Displaying 20 results from an estimated 6000 matches similar to: "Avoid some hosts/networks to see each other"
2017 Jul 10
3
Some tinc clatifications
Hi all,
I'm currently happily using tinc in my networks.
I also use OpenVPN based on the customer requirements.
I though have some questions which I could not find a clear answer.
What I'd like to know is:
1. How to revoke a "node", simply removing the host file on the servers
is enough? And one created by invitation?
2. Is there a way to let tinc ask for a username/password
2003 Jan 09
2
AW: How do I configure 2 static net2net VPNs ov er one interface ipsec0?
Hi,
Problem:
I want 2 vpn tunnels for 2 subnets over one interface ipsec0.
Documentation only describes config for 1 vpn or road warriors.
I defined 2 vpn zones ''fre'' and ''swe''.
#ZONE DISPLAY COMMENTS
net Net Internet zone
loc Local Local
fre VPN_Fre VPN Fre
swe VPN_Swe VPN Swe
Interface ipsec0 is tunnel over eth1. Local is eth0.
ipsec0 serves 2 zones: fre
2014 Dec 29
6
Samba4 and sssd, keytab file expires?
Hi all.
I have the following setup:
1st dc is on CentOS 6 with Sernet samba 4.1.13
2nd dc is on Debian 7 with Sernet samba 4.1.13
The 2 dc work as expected.
on CentOS I was able to configure sssd to work
on Debian I'm using winbind
Now I have a 3rd server which is CentOS 7 with samba 4.1.1 from CentOS
repository.
This system serves as a file server and works ok with samba, but I have
a
2012 Jul 05
5
Netbios over VPN
I am attempting to utilize BackupPC on a Fedora 14 server to backup a remote client.
As I understand, it's primary mechanism for finding clients is performing a nmblookup <clientname>
This works fine for computers connected to the local network.
My issue is extending ?Samba's? search to encompass our other network - the point-to-point VPNs
Using OpenVPN, we have a number of road
2016 Mar 13
2
Fwd: How to avoid friends of friends joining the vpn ?
Tinc 1.0
3 control masters
Many service hosts
Laptop (road warrior)
The control masters have the public keys for the service hosts and the
laptop so that they can join the network.
How can I prevent the laptop user to connect additional boxes to the
network?
In my view he can simply add new 'foreign' hosts and specify connectTo to
point to the laptop.
As keys are exchanged automatically
2002 Sep 29
7
[Fwd: Building custom _updown script for freeswan to make it talk with shorewall]
Tuomo Soini wrote:
> You don''t happen to read shorewall-devel mailinglist ?
I read it -- I just didn''t know what to make of your post and it arrived
while I was on vacation.
What exactly are you trying to accomplish that Shorewall isn''t doing for
you now?
e.g.
/etc/shorewall/zones
rw Roadwarriors Road Warriors
/etc/shorewall/interfraces
rw ipsec+
2015 May 05
2
Local routes passed to subnet-up
Hi all,
I'm experiencing a strange problem.
I have setup 2 gateways which are behind a NAT router.
They are configured in Route mode and have the ips 10.0.0.1/32 and
10.0.0.2/32 on the tinc interface
The also have subnets (192.168.1.0/24 and 192.168.2.0/24 respectively).
Now the odd thing is that when the VPN comes up they both also add the
local subnet to their routes on the tinc
2015 Jan 01
0
Samba4 and sssd, keytab file expires?
Hi,
The short answer to this is that Samba changes the machine account password
every 7 days with the default settings.
As you were told, if you join the domain with "kerberos method = secrets
and keytab" on you smb.conf, the generated keytab won't expire.
Another workaround would be to set "machine password timeout = 0"
Best regards.
On Mon, Dec 29, 2014 at 2:29 PM,
2013 Jul 02
2
multiple VPN zones
Hi,
I had a look at this page which describes a single VPN zone called "vpn":
http://www.shorewall.net/IPSEC-2.6.html
Is this the most current information? It is the top page found by
Google for "shorewall ipsec"
Is there any information about setting up multiple VPN zones for
different classes of road warrior? E.g. lets say there are two classes
of road warrior:
2009 Oct 30
4
[IAX] Recommended soft- and hardphones?
Hello
Since SIP/RTP is a pain to use with road warriors who need to connect
from any location over the Internet, I'd like to get them some IAX
phones instead.
