Search Results

Search found 17749 results on 710 pages for 'connection pool'.

Page 579/710 | < Previous Page | 575 576 577 578 579 580 581 582 583 584 585 586  | Next Page >

• Couldn't upload files to Sharepoint site while passing through Squid Proxy

  - by Ecio

  Hi all, we have this issue: one of our employees is collaborating with a supplier and he needs to upload documents on a Sharepoint site hosted on the supplier's main site. In our environment we use Squid Proxy to allow people navigate on the net (we have NTLM authentication and users transparently authenticate while using IE and FF). It seems that this specific Sharepoint site is using Integrated Windows Authentication only, and according to some research on the net it seems that this can have troubles with proxies. More specifically, we have tried two Squid versions: with Squid 3.0 we are unable to login to the site (the browser loads an empty page) with Squid 2.7 (that supports "Connection Pinning") we are able to login into the site, move on the different sections BUT.. when we try to upload a file that is bigger than a couple of KiloBytes (i.e. 10KB) the browser loads an error page (i think it's a 401 unauthorized but i must verify it) we've tried changing a couple of Squid options (in 2.7), what we got is that when you try to upload the file you got an authentication box (just like the initial login) and it refuses to go on even if you enter the same authentication credentials. What's really strange is that when you try to upload a small file (i.e. a text or binary 1KB file) the upload succeeds. I initially thought that maybe there was something misconfigured on their Sharepoint site but I've tried also this site: www.xsolive.com (it's a sharepoint 2007 demo site) and I've experienced the same problem. Has any of you experienced such behaviour? Thanks! Of course we've suggested to the supplier to activate also Basic+SSL and we're waiting for their reply..

  Read the article

• Amazon Ec2: Problem In Setting up FTP Server

  - by Muntasir

  after setting up My vsFtp Server ON Ec2 i am facing problem , my client is Filezilla and i am getting this error Response: 230 Login successful. Command: OPTS UTF8 ON Response: 200 Always in UTF8 mode. Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" Command: TYPE I Response: 200 Switching to Binary mode. Command: PASV Response: 500 OOPS: invalid pasv_address Command: PORT 10,130,8,44,240,50 Response: 500 OOPS: priv_sock_get_cmd Error: Failed to retrieve directory listing Error: Connection closed by server this is the current setting in my vsftpd.conf #nopriv_user=ftpsecure #async_abor_enable=YES # ASCII mangling is a horrible feature of the protocol. #ascii_upload_enable=YES #ascii_download_enable=YES # You may specify a file of disallowed anonymous e-mail addresses. Apparently # useful for combatting certain DoS attacks. #deny_email_enable=YES # (default follows) #banned_email_file=/etc/vsftpd/banned_emails # chroot_local_user=YES #chroot_list_enable=YES # (default follows) #chroot_list_file=/etc/vsftpd/chroot_list GNU nano 2.0.6 File: /etc/vsftpd/vsftpd.conf # #ls_recurse_enable=YES # # When "listen" directive is enabled, vsftpd runs in standalone mode and # listens on IPv4 sockets. This directive cannot be used in conjunction # with the listen_ipv6 directive. listen=YES # # This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6 # sockets, you must run two copies of vsftpd with two configuration files. # Make sure, that one of the listen options is commented !! #listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES pasv_enable=YES pasv_min_port=2345 pasv_max_port=2355 listen_port=1024 pasv_address=ec2-xxxxxxx.compute-1.amazonaws.com pasv_promiscuous=YES Note: i have already open those port in security group i mean listen port, min max if someone shows me how to fix this i will be very greatful thanks

  Read the article

• Group policy waited for the network subsystem

  - by the-wabbit

  In an AD domain with Windows Server 2008 R2 DCs users are complaining about delays in the bootup process of the clients. The group policy log reveals that the client is waiting ~ 20-50 seconds for "the network subsystem": Event 5322, GroupPolicy Group policy waited for 29687 milliseconds for the network subsystem at computer boot. This appears to be domain-specific as machines joining a different domain from the same network do not experience any delays and Event 5322 reports <1000 ms wait times at startup. It happens on virtual and physical machines alike, so it does not look like a hardware- or driver-related issue. Further investigation has shown that the client is taking its time before issuing DHCP requests. In the network traces, I can see IPv6 router solicitations and multicast DNS name registrations as soon as the network driver is loaded and the network connection is reported "up" in the event log (e1cexpress/36). Yet, the DHCPv4 client service seems to take another 15-50 seconds to start (Dhcp-Client/50036), so the IPv4 address remains unconfigured for a while. The DHCP client's messages in the event log are succeeding the service start of the "Sophos Anti-Virus" service (Sophos AV 10.3 package), which I suspect to be the culprit - the DHCP client service dependencies include the TDI Support driver which might be what Sophos is using to intercept network traffic: Network Location Awareness seems to break at startup as a side-effect, I see that off-site DCs are contacted due to what seems like a race condition between the GP client and the DHCP client / NLA service startup. I could set the Group Policy Client service to depend on NLA, yet this still would not eliminate the delay. Also, I am not all that sure that this is a good idea. Is there a known resolution which would eliminate the startup delay?

