Search Results

Search found 3710 results on 149 pages for 'protocol analyzer'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 73/149 | < Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >

  • Apache load balancer limits with Tomcat over AJP

    - by PAS
    Hi All, I have Apache acting as a load balancer in front of 3 Tomcat servers. Occasionally, Apache returns 503 responses, which I would like to remove completely. All 4 servers are not under significant load in terms of CPU, memory, or disk, so I am a little unsure what is reaching it's limits or why. 503s are returned when all workers are in error state - whatever that means. Here are the details: Apache config: <IfModule mpm_prefork_module> StartServers 30 MinSpareServers 30 MaxSpareServers 60 MaxClients 200 MaxRequestsPerChild 1000 </IfModule> ... <Proxy *> AddDefaultCharset Off Order deny,allow Allow from all </Proxy> # Tomcat HA cluster <Proxy balancer://mycluster> BalancerMember ajp://10.176.201.9:8009 keepalive=On retry=1 timeout=1 ping=1 BalancerMember ajp://10.176.201.10:8009 keepalive=On retry=1 timeout=1 ping=1 BalancerMember ajp://10.176.219.168:8009 keepalive=On retry=1 timeout=1 ping=1 </Proxy> # Passes thru track. or api. ProxyPreserveHost On ProxyStatus On # Original tracker ProxyPass /m balancer://mycluster/m ProxyPassReverse /m balancer://mycluster/m Tomcat config: <Server port="8005" shutdown="SHUTDOWN"> <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" /> <Listener className="org.apache.catalina.core.JasperListener" /> <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" /> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> <Service name="Catalina"> <Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> <Engine name="Catalina" defaultHost="localhost"> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> </Engine> </Service> </Server> Apache error log: [Mon Mar 22 18:39:47 2010] [error] (70007)The timeout specified has expired: proxy: AJP: attempt to connect to 10.176.201.10:8009 (10.176.201.10) failed [Mon Mar 22 18:39:47 2010] [error] ap_proxy_connect_backend disabling worker for (10.176.201.10) [Mon Mar 22 18:39:47 2010] [error] proxy: AJP: failed to make connection to backend: 10.176.201.10 [Mon Mar 22 18:39:47 2010] [error] (70007)The timeout specified has expired: proxy: AJP: attempt to connect to 10.176.201.9:8009 (10.176.201.9) failed [Mon Mar 22 18:39:47 2010] [error] ap_proxy_connect_backend disabling worker for (10.176.201.9) [Mon Mar 22 18:39:47 2010] [error] proxy: AJP: failed to make connection to backend: 10.176.201.9 [Mon Mar 22 18:39:47 2010] [error] (70007)The timeout specified has expired: proxy: AJP: attempt to connect to 10.176.219.168:8009 (10.176.219.168) failed [Mon Mar 22 18:39:47 2010] [error] ap_proxy_connect_backend disabling worker for (10.176.219.168) [Mon Mar 22 18:39:47 2010] [error] proxy: AJP: failed to make connection to backend: 10.176.219.168 [Mon Mar 22 18:39:47 2010] [error] proxy: BALANCER: (balancer://mycluster). All workers are in error state [Mon Mar 22 18:39:47 2010] [error] proxy: BALANCER: (balancer://mycluster). All workers are in error state [Mon Mar 22 18:39:47 2010] [error] proxy: BALANCER: (balancer://mycluster). All workers are in error state [Mon Mar 22 18:39:47 2010] [error] proxy: BALANCER: (balancer://mycluster). All workers are in error state [Mon Mar 22 18:39:47 2010] [error] proxy: BALANCER: (balancer://mycluster). All workers are in error state [Mon Mar 22 18:39:47 2010] [error] proxy: BALANCER: (balancer://mycluster). All workers are in error state Load balancer top info: top - 23:44:11 up 210 days, 4:32, 1 user, load average: 0.10, 0.11, 0.09 Tasks: 135 total, 2 running, 133 sleeping, 0 stopped, 0 zombie Cpu(s): 0.1%us, 0.2%sy, 0.0%ni, 99.2%id, 0.1%wa, 0.0%hi, 0.1%si, 0.3%st Mem: 524508k total, 517132k used, 7376k free, 9124k buffers Swap: 1048568k total, 352k used, 1048216k free, 334720k cached Tomcat top info: top - 23:47:12 up 210 days, 3:07, 1 user, load average: 0.02, 0.04, 0.00 Tasks: 63 total, 1 running, 62 sleeping, 0 stopped, 0 zombie Cpu(s): 0.2%us, 0.0%sy, 0.0%ni, 99.8%id, 0.1%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 2097372k total, 2080888k used, 16484k free, 21464k buffers Swap: 4194296k total, 380k used, 4193916k free, 1520912k cached Catalina.out does not have any error messages in it. According to Apache's server status, it seems to be maxing out at 143 requests/sec. I believe the servers can handle substantially more load than they are, so any hints about low default limits or other reasons why this setup would be maxing out would be greatly appreciated.

