Question about TC setup, bridge mode and security...

Similar Messages

• Trouble with bridge mode and port forwarding

  I have a Westell Model 6100F DSL modem in bridge mode into my network and I'm having trouble forwarding ports. Is there any general guidance available to do this. I have set many of my friends networks up to allow port forwarding but all have been on other service providers, mainly cable. (my experience) My network is the only one I have had trouble with.
  Basically, my question is, while in bridge mode, does the modem forward all incoming traffic to my NAT router or do I need to apply special port forwarding settings in the modem to allow this?
  If bridge mode is the reason I cannot forward the ports, can someone explain how to set the WEstell 6100F back to factory defaults so I can start over. 
  Any other suggestions?
  Thanks in advance.
  Paul

  If bridge mode is set up correctly, your router should be holding the Public IP address (basically not something that is a 192.168 address) as shown at http://www.whatismyip.com/ and compared against what IP your router has.
  If your router has the public IP, all problems lie with either your router or your PC's firewall and configuration. I'd check out portforward.com for some guides on forwarding ports for your router or poarticular application if you need some additional help.
  ========
  The first to bring me 1Gbps Fiber for $30/m wins!

• Using an airport extreme in both bridged mode and guest network with DHCP

  I currently use a third-generation airport extreme in bridge mode to connect my various Mac servers To the Internet. I'm using bridge mode on the AirPort Extreme because I have up to five static IP address (only using three now) I am currently not using the wireless network, and none of the servers are serving DHCP. I am looking at the Newer airport extreme with guest network Wi-Fi. My question is, does the new airport extreme base station support bridge- mode for any devices and host DHCP for the guest network connecting wirelessly to the base station?

  The AirPort Extreme cannot be in Bridge Mode and support a Guest Network.
  The AirPort must be configured to provide DHCP and NAT services if you want to enable the Guest Network function.
  If you really do have a 3rd Gen AirPort Extreme, it will support the Guest Network feature if you connect the AirPort directly to a simple modem.....not a modem/router or gateway type of devices.......and configure the AirPort to provide DHCP and NAT services for the network.

• ACE in bridged mode and multicast

  We have configured an ACE SM in bridge mode and have a requirement to enable multicast on one of the networks where the back-end servers are residing. Will ACE support multicast out of the box, or will we need to do any tweaking on the ACE to enable the multicast support?
  Thanks..

  Hi Gilles,
  Is it also supported in routed mode?
  The ace isn't doing multicast routing right?
  Actually, the server-side vlan is being routed on the C6500 and has pim sparse-dense mode enabled.
  We want to move this server-side vlan behind the ace in routed mode. What about the pim?
  Any ideas?
  thanks,
  Dario

• Can a single Access Point support both bridge mode and Access Point mode at the same time

  Hi Guys
  Does anyone know which access point can work in both bridge mode and AP mode ?
  Cheers

  Well what are you trying to cover. If its really a large outdoor area, then look at the mesh AP. Those require a WLC. Autonomous or stand alone ap can perform bridging on one radio and client access on another. You can also look at AP that support indoor mesh that also controlled by a wlc. If your putting APs outdoors, then look at the outdoor mesh.
  Thanks,
  Scott Fella
  Sent from my iPhone

• Here's a very basic question about 2 TB external drives and Time Machine.

  Here's a very basic question about 2 TB external drives and Time Machine.
  Ihave a Mac Pro with a .75 TB and 1 TB drive.  It also has a 1 TB 2ndinternal drive.  My current external drive is too small so I'll begetting a 1.5 TB or 2 TB drive.
  Obviouslythe new larger 2 TB drive will backup everything on the Mac Prointernal drive with Time Machine.  But there will be 1 TB of space leftover going to waste.
  ShouldI partition the external drive so that the TM portion will be 1 TB andthe use the remaining extra partition for additional file backups withCarbon Copy?
  Thanks for any insights.
  I tried searching around on the new Apple discussion forum, but I find it much harder to use than the old forum I used to use.

  The problem with terabyte drives is that that a 3 TB is about as big as you can get without going into RAID territory. Ideally, a Time Machine drive should be 3 times as large as all the drives you are backing up. So, if you have 2.75 TB of internal storage, you should have 8 TB of Time Machine space.
  Of course, that is "should". If your TB drives are mostly empty, then you can get away with something 3 times the size of your used disk space. Just remember that you are pushing it. Linc is right about Time Machine needing space to work.
  It is unlikely that you have regular churn on 2.75 TB of disk. I suggest identifying which drives and folders have the most activity and excluding those drives and directories that don't change much. It would be better to archive the data that doesn't change often and keep it out of Time Machine. Then you may be able to get away with a 2 TB Time Machine drive.

• Question about 2 TB external drives and Time Machine.

  Here's a very basic question about 2 TB external drives and Time Machine.
  I have a Mac Pro with a .75 TB and 1 TB drive.  It also has a 1 TB 2nd internal drive.  My current external drive is too small so I'll be getting a 1.5 TB or 2 TB drive.
  Obviously the new larger 2 TB drive will backup everything on the Mac Pro internal drive with Time Machine.  But there will be 1 TB of space left over going to waste.
  Should I partition the external drive so that the TM portion will be 1 TB and the use the remaining extra partition for additional file backups with Carbon Copy?
  Thanks for any insights.
  I tried searching around on the new Apple discussion forum, but I find it much harder to use than the old forum I used to use.

  John,
  I'm not sure why you posted in the iMac forum so I'm going to attempt to get you to the correct spot. I would recommend reposting in the Time Machine Forum, this is part of the OS X forums (Leopard or Snow Leopard) because you are using Snow Leopard (your profile indicates you are) please click Apple Support Communities and type Snow Leopard. Then you can narrow the search down by clicking Refine this List.
  Roger

• Bridge mode and router mode

  hello,
  I want to understand the basic operation, difference and advantages of both Bridge Mode and Router mode?
  i also want to know in which case i should go for Bridge mode and Router mode?
  regards
  Devang

  It realy depends on your requirements.
  Mainly bridge mode is used for multicast support, Multiple DMZs + FWSM, server initiated connections or for seemless migration from previously installed "bridged load balancing environment".
  Some of the differences are
  In bridge mode you do not need additional config for "Direct server access" / "Server Initiated connections"
  Broadcasts are dropped in routed mode whereas they are bridged in bridge mode.
  LB functionality is same in both modes.
  Syed Iftekhar Ahmed

• AirPort Time Capsule. Read everything and tried everything. Can't get a guest network to work. Switched from bridge mode and still doesn't work. Anyone able to set up a guest network?

  AirPort Time Capsule. Read everything and tried everything. Can't get a guest network to work. Switched from bridge mode and still doesn't work. Anyone able to set up a guest network?

  I had a bright house cable modem that also had built-in wi-fi.
  Don't mean to be picky here, but if the "modem" had built in Wi-Fi, it was not a modem. It was a modem/router, also known as a gateway type of device.
  A device like this combines the functions of a separate modem and separate router in one package. Turning off the wireless on a device like this does not make a it modem.....it is still a modem/router or gateway with the WiFi turned off.
  I think that if I have them replace the current "complicated" modem with a "simple" one I should be able to get the guest network up and running.
  That would be correct. Hopefully, they offer this type of option for their customers.

• Bridge mode and extended mode together?

  I just received my new milk jug Extreme AC today, yay! I bought this in the hope that it might mitigate some of the reception issues I have been battling in my home. I currently have the 4th gen Extreme (the one with the hobbled radios) and the 3rd gen Express, and I would like to use the old Extreme in bridge mode while wirelessly extending to the Express from the old Extreme. (Yes, I would love to hard-wire but that isn't realistic right now.) Anyone have any success doing this, or any suggestions?

  It wouldn't be a wireless daisy chain as I have infrastructure
  Thanks for clarifying that, since it was not mentioned at all in your first post. We saw things like "wirelessly" and "I would love to hard wire, but....." and assumed (when we should not have) that you were talking about wireless for the network.
  hardwire the two Extremes together with the AC doing the DHCP heavy lifting.
  That would be best way to connect the two Extremes together. Set up the new "ac" Extreme as the main router, then connect an Ethernet cable from one of the LAN <--> ports on the new Extreme to the WAN "O" port on the older Extreme.  The setup utility will practically configure everything for you.
  I suppose I could do something similar with the Express but I am okay with the bandwidry tradeoff If it can wirelessly piggyback from one of the Extremes.
  As long as the Express is located where it can receive a good quality wireless signal from whichever Extreme, that should work OK. Extending with the Express is a compromise deal no matter how you look at it.......since even if you decide to connect to the Express using Ethernet, the port on the Express will only handle 100 Mbps.
  Strange as it seems, it is often better to take the bandwidth hit and extend using wireless  with the Express, since the signal will often be faster this way than using Ethernet.

