ssl vpn - Page 87 - Developer IT

Apache2 conditional section based on port

- by Waleed Hamra

I don't know much about if statements in apache configuration, and I'm wondering if I can have a section of the configuration applied only if the request is received on a certain port. In short, this is about SSL. I have name based virtual hosts, I can make a configuration for port 80, then duplicate it all for port 443, and add the relevant SSL configurations. But this seems redundant. I was wondering if i can have something like: <VirtualHost *:80 *:443> and then I can put: <IfModule mod_ssl.c> SSLEngine on SSLCertificateFile ... SSLCertificateKeyFile ... SSLCACertificateFile ... </IfModule> inside an if statement that checks if connection is on port 443... or is such thing impossible? the server supports SNI, and I don't have any worries from non-SNI compliant browsers.

Read the article

Does Juniper Networks provide keyloggers with their software?

- by orokusaki

I noticed that I had a "USB Mass Storage Device" plugged in when there wasn't in fact anything plugged in to any USB port. I turned it off via Windows (XP), but it's quite concerning. This was after installing Juniper Networks' software for VPN access to an IT guy's stuff. I also notice there is a service called "dsNcService.exe" which apparently is sending information over the internet (even when I'm not in VPN access). The process restarts itself when I end it. Should I be worried that this software is tracking my keystrokes and broadcasting them to my IT guy?

Read the article

OSX 10.6 Cisco IPSEC strange behavior

- by tair

I'm trying to connect to Cisco IPSEC VPN of my company over DSL Internet. I managed to successfully connect using Cisco VPN Client, now I'm trying to switch to OSX 10.6 native client, because of licensing issues. The problems is that the connection fails with a dialog box containing the message: The negotiation with the VPN server failed. Verify the server address and try reconnecting. I checked logs: Jun 29 13:10:39 racoon[4551]: Connecting. Jun 29 13:10:39 racoon[4551]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1). Jun 29 13:10:39 racoon[4551]: IKEv1 Phase1 AUTH: success. (Initiator, Aggressive-Mode Message 2). Jun 29 13:10:39 racoon[4551]: IKE Packet: receive success. (Initiator, Aggressive-Mode message 2). Jun 29 13:10:39 racoon[4551]: IKEv1 Phase1 Initiator: success. (Initiator, Aggressive-Mode). Jun 29 13:10:39 racoon[4551]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 3). Jun 29 13:10:42 racoon[4551]: IKE Packet: transmit success. (Mode-Config message). Jun 29 13:10:42 racoon[4551]: IKEv1 XAUTH: success. (XAUTH Status is OK). Jun 29 13:10:42 racoon[4551]: IKE Packet: transmit success. (Mode-Config message). Jun 29 13:10:42 racoon[4551]: IKEv1 Config: retransmited. (Mode-Config retransmit). Jun 29 13:10:42 racoon[4551]: IKE Packet: receive success. (MODE-Config). Jun 29 13:10:42 configd[19]: event_callback: Address added. previous interface setting (name: en1, address: 192.168.1.107), current interface setting (name: u92.168.54.147, subnet: 255.255.255.0, destination: 192.168.54.147). Jun 29 13:10:42 configd[19]: network configuration changed. Jun 29 13:10:42 vmnet-bridge[111]: Dynamic store changed Jun 29 13:10:42 named[62]: not listening on any interfaces Jun 29 13:10:58: --- last message repeated 1 time --- Jun 29 13:10:58 configd[19]: SCNCController: Disconnecting. (Connection tried to negotiate for, 16 seconds). Jun 29 13:10:58 racoon[4551]: IKE Packet: transmit success. (Information message). Jun 29 13:10:58 racoon[4551]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA). Jun 29 13:10:58 racoon[4551]: Disconnecting. (Connection tried to negotiate for, 19.113382 seconds). Jun 29 13:10:58 named[62]: not listening on any interfaces Jun 29 13:10:58 vmnet-bridge[111]: Dynamic store changed Jun 29 13:10:58 named[62]: not listening on any interfaces Jun 29 13:10:58 configd[19]: network configuration changed. Then I opened Terminal, started pinging a server behind VPN, and tried to connect again. Now connection is OK! Logs this time: Jun 29 13:46:53 racoon[8136]: Connecting. Jun 29 13:46:53 racoon[8136]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1). Jun 29 13:46:53 racoon[8136]: IKEv1 Phase1 AUTH: success. (Initiator, Aggressive-Mode Message 2). Jun 29 13:46:53 racoon[8136]: IKE Packet: receive success. (Initiator, Aggressive-Mode message 2). Jun 29 13:46:53 racoon[8136]: IKEv1 Phase1 Initiator: success. (Initiator, Aggressive-Mode). Jun 29 13:46:53 racoon[8136]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 3). Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Mode-Config message). Jun 29 13:46:56 racoon[8136]: IKEv1 XAUTH: success. (XAUTH Status is OK). Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Mode-Config message). Jun 29 13:46:56 racoon[8136]: IKEv1 Config: retransmited. (Mode-Config retransmit). Jun 29 13:46:56 racoon[8136]: IKE Packet: receive success. (MODE-Config). Jun 29 13:46:56 configd[19]: event_callback: Address added. previous interface setting (name: en1, address: 192.168.1.107), current interface settinaddress: 192.168.54.149, subnet: 255.255.255.0, destination: 192.168.54.149). Jun 29 13:46:56 vmnet-bridge[111]: Dynamic store changed Jun 29 13:46:56 named[62]: not listening on any interfaces Jun 29 13:46:56 configd[19]: network configuration changed. Jun 29 13:46:56 named[62]: not listening on any interfaces Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1). Jun 29 13:46:56 racoon[8136]: IKE Packet: receive success. (Initiator, Quick-Mode message 2). Jun 29 13:46:56 racoon[8136]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3). Jun 29 13:46:56 racoon[8136]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode). Jun 29 13:46:56 racoon[8136]: Connected. Jun 29 13:46:56 configd[19]: SCNCController: Connected. I tested it several times and it consistently behaves the same. What is the magic?

