Search Results

Search found 4906 results on 197 pages for 'ssh tunnel'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 55/197 | < Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >

  • Add user in CentOS 5

    - by Ron
    I created a new user in my CentOS web server with useradd. Added a password with passwd. But I can't log in with the user via SSH. I keep getting 'access denied'. I checked to make sure that the password was assigned and that the account is active. /var/log/secure shows the following error: Aug 13 03:41:40 server1 su: pam_unix(su:auth): authentication failure; logname= uid=500 euid=0 tty=pts/0 ruser=rwade rhost= user=root Please help, Thanks Thanks for the responses so far: I should add that it is a VPS on a remote computer, fresh out of the box. I can log in as the root user quite fine. I can also su to the new user, but I cannot log in as the new user. Here is my sshd_config file: # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin # The strategy used for options in the default sshd_config shipped with # OpenSSH is to specify options with their default value where # possible, but leave them commented. Uncommented options change a # default value. #Port 22 #Protocol 2,1 Protocol 2 #AddressFamily any #ListenAddress 0.0.0.0 #ListenAddress :: # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key #KeyRegenerationInterval 1h #ServerKeyBits 768 # Logging # obsoletes QuietMode and FascistLogging #SyslogFacility AUTH SyslogFacility AUTHPRIV #LogLevel INFO # Authentication: #LoginGraceTime 2m #PermitRootLogin yes #StrictModes yes #MaxAuthTries 6 #RSAAuthentication yes #PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts #RhostsRSAAuthentication no # similar for protocol version 2 #HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication and HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files #IgnoreRhosts yes # To disable tunneled clear text passwords, change to no here! #PasswordAuthentication yes #PermitEmptyPasswords no PasswordAuthentication yes # Change to no to disable s/key passwords #ChallengeResponseAuthentication yes ChallengeResponseAuthentication no # Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes #KerberosGetAFSToken no # GSSAPI options #GSSAPIAuthentication no GSSAPIAuthentication yes #GSSAPICleanupCredentials yes GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication mechanism. # Depending on your PAM configuration, this may bypass the setting of # PasswordAuthentication, PermitEmptyPasswords, and # "PermitRootLogin without-password". If you just want the PAM account and # session checks to run without PAM authentication, then enable this but set # ChallengeResponseAuthentication=no #UsePAM no UsePAM yes # Accept locale-related environment variables AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL #AllowTcpForwarding yes #GatewayPorts no #X11Forwarding no X11Forwarding yes #X11DisplayOffset 10 #X11UseLocalhost yes #PrintMotd yes #PrintLastLog yes #TCPKeepAlive yes #UseLogin no #UsePrivilegeSeparation yes #PermitUserEnvironment no #Compression delayed #ClientAliveInterval 0 #ClientAliveCountMax 3 #ShowPatchLevel no #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10 #PermitTunnel no #ChrootDirectory none # no default banner path #Banner /some/path # override default of no subsystems Subsystem sftp /usr/libexec/openssh/sftp-server

    Read the article

  • Proxy within a proxy, tunneling?

    - by joeblogger
    At work there is a proxy that (understandably) blocks all ports except web ones. However, during lunch hours you are allowed to play online games. But as ports are blocked, multiplayer games are out of the question. So I was wondering, could I set up a tunnel on a web port, that would then allow me to access those blocked ports, through the port 80 tunnel whilst still being behind the work proxy? This is in a Windows environment.