• CSM in Bridge mode and Server initiated connections

  I know one can use Source NAT for server initiated connections back to VIP using CSM in routed mode. How do I achieve the same for bridge mode?
  Thanks in advance,
  Shahid

  Shahid,
  that's a well-known problem for all loadbalancer in the world.
  With a sniffer trace, or just thinking about TCP/IP rules you can figure out why client nat is required.
  If you go from a server to a vip, the CSM will forward the traffic to a random server.
  The CSM forwards the traffic with the source ip unchanged by default.
  The server receiving the traffic will forward the response back to the source that initiated the request.
  If the source is also a server in the same subnet, the response does not need to be sent through a gateway. Since both source and destination are in the same subnet, the traffic is sent based on mac address and it bypasses the CSM which can't perform the nating.
  The source receiving the response from the server directly will just ignore it.
  Using client nat forces the response to go back to the CSM which can perform the nating before sending it to the client.
  This has been discussed tons of times in this forum.
  It's a classic question :-)
  Gilles.

• How do I configure my Airport Extreme to work in Bridge Mode and provide specific IP addresses to clients

  My Airport Extreme is working with an Airport Express to wirelessly extend my wireless network.  Both Airports are configured in Bridge Mode per the instructions I found on Apple's support site.  I want to assign a specific DHCP address to a wireless camera that is in range of the Extreme, but I understand that the Extreme needs to be in DHCP Only mode to do this.  But if I change the mode to DHCP Only, the Extreme will lose contact with the Express.  How can I get both functions to work - wireless network extension and specific DHCP addresses?

  Then what device is providing DHCP? Only once device per subnet should be the DHCP server. One should be DHCP and NAT and the other in Bridge mode for most home setups. The unit with DHCP and NAT should be the one connected to your cable or DSL and the other set in Bridge mode only extends your network.
  On the wireless config page set whichever you're using to extend your network to "Extend a wireless network" and give it the details of the network to which you're attaching it.

• Some questions about javacard 2.1.1 and smartcardio

  Hello i have some question about java card 2.1.1 and the smartcardio package.
  1.) I want to sign a message with the Signature.ALG_RSA_SHA_PKCS1 algorithm. I use the following code in the applet to sign the message:
  final static byte P1_CREATION_MODE = (byte) 0x01;
  final static byte INS_SIGN_MODE = (byte) 0x60;
  final static byte SmartCard_CLA = (byte) 0xB0;
  private void signMessage(APDU apdu) {
          byte[] buffer = apdu.getBuffer();
          byte byteRead = (byte) (apdu.setIncomingAndReceive());
          signature.init(privateKey, Signature.MODE_SIGN);
          short length = signature.sign(buffer, ISO7816.OFFSET_CDATA, byteRead, buffer, (short) 0);
          apdu.setOutgoingLength((short) length);
          apdu.sendBytesLong(buffer, (short) ISO7816.OFFSET_CDATA, (short) length);
          apdu.setOutgoing();
      }On the host side I use the following code to connect to the card and to send the sign apdu:
  if (TerminalFactory.getDefault().terminals().list().size() == 0) {
              LOGGER.log(Level.SEVERE, "No reader present");
              throw new NoSuchCardReader();
          /* Select the first terminal*/
          CardTerminal terminal = TerminalFactory.getDefault().terminals().list().get(0);
          /* Is a card present? */
          if (!terminal.isCardPresent()) {
              LOGGER.log(Level.SEVERE, "No Card present!");
              throw new NoSuchCard();
          /* Set the card protocol */
       Card card = terminal.connect("*");
          ATR atr = card.getATR();
          LOGGER.fine(getHexString(atr.getBytes()));
          LOGGER.fine(getHexString(atr.getHistoricalBytes()));
          CardChannel channel = card.getBasicChannel();
          CommandAPDU cmd = new CommandAPDU((byte) 0xb0, (byte) 0x60, (byte) 0x01, (byte) 0x00, new String("datadatdatadata").getBytes(), (byte) 0x40);
       ResponseAPDU response = channel.transmit(cmd);
          card.disconnect(false);But this does not work and i got the following error
  javax.smartcardio.CardException: sun.security.smartcardio.PCSCException: Unknown error 0x8010002f
          at sun.security.smartcardio.ChannelImpl.doTransmit(ChannelImpl.java:202)
          at sun.security.smartcardio.ChannelImpl.transmit(ChannelImpl.java:73)
          at de.upb.client.smartmeter.SmartMeter.initSmartCardApplet(SmartMeter.java:114)
          at de.upb.client.smartmeter.SmartMeterApplikation.main(SmartMeterApplikation.java:39)
  Caused by: sun.security.smartcardio.PCSCException: Unknown error 0x8010002f
          at sun.security.smartcardio.PCSC.SCardTransmit(Native Method)
          at sun.security.smartcardio.ChannelImpl.doTransmit(ChannelImpl.java:171)
          ... 3 more2.) 3Des encryption
  I want to use the 3Des algorithm to encrypt my data. I use
  keyDES = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES,
                      KeyBuilder.LENGTH_DES3_2KEY, false);
  cipherDES = Cipher.getInstance(Cipher.ALG_DES_CBC_ISO9797_M2, false);But i do not know what is the aquivalent on the host side??
  3.) Another problem is that i am not able to send the modulus of a public key from the host applikation to the smard card
  new CommandAPDU((byte) 0xb0, (byte) 0x20, (byte) 0x01, (byte) 0x00, modulus.toByteArray()); // create the apdu
  // the method in the applet
  private void setServerKeyMod(APDU apdu) {
          byte[] buffer = apdu.getBuffer();
          try {
              byte byteRead = (byte) (apdu.setIncomingAndReceive());
              short off = ISO7816.OFFSET_CDATA;
              // strip of any integer padding
              if (buffer[off] == 0) {
                  off++;
                  byteRead--;
              publicKeyServer.setModulus(buffer, off, byteRead);
          } catch (APDUException ex) {
              ISOException.throwIt((short) (SW_APDU_EXCEPTION + ex.getReason()));
      }The error code is 6700
  4.) My last problem ist, that i am not able to use a value bigger than 0x7F as the ne field in the apducommand, because i get the following error
  CommandAPDU((byte) 0xb0, (byte) 0x60, (byte) 0x01, (byte) 0x00, data, (byte) 0xff);
  java.lang.IllegalArgumentException: ne must not be negative
          at javax.smartcardio.CommandAPDU.<init>(CommandAPDU.java:371)
          at javax.smartcardio.CommandAPDU.<init>(CommandAPDU.java:252)I thought that it this should be possible in order to use all the bytes of the response apdu.
  If you need more code to help please let me know.
  Cheers
  Edited by: 858145 on 06.07.2011 08:23