Read the article

OpenVPN not sending traffic to internet?

- by coleifer

I've set up openvpn on my pi and am running into a small issue. I can connect to the VPN server and ping it just fine, and I can also connect to other machines on my local network. However I am unable, when connected to the VPN, to reach the outside world (either by name lookup or IP). here are the details: On the server the tun0 interface: tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 10.8.0.1 netmask 255.255.255.255 destination 10.8.0.2 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 I can ping it just fine: # ping -c 3 10.8.0.1 PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data. 64 bytes from 10.8.0.1: icmp_seq=1 ttl=64 time=0.159 ms 64 bytes from 10.8.0.1: icmp_seq=2 ttl=64 time=0.155 ms 64 bytes from 10.8.0.1: icmp_seq=3 ttl=64 time=0.156 ms --- 10.8.0.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms Routing table # ip route show default via 192.168.1.1 dev eth0 metric 204 10.8.0.0/24 via 10.8.0.2 dev tun0 10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.6 metric 204 I also have ip traffic forwarding: net.ipv4.ip_forward = 1 I do not have any custom iptables rules (that I'm aware of). On the client, I can connect to the VPN. Here is my tun0: tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 10.8.0.6 netmask 255.255.255.255 destination 10.8.0.5 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 21 bytes 1527 (1.4 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 And on the client I can ping it: sudo ping -c 3 10.8.0.6 PING 10.8.0.6 (10.8.0.6) 56(84) bytes of data. 64 bytes from 10.8.0.6: icmp_seq=1 ttl=64 time=0.035 ms 64 bytes from 10.8.0.6: icmp_seq=2 ttl=64 time=0.026 ms 64 bytes from 10.8.0.6: icmp_seq=3 ttl=64 time=0.032 ms --- 10.8.0.6 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 1998ms rtt min/avg/max/mdev = 0.026/0.031/0.035/0.003 ms I can ssh from the client into another server on my LAN (192.168.1.x), however I cannot reach anything outside my LAN. Here's some of the server logs at the bottom of this gist: https://gist.github.com/coleifer/6ef95c3008f130249933/edit I am frankly out of ideas! I don't think it's my client because both my laptop and my phone (which has an openvpn client) exhibit the same behavior. I had OpenVPN installed on this pi before using debian and it worked, so I don't think it's my router but of course anything is possible.

Read the article

In Debian, how can I route rtorrent to a certain network interface, say ppp0?

