Menu
▾
▴
devil-linux-discuss — General Mailing List for all discussions
You can subscribe to this list here.
| 2001 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(59) |
Sep
(57) |
Oct
(5) |
Nov
(45) |
Dec
(21) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2002 |
Jan
(13) |
Feb
(22) |
Mar
(14) |
Apr
(7) |
May
(33) |
Jun
(57) |
Jul
(25) |
Aug
(40) |
Sep
(53) |
Oct
(58) |
Nov
(75) |
Dec
(22) |
| 2003 |
Jan
(101) |
Feb
(101) |
Mar
(103) |
Apr
(125) |
May
(85) |
Jun
(57) |
Jul
(62) |
Aug
(42) |
Sep
(76) |
Oct
(214) |
Nov
(290) |
Dec
(274) |
| 2004 |
Jan
(187) |
Feb
(172) |
Mar
(313) |
Apr
(209) |
May
(169) |
Jun
(147) |
Jul
(118) |
Aug
(193) |
Sep
(227) |
Oct
(125) |
Nov
(246) |
Dec
(191) |
| 2005 |
Jan
(244) |
Feb
(175) |
Mar
(165) |
Apr
(130) |
May
(217) |
Jun
(122) |
Jul
(188) |
Aug
(235) |
Sep
(165) |
Oct
(133) |
Nov
(209) |
Dec
(88) |
| 2006 |
Jan
(66) |
Feb
(89) |
Mar
(108) |
Apr
(91) |
May
(29) |
Jun
(45) |
Jul
(64) |
Aug
(42) |
Sep
(44) |
Oct
(81) |
Nov
(64) |
Dec
(9) |
| 2007 |
Jan
(24) |
Feb
(122) |
Mar
(55) |
Apr
(50) |
May
(84) |
Jun
(13) |
Jul
(80) |
Aug
(70) |
Sep
(78) |
Oct
(45) |
Nov
(56) |
Dec
(42) |
| 2008 |
Jan
(65) |
Feb
(3) |
Mar
(51) |
Apr
(151) |
May
(54) |
Jun
(72) |
Jul
(73) |
Aug
(47) |
Sep
(55) |
Oct
(123) |
Nov
(16) |
Dec
(4) |
| 2009 |
Jan
(23) |
Feb
(39) |
Mar
(27) |
Apr
(36) |
May
(35) |
Jun
(51) |
Jul
(11) |
Aug
(14) |
Sep
(40) |
Oct
(67) |
Nov
(38) |
Dec
(13) |
| 2010 |
Jan
(15) |
Feb
(35) |
Mar
(40) |
Apr
(11) |
May
(26) |
Jun
(10) |
Jul
(5) |
Aug
(50) |
Sep
(86) |
Oct
(67) |
Nov
(36) |
Dec
(11) |
| 2011 |
Jan
(50) |
Feb
(6) |
Mar
(13) |
Apr
(13) |
May
(29) |
Jun
(27) |
Jul
(26) |
Aug
(27) |
Sep
(21) |
Oct
(7) |
Nov
(27) |
Dec
(4) |
| 2012 |
Jan
(11) |
Feb
(20) |
Mar
(48) |
Apr
(18) |
May
(8) |
Jun
(19) |
Jul
|
Aug
(15) |
Sep
(3) |
Oct
(4) |
Nov
(5) |
Dec
(1) |
| 2013 |
Jan
(13) |
Feb
(7) |
Mar
(4) |
Apr
(25) |
May
(2) |
Jun
(8) |
Jul
(4) |
Aug
(8) |
Sep
(7) |
Oct
|
Nov
(5) |
Dec
(10) |
| 2014 |
Jan
|
Feb
|
Mar
(6) |
Apr
(20) |
May
(5) |
Jun
|
Jul
(2) |
Aug
|
Sep
(8) |
Oct
(21) |
Nov
(4) |
Dec
(7) |
| 2015 |
Jan
(10) |
Feb
(9) |
Mar
(4) |
Apr
|
May
|
Jun
|
Jul
|
Aug
(5) |
Sep
(11) |
Oct
|
Nov
(17) |
Dec
(32) |
| 2016 |
Jan
(10) |
Feb
(15) |
Mar
(4) |
Apr
(7) |
May
(10) |
Jun
(11) |
Jul
(15) |
Aug
(26) |
Sep
(13) |
Oct
(10) |
Nov
(16) |
Dec
(6) |
| 2017 |
Jan
(9) |
Feb
(3) |
Mar
|
Apr
(2) |
May
(2) |
Jun
|
Jul
|
Aug
(3) |
Sep
(3) |
Oct
(6) |
Nov
(8) |
Dec
|
| 2018 |
Jan
(12) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
(4) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Fred F. <ffr...@fr...> - 2007-02-06 13:00:31
|
> > At that point suspecting a GRUB problem I wiped the stick and tried to > rebuild it by hand with the GRUB from my computer (version 0.97). I did > what I am used to which is a boot partition (sdh1) a root partition > (sdh3) and a config partition (sdh2) all ext2. I installed grub to sdh1 > and changed the config so that it was (hd0,0)/ instead of (hd0,0)/boot/ > and strange enough that worked just fine. No problem booting up, other > than failing to find the iso to finish booting. > > I need help either getting the original scheme working (how can I make > grub see grub.conf?) or my manual scheme working (how can I tell it > where the ISO is?) > Is there something in the initrd which sets up the / after the kernel start? I am wondering if there is any documentation on the boot process that I can look at to try and get this working. |
|
From: Serge L. <fi...@in...> - 2007-02-06 12:55:07
|