    Read the article

  • Openswan + xl2tpd connections time out after a while

    - by Halfgaar
    I have a non-NATed Openswan+xl2tpd server (Ubuntu 12.04), to which I connect with a Windows 8 behind NAT. The client loses its connection after a while of doing nothing (between 30 and 60 minutes, but I didn't time it). The client doesn't have enabled that it should kill inactive connections. Nor does it ever go into sleep mode. I also tried setting the kill-after-time to 24 hours, but that didn't help. The NAT router behind which the client located is Debian Linux, and its router is a Cisco which connects us directly to the data center where the server is. None of our other connections, like SSH, get dropped with inactivity (because of cheap routers). I did however try turning on the keepalives in /etc/ipsec.conf: config setup (...snip...) nat_traversal=yes force_keepalive=yes keep_alive=10 but that didn't help. As you can see in the config later, dead peer detection's action is clear. That would be a first suggestion to fix, but I need clear, because people will be connecting from everwhere but the kitchen sink. Besides, as I said, in the test setup I have now, I can't see any device killing its connection. (edit: 'restart' also has the same effect) These are of one time it happened: Jul 18 16:18:06 host xl2tpd[1918]: Maximum retries exceeded for tunnel 49070. Closing. Jul 18 16:18:06 host xl2tpd[1918]: Terminating pppd: sending TERM signal to pid 18359 Jul 18 16:18:06 host xl2tpd[1918]: Connection 4 closed to 89.188.x.y, port 1701 (Timeout) Jul 18 16:18:11 host xl2tpd[1918]: Unable to deliver closing message for tunnel 49070. Destroying anyway. and these on another: Jul 18 17:44:39 host xl2tpd[1918]: udp_xmit failed to 89.188.x.y:1701 with err=-1:Operation not permitted Jul 18 17:44:43 xl2tpd[1918]: last message repeated 4 times Jul 18 17:44:43 host xl2tpd[1918]: Maximum retries exceeded for tunnel 10918. Closing. Jul 18 17:44:43 host xl2tpd[1918]: udp_xmit failed to 89.188.x.y:1701 with err=-1:Operation not permitted Jul 18 17:44:43 host xl2tpd[1918]: Terminating pppd: sending TERM signal to pid 26338 Jul 18 17:44:43 host xl2tpd[1918]: Connection 6 closed to 89.188.x.y, port 1701 (Timeout) Jul 18 17:44:44 host xl2tpd[1918]: udp_xmit failed to 89.188.x.y:1701 with err=-1:Operation not permitted Jul 18 17:44:48 xl2tpd[1918]: last message repeated 3 times Jul 18 17:44:48 host xl2tpd[1918]: Unable to deliver closing message for tunnel 10918. Destroying anyway. Jul 18 17:44:59 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0) Jul 18 17:44:59 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping. Jul 18 17:45:09 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0) Jul 18 17:45:09 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping. Jul 18 17:45:19 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0) Jul 18 17:45:19 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping. Jul 18 17:45:29 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0) Jul 18 17:45:29 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping. Jul 18 17:45:39 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0) Jul 18 17:45:39 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping. Jul 18 17:45:49 host xl2tpd[1918]: Can not find tunnel 10918 (refhim=0) Jul 18 17:45:49 host xl2tpd[1918]: network_thread: unable to find call or tunnel to handle packet. call = 0, tunnel = 10918 Dumping. Versions: Ubuntu 12.04 Openswan: 2.6.37-1 xl2tpd: 3.1+dfsg-1 kernel: 3.2.0-49-generic configs: /etc/ipsec.conf: version 2.0 # conforms to second version of ipsec.conf specification config setup nat_traversal=yes virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.152.2.0/24 oe=off protostack=netkey force_keepalive=yes keep_alive=10 conn L2TP-PSK-NAT rightsubnet=vhost:%priv also=L2TP-PSK-noNAT conn L2TP-PSK-noNAT authby=secret pfs=no auto=add keyingtries=2 rekey=no dpddelay=30 dpdtimeout=120 dpdaction=clear ikelifetime=8h keylife=1h type=transport left=%defaultroute leftprotoport=17/1701 right=%any rightprotoport=17/%any /etc/xl2tpd/xl2tpd.conf [global] ipsec saref = no [lns default] ip range = 10.152.2.2-10.152.2.254 local ip = 10.152.2.1 refuse chap = yes refuse pap = yes require authentication = yes ppp debug = no pppoptfile = /etc/ppp/options.xl2tpd length bit = yes /etc/ppp/options.xl2tpd: require-mschap-v2 refuse-mschap ms-dns 10.152.2.1 asyncmap 0 auth crtscts idle 1800 mtu 1200 mru 1200 lock hide-password local #debug name l2tpd proxyarp lcp-echo-interval 30 lcp-echo-failure 4

    Read the article

  • How do I get the F1-F12 keys to switch screens in gnu screen in cygwin when connecting via SSH?

