IVPN on non OSX Server, can't mount volumes remotely via VPN

Similar Messages

• Server: Can not mount volume

  Hello,
  I would like to connect my Mac Book Pro leopard to the Server of the office.
  It use to work well before I upgraded to Leopard.
  I usually do:
  ->Go / connect to server
  ->afp://192.168.1.115
  Then Mac recognized the server called "datashield"
  It give me the choice to select the volume "info" or "share"
  When I click one or the other, I have the following message:
  ->A volume failed to be mounted
  Everybody else in the office can connect to the server...
  Does anyone can help me?

  I did run Disk utility.
  It appears that everything if fine.
  Then it my left panel under "share" i do see now the "datashield"
  I can access it and appears the folder "info" and "share"
  I can access "info" no problem.
  I can not access "share". The message is that the original item can not be found.
  We did create "share2". Same problem, the original item can not be found.
  I tried the old way: Connect to server....
  I have exactly the same message error.
  Any other suggestions?

• Can't mount volume in test-tape - timed out waiting for bot

  Hi all
  i am having a setup for OSB ( using windows 2003 ent 32 bit , administrative server + mediaserver ) , i am using HP c1537a scsi Tape drive ( driver details Microsoft 10/1/2012 version 5.2.3790.0 ) , and while mounting the tape from OBTOLL it gives the following error.
  before configuring the OSB i am successfully completed the backup and restoration using windows NTBACKUP utility.
  ob> mountdev -w test-tape
  Error: can't mount volume in test-tape - timed out waiting for bot
  ob>
  please guide me to resolve this issue
  Edited by: 927832 on Apr 22, 2012 9:34 PM

  Did you follow the installation and configuration guide and disable the services that get in the way of OSB operations?
  Thanks
  Rich

• Can't mount volume in tape - device offline

  Trying to test my first backup and it hangs.
  I tried to mount the device and receive the error "can't mount volume in tape - device offline"
  Anyone knows how to fix it?
  Tks,
  Kev

  Please post the output from the following :
  obtool lsdev -lvg
  Thanks
  Rich

• Can't mount volume in obt1 - device offline

  Hi,
  I am trying to mount my tape volume in Manage: Drives, but keep getting the error:
  can't mount volume in obt1 - device offline
  OK, so the volume is offline, but my question is how can i get it online? Anyone have any ideas?
  thx.
  S.

  The error device offline refers to the tape device not volume. When the device is "in service" it should be able to mount the volume.
  In EM, go to the devices page. Insure that the library and drives have a status of "in service" which means the device is logically available to Oracle Secure Backup.

• Server side tracking on non-OSX server

  Does anyone aware of attempts of reproducing server side tracking on non-MacOSX server platform?
  Our primary storage is based on opensolaris + zfs, giving us a lot of advantages. But synchronization of mobile users always takes some serious amount of time.
  Obviously re-exporting home directories through OSX server doesn't change something, because server side tracking requires filesystem to be local on server.
  I can guess that protocol should be relatively simple and doable on other unixes (as soon you get some way to track filesystem changes).

  while part of it may be technically feasible, i've never seen or heard anything about implementing server side tracking on a non-os x server. at the very least, the server runs sshd on an alternate port for client communication. beyond that, i don't know what magic is involved.
  in practice, i haven't seen it work reliably on os x server, though i haven't done any testing with this enabled on 10.6 server yet. it may not be worth pursuing.

• I have Minimac with OSX Server - can I reload it with Mountain Lion?

  I have a minmac and runs OSX Server. I do need the server control so can I go ahead and restore with Mountain Lion?

  Actually, when you install Mountain Lion client, the Lion version
  of Server and its components will be quarantined as an incompatible
  app and could then be disposed of.
  So either delete before or delete after willl work.

• I have a Mac OSX Server - can this be upgraded to Mavericks?

  Am confused about whether I can update my OSX Server to Mavericks?( I have 4GB of memory.)  And if so, which application do I choose to do so - Safari?

  So the first question is, what version of OS X Server are you running now and what model machine is it running on?  The second question is what services is your current server running?  The third question is what client devices are you supporting?  These will help answer if you can or should.
  If you decide you want to the general process is:
  1:  MAKE SURE YOU HAVE A BACKUP.  This is not just that you have some files in two places.  Make sure you have a regression plan in the event the upgrade fails.  I can not stress this enough.
  2:  Upgrade the device to Mavericks 10.9.2.  This is "purchasable" through the Apple App Store.  Please note, Mavericks 10.9.x is free.  However, you need to associate it with an Apple ID.
  3:  Purchase Server.app from the App Store.  This is $20 USD.
  4:  Run Server.app to upgrade your services.  Test.  Cross fingers.
  R-
  Apple Consultants Network
  Apple Professional Services
  Author "Mavericks Server – Foundation Services" :: Exclusively Available in Apple's iBooks Store

• Can't mount volume

  i've got a second hard drive and in doing some copying and the program coming to some error and crashing (no error reported, but it was while using Carbon Copy Cloner and after the copying was finished.
  The disk was showing issues and Disk Repair in Disk Utility said it had a Volume Header error that it couldn't fix. when I have the drive in, I can't even boot up (even though it's not my startup drive) It just sits at a blank, gray screen (as if it's about to show the dark gray apple logo and spinning busy thing at the bottom, but it doesn't.
  Sounds like this volume header error is causing the problem, but I dont have a clue on hwo to fix it, since I can't even mount the thing.
  What if I was able to boot up with the drive's IDE and power plugged in, but the computer won't try to mount it. Instead, I'll mount it using diskutil at the command line. Maybe if I can mount the correct partition, it will 'ignore' the boot partition and I can get it mounted as a temp fix? I just don't know the /dev/xyz path
  EDIT: this kind of makes sense to me... if i can go into single user mode on the good drive, plug the second drive in and then manually mount it. if it works, i can run fsck. thoughts?

  I tried your advice and some other things. Here's what I've come up with:
  - both hard drives work
  - both can be mounted, but NOT AT THE SAME TIME
  - having both connected (physically) at startup causes the computer to hang at the gray screen and never displaying anything more (no apple logo either). there's a little pin beside where the IDE cable goes in, and both drives are properly connected as Master w/ Slave and Slave, respectively.
  - i can boot into both. in order to make the volume on the 2nd drive, i just had it archive the OS on there and replace it off my OS X cd. I told it to keep the user data for the new installation, but when i got to the login screen, no usernames worked. by default, the clue option wasn't on, so i couldn't even see if it somehow had an old copy of the password file (although i would think that's a stretch)
  The only other info I think I've left out is that the second drive's volume still has its original name, so it's not like it somehow got to become literally an exact duplicate of the original, first hard drive's volume (initially, i wondered if that was the case and that the computer thought it was trying to mount the same volume from two locations)

• Can you create a Remote Access VPN connection to tunnel DMZ LAN and Inside Networks simultaneously?

  I have a customer that has a ASA 5510 version 8.3 with IPSEC Client Access that includes some of their networks on the Inside interface.   The issue they are having is when their mobile users connect with the vpn client (which is using split tunneling), they can no longer access their web server applications that are running in the DMZ.   Without the client connected, they access the web servers via the external public IP.  Once they are connected via vpn, their default dns server becomes the internal AD DNS server, which resolves the DNS of the web servers to the private DMZ ip address. 
  Can a Remote Access VPN client connection be allowed to connect to both the DMZ interface and the Inside Interface? I had always only setup RA VPN clients to connect to networks on the Inside Interface.  
  I tried adding the DMZ network to the Split Tunnel list, but I could not access anything it while connected to vpn using the private IP addresses.

  Yes, you should be able to access DMZ subnets as well if they are added to the split tunnel ACL. You could check the NAT exemption configuration for the DMZ and also check if the ASA is forwarding the packet through DMZ interface by configuring captures on the DMZ interface. 
  Share the configuration if you want help with the NAT exemption part.

• Do I need to run DNS on a colo server being accessed remotely via VPN?

  My Mac Mini Server is located in a colo site. We generally use it for Web, email and a couple of application-specific services. It has a dedicated IP address. We have a separate DNS service we use to point to the domains on the server located remotely from the server. Forward and reverse lookups work fine from the server, even though the local DNS service is turned off.
  However, we now have a couple of things we want to access remotely on the server via VPN (for example, some files via AFP). The firewall blocks remote AFP requests (using the built-in firewall, not a separate box). We can connect via VPN without problems. However, AFP does not work. If I allow AFP in the firewall and try to connect, no problems at all.
  Since the Mini is located by itself and will never likely have anything connected to a "local network" (never running DHCP, etc.), there generally doesn't seem to be a need to run DNS on the server.
  I suspect the problem is that when you VPN into the server you are on its "local network", whatever that means, so the DNS does not resolve since the local DNS service is not running. However, I am not positive of this.
  Must we run local DNS? Does it have to mirror the remote DNS that we currently reference? Can we somehow "reference" the local DNS from VPN clients trying to access local services?
  I hope this question makes some sense.

