Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - ymangolds

Pages: [1]
1
Installation and Upgrades / 2.0 to 2.2 - Third-party modules
« on: January 14, 2012, 07:34:33 am »
In the notes for the 2.0 to 2.2 migration tool it says:
Quote
Third-party or unofficial modules

    * If you have any non-official modules installed, you have to purge them before starting the migration process.
    * You'll be able to install them again after the migration process is completed.
Does this include things like a SVN server? One of my Zentyal boxes has a bunch of non zentyal things on it like a SVN server, 2 different render management dispatchers, synergy, openfire jabber server, mumble server, MySQL server, and probably a few others I've forgotten about. If these all need purged prior to the migration, is there some kind of way to get a list of everything that's on there that I've forgotten about to make sure that I get rid of it all? Which would be a good thing to get rid of things I've tried and played with but never ended up using.  Some things like the render dispatch servers and synergy weren't simple "apt-get install" things and needed customization to make them start at boot time (which was so long ago that I forget exactly how I did it and which things needed it). Exporting the zentyal config, reformatting the machine then restoring it before migrating would solve this (would doing this restore things like users for the PDC and/or their profiles?), but things like the SVN and MySQL need to end up in the exact same state they're in currently (which I have no idea how to do that).

Also, the notes say
Quote
We strongly recommend you, if possible, to try this first on a test machine (a VM for example) restoring the configuration backup of your production server, or even better if you can clone an image of the whole disk.

 ??? Could someone point me to somewhere that explains how to do the clone the whole disk thing?

Muchos gracias  ;D

2
Installation and Upgrades / VPN, UDP, and DMZ
« on: September 12, 2009, 10:15:26 pm »
Here's my network seup:

                     Cable Modem
                             |
                             |
              Linksys WRT54GS Router
                      IP:10.0.0.1
                  DMZ:10.0.0.254
                             |
                             |
                         Ebox
             External NIC:10.0.0.254
               Internal NIC1:10.10.2.1
               Internal NIC2:10.5.1.1
              VPN network:10.10.5.x
                   /                   \
                  /                     \
     Switch for LAN           Wireless router
                                     (different then the one between the ebox and the modem)

We've more or less gotten VPN to work using TCP 1194 but it's too slow to do the things we need it for.

After reading this post: http://forum.ebox-platform.com/index.php?topic=675.0 I tried recreating the VPN server using UDP 1194. But when remote clients try to connect they get this:

Code: [Select]
Sun Sep 06 15:22:54 2009 OpenVPN 2.1_rc15 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 19 2008
Sun Sep 06 15:22:54 2009 WARNING: Make sure you understand the semantics of --tls-remote before using it (see the man page).
Sun Sep 06 15:22:54 2009 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Sep 06 15:22:54 2009 LZO compression initialized
Sun Sep 06 15:22:54 2009 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sun Sep 06 15:22:54 2009 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Sun Sep 06 15:22:54 2009 Local Options hash (VER=V4): 'd79ca330'
Sun Sep 06 15:22:54 2009 Expected Remote Options hash (VER=V4): 'f7df56b8'
Sun Sep 06 15:22:54 2009 Socket Buffers: R=[8192->8192] S=[8192->8192]
Sun Sep 06 15:22:54 2009 UDPv4 link local: [undef]
Sun Sep 06 15:22:54 2009 UDPv4 link remote: XX.XXX.XXX.XXX:1194
Sun Sep 06 15:22:55 2009 TCP/UDP: Incoming packet rejected from XX.XXX.XXX.XXX:1024[2], expected peer address: XX.XXX.XXX.XXX:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Sep 06 15:22:56 2009 TCP/UDP: Incoming packet rejected from XX.XXX.XXX.XXX:1024[2], expected peer address: XX.XXX.XXX.XXX:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Sep 06 15:22:57 2009 TCP/UDP: Incoming packet rejected from XX.XXX.XXX.XXX:1024[2], expected peer address: XX.XXX.XXX.XXX:1194 (allow this incoming source address/port by removing --remote or adding --float)
Sun Sep 06 15:22:58 2009 TCP/UDP: Incoming packet rejected from XX.XXX.XXX.XXX:1024[2], expected peer address: XX.XXX.XXX.XXX:1194 (allow this incoming source address/port by removing --remote or adding --float)

The last line continues to loop...

I tried adding "float" to the client's config file and it appears to work, except that it reconnects every 5 minutes interrupting whatever the user was doing over the vpn.
I also tried putting the client on a computer that's part of the internal LAN and everything worked fine, which leads me to believe that the router with DMZ set to the ebox is culprit. So I'm assuming that it should work fine if the ebox can be used as the router but after reading http://forum.ebox-platform.com/index.php?topic=33.0 I'm guessing that's not possible.

I've also tried adding port forwarding on 1194 to 10.0.0.254 on the router but with no luck.

Any ideas?

Pages: [1]