    Read the article

  • SBS 2008 BPA Warnings After Migration From SBS 2003

    - by Nicholas Piasecki
    We just finished a we-know-just-enough-to-be-dangerous migration from SBS 2003 to SBS 2008, and things seem to have gone relatively smoothly. After running the SBS 2008 Best Practices Analyzer on the destination server, we've got three warning messages, and I can't tell if they're important or not. First, the easy one: SMTP Port (TCP 25 Status): The Edgetransport.exe process should listen on SMTP port 25, but that port is owned by the process. I don't think that this one is a big deal--e-mail is flowing through the SMTP connector. Since there are two spaces between "the" and "process," I'm assuming that for some reason BPA just couldn't figure out the owning process name and this is just some sloppy programming when displaying the message. (Indeed, on subsequent runs of the BPA this message goes away, and other times it comes back.) Now, two more scary sounding ones: No DNS name server records: There are no DNS name server (NS) resource records in the _msdcs sub-domain in the forward lookup zone for Windows SBS 2008. and, similarly, No DNS name server records: There are no DNS name server (NS) resource records in the _msdcs zone for Windows SBS 2008. Now for these two, everything appears to be functioning correctly--but I'm assuming this is a weird state as a result of the SBS 2003 to 2008 migration. Can anyone provide any pointers on how to fix it, or whether or not it can be safely ignored? Thanks!

    Read the article

  • How to prevent question mark cursor issue cause be Insert key when doing VNC to a mac?

    - by Sorin Sbarnea
    I found out that when I press the Insert key on the client I will block the OS X VNC server by putting it in a "help mode" where you get the question mark mouse cursor. The mouse works but I cannot use the keyboard anymore. Details: Reconnecting using VNC does not help Normal keyboard is working fine on the mac The only solution in addition to relogin was to stop the VNC server on mac using: killall OSXvnc-server After few seconds it will restart by itself and it will work. I don't like current workaround and looking for something better. Tested with these versions of the VNC client and all put the VNC server in the question mark mode, requiring service restart: Ultr@VNC 1.0.8.2 RealVNC 4.1.3 I know that the problem is caused by the different/bad implementation of the VNC protocol in the server but do you need an workaround?

    Read the article

  • Netscan detected from host

    - by Etam
    I am using Hetzner's dedicated servers. Today I have got a message: We have received information that there was an attack from your server. ----- attachment ----- ########################################################################## # Netscan detected from host ?.?.?.? # ########################################################################## time protocol src_ip src_port dest_ip dest_port --------------------------------------------------------------------------- Thu Dec 6 09:52:00 2012 TCP ?.?.?.? 52204 => 68.64.12.28 21 Thu Dec 6 09:52:00 2012 TCP ?.?.?.? 53276 => 68.64.12.29 21 Thu Dec 6 09:52:00 2012 TCP ?.?.?.? 47344 => 68.64.12.30 21 ... How can I find out what is causing the problem and how do I fix it? Thanks in advance, Etam.

