OpenDNS Setup on SLS
Hello all,
I am really new to server admin so I need some very basic step by step help.
I recently set up an older mac mini with snow leopard server to provide file sharing for my household of 6 people. I have network accounts set up for everyone. My house has 2 iMacs, 2 macbooks and miscellaneous ipod touches and iphones. My network goes out through an AEBS. DHCP is done by my AEBS. I have a dynamic IP address through my ISP. The server is for internal network file sharing, network accounts centralized time machine backups only.
Prior to installing the server, my AEBS was set to use OpenDNS but this has changed since I installed my server.
How do I go about setting up all network traffic to go to Open DNS? My main reason for wanting to do this is for content filtering and some site blocking (World of Warcraft).
Thanks in advance for your help. Please keep your responses simple. I am a newb.
Devin
Here is how to [set up the DNS server|http://labs.hoffmanlabs.com/node/1436] on the server, and then set the forwarders to OpenDNS servers.
Reconfigure anything else on your LAN that aims to a DNS server other than your own server, including the Airport Extreme; it all aims at your server either explicitly or via the DHCP-provided DNS server setting, and your server (via its forwarding) aims at OpenDNS.
This also inherently gets you LAN-local DNS services, which means you can name your network printers or other static-IP devices on your LAN.
Similar Messages
-
I have a new MacMini SLS and I need to make sure I am doing things right. I have BrightHouse Business Cable service with 5 static and one with RDNS for apple.ourdomain.com pointed at 1 of the IP's which is currently connected to our new AEBS. The AEBS is DHCP for LAN side and has been setup with ISP DNS.
When setting up SLS, the server finds that it's internet hostname is apple.domain.com as it should but computer hostname is just always set to apple. Once server is running all e-mail sent comes from [email protected] instead of domain.com which is fixed by adding an alias in the hosting section of mail. But the server itself in DNS is set for the domain apple.domain.com instead of domain.com with an NS of apple.domain.com is this ok? If during setup I change apple.domain.com to just domain.com then dns looks funny again as the domain would be right but the ns is then just set to domain.com instead of apple.domain.com so either way in my mind it's wrong. I just want to do it once and right so that the server runs smoothly and I am not sure what to do.Works out just fine.
Primary address = 10.0.200.2
Current HostName = apple.ourdomain.com
DNS HostName = apple.ourdomain.com
The names match. There is nothing to change.
dirserv:success = "success" -
OpenDNS setup and question?
Hi all,
My children have reached the critical age - they starting to use the internet...
In order to protect the content they can reach, I want to set up my router to use OpenDNS. However I want our desktop to use regular DNS.
So if I set up the router to use OpenDNS DNS is there a way to give our desktop running on arch obviously to use google DNS?
If possible how to set up the desktop to use Google dns?
Looking forward for your reply,Many thanks for the prompt reply.
I want to set up the router because of the amount of devices connected to it they have access to it - a media box, tablet, etc
Just to be sure, if I set up the router with OpenDNS and my desktop's '/etc/resolv.conf' will that work?
So the file should look like that: (?)
# Generated by dhcpcd from eth0
# /etc/resolv.conf.head can replace this line
domain lan
nameserver 8.8.8.8
nameserver 8.8.4.4
# /etc/resolv.conf.tail can replace this line -
Setup DNS in Snow Leopard HELP!!!!!!!
I would like to have step by step instructions on setting up DNS in Snow Leopard.
Now I can setup DNS in Leopard Server with my eye's closed, but SLS is giving me
trouble.
The only service I have running at present is DNS.
The problem is SLS what to enter in the nameservers zone field.
I am using readsrv for the server name, when setup asks for a dns name I entered macbook.com
So the final FQDNS should read readsrv.macbook.com.
Also how does the Reverse DNS setup in SLS ???
Leopard Server would automatically create this field, but I do not see this in SLS DNS Settings.
I get this error in terminal.
macbook:~ sls$ sudo changeip -checkhostname
Primary address = 192.168.1.30
Current HostName = macbook.com
The DNS hostname is not available, please repair DNS and re-run this tool.
Thank you all in advance, please help me out.
Message was edited by: Mike DarlandHere, you'll want to get a registered domain or use something severely unlikely to get issued as a real domain (host.mikedarland or some other such domain), unless you're tied in with the folks that have the macbook.com domain registered. Folks are activating new top-level domains (TLDs) like .travel. I'll refer to the domain and the zone example.com here, as this is an RFC-preferred domain name for (duh) an example domain.
Get a good and restorable backup of your disk before you start.
Launch Server Admin.
Select the target server, select DNS, stop DNS.
Select Settings.
Select the forwarding server(s) as your upstream ISP DNS server(s).
Select Zones.
Clean out all of the zones you see there.
Add a forward primary zone for example.com. (note that trailing dot), and select the DNS server for that zone as 192.168.1.30 or whatever the address of your host. (And as an aside, I'd get out of 192.168.0.0/16 just as soon as I could manage it, as that messes up VPN routing if/when you get there.)
You'll get a reverse zone created gratis.
Add an A record for hostnames; here using "hostname".
For testing: aim one of your clients at the DNS server at 192.168.1.30 (or whatever the IP address) via explicit selection in Network Preferences or such. Aim dig hostname.example.com, and (presuming that kicks back an address), aim a dig -x w.y.y.z query to test the reverse translation.
After you have it all working, aim your clients at the box via explicit specification for via DHCP setting. Do not reference the ISP settings directly. -
Server settings for iCal push?
How to get iCal to push from server to computers running os x 10.6?
You need to use the search function for this question in this forum. There are many many threads on how to get this running.
First - download and read all the Apple SLS server docs.
Second - run by Barnes and Noble and pick up a copy of SLS - Developer Reference. (I have no affiliation)
Concerning the iPhone.
Forget it.
'nuff said on that one...
Edit: After reading this again, it appeared to me that I was sounding like an a$$. Sorry. It was not intended that way.
However, the forum does have numerous threads on how to get push working for iCal on 10.6 clients. It does work and it works quite well for me on my network. Pay particular attention to the order you setup your SLS. DNS must function without errors. You must have an OD master to authenticate users against. Mail services must be enabled to use external invites.
Alot of these services rely on web based protocols and it's "push" features are built around XMPP PubSub protocol which means you must have a working iChat server configured and running and web services running. SSL is needed for most of it.
If you are new to SLS (or Mac server in general) it is worth every single penny of $25 for one month of lynda.com. They have a few Mac OS Server lessons in their library.
As for the iphone - please don't start this one again. It doesn't work. There is no built in OTA sync service agent in the iphone OS. Wait for iPhone 4.0 like the rest of us.
Message was edited by: sbkeith -
I have an iMac, Mac Mini and a Macbook Pro connected to a Airport Extreme Base Station. I normally use a Public DNS Server and I am not sure where to put the DNS URLs. Do I put them on the individual computers or is there somewhere in the Airport Extreme Base Station that they go? where ever they belong please provide location and instructions. Thanks.
Configuring the AirPort Extreme with the DNS makes it so that you do not have to configure each individual computer on the WLAN, the DNS settings will be handed down to the devices when they are given their internal IPs, but as long as the base station does not have a competing/conflicting DNS setup, configuring each individual device, as suggested by Carolyn, works also.
However, something strange can happen sometimes when you use a public DNS setup. I use the one Carolyn suggests, OpenDNS, but I cannot access any of the webpages of my ISP with this configuration. I have Todo en Uno (All in One), a service that provides cable, telephone and internet service from my local cable company, CableVisión. So with the OpenDNS setup I cannot configure the digital options for my telephone service, such as blocking and unblocking Int'l long Distance calls. I have to remove the OpenDNS setting to do so. But I created a work around using Locations in the Network settings. I have one Location with my ISP's DNS settings and another Location with OpenDNS settings. I can quickly switch between the two when I need to access my ISP's website.
Dah•veed -
BUG: Feedback Reporting Tool times out
When JDeveloper throws one of those bugs up and gives you the opportunity to send feedback via their "Feedback Reporting Tool" the connection ALWAYS times out. I'm not behind a proxy server or corporate firewall. The only message that appears is a little pop up in the lower right corner that says "Feed back failed. Root Cause: Connection timed out." How do I fix Bug Reporting so I can actually report the errors I'm getting (and there are a LOT of them).
BTW - the original error that invoked the Bug Reporting window occured when trying to deploy and ADF Jar File. For some reason this particular time it caused an error. I have received the Feedback Reporting Tool window when changing focus within the IDE, deploying, saving, selecting a datasource, etc.
More information from the message log:
Failed to log feedback because of exception: oracle.ideimpl.feedback2.client.FeedbackException: Exception creating LegacyFeedbackWriterFCPAUTO: Already logged bug [IOException in o.i.net.JarIndex:1190]
No.... I hadn't tried to log this bug before either.
Edited by: DMP1970 on Feb 22, 2012 9:40 AMDMP,
If you get that Report a Bug icon again, can you try starting Jdeveloper with this command line argument
c:\oracle\middleware\jdeveloper\jdeveloper.exe -console -J-Dide.internalcheck.verbose=true
Then cut and paste the results into an email to me. john<dot>brock<AT>oracle.com
We see this every so often but it's really random and has been a tough thing to nail down. The last person we had report this, happened to be using a OpenDNS setup and instead of a 404 or some other error being returned when he went to a bad URL, his system would return a valid page with some other information from his DNS. Verizon does this all of the time, returning what they think are useful search results thinking that you may have mis-typed something.
Anyway, please let us know if you get a chance to run that test line above.
Thanks!
--jb -
Push E-mail/iCal to iPhone
We just setup a SLS 10.6.1 server with collaboration services (Email, iCal, web, etc). Push appears to be working to the iPhone though iCal updates do not. Reading through the discussions, it seems push to the iPhone should not be working at all because it isn't supported?!? I guess what I'm looking for is a clear understanding of whether or not push is working in SLS 10.6.1 to the iPhone. Thanks for any feedback you can provide!
