Build a gateway server for private network ???

Similar Messages

• Remote Desktop "Bypass RD gateway server for local addresses" no longer working in Windows 8

  Hi,
  After installing windows 8, it seems like the "Bypass RD gateway server for local addresses" is no longer working.
  In Windows 7, when the option is checked, I could have the server name set always and the client will automatically detect whether to use the RD gateway or not. For example, from my house, if I am connecting to a computer at my work, which requires
  the RD gateway, it will automatically pops up the dialog for authentication method. However, if I connect to a computer in my home network, it will just automatically connects without asking authentication for the RD gateway.
  However, after installing windows 8, this does not seem to work as expected anymore. The option is checked but the Windows Security dialog pops up in both situations and so i have to either save the rdp file locally and pin it to the taskbar or switch between
  disabling and enabling the RD gateway whenever I need to connect to different machines.
  Is this a regression in Windows 8? Is anyone else experiencing the same issue?
  Thanks

  Another way to resolve this issue for me, beside of configuring RDP to connect directly to server also on unmanaged network, will be to turn the "wifi" subnet in a managed network, as the "wired" subnet is.
  The differences between thoses to subnets, dynamically assigned by the same DHCP server, are:
  The "wifi" is in a private IP range, the "wired" is in a public IP range
  There's an ACL on the "wifi" subnet, not on the "wired"
  The next step is to compare frames send/received when on the two networks. Something will likely tell for the network to be managed.
  Beside, I'm still searching informations about NLA, which is responsible for setting a nework as managed or not.
  Here are some clues:
  http://blogs.technet.com/b/networking/archive/2010/09/08/network-location-awareness-nla-and-how-it-relates-to-windows-firewall-profiles.aspx
  http://social.technet.microsoft.com/Forums/windows/en-US/49ea0a6b-9c03-407d-8e26-24a92849a282/network-location-awareness-signature?forum=w7itpronetworking
  If anybody has official MS informations about NLA (A for Awareness and not Authentication), please share!

• Is it possible by using boot camp to set up a high spec mac pro to operate as a pc server for a network of approx 20 pcs

  My company has recently bought a high end mac pro to act as a mac server. However it is no longer need but business does need a new server for a network of about 20 pcs. Is it possible or practical using boot camp to tuen the mac into a fully funtioning pc server?
  jb

  Thanks for the info. I don't have Server 2008 but the Boot Camp documentation says Windows 7 only is supported. Glad you jumped in knowing that Server 2008 is supported.
  In the original poster's post he said he wanted a fully functioning server so I assume he wants Server 2008. If he is misusing the term server and only needs a peer network then he can install Windows 7.

• Oracle RAC and crossover cable for private network

  Hi,
  I have the following configuration: two database servers, each has four network cards, two for public network and two for private, cluster network. Each public card has own IP-address and both have virtual IP-address, defined in operation system (SLES-9) for redundancy. Because I have only two machines in the cluster I want to connect the two machines for private with crossover cable without switch. For redundancy I want to make two connections between machines. Is it at all possible? How should I defined all network interfaces and what should be included in /etc/hosts for properly work of Oracle cluster?
  Best Regards,
  Jacek

  Hi,
  You can build a RAC witch CROSSOVER, but the Oracle no homolog.
  As you have 4 cards, 2 to public (redundancy) and 2 to interconnect (redundancy) you need of a software to to make a TEAM, and create a card virtual that will have a IP address.
  Eder