  Read the article

• Drop outs when accessing share by DFS name.

  - by Stephen Woolhead

  I have a strange problem, aren't they all! I have a DFS root \domain\files\vms, it has a single target on a different server than the namespace. I can copy a test file set from the target directly via \server\vms$\testfiles and all is well, the files copy fine. I have repeated these tests many times. If I try and copy the files from the dfs root I get big pauses in the network traffic, about 50 seconds every couple of minutes, all the traffic just stops for the copy. If I start another copy between the same two machines during this pause, it starts copying fine, so I know it's not an issue with the disks on the server. Every once in a while the copy will fail, no errors, the progress bar will just zip all the way to 100% and the copy dialog will close. Checking the target folder show that the copy is incomplete. I've moved the LUN to another server and had the same problem. The servers are all 2008 R2, the clients are Vista x64, Windows7 x64 and 2008 R2, all have the same problem. Anyone got any ideas? Cheers, Stephen More Information: I've been running a NetMon trace on the connection when the file copy fails and what seems to be standing out is that when opening a file that the copy completes on the SMB command looks like this: SMB2: C CREATE (0x5), Name=Training\PDC2008\BB34 Live Services Notifications, Awareness, and Communications.wmv@#422082, Context=DHnQ, Context=MxAc, Context=QFid, Context=RqLs, Mid = 245376 SMB2: R CREATE (0x5), Context=MxAc, Context=RqLs, Context=DHnQ, Context=QFid, FID=0xFFFFFFFF00000015, Mid = 245376 But for the last file when the copy dialog closes looks like this: SMB2: C CREATE (0x5), Name=gt\files\Media\Training\PDC2008\BB36 FAST Building Search-Driven Portals with Microsoft Office SharePoint Server 2007 and Microsoft Silverlight.wmv@#859374, Context=DHnQ, Context=MxAc, Context=QFid, Context=RqLs, Mid = 77 SMB2: R , Mid = 77 - NT Status: System - Error, Code = (58) STATUS_OBJECT_PATH_NOT_FOUND The main difference seems to be in the name, one is relative to the open file share, the other has gained the gt\files\media prefix which is the name of the DFS target. These failures are always preceded by logoff and back on of the SMB target. Might have to bump this one to PSS.

  Read the article

• Bypassing Router's DNS Settings

  - by Ramon Marco Navarro

  Is there a way to bypass my ISP provided CPE/router's DNS settings? I'd like to use OpenDNS but I am unable to access the administrator acount of the CPE. I tried logging in using the default passwords (admin/admin, admin/1234, etc) to no avail. I found out later that the admin password is generated using a generator where you input the CPE's MAC address. I tried emailing the manufacturer of the CPE (Huawei, the CPE is Huawei BM625) and my ISP but they aren't replying. I also saw similar queries (lots of them!) at Huawei's forums, without a single reply. So as a last resort, I'd like to know a way to bypass the CPE's DNS settings. My subscription is for a WiMAX service. I'm using Windows 7 and have already set the DNS settings for the Local Area Connection. But I still am not seeing the "You are already using OpenDNS" text at OpenDNS's site. And when explicitly using the OpenDNS servers I still seem to get 208.69.38.150 rather than the expected 208.69.38.160: nslookup www.opendns.com. 208.67.222.222 Server: resolver1.opendns.com Address: 208.67.222.222 Non-authoritative answer: Name: www.opendns.com Address: 208.69.38.150

  Read the article

• Accessing network shares on Windows7 via SonicWall VPN client

  - by Jack Lloyd

  I'm running Windows7 x64 (fully patched) and the SonicWall 4.2.6.0305 client (64-bit, claims to support Windows7). I can login to the VPN and access network resources (eg SSH to a machine that lives behind the VPN). However I cannot seem to be able to access shared filesystems. Windows is refusing to do discovery on the VPN network. I suspect part of the problem is Windows persistently considers the VPN connection to be a 'public network'. Normally, you can open the network and sharing center and modify this setting, however it does not give me a choice for the VPN. So I did the expedient thing and turned on file sharing for public networks. I also disabled the Windows firewall for good measure. Still no luck. I can access the server directly by putting \\192.168.1.240 in the taskbar, which brings up the list of shares on the server. However, trying to open any of the shares simply tells me "Windows cannot access \\192.168.1.240\share You do not have permission to access ..."; it never asks for a domain password. I also tried Windows7 native VPN functionality - it couldn't successfully connect to the VPN at all. I suspect this is because SonicWall is using some obnoxious special/undocumented authentication system; I had similar problems trying to connect on Linux with the normal IPsec tools there. What magical invocation or control panel option am I missing that will let this work? Are there any reasonable debugging strategies? I'm feeling quite frustrated at Windows tendency to not give me much useful information that might let me understand what it is trying to do and what is going wrong.