    Read the article

  • Setting up a VPN connection to Amazon VPC - routing

    - by Keeno
    I am having some real issues setting up a VPN between out office and AWS VPC. The "tunnels" appear to be up, however I don't know if they are configured correctly. The device I am using is a Netgear VPN Firewall - FVS336GV2 If you see in the attached config downloaded from VPC (#3 Tunnel Interface Configuration), it gives me some "inside" addresses for the tunnel. When setting up the IPsec tunnels do I use the inside tunnel IP's (e.g. 169.254.254.2/30) or do I use my internal network subnet (10.1.1.0/24) I have tried both, when I tried the local network (10.1.1.x) the tracert stops at the router. When I tried with the "inside" ips, the tracert to the amazon VPC (10.0.0.x) goes out over the internet. this all leads me to the next question, for this router, how do I set up stage #4, the static next hop? What are these seemingly random "inside" addresses and where did amazon generate them from? 169.254.254.x seems odd? With a device like this, is the VPN behind the firewall? I have tweaked any IP addresses below so that they are not "real". I am fully aware, this is probably badly worded. Please if there is any further info/screenshots that will help, let me know. Amazon Web Services Virtual Private Cloud IPSec Tunnel #1 ================================================================================ #1: Internet Key Exchange Configuration Configure the IKE SA as follows - Authentication Method : Pre-Shared Key - Pre-Shared Key : --- - Authentication Algorithm : sha1 - Encryption Algorithm : aes-128-cbc - Lifetime : 28800 seconds - Phase 1 Negotiation Mode : main - Perfect Forward Secrecy : Diffie-Hellman Group 2 #2: IPSec Configuration Configure the IPSec SA as follows: - Protocol : esp - Authentication Algorithm : hmac-sha1-96 - Encryption Algorithm : aes-128-cbc - Lifetime : 3600 seconds - Mode : tunnel - Perfect Forward Secrecy : Diffie-Hellman Group 2 IPSec Dead Peer Detection (DPD) will be enabled on the AWS Endpoint. We recommend configuring DPD on your endpoint as follows: - DPD Interval : 10 - DPD Retries : 3 IPSec ESP (Encapsulating Security Payload) inserts additional headers to transmit packets. These headers require additional space, which reduces the amount of space available to transmit application data. To limit the impact of this behavior, we recommend the following configuration on your Customer Gateway: - TCP MSS Adjustment : 1387 bytes - Clear Don't Fragment Bit : enabled - Fragmentation : Before encryption #3: Tunnel Interface Configuration Your Customer Gateway must be configured with a tunnel interface that is associated with the IPSec tunnel. All traffic transmitted to the tunnel interface is encrypted and transmitted to the Virtual Private Gateway. The Customer Gateway and Virtual Private Gateway each have two addresses that relate to this IPSec tunnel. Each contains an outside address, upon which encrypted traffic is exchanged. Each also contain an inside address associated with the tunnel interface. The Customer Gateway outside IP address was provided when the Customer Gateway was created. Changing the IP address requires the creation of a new Customer Gateway. The Customer Gateway inside IP address should be configured on your tunnel interface. Outside IP Addresses: - Customer Gateway : 217.33.22.33 - Virtual Private Gateway : 87.222.33.42 Inside IP Addresses - Customer Gateway : 169.254.254.2/30 - Virtual Private Gateway : 169.254.254.1/30 Configure your tunnel to fragment at the optimal size: - Tunnel interface MTU : 1436 bytes #4: Static Routing Configuration: To route traffic between your internal network and your VPC, you will need a static route added to your router. Static Route Configuration Options: - Next hop : 169.254.254.1 You should add static routes towards your internal network on the VGW. The VGW will then send traffic towards your internal network over the tunnels. IPSec Tunnel #2 ================================================================================ #1: Internet Key Exchange Configuration Configure the IKE SA as follows - Authentication Method : Pre-Shared Key - Pre-Shared Key : --- - Authentication Algorithm : sha1 - Encryption Algorithm : aes-128-cbc - Lifetime : 28800 seconds - Phase 1 Negotiation Mode : main - Perfect Forward Secrecy : Diffie-Hellman Group 2 #2: IPSec Configuration Configure the IPSec SA as follows: - Protocol : esp - Authentication Algorithm : hmac-sha1-96 - Encryption Algorithm : aes-128-cbc - Lifetime : 3600 seconds - Mode : tunnel - Perfect Forward Secrecy : Diffie-Hellman Group 2 IPSec Dead Peer Detection (DPD) will be enabled on the AWS Endpoint. We recommend configuring DPD on your endpoint as follows: - DPD Interval : 10 - DPD Retries : 3 IPSec ESP (Encapsulating Security Payload) inserts additional headers to transmit packets. These headers require additional space, which reduces the amount of space available to transmit application data. To limit the impact of this behavior, we recommend the following configuration on your Customer Gateway: - TCP MSS Adjustment : 1387 bytes - Clear Don't Fragment Bit : enabled - Fragmentation : Before encryption #3: Tunnel Interface Configuration Outside IP Addresses: - Customer Gateway : 217.33.22.33 - Virtual Private Gateway : 87.222.33.46 Inside IP Addresses - Customer Gateway : 169.254.254.6/30 - Virtual Private Gateway : 169.254.254.5/30 Configure your tunnel to fragment at the optimal size: - Tunnel interface MTU : 1436 bytes #4: Static Routing Configuration: Static Route Configuration Options: - Next hop : 169.254.254.5 You should add static routes towards your internal network on the VGW. The VGW will then send traffic towards your internal network over the tunnels. EDIT #1 After writing this post, I continued to fiddle and something started to work, just not very reliably. The local IPs to use when setting up the tunnels where indeed my network subnets. Which further confuses me over what these "inside" IP addresses are for. The problem is, results are not consistent what so ever. I can "sometimes" ping, I can "sometimes" RDP using the VPN. Sometimes, Tunnel 1 or Tunnel 2 can be up or down. When I came back into work today, Tunnel 1 was down, so I deleted it and re-created it from scratch. Now I cant ping anything, but Amazon AND the router are telling me tunnel 1/2 are fine. I guess the router/vpn hardware I have just isnt up to the job..... EDIT #2 Now Tunnel 1 is up, Tunnel 2 is down (I didn't change any settings) and I can ping/rdp again. EDIT #3 Screenshot of route table that the router has built up. Current state (tunnel 1 still up and going string, 2 is still down and wont re-connect)

