Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
31
Installation and Upgrades / Re: Possible with Zentyal?
« on: December 29, 2010, 12:51:40 pm »
Hi,
Thanks for your interest in Zentyal Server
No, it's not possible, this limitation is still present in Zentyal 2.0.
You can use any module from the slave server, including mail.
Regards,
Jaime.
Thanks for your interest in Zentyal Server
- If using master/slave setup - is it possible to use other services like mail on the master-server or does this still break sync to the slave-servers with zentyal 2.x? I read that the master must only run userandgroups, but the post was (hopefully) only valid for eBox 1.3...
No, it's not possible, this limitation is still present in Zentyal 2.0.
- If its not possible to use mail-services on the master - how can I integrade 3rd Party Tools which need ldap-access for account-information AND email? As far as I understood the master-ldap doesnt has email-entries. Is it possible to use the ldap from the slave with email-service for this?
You can use any module from the slave server, including mail.
Regards,
Jaime.
32
Installation and Upgrades / Re: How do I fix circular dependencies because of a Zentyal 2.0 update?
« on: December 28, 2010, 01:04:57 pm »
Hi,
What cperez means is that you should check if the file "/var/lib/ebox/gconf.backup" exists, not "/var/lib/ebox/gconf.backupdpkg" (there were two errors whose strings have been joined).
So, if "/var/lib/ebox/gconf.backup" exists, move it to other place and try again.
Regards,
What cperez means is that you should check if the file "/var/lib/ebox/gconf.backup" exists, not "/var/lib/ebox/gconf.backupdpkg" (there were two errors whose strings have been joined).
So, if "/var/lib/ebox/gconf.backup" exists, move it to other place and try again.
Regards,
33
Installation and Upgrades / Re: VPN / DNS / Internal lan
« on: December 28, 2010, 12:49:44 pm »
Hi,
It is useful if you want to allow only a limited group of certificates to be used to connect to a VPN server.
Regards,
1 - When i go create a new VPN Tunnel i can not check the box the "Client Authorization by common name" or i can ? i have tried and in vpn i have error about the certificate. not using the "client...." is not less secure the connection between client and server ?Yes, this feature provides an extra security level, but the connection should be secure enough without it. If anyway you want to use it, the common names of your client certificates have to be prefixed with the selected value.
It is useful if you want to allow only a limited group of certificates to be used to connect to a VPN server.
2 - After unchecked the "client authorization ..." i can connect normally but in VPN log i only see the first client connected to that VPN, i think is something wrong rigth ?There are some known issues with VPN logging, they should be fixed in the next version of the module. You can also see the connected clients using the VPN dashboard widgets.
3- The Ip given to client start from 192.168.0.1 and go on, each connection a new IP 1 / 2 / 3 etc etc, my question is if nobody is connected for now, the IP doesn't start the 192.168.0.1 ? and not continue adding a new IP to the last used ? what happend when the scoope end in 254 ?The first IP is always assigned to the server itself. And don't worry about the number of IP addresses, if you have less than 254 clients it shouldn't be a problem. If you have more than 254 you will probably want to divide them in several servers, or you can also use a wider IP range, as 172.16.0.0/16.
Regards,
34
Installation and Upgrades / Re: VPN / DNS / Internal lan
« on: December 24, 2010, 05:59:08 pm »
Hi,
I'll try to explain it better
To connect several clients to the same VPN server:
1. In certification authority, create a certificate for each worker
2. In VPN, create a new server
3. Download a bundle for each worker, selecting the appropiate certificate for each one.
4. Use the configuration in the bundle to
About the DNS, I mean that Zentyal doesn't currently support automatic configuration of clients' DNS, so you'd need to add the name server by hand in each client.
You can also take a look to this link: http://openvpn.net/index.php/open-source/documentation/howto.html#dhcp and modify the VPN clients' bundles according to this.
We plan to support this feature in the future, but there is no confirmed date yet, maybe in Zentyal 2.1.
Merry Christmas
I'll try to explain it better
To connect several clients to the same VPN server:
1. In certification authority, create a certificate for each worker
2. In VPN, create a new server
3. Download a bundle for each worker, selecting the appropiate certificate for each one.
4. Use the configuration in the bundle to
About the DNS, I mean that Zentyal doesn't currently support automatic configuration of clients' DNS, so you'd need to add the name server by hand in each client.
You can also take a look to this link: http://openvpn.net/index.php/open-source/documentation/howto.html#dhcp and modify the VPN clients' bundles according to this.
We plan to support this feature in the future, but there is no confirmed date yet, maybe in Zentyal 2.1.
Merry Christmas
35
Installation and Upgrades / Re: VPN / DNS / Internal lan
« on: December 23, 2010, 06:17:02 pm »
Hi,
You don't need a VPN per client, you can try to use an only VPN for all your remote workers, each one will need a different certificate.
And you need to add your DNS server to the network configuration of your clients.
Regards,
You don't need a VPN per client, you can try to use an only VPN for all your remote workers, each one will need a different certificate.
And you need to add your DNS server to the network configuration of your clients.
Regards,
36
Installation and Upgrades / Re: Disabling DHCP Module DOES NOT DISABLE IT
« on: December 04, 2010, 01:56:28 pm »
Hi,
DHCP module wasn't disabling the init.d script, so the daemon started after reboot, it has been fixed in http://trac.zentyal.org/changeset/19661/ for new installations. For old installations, you need to run the command:
Sorry for the inconveniences.