You have email push working to the iPhone? I'd love to learn more about how you have things set up as this is what I have been trying to achieve, unsuccessfully, for a while.
Edit: I should add that I just got a Mac Mini with snow leopard server as I was under the assumption it would be able to push email to the iPhone. Reading the documentation (ServerAdmin_v10.6.pdf, chapter 9: Push Notification Server) it is clearly stated that iPhone OS v 3.0 supports this. It just doesn't work.
I spent a number of hours searching various forums, and based on the posts I found, it seems that the email push never really made it into iPhone OS 3.
So: I'd love to learn the specifics about an environment where this works.
Message was edited by: 92656iPhone -
Cannot send Mail when in different country
Hello all
I have setup an SLS as Mail Server. I can send and receive mail OK (no SSL). I had complaints that when clients travel to different countries they cannot send e-mails, even if we have set SMTP with authentication. Is there any way to avoid this? Our static IP responds to the name of the mail server (mail.serveradmin.gr)
host mail.serveradmin.gr
+mail.serveradmin.gr has address 85.72.48.65+
BUT IP itself no:
+host 85.72.48.65+
+65.48.72.85.in-addr.arpa domain name pointer XXXX.static.otenet.gr.+
This is because Greek ISP does not point one static IP to the name of your choice, you have to buy a block of 16 (which is expensive).
In Exchange 2007, you can set the so-called Internet Host Name of the System, and there put the real authoritative answer (XXXX.static.otenet.gr)
Is there anything similar in Dovecot?
Thanks
KostasHere is the postconf output:
As I mentioned before, Greek ISPs does not give you reverse DNS if you have one static IP, only if you buy a 16 block, which costs 50 euros per month.
server:~ admin$ postconf -n
biff = no
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
debugpeerlevel = 2
enableserveroptions = yes
header_checks = pcre:/etc/postfix/customheaderchecks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mail_owner = _postfix
mailboxsizelimit = 0
mailbox_transport = dovecot
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
messagesizelimit = 26214400
mydestination = $myhostname, localhost.$mydomain, localhost, mail.serveradmin.gr, $mydomain
mydomain = serveradmin.gr
mydomain_fallback = localhost
myhostname = mail.serveradmin.gr
mynetworks = 127.0.0.0/8,192.168.16.0/24
newaliases_path = /usr/bin/newaliases
queue_directory = /private/var/spool/postfix
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relayhost =
sample_directory = /usr/share/doc/postfix/examples
sendmail_path = /usr/sbin/sendmail
setgid_group = _postdrop
smtpdclientrestrictions = permit_mynetworks permitsaslauthenticated permit
smtpdenforcetls = no
smtpdhelorequired = yes
smtpdhelorestrictions = rejectinvalid_helohostname rejectnon_fqdn_helohostname
smtpdpw_server_securityoptions = cram-md5,plain
smtpdrecipientrestrictions = permitsaslauthenticated permit_mynetworks rejectunauthdestination permit
smtpdsasl_authenable = yes
smtpdtlsCAfile = /etc/certificates/server.serveradmin.gr.F7C9CE548546D26D67CF51BB96E60F1E130D738 F.chain.pem
smtpdtls_certfile = /etc/certificates/server.serveradmin.gr.F7C9CE548546D26D67CF51BB96E60F1E130D738 F.cert.pem
smtpdtls_excludeciphers = SSLv2, aNULL, ADH, eNULL
smtpdtls_keyfile = /etc/certificates/server.serveradmin.gr.F7C9CE548546D26D67CF51BB96E60F1E130D738 F.key.pem
smtpdtlsloglevel = 0
smtpduse_pwserver = yes
smtpdusetls = no
tlsrandomsource = dev:/dev/urandom
unknownlocal_recipient_rejectcode = 550
virtualaliasmaps = -
How to properly setup domain name ISP v. Registrar
Mac OS Server 10.6 (SLS). I have a static IP which my ISP assigned an alias for ease of their management. I have a domain name from a registrar (not from the same ISP) which is registered using their DNS with an MX record, A records, etc (they do not offer PTR records). When I install SLS and enter the route IP address, it picks up the alias of my ISP which is not my domain name. I am using OpenDNS as my DNS server.
When I ping my domain, it properly resolves to my IP address. When I nslookup my ip address, it non-authoriatively tells me the alias assigned by my ISP (and not my registrar). When I dig my IP address, it shows me my registrars name. Regardless, under Server Admin the ethernet says my DNS is the ISPs.
Help! Should I setup the DNS server so I can manage locally? I do not want to have to pay my ISP additional fees for DNS nor domain name management / transfers? What am I doing wrong, it can't be this hard?
Thanks,
JasI have a domain name from a registrar (not from the same ISP) which is registered using their DNS with an MX record, A records, etc (they do not offer PTR records)
Sure. The registrar has no control over the IP address(es) you get from your ISP. They can't handle reverse DNS for you.
When I nslookup my ip address, it non-authoriatively tells me the alias assigned by my ISP (and not my registrar)
That's correct - the IP address you're using is 'owned' by your ISP. Therefore any reverse lookup will ultimately query your ISP's servers and return whatever name your ISP has defined.
Should I setup the DNS server so I can manage locally?
Generally you don't manage the reverse DNS unless you have your own IP addresses. The easiest solution by far would be to ask you ISP to change the reverse DNS entries for your IP address(es).
Failing that, they can SWIP your IP addresses to you DNS server - this makes your DNS server authoritative for those IPs (in the same way you can be authoritative for your domain), but that's more work, and many ISPs refrain from doing that.
I do not want to have to pay my ISP additional fees for DNS nor domain name management / transfers?
Are they charging you for this? Then change ISPs. I'm not aware of any ISP that charges for setting up reverse DNS for clients. -
10.5 Server : Standard Installation : Newbie Tutorial / Setup Walk-Through
Hello all,
I recently setup OS X Server 10.5 for a client after doing it many times at my home. I could not have possibly done it without the help of this discussion board so thanks to everyone asking and answering questions!
To help other server newbies easily setup Server 10.5 (as apple claims), I'm hoping to make a basic installation procedure that will always work for newbies. Right now it's not exactly "detailed" - just the basic steps to ensure success.
Below is my setup procedure that has worked well for me (especially at my house). It's for a Standard installation; and we'll be setting up the server to include Mail (local only), iChat, VPN, File Sharing, iCal, Web Server/Wiki, Apple Remote Desktop access, and Time Machine (may not work well).
Please let me know if I'm missing something that will help ensure this setup works as perfectly as possible on any system.
+to help make sure this works, try using all the names i've used below (besides perhaps user names & passwords); like "server.house"+
*1) Setup Router*
• ensure router is properly connected to modem/internet
• router lan address = 10.0.2.1
• subnet mask = 255.255.255.0
• dhcp on
• dhcp server starts at = 10.0.2.9
• dhcp server ends at = 10.0.2.99
• dns server (opendns servers) = 208.67.222.222, 208.67.220.220 (not a completely necessary step, but may help ensure it works)
• port forward to 10.0.2.2 = vpn (udp: 500, 4500; udp/tcp: 50)
• port forward to 10.0.2.2 = ard (tcp: 5900, 5988; udp/tcp: 3283)
*2) Install/Setup Server*
• startup server computer with installation cd and start installation process
• choose "Standard Installation"
• setup administrator account with the following settings:
user name: Administrator
short name: admin
password: admin
• setup network settings (choose manual configuration):
manual ip address = 10.0.2.2
subnet mask = 255.255.255.0
router = 10.0.2.1
dns server = 10.0.2.2
search domain = house
• primary dns server = server.house
• server name = server
+choose all the services and let installation complete; wait until desktop loads+
Verify things are initially okay:
• Open safari, and type "server.house" in the address bar (ensure wiki appears)
Good, now:
• Download latest 10.5 server combo update, install, restart.
• Run software update until all updates are installed (may require several restarts)
• Setup a dyndns account for your server, install dyndns software (make sure it's updating via web and the ip address doesn't start with 10.x)
*3) Setup Server Preferences*
• open server preferences
• go to file sharing: turn on file sharing
• go to vpn: turn on vpn
shared secret = somethingsecretive
ip address range = 10.0.2.101 - 10.0.2.199
• go to users
• make new user(s) with all options enabled
+you should now have all services in server preferences enabled (if not, enable them) and user names setup; for good measure, restart the computer again+
*4) Setup Client Computers*
+make sure client computers have all software updates installed before proceeding+
• Open system preferences: network
• Make a new location called "Server"
• Set TCP/IP to DHCP
• DNS Server = 10.0.2.2
• Search domain = house
• Click apply
It's probably a good time to double check that the internet works - open Safari and google something. Good, it works.
There are two ways to setup the client computers to connect to the server with basically no manual configuration needed:
First way:
Go to system preferences: accounts: select user name to associate with server: select "server account" (if available): enter appropriate info for user on server: wait a bit: restart computer
or (if "server account" isn't available):
Second way:
Open finder: applications: utilities: directory utility. once opened, it should automatically find your server. if it doesn't, click the lock, click "plus sign", type = "open directory", server name = server.house, click ok
• enter appropriate info to connect to server and ensure it's set to automatically setup all services, once finished - restart.
*5) If the automatic setup didn't work, here's how to manually setup the client workstations:*
Safari
• Open Safari and type "server.house" in the address bar, enter user/pass, make sure it connects to wiki.
iChat
• add new jabber account
• jabber id = [email protected]
• server = server.house
• port = 5222
• kerbos = on (you can leave off if you want)
You can test by connecting to your Jabber account
VPN
• open Network in system preferences
• click lock
• click "plus sign"
• interface = VPN
• vpn type = L2TP over IPSec
• service name = server
• server address = your dyndns address
• click advanced
• dns server = 10.0.2.2
• search domain = house
• click ok
• click authentication
• enter user's server password
• enter "somethingsecretive" in "shared secret"
• click ok - click apply
You can test by clicking "connect" - after verified, disconnect.
