OS X Server - Kerberos - Should I need to "Connect As" from client to server

Hi,
I am setting up my first mac server - I have lots of expererince in Windows server, but mac newbie.
I have set up a mac mini server -
OS X Mountain Lion with Server
DNS
File Sharing
Open Directory
.private FQDN (server1.companyname.private)
On the Mounatin Lion client I have set the logon options to add server1.companyname.private as Open Directory Server
I can logon from the client using the local network accounts I have created (testuser)
The issue I have is that when I try and open the server (server1) it says not connected and I have to Connect As and enter the password (it thens connects OK)
I expected that once I logged onto the client, kerberos would then be able to authenticate me to the server and I would not need to enter password again - Single Sign In
Is this normal with Mac's?
If I run klist I see:
credentials cache: API:1025:2
        Principal: [email protected]
  Issued           Expires          Principal
Sep  9 11:15:22  Sep  9 21:15:22  krbtgt/[email protected]
Are there any other steps required such as adding the client or server into OD?
Any guidance would be appreciated.
Thank you.

I have solved. I moved mac server and client onto an isolated test network, with a different DHCP server. I then created a static IP address for the server.
Works as expected now - I am not prompted to authenticate when I open server 1, and a ticket is created after I connect to the server.

Similar Messages

  • Help needed to connect to remote PPTP VPN via PIX 515e

    Hello,
    A user in our office needs to connect to a client's remote PPTP VPN but can't connect.  The user is running Windows 7.  We have a Cisco PIX 515e firewall that is running PIX Version 6.3(3) - this is what our user is having to go through to try and make the connection to the client's remote VPN.
    The client's network guys have come back and said the issue is at our side.  They say that they can see some of our traffic but not all of it. The standard error is shown below, and they say it's symptomatic of the client-side firewall not allowing PPTP traffic:
    "A connection between the VPN server and the VPN client XXX.XXX.XXX.XXX has been established, but the VPN connection cannot be completed. The most common cause for this is that a firewall or router between the VPN server and the VPN client is not configured to allow Generic Routing Encapsulation (GRE) packets (protocol 47). Verify that the firewalls and routers between your VPN server and the Internet allow GRE packets. Make sure the firewalls and routers on the user's network are also configured to allow GRE packets. If the problem persists, have the user contact the Internet service provider (ISP) to determine whether the ISP might be blocking GRE packets."
    I have very little firewall experience and absolutely no Cisco experience I'm afraid.  From looking at the PIX config I can see the following line:
    fixup protocol pptp 1723.
    Does this mean that the PPTP protcol is enabled on our firewall?  Is this for both incoming and outgoing traffic?
    I can see no reference to GRE 47 in the PIX config.  Can anyone advise me what I should look for to see if this has been enabled or not?
    I apologise again for my lack of knowledge.  Any help or advice would be very gratefully received.
    Ros

