OS X Server VPN and OS X Client VPN Kerberos issue

Similar Messages

• How do I use pots on my client machine to change values, from the field, on my server machine and all other client machines?

  I am using Lookout 4.5, build 12, and I am having a problem concerning pots. I have data tables created for the different size sewer stations my system monitors. For each station, there are setpoints for starting and stopping of the pumps. I want to be able to change the setpoints for a station on the client file using a pot and have it change on all other machines running Lookout. I did this in 3.8 using DDE, but I don't want to use DDE anymore.
  I created a pot on the client file and URL'ed it to a pot on the server. On the server I created a table with a generic member "A" named "Lead Setp" and then created a member "A1" named
  "C5_1LeadSetp" then a member "A2" named "C3_1LeadSetp" and so on....
  In this table I connected the generic member "A" to the Pot I created on the server, and I connected A1 to its corresponding setpoint signal coming in from the field.
  On the client file I connected (in the table similar to the one on the server but with all signals for the station) the "A1" member to the setpoint signal coming in from the field, and I connected the "A" member to the Pot I created on the client file which is URL'ed to the pot on the server file.
  But, when I change the value of the pot on the client file, only the pot on the server and the "A" member in the table on the server change to the value of the pot on the client. The "A1" member whose screen I am changing the values from on the client does not change! This is the last thing I have to do and my file will be completely converted to 4.0. Does anyone have any ideas?
  Thanks for any responses..
  GBWY
  Jason
  Jason Phillips

  Hi Jason,
  If I understood your task correctly, you want to change the Setpoints on the Server DataTable using Pots from different clients. And also reflect these changes on the clients locally.
  You correctly remoted the Pots on the Clients to the corresponding Pots on the Server. However, you do not need tables on your clients. All you need is Expressions on each client to the particular cell of the Clients.
  So, to summarize: On the Server, the Pots write to the DataTable. And since the Pots on the Clients are remoted to these Pots on the Server, you can affect any change using these Pots. Because of the common remote source (Server Pots, i.e.) all of these Pots will always be in sync. Finally, to get the Setpoints on the Clients, just insert Expressio
  ns to the Server's DataTable.
  I am attaching a simple example (exmpl.zip) which does this. There are three processes -- My_Server, My_Client1, and My_Client2. I had them setup on the same machine so the paths are all process relative, but you can always change those to computer relative or absolute and move the client processes to diff machines.
  Hope this helps.
  Rgds,
  Khalid
  Attachments:
  exmpl.zip ‏12 KB

• Problems with iCal Server 2 and Snow Leopard Clients

  I am currently running iCal Server 2 on Snow Leopard Server, with approximately 6 client computers connected to a single shared calendar account.  I have digest authentication enabled, and am thus using Kerberos (but not SSH), as well as 3 iPhones. 
  Upon initial connection, I can get all the clients - computers and phones - to properly pull down all the calendar data, and match one another.  However, several of the computers are having trouble updating properly when new events are added.  After some troubleshooting, it seems that the computers running Snow Leopard are not properly updating with events that are entered from other computers, either Snow Leopard or Leopard.  They can, however, post events to the server themselves without any errors.  Interestingly, the Leopard computers can push and pull updated events just fine, and will update with new events whether they originated from a Snow Leopard or a Leopard client.
  We had some recurring login/authentication issues a while back, which seemed to resolve when I disabled digest authentication; I'm wondering if perhaps that has something to do with the problems now.  We're mostly using BusyCal as client software, with the iPhones obviously using iCalendar.
  Just looking to see if anyone else has had similar problems, with Leopard clients working well and Snow Leopard clients having issues.  Thanks!

  Noby_me,
  A lot of folk are having major issues with many Adobe programs and Snow Leopard. You are not alone. For many, rolling-back to Leopard has been the cure. From "word on the street," it appears that Apple is aware of these issues and are working on an OS update. I have no schedule, but that word was out about a month ago, so let's hope that the update is soon in coming.
  You might want to do a Search on this, the Encore and the PS fora for "Snow Leopard." There are plenty articles.
  Good luck,
  Hunt

• Leopard Server PPTP VPN and Airport, can connect VPN but not AFP/SMB/VNC

  I have on several occasions enabled a PPTP VPN service on Leopard Server and forwarded the appropriate ports in my Airport Extreme with this result: Outside clients can connect to the Leopard Server, but trying to connect to the server with AFP, SMB, Screen sharing or Remote Desktop over this VPN just times out.
  The VPN seems to be working OK, but after establishing the VPN I can't use it. The client (iMac with Mac OS X 10.5.3) gets an IP, DNS, Router etc. from the network's DHCP.
  I have tried setting the server as default host with no effect.
  Everything is running the latest available updates.
  Is there any bug/problem with PPTP VPN passthrough an Airport Extreme on the Server side? Is there anything that needs to be configured other than forwarding port 1723 on the Airport?

