Search Results

Search found 5390 results on 216 pages for 'ssl vpn'.

Page 88/216 | < Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95 | Next Page >

Default Critique branch office setup: VPNTunnel->HQ, subnets for VOIP/PC, + several Q's

- by CHickenTaragon

We're setting up a new branch office. * ~10 users. * Each user has a VOIP phone provided by a hosted solution. * Users need access to resources on HQ (located in another state), so setting up VPN tunnel * HQ only supports certain Cisco/Juniper devices. VOIP provider only supports SonicWall, so current plan is to have two routers w/ separate subnets for VOIP vs. PC traffic. * PC's will plug into pass-thru Ethernet jacks on the VOIP phones, but the phones vs. PC's will point to different subnets. * Cable Modem is 50Mbps / 5Mbps DOCSIS 3.0 business line w/ 5 static IP's. * Each of the 2 subnets will map to one of the 5 public IP's. * May or may not also need to support a VPN tunnel with a second branch office because of a file server they have there that some in the new office use. I'm pushing to have them move the files to a server on the HQ's network so we don't have to worry about setting up an additional tunnel. Questions: Do you foresee any issues with the below set-up? Router recommendations by HQ IT staff: Cisco Router 2811, or Juniper SSG5 or SSG20. Any recommendations about these routers? We need Wi-Fi too – looks like the above routers have models that support this, any reason not to use this? Users need to be able to work from home. If so, how is authentication handled? Right now we use AD credentials for the HQ's domain, but we currently don't plan to have an AD system in the new location since it's only 10 users. We can't tie the authentication system from the new location's router to the AD system of the HQ. All the PC's that will be in the new location are currently in the existing office that is closing down, and are already joined to the domain of the HQ. Please confirm: this + the VPN tunnel will be sufficient for them to connect to authenticated resources on the HQ's network from the new location, correct? Mainly SQL servers and file servers, and a few remote desktop sessions. I'm sure I'll have some more questions, but can't think of them right now.

Read the article
Remote Desktop via VPN from Mac to Windows Vista

- by Vegar

I have some problems connecting to my office from home. I'm getting the following error message: Remote Desktop Connection cannot verify the identity of the computer that you want to connect to. Try reconnecting to the Windows-based computer, or contact our administrator. I have downloaded CoRD, and for some reason, that works okay. I can also connect from a Windows 7 running on VMWare Fusion. On Windows 7, I use SonicWall Global VPN Client, and on the Mac, I use VPN tracker, if that is related... What's going on?

Read the article
Environment variables in Weblogic Managed Server with SSL nodemanager

- by Eric Darchis

We have a C legacy application start with JNI that requires environment variables. Not java -Djava.library.path -Dvar=foo as these are purely java. I need real environment variables. When we setup our domains, we usually use the SSH method to start the node managers. This works fine and the env variables are set properly. Recently the sysadmin has decided for a few reasons to use the SSL mode for nodemanagers. The servers start but the environment variables are not set. I checked with "pargs -e" (this is a Solaris machine) that the env variable was indeed not present from the nodemanager and for the managed server. Is SSL starting the managed server without running the .sh scripts or I am missing a parameter somewhere ?

Read the article
Forwarding 80 to 443 on Nagios woes

- by Ethabelle

I perhaps just need some extra insight because I don't see where I'm going wrong. I used an SSL Cert to secure our nagios server. We want to specifically require all traffic over nagios (like 2 users, lol) to use SSL. So I thought, oh, mod_rewrite + Rewrite Rule in .htaccess, right? So I went into the DocumentRoot and did a vi .htaccess (one didn't already exist) and then I put in the following rule; RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://our.server.org/$1 [R,L] This does absolutely nothing. Does nada. Whhhyy.. Note: AllowOverride all in httpd.conf is on. Also, I verified that the module is not uncommented out ... but note, I couldn't find the mod_rewrite module installed so I copied it over from another server and placed it in modules/mod_rewrite.so . It was weird because it was enabled in the httpd.conf file, but then didn't exist in modules ... I'm a baddie :(