- by Timo

I have purchased a PPTP account from StrongVPN and configured the setup by these (http://pptpclient.sourceforge.net/howto-debian.phtml#configure_by_hand) instructions and now I want to have rtorrent do its communication to the Internet through this VPN tunnel. So I have a ppp0 interface, which has the VPN tunnel. What is the next step? I guess it has something to do with the routing tables? I am new to routing, so please be elementary and precise so that I understand! Thank you!

Read the article

connecting ftp server over ssl using opensource java library

- by user18257

how to connect ftp over ssl/tls using opensource java library i mean no need to use any ftp client or commercial library

Read the article

Can I have HTTPS and HTTP for a single instance of an application?

- by Sivakanesh

I'm planning a web application that will have its own server behind the corporate firewall. There will be two sets of users, internal and external to the organisation. Internal users will be located inside of the firewall as same as the application server and the external users are outside over the internet. All users will be authenticated via a login by the web application. I would like a setup where the external users will be required to access whole of the application using SSL and the internal users via standard http connection. I would like to know, if it is possible to setup a single instance the application so that it can be accessed via SSL for external (over the internet) users AND over http for internal users? Thanks

Read the article

In Debian, how can I route rtorrent to a certain network interface, say ppp0?

- by Timo

I have purchased a PPTP account from StrongVPN and configured the setup by these (http://pptpclient.sourceforge.net/howto-debian.phtml#configure_by_hand) instructions and now I want to have rtorrent do its communication to the Internet through this VPN tunnel. So I have a ppp0 interface, which has the VPN tunnel. What is the next step? I guess it has something to do with the routing tables? I am new to routing, so please be elementary and precise so that I understand! Thank you!

Read the article

How do I use a virtualbox guest machine as a gateway?

- by Igor Zinov'yev

I have a certain problem. I am working on an Ubuntu machine, but I have to use a windows 2003 server guest to connect to a Stonegate VPN to be able to manage our client's website. I have already asked if I could connect to a Stonegate VPN in Ubuntu, but so far got no answer. And I couldn't connect to it using network manager's strongswan plugin. So I want to use my guest Win2003 as a gateway to be able to SSH to the remote server. Is that possible? Thank you very much in advance, if this is possible in any way, it will save me a lot of trouble!

Read the article

Does openssl errno 104 mean that SSLv2 is disabled?

- by David

I want to check if my server has SSLv2 disabled. I am doing this by attempting to connect remotely with openssl with the following shell command. openssl s_client -connect HOSTNAME:443 -ssl2 Most literature I could find on the Internet says if I see something similar to the following error then SSLv2 is properly disabled. 29638:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428: I do get the above error when connecting to my Ubuntu server with SSLv2 disabled in Apache Apache but when I connect to my Windows Server 2008 R2 server with SSLv2 disabled in the registry I get the following output and error. CONNECTED(00000003) write:errno=104 I can't find any literature explaining this output and error. If anybody could explain to me if and why this output and error means that SSLv2 is properly disabled, I would appreciate it. Thanks!

Read the article

Internet Connectivity Issue

- by MastaChief11

Lately, I have been having issues connecting to the internet on one of my computers. The computer I am using now, however, is on the same network as the computer I am posting from. The issues seemed to randomly start about 2 days ago, and the only thing that seemed to fix the issue was to connect to Hotspot Shield VPN. I do not get any yellow warning signs by the Wi-Fi icon in the taskbar. I am sometimes able to use Google search, but I can never go to a website. I am also not able to re-install Hotspot Shield or update Flash because they have to connect to their company's servers. I have tried other VPN services just to see if it would fix anything, but as I expected, nothing changed. I am unsure of how I can fix the issue, and I appreciate all help given. I am running Windows 7 64 Bit Pro on a custom-built computer. Thanks.

Read the article

Generate a certificate with Openssl and import the same certificate using keytool

- by Safari

I have a question about the SSL during the use of CAS in LIferay. I have generate the certificate using Openssl (I flollowed this tutorial) on my CAS Server and now I would to import the certificate using keytool on the Liferay machine. To import the certificate with keytool I use this command: keytool -import -alias tomcatLiferay -file /myopensslcertificate.crt But when I import the .crt certificate file and I check the CAS connection I get the message: SSL Error. IF I try to generate the certificate using keytool (keytool -genkey...) on the CAS server end I import this certificate using keytool -import .... I can connect to the CAS server and I not see any errors... I think that I use a wrong way to generate the certificate with openssl or a wrong way to import the certificate (generated with openssl) with keytool.