  I had a similar problem. Hope my solution can help you.
  Check if the routers on both sides of the VPN connection use the same ip address style (ie. 10.0.0.x, 192.168.1.x). If they both use the same style then they conflict.
  I have a Airport Extreme at home and was VPNing to a server behind a time capsule. Both were using the 10.0.0.x style IP. I switched my home IP style to 192.168.1.x and everything worked right away.

• List all printers configured from server and local machine when hosted in server machine and working from Client machine

  Hello Team
  I am developing web application in asp.net. When application run from IIS(hosted in server machine running from client machine using web browser) application should list all the configured printers in local and network.
  can any one please let me know the process, in this i was able to load printers from server, so need to load printers from local machine.
  Thanks in Advance
  Bindu

  Hi Bindu,
  I am developing web application in asp.net. When application run from IIS(hosted in server machine running from client machine using web browser) application should list all the configured printers in local and network.
  From this message, this is a web application in asp.net, and it also related to IIS.
  You should post in the dedicated ASP.Net Forum
  http://forums.asp.net
  For IIS issue, http://forums.iis.net/ IIS forum should post.
  Thanks
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Please clarify license about server managed and configuration manager client ML system center 2012

  Could clarify why managed servers License required ,already we bought the configuration manager client ML License ? We are planing to buy system center operation manager 2012

  Hello,
  if you wants planing to Monitoring your AD with Exchange Server and you have only one physical Server with for example 2 CPUs and 2 VMs, you need to purchase the System Center Standard 2012 R2 SML for Monitoring your Server environement. However,  if
  your AD is a datacenter or for example 4 x Windows Server Standard with 8 VMs than, you need to purchase the System Center datacenter SML.
  the System Center SML is licensed per physical Server: one license up to two physical CPUs. if you have for 2 physical Hosts with 2 CPUs each, you need to purchase two System Center licenses.
  the only difference between Standard and datacenter is only about virtualization rights
  for System Center Operation Manager for your Clients Desktop, you need to purchase the System Center Client Management Suite includes: Operation Manager; Services Manager; Data Protection Manager and Orchestrator.
  thanks
  diramoh

• VPN and iManager - not displaying VPN options?

  Hi,
  We just installed BorderManager v3.9 SP1 (upgrade from BM 3.7) and are running iManager 3.6
  In iManager v3.6 we can see and configure Access Rules, Proxy, etc but the VPN option does not list up.
  Could someone post how to get VPN listed in iManager successfully. Under Installed Novell Plug-in Modules it shows as an installed module but never shows in our Roles and Tasks despite logging in as admin and it being the owner.
  Thanks,
  Dale.

  Craig,
  That didn't work on that server but now using iManager successfully off another Netware server with BM Plug-ins.
  We have configured the BorderManager server for Client to Site with all setting as per your book, opened the ports required on the firewall device (NAT happening here to), have public IP natting to private ip of server on firewall and have setup VPN Client on external workstation.
  When we try to VPN Login it seems to find the server as the VPN status server says Authenticating user but after about 1 min we get "Failed receiving server DH public value". We have double-checked the we have Allow NMAS Authentication and "Logged".
  Any ideas what could be wrong here and what we can check?
  Cheers,
  Dale.
  Kind Regards,
  Dale Bentley
  Network Help
  >>> Craig Johnson<[email protected]> 24/07/2008 3:46 am >>>
  In article <[email protected]>, Dale wrote:
  > Would like to fix this rather than using iMan on Windows - customer request. If the plug-in shows
  installed why would it require a reinstall?
  >
  Because something is broken, and a reinstall (of the plugin) might be the easiest way to fix it?
  Have a look at the logger screen when trying a reinstall of the plugin. You might also want to uninstall
  it first.
  Craig Johnson
  Novell Support Connection SysOp
  *** For a current patch list, tips, handy files and books on
  BorderManager, go to http://www.craigjconsulting.com ***

• 1720 VPN and Winproxy behind 826, VPN drop outs

  DSL into 826. Winproxy and 1720 into 826.
  1. Can the 826 prevent VPN traffic while allowing web traffic to flow thru Proxy?
  2. Does the Proxy server setting in IE connection override default gateway IP?
  The problem is that VPN clients have Default GW as IP to 1720 and proxy server WinProxy IP. Connections are unstable w/ no correlations. Web and VPN can both work or either or none.