    Read the article

  • Network printing -- setting up and printing over network using Mac OS X

    - by crippledlambda
    I've connected a USB printer to a Mac OS X (10.4) machine -- this computer is connected to a network with a registered IP address -- and enabled sharing through the System Preferences setting (under "Shared" and "Print & Fax". Is this printer shared through the Bonjour or CUPS protocol (does it matter that I know)? How do I sent a print job to this computer (also from a 10.4 OS X machine)? It does not show up in the list of printers in the Default Network when I go to "add printer"; do I need to do anything else (on either machine)? Thanks much!

    Read the article

  • Packet loss rate with iperf and tcpdump

    - by stefita
    I tested a line for its link quality with iperf. The measured speed (UDP port 9005) was 96Mbps, which is fine, because both servers are connected with 100Mbps to the internet. On the other hand the datagram loss rate was shown to be 3.3-3.7%, which I found a little too much. Using a high-speed transfer protocol I recorded the packets on both sides with tcpdump. Than I calculated the packet loss - average 0.25%. Have anyone an explanation, where this big difference may be coming from? What is an acceptable packet loss in your opinion?

    Read the article

  • Validating SSL clients using a list of authorised certificates instead of a Certificate Authority

    - by Gavin Brown
    Is it possible to configure Apache (or any other SSL-aware server) to only accept connections from clients presenting a certificate from a pre-defined list? These certificates may be signed by any CA (and may be self-signed). A while back I tried to get client certificate validation working in the EPP system of the domain registry I work for. The EPP protocol spec mandates use of "mutual strong client-server authentication". In practice, this means that both the client and the server must validate the certificate of the other peer in the session. We created a private certificate authority and asked registrars to submit CSRs, which we then signed. This seemed to us to be the simplest solution, but many of our registrars objected: they were used to obtaining a client certificate from a CA, and submitting that certificate to the registry. So we had to scrap the system. I have been trying to find a way of implementing this system in our server, which is based on the mod_epp module for Apache.