    Hi Eugene,
    Thank you for taking the time to reply to me.  Please see our full PIX config below.  I've XX'd out names and IP addresses as I'm never comfortable posting those type of details in a public forum.  I hope that the information below is still sufficient for you.
    Thanks again for your help,
    Ros
    PIX(config)# en
    Not enough arguments.
    Usage:  enable password [] [level ] [encrypted]
            no enable password level
            show enable
    PIX(config)# show config
    : Saved
    : Written by enable_15 at 10:30:31.976 GMT/BDT Mon Apr 4 2011
    PIX Version 6.3(3)
    interface ethernet0 auto
    interface ethernet1 auto
    interface ethernet2 auto
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    nameif ethernet2 DMZ security10
    enable password XXX encrypted
    passwd XXX encrypted
    hostname PIX
    domain-name XXX.com
    clock timezone GMT/BST 0
    clock summer-time GMT/BDT recurring last Sun Mar 1:00 last Sun Oct 2:00
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol pptp 1723
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    names
    name XX.XX.XX.XX Secondary
    access-list outside_access_in permit tcp XX.XX.XX.XX 255.255.255.240 host XX.XX.XX.XX eq smtp
    access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq https
    access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq 993
    access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq 587
    access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq 82
    access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq www
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq www
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq www
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq https
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 993
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 587
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 82
    access-list outside_access_in permit tcp host XX.XX.XX.XX host XX.XX.XX.XX eq 82
    access-list outside_access_in permit tcp host XX.XX.XX.XX host XX.XX.XX.XX eq 82
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq smtp
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 8082
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq www
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq https
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 993
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 587
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq 82
    access-list outside_access_in permit tcp any host XX.XX.XX.XX eq smtp
    access-list outside_access_in permit tcp any host XX.XX.XX.XX. eq www
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.0.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl deny udp any any eq 135
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list inside_outbound_nat0_acl permit ip any XX.XX.XX.XX 255.255.255.0
    access-list outside_cryptomap_40 permit ip any XX.XX.XX.XX 255.255.255.0
    access-list outside_cryptomap_60 permit ip any XX.XX.XX.XX 255.255.255.0
    access-list USER1 permit ip any XX.XX.XX.XX 255.255.255.0
    access-list outside_cryptomap_10 permit ip any XX.XX.XX.XX 255.255.255.0
    access-list outside_cryptomap_20 permit ip any XX.XX.XX.XX 255.255.255.0
    access-list outside_cryptomap_30 permit ip any XX.XX.XX.XX 255.255.255.0
    access-list outside_cryptomap_50 permit ip any XX.XX.XX.XX 255.255.255.0
    access-list outside_cryptomap_70 permit ip any XX.XX.XX.XX 255.255.0.0
    access-list USER2 permit ip any XX.XX.XX.XX 255.255.255.0
    access-list USER3 permit ip any XX.XX.XX.XX 255.255.255.0
    access-list USER4 permit ip any XX.XX.XX.XX 255.255.0.0
    pager lines 24
    logging on
    logging host inside XX.XX.XX.XX
    icmp permit any outside
    icmp permit any inside
    mtu outside 1500
    mtu inside 1500
    mtu DMZ 1500
    ip address outside XX.XX.XX.XX 255.255.255.248
    ip address inside XX.XX.XX.XX 255.255.255.0
    no ip address DMZ
    ip audit info action alarm
    ip audit attack action alarm
    pdm location XX.XX.XX.XX 255.255.255.255 inside
    pdm location XX.XX.XX.XX 255.255.0.0 outside
    pdm location XX.XX.XX.XX 255.255.255.0 outside
    pdm logging debugging 100
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 0 access-list inside_outbound_nat0_acl
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    static (inside,outside) XX.XX.XX.XX XX.XX.XX.XX netmask 255.255.255.255 0 0
    static (inside,outside) XX.XX.XX.XX. XX.XX.XX.XX netmask 255.255.255.255 0 0