  You could block all "non-proxy" access through the router by creating an access list doing so. The only IP you would allow through would be the proxy server's requests and then, only it's source address and proxy ports if you want to be very specific. As I understand it, when you configure a proxy setting in a browser, any request the browser makes (http, https, ftp, etc.) will be directed to only the proxy address and the default gateway will never be used. The PC would only use the default gateway for any non-browser client applications (VPN client software, telnet, ping, smtp, pop3, etc.) Of course, if you blocked all "non-proxy" traffic as I suggested, none of these applications wil work unless you modify your access list to allow them.

• Windows Server 2008 and Crystal Reports 8.5 printing issue

  I am having a problem when using the crystal reports 8.5 report viewer ocx (ActiveX) under Windows Server 2008.
  When logging onto the server through remote desktop, a report can be shown on screen in preview. When this report is printed, and the user requests more than one copy, the printer only ever prints one copy. Is this a configuration of the terminal server, or simply that the ocx control doesn't cater for it?
  I am using the Windows Server 2008 "Terminal services Easy Print" drivers on the terminal server.
  Any suggestions would be welcome.

  Hi Sastry
  I can print multiple pages from notepad without any issues. It is only the print from the crystal OCX control that has the issue. It has it's own print dialog box.
  Thanks
  Peter

• MARS and Site-to-Site VPN networks

  We have a handful of remote sites that are on an IPSEC Site-to-Site vpn connection with our corporate office and the head end device is also our corporate firewall(ASA-5520) and has the IPS module installed in it.
  MARS is configured to receive all events generated from the ASA firewall and the IPS sensors.
  How can I exclude the vpn networks at the IP level from being subject to the interrogations. I've had to create several exclusions in the IPS module policy to stop the numerous alerts that get generated when typical windows domain traffic is flagged. This is typical behaviour for domain machines but its not typical for firewalls to expect to see. Everything is doing its job as expected but I need to stop all the alerts more efficiently and with a smaller configuration so that I don't have to exclude tcp ports, services, for each signature that is flagged.

  I have Router 3845. i setup Radius following by link you gave me. when i try to login on router it does not login and i get following message on my Radius server's Event log.
  "A RADIUS message was received from the invalid RADIUS client IP address 50.200.x.x"
  50.200.x.x is my router public IP and 192.168.10.1 is private IP. i provided my router private IP in Raduis Config. please see the attched file of radius config. when i try to enter my AC user name and password in Client VPN it also does not authenticate my user.
  here is my router config.
  aaa new-model
  aaa group server radius ITCDC001
  server-private 192.168.10.15 key 7 142713181F132539207A636D754A
  aaa authentication login default group ITCDC001 local
  aaa authentication login vpnuser local
  aaa authorization network groupauthor local
  crypto isakmp policy 9
  encr 3des
  authentication pre-share
  group 2
  crypto isakmp key NetGearCisco address 203.13.x.x no-xauth
  crypto isakmp client configuration group vpnclient
  key cisco123
  dns 192.168.10.15
  domain itc.com
  pool ippool
  acl acl_vpn
  crypto ipsec security-association lifetime seconds 86400
  crypto ipsec transform-set CISCOSET esp-3des esp-sha-hmac
  crypto dynamic-map dynmap 10
  set transform-set CISCOSET
  crypto map vpn client authentication list vpnuser
  crypto map vpn isakmp authorization list groupauthor
  crypto map vpn client configuration address respond
  crypto map vpn 1 ipsec-isakmp
  set peer 203.13.x.x
  set transform-set CISCOSET
  match address acl_ncsvpn
  crypto map vpn 10 ipsec-isakmp dynamic dynmap

• Connecting to non-VPN and VPN simultaneously

  Ahoy there, I'm on high-speed (130 Mbit) restricted internet right now. The service filters certain ports and services (VoIP + P2P + FTP) and as such, I have to connect to a VPN to unblock these services. With this in mind, I ask the following questions:
  (The VPN is configured as such that I currently "Send all network traffic over this connection" with a unique server, account, password and shared L2TP key, or a PPTP connection without a shared secret and just server-account-password)
  Is it possible to
  A. Configure Firefox to use the native Ethernet direct connection and not use the VPN to get to the internet, regardless of the fact that I have "Send all network traffic" selected. (Like, maybe disabling Send all network traffic over this connection and configuring Transmission to just use the VPN)
  B. Configure Transmission (the P2P client) to only connect to the VPN and use it -solely- for P2P traffic.
  C. Use BOTH an Airport connection AND an Ethernet connection to increase speed or throughput.
  Any of these things would really help my dilemma, because while I'm connected to the VPN, Firefox's/the general internet speed goes down the drain, with the tradeoff being access to those services, which is immensely frustrating.
  Any thoughts?
  P.S. I had considered using Parallels Desktop to run another OS and use Parallels Shared Network connection and using that for P2P/VoIP and have that connect to the VPN only while the regular half of my computer is connected to the rest of the internet, but I don't know the logistics of such a thing.