    - by Mikey
    I'm connecting to a desktop running cygwin via SSH from the terminal app in Mac OS X. I have already started screen on the cygwin side and can connect to it over the SSH session. Furthermore, I have the following in the .screenrc file: bindkey -k k1 select 1 # F1 = screen 1 bindkey -k k2 select 2 # F2 = screen 2 bindkey -k k3 select 3 # F3 = screen 3 bindkey -k k4 select 4 # F4 = screen 4 bindkey -k k5 select 5 # F5 = screen 5 bindkey -k k6 select 6 # F6 = screen 6 bindkey -k k7 select 7 # F7 = screen 7 bindkey -k k8 select 8 # F8 = screen 8 bindkey -k k9 select 9 # F9 = screen 9 bindkey -k F1 prev # F11 = prev bindkey -k F2 next # F12 = next However, when I start multiple windows in screen and attempt to switch between them via the function keys, all I get is a beep. I have tried various settings for $TERM (e.g. ansi, cygwin, xterm-color, vt100) and they don't really seem to affect anything. I have verified that the terminal app is in fact sending the escape sequence for the function key that I'm expecting and that my bash shell (running inside screen) is receiving it. For example, for F1, it sends the following (hexdump is a perl script I wrote that takes STDIN in binmode and outputs it as a hexadecimal/ascii dump): % hexdump [press F1 and then hit ^D to terminate input] 00000000: 1b4f50 .OP If things were working correctly, I don't think bash should receive the escape sequence because screen should have caught it and turned it into a command. How do I get the function keys to work?

    Read the article

  • File Transfer with a double SSH login.

    - by Harpal
    I'm have trouble transfering files again from my work PC, which is a linux machine to my home windows PC. My work has changed it so I now need to SSH twice before I can access my PC. So I need to: ssh [email protected] password: xxxxx I then need to do it again. ssh computer_name password: xxxxx I've tried accessing directly via my computers IP but to of no avail. Is there a way I can use pscp or file zilla to ssh twice so I can transfer files?

    Read the article

  • Prompt not working when logged in as specific user

    - by Clay
    Hello I am running ubuntu 11.10 and access it via ssh with putty. My problem is that when I log in I get the prompt [email protected]:~$ and my arrow keys do what the y are supposed to. When I try to login in as another user account I made all I get is this as the prompt it never says the directory or anyting $ Also when ever I try to use the left, right, up or down arrow I get a character like this ^[[A Is this a bug in putty or did I just not set the account up right?

    Read the article

  • Is syncing private keys a good idea?

    - by Jacob Johan Edwards
    Ubuntu One's Security FAQ indicates that Canonical encrypts connections and restricts access to user data. This all well and fine, and I do trust SSL for online banking and other things more valuable than my private keys. That said, I am quite anxious about putting my ~/.ssh/id_dsa up in the cloud. Obviously, no system is totally secure. Could some knowledgeable party, then, pragmatically quantify the risks?

    Read the article

  • How do I change my username?

    - by Takkat
    Some time ago when I installed Ubuntu I chose a rather stupid username for my account that I do not want to use anymore. How do I change this (including the name of my home directory) without loosing settings for applications? How do I keep permissions and my keys for various authentification (e.g. email, SSH, GPG and more)? What settings could possibly get lost if I changed my username? Both, command-line and graphical solutions are appreciated.

    Read the article

  • How to delete IPSEC VPN tunnel from Fortigate 60

    - by Björn
    I have had a IPSEC connection setup between two firewalls. Now I want to remove the tunnel in my firewall, a "Fortigate 60". There are two phases, "Phase 1" and "Phase 2" for each IPSEC connection. I can delete the "Phase 2" entry by clicking the trashcan icon (in the web interface), but there is not such icon for "Phase 1". Is it possible to delete that? When I look at the log it alerts about this tunnel not working (after deleting "Phase 2") and it would be nice not ta have loads of such events in the log. All ideas are appreciated.

