Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Installation and Upgrades / DNS - can i use 'network objects' ? yet?
« on: May 19, 2014, 11:50:37 pm »
hello,
could somebody please throw me a bone here..
i have to enter 80+ systems on a DNS for a 'small' network
these are mostly linux (except for the laptops - 15)
all the information has already been entered in the Network Object and it is used by the DHCP module.
but it can not be used by the DNS module.
any suggestions on how i can import/use this info that is currently in zentyal?
thanks,
could somebody please throw me a bone here..
i have to enter 80+ systems on a DNS for a 'small' network
these are mostly linux (except for the laptops - 15)
all the information has already been entered in the Network Object and it is used by the DHCP module.
but it can not be used by the DNS module.
any suggestions on how i can import/use this info that is currently in zentyal?
thanks,
2
Installation and Upgrades / VPN - zentyal to Third party
« on: May 19, 2014, 11:25:02 am »
hello,
i am trying a new setup and i would like to have all traffic to be routed through a 3rd party VPN provider.
in this case, i have http://www.earthvpn.com/setup/
there is a feature in zentyal that enable for vpn connection between 2 zentyal systems.
but i am looking for pointers on how to setup a 3rd party VPN within zentyal.
if that is not possible - what would be a viable alternative?
create a VM that connects to this 3rd party vpn and route all traffice through that?
regards,
i am trying a new setup and i would like to have all traffic to be routed through a 3rd party VPN provider.
in this case, i have http://www.earthvpn.com/setup/
there is a feature in zentyal that enable for vpn connection between 2 zentyal systems.
but i am looking for pointers on how to setup a 3rd party VPN within zentyal.
if that is not possible - what would be a viable alternative?
create a VM that connects to this 3rd party vpn and route all traffice through that?
regards,
3
Installation and Upgrades / [SOLVED] trying to install Zentyal 3 PDC - only getting errors
« on: February 24, 2013, 02:01:56 am »
hello
i have installed a plain ubuntu x64 then Zentyal as per documentation adding repositories and setting zentyal using Web-gui.
the fact is that i am using a very basic configuration for testing and even that is not working
my client system - Windows XP x64 can not join PDC.
in the client i am using the Domain to be the same as the Realm which is also the same as the DNS domain in Zentyal,
i have used this setup in the past fine but it is not working.
any suggestion?
thanks,
i have installed a plain ubuntu x64 then Zentyal as per documentation adding repositories and setting zentyal using Web-gui.
the fact is that i am using a very basic configuration for testing and even that is not working
my client system - Windows XP x64 can not join PDC.
in the client i am using the Domain to be the same as the Realm which is also the same as the DNS domain in Zentyal,
i have used this setup in the past fine but it is not working.
any suggestion?
thanks,
4
Installation and Upgrades / Can we copy Windows Controller without enabling the FileServer Module
« on: November 09, 2012, 04:49:10 pm »we have a few application that can use LDAP for authentication (and not AD - surprise!)
i would like to find out if Zentyal could be used as a Authentication proxy.
so that password are maintained through AD but we could use these Apps with LDAP authentication.
is that possible?
thanks,
5
Installation and Upgrades / Failure to install Domain Controller
« on: October 24, 2012, 07:36:43 pm »
I have installed Ubuntu 12.04 amd64 and then added Zentyal to it.
installation goes well with all modules
but when i try adding Domain Controller (File Sharing) capabilities it gives the following error:
any idea what should have gone wrong here?
searching the forum shows that there are a few entries similar to this - but no clear answer has been found (that i noticed).
