I am setting up a SonicWall SSLVPN on SonicOS 6.5 and am having issues with the default gateway being handed out to the client. When setting up the VPN I created an SSLVPN network (10.10.0.0/24). I am able to connect to the VPN and am handed an IP within the SSLVPN Network range. I am however unable to connect to anything on the X0 Network (10.0.0.0/24). In the SSLVPN > Client Settings I gave access  ...

I don't know much about stunnel but we use it in many locations to connect from a Java app to a cloud database. We have one Windows computer where stunnel keeps dying. What might cause this? How can I troubleshoot it?

I could use some help. My Active Directory is 20 year old, its about to start buying legal alcohol and god knows where it's going from there...

All joking aside, Exchange has ravaged my AD DACLs. To the point Exchange isn't even working right. I built a lab with an identical AD structure but fresh on 2022-OS/2019-EX-CU12 just so I can see what the correct permissions look like.

GREAT! I see all the  ...

My ingress for azure application gateway, so that it will use istio gateway internally.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: server-ingress
  namespace: productnamespace
  annotations:
    kubernetes.io/ingress.class: azure/application-gateway
    appgw.ingress.kubernetes.io/backend-protocol: "http"
    appgw.ingress.kubernetes.io/cookie-based-affinity: "true"
    cert-m ...

So this is a weird one. I have dozens of OpenVPN servers hosted on a pfsense server 2.4. I recently ran into a problem where the a single client can connect but can not ping the router or the openvpn gateway. Other users in his office do not suffer the same issue. This client has gone as far as to reset his windows 10 pc with the same results.

I have used tcpdump to monitor the traffic from his a ...

Is there such a service? Pricing should be $1/month, and must have 99.99% uptime, in years.

I have something of a mess on my hands. When these devices were joined, or "registered" with Azure AD, they had already been through OOBE and had local accounts created on them. I realize now that I should have used sysprep.exe to re-do the OOBE and join to Azure AD from there, however hindsight is 20-20 and I learned this later on. These PCs are on the other side of the country and I no longer have han ...

I have an IIS (10.0) server (2019) running a .NET application.

I'm using cloudflare for DNS/SSL and have the option to have CF enforce SSL. This works fine if im using the DNS name of the app, ex http://app.host.com redirects to https://app.host.com.

However, if someone attempts to access the server via the public IP, http://x.x.x.x/ they do not get redirected to HTTPS.

I attempted to use a URL Re ...

I'm using IIS SMTP relay to gmail to send outbound emails. I create this email text file with SSIS script task and place the file in the Pickup directory. This script runs every 15 minutes. It works most of the time, but sporadically it fails with the following error message. Using Windows Server 2016, so maybe there's a better way to manage SMTP relay?

Unable to deliver this message because the follow  ...

I'm trying to write a single LDAP search filter to retrieve users who are member of a particular group.

We're running a custom LDAP implementation (running on OpenLDAP: slapd 2.4.40), where the relations between user and groups are mapped Group (memberUid) -> User (uid).

The user LDIF does not have memberOf attributes, which makes it impossible to use the usual approach of (&(objectClass=perso ...

I guess these are two typical issues, at least first one is. I'm trying to configure postfix dovecot on CentOS 7.

First, the port 25 is open, but it is not accepting any outer connections.

The internal connection at port 25 is working. I did:

[root@myhost ~]# telnet localhost smtp
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 xxxx.com ESMTP Postfix (CentOS)
helo xxxx
250 xxxx.com
 ...

I read an article saying that apache mod_evasive is an old outdated module and does not real protection against Dos attack. After testing a scenario of load requests to a apache webpage it seems like it is really not protecting at all, although the logs indicates that it is functional.

Anyone who have really used mod_evasive module and verified its efficiency could tell if it is worthful or reall ...

[2023-08-28 14:35:33,070] [_internal.py:224] INFO - 192.168.220.1 - - [28/Aug/2023 14:35:33] "POST /domain/add HTTP/1.1" 400 -
[2023-08-28 14:35:33,095] [_internal.py:224] INFO - 192.168.220.1 - - [28/Aug/2023 14:35:33] "GET /static/assets/css/style.css HTTP/1.1" 304 -
[2023-08-28 14:35:33,106] [_internal.py:224] INFO - 192.168.220.1 - - [28/Aug/2023 14:35:33] "GET /static/assets/css/source_sans_pro.css H ...

Is it possible to install zscaler on virtual machine (e.g. linux), and use that machine for accessing only few hostnames? I would point other machines to go via this virtual machine only for those few hostnames, and everything else would go normal way (via my local gateway). Is there some easier way to achieve this?

Basically, I want to prevent zscaler investigating all the traffic I do on my mac ...

Network diagram: Laptop (10.8.0.2) -> (wireguard) -> server A (10.8.0.1, 10.10.0.10) -> server B (10.10.0.20)

sequence diagram

I've connected my laptop (10.8.0.2) to a server A (10.8.0.1) via Wireguard. I can ping/curl to the server A (10.10.0.10), but not another server B (10.10.0.20).