  Read the article

• Remote Desktop Mobile mangles barcodes coming from scanner

  - by sfonck

  We have an application here using handhelds to scan barcodes. These handhelds are actually making a remote desktop session towards a server where the application runs. Works fine. Now we have bought some new Motorola MC55's running 'Windows Mobile 6.1 Classic', and when using the application over remote desktop: it mangles the characters of the barcodes.... I already tried following things: When scanning a barcode on the MC55 itself it is displayed correctly When scanning a barcode via the remote desktop into a notepad session it is incorrect. Played with all options of the 'Remote Desktop Mobile' - no result Disabled 'autocorrect' and 'suggest words when entering text' on the input settings - no result The strange things is: a barcode which consists of only numbers gets scanned correctly the mangled characters comes through in lower case For some codes \t is mangled in between (should normally be entered after the barcode) e.g.: 'PERIN4' becomes 'ERINp4' 'MGZB' becomes 'GZB m' 'BAK664' becomes 'AK664 b' 'MAGBFA01' becomes 'AGBFmA01' '5021879949500' gets scanned correctly Final solution: Suppllier of the handhelds said the handheld was sending the characters too fast over the remote desktop connection. They changed the handheld to wait for 50ms between sending each character, which produced correct results right now. Scanning a barcode became somewhat slower but it's almost not remarkable to endusers.

  Read the article

• mod_perl loses STDOUT in middle of request

  - by puzzled72

  Hi, I have been having this weird issue where mod_perl seems to lose STDOUT in the middle of the request. So far I have eliminated everything I could think of. You might have seen this bug related to the following errors in error_log : Apache2 IO flush: (103) Apache2::RequestIO::read: (104) Software caused connection abort They are all the same error. It happens when the perl script running under mod_perl loses STDOUT when trying to print the result back to apache. I only notice this error on my servers running the following: (centos5.4) Perl 5.8.8-27 mod_perl 2.0.4-6 httpd 2.2.3-31 kernel-2.6.18-164.15.1 It's not the code This code has been working for months It's not network related The browser gets the error response from apache. It's not time related I get the error 15 or so seconds after I restart httpd It's not idle httpd related I have tried reducing the min/max SpareServers to 1 It's not load related I get the error even if there are only 10 sessions on httpd It's not related to the "fd < PERLIO_MAX_REFCOUNTABLE_FD" perl 5.8.8 bug I recompiled perl-5.8.8 with the patch mentioned here : https://bugzilla.redhat.com/show_bug.cgi?id=559832, same error. It appeared sometime between December 2009 and February 2010 sorry I cannot be more specific Anyone has any idea ? Anything that I have not tested ? Really Puzzled!

  Read the article

• Ubuntu 12.04 LDAP SSL self-signed cert not accepted

  - by MaddHacker

  I'm working with Ubuntu 12.04, using OpenLDAP server. I've followed the instructions on the Ubuntu help pages and can happily connect without security. To test my connection, I'm using ldapsearch the command looks like: ldapsearch -xv -H ldap://ldap.[my host].local -b dc=[my domain],dc=local -d8 -ZZ I've also used: ldapsearch -xv -H ldaps://ldap.[my host].local -b dc=[my domain],dc=local -d8 As far as I can tell, I've setup my certificate correctly, but no matter why I try, I can't seem to get ldapsearch to accept my self-signed certificate. So far, I've tried: Updating my /etc/ldap/ldap.conf file to look like: BASE dc=[my domain],dc=local URI ldaps://ldap.[my host].local TLS_CACERT /etc/ssl/certs/cacert.crt TLS_REQCERT allow Updating my /etc/ldap.conf file to look like: base dc=[my domain],dc=local uri ldapi:///ldap.[my host].local uri ldaps:///ldap.[my host].local ldap_version 3 ssl start_tls ssl on tls_checkpeer no TLS_REQCERT allow Updating my /etc/default/slapd to include: SLAPD_SERVICES="ldap:/// ldapi:/// ldaps:///" Several hours of Googling, most of which resulted in adding the TLS_REQCERT allow The exact error I'm seeing is: ldap_initialize( ldap://ldap.[my host].local ) request done: ld 0x20038710 msgid 1 TLS certificate verification: Error, self signed certificate in certificate chain TLS: can't connect. ldap_start_tls: Connect error (-11) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed After several hours of this, I was hoping someone else has seen this issue, and/or knows how to fix it. Please do let me know if I should add more information, or if you need further data.

