Configuring Openswan(ipsec) Or Poptop(pptp) Vpn Inside VPS
May 4, 2009
I'm trying to establish a VPN server inside a Fedora 10 VPS under OpenVZ. Openswan or Poptop is preferred over OpenVPN because Windows has built-in support for these protocols.
It looks like the host node (it's actually the vps from myprohost.com) doesn't have the required kernel modules enabled(installed?). Take Poptop for example, if I run pppd after rpm installation, the output is like this:
[root@v ~]# /usr/sbin/pppd
/usr/sbin/pppd: This system lacks kernel support for PPP. This could be because
the PPP kernel module could not be loaded, or because PPP was not
included in the kernel configuration. If PPP was included as a
module, try `/sbin/modprobe -v ppp'. If that fails, check that
ppp.o exists in /lib/modules/`uname -r`/net.
See README.linux file in the ppp distribution for more details.
[root@v ~]# modprobe -v ppp
FATAL: Could not load /lib/modules/2.6.18-92.1.18.el5.028stab060.2/modules.dep: No such file or directory
And when I check for the availability of the encryption module "MPPE", I got the same result:
[root@v ~]# modprobe mppe
FATAL: Could not load /lib/modules/2.6.18-92.1.18.el5.028stab060.2/modules.dep: No such file or directory
Openswan complains about some missing kernel modules too. So what do I do? Do I tell the provider to enable these modules? Do they normally do that? Will the host node require a reboot after having done that?
What modules are required for Poptop and Openswan? And, do I need to tell them to re-enable these modules every time I rebuild my OS?
View 1 Replies
ADVERTISEMENT
Mar 5, 2008
Just wondering if anyone has come across this problem before.
My environment:
Xen VPS
128MB RAM
CentOS 4.5
I have install PPTP, and controlling via webmin. The server starts up fine, I have added a user account.
Here is the messages log after starting up PPTP:
Code:
Mar 5 15:00:56 uk2 pptpd[3562]: MGR: connections limit (100) reached, extra IP addresses ignored
Mar 5 15:00:56 uk2 pptpd[3563]: MGR: Manager process started
Mar 5 15:00:56 uk2 pptpd[3563]: MGR: Maximum of 100 connections available
Here is the messages log when trying to connect from a MS WINDOWS XP client: ....
View 2 Replies
View Related
Oct 31, 2008
I have a customer who created a subdomain and wants to redirect it to an address with pptp protocol. It doesn't seem to be working. When pointing to the subdomain, it will actually point to the designated destination IP, but it shows http instead of pptp. Am I assuming correctly that this is because you can't point to a pptp protocol in a browser?
View 5 Replies
View Related
Sep 28, 2008
I have buy a VPS from swvps ($10) with 300 MB Guarantee memory and 600 MB Burstable and 150GB B/W....
but that provider can not allow dev/ppp or dev/XXX ... only can allow TUN/TAP for OpenVPN...
I need a cheap vps for install PPTP VPN on it....
View 7 Replies
View Related
Oct 11, 2009
We have one windows VPS installed on hypervm.
Now client want to enable pptp or VPN on windows VPS?
Is it possible? And if yes...how to enable it?
View 11 Replies
View Related
Apr 23, 2007
I must add tons of subnets (in the xxx.xxx.xxx.xxx/xx format) to the IPsec policies. I am on Windows 2003 servers.
It will take forever to add them one by one...
It's almost 500 subnets.
Is there an automation script or...?
View 3 Replies
View Related
Apr 22, 2007
to configure a VPN connection between two Cisco Routers.
I have the configuration in one side but for another side I have nothing.Is any one can help me about it??Another question is :are two routers need to have a valid IP or not?
View 0 Replies
View Related
Jul 8, 2009
secure a windows server 2003 traffic.
I have one server with a small number of clients <10. The clients have dynamic IPs.
The server hosts a number of public facing websites, email, FTP and remote desktop.
What I want to do is make port 80 respond to all web requests but lock all other services down so that they only respond to my 10 clients. I was thinking some certificate or VPN solution but I've ruled VPN out as I don't have a firewall or VPN so would I be able to do this with IPSEC?
Is there quick utility that would do this or can you point me to a good example article?
View 10 Replies
View Related
Apr 22, 2008
Is it possible to use IP Security policies in Windows Server 2003 to help prevent types of DoS attacks? Today my server was attacked by a single attacker who merely connected and disconnected on open ports at an incredibly fast rate. This was enough to eat the cycles of the server processes effectively creating a DoS attack. I was hoping IPSec could help prevent this, but I'm open to use any other software as well.