• Oracle VM Server for SPARC - network multipathing architecture question

  This is a general architecture question about how to best setup network multipathing
  I am reading the "Oracle VM Server for SPARC 2.2 Administration Guide" but I can't find what I am looking for.
  From reading the document is appears it is possible to:
  (a) Configure IPMP in the Service Domain (pg. 155)
  - This protects against link level failure but won't protect against the failure of an entire Service LDOM?
  (b) Configure IPMP in the Guest Domain (pg. 154)
  - This will protect against Service LDOM failure but moves the complexity to the Guest Domain
  - This means the there are two (2) VNICs in the guest though?
  In AIX, "Shared Ethernet Adapter (SEA) Failover" it presents a single NIC to the guest but can tolerate failure of a single VIOS (~Service LDOM) as well as link level failure in each VIO Server.
  https://www.ibm.com/developerworks/mydeveloperworks/blogs/aixpert/entry/shared_ethernet_adapter_sea_failover_with_load_balancing198?lang=en
  Is there not a way to do something similar in Oracle VM Server for SPARC that provides the following:
  (1) Two (2) Service Domains
  (2) Network Redundancy within the Service Domain
  (3) Service Domain Redundancy
  (4) Simplify the Guest Domain (ie single virtual NIC) with no IPMP in the Guest
  Virtual Disk Multipathing appears to work as one would expect (at least according the the documentation, pg. 120). I don't need to setup mpxio in the guest. So I'm not sure why I would need to setup IPMP in the guest.
  Edited by: 905243 on Aug 23, 2012 1:27 PM

  Hi,
  there's link-based and probe-based IPMP. We use link-based IPMP (in the primary domain and in the guest LDOMs).
  For the guest LDOMs you have to set the phys-state linkprop on the vnets if you want to use link-based IPMP:
  ldm set-vnet linkprop=phys-state vnetX ldom-name
  If you want to use IPMP with vsw interfaces in the primary domain, you have to set the phys-state linkprop in the vswitch:
  ldm set-vswitch linkprop=phys-state net-dev=<phys_iface_e.g._igb0> <vswitch-name>
  Bye,
  Alexander.

• Remove Server from /private/Network/Servers?

  I'm integrated with a Windows AD Network. We moved this user's home directory to another server but the old server still shows up in /private/Network/Servers and if the woman tries to save something to the old server instead of going to the server (since it doesn't exist anymore) it saves it to the hard drive under /private/network/servers/servername/directory
  Reading online I read about something going into "dscl" and changing to /search/mounts or something like that but trying to use the "delete" command in there doesn't work.
  Anything you can tell me?

  Hi,
  If you are under All Servers dashboard, you may right click on the server which you want to remove and select “Remove Server”. If you want to remove a server from a Server Group,
  you may right click on the server which you want to remove and select “Remove Server from Group”.
  Please note, you cannot remove the current server from the All Servers dashboard.
  Regards,
  Arthur Li
  TechNet Subscriber Support
  If you are
  TechNet Subscription user and have any feedback on our support quality, please send your feedback
  here.
  Arthur Li
  TechNet Community Support

• IPv6 ACL host limitation also for private network?

  Hello,
  I'm using a cisco WS-C3750G-24TS-1U 12.2(44)SE5. I know the IPv6 ACL limitations for this hardware
  However, I think that private network(fc00::/7) should not be the case. In my case, I'm using EUI addresses.
  switchcore(config-ipv6-acl)#permit tcp any host 2001:0:0:0:222:64ff:fec2:1f5a eq www sequence 20
  switchcore(config-ipv6-acl)#permit tcp any host 3FFF:0:0:0:222:64ff:fec2:1f5a eq www sequence 20  
  switchcore(config-ipv6-acl)#permit tcp any host fdc8:0:0:0:222:64ff:fec2:1f5a eq www sequence 20
  % Host address FDC8::222:64FF:FEC2:1F5A can not be supported
  % ACE can not be added
  % Failed to modify access list
  switchcore(config-ipv6-acl)#permit tcp any host fc00:0:0:0:222:64ff:fec2:1f5a eq www sequence 20
  % Host address FC00::222:64FF:FEC2:1F5A can not be supported
  % ACE can not be added
  % Failed to add access list
  Is IOS right?