Read the article
Fast, reliable data transfers from/to China

- by Nils

We are a small company and we will need to transfer rather large amounts of data (10GB+ each time) between Europe and China in the near future. As many may have experienced, Internet connections to or from China can be rather unreliable and slow at times without any apparent reason. For example, while sending data to China via FTP generally works well, it can be painfully slow in the other direction. Currently, we are investigating new ways to have high transfer rates in both directions. So far we have tried: FTP (see above) FTP over VPN services (generally slower than direct connections) F2F (like Retroshare or Freenet - slow!!) Aspera (fast but expensive!) BitTorrent (unreachable end nodes, b/c of firewalls which we must not configure) We would like to try: Cloud storage (e.g. Amazon S3, Google Storage) - are those services always and reliably reachable from inside China? Point-to-Point VPN (currently not possible, b/c of the network, see above) I'd be especially grateful to hear from people who have already dealt with this kind of problem before.

Read the article
configuring Linksys WAG160N for VPN

- by surrati

is any body could advise me how to configure Linksys WAG160N for VPN for cheap and easy way.

Read the article
Windows 7 PPTP VPN problem

- by Marco Martins

Hi, I'm currently using an win 7 as an network server at my home. I've created some shared folders wich can be accessed easily from any pc on my network (win and mac computers) recently I decided to turn on the win 7 pptp to access remotely to my server from anywhere. the problem is with that on, on my router my server ip change, acording to my ipconfig on the cmd my router gets the ip from a "PPP adapter RAS (dial in)". when that happens I cannot access to the shared files over the lan on my mac, but i can connect to the vpn but again can't access to my files. (i've tried connecting to the vpn from another network and it worked, even the file share) anyone can help me? thanks

Read the article
Accessing shared resource on local computer from users of different physical location

- by Joe

Sounds like easy task to some but such a difficult task for me to do... The main requirement for this task is to setup something in offices located on different locations, so (1st question) users are able to log on to the domain without VPN when they are in one of the offices. Additionally, (2nd question)how they can log on to the domain server when they are on the road like in a starbuck, what do they have to do to connect to domain after VPN connection are successful. also it's my understanding that, we can't share resource from computers on different network segments, (3rd question)what is the best solution to bridge/combine two network segments(two office in different locations) so computers of different location can see each other. Thank you in advance for any response.

Read the article
How to connect a remote IP Phone to our VOIP Network?

- by Mistiry

We have an IP phone system in our office, and about 8 VoIP phones running on the system. We have a remote worker, who is literally states away. We'd like to connect his phone to our VoIP network, so that he has a business phone and an extension to which we could transfer calls. I was thinking, although I don't know for sure, that a pair of Cisco routers could be used in some way to make this work. I imagine a VPN solution, where I have one router connected to the phone network and the other router connected to the remote phone. Then have a site-to-site VPN set up so that the remote router... And that's where I'm stuck. I know the remote router will need to use the DHCP server of the phone system. I've never set up something like this, so I am seeking the help of the community here. What is the best way to get this remote VoIP phone RELIABLY connected to our internal VoIP network?

Read the article
Sonicwall site-to-site can not access remote network

- by vpnwizard

I have 2 SonicWall devices (tz100) in 2 different geographical locations. They are connected to each other using site-to-site vpn connection and this works just great. Device A network - 192.168.1.0/24 Device B network - 192.168.2.0/24 When I connect to one device, I can access, from my computer, anything on that specific subnet. However, I am unable to view anything, from my computer, on the other network. Is there a setting somewhere that will forward my requests to the other subnet? Example - I VPN into Device A, but would like to get to a server which is on the Device B network (192.168.2.0/24)

Read the article
Can you set up a gaming LAN using OpenVPN installed in a VMware guest OS and be playing the game on the host OS?