thanks,
installation goes well with all modules
but when i try adding Domain Controller (File Sharing) capabilities it gives the following error:
Code: [Select]
2012/10/24 18:26:27 INFO> Base.pm:229 EBox::Module::Base::save - Restarting service for module: firewall
2012/10/24 18:26:28 INFO> Base.pm:229 EBox::Module::Base::save - Restarting service for module: samba
2012/10/24 18:26:28 INFO> Samba.pm:855 EBox::Samba::provisionAsDC - Provisioning database '/usr/bin/samba-tool domain provision --domain='DC' --workgroup='DC' --realm='LOCAL.LANDC' --dns-backend=BIND9_DLZ --use-xattrs=yes --use-rfc2307 --server-role='dc' --users='__USERS__' --host-name='MYDOMAIN' --host-ip='192.168.1.2''
2012/10/24 18:26:44 INFO> Samba.pm:876 EBox::Samba::provisionAsDC - Setting password policy
2012/10/24 18:26:45 INFO> Base.pm:229 EBox::Module::Base::save - Restarting service for module: dns
2012/10/24 18:26:46 INFO> DNS.pm:87 EBox::DNS::appArmorProfiles - Setting DNS apparmor profile
2012/10/24 18:26:48 INFO> LDB.pm:379 EBox::LDB::ldapUsersToLdb - Loading Zentyal users into samba database
2012/10/24 18:26:48 INFO> LDB.pm:406 EBox::LDB::ldapGroupsToLdb - Loading Zentyal groups into samba database
2012/10/24 18:26:48 INFO> LDB.pm:444 EBox::LDB::ldapServicePrincipalsToLdb - Loading Zentyal service principals into samba database
2012/10/24 18:26:48 ERROR> LDB.pm:152 EBox::LDB::safeConnect - Couldn't connect to samba LDAP server: , retrying
2012/10/24 18:26:53 ERROR> LDB.pm:152 EBox::LDB::safeConnect - Couldn't connect to samba LDAP server: , retrying
2012/10/24 18:26:58 ERROR> LDB.pm:152 EBox::LDB::safeConnect - Couldn't connect to samba LDAP server: , retrying
2012/10/24 18:27:04 ERROR> LDB.pm:152 EBox::LDB::safeConnect - Couldn't connect to samba LDAP server: , retrying
2012/10/24 18:27:09 ERROR> LDB.pm:152 EBox::LDB::safeConnect - Couldn't connect to samba LDAP server: , retrying
2012/10/24 18:27:14 ERROR> LDB.pm:152 EBox::LDB::safeConnect - Couldn't connect to samba LDAP server: , retrying
2012/10/24 18:27:19 DEBUG> LDB.pm:156 EBox::LDB::safeConnect - FATAL: Couldn't connect to samba LDAP server
any idea what should have gone wrong here?
searching the forum shows that there are a few entries similar to this - but no clear answer has been found (that i noticed).
thanks,
6
Installation and Upgrades / Virtual Machines Module does not check for hardware capabilities
« on: October 03, 2011, 08:15:38 pm »
hello,
virtual machines modules just creates configurations without checking for hardware configuration.
it could be that zentyal is installed on a system where virtualisation has not been enabled.
thus it should run a simple validation such as:
virtual machines modules just creates configurations without checking for hardware configuration.
it could be that zentyal is installed on a system where virtualisation has not been enabled.
thus it should run a simple validation such as:
Code: [Select]
egrep -c '(vmx|svm)' /proc/cpuinfo
7
Installation and Upgrades / video takes 100% CPU when using KVM
« on: September 16, 2011, 05:38:29 pm »
just a point which i find important
when using the iso it installs the GUI (openbox or something) and it just locks the CPU with 100% usage due to screen refreshing.
could we not have the GUI started by the user - if they want?
i know that Zentyal is target to now linux audience but having Zentyal running smoothly as a VM is surelly more important
when using the iso it installs the GUI (openbox or something) and it just locks the CPU with 100% usage due to screen refreshing.
could we not have the GUI started by the user - if they want?
i know that Zentyal is target to now linux audience but having Zentyal running smoothly as a VM is surelly more important
8
Installation and Upgrades / VPN blocking network connection between VPN clients and intranet
« on: April 27, 2011, 01:10:46 pm »
hello,
i got this installation with 2 VPN setups
VPN 1 - uses subnet 192.168.3.0/24
VPN 2 - uses subnet 192.168.121.0/24
the system also has eth0 connected to internet through a modem. And;
eth1 connected to 192.168.4.0/24
eth2 connected to 192.168.120.0/24
i am trying to allow users of VPN 1 to have access to *all* subnets and
limit users of VPN 2 to have access *only* to 192.168.120.0/24 and other users in VPN2 (192.168.121.0/24)
On the configuration page of both VPN server have chosen to 'Enable it to allow client machines of this VPN to see each other'
for VPN 1, i have added under 'List of Advertised Networks ', all subnet available
for VPN 2,i have added under 'List of Advertised Networks ', *only* subnet 192.168.120.0/24
i have also added a firewall rule in 'Filtering rules for internal networks' that block any traffic with source in either 192.168.120.0/24 OR 192.168.121.0/24 (using an network-object) with destination in either 192.168.3.0/24 OR 192.168.4.0/24 (using an network-object) .