  Hum... yes, you are right. I missed this point. Thanks.
  Anyway, "Private Network" would fit very well in this list
  –aggregatable global unicast addresses
  –link local addresses

• One server for two networks

  Hello,
  I do not already have a Mac Server but I'm planning to buy one, but first of all I got a question.
  Is it possible (if the server has two or more ethernet ports) to divide the services on the different ports ?
  In my example I want to represent my homepage and other web services on the one ethernet port, that is connected to the web and on the other port I want to enable screen sharing, xgrid and so on to support the local network. I now want to know if it is possible to set up different options for every ethernet port.

  Is it possible (if the server has two or more ethernet ports) to divide the services on the different ports ?
  You can have (and use) as many ports as you like. Most of my servers have 4.
  The issue is in controlling the services. By default, each service will typically listen on all interfaces, meaning they're available from all networks.
  To do what you want requires a little tuning of each service to tell it how and where to run. The configuration is based on the service (which ports to run on) rather than the port (which services to support).
  The specifics varies by service. It''s easy, for example, to do this with Apache - just tell it the IP address for each site and you're done. It's relatively easy for most of the file sharing protocols. Off hand, I can't think what's involved in ARD or XGrid.
  Worst case, even if there isn't an easy mechanism for binding a service to one port, there's always the firewall which you can use to block traffic on the ports you don't want. Not a perfect solution, but it does help.

• Setting up a Server for Small Network

  I have a workgroup of 3 people all on macs running OS X. I have a PowerMac Quad and I want to set it up as a server so that my entire workgroup can access files from it in order to run InDesign and InCopy. How do I do this?
  Thanks in advance!

  OK, so I guess that I had already figured out that this is your first network. Let's have some fun...
  But in your your first post, you stated:
  I have a PowerMac Quad and I want to set it up as a server so that my entire workgroup can access files from it in...
  And no, 'server' won't be a separate user on the Quad. The Quad is the server, right?
  Quad=Computer=server.
  You are configuring the Quad with several new accounts.
  You
  Joe
  MaryLou
  Find this in SystemPreferences>Accounts. Unlock. Click the little Plus sign to add users.
  I would suggest setting the Quad with a static IP address inside your little LAN (local area network). You can find the steps by searching this group for 'static ip', or looking into systempreferences>Network>Built-In...
  You should really read up on some of these network basics (like finding IP address...)
  Don't apologize for your ignorance. Ignorance can be cured, but you'll need more than a hand-holding here in the Discussions.
  I will help, but show us that you're willing to help, too.
  Stop back when you've learned how to:
  a) find your IP address,
  b)set the Quad with a static IP,
  c)search the Discussions

• Publishing iCal - which URL of lion server in private network???

  I was looking in apple support and in the web for hours, I simply want to publish may calendar on my private server (NOT in the internet!) services are already running (profilemanager, iCal...). When I open iCal on my client (MacBook) and want to publish my calendar, I am asked for the base-URL of my private server, I tried it with "server.local", "macintosh.local", "192.168.1.xx" - always get the answer: "invalid URL"

  I would suggest creating a directory in the Documents directory called something like ical. Do a "sudo chown www:www ical". Set the Web folder in Server Manager to /Library/WebServer/Documents/ical and you should be away. The URL for publising would then be http://aaa.bbb.ccc/ical
  (I also turned off the performance cache.)
  I've had a range of problems with the way virtual hosts work on 10.4. (It seems even the order of stuff inside each virtual host file in /etc/httpd/sites can screw things up - go figure) As you guess, permissions seem to be at the heart of it.
  Hope this helps

• SE/30 as print server for Tiger Network

  Is it possible to use an SE/30 running 7.5.3 to act as a print server on a Tiger network?
  SE/30 has an ethernet card installed. Network involves a Linksys WRT54G. AppleTalk is on, because I print to a LaserWriter 4/600.
  The reason for asking, is that the Assante EtherTalk box is troublesome. (Altho' it's about 6 years old.) When there is a power interruption, it is very uncertain whether I can see the LaserWriter again.
  By using the SE/30, I could connect the LW to it with the simple LocalTalk connection, and bypass the Assante stuntbox.
  Help would be most welcome.