When ping 10.10.0.20 server B from my laptop, I find the following on server A:

• tcpdump -nn -i wg0 shows ...

openSUSE and SLES dropped their old CA management, now recommending to use xca.

While it was easy to add alternate subject names like hostname aliases or IP addresses in the old CA management, I could not find a way how to do it in xca.

So I wonder: Is is possible, and if so, how?

already tried to disable the insider program with various group policies. it still shows as opted. what could be the reason?

Windows update settings shows opted in for the windows insider program

I´m looking for a Web-Frontend to browse, download and upload files exported from another Server via SMB.
It has to offer ldap/AD-login for Users and honor the permissions from the Share.

I know most NAS-OS offer this functionality, but it is restricted to Shares provided by the NAS itself.

Is my googlefu weak or isn´t there any (recent) FOSS Projekt?

Cheers
Jochen

On Windows Server 2022, I am logged in as Administrator and trying to do a pg_ctl start on a Postgresql database that was initially created by user SYSTEM, but get the following error in the cmd console (I tried both with and without "Run as administrator"):

>pg_ctl.exe start -o "-p 5432" -U user -P password -D C:\aiw\aiw1\data -l C:\aiw\aiw1\trace\postgres.trace
waiting for server to start.... stopped ...

We have our application running in aks cluster and using cert-manager helm chart in separate namespace for lets encrypt certificate generation. argocd namespace is for handling deployments.

We need to enable mTLS, does that required istio to be labelled on argocd,cert-manager namespaces also?

And, we already have azure appgateway ingress to route traffic to the deployments running in our namespace,  ...

A client of mine asked a question that I'm not really sure how to answer correctly. His question is: In case of one node falls out of the cluster, stays offline for a few hours or days and then comes back: how fast the new data will be migrated to the node and will this affect the rest of the nodes performance?

TL;DR: They are asking what is the 3rd node comes back to the cluster and the app is asking t ...

We have a PowerEdge R7525 server with nvidia A16 graphics card on debian 11. But we have about 50% lower gpu performance than other servers. I suspect it's the missing "Above 4G decoding" option in the BIOS. According to nvidia this server should handle up to 3 A16 gpu units. Can anyone advice me some work-around or something to harness the full power of this gpu?

Thank you very much in advance

I want to prepare Azure template for Red Hat 8 servers with packer and I'm facing problem with setting custom LVM partitions. For example, I want separate /var/tmp, /var/log etc. I deployed some VMs based on marketplace image and they have default partition layout.

I thought about using cloud-init, but there is no information about LVM in documentation.

Is there any way to achieve this?

Thanks.

Want to rewrite nginx with setup such as www.example.com/abc/xyz/test/

redirect to www.example.com/abc/xyz/test.php So want to make an rewrite rule which will work for all pages with that url like so i tried this one which works

 location ~* /abc/xyz/.*/$
        {
            rewrite ^/abc/xyz/.*/$  /abc/xyz/test.php last;
        }

this rule works but it always redirect to test.php want to mak ...

I have installed OMV6 and read most of the docs, but I simply can't find a direct way to simply block deletion of files to any user. Yes, the users must create new folders and files and have access (R+W), but they can NOT delete files. It doesn't work through bash and I can't see the option on OMV6 (would appreciate if there were any secret plugin or extra that does that). I've tried the sticky bit perm ...

So imagine this command:

docker compose -f docker/docker-compose.yml run \
  --rm --entrypoint "" \
  my-service

and something like this for docker/docker-compose.yml:

version: '3.9'
services:
  my-service:
    depends_on: other-service
     ...
  other-service:
     ...

When I run the command both services come up. But it seems, that both have their entrypoint overridden with "". Is that possible? And ...

We've some servers in linux and those servers get hang(stuck) but not stopped. So, how can I deal with those servers. It's not clear what's the cause of this stuckness. Any guidance will be appreciated.

The problems:

1. The server hangs time to time. It doesn't get stopped. It just hangs. Theoritically it's still up but practically it has stopped working. The one way to trace it is to monitor the logs, you ...

I need help with the configuration of RAIDs on the ASUS RS720-E10-RS12 server. We have installed 2x 512GB NVME drives in the motherboard slots and 12x SATA SSDs in the Backplane slots. I can only create a RAID from the NVME disks, and the option for RAID for SATAs is then disabled, or I can create a RAID for SATAs, but then the option for NVME RAID is disabled, which is a huge problem.

We need to ...

I am attempting to set up an Nginx reverse proxy that should be accessible from another server. The purpose is to redirect requests to an upstream test environment. The connection necessitates a certificate and key, both of which I have successfully validated.

Executing the command

curl -E ./test.crt --key ./test.key https://example.com/agent_ws-SOF46 -v -L

results in a successful connection.

Howe ...

I recently updated my Intel X540-AT2 Network Card on a Windows Server 2012 R2 system to the latest version 28.2. This update included both the driver package and the Intel® PROSet package, which I downloaded from the official Intel website.

However, I have noticed that the "Advanced" tab in the Network Adapter properties is no longer visible after this update. This "Advanced" tab was previously where I a ...