- Here is the problem:
if i use VPN 1 and try to connect to server 192.168.4.10, it fails.
which should be available
in my laptop (client VPN), i see:
and can ping Zentyal VPN server, and access the web-gui. If i run a traceroute using the diagnosis page - i get positive results, like
but from my laptop it fails.
the only way to solve this problem (not ideal) is to enable NAT on the VPN configuration.
could someone have a suggestion on how to enable VPN clients to connect to intranet server *without* using NAT on the VPN setup?
many thanks,
Nicolas
i got this installation with 2 VPN setups
VPN 1 - uses subnet 192.168.3.0/24
VPN 2 - uses subnet 192.168.121.0/24
the system also has eth0 connected to internet through a modem. And;
eth1 connected to 192.168.4.0/24
eth2 connected to 192.168.120.0/24
i am trying to allow users of VPN 1 to have access to *all* subnets and
limit users of VPN 2 to have access *only* to 192.168.120.0/24 and other users in VPN2 (192.168.121.0/24)
On the configuration page of both VPN server have chosen to 'Enable it to allow client machines of this VPN to see each other'
for VPN 1, i have added under 'List of Advertised Networks ', all subnet available
for VPN 2,i have added under 'List of Advertised Networks ', *only* subnet 192.168.120.0/24
i have also added a firewall rule in 'Filtering rules for internal networks' that block any traffic with source in either 192.168.120.0/24 OR 192.168.121.0/24 (using an network-object) with destination in either 192.168.3.0/24 OR 192.168.4.0/24 (using an network-object) .
- Here is the problem:
if i use VPN 1 and try to connect to server 192.168.4.10, it fails.
which should be available
in my laptop (client VPN), i see:
Code: [Select]
~$ route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
80.x.x.x 10.6.6.6 255.255.255.255 UGH 0 0 0 ppp0
10.6.6.6 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.3.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0
192.168.4.0 192.168.3.1 255.255.255.0 UG 0 0 0 tap0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 ppp0
0.0.0.0 10.6.6.6 0.0.0.0 UG 0 0 0 ppp0
and can ping Zentyal VPN server, and access the web-gui. If i run a traceroute using the diagnosis page - i get positive results, like
Code: [Select]
traceroute to 192.168.3.10 (172.28.80.254), 30 hops max, 60 byte packets
1 192.168.3.10 0.164 ms 0.059 ms 0.065 ms
but from my laptop it fails.
the only way to solve this problem (not ideal) is to enable NAT on the VPN configuration.
could someone have a suggestion on how to enable VPN clients to connect to intranet server *without* using NAT on the VPN setup?
many thanks,
Nicolas
9
Installation and Upgrades / has anyone used or tested Resara.org ?
« on: April 16, 2011, 01:54:41 pm »
has anyone tested this system
http://www.resara.org/index.php/features
could you share your views about it?
thanks,
http://www.resara.org/index.php/features
could you share your views about it?
thanks,
10
Installation and Upgrades / how can i copy network objects between zentyal installations
« on: April 01, 2011, 12:35:00 pm »
hi,
could someone explain how we can copy all the network objects between zentyal installations. (trying to keep consistency)
i suppose i should copy the correct *.mas file between zentyal installation - and if so which file should i copy?
thanks,
could someone explain how we can copy all the network objects between zentyal installations. (trying to keep consistency)
i suppose i should copy the correct *.mas file between zentyal installation - and if so which file should i copy?
thanks,
11
Installation and Upgrades / problem setting up new WAN NIC - modelInstance /dhcp/RangeTable/eth*
« on: March 31, 2011, 10:53:38 am »
hi,
i have a Zentyal working as a gateway.
and i currently have 2 NICs working as External WAN
but when trying to add a third one i get this message.
i have setup the NIC as a static one - and that is fine. BUT as i click on the option to make it a WAN it gives this error message.
any suggestions?
i am trying to create a subnet that will be available only trough VPN and be completely segregated from the rest of the network.
thanks,
Nicolas
i have a Zentyal working as a gateway.
and i currently have 2 NICs working as External WAN
but when trying to add a third one i get this message.
Quote
modelInstance /dhcp/RangeTable/eth3 does not exist.
i have setup the NIC as a static one - and that is fine. BUT as i click on the option to make it a WAN it gives this error message.
any suggestions?
i am trying to create a subnet that will be available only trough VPN and be completely segregated from the rest of the network.
thanks,
Nicolas
12
Installation and Upgrades / IPTABLE Rule to allow traffic between WAN and DMZ
« on: March 29, 2011, 08:42:06 pm »
hi,
i have my systems setup in a similar fashion as described here:
http://www.cyberciti.biz/faq/linux-demilitarized-zone-howto/
where
eth0 - connected to WAN (but internally it has subnet 192.168.1.0/24)
eth1 - connected to LAN (another subnet 192.268.254.0/24)
eth2 - connected to DMZ (subnet 192.168.2.0/24) - this is where email, HTTP, FTP server are working.
on Zentyal, i have defined eth0 and eth2 as 'external WAN' .