  LocalTalk Bridge 2.1 Information
  The Apple LocalTalk Bridge is an unsupported tool used to share LocalTalk-only devices, such as some LaserWriter printers, PowerBook notebook computers, or Newton MessagePad communications devices, on an Ethernet, Infrared, or Token Ring network. With the LocalTalk Bridge, you can access an Ethernet, Infrared, or Token Ring network while maintaining a seamless connection to your LocalTalk network. Again, this is an unsupported tool and has been provided solely as a convenience. Apple makes no warranty or representation, express or implied, with respect to this program, its quality, performance, or fitness for a particular purpose.
  System requirements for the LocalTalk Bridge
  System software version 7.1 or later.
  Either classic AppleTalk networking software or Open Transport version 1.1 or later. For machines running Open Transport, version 1.1.2 or later is recommended.
  Memory requirements:
  • The LocalTalk Bridge driver requires approximately 70K of RAM to run.
  • Open Transport requires a minimum of 5MB of RAM for computers with 68000-family microprocessors or 8MB of RAM for computers with PowerPC microprocessors. Open Transport memory requirements are based on total system memory including virtual memory, minus the size of any RAM disk and disk cache you choose.
  Hardware Requirements:
  • The LocalTalk Bridge requires at least a 68020 processor.
  • Network interfaces to include one LocalTalk port and an alternate interface (Ethernet, Token Ring, or Infrared).
  Available on the Older Software Downloads page:
  http://www.info.apple.com/support/oldersoftwarelist.html#netcom
  Look for this string to download:
  Macintosh/Networking-Communications/OtherN-C/LocalTalk_Bridge2.1.smi.bin

• Time Capsule as DHCP Router and DNS server for larger network - too taxing?

  Ok, let me say first that I'm no networking expert, but I have tried to learn a decent amount over the years. I haven't got quite gotten o the level of combing router event logs, though I intend to do that as my next step. My question here though is if my overall network strategy is flawed.
  My setup at home is one that may be a bit more extensive than most users have:
  Cable modem -> Time Capsule -> Multiple gigabit switches (business grade) -> Wired Cat5e throughout the house and 2 Airport Extremes. I don't know how many total wired and wireless clients I have, but it may be between 30 and 40 (only a few are computers with the rest being game systems, networked DVRs, audio streamers, NAS, etc)
  At the moment, the Time Capsule only backs up one machine - a MBP (I have external HDDs connected directly to the desktops). I don't use the TC's HDD for anything else. Also, I have the network configured so that the TC handles DHCP addressing and NAT. The Airport Extremes are in bridge mode.
  For the most part, everything works very well. Internet speeds are good, audio streaming works well, no problems with TC backups, etc. The only issue I've run into are dropouts when streaming video content on the network from one device to another (not form the internet). Basically, the stream will pause and then an error will pop up on screen saying that there was a network problem. Now, I know that the specific devices themselves may have issues of their own, but since it's happened on more than one system, I'm wondering if there is a common network culprit- expecting the Time Capsule to handle its duties especially while it is doing a backup.
  Here are a few thoughts I have:
  1 - From a technical standpoint, I don't know if all client to client network traffic goes through the TC. I was thinking that communication could happen between devices on the same switch without having to go up to the TC and then back down, but maybe I'm wrong. If I am wrong, that certainly is a bottleneck right there. I'm not segregating the video streamers to their own subnet on a new router to isolate the traffic. I'm also not sure if the bottleneck is impacted by static vs dynamic IP addressing. IOW, I don't know if setting the devices up with static IPs would change the flow of traffic to not have to go through the TC (just flow across the switch) or not.
  2 - Long ago in a different network setup, I had allowed the wireless access points to assign IPs. However, I found that doing so sometimes created problems accessing some of those devices from a computer or device on a different subnet. As such, I switched over to having the router connected to the modem do all the IP addressing. Maybe this is a bad idea given the temporary nature that some devices will hop on and off the network.
  3 - Additionally, in the interests of getting better wireless coverage over the whole house, I switched to using 2 airport extremes configured to use the same SSID (so that devices moving around the house wouldn't need to specifically change networks in order to get better signal). I guess I could let one of those 2 handle IP addressing while the other is in bridge mode (pointing to the primary Extreme vs the TC).
  4 - Kind of getting back to the TC as the bottleneck, maybe it shouldn't handle network wide DHCP and NAT duties. If TC backups take network priority, such that other kinds of traffic could hiccup, then I probably need to rethink where the TC should exist in the network. Or, maybe it would be enough to just have the stream sensitive components be on their own subnet.
  I know there are potentially multiple flaws in my current strategy, so any suggestions or attempts at correcting my assumptions would be helpful.
  Thanks!
  Jeff
  Message was edited by: Rgbyhkr
  Message was edited by: Rgbyhkr

