Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
16
Installation and Upgrades / Re: Two Network Problems
« on: October 26, 2009, 06:03:02 pm »
As I described in another post, I have servers with different Ip Addresses, in different internal (using the ebox's logic) networks.
I have only one external Interface and 5 internal interfaces. My servers are in the internal interfaces.
I have only one external Interface and 5 internal interfaces. My servers are in the internal interfaces.
17
Installation and Upgrades / Re: Squid caching exemption
« on: October 22, 2009, 02:47:42 pm »
I think, that the answer is as bellow:
acl src_ip_me src 1.1.1.1/32
log_access deny src_ip_me
acl src_ip_me src 1.1.1.1/32
log_access deny src_ip_me
18
Installation and Upgrades / Re: Reports Logs HTTPProxy + SARG - Squid Analysis Report Generator
« on: October 22, 2009, 02:45:45 pm »
I think, the best one is mysar
http://giannis.stoilis.gr/software/mysar/
It uses mysql as backend, it's more resources 'hungry', but you have everything in a RDBMS, and you can built your own applications to access all the logged information.
I have installed all the above, and the best is mysar. I also think, that it would be easy for the developers to include mysar in a future ebox release.
http://giannis.stoilis.gr/software/mysar/
It uses mysql as backend, it's more resources 'hungry', but you have everything in a RDBMS, and you can built your own applications to access all the logged information.
I have installed all the above, and the best is mysar. I also think, that it would be easy for the developers to include mysar in a future ebox release.
19
Installation and Upgrades / Re: Are multiple IPs (virtual IPs) supported on WAN interface?
« on: October 20, 2009, 09:55:59 pm »
Thx.
I will try it in the future.
I will try it in the future.
20
Installation and Upgrades / Re: Virtual Interfaces
« on: October 19, 2009, 10:21:39 pm »
We already have a coversation about this here:
http://forum.ebox-platform.com/index.php?topic=2010
http://forum.ebox-platform.com/index.php?topic=2010
21
Installation and Upgrades / Re: External Access
« on: October 19, 2009, 10:18:40 pm »
First, forward the 443 TCP port of your ADSL (or other) router to the external interface of ebox.
Then add a rule to "Filtering rules from external networks to eBox" in the "Firewall" section, that has source=Any, Service=eBox administration and of course decision=Allow
Then add a rule to "Filtering rules from external networks to eBox" in the "Firewall" section, that has source=Any, Service=eBox administration and of course decision=Allow
22
Installation and Upgrades / Re: rrd problem
« on: October 19, 2009, 10:13:18 pm »
Thx
I will try it
I will try it
23
Installation and Upgrades / Re: Two Network Problems
« on: October 15, 2009, 10:33:25 pm »
I think that we are talking for different things.
I am talking about a client to Vpn connection and not for an eBOX to eBOX vpn connection.
I connect my client outside of the ADSL modems to the ebox's VPN server which is behind the ADSL modems.
I have never tried the ebox to ebox VPN.
Anyway. Thx for your replies.
I am talking about a client to Vpn connection and not for an eBOX to eBOX vpn connection.
I connect my client outside of the ADSL modems to the ebox's VPN server which is behind the ADSL modems.
I have never tried the ebox to ebox VPN.
Anyway. Thx for your replies.
24
Installation and Upgrades / Re: Where do you run eBox on ?
« on: October 15, 2009, 06:59:10 pm »
I use 2 identical machines:
They are locally manufactured servers (by a company in Greece) based on:
- TYAN motherboard (Toledo i3210W/i3200R S5211)
- Intel processor ( Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz)
- 4 x 1 GB RAM (800 MHz)
- 2 x 1 TB SATA hard disks (Western Digital), combined on RAID controller
- Adaptec Raid controller (2420SA)
The first machine is used as router, firewall, gateway, ntp server, dns server, dhcp server, vpn server, http proxy (with a big cache) and gateway server.
The second machine is used as file server, internal mail server, virus checker and jabber server.
I have almost 40 users on 25 locally installed machines. The 20 machines are running ubuntu and the other 5 windows xp.
The 2 machines are having very little cpu utilization (almost 5-10 %) and the memory is always to 10 -20%.
So they are much 'bigger' than my needs.
The router routes traffic of 6 sub-networks.
- Users pcs for file and application sharing
- Ip telephony (external server based on elastix), with almost 100 ip-phones, 30 analogues and 10 wi-fi phones
- Wireless network for guest and ip phones
- Internal network in the control room (backup server, monitor server)
- Ip Cameras network
- External network, with 3 ADSL lines and one wireless line
I think that the above describe the two ebox servers and the jobs they called to bring out.
They are locally manufactured servers (by a company in Greece) based on:
- TYAN motherboard (Toledo i3210W/i3200R S5211)
- Intel processor ( Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz)
- 4 x 1 GB RAM (800 MHz)
- 2 x 1 TB SATA hard disks (Western Digital), combined on RAID controller
- Adaptec Raid controller (2420SA)
The first machine is used as router, firewall, gateway, ntp server, dns server, dhcp server, vpn server, http proxy (with a big cache) and gateway server.
The second machine is used as file server, internal mail server, virus checker and jabber server.
I have almost 40 users on 25 locally installed machines. The 20 machines are running ubuntu and the other 5 windows xp.
The 2 machines are having very little cpu utilization (almost 5-10 %) and the memory is always to 10 -20%.
So they are much 'bigger' than my needs.
The router routes traffic of 6 sub-networks.
- Users pcs for file and application sharing
- Ip telephony (external server based on elastix), with almost 100 ip-phones, 30 analogues and 10 wi-fi phones
- Wireless network for guest and ip phones
- Internal network in the control room (backup server, monitor server)
- Ip Cameras network
- External network, with 3 ADSL lines and one wireless line
I think that the above describe the two ebox servers and the jobs they called to bring out.
25
Installation and Upgrades / Re: Two Network Problems
« on: October 15, 2009, 06:31:16 pm »
I did understand you.
I have only one VPN server in the "List of servers" of the gateway machine, and 3 ADSL lines.
The thing is, that when I did my tests, I had only one ADSL line, and the firewall was fully opened.
So believe me, I did all the tests I could imagine.
I am pretty sure that, for some other reason, my VPN is considered as external to my network.
Now I have 3 ADSL lines, and in each one I forward a different port (x,y,z), to the same port on the ebox's external interface (z)
All works but I have to consider the VPN as external network.
It's functional (and pretty secure as I submit the source network in the firewall), but This is very very strange.
I have only one VPN server in the "List of servers" of the gateway machine, and 3 ADSL lines.
The thing is, that when I did my tests, I had only one ADSL line, and the firewall was fully opened.
So believe me, I did all the tests I could imagine.
I am pretty sure that, for some other reason, my VPN is considered as external to my network.
Now I have 3 ADSL lines, and in each one I forward a different port (x,y,z), to the same port on the ebox's external interface (z)
All works but I have to consider the VPN as external network.
It's functional (and pretty secure as I submit the source network in the firewall), but This is very very strange.
26
Installation and Upgrades / Re: Two Network Problems
« on: October 15, 2009, 02:44:26 am »
Only the ebox's vpn, in front of my network
The ebox machine is acting as router and as a vpn server
The ebox machine is acting as router and as a vpn server
27
Installation and Upgrades / Re: Two Network Problems
« on: October 14, 2009, 12:42:41 pm »
I have already tried it. And it didn't work.
After playing a lot with the firewall, I discovered that only if I consider (in my mind) the VPN as external, and if I add the appropriate rules (as I described before) I would have access to my server.
I am sure for what I said before.
I know that this is very strange, but this is what I have to do to access my network through ebox's VPN
After playing a lot with the firewall, I discovered that only if I consider (in my mind) the VPN as external, and if I add the appropriate rules (as I described before) I would have access to my server.
I am sure for what I said before.
I know that this is very strange, but this is what I have to do to access my network through ebox's VPN
28
Installation and Upgrades / Re: Are multiple IPs (virtual IPs) supported on WAN interface?
« on: October 14, 2009, 12:13:42 am »
In the external interface I added another Ip.
For example:
My external interface has the 10.10.10.110/24 ip
I add a virtual (second) Ip : 192.168.0.110/24
Even when I turned off the firewall, I could not ping the 192.168.0.111 host.
I tried it with 2 ways
1) I connect everythin on a switch (which normally should work)
2) I disconnect the 10.10.10.0/24 devices, and connect on the switch only the 192.168.0.0/24 devices
In both cases I failed to ping 192.168.0.111
For example:
My external interface has the 10.10.10.110/24 ip
I add a virtual (second) Ip : 192.168.0.110/24
Even when I turned off the firewall, I could not ping the 192.168.0.111 host.
I tried it with 2 ways
1) I connect everythin on a switch (which normally should work)
2) I disconnect the 10.10.10.0/24 devices, and connect on the switch only the 192.168.0.0/24 devices
In both cases I failed to ping 192.168.0.111
29
Installation and Upgrades / Re: Are multiple IPs (virtual IPs) supported on WAN interface?
« on: October 13, 2009, 08:52:56 am »
I have used 'virtual' Ip on on external interface, but the firewall, did not follow the rules i had set for the external network. I could n't even ping hosts on the same subnet with the virtual ip, even if i had my firewall open.
30
Installation and Upgrades / rrd problem
« on: October 12, 2009, 02:04:59 pm »
My log (/var/log/syslog) is full of these messages:
Does anybody is aware of the problem, or even more of the solution?
Code: [Select]
Oct 12 15:00:22 router collectd[9716]: rrdtool plugin: rrd_update_r (/var/lib/collectd/rrd/router/swap/swap-free.rrd) failed: illegal attempt to update using time 1255348822 when last update time is 1255348822 (minimum one second step)
Oct 12 15:00:22 router collectd[9716]: rrdtool plugin: rrd_update_r (/var/lib/collectd/rrd/router/swap/swap-cached.rrd) failed: illegal attempt to update using time 1255348822 when last update time is 1255348822 (minimum one second step)
Oct 12 15:00:22 router collectd[9716]: rrdtool plugin: rrd_update_r (/var/lib/collectd/rrd/router/processes/ps_state-running.rrd) failed: illegal attempt to update using time 1255348822 when last update time is 1255348822 (minimum one second step)
Oct 12 15:00:22 router collectd[9716]: rrdtool plugin: rrd_update_r (/var/lib/collectd/rrd/router/processes/ps_state-sleeping.rrd) failed: illegal attempt to update using time 1255348822 when last update time is 1255348822 (minimum one second step)
Oct 12 15:00:22 router collectd[9716]: rrdtool plugin: rrd_update_r (/var/lib/collectd/rrd/router/processes/ps_state-zombies.rrd) failed: illegal attempt to update using time 1255348822 when last update time is 1255348822 (minimum one second step)
Oct 12 15:00:22 router collectd[9716]: rrdtool plugin: rrd_update_r (/var/lib/collectd/rrd/router/processes/ps_state-stopped.rrd) failed: illegal attempt to update using time 1255348822 when last update time is 1255348822 (minimum one second step)
Oct 12 15:00:22 router collectd[9716]: rrdtool plugin: rrd_update_r (/var/lib/collectd/rrd/router/processes/ps_state-paging.rrd) failed: illegal attempt to update using time 1255348822 when last update time is 1255348822 (minimum one second step)
Oct 12 15:00:22 router collectd[9716]: rrdtool plugin: rrd_update_r (/var/lib/collectd/rrd/router/processes/ps_state-blocked.rrd) failed: illegal attempt to update using time 1255348822 when last update time is 1255348822 (minimum one second step)
Does anybody is aware of the problem, or even more of the solution?