    static (inside,outside) XX.XX.XX.XX. XX.XX.XX.XX netmask 255.255.255.255 0 0
    static (inside,outside) XX.XX.XX.XX XX.XX.XX.XX netmask 255.255.255.255 0 0
    access-group outside_access_in in interface outside
    route outside 0.0.0.0 0.0.0.0 XX.XX.XX.XX 1
    route inside XX.XX.XX.XX 255.255.0.0 XX.XX.XX.XX 1
    timeout xlate 3:00:00
    timeout conn 2:00:00 half-closed 0:30:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
    timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server RADIUS protocol radius
    aaa-server LOCAL protocol local
    ntp authenticate
    ntp server XX.XX.XX.XX source outside prefer
    http server enable
    http XX.XX.XX.XX 255.255.0.0 outside
    http XX.XX.XX.XX 255.255.255.0 outside
    http XX.XX.XX.XX 255.255.255.255 inside
    snmp-server host inside XX.XX.XX.XX
    no snmp-server location
    no snmp-server contact
    snmp-server community XXX
    snmp-server enable traps
    floodguard enable
    sysopt connection permit-ipsec
    crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto dynamic-map cola 20 set transform-set ESP-3DES-MD5
    crypto dynamic-map dod 10 set transform-set ESP-3DES-MD5
    crypto map outside_map 10 ipsec-isakmp dynamic cola
    crypto map outside_map 20 ipsec-isakmp
    crypto map outside_map 20 match address outside_cryptomap_20
    crypto map outside_map 20 set peer XX.XX.XX.XX
    crypto map outside_map 20 set transform-set ESP-3DES-MD5
    crypto map outside_map 25 ipsec-isakmp
    crypto map outside_map 25 match address USER1
    crypto map outside_map 25 set peer XX.XX.XX.XX
    crypto map outside_map 25 set transform-set ESP-3DES-MD5
    crypto map outside_map 30 ipsec-isakmp
    crypto map outside_map 30 match address outside_cryptomap_30
    crypto map outside_map 30 set peer XX.XX.XX.XX
    crypto map outside_map 30 set transform-set ESP-3DES-MD5
    crypto map outside_map 40 ipsec-isakmp
    crypto map outside_map 40 match address outside_cryptomap_40
    crypto map outside_map 40 set peer XX.XX.XX.XX
    crypto map outside_map 40 set transform-set ESP-3DES-MD5
    crypto map outside_map 50 ipsec-isakmp
    crypto map outside_map 50 match address outside_cryptomap_50
    crypto map outside_map 50 set peer XX.XX.XX.XX
    crypto map outside_map 50 set transform-set ESP-3DES-MD5
    crypto map outside_map 60 ipsec-isakmp
    crypto map outside_map 60 match address outside_cryptomap_60
    crypto map outside_map 60 set peer XX.XX.XX.XX
    crypto map outside_map 60 set transform-set ESP-3DES-MD5
    crypto map outside_map 70 ipsec-isakmp
    crypto map outside_map 70 match address outside_cryptomap_70
    crypto map outside_map 70 set peer XX.XX.XX.XX
    crypto map outside_map 70 set transform-set ESP-3DES-MD5
    crypto map outside_map 75 ipsec-isakmp
    crypto map outside_map 75 match address USER4
    crypto map outside_map 75 set peer XX.XX.XX.XX
    crypto map outside_map 75 set transform-set ESP-3DES-MD5
    crypto map outside_map 80 ipsec-isakmp
    crypto map outside_map 80 match address USER2
    crypto map outside_map 80 set peer XX.XX.XX.XX
    crypto map outside_map 80 set transform-set ESP-3DES-MD5
    crypto map outside_map 90 ipsec-isakmp
    crypto map outside_map 90 match address USER3
    crypto map outside_map 90 set peer XX.XX.XX.XX
    crypto map outside_map 90 set transform-set ESP-3DES-MD5
    crypto map outside_map interface outside
    isakmp enable outside
    isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
    isakmp key ******** address 0.0.0.0 netmask 0.0.0.0
    isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
    isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
    isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
    isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
    isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
    isakmp key ******** address XX.XX.XX.XX netmask 255.255.255.255 no-xauth no-config-mode
    isakmp policy 20 authentication pre-share
    isakmp policy 20 encryption 3des
    isakmp policy 20 hash md5
    isakmp policy 20 group 2
    isakmp policy 20 lifetime 86400
    telnet XX.XX.XX.XX 255.255.0.0 outside
    telnet XX.XX.XX.XX 255.255.255.255 inside
    telnet XX.XX.XX.XX 255.255.255.255 inside
    telnet XX.XX.XX.XX 255.255.255.255 inside
    telnet timeout 30
    ssh XX.XX.XX.XX 255.255.255.248 outside
    ssh XX.XX.XX.XX 255.255.255.248 outside
    ssh timeout 30
    management-access inside
    console timeout 0
    terminal width 80
    Cryptochecksum:XXX
    PIX(config)#