    Read the article

  • TMG Forefront Proxy blocking internal HTTP requests

    - by Pascal
    I have TMG Forefront with Proxy installed and configured. However, whenever I make internal HTTP requested to servers on the internal network with a fully qualified dns name, the proxy denies the connection. Denied Connection FRW-02 18/03/2011 20:06:37 Log type: Web Proxy (Forward) Status: 12202 Forefront TMG denied the specified Uniform Resource Locator (URL). Rule: Default rule Source: Internal (10.50.75.21:21492) Destination: Internal (10.50.75.10:8080) Request: GET http://app-01.mydomain.com.br:9871/internalwebserver_deploy/MyServiceService.svc?wsdl Filter information: Req ID: 0a157279; Compression: client=No, server=No, compress rate=0% decompress rate=0% Protocol: http User: anonymous How can I get around this block? This is an internal call, so it should block it. If I use only http://app-01:9871/internalwebserver_deploy/MyServiceService.svc?wsdl, without the domain after the server name, then it doesn't get blocked. 10.50.75.10 is the firewall's ip, and the internal network's gateway.

    Read the article

  • How to create add Oracle Weblogic's NodeManager as a service to xinetd?

    - by Neuquino
    I'm trying to add NodeManager to start automatically when system boots In Oracle® Fusion Middleware Node Manager Administrator's Guide there is this template: # default: off # description:nodemanager as a service service nodemgrsvc { type = UNLISTED disable = no socket_type = stream protocol = tcp wait = yes user = <username> port = 5556 flags = NOLIBWRAP log_on_success += DURATION HOST USERID server = <path-to-jave>/java env = CLASSPATH=<cp> LD_LIBRARY_PATH=<ldpath> server_args = -client -DNodeManagerHome=<NMHome> <java options> <nodemanager options> weblogic.NodeManager -v } I don't know how to fill: cp ldpath java_options nodemanager options Do you have any xinetd script example to start nodemanager? Thanks in advance.

    Read the article

  • Remote Control software for Mac

    - by MarqueIV
    One of the things I like about Microsoft's RDC Client is that the resolution of the experience is set by the client and not, say, a physical monitor connected to the host, as is the case with VNC; the latter being the protocol used by Mac. This means that even though I'm connecting to a notebook with a 1280x800 physical resolution, via RDC I can run it at 2560x1600 on my 30" monitor. However, that only seems to work for RDC. Does anyone know of something I can run on the Mac that will allow me to remotely control it at a different resolution than what is physically set? TIA, Mark

    Read the article

  • Ldap ssh authentication is super slow... any way to speed it up?

    - by Johnathon
    I am running OpenSUSE. Here is the output of ssh -vvv: OpenSSH_5.8p1, OpenSSL 1.0.0c 2 Dec 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to <ipaddress> [ipaddress] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug3: Incorrect RSA1 identifier debug3: Could not load "/root/.ssh/id_rsa" as a RSA1 public key debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1 debug1: match: OpenSSH_5.1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.8 debug2: fd 3 setting O_NONBLOCK debug3: load_hostkeys: loading entries for host "ipaddress" from file "/root/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /root/.ssh/known_hosts:4 debug3: load_hostkeys: loaded 1 keys debug3: order_hostkeyalgs: prefer hostkeyalgs: [email protected],[email protected],ssh-rsa debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: [email protected],[email protected],ssh-rsa,[email protected],[email protected],[email protected],[email protected],[email protected],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[email protected] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: none,[email protected],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: none,[email protected] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 138/256 debug2: bits set: 529/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA cb:7f:ff:2e:65:28:f0:95:e6:8a:71:24:2a:67:02:2b debug3: load_hostkeys: loading entries for host "<ipaddress>" from file "/root/.ssh/known_hosts" debug3: load_hostkeys: found key type RSA in file /root/.ssh/known_hosts:4 debug3: load_hostkeys: loaded 1 keys debug1: Host '<ipaddress>' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:4 debug2: bits set: 504/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /root/.ssh/id_rsa (0xb789d5c8) debug2: key: /root/.ssh/id_dsa ((nil)) debug2: key: /root/.ssh/id_ecdsa ((nil)) debug1: Authentications that can continue: publickey,keyboard-interactive debug3: start over, passed a different list publickey,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: /root/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply It hangs here for a good 30 seconds to a minute then debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Trying private key: /root/.ssh/id_dsa debug3: no such identity: /root/.ssh/id_dsa debug1: Trying private key: /root/.ssh/id_ecdsa debug3: no such identity: /root/.ssh/id_ecdsa debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 I added PubkeyAuthentication no to the /etc/ssh/ssh_config and the /etc/ssh/sshd_config which makes it faster getting to the password prompt, but the password prompt still takes some time. Any way to fix that? Here is where the password hangs debug3: packet_send2: adding 32 (len 25 padlen 7 extra_pad 64) debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 0 debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64) debug1: Authentication succeeded (keyboard-interactive). Authenticated to ipaddress ([ipaddress]:22). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 debug2: channel 0: send open debug1: Requesting [email protected] debug1: Entering interactive session. FIXED!!!!!!!!!!!!!! What is did... In the nsswitch_conf I had ldap included in the group and passwd which slows it down a lot. Thank you everybody for your input passwd: compat group: files hosts: files dns networks: files dns