- by Coder

I would like to setup a gaming VPN. Ie. I have some games that work over LAN and would like to play them with people that are not on my LAN. I know I can do this with OpenVPN. My ultimate goal would be to run OpenVPN portably on my host OS and not even need any virtualization. As such i don't want to install it on my host, but i'm fine with running it portably. I'm even fine with temporarily adding registry keys, and then running a .reg file to remove these entries once i'm done. To this effect i have installed OpenVPN on a virtual machine and diffed the registry. I then manually (using a .reg file) added all the keys that seem important on my host OS and copied the installation folder of OpenVPN onto my host machine. Then i try to run openVPN GUI 1.0.3 as a test and it says "Error opening registy for reading (HKLM\SOFTWARE\OpenVPN). OpenVPN is probably not installed". I verified that that key is indeed in the registry with all subkeys and it looks correct. I have tried running the GUI as an administrator and in compatibility mode with no success. I am running Windows 7. If this fails then i would be happy with installing OpenVPN on a virtual machine in VMWare but they key is that i will be running the game installed on my host machine. The first question for this option is if this is even possible. The second is, that I can't get the VM to have internet access if I use bridging but i can if i use NAT. Is it possible to do this game VPN setup with VMWare guest OS running using NAT? Summary of questions: -Is it possible to run openVPN portably and if so what did i miss above? -If it's not possible to run it portably, then can setup a gaming LAN by installing OpenVPN in a guest OS with NAT and how can i do this? -If the above is not possible then can i install OpenVPN in a guest using bridging and if so how can i set this up with a Windows 7 host and Windows XP guest as currently i can't get the guest to be able to access the internet in bridging mode, but it working in NAT mode. -In general is there any good documentation on setting up a gaming LAN with OpenVPN (i am using 2.1.4) as i have never set up a VPN of any sort before so any help would be much appreciated. Thanks!

Read the article
Using unsigned drivers in Windows 8

- by T. Fabre

I just migrated from Windows 7 x64 to 8, but I can't get my VPN software to run anymore : the SafeNet IKE service (installed by SafeNet SoftRemoteLT GA, used by my VPN provider) cannot start anymore. I found that by default unsigned drivers are disabled on Win8, and that is what is blocking the driver. The System event log tells me that the driver (apparently, C:\WINDOWS\SysWow64\Drivers\IPSECDRV.sys ) was blocked when I try to manually start the service (SafeNet IKE Service). I get the same messages for another driver, crypto.sys found in the same folder. I tried using bcdedit to enable unsigned drivers : bcdedit /set loadoptions DDISABLE_INTEGRITY_CHECKS bcdedit /set testsigning ON After reboot, same error. I tried by booting into Win 8's test mode, same issue. Applying the code signing policy (Enabled, Ignore) does not help either. Running gpresult does show that the policy is applied. Any help welcome.

Read the article
embedded tomcat 7 behind iis 7.5 proxy ssl problems

- by user1058410

I'm using embedded tomcat 7 behind a iis 7.5 proxy server, with requests being forwarded to tomcat with arr. Everything works fine unless iis is set to require ssl. Then things like links that are generated dynamically in .jsp files on tomcat don't work right. For example if a link is supposed to point to _https://somewhere.com:443 it will be wrote as _http://somewhere.com:8080 (8080 is the port tomcat is running on). The problem seems to come from when tomcat looks at itself to build out the url it sees correctly that it is running on _http://somewhere.com:8080, but i need it to think otherwise. Does anybody know how to accomplish this without using ssl between iis and tomcat? Sorry for the underscores in front of the imaginary urls.

Read the article
Windows 2003 server RRAS on VPC

- by Saif

I'm trying to setup a L2TP VPN server(to give user access on to all my VPN instance) on a Windows 2003 instance running on my VPC. While trying to enable RRAS I'm getting error, "less than two network interfaces were detected on this machine". Eventually it's because there's only one network interface available, the which has private IP. I have elastic IP assigned to this instance as well. But RRAS can't see this. What should I do to RRAS to be able to see the interface with elastic IP?