_File sharing_
• Open finder: click "Server" under "Shared"
• If it connects as guest, click "connect as"
• enter your server username/password
Drag a file to and from a folder to make sure file sharing works
Mail
• Add new mail account (imap)
• Incoming mail server = server.house
• Outgoing mail server = server.house
• Outgoing authentication = kerberos 5 (or password)
• user name = [email protected]
• enter password
Check to make sure you get the server welcome e-mail and that you can send email to other users on the server.
*Time Machine* (very problematic at this time)
• Open Time Machine in System Preferences
• Click "options"
• Eliminate as many folders as possible to keep backup times shorter; click done
• Click "change disk"
• Select "Server" disk; click "use for backup"
** I highly recommend using local SuperDuper! backups and/or Retrospect for networked backups to the server. Other options include the dot mac Backup application or online backups (google it).
*If you have PCs on your network that you want to be able to connect to the server for file sharing*
• Open Windows Explorer (my computer)
• Click tools: map network drive
• Enter "\\server\public" (or if you setup a user account on the server for the pc user(s) i think you can use "\\server\pcusername" - and follow the next two steps)
-Click "connect using different user name"
-Enter pc user account username/password
• save settings
Check to make sure the drive shows up and you can move files to/from server
Helpful info for newbies setting up server 10.5:
• Apple's Server Resources page with all manuals
• Probably the most helpful newbie setup discussion
• Probably the most helpful newbie setup discussion #2
• Discussion about DNS
• "Time Machine is a dog... discussion"
• Manage Central Address Book discussion
• Leopard to Windows Files Sharing Issues discussion
• Lynda's 10.5 Server Training Videos (this does cost money and I haven't personally used it, but it looks very helpful)
I hope that's a good start for people, but I'm sure some setting(s) can be tweaked or I missed something that could make this process go even more smoothly. Lets make this the definitive newbie standard installation setup tutorial.
-Brian
corewerkzHi gikku,
Good idea! I forgot about the web server port forwarding, that will allow the wiki to be seen over the internet.
One question: what does adding the dyndns address to "Server Admin > web > settings > sites" actually do? I'm not too knowledgeable about Server Admin.
Thanks,
Brian
corewerkz -
VPN not working after Update from SLS to MLS
Hi folks,
last weekend I updated my Snow Leopard Server following the suggested procedure, installed first Mountain Lion and then OS X Server. Now I have a problem.
Setup:
- Macmini Server located in my private LAN, running SLS as a virtual machine (VMware)
- connected to the Internet via an AVM FritzBox 7270
For HTTP (80) and VPN (500, 1701 and 4500) the ports are forwarded to the virtual machine - everything was working well before the update (access to Website & VPN from both internal and external). The VPN connection is used either with an iPhoen or with my Macbook pro.
The website is still working like expected. VPN service is not working properly anymore. I can access it from internal, but not from external.
So, to make it clear, nothing but the server OS changed in the setup.
Any ideas? Changed ports from 10.6 to 10.8?
Thanks in advance,
Andre
(err, and YES, I have a snapshot of 10.6. - if I revert it's working again, but this can't be the solution)Hi all,
to point out the difference, this is what the logs say....
Connecting from internal, VPN success:
21.06.13 18:12:13,880
racoon[226]
IPSec Phase1 started (Initiated by peer).
21.06.13 18:12:13,882
racoon[226]
IKE Packet: receive success. (Responder, Main-Mode message 1).
21.06.13 18:12:13,883
racoon[226]
IKE Packet: transmit success. (Responder, Main-Mode message 2).
21.06.13 18:12:13,921
racoon[226]
IKE Packet: receive success. (Responder, Main-Mode message 3).
21.06.13 18:12:13,942
racoon[226]
IKE Packet: transmit success. (Responder, Main-Mode message 4).
21.06.13 18:12:13,969
racoon[226]
IKEv1 Phase1 AUTH: success. (Responder, Main-Mode Message 5).
21.06.13 18:12:13,969
racoon[226]
IKE Packet: receive success. (Responder, Main-Mode message 5).
21.06.13 18:12:13,970
racoon[226]
IKEv1 Phase1 Responder: success. (Responder, Main-Mode).
21.06.13 18:12:13,970
racoon[226]
IKE Packet: transmit success. (Responder, Main-Mode message 6).
21.06.13 18:12:13,970
racoon[226]
IPSec Phase1 established (Initiated by peer).
21.06.13 18:12:14,881
racoon[226]
IPSec Phase2 started (Initiated by peer).
21.06.13 18:12:14,881
racoon[226]
IKE Packet: receive success. (Responder, Quick-Mode message 1).
21.06.13 18:12:14,881
racoon[226]
IKE Packet: transmit success. (Responder, Quick-Mode message 2).
21.06.13 18:12:14,885
racoon[226]
IKE Packet: receive success. (Responder, Quick-Mode message 3).
21.06.13 18:12:14,886
racoon[226]
IKEv1 Phase2 Responder: success. (Responder, Quick-Mode).
21.06.13 18:12:14,886
racoon[226]
IPSec Phase2 established (Initiated by peer).
