Search Results

Search found 2193 results on 88 pages for 'multichannel vpn'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 40/88 | < Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >

  • How can I forward all web traffic from my Cisco ASA 5100 to a checkpoint firewall?

    - by Scott Clements
    Hi, I currently have two Cisco ASA 5100 routers setup with a site-to-site VPN at different physical locations. They are successfully configured so that all traffic at our remote site is forwarded over this VPN tunnel to our router here, which is fine, however I need the web traffic that comes here to then be forwarded onto our Check Point firewall router. Can someone please tell me how I can configure this?? Many Thanks, Scott

    Read the article

  • CMAK Custom Action to run synchronous executable

    - by Charles Gargent
    I am using the Connection Manager Administration Kit (CMAK) to create vpn connections for my users, if it is possible how do I create a custom action that launches an executable that runs synchronously? In the help file it says Only DLLs run synchronously, meaning that Connection Manager starts the action and then waits for the function to return before continuing Is there any way around this? I have seen something similar called VPN-Q which from the screen shots appear to do just that.

    Read the article

  • What's the advantage of OpenVPN over SSTP?

    - by Jose
    If considering Windows only environment, what's the advantage of introducing OpenVPN as the company VPN service, instead of Windows built-in protocols? Especially the new SSTP protocol already overcome the one of the weakness of PPTP, which may not go over firewall/NAT. I'm wondering is there any reason not to use Windows integrated solution. The strength of the security can be an issue but I'm not sure how different they are (I know MS VPN was vulnerable but is it still?) Thanks.

    Read the article

  • Iptables rule creation error: No chain/target/match by that name

    - by MikO
    I'm trying to create my first VPN on a VPS with CentOS 6, following this tutorial. When I have to create an iptables rule to allow proper routing of VPN subnet, with this command: iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE It throws this error: iptables: No chain/target/match by that name I was searching and I've found that this error is usually thrown when you misspell something, but as far as I understand, the rule is correct...

    Read the article

  • Cisco Routing through VPN

    - by Superman
    I am looking for a way to allow a client Win7 computer, which connects to our California office's Cisco ASA 5510 over an IPSec VPN connection to then be able to connect to a computer in our chicago office which is itself connected through another Cisco ASA router to california. It appears that we are unable to route client vpn connections between each other, and I cannot find any guidance on how to enable this. Let me know if this is possible / what needs to be done.

    Read the article

  • Checkpoint - Routing into the tunnel

    - by Fake4d
    I have a simple question for my checkpoint infrastructure. Do i have to route a net which i wanna access over a configured firewall VPN Tunnel. Explanation: I have two firewalls connected over a VPN which have several nets behind them. I need to access a new net at the other firewall and put them in their encryption Domain. Now here is the question: Do i have to route it in the operating system (SecurePlat)? Thanks!

    Read the article

  • What is "Disable class based route addition" good for?

    - by JRoppert
    In the advanced TCP/IP settings of a VPN connection, i found a checkbox labeled with "Disable class based route addition". The checkbox is only enabled as long as "Use default gateway on remote network" is switched off. What is "Disable class based route addition" good for? Detailed instructions to find the settings: Open Properties of VPN connection Go to Networking tab Open Properties of "Internet Protocol Version 4 (TCP/IPv4)" (and/or TCP/IPv6) Click "Advanced..." Button Change to "IP Settings" tab Here you can find the checkboxes mentioned above

    Read the article

  • Connect to multiple VPNs?

    - by Joe Lyga
    I need a way to connect to multiple VPNs. It's to access camera systems and resources that are on different networks as a client. One VPN could be a company network, and another a city network. Is there a straightforward way to do this? I've experimented with setting up multiple virtual machines in virtualbox already, and I'd like to avoid having to have a full OS installation for every VPN I want to connect to.