    Read the article

  • howto only tunnel specific hosts route through openvpn client on tomato

    - by kcome
    I am relatively newbie in networking world although I did coding and know some sysadmin background for a long time. and here I'm only one step from my destination. The whole picture is : at home I use one LinkSys E3000 as the gateway(don't know yet if this is it's name), wireless AP and no other routing/switching devices. It serves 1 PC and 1 Mac with LAN, 1 Mac Mini + 1 iPad + 2 smartphones with WIFI. My goal is use an openvpn client on the E3000 (with tomato firmware) and make my iPad and smartphone's all WiFi traffic through it, and other devices route remain the same non-openvpn route. So far I'm able to connect openvpn client on E3000 to an openvpn server, tunnel all my devices' all traffic through that openvpn connection. What's left is howto selectively route by source IP (at least in my guessing) to the tunnel while don't bother others. I had learned some 'iptables' and 'route' in past few days however without much luck, so here comes my question. Here are some info which will help you get the structure. ifconfig -a output, some useless lines striped, and in the web interface C0:C1:C0:1A:E0:28 is WAN, C0:C1:C0:1A:E0:27 is LAN, C0:C1:C0:1A:E0:29 is 2.4G wifi AP, C0:C1:C0:1A:E0:2A is 5G wifi AP. root@router:/tmp/home/root# ifconfig -a br0 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:27 inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:27 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth1 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:29 UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1 eth2 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:2A UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host ppp0 Link encap:Point-to-Point Protocol inet addr:172.200.1.43 P-t-P:172.200.0.1 Mask:255.255.255.255 UP POINTOPOINT RUNNING MULTICAST MTU:1480 Metric:1 vlan1 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:27 UP BROADCAST RUNNING ALLMULTI MULTICAST MTU:1500 Metric:1 vlan2 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:28 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 wl0.1 Link encap:Ethernet HWaddr C0:C1:C0:1A:E0:29 BROADCAST MULTICAST MTU:1500 Metric:1 brctl show output root@router:/tmp/home/root# brctl show bridge name bridge id STP enabled interfaces br0 8000.c0c1c01ae027 no vlan1 eth1 eth2 before openvpn route-up script root@router:/tmp/home/root# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.200.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 172.200.0.1 0.0.0.0 UG 0 0 0 ppp0 openvpn server push PUSH: Received control message: 'PUSH_REPLY,redirect-gateway,dhcp-option DNS 8.8.8.8,route 172.20.0.1,topology net30,ping 10,ping-restart 120,ifconfig 172.20.0.6 172.20.0.5' openvpn's stock route-up script Apr 24 14:52:06 router daemon.notice openvpn[1768]: /sbin/ifconfig tun11 172.20.0.6 pointopoint 172.20.0.5 mtu 1500 Apr 24 14:52:08 router daemon.notice openvpn[1768]: /sbin/route add -net 72.14.177.29 netmask 255.255.255.255 gw 172.200.0.1 Apr 24 14:52:08 router daemon.notice openvpn[1768]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 172.20.0.5 Apr 24 14:52:08 router daemon.notice openvpn[1768]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 172.20.0.5 Apr 24 14:52:08 router daemon.notice openvpn[1768]: /sbin/route add -net 172.20.0.1 netmask 255.255.255.255 gw 172.20.0.5 route after openvpn root@router:/tmp/home/root# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 172.20.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun11 72.14.177.29 172.200.0.1 255.255.255.255 UGH 0 0 0 ppp0 172.200.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 172.20.0.1 172.20.0.5 255.255.255.255 UGH 0 0 0 tun11 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 br0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 172.20.0.5 128.0.0.0 UG 0 0 0 tun11 128.0.0.0 172.20.0.5 128.0.0.0 UG 0 0 0 tun11 0.0.0.0 172.200.0.1 0.0.0.0 UG 0 0 0 ppp0 something I had noticed and tried: * on the web interface of openvpn client there is an option "Create NAT on tunnel", if i check this, there is the following script (probably executed after openvpn connection established) root@router:/tmp/home/root# cat /tmp/etc/openvpn/fw/client1-fw.sh #!/bin/sh iptables -I INPUT -i tun11 -j ACCEPT iptables -I FORWARD -i tun11 -j ACCEPT iptables -t nat -I POSTROUTING -s 192.168.1.0/255.255.255.0 -o tun11 -j MASQUERADE if i uncheck this option, the last line will not appear. Then I guess probably the my issue will be solved by iptables and NAT related commands, I just haven't got enough knowledge to figure them out. I tried run iptables -t nat -I POSTROUTING -s 192.168.1.6 -o tun11 -j MASQUERADE manually after openvpn connected (192.168.1.6 is the ip address of my iPad), then my iPad get internet with openvpn tunnel, however all other devices can't reach internet. in case if needed, here is the iptables about NAT root@router:/tmp/home/root# iptables -t nat -L -n Chain PREROUTING (policy ACCEPT) target prot opt source destination DROP all -- 0.0.0.0/0 192.168.1.0/24 WANPREROUTING all -- 0.0.0.0/0 172.200.1.43 upnp all -- 0.0.0.0/0 172.200.1.43 Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 0.0.0.0/0 0.0.0.0/0 SNAT all -- 192.168.1.0/24 192.168.1.0/24 to:192.168.1.1 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain WANPREROUTING (1 references) target prot opt source destination DNAT icmp -- 0.0.0.0/0 0.0.0.0/0 to:192.168.1.1 Chain upnp (1 references) target prot opt source destination DNAT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5353 to:192.168.1.3:5353 Thanks in advance for helping and read this so much, I hope i made every info you need to give a help :)