but Zentyal intercepts all traffic which is forwarded from my router (192.168.1.1) to my HTTP server (192.168.2.2) and the only way to allow for traffic to reach my server is to add a forward rule in Zentyal.
however, that makes my HTTP logs useless as all traffic is then identified as originating from 192.168.1.1
what i would like to have is an IPTABLE rule that allows traffic to flow freely between eth0 and eth2.
does anyone know sufficient IPTABLES to create this type of rule? or have i misunderstood what i really need?
thanks,
Nicolas
i have my systems setup in a similar fashion as described here:
http://www.cyberciti.biz/faq/linux-demilitarized-zone-howto/
where
eth0 - connected to WAN (but internally it has subnet 192.168.1.0/24)
eth1 - connected to LAN (another subnet 192.268.254.0/24)
eth2 - connected to DMZ (subnet 192.168.2.0/24) - this is where email, HTTP, FTP server are working.
on Zentyal, i have defined eth0 and eth2 as 'external WAN' .
but Zentyal intercepts all traffic which is forwarded from my router (192.168.1.1) to my HTTP server (192.168.2.2) and the only way to allow for traffic to reach my server is to add a forward rule in Zentyal.
however, that makes my HTTP logs useless as all traffic is then identified as originating from 192.168.1.1
what i would like to have is an IPTABLE rule that allows traffic to flow freely between eth0 and eth2.
does anyone know sufficient IPTABLES to create this type of rule? or have i misunderstood what i really need?
thanks,
Nicolas
13
Installation and Upgrades / Error creating Email Aliases
« on: March 09, 2011, 12:31:26 pm »
Hello,
i have installed Zentyal on 3 boxes using x32 server base:
i have setup and connected Z1 and Z2 to collect LDAP information from Z3.
but i am not able to create mail accounts aliases for users.
when i log into Z2 to amend users details i get this error message:
and i can see on Z3, plenty of messages on its LDAP sync queue after a day of those changes.
So am i experiencing a bug, or should i install mail module in Z3 as well?
any suggestions on how to fix this will much appreciated.
thanks,
Nicolas
i have installed Zentyal on 3 boxes using x32 server base:
- Z1 - gateway, DNS, DHCP, PROXY & firewall
- Z2 - firewall, mail & file share
- Z3 - LDAP & firewall only
i have setup and connected Z1 and Z2 to collect LDAP information from Z3.
but i am not able to create mail accounts aliases for users.
when i log into Z2 to amend users details i get this error message:
Code: [Select]
Unknown error at EBox::SambaLdapUser::_getAccountFlags Referral receivedand i can see on Z3, plenty of messages on its LDAP sync queue after a day of those changes.
So am i experiencing a bug, or should i install mail module in Z3 as well?
any suggestions on how to fix this will much appreciated.
thanks,
Nicolas
14
Installation and Upgrades / VPN fails to connect to advertised networks
« on: March 07, 2011, 05:36:33 pm »
hello,
i have setup a VPN server following the docs.
and have added the intranet of this site as an 'advertised network'.
on my client pc (ubuntu) i can connect using network-manager, and check the correct connection and default gateways added to this client with:
but i try connecting to a webserver running on 10.23.100.4, it times out.
i tried checking with:
and nothing is found
any ideas on what needs changing here?
thanks,
Nicolas
i have setup a VPN server following the docs.
and have added the intranet of this site as an 'advertised network'.
on my client pc (ubuntu) i can connect using network-manager, and check the correct connection and default gateways added to this client with:
Code: [Select]
#route
Destination Gateway Genmask Flags Metric Ref Use Iface
10.23.100.0 192.168.160.1 255.255.255.0 UG 0 0 0 tap0
but i try connecting to a webserver running on 10.23.100.4, it times out.
i tried checking with:
Code: [Select]
tracepath 10.23.100.4
1: mypc.local 0.171ms pmtu 1500
1: no reply
. . .
and nothing is found
any ideas on what needs changing here?
thanks,
Nicolas
15
Installation and Upgrades / IMAP Anti-Spam does not work on x64 Ubuntu
« on: February 25, 2011, 03:44:53 pm »
Hi,
it seems that latest version of Zentyal has not yet solved this problem.
so when running mail server on x64 Ubuntu you come to this problem.
any idea on how to recompile the libraries necessary might be helpful in solving this.
http://forum.zentyal.org/index.php?topic=4567
thanks,
Nicolas
it seems that latest version of Zentyal has not yet solved this problem.
so when running mail server on x64 Ubuntu you come to this problem.
any idea on how to recompile the libraries necessary might be helpful in solving this.
http://forum.zentyal.org/index.php?topic=4567
thanks,
Nicolas