  Read the article

• haproxy and tomcat intermittent hangs

  - by Lorin

  I am trying to run haproxy in front of tomcat on a Solaris x86 box, but I am getting intermittent failures. At seemingly random intervals, the request just hangs until haproxy times out the connection. I thought maybe it was my app, but I've been able to reproduce it with the tomcat manager app, and hitting tomcat directly there is no problems at all. Hitting it repeatedly with curl will cause the error within 10-15 tries curl -ikL http://admin:admin@<my server>:81/manager/status haproxy is running on port 81, tomcat on port 7000. haproxy returns a 504 gateway timeout to the client, and puts this into the log file: Sep 7 21:39:53 localhost haproxy[16887]: xxx.xxx.xxx.xxx:65168 [07/Sep/2009:21:39:23.005] http_proxy http_proxy/tomcat7000 5/0/0/-1/30014 504 194 - - sHNN 0/0/0/0/0 0/0 "GET /manager/status HTTP/1.1" Tomcat shows nothing, no error in the logs and no indication that the request ever makes it to the tomcat server. The request count is not incremented, the manager app only shows activity on one thread, serving up the manager app. Here are my haproxy and tomcat connector settings, I've been playing with both a good deal trying to chase down the issue, so they may not be ideal, but they definitely don't seem like they should cause this error. server.xml <Connector port="7000" protocol="HTTP/1.1" enableLookups="false" maxKeepAliveRequests="1" connectionLinger="10" /> haproxy config global log loghost local0 chroot /var/haproxy listen http_proxy :81 mode http log global option httplog option httpclose clitimeout 150000 srvtimeout 30000 contimeout 3000 balance roundrobin cookie SERVERID insert server tomcat7000 127.0.0.1:7000 cookie server00 check inter 2000

  Read the article

• How to troubleshoot web server lock-up (Debian Squeeze)

  - by Ryan

  Every once in a while, my web server slows so significantly, it seems locked up. Can't SSH in, no sites being served. It's a VPS that started out as Debian 5 which I upgraded to testing (squeeze). It's a typical LAMP set-up with the sole purpose of running a couple of wordpress sites. One time when it locked up, I got to one of the sites, but it was wordpress complaining it couldn't establish a database connection. So it seemed as if something was really chewing up the CPU and mysqld either timed out, or possibly failed and couldn't restart. But since I couldn't SSH in I feel more inclined to attribute it to CPU. But the only processes running now, aside from OS and kernel stuff: apache mysqld python (for fail2ban) sshd exim4 It has 512M of RAM and 1.5 GB of swap. Every time I check on it, it has plenty of free memory and is using virtually no swap (usually 2-3M). And since I am running fail2ban I don't think I'm getting ddosed. I did find this in my logwatch email this morning (it locked up late last night, when there would have been very little traffic): 6 Time(s): [<ffffffff810a0ebc>] ? oom_kill_process+0x7e/0x23d 6 Time(s): [<ffffffff810a1505>] ? __out_of_memory+0x12a/0x141 6 Time(s): [<ffffffff810a1586>] ? out_of_memory+0x6a/0x94 I didn't find anything else suspicious. It can't be my provider's host because I can SSH in and restart the VM, and everything seems fine. Anybody know which logs I should start poring through to find the core of my problem? Thanks guys.

  Read the article

• TS (RD) Gateway Authentication Problem "The logon attempt failed"

  - by user2059

  I've been using TS Gateway to permit remote access for our staff for a few months now, and all has been well. Users either connect to a traditional terminal server desktop or hit our website and start an TS RemoteApp application- in both cases the connection is routed through a TS Gateway. However I came into work this morning to find that has stopped authenticating users through TS Gateway, each time returning "The logon attempt failed" as seen in the image even though the credentials are correct. It should be noted that everything works fine if the Gateway is taken out of the equation, it's the TS Gateway component that is causing these problems. Users experience this problem whether they connect through XP SP3, Vista or 7. On the server a total of 4 entries appear in the Windows security log at exactly the same time for each failed logon attempt: two 4624 "An account was successfully logged on" messages for the user, immediately followed by two 4634 "An account was logged off"s. This suggests that the server is accepting the credentials as correct, then booting the user off. Nothing at all is recorded in the NPS and Terminal Server logs. A reboot doesn't change things. Neither does completely removing and reinstalling the NPS and Terminal Server roles. I'm baffled as to how this can happen suddenly without warning. Any suggestions would be greatly appreciated.