Read the article

Http to https behavior for visits from Internet Explorer client

- by Emile

My website has an SSL cert (example url: https://subdomain.example.com). Under Apache it's set up for both port 80 and port 443. So under the following configuration, anyone who goes to http://subdomain.example.com is sent to https://subdomain.example.com . But for visits from Internet Explorer, the redirect doesn't happen. Instead, http visits get a "Internet Explorer cannot display the web page." with a list of client-side solutions to try. Any ideas on how to fix the config so IE visits have the same behavior as the other browsers (that is, send http to https automatically)? NameVirtualHost *:443 <VirtualHost *:80> DocumentRoot /var/www/somewebroot ServerName subdomain.example.com </VirtualHost> <VirtualHost *:443> DocumentRoot /var/www/somewebroot ServerName subdomain.example.com # SSL CERTS HERE </VirtualHost> *Tested IE8, IE9 beta

Read the article

How to turn SSLCompression off in Apache 2.4.3?

- by kumar

I have installed Apache 2.4.3(OpenSSL 1.0.0j) on a machine and trying to do SSLCompression off in the ssl.conf file throws an error: Syntax error on line 219 of /etc/httpd/conf.d/ssl.conf: Invalid command 'SSLCompression', perhaps misspelled or defined by a module not included in the server configuration What could be wrong here? If it helps, I installed mod_ssl(2.4). Is that enough or is something more to be done to configure Apache with mod_ssl. I tried phpinfo() in php, and mod_ssl is reflected in the Loaded Modules section.

Read the article

Two Routers, Two Internet (1 Open, 1 PPTP) - Routing?

- by SomeUser

Hi there, I'm trying to setup two routers - one to route specific sites to a always-on PPTP VPN connection, the other for open internet access w/ firewall. First router is connected to Internet w/ built-in firewall. Second router is connected to a PPTP VPN connection. I was going to connect a wire between the routers and would like some insight on how to get both groups of systems (connected to each router) to talk between automatically. Even better would be to setup one gateway for certain sites and another for general Internet. The other option is to default all sites to the net and shoot others to the gateway or vice versa... Any insight so I can get a better grasp of this? Thanks!

Read the article

Accept incoming L2TP connections on Windows 7

- by Greg

Windows 2003 can be configured as a VPN server that uses L2TP with a preshared key. Windows 7 can be configured to accept incoming VPN connections, presumably using PPTP. Is there a way to configure Windows 7 to accept incoming L2TP connections? The configuration settings for incoming connections is extremely sparse; I don't see any place to enter a preshared key or specify the protocol to use. Perhaps it is beyond the capabilities of Win 7, but I hold out hope that I'm overlooking some Group Policy settings or registry edits that allow it.

Read the article

Network topology question

- by Asbie

We currently have three networks, X.X.163.1, X.X.93.1 and 192.168.1.1. Today's setup is like this: http://i.imgur.com/tkKWy.jpg We now have PPT VPN from internet to the X.X.163.1-network, but really need to access the files from the File Server through VPN. I am also aware that this setup is not optimal. So please, any advices on how to redesign our network? Rack servers are mostly web and db servers, with only public IP addresses.

Read the article

Using SSLv3 - Enabling Strong Ciphers Server 2008

- by Igor K

I've disabled SSLv2 and SSLv3 is on. However I cannot connect to a remote server which fails with The client and server cannot communicate, because they do not possess a common algorithm Ran an SSL check (http://www.serversniff.net/sslcheck.php) on the remote server and ours, and noticed none of the ciphers they accept we have on our server. How can this be configured? (Windows Web Server 2008) Remote Server Accepted SSL ciphers: DHE-RSA-AES256-SHA AES256-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA DHE-RSA-AES128-SHA AES128-SHA Our server by default accepts: DES-CBC3-SHA RC4-SHA RC4-MD5