  Welcome to the discussions!
  1 - Everything goes through the router when it is setup to handle DHCP and NAT
  2 - You want your main router, the TC, to handle all DHCP and NAT functions. It will handle up to 250+ connections, so 30-40 devices won't be much of a challenge
  3 - Keep both AirPort Extremes in bridge mode to allow the TC to handle the things in #2 above. If you setup an Airport Extreme to give out IP addresses, you'll create a Double NAT issue on your network...which can slow down communications between devices...the thing you are trying to avoid. If you use Xbox live or other interactive services, the online features will not function with a Double NAT on your network.
  4 - You want the TC to handle all DHCP and NAT functions as in #2. I assume that you have no single run of CAT5e more than 300 feet.
  5 - If you want to create separate sub nets correctly (the AirPorts won't allow you to do this as they are designed for basic home networking), you'll need to look at routers for professional and commercial use, like Cisco.
  With as many devices as you have, you may be running out of bandwidth at times. If you only notice the issue during Time Machine backups, and you don't need to backup each hour, take a look at Time Machine Editor to setup backups whenever you like, maybe once a day at 2 AM when things on the network are quiet.
  My suggestions are of course opinions. Hopefully you'll receive some other possibly differing views.

• OS X server for local network Drupal web development

  HI All,
  First post here, so here goes, please go easy
  Background
  We're a small web development shop and bought a mac mini server so we can collaboratively develop our websites. Previously we have all been using MAMP on each of our local machines to develop Drupal websites.
  *Help needed*
  I've tried configuring some custom sites through the web services preference pane, but have no luck in viewing these custom sites from our other mac clients.
  Ideally we want to virtual host multiple sites on our server that we can see on our local network.
  We only want to connect/browse the server locally , so I'm a bit stumped on the need to set up DNS.
  Ideally i would like to browse the server directly by entering the IP address (and port number if need) followed by the site name.ie:
  http://myserve.local/mydevelopmentsite
  Essentially, i would like to replicate MAMP functionality - hosting multiple sites on the server that can be collaborated on from the local machines.
  I've really found it hard to find any configuration information via search, most topics seem to refer to modifying regular OSX installs to work as a server. My understanding is that as OSX server has all the necessary LAMP components that this should be a fairly straightforward task.
  If anyone can share any links, advice or tutorials that would be much appreciated.
  Best Regards
  Hixster
  Message was edited by: hixtser
  Message was edited by: hixtser
  Message was edited by: hixtser