    Read the article

  • Windows Server 2003 IPSec Tunnel Connected, But Not Working (Possibly NAT/RRAS Related)

    - by Kevinoid
    Configuration I have setup a "raw" IPSec tunnel between a Windows Server 2003 (SBS) machine and a Netgear FVG318 according to the instructions in Microsoft KB816514. The configuration is as follows (using the same conventions as the article): NetA | SBS2003 | FVG318 | NetB 10.0.0.0/24 | 216.x.x.x | 69.y.y.y | 10.0.254.0/24 Both the Main Mode and Quick Mode Security Associations are successfully completed and appear in the IP Security Monitor. I am also able to ping the SBS2003 server on its private address from any computer on NetB. The Problem Any traffic sent from a computer on NetA to NetB, or from SBS2003 to NetB (excluding ICMP Ping responses), is sent out on the public network interface outside the IPSec tunnel (no encryption or header authentication, as if the tunnel were not there). Pings sent from a computer on NetB to a computer on NetA successfully reach computers on NetA, but the responses are silently discarded by SBS2003 (they do not go out in the clear and do not generate any encrypted traffic). Possible Solutions Incorrect Configuration I could have mistyped something, somewhere, or KB816514 could be incorrect in some way. I have tried very hard to eliminate the first option. Have re-created the configuration several times, tried tweaking and adjusting all the settings I could without success (most prevent the SA from being established). NAT/RRAS I have seen multiple posts elsewhere suggesting that this could be due to interaction between NAT and the IPSec filters. Possibly the NetA private addresses get rewritten to 216.x.x.x before being compared with the Quick Mode IPSec filters and don't get tunneled because of the mismatch. In fact, The Cable Guy article from June 2005 "TCP/IP Packet Processing Paths" suggests that this is the case, (see step 2 and 4 of the Transit Traffic path). If this is the case, is there a way to exclude NetA-NetB traffic from NAT? Any thoughts, ideas, suggestions, and/or comments are appreciated. Update (2011-06-26) After failing to solve the problem, I resorted to paid Microsoft support. They were unable to solve the problem. Since then I have implemented a solution based on Linux that is working quite well. I will attempt to evaluate any proposed answers as best I can, but current configurations and time constraints will make this slow...