    Read the article

  • ISA 2006 refuses VPN DHCP requests as spoofing

    - by Daniel
    I'm running ISA 2006 with PPTP VPN for my AD-controlled network. DHCP is located on the ISA server itself and authentication is done by RADIUS (NPS) located on the DC. Right now my VPN clients can connect, access local DNS, and can ping ISA, the DC, and other clients. Here's where it gets weird. I noticed that despite all this, ipconfig shows the following: PPP adapter North Horizon VPN: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : North Horizon VPN Physical Address. . . . . . . . . : DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 10.42.4.7(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : 0.0.0.0 DNS Servers . . . . . . . . . . . : 10.42.1.10 NetBIOS over Tcpip. . . . . . . . : Enabled So I went over and checked my ISA logs for both DHCP requests and replies, only to find out that my VPN clients are being denied because ISA thinks its a spoof. Here's some relevant information from the log (the VPN subnet is 10.42.4.0/24): Client IP: 10.42.4.6 Destination: 255.255.255.255:67 Client Username: (blank) Protocol: DHCP (request) Action: Denied Connection Rule: (blank) Source Network: VPN Clients Destination Network: Local Host Result Code: 0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED Network Interface: 10.42.4.11 --------------------------------------------------------- Original Client IP: 10.42.4.6 Destination: 10.42.1.1 Client Username: (valid user) Protocol: PING Action: Initiated Connection Rule: Allow PING to ISA Source Network: VPN Clients Destination Network: Local Host Result Code: 0x0 ERROR_SUCCESS Network Interface: (blank) I wasn't sure what this 10.42.4.11 network interface was - it certainly wasn't something I had setup - untill I saw it in Routing and Remote Access under IP Routing General as an interface called "Internal" bound to the same IP address. I also noticed that since ISA takes blocks of 10 IP addresses from DHCP for VPN, it had reserved 10.42.4.2-11. I'm not sure if it means anything, though. Thanks for your help.

    Read the article

  • Recommended ADSL/ADSL2 router that supports PPTP VPN dial-out, 802.11n and gigabit ethernet?

    - by Throlkim
    I'm looking for a new router to provide a VPN tunnel for my home network. My plan is to pass all internet traffic over a PPTP VPN provided by the router, which should ensure that the connection stays alive and only passes traffic over that protocol. I'm normally quite a fan of Draytek routers, and their 2710n does seem to feature VPN dial-out but it lacks Gigabit ports (though I can make do with that if the VPN support is good enough). Has anyone got any suggestions or personal experience in a similar setup? I'm happy to consider anything that supports dd-wrt (as I believe that supports VPN-out, though I may be wrong). Bonus points for models available in the UK.

    Read the article

  • Why Hebrew letters in the address bar break the ARR gateway (Only With Explorer 8,9,10)?

    - by Noamway
    The ARR is working great in all browsers except Internet Explorer 8,9,10. When I paste Hebrew URL directly to the address bar it's working good, but when I surf (click on a simple href URL) from one Hebrew URL page to another Hebrew URL the ARR return me that error: "502 - Web server received an invalid response while acting as a gateway or proxy server." There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server. I checked it number of times including with HTTP analyzer and I saw that the "referer" is making all the problems and cause to that error. For example when I enter to that page: mydomain.com/somehebrewchars (mydomain.com/???? you will need Hebrew install) And click in the page on a link to: mydomain.com/somehebrewchars2 (mydomain.com/???????? you will need Hebrew install) I will get the error above and when you look at the referrer you will see something like that: mydomain.com/עמוד-× ×—×™×ª×” We use other proxies application to others projects and we don't have the same issue like that. For this example we used WIN 2008 and 2012 with ARR 2.5 and also 3 beta. Any help is welcome :-) Thanks, Noam