View 4 Replies
View Related
Oct 9, 2006
Does anyone know how to range ban IPs using IPsec.
I can enter IPs manually but unable to ban an entire RANGE of ips
i.e. For example 172.10.10.10 - 172.1.1.999
Anyone know?
View 4 Replies
View Related
May 12, 2009
I have this nice vps, but its on linux, and I always wanted to run windows apps on the vps, because of the nice configuration. I already tried wine, but most of my windows apps don't work, cuz they require .net framework to run.
I tried to instal vmware server and virtualbox, but both of them complain about a kernel problem, they are unable to locate my kernel source, so they can't run.
I am linux newbie, and i am running on a centos 5 operating system.
Some people say its impossible to run virtualization 'inside' virtualization, but i already read some people that say its possible.
View 14 Replies
View Related
Feb 22, 2007
why this is happening?
Feb 22 04:58:31 la1092 kernel: ata2: command 0xc8 timeout, stat 0x50 host_stat 0x24
Feb 22 04:58:32 la1092 kernel: ata2: status=0x50 { DriveReady SeekComplete }
Feb 22 04:58:32 la1092 kernel: Info fld=0x2d7e, Current sdb: sense key No Sense
Feb 22 04:58:32 la1092 kernel: ata1: command 0xc8 timeout, stat 0x50 host_stat 0x24
Feb 22 04:58:32 la1092 kernel: ata1: status=0x50 { DriveReady SeekComplete }
Feb 22 04:58:32 la1092 kernel: Info fld=0x4632f99, Current sda: sense key No Sense
Feb 22 04:58:32 la1092 kernel: ata2: command 0xc8 timeout, stat 0x50 host_stat 0x24
Current setup is nginx, lighttpd and apache as web servers.
View 3 Replies
View Related
Aug 17, 2007
What would I have to add inside .htaccess to allow perl scripts to run?
View 1 Replies
View Related
Jul 27, 2008
I've been using Clearancerack for about 4 or 5 months now and feel I should write an honest review about them considering there really doesn't seem to be too many.
Ever since the start several months ago, I've had nothing but a pleasant experience working with Chris and clearancerack.
So, here we go they get a :
Setup: 10/10
The setup is stellar. The first server I ordered was up the night that I ordered it (only a few hours) all ready to go. The servers even come with a free apc remote reboot port!
Pricing: 10/10
You could not ask for more affordable pricing than that of ClearanceRack, considering the extraordinary support, network, and all around company. Their prices are cheaper than those of the highest quality competitors, yet provide even higher quality service!
Even collocation pricing is very affordable! I will probably be sending up a few nodes in the next several months.
Network: 10/10
There has not been one second of downtime in the month's that I've been there. There was an issue with the network routing once, using bandwidth suppliers that the DC has connections to, yet Clearancerack does not use. This was fixed within several hours as well.
The network consists of a BGP mix of Peer1, All Stream, Shaw Big Pipe, MCI and peering to TorIX.
Almost all of my users experience faster downloads around the globe on the ClearanceRack network, than several of the other networks we've used throughout the US.
Support: 11/10 - Yes 11...
The support is stellar. They provide 24/7 E-mail (it really is 24/7) and REAL HUMAN Phone support (you won't get the usual leave a message, unless they really are busy and cannot take your call).
At any time of day you email them, you'll have a response within minutes, even sales!
We've had one issue with one of our nodes in which Chris had to go into the datacenter to take a quick look. The issue was resolved in 30 minutes at the most.
Any requests we've made, whether it be licensing, IP allocations have all been handled extremely quickly, no matter what time of day it is.
Company:
Many times you'll hear people say, "They're great for a small scale company." Meaning, they're decent, but do have their downs that the higher scale competitors don't. Its not like that at Clearancerack. Every single thing about them is stellar, and the service is MUCH better than service I've received at various considered "higher scale and known" datacenters around the globe.
Clearancerack, ran by Chris - is ran by REAL people, wanting to make a REAL difference in the hosting market, and he/they are doing an amazing job at that.
You don't experience any poor customer service that you'll experience elsewhere. They are 100% honest with any sort of question, issue, or comment you may have. You WON'T get any of the lies, or uninformative information you receive elsewhere when an issue arises.
Personal:
Chris, I will continue to be working with you for many years to come, as I hope many of the current subscribers, and the future do to. Someone like you deserves the very best, and should GREATLY succeed in their business career. - Thank you for everything Chris! - You really know what hosting is all about.
Thats It!
Thanks for taking the time to read this review.