    Read the article

  • Public IP Routing over Private GRE tunnel

    - by Paul
    I have a GRE tunnel configured between two linux boxes. The tunnel works fine. I can ping from each host the other private ip. Head privateip: 10.0.0.1 publicip: 8.8.8.8 Tail privateip: 10.0.0.2 publicip: 7.7.7.7 The public IP on Tail has the network block 9.9.9.0/23 statically routed over the 7.7.7.7 interface. The idea is to make the 9.9.9.0/23 ips work on servers on the 8.8.8.8 network. I configure the tail host to route the /23 block. I mounted a 9.9 IP on the head server. I can ping the 9.9 ip from the tail to the head. I can't ping the 9.9 ip from the public internet. I think I need to add some other routes because of gateway issues, but I can't seem to wrap my mind around it (not a router guy, just beating my way through something that I have never done before and vaguely understand) --danks

    Read the article

  • MikroTik ipv6 Tunnel

    - by MikeSmitty
    I've got a MikroTik router set up with the latest stable OS on it, and I just set up an ipv6 tunnel with Hurricane Electric, but I'm having an odd issue with it. I can't ping anything until I first ping the tunnel endpoint on HE's side. After that I can ping any ipv6 address fine, but give it a little time (say, maybe 30 sec) and I can't ping any ipv6 addresses again. Whenever it stops allowing ping to go through I notice the counter on my firewall rule that drops invalid connections goes up. this is my ipv6 firewall config: add action=accept chain=input comment="" connection-state=established \ disabled=no in-interface=sit1 add action=accept chain=input comment="" connection-state=related disabled=no \ in-interface=sit1 add action=accept chain=input comment="" disabled=no in-interface=bridge \ src-address=ipv6_address_here/64 add action=drop chain=input comment="" connection-state=invalid disabled=no \ in-interface=sit1 add action=drop chain=input comment="" disabled=no in-interface=sit1 Any ideas on what it could be?

    Read the article

  • HowTo access Samba Share over VPN Tunnel?

    - by Jeff
    I don't know how to access a Samba share running on a Ubuntu 10.04 server through OpenVPN 2.1.0. I've installed & configured OpenVPN and everything works. The server end of the tunnel has the IP of 10.8.0.1. When I connect from XP (over our local network) I'm given the IP of 10.8.0.6. I can ping and trace route from both ends of the tunnel. Now, I'm lost...how to access the Samba share from XP and from OS X?

    Read the article

  • UFW: force traffic thru OpenVPN tunnel / do not leak any traffic

    - by hotzen
    I have VPN access using OpenVPN and try to create a safe machine that does not leak traffic over non-VPN interfaces. Using the firewall UFW I try to achieve the following: Allow Access from LAN to the machine's web-interface Otherwise only allow Traffic on tun0 (OpenVPN-Tunnel interface when established) Reject (or forward?) any traffic over other interfaces Currently I am using the following rules (sudo ufw status): To Action From -- ------ ---- 192.168.42.11 9999/tcp ALLOW Anywhere # allow web-interface Anywhere on tun0 ALLOW Anywhere # out only thru tun0 Anywhere ALLOW OUT Anywhere on tun0 # in only thru tun0 My problem is that the machine is initially not able to establish the OpenVPN-connection since only tun0 is allowed, which is not yet established (chicken-egg-problem) How do I allow creating the OpenVPN connection and from this point onward force every single packet to go thru the VPN-tunnel?

    Read the article

  • Cisco ASA 5505 (8.05): asymmetrical group-policy filter on an L2L IPSec tunnel

    - by gravyface
    I'm trying to find a way to setup a bi-directional L2L IPSec tunnel, but with differing group-policy filter ACLs for both sides. I have the following filter ACL setup, applied, and working on my tunnel-group: access-list ACME_FILTER extended permit tcp host 10.0.0.254 host 192.168.0.20 eq 22 access-list ACME_FILTER extended permit icmp host 10.0.0.254 host 192.168.0.20 According to the docs, VPN filters are bi-directional, you always specify the remote host first (10.0.0.254), followed by the local host and (optionally) port number, as per the documentation. However, I do not want the remote host to be able to access my local host's TCP port 22 (SSH) because there's no requirement to do so -- there's only a requirement for my host to access the remote host's SFTP server, not vice-versa. But since these filter ACLs are bidirectional, line 1 is also permitting the remote host to access my host's SSH Server. The documentation I'm reading doesn't seem to clear to me if this is possible; help/clarification much appreciated.