21.06.13 18:12:14,890
vpnd[1210]
Incoming call... Address given to client = 192.168.0.203
21.06.13 18:12:14,918
pppd[1371]
pppd 2.4.2 (Apple version 596.13) started by root, uid 0
21.06.13 18:12:14,923
pppd[1371]
L2TP incoming call in progress from '192.168.0.117'...
21.06.13 18:12:14,931
pppd[1371]
L2TP connection established.
21.06.13 18:12:14,935
pppd[1371]
Connect: ppp1 <--> socket[34:18]
21.06.13 18:12:14,944
UserEventAgent[17]
Captive: [mySCCopyWiFiDevices:162] WiFi Device Name == NULL
21.06.13 18:12:15,036
pppd[1371]
CHAP peer authentication succeeded for <username>
21.06.13 18:12:15,042
pppd[1371]
DSAccessControl plugin: User '<username>' authorized for access
21.06.13 18:12:15,052
pppd[1371]
Unsupported protocol 0x8057 received
21.06.13 18:12:15,058
pppd[1256]
l2tp_wait_input: Address added. previous interface setting (name: en0, address: 192.168.0.103), current interface setting (name: ppp1, family: PPP, address: 192.168.0.103, subnet: 255.255.255.0, destination: 192.168.0.203).
21.06.13 18:12:15,058
pppd[1371]
local IP address 192.168.0.103
21.06.13 18:12:15,059
pppd[1371]
remote IP address 192.168.0.203
21.06.13 18:12:15,061
pppd[1371]
l2tp_wait_input: Address added. previous interface setting (name: en0, address: 192.168.0.103), current interface setting (name: ppp1, family: PPP, address: 192.168.0.103, subnet: 255.255.255.0, destination: 192.168.0.203).
21.06.13 18:12:15,068
configd[21]
network changed: v4(en0:192.168.0.103, ppp0, ppp1+:192.168.0.103) DNS* Proxy SMB
21.06.13 18:12:17,102
apsd[466]
Certificate not yet generated
21.06.13 18:12:18,103
apsd[466]
Certificate not yet generated
21.06.13 18:12:19,004
apsd[466]
Couldn't find cert in response dict
21.06.13 18:12:19,006
apsd[466]
Failed to get client cert on attempt 11, will retry in 900 seconds
21.06.13 18:12:19,066
racoon[226]
IKE Packet: transmit success. (Information message).
21.06.13 18:12:19,067
racoon[226]
IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA).
21.06.13 18:12:19,120
apsd[466]
Certificate not yet generated
21.06.13 18:12:21,802
pppd[1256]
l2tp_wait_input: Address deleted. previous interface setting (name: en0, address: 192.168.0.103), deleted interface setting (name: ppp1, family: PPP, address: 192.168.0.103, subnet: 255.255.255.0, destination: 192.168.0.203).
21.06.13 18:12:21,817
pppd[1371]
l2tp_wait_input: Address deleted. previous interface setting (name: en0, address: 192.168.0.103), deleted interface setting (name: ppp1, family: PPP, address: 192.168.0.103, subnet: 255.255.255.0, destination: 192.168.0.203).
21.06.13 18:12:21,822
configd[21]
network changed: v4(en0:192.168.0.103, ppp0, ppp1-:192.168.0.103) DNS* Proxy SMB
21.06.13 18:12:21,981
pppd[1371]
Fatal signal 6
21.06.13 18:12:21,982
racoon[226]
IKE Packet: receive success. (Information message).
21.06.13 18:12:22,011
vpnd[1210]
--> Client with address = 192.168.0.203 has hungup
21.06.13 18:12:22,022
UserEventAgent[17]
Captive: [mySCCopyWiFiDevices:162] WiFi Device Name == NULL
21.06.13 18:12:23,837
apsd[466]
Certificate not yet generated
21.06.13 18:12:23,839
apsd[466]
Certificate not yet generated
21.06.13 18:12:25,148
apsd[466]
Couldn't find cert in response dict
21.06.13 18:12:25,148
apsd[466]
Failed to get client cert on attempt 12, will retry in 900 seconds
21.06.13 18:12:25,845
apsd[466]
Certificate not yet generated
Connecting from external, VPN fail:
21.06.13 18:10:52,533
racoon[226]
Connecting.
21.06.13 18:10:52,533
racoon[226]
IPSec Phase1 started (Initiated by peer).
21.06.13 18:10:52,535
racoon[226]
IKE Packet: receive success. (Responder, Main-Mode message 1).
21.06.13 18:10:52,536
racoon[226]
IKE Packet: transmit success. (Responder, Main-Mode message 2).
21.06.13 18:10:52,692
racoon[226]
IKE Packet: receive success. (Responder, Main-Mode message 3).
21.06.13 18:10:52,713
racoon[226]
IKE Packet: transmit success. (Responder, Main-Mode message 4).
21.06.13 18:10:52,882
racoon[226]
IKEv1 Phase1 AUTH: success. (Responder, Main-Mode Message 5).
21.06.13 18:10:52,882
racoon[226]
IKE Packet: receive success. (Responder, Main-Mode message 5).
21.06.13 18:10:52,882
racoon[226]
IKEv1 Phase1 Responder: success. (Responder, Main-Mode).