    Read the article

  • Error when Sending Emails

    - by dallasclark
    A client of mine keeps receiving the following email when sending mail but their emails are sent successfully. Your outgoing (SMTP) e-mail server has reported an internal error... The server responded: 451 qq read error (#4.3.0) In the mail log (/usr/local/psa/var/log/maillog) I receive the following error: /var/qmail/bin/relaylock[3152]: /var/qmail/bin/relaylock My SMTP Service is setup as followed, if this helps service smtp { socket_type = stream protocol = tcp wait = no disable = no user = root instances = UNLIMITED env = SMTPAUTH=1 server = /var/qmail/bin/tcp-env server_args = -Rt0 /var/qmail/bin/relaylock /var/qmail/bin/qmail-smtpd /var/qmail/bin/smtp_auth /var/qmail/bin/true /var/qmail/bin/cmd5checkpw /var/qmail/bin/true }

    Read the article

  • How to I set up nfs using the Drobo Unfsd app?

    - by Jan Aagaard
    How do I set up my nfs on my Drobo FS so that I can connect to it from my Mac using the NFS protocol? I have downloaded and installed Unfsd program from the DroboApps page. My exports file looks like this: /mnt/DroboFS/Shares 192.168.1.0/255.255.255.0(rw,no_root_squash) I try to connect to the share by hitting Ctrl+K in Finder and the using nfs://drobo-fs.local/Shares as server address. But when I click Connect all that happens is that the Connect to Server window flashes shortly, and well, that's all. I have tried removing the /Shares part, using /Public and casing drobo-fs.local as Drobo-FS.local, but it's all with the same result. I have also tried using /mnt/DroboFS/Shares *(rw,no_root_squash) in the exports file. I restart the service using the command ./service.sh restart.

    Read the article

  • Monit won't restart process

    - by bresc
    I just don't get it. monit behaves very strangely... check process thin with pidfile /var/run/thin.4567.pid start program = "/srv/Pusher/server start" stop program = "/srv/Pusher/server stop" if failed host 127.0.0.1 port 4567 protocol http then restart group server this is the process that should be restarted. So I tested monit and stopped the process. But it is showing only this: Process 'thin' status Does not exist monitoring status monitored data collected Wed Mar 24 01:18:55 2010 when I run "monit validate" it starts the service. Am I missing something? Thx

    Read the article

  • Can I have different ESX hosts accessing the same LUN over different protocols?

    - by Kevin Kuphal
    I currently have a cluster of two ESX 3.5U2 servers connected directly via FiberChannel to a NetApp 3020 cluster. These hosts mount four VMFS LUNs for virtual machine storage. Currently these LUNs are only made available via our FiberChannel initator in the Netapp configuration If I were to add an ESXi host to the cluster for internal IT use can I: Make the same VMFS LUNs available via the iSCSI initiator on the Netapp Connect this ESXi host to those LUNs via iSCSI Do all of this while the existing two ESX hosts are connected to those LUNs via FiberChannel Does anyone have experience with this type of mixed protocol environment, specifically with Netapp?

    Read the article

  • problem connecting to datasource defined in freetds.conf

    - by pkaeding
    I can connect successfully to my database using tsql when I bypass the freetds.conf file, like so: % TDSVER=8.0 tsql -H 10.100.102.202 -p 1086 -U sa After I enter my password, I am presented with a 1> prompt, and it is ready for my commands. However, if I try to connect using the definition in my freetds.conf file, like this: % tsql -S Millie -U sa after entering my password, it seems to be trying to generate a prompt, but it just keeps counting. I will see 1, followed by 2, etc, without ever displaying a > character. Here is what I have for my freetds.conf: [global] # TDS protocol version tds version = 8.0 text size = 64512 [Millie] host = 10.100.102.202 port = 1086 What could be causing this anomaly? If it helps, here is the output of tsql -C: % tsql -C Compile-time settings (established with the "configure" script) Version: freetds v0.82 freetds.conf directory: /usr/local/etc MS db-lib source compatibility: no Sybase binary compatibility: no Thread safety: yes iconv library: yes TDS version: 5.0 iODBC: no unixodbc: no