  Bear with me please....
  The Mac Mini is in a data center on a shelf, getting a direct connection to the Internet via ethernet with a fixed IP address (under the covers, I suspect that the data center is using some sort of router or switch, but I am not paying for a hardware firewall or other gateway). There is no local network for the Mini. It is not running DHCP, not handing out NAT addresses, etc. DNS is currently off. Rather than using the local DNS, the Mini is resolving its DNS needs with a DNS server located at another site, over the Internet. This seems to work fine (i.e., changeip confirms it is working and services seem to work).
  I am currently using the software firewall built into SLS.
  I want to turn on VPN so that remotely located computers can access services on the Mini without having to make the services visible through the firewall.
  I am able to connect devices via VPN with little difficulty (iPhones, Macs, etc.). However, when I try to access services (let's use AFP as an example), I cannot access them UNLESS they are allowed through the firewall. This tells me that I am not seeing the services through the VPN, but rather through the Internet directly.
  What I meant by "local network" is that the VPN allocates local IP addresses when devices log into the VPN service (10.0.x.x). There is no DHCP allocating these addresses, just VPN.
  My question is: why can I not see the services on the Mini blocked by the firewall when successfully logged into VPN on the server? Isn't the whole point of the VPN to gain access to services behind the firewall?
  I am guessing (with no particular information to support my thesis) that somehow without DNS running on the Mini, VPN clients are unable to access services on the Mini. I do not know for sure, however, if this is the problem. If it IS a problem, then the question is whether I should completely copy the DNS entries from the remote DNS server to the Mini and start the service. Will that solve the issue? Create conflicts with the DNS (since it is now located on both a remote service and on the Mini)? It certainly will create a maintenance headache since now I will have to maintain the DNS in both places.
  I am hesitant to migrate all of my DNS services to the Mini (because I will also have to go to the domain registrars to change where they point, etc.) to eliminate the remote one. And I am not sure it will solve this problem anyway.
  Sorry for all of the typing!

• Starting Weblogic Server Cluster remotely via VPN

  We have a site-to-site VPN setup from our office to our ISP so we can
            control our system remotely. We can stop our Weblogic servers (in a
            cluster) remotely via the VPN no problem via the "stopweblogic.cmd" command
            where we just change the IP address of our remote server. We're having
            trouble starting them through the WebLogic console applet. We can bring the
            applet up & running, but no luck starting them.
            Is there another way to start your weblogic servers (besides using something
            like PC Anywhere).
            Or is there any documentation that could point to an answer here?
            Any suggestions?
            Mike Kendzierski
            B2BGalaxy.com
            

  1. "myserver" is the name of the server. It doesn't want the name of the
  machine the server is on.
  2. It is possible that something is wrong in the license file. I've made a
  typo when changing the license on my server that prevented weblogic from
  starting.
  Hope this helps.
  "Hilmar" <[email protected]> wrote in message
  news:[email protected]..
  >
  When I start WebLogic server using startweblogic.cmd everything seems tobe okay.
  Using the 'Start a new WebLogic server or cluster' command from WebLogicConsole
  5.1.0, I get the following error message:
  Attempting to start server on the machine running the console using
  C:\weblogic\jre1_2\jre\bin\java.exe -mx32m -ms32m -classpath"C:\weblogic\jre1_2\jre\lib\rt.jar;C:\weblogic\jre1_2\jre\lib\i18n.jar;C:\we
  blogic\lib\i18n.jar;C:\weblogic\classes\boot;C:\weblogic\eval\cloudscape\lib
  \cloudscape.jar"
  -Dweblogic.class.path=C:\weblogic\license;C:\weblogic\classes;C:\weblogic\myserver\serverclasses;C:\weblogic\lib\weblogicaux.jar
  -Dweblogic.system.discardOutAndErr=true -Djava.security.manager -Djava.security.policy==C:\weblogic\weblogic.policy
  -Dweblogic.system.name=kenapp00111 -Dweblogic.system.home=C:\weblogic -Dweblogic.cluster.enable=false
  -Dweblogic.cluster.name=mycluster -Dweblogic.system.listenPort=7001 -Dweblogic.system.SSLListenPort=7002
  -Dweblogic.cluster.multicastAddress=237.0.0.1 weblogic.Server
  $$$$$$$$$$$$$$$$ License Exception $$$$$$$$$$$$$$$$
  Loaded License : C:/weblogic/license/WebLogicLicense.xml
  However Unable to start because :
  No License found for WebLogic
  As well as the fact that: No License found for Tengah
  As well as the fact that: No License found for WebLogic/JDBC
  As well as the fact that: No License found for Tengah/JDBC
  As well as the fact that: No License found for jdbcKona/T3
  Is the 'server name' the name of the machine or 'myserver' ? Could therereally
  be something wrong with the licence file ?
  Thanks for helping !
  Hilmar

• Adding a Server at a New location - linked via VPN

  I found some old posts so I thought it would be a good idea to create a fresh post.
  Site A - Windows 2012 + Exchange 2013
  3 - 4 users at 2nd site (Site B) connect via VPN (and some home users)
  Number of users at 2nd site is to increase and also need local server resources.
  Never done this sort of thing... is there any step-by-step
  What I was thinking:-
  Add a member server whilst at Site A
  Setup Site-Site VPN at the Router level
  Move the 2nd Server to Site B
  is that practical ?
  ChrisS