  • Should i need a new oracle instance or schema?

    Hello All,
    I know that this is may sound like a silly question but i really need to know. In our company we have a server with oracle standard and a instance that holds a financial database. Now, the company bought a new antivirus software and it runs over oracle database. Now, should i create a new schema to own my antivirus tables or should i need create a new database instance?
    I've worked with other database product that has a different concept from oracle, regarding Intance-Database concept. I'm really new from oracle.
    Best regards,
    Rafael Melo - Br

    >
    Now, the company bought a new antivirus software and it runs over oracle database
    >
    What exactly does 'it runs over oracle database' mean?
    You need to read the software documentation to see how to use it.
    >
    Now, should i create a new schema to own my antivirus tables or should i need create a new database instance?
    I've worked with other database product that has a different concept from oracle, regarding Intance-Database concept. I'm really new from oracle.
    >
    An 'instance' and a 'database' are two different, though possibly related, things.
    See the Database Concepts Doc for the definition of 'instance' and 'database'
    http://docs.oracle.com/cd/E11882_01/server.112/e10713/startup.htm
    >
    Introduction to the Oracle Database Instance
    A database instance is a set of memory structures that manage database files. A database is a set of physical files on disk created by the CREATE DATABASE statement. The instance manages its associated data and serves the users of the database.
    Every running Oracle database is associated with at least one Oracle database instance. Because an instance exists in memory and a database exists on disk, an instance can exist without a database and a database can exist without an instance.

  • HT3382 I have an early 2006 Mac Mini and need to connect it to a VGA display.  What connector should I use?

    I have an early 2006 intel core solo Mac Mini (locted in India) and need to connect it to a VGA display.  I have looked at the support articles but can't figure out what adapter to use.

    There was a DVI to VGA adapter included with the early 2006 mini.  The one that I have looks like this
    You should be able to buy one, although it's not currently listed in the US Apple online store.

  • Need to POST data from a desktop client to a server.

    Hello all, it's been awhile since I've posted here, so I hope everyone has been doing well.
    I have cross posted this here java - Need to POST data from a client application to my server - Stack Overflow but no answers, and since SO has been extremely slow for the questions I've been asking I am posting here.
    Here is the post:
    I know the title is probably a common question, but I am a bit confused on everything I'm trying to do, so I am trying to piece it together, and figured a common title would be better than a confusing one.
    I am basically developing a web application and one part of that is a file uploader. I am using Apache Commons File Upload via the Streaming API, and that all works fine, except I need to access the file I'm uploading, because that contains data to additional files to upload.  I.e., Read File A, get paths to images, upload images with File A to server and save on server.  The API can be found here http://commons.apache.org/proper/commons-fileupload/streaming.html
    I was told there is a security risk via the web and would be impossible via a browser, since the user needs to select all files to upload, i cannot tell the browser to upload additional files, so I am left with a client side option.
    I am confused if there is a special library I need, or as I have been seeing threads that talk about using the built in UrlConnection Class or http://hc.apache.org/
    I basically need to be able to read the file, which technically gives me a path to a Database on the user's system which I then read to get the additional images.  After I get all of that I then  need to post the data as a multipart form as that is what the FileUpload requires.
    form method="POST" enctype="multipart/form-data" action="fup.cgi">
      File to upload: <input type="file" name="upfile"><br/>
      Notes about the file: <input type="text" name="note"><br/>
      <br/>
      <input type="submit" value="Press"> to upload the file!
    </form>
    This is the example found in the Overview section of the Fileupload which can be accessed from the link above.
    There wouldn't be an issue if the users uploaded all of the data themselves, but since I have to do some of it automatically it causes some "concerns/issues."
    Basically these files are created and packaged from another application, so the images, and the db will always be in the same place, and that file that they are uploading is a file the other program creates, so everything will always be known, I just need to upload it, and then POST it as enctype="multipart/form-data" So that my servlet can read it and save it on my server.
    So I would appreciate it if anyone had any suggestions on where to begin my journey with this.  I have heard of a few applications like curl and wget that are used for this, but those seem to be more C based.  As mentioned earlier it seeems the httpcomponets from apache might work well, but I want to make sure.
    I appreciate all the help, thank you for your time all.

    It's not possible to read from a file without using classes from the core API*. You'll have to get clarification from your instructor as to which classes are and are not allowed.
    [http://java.sun.com/docs/books/tutorial/essential/io/]
    *Unless you write a bunch of JNI code to replicate what the java.io classes are doing.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

