Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - BrunovonTroba

Pages: 1 2 3 [4]
46
Little bit old topic but can make explanation to others also.

1. You can't resolve internal IP (like 192.168.0.1) using external DNS.
If You have domain "mydomain.com" at IP address 185.11.32.40 and "www.mydomain.com" at IP address 185.11.32.41 and "ns1.mydomain.com" at IP address 185.11.32.42 then it means, that ANYONE in the world will ask about one of those addresses will get assigned IP address in return.
Example:
ping www.mydomain.com will result in pinging address 185.11.32.41
In this case, if You set "ovirt1.mydomain.com" at address 192.168.0.1 than ANYONE IN THE WORLD pinging addres "ovirt1.mydomain.com" will ping addres 192.168.0.1, but not Your's because address 192.168.0.1 exsists only in local networks. So if any person will ping that "ovirt.mydomain.com" will reach his own addres in local network (if it exists in his local network)
It is also dangerous because it reveals Your internal lan configuration to the world

2. If You have "mydomain.com" set in external DNS and the same domain You will set in Your internal Zentyal server/router
In this case ANY internal workstation/server will search subdomains on Your internal server. So if You have registered "www.mydomain.com" on external DNS and "ovirt1.mydomain.com" on internal DNS than workstation asking "ovirt.mydomain.com" will get IP address, but asking "www.mydomain.com" will get no rsult because it will not ask external DNS as internal DNS is master for him.
If You set external DNS as master, then You will not find "ovirt1.mydomain.com"

3. In local networks You can use LOCAL domain like "mylan.local" and in this case in internal network You can set "ovirt1.mylan.local". and start pinging like ping ovirt1

4. Set transparent DNS
All Your internal workstations/servers will treat Zentyal DNS as DNS cache. It reduces external DNS ask and does not reveal internal IP structure to the world (and foreign DNS owners). Do in Your DHCP delete external DNS addresses (like google's 8.8.8.8 ). Instead let Your Zentyal ask external DNS and send it to Your LAN.

47
Installation and Upgrades / Re: Remote desktop
« on: September 09, 2013, 11:36:51 am »
Hello,

We work for several years with zentyal file and printserver and it is still working fine.

I wonder if there is a software that we can use under zentyal small busines server so that we can work with remote desktop on our windows clients.
Like remote desktop with windows server and windows clients.

Thanks,
Ian

Ian
in such cases I'm using VirtualBox with Windows installed as virtual machine (You can use KVM of course)
It works fine when You don't connect too much clients (5-10 max with 6-core processor and 8GB RAM when XP Pro is installed). Additionally You can use XPUnlimited (now AADS) as software to allow multiple users to connect to this virtual machine simultanously.
You can also use Windows Server with proper number of Remote Desktop Licenes or AADS software
But if You want to connect more clients simultanously, i advice to use separate server for it and still Zentyal as firewall AND user management
User management under ZENTYAL can be set as PDC and Windows user can connect as domain member. It is also possible with Windows server WITHOUT AD installed (I manage one such site and it works fine for one year now)

48
Installation and Upgrades / Re: Port forwarding for specific IP's
« on: September 09, 2013, 11:17:21 am »
I want to say Sorry to everyone involved - the forwarding rule works PERFECTLY for specific source addres
And it did not work only because of my fault.
Today I have checked my zentyal firewall rules (source IP) and found that I was using wrong IP Address (multiwan rules).

So sorry once again.

49
Reinstalling a whole server to make portforwarding work?  :o

How is your Zentyal server situated in your network? What kind of internet connection do you use? Is there a router and/or Firewall between Zentyal and internet?
Can you access the internal webserver from Zentyal?
Do all clients have internet access from internal to external?
Can all internal clients access the internal webserver? Do they use another URL than clients from outside?

Just a bunch of questions that might help to solve your problem.
Unfortunately yes, whole server.
I have had twice this situation, and this was the only method to bring port forwarding to life.
First time there was server breakdown and after installation of new components i have had to reinstall zentyal. In this case port forwarding coul'd not work properly
Second time ZENTYAL files was broken because of unexperienced admin operations, there was no possibility to port forwarding work properly (admin only mad changes to zentyal and during packet installation turned off server :D)

50
The only methode that worked for me in that case (Zentyal 2.0 and 2.2) was fully reinstall the server (ubuntu and zentyal), any other, like uninstalling zentyal, clearing /etc/zentyal, deleting database finished with failure

51
Installation and Upgrades / Port forwarding for specific IP's
« on: August 28, 2013, 10:45:11 am »
Hello
Zentyal 2.2 with Ubuntu 10.04
I'm trying to forward ports to internal server, but only for specific external IP
Forwarding works fine for SOURCE=ANY, but when I'm setting SOURCE=OBJECT (object is external IP address pool) forwarding for this rule stops to work.
I can't also block other than OBJECT IP's in firewall because it is not blocking forwarded ports.