  Hi,
  If I were you, I would give a similar solution. You can do like that.
  Please feel free to let us know if there is any problems during the deployment.
  Thank you

• Can't access management interface via vpn connection

  Hi all,
  I can't seem to be able to manage my ASA 5510 when I connect via vpn. My asa sits at a remote colo, and from my office i can connect fine. I have it configured as management-access (dmz), bc as of now we are just doing some staging and all the servers are in the dmz interface.
  When i connect with the vpn client, in the routes it sees 192.168.1.0 255.255.255.0 which is the management network/interface.
  For some reason I can't get access to 192.168.1.1 to use the ASDM.
  Here is how i did my vpn via CLI
  isakmp enable outside
  isakmp identity address
  isakmp policy 10
  authentication pre-share
  encryption des
  hash md5
  group 2
  lifetime 86400
  ip local pool vpnpool 10.1.1.2-10.1.1.10
  access-list split_tunnel standard permit 192.168.200.0 255.255.255.0
  access-list split_tunnel standard permit 192.168.100.0 255.255.255.0
  access-list split_tunnel standard permit 192.168.1.0 255.255.255.0
  group-policy xxxxx internal
  group-policy xxxxx attributes
  dns value
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value split_tunnel
  username xxxxx password
  username xxxxxx attributes
  vpn-group-policy xxxx
  username xxxxxx password
  username xxxxxx attributes
  vpn-group-policy xxxx
  username xxxx password
  username xxxx attributes
  vpn-group-policy xxxx
  tunnel-group xxxx type ipsec-ra
  tunnel-group xxxx general-attributes
  address-pool vpnpool
  tunnel-group xxxx ipsec-attributes
  pre-shared-key
  access-list vpnra permit ip 192.168.200.0 255.255.255.0 10.1.1.0 255.255.255.0
  access-list vpnra permit ip 192.168.100.0 255.255.255.0 10.1.1.0 255.255.255.0
  access-list vpnra permit ip 192.168.1.0 255.255.255.0 10.1.1.0 255.255.255.0
  nat (inside) 0 access-list vpnra
  nat (dmz) 0 access-list vpnra
  nat (management) 0 access-list vprna
  crypto ipsec transform-set md5des esp-des esp-md5-hmac
  crypto dynamic-map dynomap 10 set transform-set md5des
  crypto map vpnpeer 20 ipsec-isakmp dynamic dynomap
  crypto map vpnpeer interface outside
  Any help would be much appreciated

  it seems like you are missing a line:
  management-access "interface"
  http://www.cisco.com/en/US/docs/security/asa/asa71/command/reference/m_711.html#wp1631964

• Can't mount share points over VPN after moving server

  I'm tearing my hair out over this one. We have a server that was located in our office. I just moved it downtown to a colo center (no longer in office) and set up VPN access.
  However, nobody is able to mount the server share points, even though the connection to the VPN seems to work fine (e.g.: I choose "connect to L2TP..." and it connects, VPN icon shows I am online with the server).
  Any attempt to mount a share point fails. I've tried using afp://servername.com and I've tried afp://64.xx.xx.xx (where that's the machine's public IP address). Am I supposed to use a different address (such as an internal 192 address that works over the VPN) or should I be able to mount the afp point using the server public domain name? Should I try NFS?
  Any help would be appreciated -- really need to get access to this system's files again! Thank you!

  Morris Zwick wrote:
  And does anyone know which IP you enter for your sites in the web service? The public static IP or the internal private static IP?
  For the external DNS server I am sure you have already deduced that it should be the static IP issued you by Comcast and this will be forwarded by your router to your server.
  For your internal DNS server you could use either the internal LAN IP, or the external IP although the later might be affected by your firewall so this you will need to test.
  For the Web Server service in Server admin, if your only running a single website you could avoid the issue by just using the wildcard entry which will respond to any IP address, so this would be an empty host name and an IP address of *
  In fact you don't have to specify an IP address you could just use the hostname, so it will listen to traffic arriving at your server addressed to any IP address and as long as the URL that was requested includes the hostname you define for the site it will get responded to. So if as an example you have two websites you want to serve
  www.example.com
  site2.example.com
  then as long as both have the IP address for the site as an * (asterisk) then both should work as separate sites for traffic addressed to either the LAN or WAN IP address of the server.
  You will still need to use two IP addresses on the server to enable VPN, you could use a USB Ethernet adapter for the second one. Port forwarding for VPN is not as simple as other traffic as VPN requires traffic different to the standard IP and UDP packets. Routers that support 'VPN Passthrough' are specifically designed to accomodate this but I don't know if the AirPort Extreme does this. I have also found PPTP copes better with this sort of setup than L2TP although PPTP is generally regarded as less secure.