  • Oracle 10.2 on AIX -- need to connect to remote SQL server by dblink

    oracle 10.2 on AIX -- need to connect to remote SQL server by dblink
    i didn't see a odbc diectory in our oracle home path. how do i know odbc driver is installed in the oracle on our AIX server.
    If it is there, do i just need to modify the odbc.ini and then the inithsodbc.ora, linster.ora, tnsnammes.ora files, or am I missing something
    Appreciate your response
    Edited by: user10876711 on May 12, 2011 9:18 AM
    Edited by: user10876711 on May 12, 2011 9:18 AM

    when you want to connect from Oracle to a SQl Server you need the Oracle Gateway (HSODBC or even better Dg4ODBC) and a FOREIGN ODBC DRIVER for your foreign database - a SQL Server ODBC driver. You have to get this driver from a 3rd party vendor - Oracle does not offer any foreign ODBC drivers.
    So before being able to use DG4ODBC/HSODBC you need to install from a 3rd paryt vendor a SQL Server ODBC driver. Commercial vendrs are for example Data Direct, Openlink or Easysoft.
    On Unix ODBC drivers commonly also require a driver manager. If the ODBC driver vendor does not ship one with the ODBC driver you can get it from www.unixodbc.org

  • Considering upgrading from CF8 up to CF11... notice in the CF11 support matrix that Sybase Adaptive Server Enterprise 15.0, 15.5  is not supported.  While we primarily connect to Oracle DB, we do need to connect to Sybase DBs periodically. Is the plan to

    Considering upgrading from CF8 up to CF11... notice in the CF11 support matrix that Sybase Adaptive Server Enterprise 15.0, 15.5  is not supported.  While we primarily connect to Oracle DB, we do need to connect to Sybase DBs periodically.
    Is the plan for CF11 to support Sybase again in the near future?

    Did you ever get a response? I'm merely trying to connect to a Sybase database - and it gives me a java.sql.SQLException:null  error - with no other information.
    I'm running the server on Ubuntu 14.x, 64bit.
    Thanks.

  • Need Help Streaming Video From Web Server Built Into Application - Linksys WRT54g Router

    Very much appreciate any help getting streaming video feed from web server built into video application to work properly using port forwarding on my Linksys WRT54g wireless router.
    Here is the situation:
    My PC is connected to the internet via a Linksys WRT54g wireless router.
    The Windows XP Pro SP2 firewall is enabled, with a firewall exception established for the video camera application.
    On the router, forwarding of port 80 is enabled for the LAN IP address of the PC running the video application with an embedded web server, and the web server in the video camera application is also set to use port 80.
    I have a free DYNDNS account and also run the DYNDNS updater program on the PC running the video application with embedded web server. According to the DYNDNS web site and the DYNDNS updater program, the IP address assigned to the machine running the video application with embedded web server is set correctly in my dyndns account.
    When I open a browser (Explorer or Firefox) on the PC running the video camera application with embedded web server, I am able to  connect to the video application's web server by going to the dyndns address linked to the machine running the video application. The video application's web server is set to use the dyndns address. That's the good news. The bad news is that I can't connect to the video application's web server from any machine that connects to the internet that uses a router other than the router used by the PC running the video application. I am only able to connect to the streaming video from the application's web server only on machines that connect to the internet using the same (home) router used by the PC that is running the video application.
    Since I am able to connect to the video app's embedded web server successfully on the machine running the video application, it seems that at least something about the current port forwarding settings is correct. For example, if I uncheck 'enable' for forwarding of port 80 on the router settings page, I am no longer able to connect to the video app's web server when I try to do so in a browser running on the machine running the video app. When I re-enable port 80 forwarding on the router, I am again able to connect to the web server of the video application on the machine running the video app. I thought that by enabling forwarding of port 80 on the router and associating that port with the LAN IP of the machine running the video application, it would be possible to connect to the streaming video of the video app's embedded web server from ANY machine connected to the internet, but that is not the case. There must be some other router settings to update/change in order to get the port forwarding working to enable a successful connection to the video web server, but I am stumped. Very grateful for any suggestions as to how to get this working properly.
    Thanks in advance...