    Read the article

  • Create a tunnel to my dedicated windows server

    - by Mobiz
    I have a Win 2008 dedicated server. The remote access for MSSQL db is disabled. However I want to connect to it during development from my system. I need to create something like a tunnel from my lap so as to access it. I don't have static IP. Another reason for mentioning about creating tunnel is that my server IP has been whitelisted with other server. The data must originate from my dedicated server then only I can do the testing.

    Read the article

  • VPN ipsec tunnel from router to single windows server computer (gateway-to-host)

    - by Chris Miller
    Firstly, is this possible? The situation: 2 different ISP's. One has several servers and a firewall running. The other is limited to only one virtual server with one network card running windows server 2008r2. I need to set up a site-to-site style VPN using IPsec between the firewall of one ISP and the windows host on the other (gateway-to-host). This host has to run a SQL-Server that I can access from the other ISP's servers through the VPN tunnel. It seems looking at the RFC for IPsec that this should be possible using the features of Windows 2008, but I can't get it to work so far... It seems that I can't access any services running on the same computer or IP address used as the tunnel endpoint? Thanks Chris

    Read the article

  • What's necessary for automatic IPv6 tunnel configurations?

    - by deceze
    What kind of (server) infrastructure is necessary for automatic IPv6 tunneling to work? How would a client automatically find an endpoint? I'm not even sure if this is a standard feature of IPv6 or not, but setting up an IPv6 tunnel using an Apple Airport base station I noticed that it offers IPv6 tunneling with automatic configuration. Trying it, it didn't work (i.e. it failed to establish a tunnel). I'd imagine the ISP would need to run some sort of server advertising where an endpoint can be found? How is this supposed to work exactly?

    Read the article

  • Increasing link speed on OpenVPN (bandwidth)

    - by Mike
    I have bought a tunnel service by using OpenVPN. For a year I've had 10 Mbps max upload/download speed but now I've bought an additional 20 Mbps making the available total bandwidth 30 Mbps for me. On their homepage there are some controls available for me, for example to restart the tunnel. I've done that. It also says that the speed has indeed been upgraded to 30 Mbps on their page. I also got an email that said they have upgraded the speed. However after I reboot my machine, and OpenVPN has started up and is running as usual, when I look at the Windows Task Manager (opens when pressing CTRL+SHIFT+ESC) in the "Networking" tab I still have a link speed of only 10 Mbps. Two adapters are listed: Local Area Connection 4 (10 Mbps) and Local Area Connection 5 (100 Mbps). LAC5 is my "real" adapter, I have a 100 Mbps Internet connection if I don't use a tunnel. LAC3 is the virtual adapter used by OpenVPN. The problem is that it is still showing 10 Mbps even though I have upgraded to 30 Mbps. How can I fix this?

    Read the article

  • ipv6 ssh tunnel service for testing?

    - by Geuis
    I need to do some testing on a service that I run to make sure that it can handle ipv6 addresses. Basically, I need to connect to it from an ipv6 address. I've created a tunnel via tunnelbroker.net, but I'm finding the steps required to get a tunnel configured on my machine and router to be a lot of trouble. Given that I'm not a networking specialist and that I haven't had to dig into routing configuration in years, I'd like to know if there's an existing service that I can just ssh into and use it as my ipv6 endpoint. Simply being able to curl or wget from such an endpoint to my service would be more than enough to test what I need. Thanks!

    Read the article

  • Launching matlab remotely on windows via ssh? Impossible?

    - by Bob E.
    Howdy, I am trying to run matlab remotely on windows via OpenSSH installed with Cygwin, but launching matlab in windows without the GUI seems to be impossible. If i am logged in locally, I can launch matlab -nodesktop -nodisplay -r script, and matlab will launch up a stripped down GUI and do the command. However, this is impossible to do remotely via ssh, as, matlab needs to display the GUI. Does anyone have any suggestions or work arounds? Thanks, Bob

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >