Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
1
Installation and Upgrades / SNAT multiple virtual IP addresses
« on: August 19, 2014, 09:41:15 pm »
What I am trying to accomplish is I want a specific machine on my lan to be seen publicly from a specific IP address. I have a block of 5 addresses from my ISP. In my network interface I have the first IP address configure as the first address in the block and four virtual IP's for the rest. I want this specific computer to be seen as one of these virtual IP addresses. Looks like I need to be using SNAT for this, but I can't seem to figure it out. I did find this on serverfault:
Once I set this up I get no access to the internet at all from the local pc. Can anyone clear this up who has done this. The documentation seems sparse for SNAT.
Code: [Select]
http://serverfault.com/questions/608228/how-to-configure-source-nat-private-ip-public-ip-outboundOnce I set this up I get no access to the internet at all from the local pc. Can anyone clear this up who has done this. The documentation seems sparse for SNAT.
2
Installation and Upgrades / Set network speed, duplex and autoneg on reboot
« on: August 19, 2014, 09:04:57 pm »
I have a specific interface that needs set at 100M Full duplex with auto negotiation off. I can do this with ethtool, but it does not stay set after a reboot. If I do not manually set it my upload speed is basically cut it half. From what I'm told is that my Adtran for my fiber connection is set to 100M and sometimes the auto negotiation doesn't get it quite right. Any way to keep this setting permanent?
Manually I can do:
sudo ethtool -s eth1 speed 100 duplex full autoneg off
Manually I can do:
sudo ethtool -s eth1 speed 100 duplex full autoneg off
3
Installation and Upgrades / Adding services to /etc/services still not working for DNS SRV records
« on: January 15, 2013, 03:27:20 pm »
I am trying to add some SRV records for my dns settings and and it gave me "Service 'service-name' is not present in /etc/services". So I went to /etc/services added all the ones I needed at the bottom and saved.
Here are the ones I added:
caldav 80/tcp
caldavs 443/tcp
carddav 80/tcp
carddavs 443/tcp
autodiscover 80/tcp
ischedule 80/tcp
In the web interface I have successfully added my carddav and caldav SRV records but autodiscover and ischedule still will not add giving error "Service 'service-name' is not present in /etc/services" when clearly it is there. Any ideas?
Here are the ones I added:
caldav 80/tcp
caldavs 443/tcp
carddav 80/tcp
carddavs 443/tcp
autodiscover 80/tcp
ischedule 80/tcp
In the web interface I have successfully added my carddav and caldav SRV records but autodiscover and ischedule still will not add giving error "Service 'service-name' is not present in /etc/services" when clearly it is there. Any ideas?
4
Installation and Upgrades / DNS Name Resolution from Mac
« on: December 19, 2012, 09:30:11 pm »
I am having an issue with a Mac resolving hostnames on the network. I can resolve names from any windows PC. Zentyal is the primary DNS server and is also the gateway for the network. What is odd though is the Mac can resolve a few of the hostnames but not all. Out of lets say 200 DHCP clients the Mac can resolve maybe 5 clients by hostname and these clients are in the DHCP pool and not static. The Mac can resolve all the static hosts configured in Zentyal no problem either. Is there a way to flush the DHCP leases to force clients to get a new address? I have restarted both DHCP and DNS on Zentyal and that didn't do it. The DHCP settings also specify a search domain, and the Mac does get this and can successfully ping just the hostname instead of FQDN. Has anyone come across this?
5
Installation and Upgrades / MiniUPNPD setup and configuration help
« on: November 21, 2012, 01:42:23 am »
I have installed MiniUPNPd for UPNP from the Quantal repository. I am using the latest Zentyal 3 version. No problems with the install whatsoever, its the configuration that has me puzzled. I was looking at the clearOS forum because they have this package for their OS and others have helped. Here is the url I was looking at:
http://www.clearfoundation.com/component/option,com_kunena/Itemid,232/catid,40/func,view/id,21002/
So I already have it installed and set the WAN interface to be my eth1 port and the listening IP Address to be 10.1.1.5 which is my lan IP Address on eth0. The part that I can't figure out is it implies that I have to make a manual entry in my IPTABLES for it to work. The instructions mention a script that runs during firewall start so I looked up the hooks for Zentyal and it says to use firewall.postservice for firewall scripts. So as root I created a file in /etc/zentyal/hooks/firewall.postservice and added the IPTABLES code:
##
#MINIUPNPD required tables
##
IPTABLES=/sbin/iptables
#EXTIF= (not required as uses automagic to determine WAN, can be manually specified)
#adding the MINIUPNPD chain for nat
$IPTABLES -t nat -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t nat -A PREROUTING -i $EXTIF -j MINIUPNPD
#adding the MINIUPNPD chain for filter
$IPTABLES -t filter -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t filter -A FORWARD -i $EXTIF -o ! $EXTIF -j MINIUPNPD
On firewall restart it doesn't complain about an error, but when I run: iptables -L there are not listings for MINIUPNPD.
When I restart the miniupnpd service it does add its own chain but there are no values under it.