Hi Frank, Frank Weis wrote: > Hi, > > I have just found out that 'Portslave' is not checked in the default config. > That package contains radiusclient. Yes. But it's obsolete. It would be better if you will not use portslave at all. > We are effectively speaking about different things: I want to run > pptpd and radiusd on the DL box so I need the radiusclient stuff so pptpd can > talk to radius. Yes I see. You can use radius _plugin_ for pppd (it isn't the same to suchradiusclient) . I sent configs exactly for such case. > And I need the rlm_ modules (like rlm_ldap) so radius can > talk do my two AD servers. I see. But DL radius server (freeradius) can talk with IAS (MS radius server) without ldap module, I mean proxy mode of freeradius server... Sorry in advance, if I misunderstood something :-) -- Serge |
|
From: Frank W. <Fra...@ct...> - 2007-02-06 10:46:26
|
Hi, I have just found out that 'Portslave' is not checked in the default config= =2E=20 That package contains radiusclient. We are effectively speaking about different things: I want to run=20 pptpd and radiusd on the DL box so I need the radiusclient stuff so pptpd c= an=20 talk to radius. And I need the rlm_ modules (like rlm_ldap) so radius can= =20 talk do my two AD servers.=20 I'm just building a DL from scratch, the source of these modules is there,= =20 I'll see if they compile and make it to the iso. I'll keep you prompted how it goes :-) =46rank On Tuesday 06 February 2007 10:37:21 Serge Leschinsky wrote: > Hi Frank. > > Frank Weis wrote: > > Hi Serge and thanks a lot! > > You are welcome :-) > > > one last question (hopefully): > > What DL release are you using? Or is it a customized one? > > root@vpnc:~ # cat /etc/issue > Welcome to Devil-Linux v1.2.9-2006-03-09-i686 . > > It's slightly (as far as I remember) modified 1.2.9 > > > The one that has all the rlm_ plugins needed (1.2.9) lacks radiusclient, > > so I'm stuck here for the moment :-( > > Hm... Is it possible what we are speaking about different things? Actually > I meant that you need the following modules (radius.so, radattr.so) for > pppd. Are they absent into the latest DL? If yes it's a bug, I guess. > > There is the file list from my system: > > root@vpnc:/usr/lib # ls -la /usr/lib/pp*/* > -rwxr-xr-x 1 root root 5644 Mar 10 2006 /usr/lib/pptpd/pptpd-logwtmp.so > > /usr/lib/pppd/2.4.3: > total 73 > drwxr-xr-x 2 root root 2048 Mar 10 2006 . > drwxr-xr-x 3 root root 2048 Mar 9 2006 .. > -rwxr-xr-x 1 root root 4986 Mar 10 2006 minconn.so > -rwxr-xr-x 1 root root 9930 Mar 10 2006 passprompt.so > -rwxr-xr-x 1 root root 5685 Mar 10 2006 passwordfd.so > -r-sr-x--- 1 root root 24529 Mar 10 2006 pppoatm.so > -rwxr-xr-x 1 root root 6640 Mar 10 2006 radattr.so > -rwxr-xr-x 1 root root 55460 Mar 10 2006 radius.so > -rwxr-xr-x 1 root root 12144 Mar 10 2006 radrealms.so > -r-sr-x--- 1 root root 29240 Mar 10 2006 rp-pppoe.so > -rwxr-xr-x 1 root root 18396 Mar 10 2006 winbind.so > > > -- > Serge > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat= =3D121642 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss =2D-=20 _______________________________________________ Centre de Technologie de l'Education 29 avenue John F. Kennedy L-1855 Luxembourg-Kirchberg email: Fra...@ct... t=E9l.: +352 478-5973 fax: +352 333797 _______________________________________________ |
|
From: Serge L. <fi...@in...> - 2007-02-06 09:37:39
|
Hi Frank. Frank Weis wrote: > Hi Serge and thanks a lot! You are welcome :-) > > one last question (hopefully): > What DL release are you using? Or is it a customized one? root@vpnc:~ # cat /etc/issue Welcome to Devil-Linux v1.2.9-2006-03-09-i686 . It's slightly (as far as I remember) modified 1.2.9 > The one that has all the rlm_ plugins needed (1.2.9) lacks radiusclient, so > I'm stuck here for the moment :-( > Hm... Is it possible what we are speaking about different things? Actually I meant that you need the following modules (radius.so, radattr.so) for pppd. Are they absent into the latest DL? If yes it's a bug, I guess. There is the file list