Thanks for any advice

52
Install Virtualbox before installing Zentyal's VM module.  During the installation of the module, it detects and uses Virtualbox automatically.  You should be able to switch by uninstalling the VM module, uninstalling KVM/QEMU, installing Virtualbox, and then reinstalling the VM module.  I tried that once just to see if it worked and had no problems.
Really worked well
But the other problem is that VirtualBox module is not creating disk image file nor I can't use existing VDI image - the message is "The hard disk image XP.vdi should be in qcow2 format"

53
It does not work :D
Try to upgrade to 2.1 first then 2.2
I could never upgrade 2.0 to 2.2, always had to install and configure fresh.
And have never time to try 2.1

54
Installation and Upgrades / Re: Bandwidth loss on WAN
« on: August 09, 2012, 10:30:56 am »
Test the speed directly from zentyal console (try download something big, like iso image from ubuntu.com using wget).
Check WAN NIC speed with ethtool.
Use IPTRAF to check, if something is not transferred during testing
If both are proper - only settings in traffic shaping can do such things

55
Few days ago I have changed logs configuration in zentyal 2.2 (working stable for few months)
The only change i did was setting log preservation to 180 days.
Then, after next logon, i have got:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, webmaster@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.


zentyal log:
Quote
2012/08/09 10:16:00 INFO> Service.pm:716 EBox::Module::Service::restartService - Restarting service for module: apache
2012/08/09 10:16:17 DEBUG> PgDBEngine.pm:192 EBox::PgDBEngine::unbufferedInsert - Error inserting data: INSERT INTO audit_sessions ( timestamp, ip, event, username) VALUES ( ?, ?, ?, ?)
ERROR:  relation "audit_sessions" does not exist
LINE 1: INSERT INTO audit_sessions ( timestamp, ip, event, username)...
                    ^
2012/08/09 10:16:17 DEBUG> PgDBEngine.pm:194 EBox::PgDBEngine::unbufferedInsert - Values: $VAR1 = [
          '2012-8-9 10:16:17',
          'xxx.xxx.xxx.xxx',
          'login',
          'xxxxxxxx'
        ];

2012/08/09 10:16:17 ERROR> PgDBEngine.pm:195 EBox::PgDBEngine::unbufferedInsert - Error inserting data: INSERT INTO audit_sessions ( timestamp, ip, event, username) VALUES ( ?, ?, ?, ?)
ERROR:  relation "audit_sessions" does not exist
LINE 1: INSERT INTO audit_sessions ( timestamp, ip, event, username)...
                    ^
Values: $VAR1 = [
          '2012-8-9 10:16:17',
          'xxx.xxx.xxx.xxx',
          'login',
          'xxxxxxxxx'
        ];

2012/08/09 10:17:01 DEBUG> PgDBEngine.pm:379 EBox::PgDBEngine::query - Error querying data: DELETE FROM audit_actions WHERE timestamp < 'Fri May 11 10:17:01 2012' , ERROR:  relation "audit_actions" does not exist
LINE 1: DELETE FROM audit_actions WHERE timestamp < 'Fri May 11 10:1...
                    ^
2012/08/09 10:17:01 DEBUG> PgDBEngine.pm:379 EBox::PgDBEngine::query - Error querying data: DELETE FROM audit_sessions WHERE timestamp < 'Fri May 11 10:17:01 2012' , ERROR:  relation "audit_sessions" does not exist
LINE 1: DELETE FROM audit_sessions WHERE timestamp < 'Fri May 11 10:...
                    ^
2012/08/09 10:17:02 DEBUG> PgDBEngine.pm:379 EBox::PgDBEngine::query - Error querying data: DELETE FROM audit_actions WHERE timestamp < 'Fri May 11 10:17:02 2012' , ERROR:  relation "audit_actions" does not exist
LINE 1: DELETE FROM audit_actions WHERE timestamp < 'Fri May 11 10:1...
                    ^
2012/08/09 10:17:02 DEBUG> PgDBEngine.pm:379 EBox::PgDBEngine::query - Error querying data: DELETE FROM audit_sessions WHERE timestamp < 'Fri May 11 10:17:02 2012' , ERROR:  relation "audit_sessions" does not exist
LINE 1: DELETE FROM audit_sessions WHERE timestamp < 'Fri May 11 10:...
                    ^
2012/08/09 10:17:03 INFO> Service.pm:716 EBox::Module::Service::restartService - Restarting service for module: events
2012/08/09 10:17:04 INFO> EventDaemon.pm:307 EBox::EventDaemon::_loadModules - EBox::Event::Dispatcher::Log loaded from registeredDispatchers
2012/08/09 10:17:05 INFO> Service.pm:716 EBox::Module::Service::restartService - Restarting service for module: events
2012/08/09 10:17:06 INFO> EventDaemon.pm:307 EBox::EventDaemon::_loadModules - EBox::Event::Dispatcher::Log loaded from registeredDispatchers

I can't restore backup configuration in this case. Searched through zentyal config files to change back the log preservation time but no luck.

56
Create 2 objects and 1 rule in firewall:
1: object "LAN" with member "LAN_IP", in field IP address 192.168.0.0/24 (all LAN subnet members with IP 192.168.0.1-254)
2: object "VPN" With member "VPN_IP", in field IP address 192.168.160.0/24 (all vpn subnet members with IP 192.168.160.1-254)
3: firewall rule in FIREWALL -> Packet filtration -> Rules for internal networks -> add new: allow source object VPN target object LAN service ANY

57
Installation and Upgrades / Re: RDP to Zentyal box??
« on: August 09, 2012, 09:56:48 am »
Yes, there is a way to use RDP to view linux desktop, but it is still using VNC as proxy to connect to user desktop.
Probably the best way is to use VNC (VINO), but it requires user to be logged to console, so You need to set automatic login on system start (security!!!) and then lock it by screen saver.

Pages: 1 2 3 [4]