  2) What is PKCS? what is the difference between
  PKCS#11 and PKCS#15??PKCS is the abbreviation of "Public-Key Cryptography Standards"
  PKCS #11: Cryptographic Token Interface Standard
  See http://www.rsasecurity.com/rsalabs/node.asp?id=2133
  PKCS #15: Cryptographic Token Information Format Standard
  http://www.rsasecurity.com/rsalabs/node.asp?id=2141
  If you want to use yor smartcard as secure token it doesn't have to be a JavaCard.
  BTW: I don't remember a way to access PKCS#15 tokens on a JavaCard from within an oncard JavaCard program. If you want to use keys in your oncard program, you have to transfer it onto the card or generate it oncard and export the public key by your own oncard/offcard code.
  Jan

• Airport express in bridge mode and wrong IP

  Hi all,
  my airport express is driving me nuts!! I'm trying to set it up in bridge mode, just to share the printer and to use airplay, bridging the network of my ISP router, that works fine in wifi mode with all my devices (tested with: 2 MacBookPro, 3 iphone, 1 ipad).
  The issue is that I configure the AE to join my network (using airport utility), it restarts and works just for few minutes and then it drops the IP, and it turns out to not be visible even for airport utility.
  I've noticed that in the summary configuration page of airport utility the IP assigned to the AE is kind of  169.254.X.X that means that the AE is not reciving a valid IP from the router. But, if I press "manual setup" and load the internal configution, in the TCP/IP pannel there is a righ IP number.
  But it stops working anyway :-(
  I've already tried to configure it with a static IP num (in my IP range), but it did not work as well.
  Last thing: my AE is the old one, 802.11g.
  Any suggestion?
  thanks in advance and happy new year ;-)

  When the AirPort is setup to operate in Bridge Mode, all ports behave as if they were LAN <--> ports, so it would not make any difference which port is used. As a personal preference, and also to aid in troubleshooting, I use the WAN "O" port when configuring a network, if only to know at a glance which cable is which.
  The settings on the AirPort are interactive, so when/if you change the Network Mode to "create a wireless network", that will throw the AirPort back into router mode, so always check to make sure that the AirPort is in Bridge Mode as the last step before you click update to save the settings.

• What is the difference between Bridge Mode and sharing a public ip address?

  Hello,
  I would like to understand this difference, in general terms, and also in the context of my setup:
  I have an office inside a business center where we are assigned a fixed ip address per computer, and I don't know whether it is better to use bridge mode or to share a public ip address in order to use the benefits of the new time capsule: internet access, hard drive sharing, mobile me back to my mac? Back to my mac does not seem to be working and I get the message that I net a modem with NAT protocol bla bla bla...but I'm also not sure whether the problem is with the setup as the manufacturer claims the protocol is supported.
  Thank you for the help

  "...share a public ip address..." enables the DHCP/NAT service on the Time Capsule.
  "...bridge mode..." disables the DHCP/NAT service on the Time Capsule.