  Read the article

• KVM recommendations

  - by alex

  I recently tried out a cheaper KVM solution, a dual monitor one with a USB hub and audio/mic support. It seemed the perfect KVM. However, these are my experiences. When using my keyboard via the PS/2 connection, none of my multimedia keys work (useful, because it has a volume control and my speakers do not, only on a wireless remote control.) I plugged the keyboard in via the USB port - and it seemed to work. However, I believe to switch the hub from PC to Mac, you need to use a keyboard combo, which is only supported when the keyboard is plugged in via PS/2 Sometimes the middle mouse button doesn't work when connected via PS/2. The multi monitor is VGA - I just found out by the looks of things my Mac Mini outputs DVI Digital only (though this is my fault!). Mac works with 2 screens, but switching and switching back can cause it not to display on the 2nd screen unless I go detect displays again. My question is - is there a KVM out there that supports these features? USB keyboard and mouse inputs will full multimedia keys support Dual monitor DVI connections Hotkey to change PCs and physical button USB hub Emulate screens attached when switching to a different computer Works with PC and Mac Audio / Microphone support Does one exist, that won't cost the world? So far the only one that seems to support all this (that I can tell) is this one. UPDATE I ended up buying the Aten CS1642. It's expensive, but it seems to work great!

  Read the article

• Gmail: security warning icon

  - by Notetaker

  Hello, I just enabled some Gmail Labs programs in my Gmail account, and then I noticed the orange triangle icon with an exclamation mark in it at the end of the address bar of my Google Chrome browser. Clicking on it brought forth a "Security Information' dialog box, with the following messages: "--mail.google.com The identity of website has been verified by Thawlte SGC CA. --Your connection to mail.google.com is encrypted with 128-bit encryption. However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look or behavior of the page." I then logged into two of my other Gmail accounts, one of which has no Gmail Labs programs enabled, and the other with 1 program enabled quite some time ago, both with the same result as above (i.e., with the appearance of the orange triangle warning sign in the address bar). I don't remember seeing the orange triangle before, but I'm not sure if it has ever appeared or not. I have "Always use https" enabled for my Gmail accounts. My questions are: Is there a way to identify and remove these un-secure "resources"? (Could enabling Gmail Labs programs have brought these on?) Meanwhile, are my Gmail accounts compromised and unsafe to use? If so, what should I being doing about that now? After this problem is solved, would I need to reset the password to my Gmail accounts, and/or take any other measures to restore their security? Many thanks for answering my questions!

  Read the article

• WordPress: can't access WordPress.com and other external sites?

  - by Rax Olgud

  Hello, I recently started a WordPress blog using hosting at MyDomain (they offer the application "natively"). The blog works fine, however I have two plugins I can't seem to install correctly. First, the WordPress.com Stats plugin requires the API Key. When I input it, I get the following message: Error from last API Key attempt: Your blog was unable to connect to WordPress.com. Please ask your host for help. (transport error - could not open socket: 110 Connection timed out) Second, the Akismet plugin is not configured. When I go to Akismet page to insert my API key, it has the following message: There was a problem connecting to the Akismet server. Please check your server configuration. I assume the two issues are related... I approached my hosting provider about the subject and all they said is that they don't support WordPress, only provide means to install it. To clarify, up to this point I have only been able to install plugins that don't require an API key. What can I do to diagnose the problem and fix it? As a work-around, are there comparable stats and anti-spam plugins that don't require an API key? Many thanks.

  Read the article

• Remove Kernel Lock from Unmounted Mass Storage USB Device from the Command Line in Linux

  - by Casey

  I've searched high and low, and can't figure this one out. I have a older Olympus Camera (2001 or so). When I plug in the USB connection, I get the following log output: $ dmesg | grep sd [20047.625076] sd 21:0:0:0: Attached scsi generic sg7 type 0 [20047.627922] sd 21:0:0:0: [sdg] Attached SCSI removable disk Secondly, the drive is not mounted in the FS, but when I run gphoto2 I get the following error: $ gphoto2 --list-config *** Error *** An error occurred in the io-library ('Could not lock the device'): Camera is already in use. *** Error (-60: 'Could not lock the device') *** What command will unmount the drive. For example in Nautilus, I can right click and select "Safely Remove Device". After doing that, the /dev/sg7 and /dev/sdg devices are removed. The output of gphoto2 is then: # gphoto2 --list-config /Camera Configuration/Picture Settings/resolution /Camera Configuration/Picture Settings/shutter /Camera Configuration/Picture Settings/aperture /Camera Configuration/Picture Settings/color /Camera Configuration/Picture Settings/flash /Camera Configuration/Picture Settings/whitebalance /Camera Configuration/Picture Settings/focus-mode /Camera Configuration/Picture Settings/focus-pos /Camera Configuration/Picture Settings/exp /Camera Configuration/Picture Settings/exp-meter /Camera Configuration/Picture Settings/zoom /Camera Configuration/Picture Settings/dzoom /Camera Configuration/Picture Settings/iso /Camera Configuration/Camera Settings/date-time /Camera Configuration/Camera Settings/lcd-mode /Camera Configuration/Camera Settings/lcd-brightness /Camera Configuration/Camera Settings/lcd-auto-shutoff /Camera Configuration/Camera Settings/camera-power-save /Camera Configuration/Camera Settings/host-power-save /Camera Configuration/Camera Settings/timefmt Some things I've tried already are sdparm and sg3_utils, however I am unfamiliar with them, so it's possible I just didn't find the right command. Update 1: # mount | grep sdg # mount | grep sg7 # umount /dev/sg7 umount: /dev/sg7: not mounted # umount /dev/sdg umount: /dev/sdg: not mounted # gphoto2 --list-config *** Error *** An error occurred in the io-library ('Could not lock the device'): Camera is already in use. *** Error (-60: 'Could not lock the device') ***