    Read the article

  • OpenVPN (HideMyAss) client on Ubuntu: Route only HTTP traffic

    - by Andersmith
    I want to use HideMyAss VPN (hidemyass.com) on Ubuntu Linux to route only HTTP (ports 80 & 443) traffic to the HideMyAss VPN server, and leave all the other traffic (MySQL, SSH, etc.) alone. I'm running Ubuntu on AWS EC2 instances. The problem is that when I try and run the default HMA script, I suddenly can't SSH into the Ubuntu instance anymore and have to reboot it from the AWS console. I suspect the Ubuntu instance will also have trouble connecting to the RDS MySQL database, but haven't confirmed it. HMA uses OpenVPN like this: sudo openvpn client.cfg The client configuration file (client.cfg) looks like this: ############################################## # Sample client-side OpenVPN 2.0 config file # # for connecting to multi-client server. # # # # This configuration can be used by multiple # # clients, however each client should have # # its own cert and key files. # # # # On Windows, you might want to rename this # # file so it has a .ovpn extension # ############################################## # Specify that we are a client and that we # will be pulling certain config file directives # from the server. client auth-user-pass #management-query-passwords #management-hold # Disable management port for debugging port issues #management 127.0.0.1 13010 ping 5 ping-exit 30 # Use the same setting as you are using on # the server. # On most systems, the VPN will not function # unless you partially or fully disable # the firewall for the TUN/TAP interface. #;dev tap dev tun # Windows needs the TAP-Win32 adapter name # from the Network Connections panel # if you have more than one. On XP SP2, # you may need to disable the firewall # for the TAP adapter. ;dev-node MyTap # Are we connecting to a TCP or # UDP server? Use the same setting as # on the server. proto tcp ;proto udp # The hostname/IP and port of the server. # You can have multiple remote entries # to load balance between the servers. # All VPN Servers are added at the very end ;remote my-server-2 1194 # Choose a random host from the remote # list for load-balancing. Otherwise # try hosts in the order specified. # We order the hosts according to number of connections. # So no need to randomize the list # remote-random # Keep trying indefinitely to resolve the # host name of the OpenVPN server. Very useful # on machines which are not permanently connected # to the internet such as laptops. resolv-retry infinite # Most clients don't need to bind to # a specific local port number. nobind # Downgrade privileges after initialization (non-Windows only) ;user nobody ;group nobody # Try to preserve some state across restarts. persist-key persist-tun # If you are connecting through an # HTTP proxy to reach the actual OpenVPN # server, put the proxy server/IP and # port number here. See the man page # if your proxy server requires # authentication. ;http-proxy-retry # retry on connection failures ;http-proxy [proxy server] [proxy port #] # Wireless networks often produce a lot # of duplicate packets. Set this flag # to silence duplicate packet warnings. ;mute-replay-warnings # SSL/TLS parms. # See the server config file for more # description. It's best to use # a separate .crt/.key file pair # for each client. A single ca # file can be used for all clients. ca ./keys/ca.crt cert ./keys/hmauser.crt key ./keys/hmauser.key # Verify server certificate by checking # that the certicate has the nsCertType # field set to "server". This is an # important precaution to protect against # a potential attack discussed here: # http://openvpn.net/howto.html#mitm # # To use this feature, you will need to generate # your server certificates with the nsCertType # field set to "server". The build-key-server # script in the easy-rsa folder will do this. ;ns-cert-type server # If a tls-auth key is used on the server # then every client must also have the key. ;tls-auth ta.key 1 # Select a cryptographic cipher. # If the cipher option is used on the server # then you must also specify it here. ;cipher x # Enable compression on the VPN link. # Don't enable this unless it is also # enabled in the server config file. #comp-lzo # Set log file verbosity. verb 3 # Silence repeating messages ;mute 20 # Detect proxy auto matically #auto-proxy # Need this for Vista connection issue route-metric 1 # Get rid of the cached password warning #auth-nocache #show-net-up #dhcp-renew #dhcp-release #route-delay 0 120 # added to prevent MITM attack ns-cert-type server # # Remote servers added dynamically by the master server # DO NOT CHANGE below this line # remote-random remote 173.242.116.200 443 # 0 remote 38.121.77.74 443 # 0 # etc... remote 67.23.177.5 443 # 0 remote 46.19.136.130 443 # 0 remote 173.254.207.2 443 # 0 # END

    Read the article

  • OpenVPN Bridge LAN-to-LAN Configuration?