    Read the article

  • Mounting NFS share between OSX and Centos VM

    - by Adam
    I'm having issues mounting an NFS share I've made on my Mac host (server) from a Centos VM (client). I'm getting a permission denied error. I have this line in /etc/exports on server: /Users/adam/Sites/ 192.168.1.223(rw) and in /etc/fstab on client: 192.168.1.186:/Users/adam/Sites/ /home/adam/Sites/ nfs rw 0 0 I'm sure this is a simple configuration issue, but I've never set up NFS properly before. Extra info: # mount -v 192.168.1.186:/Users/adam/Sites/ /home/adam/Sites/ mount: no type was given - I'll assume nfs because of the colon mount.nfs: timeout set for Mon Nov 26 07:31:40 2012 mount.nfs: trying text-based options 'vers=4,addr=192.168.1.186,clientaddr=192.168.1.223' mount.nfs: mount(2): Protocol not supported mount.nfs: trying text-based options 'addr=192.168.1.186' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 192.168.1.186 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=17 mount.nfs: trying 192.168.1.186 prog 100005 vers 3 prot UDP port 958 mount.nfs: mount(2): Permission denied mount.nfs: access denied by server while mounting 192.168.1.186:/Users/adam/Sites/

    Read the article

  • Gitosis-init returns "Fatal Python error: <stdin> is a directory", why is this?

    - by Jasper Kennis
    I'm trying to get gitosis installed because I want to use Indefero and I need a deamon for the git:// protocol. However, following the instructions in the Git Pro book (http://progit.org/book/ch4-7.html) I run into trouble pretty soon. This is what happens: [x@x gitosis]# sudo -H -u git gitosis-init < /tmp/id_dsa.pub Fatal Python error: <stdin> is a directory Aborted The error is really vague to me and I didn't find anything helpful around, except that I think stdin is somehow part of C, which confuses me even more since the error is Python. I really don't understand what's going on, or where to look for clues, so I hope someone can tell me where to look next for more info on the problem. Tnx.

    Read the article

  • Lots of TIME_WAIT connections in netstat (Windows Server 2008)

    - by Rhys Causey
    I'm having some issues on a Windows 2008 server with some network connections not going through. For instance, in a web application on the server, we need to open a socket connection to another server, and this fails sometimes with the following message: Only one usage of each socket address (protocol/network address/port) is normally permitted I looked up the error, which led me to this page: http://msdn.microsoft.com/en-us/library/aa560610(v=bts.20).aspx, which indicates that it might be TCP/IP port exhaustion. When I perform netstat -n, I get tons of TIME_WAIT connections on port 80. Does anyone have any idea what could be causing this?

    Read the article

  • Tomcat 6 HTTPS connector: keep alive timeout not being respected

    - by sehugg
    I'm using Tomcat 6.0.24 on Ubuntu (JDK 1.6) with an app that does Comet-style requests on an HTTPS connector (directly against Tomcat, not using APR). I'd like to set the keep-alive to 5 minutes so I don't have to refresh my long-polling connections. Here is my config: <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="1000" keepAliveTimeout="330000" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> Unfortunately it seems that the server closes the connection after 65 seconds. The pcap from a sample session goes something like this: T=0 Client sends SYN to server, handshake etc. T=65 Server sends FIN to client T=307 Client sends FIN to server (I'm guessing the 5 minute timeout on the client is due to the HTTP lib not detecting the socket close on the server end, but in any case -- the server shouldn't be closing the connection that early) (edit: this works as expected when using the standard HTTP connector)

    Read the article

  • Network issues with DNS not being found

    - by Anriëtte Combrink
    Hi there This is exactly like how our network looks like: Single server with a network router Everything is setup, but I cannot connect our Macs under the Login Options - Join... to this server. Our server's name is Toolbox and I have tried Toolbox.local, Toolbox.private, prepended the afp:// protocol to the name, but nothing, our Macs just don't want to connect this way. Our router has DHCP and gives out all the IP addresses naturally, would I have to add Toolbox.local to the DNS on the router and like it via static internal IP to the server? Our Macs keep giving the following error while trying to join the Network Account Server: Unable to add server Could not resolve the address (2200) What am I doing wrong?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 69 70 71 72 73 74 75 76 77 78 79 80  | Next Page >