  Read the article

• one way routing

  - by user101531

  I have two computers connected with VPN, and some virtual machines on each. I want everything to see each other (that is basically 4 different networked machines). What I've not managed so far is that a computer on the one end to be visible to the other end. In tracert terms: 192.168.78.42>tracert 192.168.69.18 Tracing route to WIN-2K8R2 [192.168.69.18] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 192.168.78.17 2 * * * Request timed out. 3 217 ms 78 ms 78 ms WIN-2K8R2 [192.168.69.18] Trace complete. 192.168.78.42>tracert 192.168.69.112 Tracing route to 192.168.69.112 over a maximum of 30 hops 1 <1 ms <1 ms <1 ms 192.168.78.17 2 333 ms * 337 ms WIN-2K8R2 [192.168.86.22] 3/4/5 * * * Request timed out. 6 ^C 192.168.69.18>tracert 192.168.69.112 Tracing route to 192.168.69.112 over a maximum of 30 hops 1 <1 ms <1 ms <1 ms 192.168.69.112 Trace complete. 192.168.69.112>tracert 192.168.78.42 Tracing route to 192.168.78.42 over a maximum of 30 hops 1 1 ms * <1 ms 192.168.69.18 2 79 ms 77 ms 80 ms 192.168.86.21 3 80 ms 77 ms 81 ms 192.168.78.42 Trace complete. Note: the 4 machines are 192.168.69.112 (winXP), 192.168.69.18=192.168.86.22 (win2K8R2), 192.168.86.21=192.168.78.17 (Linux), 192.168.78.42 (win2K3). The VPN is a TAP openvpn connection between 192.168.86.21 and 192.168.86.22. I would say that the problem is in the win2K8 machine, but Windows networking is my weak point.

  Read the article

• Cisco ASA Act as a Hardware Security Module?

  - by Derek

  Hello, We have a partner that is requiring us to get a HSM for a web application that we host for them. This is something new for us, we've always installed our SSL certificates on our web servers and never needed a hardware device. We currently have 2 Cisco ASA 5510 firewalls in an active/standby configuration. Both ASAs have a ASA-SSM-10 security module installed in them. The web application is a standard HTTPS webpage with no authentication required. I was wondering if we could use our Cisco ASAs to meet this requirement or if we'll have to buy another device. I was doing some searching and read about Cisco's clientless webvpn feature. It sounds like it might work, but I'm not sure. We basically want the ASA to handle the SSL and proxy the connection to our web servers. We do not want to prompt for a username or password to connect or show any portals, just display the web page. If the ASA cannot do this, does any one have any recommendations for network attached hardware security modules? We are using VMware vCenter, so we'd rather have an external device attached to the network, rather than buying HSM cards for every ESXi host. Thanks, Derek

  Read the article

• lftp cannot connecto to IIS

  - by ruyrocha

  Hello, I can not connect to IIS using lftp as you can see here: <--- 200 Language is now English, UTF-8 encoding. ---> OPTS UTF8 ON <--- 200 OPTS UTF8 command successful - UTF8 encoding now ON. ---> HOST x.x.x.x <--- 504 Server cannot accept argument. ---> USER bla <--- 331 Password required for hgtrf. ---> PASS blabla <--- 230 User logged in. ---> PWD <--- 257 "/" is current directory. ---> PBSZ 0 <--- 200 PBSZ command successful. ---> PROT P <--- 534 Policy denies SSL. ---> PASV <--- 227 Entering Passive Mode (x.x.x.x,194,118). ---- Connecting data socket to (x.x.x.x) port 49782 **** Socket error (Connection refused) - reconnecting ---> LIST ---> ABOR ---- Closing aborted data socket ---- Closing control socket I could connect, list, retrieve and send files using standard ftp command. Do you have any suggestion?

  Read the article

• Benchmarking a file server

  - by Joel Coel

  I'm working on building a new file server... a simple Windows Server box with a few terabytes of disk space to share on the LAN. Pain for current hard drive prices aside :( -- I would like to get some benchmarks for this device under load compared to our old server. The old server was installed in 2005 and had 5 136GB 10K disks in RAID 5. The new server has 8 1TB disks in two RAID 10 volumes (plus a hot spare for each volume), but they're only 7.2K rpm, and of course with a much larger cache size. I'd like to get an idea of the performance expectations of the new server relative to the old. Where do I get started? I'd like to know both raw potential under different kinds of load for each server, as well an idea of what our real-world load looks like and how it will translate. Will disk load even matter, or will performance be more driven by the network connection? I could probably fumble through some disk i/o and wait counters in performance monitor, but I don't really know what to look for, which counters to watch, or for how long and when. FWIW, I'm expecting a nice improvement because of the benefits of having two different volumes and the better RAID 10 performance vs RAID 5, in spite of using slower disks... but I'd like to get an idea of how much.