    - by Shad Reese
    I'm trying to configure an OpenVPN bridge LAN-to-LAN setup. Currently, I have the OpenVPN bridge Server/Client setup up running. On the server-side my br-lan interface has tap0, eth0, and wlan0 in the bridge group. On the client-side the br-lan interface has eth0 and wlan0 in the bridge group, the client tap0 is outside of the br-lan group. Currently the two bridge groups are connected via the wlanO interfaces (server-side is the Access Point - AP and the client-side is the wireless client). My goal is to connect the two bridge groups with a wireless VPN pipe. My network configuration: Server: br-lan: 10.4.96.50 Client: br-lan: 10.4.96.75 tap0: 10.4.96.100 <---- issued by the VPN server. Unfortunately, I'm stuck with using a bridge instead of a routed OpenVPN setup. My question is how (if possible) do I add the client tap0 interface to the client bridge group, as to ensure all traffic between the server/client bridge groups is using the VPN pipe? SERVER CONFIG FILE. config openvpn sample_server # Set to 1 to enable this instance: option enable 1 option port 1194 option proto udp option dev tap0 option key /etc/easy-rsa/keys/server.key option dh /etc/easy-rsa/keys/dh1024.pem option ifconfig_pool_persist /tmp/ipp.txt option server_bridge "10.4.96.50 255.255.255.0 10.4.96.100 10.4.96.200" list push "redirect-gateway local def1" list push "dhcp-option DNS 10.4.96.14" option duplicate_cn 1 option comp_lzo 1 option max_clients 100 option log /tmp/openvpn.log option verb 3 CLIENT CONFIG FILE: config 'openvpn' 'sample_client' option 'enable' '1' option 'client' '1' option 'dev' 'tap' option 'proto' 'udp' list 'remote' '10.4.96.50 1194' option 'status' /tmp/openvpn-status.log option 'log' /tmp/openvpn.log option 'ca' '/etc/easy-rsa/keys/ca.crt' option 'cert' '/etc/easy-rsa/keys/client.crt' option 'key' '/etc/easy-rsa/keys/client.key' option 'comp_lzo' '1' option 'verb' '5' Thanks in advance,

    Read the article

  • How to scope access to a service to set of users, using OpenLDAP, and only OUs

    - by JDS
    Okay, here goes. Solving this will solve several problems for me (as I can reapply this knowledge to several extant, similar problems), but luckily I have a very specific, concise problem to describe. Enough preamble. Our hosting partner is setting up VPN access for us and is connecting it to our LDAP server. They are using Cisco VPN, the docs on setting this up are here: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c3c45.shtml#maintask1 Specifically, note the screenshot in (5), under "ASDM" Now, I do NOT want to provide access to all of our users. I only want to provide access to our IT group. But I do not see a configuration option for LDAP groups on that web reference for the Cisco VPN. We are using: OpenLDAP 2.4 Static groups (i.e. "Group has the following members...") Single user OU, "ou=users,dc=mycompany,dc=com" Is it possible to provide an alias of some kind in OpenLDAP that creates another OU, "itusers", say, and lets me alias the members of that OU somehow? Something like: "cn=Jeff Silverman,ou=itusers,dc=mycompany,dc=com" is an alias for "cn=Jeff Silverman,ou=users,dc=mycompany,dc=com" And is NOT a separate, unique user account. Alternatively, should I just create a separate OU and manage it separately? It is a pain, but only 12-15 users will have to be managed that way, with two separate user accounts. But I hate this option - messy, unmanageable, unscalable. You know what I mean. I am open to any options. I've searched and read all over but I can't quite find an directly analagous example. I can't possibly be the only one who's had this problem! Thanks!

