computer connecting via VPN visible to computers within the network it is connecting to

    - by SCdF
    OK, here's the deal: I have a computer (specifically, a MacBook Pro) that is connected to a standard network that is then connected to the big nasty internet. Let's call it foo. It runs a web server on 8084, and so if you were on its local network you could get to this with http://foo:8084/, or http://192.168.1.2:8084/, or whatever. From foo I can VPN into my companies intranet and see a computer on the local company network called bar (another MacBook Pro, incidentally). Is there any way to set this up so that while foo is on the VPN bar can access http://foo:8084/ (or http://x.x.x.x:8084/, or whatever)? (From my limited understanding of how VPNs work I have a sneaking suspicion the answer is no, but it doesn't hurt to ask...)

    Read the article

  • VPN is working, except for DNS lookups. Firewall (Cisco ASA 5505) issue?

    - by macke
    I've got the following set up: LAN -> DHCP / DNS / VPN server (OSX 10.6) -> Cisco ASA 5505 -> WAN Connecting to the LAN via VPN works fine. I get all the details properly and I can ping any host on the internal network using their IP. However, I can't do any host lookups whatsoever. I've looked through the logs on and found this nugget in the firewall log: 3 Sep 08 2010 10:46:40 305006 10.0.0.197 65371 portmap translation creation failed for udp src inside:myhostname.local/53 dst inside:10.0.0.197/65371 Port 53 is dns services, no? Because of that log entry, I'm thinking that the issue is with the firewall, not the server. Any ideas? Please keep in mind that I have very little knowledge and experience with this kind of firewall and the little experience I do have is with the ASDM GUI console, not the CLI console.

    Read the article

  • How to control remote access to Sonicwall VPN beyond passwords?

    - by pghcpa
    I have a SonicWall TZ-210. I want an extremely easy way to limit external remote access to the VPN beyond just username and password, but I do not wish to buy/deploy a OTP appliance because that is overkill for my situation. I also do not want to use IPSec because my remote users are roaming. I want the user to be in physical possession of something, whether that is a pre-configured client with an encrypted key or a certificate .cer/.pfx of some sort. SonicWall used to offer "Certificate Services" for authentication, but apparently discontinued that a long time ago. So, what is everyone using in its place? Beyond the "Fortune 500" expensive solution, how do I limit access to the VPN to only those users who have possession of a certificate file or some other file or something beyond passwords? Thanks.

    Read the article

  • How to create a VPN between a Host and VMWare VMs?

    - by Anindya Chatterjee
    I have a set of machines as follows My home laptop running Win7 Ultimate with internet connection. A vmware workstation vm running Windows Server 2003 Standard edition server in my laptop w/o internet connectivity Some of my peers' machines connected to internet I want to create a VPN with these machines, provided the VM will not have any direct internet connection and my peers should able to connect to the SVN server application running on this Win2003 server VM. Can anybody please suggest me how to setup this network, what software I need to install in both physical machine and vm, what kind of network connectivity should be there between vmware guest and host machine? EDIT: I deliberately don't want to connect the VM with internet. The host will work more of a gateway of the VPN connection for the VM.

    Read the article

  • How can I port forward over a VPN NAT?

    - by Charlie
    I have a multi-site VPN currently running with pfSense boxes and currently using OpenVPN. However I can change the OS and VPN type if need be. The main router has a 10.13.0.0/16 subnet and a series of public IPs For example, a branch has a 10.12.1.0/24 subnet How can I port forward NAT traffic on a public IP of the main router to a server behind the NAT of the second? So for instance port 95 on a public IP assigned to the main router forwards to 10.12.1.102 on the other router. Is this even possible? Currently my setup works great but only for intertnal traffic

    Read the article

  • Connect macbook to my LAN through a VPN - best solution? [closed]

    - by LewisMc
    So I have a LAN connected via a ADSL/PPPoA, this is using a bog-standard DLink router supplied by my ISP (talktalk UK). I have a NAS within the LAN that is running FreeNAS and I want to be able to connect to it when I'm out and about. It's running an atom so it's quite low on juice consumption but I don't want to have it on all day and night so I've been waking it via a magic packet and booting it down from the web admin when I need it. So I want to connect to the LAN, I presume via a VPN, to be able to send a magic packet. But what is the best method to accomplish this, or is there an easier way? I've been looking at the cisco 857 integrated router and the Netgear prosafe 318(behind modem) but not sure If I'm on the right track with what I want to achieve as I've not much experience or knowledge with VPN's or networking (software engineering student). I have tried port forwarding but to no avail, either with magic packets or even connecting outside the LAN via DYNDNS. Thanks,

    Read the article

  • How to map a VPN (tun0) network adapter on host Ubuntu to a VirtualBox guest Windows?

    - by Mashimom
    I have a Ubuntu 10.04 running Oracle VirtualBox 3.2.6 with a Windows XP guest. I use a VPN that I would like to be accessed by the guest VM, on a ifconfig it shows as: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:5.192.10.99 P-t-P:5.192.10.99 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1362 Metric:1 RX packets:14151 errors:0 dropped:0 overruns:0 frame:0 TX packets:19860 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:500 RX bytes:4415271 (4.4 MB) TX bytes:17949982 (17.9 MB) Using NAT or Bridge adapters on the VM only gives me the non-vpn adapter. How can I map the tun0 adapter to VirtualBox?

    Read the article

< Previous Page | 29 30 31 32 33 34 35 36 37 38 39 40  | Next Page >