Read the article
Unable to connect with PPTP (From Windows 8 to Ubuntu 12.10)

- by jaja

I'm trying to connect using PPTP to my VPS. At first, I got the problem that my connection (Wlan, which is what I use to connect to the Internet) goes "limited" (I can't connect to the Internet) when I connect to the VPN. Then, I used to get some long message, something like you might be trying using L2TP. Then now it's back again to the "limited" problem. What's the solution to that problem? One thing I'm not sure of is what I put as my local IP address in "sudo nano /etc/pptpd.conf" Is it 127.0.0.1? I'm following this tutorial: http://thesinclairs.gotdns.com/blog/set-up-a-pptp-vpn-on-ubuntu-server/

Read the article
No blocked ports on internal interface of ASA

- by blsub6

I have a cisco ASA 5505 with three interfaces: Internal (100), DMZ (50) and External (0). The internal has a IPSEC VPN tunnel to my internal network I couldn't log in to my domain because of all of the port restrictions and such. I tried monitoring the traffic through the interface, seeing what it's blocking and then unblocking those ports but even then it didn't work completely correctly I finally just added a rule to permit any ip traffic from any network to any network on the internal interface and, of course, it worked fine But is that good security practice? Should I be blocking ports on an interface that's internal and over a VPN with the highest security level?

Read the article
Is visiting HTTPS websites on a public hotspot secure?

- by Calmarius

It's often said that HTTPS SSL/TLS connections are encrypted and said to be secure because the communication between the server and me is encrypted (also provides server authentication) so if someone sniffs my packets, they will need zillions of years to decrypt if using brute force in theory. Let's assume I'm on a public wifi and there is a malicious user on the same wifi who sniffs every packet. Now let's assume I'm trying to access my gmail account using this wifi. My browser does a SSL/TLS handshake with the server and gets the keys to use for encryption and decryption. If that malicious user sniffed all my incoming and outgoing packets. Can he calculate the same keys and read my encrypted traffic too or even send encrypted messages to the server in my name?

Read the article
Safari, IIS and optional Client Certificates

- by Philipp

I've a ASP.Net Webapp running on IIS7.5. The Webserver is configured to accept Client Certifcates. Unfortunately Visitors with Safari Browser are unable to view the Page. Same Problem as described under the following link: http://www.mnxsolutions.com/apache/safari-providing-an-ssl-error-client-certificate-rejected%E2%80%9D-when-other-browsers-work.html Does anyone knows how to solve this? I'd really appreciate your help. edit: Seems to be the same problem: http://superuser.com/questions/231695/iis7-5-ssl-question-safari-users-get-a-prompt-of-certificate-to-select

Read the article
How to elegantly selectively exclude FreeBSD network traffic from OpenVPN interface by port

- by Polygonica

inexperienced sysadmin here. I'm planning on running a net daemon inside a FreeBSD jail through OpenVPN, but want to be able to SSH directly into the jail and use the daemon's web interface daemon without going through the VPN. As I understand it, an OpenVPN tunnel is normally set up as a default virtual internet interface, and so incoming traffic will go out on the OpenVPN interface by default (which is problematic, as this incurs latency). I thought "well, obviously, since all of this traffic is leaving on a handful of ports, I'll just redirect those to the non-VPN gateway." I've tried to look for solutions, but almost all of them involve iptables instead of ipfw (which is default for FreeBSD) and solve slightly different problems. And alternate solutions like using multiple default routes to ensure that incoming traffic on any interface is always sent out on the same interface seem far-reaching and require deep knowledge of all tools involved. Is there an elegant way of ensuring that traffic leaving on specific ports exits on a specified non-default interface using ipfw?

Read the article
How can write a mod_rewrite rule to determine if the domain is not the main domain then change https:// to http://

- by Oudin

I've set up a WordPress multi-site with a wildcard ssl for example.com to access the admin area securely. However I'm also using domain mapping to map other domains to other sites e.g. alldogs.com to alldogs.example.com. The problem is when I'm trying to access the front end of a site from and admin for a mapped domain e.g. alldogs.com by clicking "Visit Site" the Link goes to https://alldogs.com because of the forced ssl applied to the admin area. Which produces a certificate warning since the certificate is for example.com and not alldogs.com. How can write a mod_rewrite rule to determine if the url/link clicked on is not the main domain e.g. example.com then change the https:// to http:// so the site can be accessed via port 80 and not generate a certificate warning for that mapped domains