Regards,
DHCP module wasn't disabling the init.d script, so the daemon started after reboot, it has been fixed in http://trac.zentyal.org/changeset/19661/ for new installations. For old installations, you need to run the command:
Code: [Select]
sudo update-rc.d dhcp3-server disableSorry for the inconveniences.
Regards,
37
Installation and Upgrades / Re: DCHP disabled but giving adresses !?!
« on: December 04, 2010, 01:56:03 pm »
Hi,
DHCP module wasn't disabling the init.d script, so the daemon started after reboot, it has been fixed in http://trac.zentyal.org/changeset/19661/ for new installations. For old installations, you need to run the command:
Sorry for the inconveniences.
Regards,
DHCP module wasn't disabling the init.d script, so the daemon started after reboot, it has been fixed in http://trac.zentyal.org/changeset/19661/ for new installations. For old installations, you need to run the command:
Code: [Select]
sudo update-rc.d dhcp3-server disableSorry for the inconveniences.
Regards,
38
Installation and Upgrades / Re: ebox webserver failed to start!
« on: November 24, 2010, 10:06:56 am »
Hi,
What is the state of your certification authority certificate? Is the certificate for your web service enabled?
Regards,
What is the state of your certification authority certificate? Is the certificate for your web service enabled?
Regards,
39
Installation and Upgrades / Re: Localhost frozen apache2 cpu usaga 80%
« on: November 24, 2010, 09:17:52 am »
Hi,
What modules did you install?
Does it still happen after reboot the server?
Regards,
What modules did you install?
Does it still happen after reboot the server?
Regards,
40
Spanish / Re: acceso desde el Localhost
« on: November 18, 2010, 03:29:58 pm »
Buenas,
Sí, este es un problema conocido. Para acceder a la interfaz de Zentyal tendrás que indicarle al navegador el puerto navegando a la dirección https://localhost:<nuevo puerto>.
También puedes hacer permanente este cambio editando el archivo ~/Desktop/zentyal.desktop y añadiendo el puerto a la dirección indicada en el valor "Exec".
Un saludo,
Sí, este es un problema conocido. Para acceder a la interfaz de Zentyal tendrás que indicarle al navegador el puerto navegando a la dirección https://localhost:<nuevo puerto>.
También puedes hacer permanente este cambio editando el archivo ~/Desktop/zentyal.desktop y añadiendo el puerto a la dirección indicada en el valor "Exec".
Un saludo,
41
Installation and Upgrades / Re: Help configuring port forwarding
« on: November 18, 2010, 01:16:17 pm »
Hi andyp,
Try this:
- Add your public IPs as virtual interfaces to the external interface/s of your Zentyal server
- Forward the services to your internal machines
- Configure the firewall to accept connections from external networks to Zentyal (the Zentyal server needs to be able to receive the connections before forwarding them) and double-check that internal network traffic and outgoing traffic is also allowed (or check that you can access from the Zentyal server to the services in the internal machines)
Regards,
Try this:
- Add your public IPs as virtual interfaces to the external interface/s of your Zentyal server
- Forward the services to your internal machines
- Configure the firewall to accept connections from external networks to Zentyal (the Zentyal server needs to be able to receive the connections before forwarding them) and double-check that internal network traffic and outgoing traffic is also allowed (or check that you can access from the Zentyal server to the services in the internal machines)
Regards,
42
Spanish / Re: Dudas iniciales - Zentyal
« on: November 16, 2010, 11:31:08 am »
Hola,
No se lo que te puede estar fallando, pero te voy a dejar aquí una lista de cosas que puedes ir comprobado:
Un saludo.
No se lo que te puede estar fallando, pero te voy a dejar aquí una lista de cosas que puedes ir comprobado:
- Utiliza las herramientas de diagnóstico para ver que el servidor Zentyal puede conectar y resolver nombres correctamente.
- Comprueba que el módulo de cortafuegos está activado (es necesario para redireccionar las conexiones de los clientes).
- Comprueba que las máquinas cliente pueden hacer ping al servidor Zentyal y que pueden resolver nombres de dominio.
Un saludo.
43
Installation and Upgrades / Re: Remote Desktop to Application Server
« on: November 16, 2010, 11:22:07 am »
Interface: eth0 (The external one that is going to receive the connections)
Original destination: Zentyal (Again, the one that is going to receive the connections)
Original destination port: I will select Single port: 3389 (correct?? yes)
Protocol: TCP (correct?? yes)
Source: Any
Destination IP: The IP of the machine with the service, where you are going to forward the connections.
Port: The same one.
Log: As you wish
Original destination: Zentyal (Again, the one that is going to receive the connections)
Original destination port: I will select Single port: 3389 (correct?? yes)
Protocol: TCP (correct?? yes)
Source: Any
Destination IP: The IP of the machine with the service, where you are going to forward the connections.
Port: The same one.
Log: As you wish
44
Installation and Upgrades / Re: Accessing OpenVPN Client(s) from Internal Network
« on: November 15, 2010, 01:51:38 pm »
Hi,
I'm not sure of completely understand your problem, but you can check the configuration of the advertised networks of your VPN networks.
Regards,
I'm not sure of completely understand your problem, but you can check the configuration of the advertised networks of your VPN networks.
Regards,
45
Installation and Upgrades / Re: Remote Desktop to Application Server
« on: November 15, 2010, 01:42:34 pm »
The port/s depend on the service, you'd have to check them on the documentation of the service.
The port redirections can be configured on Zentyal on Firewall --> Port forwarding.
The port redirections can be configured on Zentyal on Firewall --> Port forwarding.