Generally you won't find a honest review with the ratings that I've given these guys, but THEY do deserve it, at the very least. I do not have one complaint about them as I do many other providers, and I've tried many throughout the globe.
I hope you will go ahead and try ClearanceRack for your dedicated solutions needs. They have no contracts, so you can sign up for one month, test out the service and make a final decision (although I can pretty much guarantee you will stay!)
Hostingcon:
If your going to hostingcon, check em' out! They have their own booth there!
-----------------------
View 8 Replies
View Related
Sep 16, 2008
I need several Windows VMs to test out some softwares and I plan on using virtualization technology to cut some costs.
I have a Linux(Debian Etch) dedicated server sitting to accomplish this.
Specs are Quad Core Xeon 2.13Ghz with 4GB Ram/500GB HDD.
Now if I were to choose between Xen 3.1 and VMWare Server for the virtualization technology which would provide better performance?
I tried Windows on Xen 3.1 with PV Drivers and it seemed some what slow, but I'm not sure what the case was there so I can't say which would provide better performance overall.
View 11 Replies
View Related
Nov 19, 2008
There is serious clock skew all across the 4 CTs I have put in an OpenVZ HN which runs Debian GNU/Linux, the kernel Linux is v2.6.26, waldi tree. The HN shows correct time, the CMOS RTC is bang correct.
View 7 Replies
View Related
Jun 5, 2009
I connect to my email on my dedicated cpanel/whm server by TLS/SSL (similar to instructions here: [url]..same ports, etc.)
Today I login & get a "This server's certificate expired"
But it didn't. I purchased a NEW one June 1st. Why is thunderbird grabbing my old ssl cert? The website's https:// works perfectly.
I also checked the server ssl self-signed certs and all are up to date.
View 5 Replies
View Related
Mar 22, 2007
I have a PIX501 firewall with a wireless network attached to the outside interface and our local network attached to the inside interface.
I've setup access lists to permit the wireless clients attached to the outside interface to be able to access services on our inside interfaces.
The wireless clients are on a totally seperate /24 subnet.
Now everything seems to work fine with nat statements for our local wired subnets for example wirelessClients accessing the email server etc however the wireless clients cannot access the internet.
For the wireless clients to get out onto our internet connection they have to take the following path
wirelessLaptop - CiscoAccessPoint - OutsideIntPIX501 - InsideIntPIX501 - CiscoSwitch - InsideCorporatePIX515E - OutsideCorporatePIX515E - Internet
Below is a cut of some of the PIX501 config that the wireless clients are connected to.
name 10.1.1.2 accessPoint
name 10.1.1.0 WirelessLan
name 100.100.100.1 pix515fw
object-group network WirelessLan
network-object WirelessLan 255.255.255.0
object-group network WebAccessNetwork
network-object pix515fw 255.255.255.255
object-group network InternalAccessNetwork
network-object ..All our local servers here...
object-group service WebAccessUDP udp
port-object eq domain
object-group service WebAccessTCP tcp
port-object eq www
port-object eq ftp-data
port-object eq domain
port-object eq ftp
object-group service InternalAccessUDP udp
port-object eq all our local server ports
object-group service InternalAccessTCP tcp
port-object eq all our local server ports
access-list outside_access_in permit udp object-group WirelessLan object-group InternalAccessNetwork object-group InternalAccessUDP
access-list outside_access_in permit tcp object-group WirelessLan object-group InternalAccessNetwork object-group InternalAccessTCP
access-list outside_access_in permit udp object-group WirelessLan object-group WebAccessNetwork object-group WebAccessUDP
access-list outside_access_in permit tcp object-group WirelessLan object-group WebAccessNetwork object-group WebAccessTCP
ip address outside 10.1.1.1 255.255.255.0
ip address inside 100.100.100.2 255.255.255.0
nat (outside) 0 WirelessLan 255.255.255.0 outside 0 0
static (outside,inside) accessPoint accessPoint netmask 255.255.255.255 0 0
static (inside,outside) InternalSubnet1 InternalSubnet1 netmask 255.255.255.0 0 0
access-group outside_access_in in interface outside
route inside 0.0.0.0 0.0.0.0 pix515fw 1
route inside InternalSubnet1 255.255.255.0 OurLocalRouter 1
So my question is how should I go about giving the access for the WirelessClients to be able to open web pages on the internet? For that to happen
the traffic has to pass through the outside interface on the 501 firewall out of the inside interface onto the local switch and then back out of our
main PIX515E to reach the destionation.
I'm fairly sure I'd need to modify the WebAccessNetwork access-list to permit WirelessLan to any against the port listings so thats not a problem I can change that
how I'm not entirely sure I to go about it with the NAT statements.