Read the article

Nginx Forward SSL for single site

- by Will.brown

I have a nginx server setup and it works fine for http however i would like to bypass the proxy for https connection. I want it so that when someone goes to my ip https:// ip1 (Nginx server) it bypasses ngix and forwards all traffic to https:// ip2(webserver) i do not need ngix to do this for any ssl website just one particular website. SO Client to https:// ip1 to https:/ /ip2 to https:// ip1 to client pc I just want the nginx to not intercept the connection and forward it on and on return forward the connection to client Im guessing i do this by nat mascarade buy not exactly sure how to do it and if i will need to tell nginx to ignore ssl aswell can someone help me please this has gone me stuck

Read the article

CA and VPN setup

- by Raj

We are a small comany about 20 employees. We have some off site some i houser servers. Where should I install CA? On a domain controller or VM? can I obtain my own certificate for MS VPN? Where should I install MS vpn server? can I install on VM CA server? Do I need to open any ports on Firewall? Please send me or direct me to a web site where I can get setip by step installation instructions. Thanks.

Read the article

How to enable (disable) PPTP multi login (of a same account) on Linux?

- by Cheng

I know there is duplicate-cn for OpenVPN. What's the similar setting in PPP based VPN?

Read the article

How to handle user accounts for many sites running on same server

- by Simon Courtenage

Background to this question: I want to host multiple e-commerce sites on the same server, each with their own separate customer login application. Each site's login application needs to be secured by SSL. I'm unsure how best to handle this. For example, do I need to acquire a separate SSL certificate for each site (in which case, how do I do this dynamically, as the sites are created), or do I handle this using ONE login gateway-style application, which handles it on behalf of all the sites via a kind of transparent redirect? I'd be grateful for any pointers or advice. Thanks.

Read the article

Naming standard for additional A records/IP addresses for IIS servers?

- by serialhobbyist

When you're adding another IP address to and IIS server, what naming standards do you use for the A records? Background: I've a bunch of sites on an IIS server which use (CNAME'd) host-headers and a single IP address. Server names (and A records) adhere to unfriendly (as in difficult-to-remember) naming standards whereas CNAMEs, and therefore host-headers, can be friendly. Now I've a need for several SSL certificates for different sites. I was thinking about using an additional IP address for each to-be-SSL'd site but still using friendly CNAMEs. So then I come to what to call the A record. What do you do? Related to this question.

Read the article

HTTP traffic through PIX VPN from outside site

- by fwrawx

I have a remote site with a website that only allows access from the outside IP assigned to our local PIX. I have users connecting to the local networking using a VPN that need to be able to view this remote site. I don't think this works because the packets want to come in and go out over the same (ext) interface. So I'm looking for a way to make this work using the PIX or setting up a service on a server on the local network to act as a middle-man for the HTTP requests. The remote site doesn't support setting up a VPN to our PIX. The remote website is dishing out pages over a non-standard port. Can I use squid or something similar to proxy just one site?

Read the article

Allow from referer for HTTP-basic protected SSL apache site

- by user64204

I have an apache site protected by HTTP basic authentication. The authentication is working fine. Now I would like to bypass authentication for users that are coming from a particular website by relying on the HTTP Referer header. Here is the configuration: SetEnvIf Referer "^http://.*.example\.org" coming_from_example_org <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Deny from all Allow from env=coming_from_example_org AuthName "login required" AuthUserFile /opt/http_basic_usernames_and_passwords AuthType Basic Require valid-user Satisfy Any </Directory> This is working fine for HTTP, but failing for HTTPS. My understanding is that in order to inspect the HTTP headers, the SSL handshake must be completed, but apache wants to inspect the <Directory> directives before doing the SSL handshake, even if I place them at the bottom of the configuration file. Q: How could I workaround this issue? PS: I'm not obsessed with the HTTP referer header, I could use other options that would allow users from a known website to bypass authantication.

Search Results

Search found 5390 results on 216 pages for 'ssl vpn'.

Page 87/216 | < Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94 | Next Page >

- by Waleed Hamra

- by orokusaki

- by tair

- by coleifer

- by Timo

- by user18257

- by Sivakanesh

- by Timo

- by Igor Zinov'yev

- by David

- by MastaChief11

- by Safari

- by Emile

- by kumar

- by SomeUser

- by Greg

- by Asbie

- by Igor K

- by Will.brown

- by Raj

- by Cheng

- by Simon Courtenage

- by serialhobbyist

- by fwrawx

- by user64204

< Previous Page | 83 84 85 86 87 88 89 90 91 92 93 94 | Next Page >