For those of you using this protocol instead of SIP, what would you
recommend as IAX hardphones and Windows (and ideally Mac) softphones?
Thank you.
2018 Apr 22
4
Reconstructing files from shards
Il dom 22 apr 2018, 10:46 Alessandro Briosi <ab1 at metalit.com> ha scritto:
> Imho the easiest path would be to turn off sharding on the volume and
> simply do a copy of the files (to a different directory, or rename and
> then copy i.e.)
>
> This should simply store the files without sharding.
>
If you turn off sharding on a sharded volume with data in it, all sharded
2005 Mar 13
4
Bridging Firewall with windows OpenVPN road warriors?
I have previously set up an openvpn LAN to LAN bridging VPN so I know a
little about what has to happen. The gateways on either ends were
running older version of shorewall that did not support openvpn directly
so I just basically opened ports for it and used bridging with tap
interfaces. I am no longer using that vpn link to the other house but
now that i''ve upgraded I would like
2004 Apr 29
1
need help.. VPN Road Warriors
Dear Shorewall''ers
I''ve been using Shorewall for 6 month, it''s work good as i expected,
but i want to activate shorewall vpn futures , road warriors user with
dynamic ip address on thir laptop,
Can some one give me explaination, url link or sample configuration. ?
regards
reza
2002 Feb 24
2
CDROM_GetLabel error message
I recently tried to run a game called "Wizards and Warriors" using
wine version 20011108 and received the following error message:
err:cdrom:CDROM_GetLabel we don't have a way of determining the
label of a mixed mode CD - Linux doesn't allow raw access !!
I'm not quite sure I understand this message.. raw access to what?
What type of label is it looking for? Is this
2015 May 05
1
Local routes passed to subnet-up
Il 2015-05-05 13:29 Guus Sliepen ha scritto:
> On Tue, May 05, 2015 at 01:18:15PM +0200, Alessandro Briosi wrote:
>
>> Now the odd thing is that when the VPN comes up they both also add the
>> local
>> subnet to their routes on the tinc interface:
> [...]
>> the subnet-up script runs this command:
>> ip route add $SUBNET dev $INTERFACE metric $WEIGHT
2006 Feb 26
2
Skype vs. an Xlite registered to Asterisk
I have a bunch of road warriors who I've set up with Xlite clients.
Unfortunately
the sound quality has been intermittent at best. Sometimes it's great other
times completely unusable. When it's bad one usually hears harsh static
when the other party speaks or their voice gets "clipped" to static if they
speak too loudly.
Many of these users have migrated to Skype ? much
2017 Jul 11
2
Some tinc clatifications
Il 2017-07-10 18:32 Matthew Nichols ha scritto:
> 1. That entirely depends on how you have it set up (look at
> StrictSubnets and TunnelServer). It might also be recommended to have
> every node re-key itself (http://tinc-vpn.org/security/).
I've used StrictSubnets and TunnelServer (and probably will keep using
this so roadwarriors don't see eachother, though looking at the logs
2018 Sep 10
2
Folder Sync for road warriors in a Samba 4.8.x setup?
Hi All,
I know this isn't really a Samba question per se but I'm looking for some
samba-related advice.. :)
I have a very small AD DC setup (5 users) and some end-users (read:
teenargers) are now using laptops, which means they don't always have
access to the network shares configured by GPO and Logon scripts from the
Samba servers when they take the laptop to school. (The Samba
2014 Dec 31
4
Fwd: Re: Samba4 and sssd, keytab file expires?
Il 2014-12-31 16:29 Dr. Lars Hanke ha scritto:
>>> OK, you can get winbind to update your keytab, you need to alter your
>>> smb.conf slightly. You need to change 'kerberos method = secrets
>>> only'
>>> to either 'kerberos method = secrets and keytab' or 'kerberos method
>>> =
>>> system keytab' and add the line
2018 Nov 23
4
Phabricator default view
Hi weary warriors of code reviewing,
The default homepage in phabricator leaves some things to be desired IMO:
- having changes sorted by *creation time* rather than *update time* is a
fun way to lose track of things
- the LLVM-wide activity feed seems not that useful (though fun)
- as soon as a change lands, it becomes fairly hard to find
Fortunately phabricator is pretty customizable.