    The firewall log can be configured on the third tab in the window for the firewall settings, where you can turn the firewall on and off completely.
    From your tests, though, it does not seem to be the firewall. However, to be sure, it would be good to check the log. It will help to eliminate the firewall as the culprit and you may find it handy in the future, too. ;-) Just don't forget to turn the log off again after you are done because it may cause some performance penalty on your system while on.
    From what you write, it seems as if I should give a little networking background on the ip addresses you'll see. Your setup is (or should be) a modem connected to the WAN/Internet port of the WRT. The computer is connected into a LAN port of the WRT.
    Your router has two IP addresses (that's what makes it a router): a WAN address and a LAN address. The WAN address is the address assigned by the ISP. It is a normal internet IP address. Everyone is able to send packets to this IP address. The WAN address is the one reported by whatismyipaddress.com, it should be listed in the dyndns record and it is the address that your router shows on the Status page. It's the public IP address of your router. Dyndns maps your dyndns.org name to that IP address.
    Your router also has an IP address on the LAN side. You can configure it to be whatever you want. The default is 192.168.1.1 with netmask 255.255.255.0 and it is better to leave it like that or at least inside the network 192.168.*.*. 192.168 is a special, reserved IP address range for private networks. Basically, routers in the internet are not supposed to forward addresses in this range. That makes them suitable for private LANs as the packets never can get anywhere. Most people using Linksys routers have there LAN in 192.168.1.*.
    The router acts as gateway, which means it forwards packets from PCs in the LAN to the internet and back. As all your PCs in your LAN share a single WAN IP address, the gateway does address translation (NAT). This works only in one direction: from the inside to the outside. The router remembers when a PC in your LAN sends something out and accepts the responses in and sending them back to the PC. If something comes in from the internet which cannot be associated with a ongoing communication the packet is dropped unless you use port forwarding.
    All computers in your LAN either have a static IP address assigned or use DHCP to get it automatically. The router has a DHCP server as well which gives out IP address from 192.168.1.100-149 if not changed. With a router with default settings static IP addresses can be in the range of 192.168.1.2-99 and 150-254.
    ipconfig /all reports your IP address in your LAN, i.e. an address 192.168.1.*. The gateway in this output should be 192.168.1.1 which is your router. And packet no in the LAN address range 192.168.1.* is send to the router which forwards the packets into the internet.
    An address 192.168.1.* should not appear as internet address in the Status page of the router nor should it appear at dyndns.
    Port forwarding is used to operate a server in the LAN. By default, a server in the LAN cannot be reached from the internet. You have to configure port forwarding for this. You configure that traffic bound for a specific port (e.g. TCP port 80 for http) on your WAN IP address is forwarded to the same port on a specific LAN IP address. If your server runs on 192.168.1.50 than traffic to your WAN IP address port 80 is forwarded to 192.168.1.50 port 80. That way your HTTP server can be reached from the internet. As you can only configure a fixed IP address in port forwarding it is recommended that the server uses a static IP address and not DHCP as in the latter case the IP address may change over time...
    O.K. so much for networking. I hope that makes things a little clearer and you can verify that your setup is how it is intended to be.
    I suggest the following: on the router's security page there is an option to block WAN requests. Remove the check if it is set (meaning: do not block). After you did that change you should be able to ping your WAN address (e.g. ping xxxx.dyndns.org) from the internet. That way we know that it is on the correct address.
    Also on the Administration page make sure that remote management is disabled (should be like that per default) or that the management port is NOT 80 but for example 8080. What is your your UPnP settings on the same page?
    O.K. that should be enough for the moment...

  • Prerequisites & steps needed to connect SolMan  to the Aris server?

    Hi,
    What are the Prerequisites & steps needed to connect Solution Manager system  to the ARIS server?
    Please help me with any type of documents and let me the the link in SMP
    Regards,
    Neni

    Dear Neni,
    SAP Note 984876 has all instructions on how to proceed. See below:
    If you have purchased ARIS via SAP, proceed as described in note
    1114046.
    If you have purchased ARIS via IDS, proceed as follows:
    The synchronization functionality completely depends on an Add-on
    developed by IDS Scheer. Therefore, problems related to this
    functionality are not handled by SAP support. Please contact IDS Scheer
    support for help.
    Best regards,
    Guilherme Balbinot

  • Should i need to install JDBC Drivers?

    Hi,
    I am new to primavera database.
    Now i need to develop RFC's to JDBC Scenario using PI7.1, should i need to install JDBC Driver to up date the data in primavera database.
    thanks,
    snr.