  We only want to connect/browse the server locally , so I'm a bit stumped on the need to set up DNS.
  Ideally i would like to browse the server directly by entering the IP address (and port number if need) followed by the site name.ie:
  By default, virtual hosting setup via Server Admin use name-based virtual hosting, meaning that Apache looks at the hostname in the request to work out which site configuration to use. That's why you need DNS - a way to map the numerous names to the various sites you've configured, e.g.:
  http://site1.server.local/ -> site 1
  http://site2.server.local/ -> site 2
  (where both site1.server.local and site2.server.local resolve to this server's IP address)
  It is possible to do port-based virtual hosting (where you include the port number in the URL) - to do this you leave the hostname blank in Server Admin and ensure that each site has a different port number configured.
  http://server1.local:8001/ -> site 1
  http://server1.local:8002/ -> site 2
  There's no easy way to map URI elements to different sites, e.g.:
  http://server1.local/site1 -> site 1
  http://server1.local/site2 -> site 2
  This can be done by editing Apache's configuration directly, but you can't do this via Server Admin (unless you really are just mapping to different directories and not entirely different sites).

• How can I set a different proxy server for different networks in user.js

  I need to automatically set the proxy configuration depending on the network I am connected to. Can this be done through the user.js?
  Simple logic would be:-
  if IP=10.20.30.0 use proxy A
  if IP=172.18.19.0 use proxy B
  else DIRECT
  Thanks
  Leon

  No, you can't do it that way.<br />
  You could create a set of files user.js and use a bat or cmd file to copy the file with the proxy setting that you want to use to user.js and then start Firefox.
  <pre><nowiki>cd <path to profile folder>
  delete user.js
  copy user-proxy1.js user.js
  start "" "C:\Program Files\Mozilla Firefox\firefox.exe"
  </nowiki></pre>
  You can also use an extension.
  *FoxyProxy: https://addons.mozilla.org/firefox/addon/2464
  *QuickProxy: https://addons.mozilla.org/firefox/addon/1557
  *SwitchProxy: https://addons.mozilla.org/firefox/addon/125

• Setup Lion Server for use in Small Office of Windows & Mac Clients

  I've purchased a Mac Mini Server with Lion Server installed to be used in my small office of less than 10 people.
  The primary goal of this server is to used for File Sharing, bother locally, and remotely.
  In the process of setting up Lion Server I have come across a couple things that I am confused about.
  The first is Open Directory.
  It is my understanding that this is not a necessary setup for the number of users in my office, however I set it up anyway as it appeared to be something that would be useful in the future.
  I have come across information that states Lion Server will not be accessible for Windows users connected via Open Directory. Thus my inclination is to disable the service, and set up my users as local users.
  My question is, for local and remote File Sharing, is there any benefit to using Open Directory?
  The second has to do with Remote Access.
  I am familiar with the notion of a VPN, but I need some clarification as to my remote access options.
  When I go to setup my Server's hostname, I am presented with three options. 1) Host name for local network, 2) Host name for private network, and 3) Host name for Internet.
  I have a domain name for my company's website, so I set up a subdomain (server.mycompany.com), asked my ISP for a Static WAN IP, and pointed thesubdomain to said IP using my DNS. Thus this appears to be option number 3; to allow users to connect to my server from the local network, as well as the Internet.
  My question is, how does this differ from a VPN both in setup, as well as method with which users will access the server? Is there a benefit to one over the other? I would Google this to find an answer, but I can't seem to find a name for what this setup is called.
  I very much appreciate any help you can provide.
  Thanks.

  Well, I spoke too soon.  Lion Server is unstable, awkward and is far too limited to qualify as an Apple product. Even though there's quite a few enhancements, the omissions of technologies in the server 10.6 edition makes this "server" a no go for us.
  Even after installing mysql, I still cannot run a Joomla website on Lion server as it should be done. The wiki's a nice thing to have, but isn't a "professional grade" solution.  There's too much iOS as well.
  With that said, I think it's a shame that apple would put customers through so much frustration and disappointment by releasing such a lame product. In order for us to use Lion server, we would have to be able to run a second (totally separate) instance of Apache. It also appears that server settings are changing to the extent that services become inaccessible as the system is running.