21.06.13 18:10:52,883
racoon[226]
IKE Packet: transmit success. (Responder, Main-Mode message 6).
21.06.13 18:10:52,883
racoon[226]
IPSec Phase1 established (Initiated by peer).
21.06.13 18:10:53,412
racoon[226]
Connecting.
21.06.13 18:10:53,413
racoon[226]
IPSec Phase2 started (Initiated by peer).
21.06.13 18:10:53,413
racoon[226]
IKE Packet: receive success. (Responder, Quick-Mode message 1).
21.06.13 18:10:53,414
racoon[226]
IKE Packet: transmit success. (Responder, Quick-Mode message 2).
21.06.13 18:10:53,531
racoon[226]
IKE Packet: receive success. (Responder, Quick-Mode message 3).
21.06.13 18:10:53,532
racoon[226]
IKEv1 Phase2 Responder: success. (Responder, Quick-Mode).
21.06.13 18:10:53,532
racoon[226]
IPSec Phase2 established (Initiated by peer).
21.06.13 18:11:13,643
racoon[226]
IKE Packet: receive success. (Information message).
21.06.13 18:11:13,671
racoon[226]
IKE Packet: receive success. (Information message).
Hope you see more than me and can help... :-( -
What to do when SLS - Lion Server Upgrade & Migration Fail
Hi everyone,
I've had a tough time over the past week trying to updating my SLS to LS. (It was a slow week at the office so despite the warnings in these discussions I wasn't disturbing anyone, so I thought I'd try...) Both an upgrade to the current running system and a clean install on a wipe of that hard drive stall at the "Configuring Services" "Upgrading services" screen of the set up process. The migration path eventually fails, and as far as I can tell, it seems that the upgrade path just stays there forever.
Don't worry - I'm doing this all on a Super Duper! clone of my primary drive, so I can go back to SLS whenever I need to.
BUT, I can tell that the server's status is at least partially okay, even in this stalled setup state - iChat seems to work on various clients, and I can use Server Admin to see stats and services, etc.
So despite the discomfort of a failed install, part of me feels like I'll be fine with the LS if I can just figure out how to move my old data into the right places for the new system to use it. But I can't find any guidance for that. I'm looking to migrate OD (seems to have migrated fine), iCal, iChat, Address Book, Wikis, Time Machine, and File Sharing (which should be trivial to set up, I reckon).
Can anyone point me in the right direction?
Thanks very much,
WillhausOkay, so I've had some marginal success.
After leaving the hung install for a ridiculous amount of time (24+ hours), I realized that I could click the help button, and from the help window click the "further info about Lion Server" link to launch Safari. That gave me access to Software Update from the Apple menu, which then let me install the latest Safari update which conveniently enough requires a restart.
After restart, the Server Migration Assistant kicked in again, but failed quickly in the upgrading services stage. Another restart, and the sever finally booted more or less normally.
The strange thing was that although chat services worked fine during the hung install, all OD-related services stopped working after restarting. Turns out there were no users or groups in OD. Importing them from an OD archive, though, restored them.
So now iChat works great (even the old chat longs migrated successfully), and AFP is properly sharing our volumes across our studio's network. So our server is limping along.
The other services we need that aren't up yet are Wiki and iCal. Some info about those:
Wiki: administrators can log in and see all wikis just fine. That's awesome because it means the data migrated successfully. Any non-admin users can log in, but are then get a wiki-styled page that says simply "No wikis found". It's as if they don't have permissions to see the wikis, even though in Server.app they belong to the groups that the wikis are associated with. I've tried removing and re-adding users to groups, but that doesn't seem to do it. Any ideas how to fix this?
Calendar: While I can't get this to work, it's not like it's completely lifeless. An account in a client Lion iCal configured with the proper Lion settings returns an error that reads:
"The Server is Busy or Unavailable.
"The server at myserver.com is currently unable to handle the connection for account “ Calendars” due to a temporary overloading or maintenance of the server. If this continues you should contact the server administrator.
"You may try to connect to the server again or take the account offline."
As a logged in administrator, in a wiki clicking on Calendar in the nab bar goes to the calendar style page with an unending dialogue box that reads "Getting events from server". And clicking on Calendar from Home page footer takes me to the URL https://myserver.com/webcal with an error that says:
"Service Temporarily Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
Apache/2.2.20 (Unix) mod_ssl/2.2.20 OpenSSL/0.9.8r DAV/2 Server at myserver.com Port 443"
Again, at least I'm confident that the data migrated properly - I can find all the calendar data in it's proper new location - but either the service won't start or something's not configured correctly. I've tried chaining the hostname and restarting the service about a billion times. I've got no idea what to try next. Any ideas?
Thank you so much,
Willhaus -
Help with Proper DNS Setup for Leopard Standard Server Setup
Hello All,
Problem Description-
I was reviewing some training today on DNS setup and checking for proper setup with the sudo changeip - checkhostname tool and I seem to have an incorrectly configured DNS setup. So I need some help on correcting it. When I go to the "Server Preferences" tool I cannot log in using apple.ourdomainname.com instead in order to use the tool I have to input localhost as the server name. Now I just thought that the system was broken or something and with the help of my training I now see it's a DNS problem. I thought I had everything proper since I followed the steps of creating proper DNS/RDNS entries with my ISP. Now I am stuck wondering what else isn't working properly due to the DNS issue. Thanks in advance.