  I am looking to do the exact same thing. Can anyone help?
  I would like to use Firefox for normal web browsing (non-VPN) and then Safari for VPN browsing. Currently, once I start up VPN all network data is going through it. I need to specify which program uses the VPN and which uses my normal "Built-in Ethernet" non-VPN.
  Thanks!

• Error updating data source from SQL Server ODBC into SQL Native Client 10.0

  I am converting Crystal 8.5 reports into Crystal XI release 2. The data source was ODBC using SQL Server 2000 and pointing to a stored procedure. In the new server the data source has to be ODBC again, but it uses the SQL Native Client 10.0 Driver, because the new server is SQL Server 2008. I have copied the same old stored procedure on the new server and it works fine as a data source to a brand new Crystal XI report. But when I am opening an existing 8.5 version crystal report and updating the data source to the new location I get the error message "Some tables could not be replaced, as no match was found in the new data source".
  I thought I could tackle this error by creating a temporary data source using the standard ODBC SQL Driver linked to the SQL 2008 Server instead of the SQL Native Client 10 ODBC. So I first updated the crystal data source to link to this temp ODBC using SQL Driver and it worked fine. But after that, when I try to update the data source to link to the SQL Native Client 10 ODBC, I get the same error again.
  So I guess that the problem is not the new server itself, but the switch between SQL Server ODBC and SQL Native Client 10 ODBC.
  Does anyone know what's going on with this SQL Native Client 10 in updating crystal report data sources?

  CR XI does not support that driver. Try selecting the Native driver or upgrade to CR XI R2 for free and use SP4, 5 and 6 and then FP 6.4 or upgrade to CR 2008 and SP 3 and Fix Pack 3.3
  Thank you
  Don

• Server Cannot Detect that the Client is disconnected, why?

  From what I've read, in order to make server "know" that a client is disconnected, you have to make server "write" to client socket to eventually catch an ioexception.
  So I write a simple server program and a simple client program. The server "writes" to the client every 10 secs. Now I start the server and client, I can tell on the client side that for about every 10 secs, the client gets the message.
  Now I terminate the client program. The server still keeps writing to the client. It's my understanding that after 1 min or so I should see an ioexception. However, 10 minutes passed and the server still keeps writing...
  Why is this happening? Did I miss something?

  I think it happens because the port is still open
  even after the client is closed.And you should not
  get IOException when you send a packet over a open
  port.Err, no, you should get a SocketException when you send data to a port which has already been closed or reset by the peer.

• How to get FMS server time and date

  hi,
  i m working on a customer support chat application. There is
  neccssary for me to get the FMS server time and date, bcoz
  depending on the server time and date the client instances recive
  different messages.
  i looked at date() function on FMS server, but it returns
  user PC time ( not FMS server time).......
  so i there any way to get FMS server date and time??
  thanks in advance
  shrikant

  See this post.
  How To Display Time Information in Report/Results?
  http://forums.ni.com/t5/NI-TestStand/During-a-test-how-can-I-find-the-start-time-and-date-of-that/td...
  Now is the right time to use %^<%Y-%m-%dT%H:%M:%S%3uZ>T
  If you don't hate time zones, you're not a real programmer.
  "You are what you don't automate"
  Inplaceness is synonymous with insidiousness

• Does ios vpn ondemand conflict with manual vpn?

  I have an ios 7.1.2 device with a vpn configuration profile applied to force a IPSEC vpn on for all internet access.  This works great - when ever I access a web page etc, the vpn springs into life.
  However, if I go to Settings, VPN and manually switch the VPN OFF; and then manually switch the VPN back on again - the VPN no longer works properly:
  -The VPN logo still appears at the top leftside, when the VPN is manually switched back on again
  -However, when I go to a web page I get the message unable to connect to the internet.
  -Specifically, I know that traffic is going to the vpn server, and the vpn server is returning traffic - but it appears the device is unable to handle it.
  Has anyone else come across this use case?  
  I know that if having had the problem, I manually switch the vpn back OFF; and then go to a web page  to trigger the vpn on demand - all is well.
  So its as if there is a conflict between ondemand and manual vpn setting?
  Has anyone else experienced this?  
  Is it a bug or a feature?  Is there anything I can do to avoid it, or having used on demand - do I always have to trigger on demand and never manually?

  I have this same question for IPSec on both iOS and MAC OS X.   Does the built in iOS and MAC OS X VPN client's support IPSec VPN connections where the VPN server's public IPv6 address is used ?     I am getting a server not found error when I try to get this working.