Read the article
Client-side certificates

- by walshms

My company purchased a wildcard certificate from a vendor. This certificate was successfully configured with Apache 2.2 to secure a subdomain. Everything on the SSL side works. Now I'm required to generate x509 client-side certificates to issue for this subdomain. I'm following along this page: (http://www.vanemery.com/Linux/Apache/apache-SSL.html), starting with "Creating Client Certificates for Authentication". I've generated the p12 files and successfully imported them into Firefox. When I browse to the site now, I get an error in FireFox that says "The connection to the server was reset while the page was loading." I think my problem is coming from not signing the client-side correctly. When I sign the client-side certificate, I'm using the PEM file (RapidSSL_CA_bundle.pem) from RapidSSL (who we bought the certificate from) for the -CA argument. For the -CAkey argument, I'm using the private key of the server. Is this correct?

Read the article
"Countersigning" a CA with openssl

- by Tom O'Connor

I'm pretty used to creating the PKI used for x509 authentication for whatever reason, SSL Client Verification being the main reason for doing it. I've just started to dabble with OpenVPN (Which I suppose is doing the same things as Apache would do with the Certificate Authority (CA) certificate) We've got a whole bunch of subdomains, and applicances which currently all present their own self-signed certificates. We're tired of having to accept exceptions in Chrome, and we think it must look pretty rough for our clients having our address bar come up red. For that, I'm comfortable to buy a SSL Wildcard CN=*.mycompany.com. That's no problem. What I don't seem to be able to find out is: Can we have our Internal CA root signed as a child of our wildcard certificate, so that installing that cert into guest devices/browsers/whatever doesn't present anything about an untrusted root? Also, on a bit of a side point, why does the addition of a wildcard double the cost of certificate purchase?

Read the article
OpenVPN: Single certificate authority, multiple VPNs

- by darwish

The company in which I work has a single site (I'll refer it as "Site A"). There are several private networks within site A. We have a running instance of OpenVPN which allows some employees to connect to one of the private networks in site A. We're planning to extend our facilities to another site (which I'll refer as "Site B") and we wish to connect both sites using OpenVPN. The VPN which will connect sites A to B will be a trunk link, meaning it will have access to all networks. If we use the same certificate authority for both VPN servers, this will allow the employees, which can only to one of the private networks within site A, to connect to the site-to-site link, which will give them access to all networks. Off course this is undesirable. Using 2 different certificate authorities seems like the obvious solution, but it doesn't feel right. I wounder if there's a way to maintain permission control within a single certificate authority.

Read the article
Reasonably Secure Alternative to Poptop PPTP Server for Ubuntu server and Windows clients?

- by wag2639

I have a poptp server running on a old Fedora server but I'm upgrading to an Ubuntu 10.04 server. I was wondering if there are any good, reasonable secure alternatives to poptop that in can install on our new Ubuntu server as a way to get VPN access from Windows clients (XP and 7) to get remote access into our Intranet. We only use the VPN to access files located inside the network; we do not need to use it as a proxy/gateway. I've looked into openVPN but it seemed way too complicated and I would prefer something built into Windows. A Windows 7 only solution is OK.

Read the article
HTTPS subdomain does not load site under HTTP

- by Mark Lawrence

I recently installed an SSL certificate on a subdomain following the steps at cPanel. Lets just say the domain is example.com and the subdomain is sub.example.com. I updated the userdata file for the subdomain and changed the IP address to the IP I wanted to use I updated the example.com zone file and changed the IP for the A Name for the subdomain to the IP I wanted to use Using domain tools I checked that sub.example.com resolved to the new IP which it does. I then installed an SSL certificate on example.com and then on sub.example.com When I visit http://sub.example.com I get the default Apache account screen, and when I visit https://sub.example.com I get the cPanel 404 page. If however I enter https://sub.example.com/admin (the location of my admin section) the page loads and I can login. I thought that this might be a propagation issue however as the subdomain resolves to the IP and I can reach the admin page I suspect it is not a propagation issue and possibly an incorrect zone file. Any thoughts?

Read the article

< Previous Page | 84 85 86 87 88 89 90 91 92 93 94 95 | Next Page >