Technical Info-
My ISP provides us with 5 static IP's and we have asked them to create entries and verified the setup of apple.ourdomainname.com = x.x.x.x which is one of our public IP's assigned currently assigned to the WAN port of our Apple Airport Extreme. We have also had them create a PTR record which also is present, verified and functional. Our MacMini running 10.5.5 is connected directly to one of the ethernet ports on our Apple Airport Extreme which is our NAT/Firewall for the LAN. So during the setup of the Standard Server install the OS configured the Airport with the required ports for chat/web/vpn. And mobile Mac's can VPN in and gain folder access and web works fine too. We don't use the e-mail portion so I can't say how that works. The server is using the DNS of 10.0.200.1 which is the IP of the Airport and the airport is programmed with the DNS of OpenDNS servers 208.67.222.222 and 208.67.220.220. The reason for this whole long shpeal is that I want to give as much technical background as possible for the best possible help.
Thanks
DMWhat happens when you use 'Localhost' instead of 'localhost' (i.e. capitalizing the 'L')?
-
Two computers setup the same, behave differently
I'm working at a small business, running an office of Macs, one of which, a Mac Pro, is running OS 10.6.8 and Filemaker (port #5003). We want that computer, and specifically that application, to be accessible remotely through a static IP.
Comcast assigned a static IP to the WAN, and sold them another "useable" IP for the LAN.
I found instructions on the web that said to configure the computer's network interface to the numbers that Comcast gave us and then under the Firewall settings in Port configuration, set "True Static IP Port Mgmt" to "UNcheck Disable all rules and allow all inbound traffic through" and then set the appropriate rule for Filemaker.
So to test before I brought down the network, on MY MacBook Pro, also running Filemaker and OS 10.6.8, I set that up. IT WORKED!!! I could access the internet, and from the Mac Pro could see the database on my computer from Filemaker on the Mac Pro. (I didn't check from out of the office, and in retrospect, I should have, and will today.) I thought I was home free, so I reset my laptop to DHCP and set up the Mac Pro Networking System Preference exactly how I set up my laptop and the Mac Pro promptly lost connection to the internet and nothing could see it from the Network including by SSH or ping.
I restarted the SMC 8014, albeit quickly. I restarted the computer. I zapped the PRAM of the computer. I checked, double checked, triple checked the numbers, checking for spaces, misplaced periods, etc. I tried different DNS numbers (using OpenDNS). I pinged from the Mac Pro and could NOT reach the DNS servers. My notes don't show whether I pinged the router itself (the WAN IP) and I don't remember. I'll try that too today. I checked the Sharing setup - identical.
This worked on one computer. Why would it fail on another computer, sitting side by side? There's a switch in the office, connected to the switch in the closet, so the only outside difference between the two is the port on the switch (simple, not managed) in the office.
If anyone has ideas I'm all ears.Imap wasn't designed for this kind of multi user situation. It assumes that you the account owner will be using it to manage one account via multiple devices. So once you have read a message it has been read, regardless of which device you were using at the time.
You appear to be describing a situation where you want more than one user to read each message, without anyone knowing if anyone else has read it or even dealt with it. Frankly, I can't imagine a set of circumstances where this workflow would make sense or be useful.
You can do various things such as manually setting messages as unread, or moving them from one folder to another to indicate that they have been processed, but much of this relies on users being thorough and conscientious.
You may need to be running your own server to do this sort of email message managing, if you really need to fork a message so it gets to multiple recipients. Managing which users see a particular message is a job for a server, not the end-user's email client.
Maybe you are looking for
-
Facing issue in HSRP configuration with IPV6
Hi, i am trying to configure hsrp with ipv6 and all command are running for hsrp excep this command standby 1 ipv6 2001::10/64 and i have also tried standby 1 ipv6 2001::10, then showing error:- % invalid link-local address. i have also configred s
-
Hi SAP Experts, Greeting to all of you!!! In one of the report I wanted to perform some calculation related to GR Date and time. So I was looking for field that would contain the DATE and TIME at which the GR was done. I tried looking at the MSEG tab
-
Problems with audacity, audacious (ffmpeg libavformat.so)
Hi all, I have this problem with audacious: it can't play mpc files (and maybe other formats) since it has an error with arch's current ffmpeg setup (everything is up-to-date here). The error message it spits out is "ffaudio: Unsupported audio format
-
Hi, It appears that a URL can't be called from a menu using the Portal toolset because the get_menu_link function doesn't work in this release. You get an insufficient privilege error. This is now a bug, #1852576, which development is working on. Doe
-
CR Xi We have some legacy reports that use a font (Calibri) that we'd like to change to Arial or some font that supports 'embedding permissions'. [Note: Not too sure how to tell IF a font supports or doesn't support embedding permissions!]. Anyway,