  Read the article

• iptables -P FORWARD DROP makes port forwarding slow

  - by Isaac

  I have three computers, linked like this: box1 (ubuntu) box2 router & gateway (debian) box3 (opensuse) [10.0.1.1] ---- [10.0.1.18,10.0.2.18,10.0.3.18] ---- [10.0.3.15] | box4, www [10.0.2.1] Among other things I want box2 to do nat and port forwarding, so that I can do ssh -p 2223 box2 to reach box3. For this I have the following iptables script: #!/bin/bash # flush iptables -F INPUT iptables -F FORWARD iptables -F OUTPUT iptables -t nat -F PREROUTING iptables -t nat -F POSTROUTING iptables -t nat -F OUTPUT # default default_action=DROP for chain in INPUT OUTPUT;do iptables -P $chain $default_action done iptables -P FORWARD DROP # allow ssh to local computer allowed_ssh_clients="10.0.1.1 10.0.3.15" for ip in $allowed_ssh_clients;do iptables -A OUTPUT -p tcp --sport 22 -d $ip -j ACCEPT iptables -A INPUT -p tcp --dport 22 -s $ip -j ACCEPT done # allow DNS iptables -A OUTPUT -p udp --dport 53 -m state \ --state NEW,ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p udp --sport 53 -m state \ --state ESTABLISHED,RELATED -j ACCEPT # allow HTTP & HTTPS iptables -A OUTPUT -p tcp -m multiport --dports 80,443 -j ACCEPT iptables -A INPUT -p tcp -m multiport --sports 80,443 -j ACCEPT # # ROUTING # # allow routing echo 1 >/proc/sys/net/ipv4/ip_forward # nat iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # http iptables -A FORWARD -p tcp --dport 80 -j ACCEPT iptables -A FORWARD -p tcp --sport 80 -j ACCEPT # ssh redirect iptables -t nat -A PREROUTING -p tcp -i eth1 --dport 2223 -j DNAT \ --to-destination 10.0.3.15:22 iptables -A FORWARD -p tcp --sport 22 -j ACCEPT iptables -A FORWARD -p tcp --dport 22 -j ACCEPT iptables -A FORWARD -p tcp --sport 1024:65535 -j ACCEPT iptables -A FORWARD -p tcp --dport 1024:65535 -j ACCEPT iptables -I FORWARD -j LOG --log-prefix "iptables denied: " While this works, it takes about 10 seconds to get a password promt from my ssh command. Afterwards, the connection is as responsive as could be. If I change the default policy for my FORWARD chain to "ACCEPT", then the password promt is there imediatly. I have tried analysing the logs, but I can not spot a difference in the logs for ACCEPT/DROP in my FORWARD chain. Also I have tried allowing all the unprivileged ports, as box1 uses thoses for doing ssh to box2. Any hints? (If the whole setup seems strange to you - the point of the exercise is to understand iptables ;))

  Read the article

• "Steam needs to be online to update" - 404 fetching *_osx.zip.*

  - by Chris Boyle

  Since yesterday evening, when I launch Steam on OSX, a self-update progress bar appears instead (at 0 of 30MB or so). This bar does not advance, an error dialog appears: Steam needs to be online to update Please confirm your network connection and try again. The app then exits. This happens whether wifi or ethernet or both are connected, and pings to the outside world succeed throughout. If I look at the logs in Console, they are very similar to this example (though that's not mine). Specifically: Success! http://store.steampowered.com/public/client/steam_client_osx?date=718277 [...] Failed! http://cdn.store.steampowered.com/public/client/breakpad_osx.zip.27f59114a86fcd50533e1d7b128f9300947f9969 Failed! http://cdn.store.steampowered.com/public/client/steam_osx.zip.11a99384214805f2dd3be5084ba6be61d662f8ac Failed! http://cdn.store.steampowered.com/public/client/miles_osx.zip.d9fb546541f59c1fdd03962a605236b1021abab8 Requesting the first URL successfully returns some data including the filenames of the latter three, and requesting any of those gives me a 404 (I've tried multiple clients on multiple continents). Searches on Google and Twitter show about 10-20 others having this problem in the past 24 hours, but hardly the angry mob I'd expect if the problem affected all Steam OSX users. Things that have already been tried with no effect: Switching between wifi and ethernet. Killing all Steam processes including ipcserver. Moving the ~/Library/Application Support/Steam/registry.vdf file away. Requesting those URLs with other clients and from other locations. Interesting: that first URL with the date parameter returns the same content even without that parameter (thus would lead to the same 404s) suggesting that the problem is not necessarily specific to coming from a particular currently-installed version of Steam.