Just trying to get help from anyone who has worked with this. Thank you.
http://www.clearfoundation.com/component/option,com_kunena/Itemid,232/catid,40/func,view/id,21002/
So I already have it installed and set the WAN interface to be my eth1 port and the listening IP Address to be 10.1.1.5 which is my lan IP Address on eth0. The part that I can't figure out is it implies that I have to make a manual entry in my IPTABLES for it to work. The instructions mention a script that runs during firewall start so I looked up the hooks for Zentyal and it says to use firewall.postservice for firewall scripts. So as root I created a file in /etc/zentyal/hooks/firewall.postservice and added the IPTABLES code:
##
#MINIUPNPD required tables
##
IPTABLES=/sbin/iptables
#EXTIF= (not required as uses automagic to determine WAN, can be manually specified)
#adding the MINIUPNPD chain for nat
$IPTABLES -t nat -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t nat -A PREROUTING -i $EXTIF -j MINIUPNPD
#adding the MINIUPNPD chain for filter
$IPTABLES -t filter -N MINIUPNPD
#adding the rule to MINIUPNPD
$IPTABLES -t filter -A FORWARD -i $EXTIF -o ! $EXTIF -j MINIUPNPD
On firewall restart it doesn't complain about an error, but when I run: iptables -L there are not listings for MINIUPNPD.
When I restart the miniupnpd service it does add its own chain but there are no values under it.
Just trying to get help from anyone who has worked with this. Thank you.
6
Installation and Upgrades / Joining Zentyal 3 to existing active directory domain.
« on: September 15, 2012, 02:17:05 am »
I am trying to get it to join my existing domain. I downloaded "File Sharing and Domain Services" and "Users and Groups" and in the Users and groups config I setup my domain. dc=test,dc=local and in the File Sharing setting it is still showing a default zentyal domain which I don't want. So searching I found samba4 docs here: http://wiki.samba.org/index.php/Samba4/HOWTO/Join_a_domain_as_a_DC
So i changed my /etc/krb5.conf to reflect my domain TEST.local instead of the default zentyal domain and at the command line ran "kinit administrator" to test the connection and asks for the password and I put it in and receive "kinit: krb5_get_init_creds: unable to reach any KDC in realm TEST.local" I also made sure that I set a DNS record to point to my domain controller.
I have searched around and noticed other people were able to set it up, but I cannot get it to work. So for those who have gotten it to work can you give a little help. Thank you.
So i changed my /etc/krb5.conf to reflect my domain TEST.local instead of the default zentyal domain and at the command line ran "kinit administrator" to test the connection and asks for the password and I put it in and receive "kinit: krb5_get_init_creds: unable to reach any KDC in realm TEST.local" I also made sure that I set a DNS record to point to my domain controller.
I have searched around and noticed other people were able to set it up, but I cannot get it to work. So for those who have gotten it to work can you give a little help. Thank you.
7
Installation and Upgrades / 3.0 RC2 installs but will not boot
« on: September 08, 2012, 01:10:50 am »
I just finished building a mini-itx system with these specs:
Jetway JF9A-Q67
Core i3-2120T
Corsair 2x4GB
The installation goes fine with no errors, but when its time to boot it just has a black screen and after a while a menu will come up asking if I want to use kernel 3.2.0-29 or 3.2.0-29 (recovery). Either one I choose doesn't work. Just curious so I downloaded 3.0 RC1 also and it installed ok and it did boot into the os, but after I ran the updates it resulted in the same as RC2. So it would seem that something about 3.2.0-29 is causing me problems. Is there any resources to see if I can check I my hardware is not compatible with 3.2.0-29. Everything ran fin with RC1. It detected all my hardware with no problems. I just dont know why a new kernel would stop working?
P.S. I'm not a linux expert by any means so any ideas or help is greatly appreciated.
Jetway JF9A-Q67
Core i3-2120T
Corsair 2x4GB
The installation goes fine with no errors, but when its time to boot it just has a black screen and after a while a menu will come up asking if I want to use kernel 3.2.0-29 or 3.2.0-29 (recovery). Either one I choose doesn't work. Just curious so I downloaded 3.0 RC1 also and it installed ok and it did boot into the os, but after I ran the updates it resulted in the same as RC2. So it would seem that something about 3.2.0-29 is causing me problems. Is there any resources to see if I can check I my hardware is not compatible with 3.2.0-29. Everything ran fin with RC1. It detected all my hardware with no problems. I just dont know why a new kernel would stop working?
P.S. I'm not a linux expert by any means so any ideas or help is greatly appreciated.
8
Installation and Upgrades / How to configure LDAP sync with 2.3/3.0?
« on: August 30, 2012, 02:56:29 am »
I have been testing the new zentyal 2.3/3.0 RC and and trying to get Users and Groups to sync with a test Active Directory domain. I have the LDAP settings configured for my domain, but unlike the 2.2 Users and Groups this one doesn't have a setting to configure a user account to allow it to sync with the domain. I can't find any other configuration to get the sync setup? I have googled and searched the forum but cant find any hard details on how to configure it for 2.3/3.0. Thanks for the help.
9
Installation and Upgrades / VPN drops and shows UNDEF as certificate when reconnecting
« on: August 28, 2012, 05:46:59 pm »
Like the title says. Periodically I have a few users get dropped from the vpn and when they try to reconnect their certificate shows up as UNDEF on the dashboard. Yet I have other users that can go hours without having a single issue. Every time it shows up as UNDEF they cannot reconnect until I restart the openvpn service, which of course drops everyone else off too.
Core - 2.2.7 with all updates.
VPN Service - 2.2.3
Core - 2.2.7 with all updates.
VPN Service - 2.2.3
10
Installation and Upgrades / HTTP Proxy not authenticating
« on: August 24, 2012, 03:47:48 pm »
I have setup my Zentyal to be an AD slave and I has successfully synced all users and groups but when I set the proxy to "Authorize and Filter" and create a filter policy that is only applied to my "Sales" group to deny a few sites it is not working at all. Is there something else I need to do to get it to authenticate?
Pages: [1]