    Hi,
    JDBC drivers are needed to establish the connection to database using JDBC adater but not operations...
    if your database provider classes are not installed in the PI system then you need to install the same...
    check the connection using test if not sure about this but need to install the ear file provided as per note 1085539
    HTH
    Rajesh

  • Hi, I need help!. I will change my iphone and I need to move contacts from one iPhone to the new, what should I do?

    Hi, I need help!. I will change my iphone and I need to move contacts from one iPhone to the new, what should I do?

    You should have been syncing your contact with your computer all along.  Just sync them from the computer to the new iphone.
    iPhone: Transferring information from your current iPhone to a new iPhone

  • Urgently need to download emails from server

    Hello - my webmail server is about to wipe my emails in the next couple of days. I am running Mavericks on a Macbook and want to download all emails from the server so that they stay on my Mail app when the server finally deletes all the emails. Can anyone please advise me?
    Many thanks
    Paul

    HI - so far as I know it's a standard webmail operation. In this case it is with Virginmedia. The problem is that i have closed my account with them and a 3 month grace-period where my email account is still active is about to come to an end. After that I won't have access to my emails. So I need to download them from the server. I can currently access them but i do not know what settings to put into either the webmail or my Mac Mail app.
    (in other words I want to store all my emails permanently on my Macbook and not on any server).
    I'm very grateful for any guidance on this. I don't want to lose the emails.
    Paul

  • I am trying to update my itunes to the latest version, but it says the itunes server could not be updated and i need to connect to the internet when I amlready am connected

    I am trying to update my itunes to the latest version, but it says the itunes server could not be updated and i need to connect to the internet when I amlready am connected. How do I get the latest version of itunes so i can sync my iphone with itunes without losing all my songs?

    We were able to fix our machine!  I just could not make sense of the error message, so we were trying non-Microsoft, non-Apple solutions. 
    Our Solution:  Install MalWareBytes, and run a Quick Scan.
    Even thought both Microsoft anti-virus and Defender were running on our Windows 8 machine, MalWareBytes found about 100 problems.  As I looked over the types of problem and locations, I found several that referenced the exact directory referenced in this message.  The machine had to be restarted for MalWareBytes to complete the cleaning, but iTunes installed afterwards with no problems.
    Thank you MalWareBytes!

  • My laptop has FileVault turned on. How would I obtain the Recovery Key from Apple should I need it?

    My laptop has FileVault turned on. I remember a Recovery Key was created for me but I can't find it. I do know the log in password for my computer so I am not locked out. How would I obtain the Recovery Key should I need it?

    http://support.apple.com/kb/PH11381 

  • Why should I need to pay "overseas transaction fee" when I buy an iphone app in Hongkong dollar currency.

    why should I need to pay "overseas transaction fee" when I buy an iphone app in Hongkong dollar currency.

    I have bought some apps in apple store and pay it by Hongkong currency Credit Card. Afterwards I found there has some extra fees on statement and have been clarified as "overseas transaction fee"...

Maybe you are looking for

  • Power Acoustik - 11.2" Widescreen Ceiling-Mount LCD Monitor with DVD Player installation

    I am looking to purchase the above mentioned car dvd player and have a couple questions. 1. Does this system tie into the cars electrical system for power?  If so, will any wires from install be visible? 2. Will the sound play through the car speaker

  • Safari Widget will not leave the screen

    I have been using several widgets that I created with Safari 3. Everything was going fine until today. One of my widget appears on my screen at all time. My other widgets works perfectly but this one always stays on the screen even if I pushed the F1

  • Just got first mac, i've lost the pages icon already!

    I am sure the icon was there orginally, but now after migrating folders with word docs excel etc across from my PC, the icon has gone and is replaced by the folders with the doc's in, but how do i now open new word doc or excel doc etc, anybody help

  • Auto Run Application On Network Connect

    I have a very simple application that I created in Automator. I want this application to automatically run only after I connect to a *particular wireless network*. I want this all to happen in the back ground (hence the "automatic". Is there any way

  • How do I upgrade from OS X 10.6.8?

    I have OS X version 10.6.8 and would like to upgrade. How do I do so? My biggest "guess" is that I would need to purchase snow leopard for $20, and then I can upgrade to Maverick for free. I am not used to dealing Macs but it appears that you needed