    Read the article

  • Windows Server 2008 DHCP with RRAS

    - by Guillermo Prandi
    I have a Windows Server 2008 R2 which is a member of a domain, but is placed in a remote location. The server is directly connected to Internet. Clients need to access a particular insecure TCP service in this server (ports 9730 and 9731). Since clients have dynamic IP addresses I cannot know in advance, I thought it would be nice to have them connected through a VPN in order to access the insecure service, but ONLY to access that service, like this: Client ------> VPN TUNNEL ------> (Insecure service at Server) | \----> (Normal internet access) I'd enable the insecure ports in the firewall only from VPN accesses. For this I configured RRAS in the server and gave it a static IP address range (172.19.1.2 through 172.19.1.254) to serve the clients. First I thought I could use DHCP to assign the addresses, but I cannot use DHCP in my LAN connection (not allowed by the hosting service). I tried configuring DHCP binding it to a Microsoft Loopback Adapter, but that's not supported as a DHCP source by RRAS. What I want to accomplish is to send specific DHCP options to the client (network mask, routing table, etc.). In particular: Prevent the client from having the server as default router (without changing the client's "use default gateway in remote network"). Have it as a route for the server's internal RRAS address only (172.19.1.1). Prevent the client from using a 255.255.0.0 mask for the 172.19.x.x network (a 255.255.255.0 mask would be better). Can I do that with RRAS only? How? Currently, the only solution I can think of is to use DHCP in the LAN adapter, but filter DHCP packets so they don't reach the provider's network. However, I'm not sure if that will work. Any suggestions are welcomed! Guille

    Read the article

  • Esx servers in a DMZ

    - by James
    I have two ESX 3.5 servers in a DMZ. I can access these servers on any port from my lan via a VPN. Servers in the DMZ are unable to initiate connections back to the lan, for obvious reasons. I have a vCenter server on my lan and can initially connect to the esx servers fine. However the esx servers then try to send a hearth beat back to the vCenter server on udp/902 obviously this will not get back to the vCenter server, which then marks the ESX servers as not responding and disconnects. There are two broad solutions I can think of; 1) Try to tell vCenter to ignore not getting heart beats. The best I can do here is delay the disconnect by 3 mins. 2) Try some clever network solution. However again I am at loss. Note: The vCenter server is on a lan, and cannot be given a public IP, so firewall rules back will not work. And also I cannot setup a VPN from the DMZ to the lan. **I am adding the following, explanation that I added to the comments Ok maybe this is the bit that I not explaining well. The DMZ is on a remote site, an entirely independent network (network 1). The vCenter server is on our office lan (network 2). Network 2 can connect to any machine on any port on network 1. But network 1 is not allowed to initiate a connection to network 2. Any traffic destined to network 2 from network 1 gets dropped by the firewall as it is traffic to a non-routable address. The only solution I can think of is setting up a VPN from network 1 to network 2, but this is not acceptable So any clever folk out there any ideas? J

    Read the article

  • Windows Server 2003 SBS domain in multiple sites

    - by E3 Group
    We have about 25 employees in our current office and are looking to open up another office in another capital city housing about 15 employees. In our current office, we are running a domain hosted by a 2003 SBS server and I've been tasked by the boss to expand our infrastructure to the new office in the cheapest way possible (cheapest way in the short run that is, because my boss doesn't think more than 6 months ahead). So I'm looking to get a second hand server and have it run Server 2003 Std with exchange server 2003. These are the things that it needs to do: Replicate shared folders that are hosted in the parent LAN. Deliver emails hosted in the parent Exchange Server Somehow link up with the parent domain controller and push the AD to the remote site I'm pretty sure 3 is impossible but the DC would be available if a VPN connection is present, right? On that note, would I be looking at hardware VPN connections? I'm not sure how to deploy the new site as this is my first time doing it and i'm making it especially difficult for myself, seeing as the AD and DC is on an SBS server. Would I first start by establishing a VPN connection and then joining the new server to the domain? Will things 'just work' if I install exchange onto the new server and point outlooks to it? and how would I be able to replicate shared folders?

    Read the article

  • Different network response for indentical co-located machines

    - by Santosh
    We have a situation as follows: We have a two different virtual machines (VMs) on some remote server farm. The machines are identical in terms of hardware/software(OS) configurations. We have a J2EE application running on JBoss on each of those two machines. These two applications are of different version sav V1 on VM1 and V2 on VM2. We observed some degraded response time for application V2 when accessed via public URL. When we accessed the application through a secured VPN, there is hardly any difference. The bandwidth test (upload/download speed, ping etc) shows that VM1 is responding better when accessed via secured VPN. We concluded that the application does not seem to have performance issue. Because, it that's the case the performance degradation should also be there when access via VPN. So we concluded its the network problem. But since those two identical VMs are on same network we are looking for the reasons for different responses. My question is, given the above situation, what could be reasons for such a behavior ?