View 1 Replies
View Related
Jun 3, 2008
I wanted to list down all files owned by 'root' inside /home directory and all users directory inside /home/users including subfolders and everything!
the command below works but only works when executed within the working directory.
ls -l | awk '{print $3" " $9}' | grep root
View 4 Replies
View Related
Jun 4, 2008
I've got a dedicated server running my portal. Now we plan to soon launch broadcasting, where we via a webcam + microphone will broadcast (streaming WMV media) to all our members. Our members will then be able to interact with the speakers via chatting.
Now we are currently undergoing loadtesting, with our current setup, which is:
1. dedicated server+ultrafast connection=>chatting
2. home PC with static IP and 1 MBit upload=>Video+Audio Streaming
So the member requests a page from the dedicated server, which has a chat window and a windows media player. The player will retrieve the video/audio content from the home PC. This is done by the client.
Now is pretty logical to see that there will be limitations in how many connections the home pc will be able to handle.
The question is: How do i make the dedicated server get the content from the home pc (so it only serves one connection) and then get all the clients to get their video content from the dedicated server ?
I've looked into the proxy modules for the apache server, however they (forward/reverse proxy) both passes the connection on to the remote machine and thereby not doing what I want to do.
View 0 Replies
View Related
Oct 16, 2014
We are running the latest Plesk 12 under CentOS 7.
While I can see the App Owncloud as Admin in the Application Vault my users cannot see that particular app in their Application pool. They can see all other apps though. Just not Owncloud.
All resellers and customers are allowed to install everything from the pool and i selected Owncloud in the Vault already and "made it available" .. Though it is not shown.
View 7 Replies
View Related
Apr 15, 2015
I have following Warning when creating a new Domain inside a Subscriptions:
I found this Article: [URL] .....
But in my case this does not solve the Problem.
1> All permissions are right.
2> When I type command '/usr/local/psa/bin/repair --restore-vhosts-permissions' i get the answer 'Directory permissions were successfully updated.'
3> The Order of Webuser and FTPUser (as described in the article) could also not be the problem, because in my case there is only one user (There is only Webuser and no FTP-User.)
4> When typing '/usr/local/psa/bin/repair --update-vhosts-structure' I get the following error 6 times each:
Code:
[2015-04-15 21:03:30] ERR [util_exec] proc_close() failed
Error: update-vhosts-structure failed: mkdir: cannot create directory `./webroot.kk-bits.com/logs': File exists
ERROR: Cannot relink logs. Target directory '/var/www/vhosts/webroot.kk-bits.com/logs' is in invalid state.
Unable to update the structure of the home directory: an unexpected error has occurred.
update-vhosts-structure failed: mkdir: cannot create directory `./webroot.kk-bits.com/logs': File exists
ERROR: Cannot relink logs. Target directory '/var/www/vhosts/webroot.kk-bits.com/logs' is in invalid state.
To get the error 6 times seems to mean, that i have this problem with 6 Domain.
View 1 Replies
View Related
Apr 13, 2008
I have IIS with the default site and a site i created. it appeared to be configured correctly but even from the server if i try to "browse" any of the pages i still get "internet explorer cannot display the page" from my site and "under construction" from the IIS default site.
View 7 Replies
View Related
Oct 21, 2008
I have a machine which runs on Desktop board with 1 LAN port built in.
I just bought a new USB-LAN and plug into the USB but I have question about how to configure it. I cannot see eth1 inside /etc/sysconfig/network-scripts, so where can I configure USB LAN?
View 3 Replies
View Related
Jun 2, 2014
I like to create some service plans using the cli-tools, /usr/local/psa/bin/service_plan.I am able to create a service plan, but I'm unable to create a service plan inside a reseller plan. For example I cannot "tell" the service_plan script to add the created serviceplan to a reseller plan. Is it possible to create a serviceplan inside a reseller plan, using the cli?
View 4 Replies
View Related
Jan 22, 2007
I got dedicated server with plesk 7.8 installed on it. Can anybody tell me what to do next to add new website.
I have ip through which i can login to plesk control panel.
I want to know how can i create name servers which i will use for my domains like ns1.abc.com ns2.abc.com.
What setting i need to create by use DNS button in control panel to run my sites properly.
View 1 Replies
View Related
Dec 28, 2006
I'm over here trying to rebuild php with GD in WHM, I go through the entire motion of Apache Update (with GD selected as a PHP Module) and ummmm... after it's done, I check my phpinfo() and there is no GD section, let alone has the build date been changed.
View 9 Replies
View Related