  Read the article

• How to use cURL to FTPS upload to SecureTransport (hint: SITE AUTH and client certificates)

  - by Seamus Abshere

  I'm trying to connect to SecureTransport 4.5.1 via FTPS using curl compiled with gnutls. You need to use --ftp-alternative-to-user "SITE AUTH" per http://curl.haxx.se/mail/lib-2006-07/0068.html Do you see anything wrong with my client certificates? I try with # mycert.crt -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- # mykey.pem -----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY----- And it says "530 No client certificate presented": myuser@myserver ~ $ curl -v --ftp-ssl --cert mycert.crt --key mykey.pem --ftp-alternative-to-user "SITE AUTH" -T helloworld.txt ftp://ftp.example.com:9876/upload/ * About to connect() to ftp.example.com port 9876 (#0) * Trying 1.2.3.4... connected * Connected to ftp.example.com (1.2.3.4) port 9876 (#0) < 220 msn1 FTP server (SecureTransport 4.5.1) ready. > AUTH SSL < 334 SSLv23/TLSv1 * found 142 certificates in /etc/ssl/certs/ca-certificates.crt > USER anonymous < 331 Password required for anonymous. > PASS [email protected] < 530 Login incorrect. > SITE AUTH < 530 No client certificate presented. * Access denied: 530 * Closing connection #0 curl: (67) Access denied: 530 I also tried with a pk8 version... # openssl pkcs8 -in mykey.pem -topk8 -nocrypt > mykey.pk8 -----BEGIN CERTIFICATE----- ... -----END CERTIFICATE----- ...but got exactly the same result. What's the trick to sending a client certificate to SecureTransport?

  Read the article

• Disabling DNS Registration on Server 2008 R2

  - by WaldenL

  I want to tell a server 2008 R2 machine to NOT register it's IP addresses in DNS. I go into the Advanced tab on IPv4 and turn off "Register this connection's addresses in DNS" simple! But... the addresses are updated in DNS anyway! And actually the A record is eventually removed from the DNS server. I've confirmed that the checkbox is off by looking at it myself, and by checking the RegistrationEnabled registry value for that adapter. Both confirm that the registration is off. I've turned of DNS debug logging on the DNS server and I can see DNS Update requests coming from the server in question! This should not happen. What's even odder is that eventually (several hours) the A record for the server (which I added by hand!) is removed from the DNS server. I've also confirmed that scavaging is off on both DNS servers in the domain. Ideas? Edits: Per the comment: The server has static IP addresses. However, it's got two of them on one adapter. Since I'm in a VM (HyperV) environment I just spun up a second adapter and moved the second IP to the second adapter. I set the first adapter to auto-register (since that's the IP I want anyway) and the second adapter to NOT auto-register. We'll see if this is any better. Not any better. On a reboot of the server the registration was removed from DNS. Seems both cards are still contacting the server. Based on the DNS log the card that shouldn't register in DNS is registering a 'delete' request. And then the card that should register is registering an add request but that's ignored. I'm totally confused at this point.

  Read the article

• Intel Wireless 4965AGN not achieving N throughput when connected to an Airport Express N network

  - by BenA

  I have an Intel Wireless WiFi Link 4965AGN adaptor in my laptop (HP Pavillion dv2000 series) which is connecting to a 5Ghz-only 802.11n network provided by an Apple Airport Express. The network is using WPA2 encryption. My desktop is also connected the Airport, via a Linksys WUSB600N USB adaptor. Both are running with the latest drivers, and the Airport is running the latest firmware. The Airport is also configured to use wide channels. The problem I have is that I never get throughput above 4MB/s when transferring files between the two machines. Even a pessimistic calculation shows a 270Mbps network as being capable of transfer rates at well above 10MB/s. I'm pretty sure I've isolated the issue to being the Intel adaptor, as wiring the desktop to the AP, and using the Linksys adaptor on the laptop immediately yielded speeds limited by the 100MB/s ethernet connection. I know that 802.11n is still a draft standard, and so mixing kit from different manufacturers can easily lead to poor results, but I was just wondering if anybody else out there has had success with this Intel adaptor on an N network? Or even better, connecting it to an Airport Express? Can anybody give me any advice on how to troubleshoot this issue? I should also mention that the Airport Express doesn't allow you to manually specify channels when running in N mode, and that I've been able to rule out interference from other Wireless LANs by scanning. There aren't any other 5GHz networks in my area. All ideas welcome! Update: A while later, I've just updated to the most recent drivers for both the Intel chip in the laptop, and the USB adaptor. Unfortunately this hasn't improved things :(. If anybody has any advice it would be be gratefully received.

  Read the article

< Previous Page | 575 576 577 578 579 580 581 582 583 584 585 586  | Next Page >