    Read the article

  • IPSec Tunnel to Amazon EC2 - Netkey, NAT, and routing problem

    - by Ernest Mueller
    Hey all, I'm working on getting an IPSec VPN working between Amazon EC2 and my on-premise. The goal is to be able to safely administer stuff, up/download data, etc. over that tunnel. I have gotten the tunnel up in openswan between a Fedora 12 instance with an elastic IP and a Cisco router that's also NATted. I think the ipsec part is OK, but I'm having trouble figuring out how to route traffic that way; there's no "ipsec0" virutal interface because on Amazon you have to use netkey and not KLIPS for the vpn. I hear iptables may be required and I'm an iptables noob. On the left (Amazon), I have a 10. network. Box 1 is privately 10.254.110.A, publically IP 184.73.168.B. Netkey tunnel is up. Box 2 is publically 130.164.26.C, privately 130.164.0.D And my .conf is: conn ni type= tunnel authby= secret left= 10.254.110.A leftid= 184.73.168.B leftnexthop= %defaultroute leftsubnet= 10.254.0.0/32 right= 130.164.26.C rightid= 130.164.0.D rightnexthop= %defaultroute rightsubnet= 130.164.0.0/18 keyexchange= ike pfs= no auto= start keyingtries= 3 disablearrivalcheck=no ikelifetime= 240m auth= esp compress= no keylife= 60m forceencaps= yes esp= 3des-md5 I added a route to box 1 (130.164.0.0/18 via 10.254.110.A dev eth0) but that doesn't do it for predictable reasons, when I traceroute the traffic's still going "around" and not through the vpn. Routing table: 10.254.110.0/23 dev eth0 proto kernel scope link src 10.254.110.A 130.164.0.0/18 via 10.254.110.178 dev eth0 src 10.254.110.A 169.254.0.0/16 dev eth0 scope link metric 1002 Anyone know how to do the routing with a netkey ipsec tunnel where both sides are NATted? Thanks...

    Read the article

  • RRAS with DHCP when the IP pool is on a different subnet

    - by John B
    I run a small business network and the last couple of days I have been setting up some equipment to add VPN capabilities to our network. I've got the following set up: Windows 2008 R2 with RRAS - 172.22.200.50 Cisco RV082 router - 172.22.100.1 / 172.22.200.1 The Cisco router only support DHCP on a single class C network; 172.22.100.0/24. On the Cisco router I have set up an additional subnet; 172.22.200.0/24. The DHCP range is 172.22.100.200-254 When a PPTP connection comes in to the router, it is forwarded to my RRAS at 172.22.200.50. If I configure RRAS to assign IPs from a static pool on the 172.22.200.0/24 subnet everything works fine except the DNS suffix / search domain. However, if I set RRAS to use DHCP I am no longer able to contact any devices on the network. The IP I receive is on a different subnet (172.22.100.0/24). Is it possible to still use DHCP as the method of ip assignment in RRAS, even when the IP adresses assigned are in a different subnet? If yes, what piece of configuration am I missing to fix the VPN connection issues mentioned in the paragraph above. The reason I want RRAS with DHCP to work is because from what I have understood, this is the "only" way to hand out a DNS suffix to VPN clients. Any help on this matter is greatly appreciated!

    Read the article

  • How to access remote network resource from local machine

    - by jerluc
    I just configured VPN access successfully so that I now can connect to my workstation at work from my personal Linux box at home. The problem is that all of my dev files for a server I'm locally running are on my personal box and cannot be transfered to my workstation (at least not in any timely manner over this connection given the amount of data, in addition to the many reconfigurations which would be required for the server to run even if I could somehow get the files across). So essentially, I am able to run my server locally on my personal computer, however, the data-sources required for the back-end are accessible only from within the office's network. But is there some way for me to somehow either access the data-sources directly through a VPN connection or even if I need to be a bit more convoluted by connecting via VPN to my workstation and then somehow connecting to the data-sources through my workstation to my personal computer? And here I could really care less about the speed of the connection from my server to the data-sources since they will probably only be fetched a few times every hour or so. Thanks! Sorry if this a stupid question and/or doesn't make any sense! (And sorry for anyone who read this at stackoverflow, I posted it in the wrong area.)

    Read the article

  • Netgear FVS336G: appropriate solution for today's small businesses?

    - by bwerks
    Hey all, I've been looking into a routers to facilitate a vpn solution for a small business. While the Netgear FVS336G looks good on paper, it appears to have some fairly crippling setbacks that drag down what appears to be some great hardware. First off, the unit has been around for a couple years now, perhaps before 64-bit operating systems were as common as they are now, and complaints are everywhere that claim that SSL or IPsec (or both) VPN connections will not work with 64-bit operating systems. However, most of these claims mention only Vista, which makes me think that these problems could have potentially been solved since then. Unfortunately though, Netgear's support forums seem to be incredibly private, and policed by some troll named jmizuguchi who just closes down public posts in order to marshal them into the private ones. Danger, will robinson. Apparently their firmware upgrade process is a nightmare too, but that's beside the point. My question is this: has anyone configured one a Netgear FVS336G to operate in a server 2008 (or R2)/windows 7 64-bit network? If so, is it possible to use the microsoft vpn client or are third party clients still required? If this thing has just failed the test of time, is there a feature-comparable unit that I've missed, at anywhere near the same price range? Thanks!

    Read the article

  • IPSec Tunnel to Amazon EC2 - Netkey, NAT, and routing issue

    - by Ernest Mueller
    I'm working on getting an IPSec VPN working between Amazon EC2 and my on-premise. The goal is to be able to safely administer stuff, up/download data, etc. over that tunnel. I have gotten the tunnel up in openswan between a Fedora 12 instance with an elastic IP and a Cisco router that's also NATted. I think the ipsec part is OK, but I'm having trouble figuring out how to route traffic that way; there's no "ipsec0" virutal interface because on Amazon you have to use netkey and not KLIPS for the vpn. I hear iptables may be required and I'm an iptables noob. On the left (Amazon), I have a 10. network. Box 1 is privately 10.254.110.A, publically IP 184.73.168.B. Netkey tunnel is up. Box 2 is publically 130.164.26.C, privately 130.164.0.D And my .conf is: conn ni type= tunnel authby= secret left= 10.254.110.A leftid= 184.73.168.B leftnexthop= %defaultroute leftsubnet= 10.254.0.0/32 right= 130.164.26.C rightid= 130.164.0.D rightnexthop= %defaultroute rightsubnet= 130.164.0.0/18 keyexchange= ike pfs= no auto= start keyingtries= 3 disablearrivalcheck=no ikelifetime= 240m auth= esp compress= no keylife= 60m forceencaps= yes esp= 3des-md5 I added a route to box 1 (130.164.0.0/18 via 10.254.110.A dev eth0) but that doesn't do it for predictable reasons, when I traceroute the traffic's still going "around" and not through the vpn. Routing table: 10.254.110.0/23 dev eth0 proto kernel scope link src 10.254.110.A 130.164.0.0/18 via 10.254.110.178 dev eth0 src 10.254.110.A 169.254.0.0/16 dev eth0 scope link metric 1002 Anyone know how to do the routing with a netkey ipsec tunnel where both sides are NATted? Thanks...

    Read the article

  • How to set up a easy-to-use proxy for the whole system with WinXP client and server?

    - by Pekka
    I am working together intensively with a colleague on the Canary Islands. We speak through live messenger and work together using a RDP software. She has frequent problems with connections to certain big-name and small-name sites (amongst others live.com, google.com, gmx.de) very likely to be caused by the spanish provider (the connections simply time out, this has been going on for weeks already). I have been thinking about setting up my computer as a proxy to make these connections work. I have a DSL connection and am behind a NAT capable router that I control. Does anybody know a simple, "one-click" way to transport ALL network traffic through a remote proxy? Without having to set proxy settings for each application that uses the internet? VPN is not an option, because I am behind a firewall that supports protocol 47 and such, but I have never succeeded in getting an incoming VPN connection to work. I can however redirect normal traffic using NAT. A VPN solution that does not need strange protocols would also be an option.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 36 37 38 39 40 41 42 43 44 45 46 47  | Next Page >