from my system: root@vpnc:/usr/lib # ls -la /usr/lib/pp*/* -rwxr-xr-x 1 root root 5644 Mar 10 2006 /usr/lib/pptpd/pptpd-logwtmp.so /usr/lib/pppd/2.4.3: total 73 drwxr-xr-x 2 root root 2048 Mar 10 2006 . drwxr-xr-x 3 root root 2048 Mar 9 2006 .. -rwxr-xr-x 1 root root 4986 Mar 10 2006 minconn.so -rwxr-xr-x 1 root root 9930 Mar 10 2006 passprompt.so -rwxr-xr-x 1 root root 5685 Mar 10 2006 passwordfd.so -r-sr-x--- 1 root root 24529 Mar 10 2006 pppoatm.so -rwxr-xr-x 1 root root 6640 Mar 10 2006 radattr.so -rwxr-xr-x 1 root root 55460 Mar 10 2006 radius.so -rwxr-xr-x 1 root root 12144 Mar 10 2006 radrealms.so -r-sr-x--- 1 root root 29240 Mar 10 2006 rp-pppoe.so -rwxr-xr-x 1 root root 18396 Mar 10 2006 winbind.so -- Serge |
|
From: Frank W. <Fra...@ct...> - 2007-02-06 07:52:17
|
Hi Serge and thanks a lot! one last question (hopefully): What DL release are you using? Or is it a customized one? The one that has all the rlm_ plugins needed (1.2.9) lacks radiusclient, so= =20 I'm stuck here for the moment :-( =46rank On Monday 05 February 2007 17:38:39 Serge Leschinsky wrote: > Frank Weis wrote: > > does anybody have a sample config for this? As I am _almost_ a complete > > ignorant with radius, this could get me going.... > > it's from my working DL ( 10.x.x.41 - MS Server with IAS ). > > root@vpnc:~ # grep -v "^#" /etc/ppp/options.pptpd > name XX_NASPPP > domain xxxxx.com > auth > require-mschap-v2 > mppe required,stateless,no56,no40 > ms-dns 10.x.x.41 > ms-wins 10.x.x.41 > nodefaultroute > lock > logfile /var/log/pptpd.log > plugin /usr/lib/pppd/2.4.3/radius.so > plugin /usr/lib/pppd/2.4.3/radattr.so > radius-config-file /etc/radiusclient/radiusclient.conf > > > root@vpnc:~ # grep -v "^#\|^$" /etc/radiusclient/radiusclient.conf > auth_order radius > login_tries 4 > login_timeout 60 > nologin /etc/nologin > issue /etc/radiusclient/issue > authserver 10.x.x.41:1812 > acctserver 10.x.x.41:1813 > servers /etc/radiusclient/servers > dictionary /etc/radiusclient/dictionary > login_radius /usr/sbin/login.radius > seqfile /var/run/radius.seq > mapfile /etc/radiusclient/port-id-map > default_realm > radius_timeout 10 > radius_retries 3 > nas_identifier XX_NASPPP > login_local /bin/login > > > > -- > Serge > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat= =3D121642 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss =2D-=20 _______________________________________________ Centre de Technologie de l'Education 29 avenue John F. Kennedy L-1855 Luxembourg-Kirchberg email: Fra...@ct... t=E9l.: +352 478-5973 fax: +352 333797 _______________________________________________ |
|
From: Fred F. <ffr...@fr...> - 2007-02-06 05:15:10
|
Dick Middleton wrote: > Fred Frigerio wrote: >> I have tried to get the install to USB to work with no luck. > > FWIW I've never managed to get the grub or lilo installs working. I > always use the syslinux version. > > Dick > The problem I have is that I need ttyS0 console because this is a headless appliance type router with 3 ports (NexGate NSA1035). > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job easier. > Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 |
|
From: Serge L. <fi...@in...> - 2007-02-05 16:39:07
|
Frank Weis wrote: > does anybody have a sample config for this? As I am _almost_ a complete > ignorant with radius, this could get me going.... it's from my working DL ( 10.x.x.41 - MS Server with IAS ). root@vpnc:~ # grep -v "^#" /etc/ppp/options.pptpd name XX_NASPPP domain xxxxx.com auth require-mschap-v2 mppe required,stateless,no56,no40 ms-dns 10.x.x.41 ms-wins 10.x.x.41 nodefaultroute lock logfile /var/log/pptpd.log plugin /usr/lib/pppd/2.4.3/radius.so plugin /usr/lib/pppd/2.4.3/radattr.so radius-config-file /etc/radiusclient/radiusclient.conf root@vpnc:~ # grep -v "^#\|^$" /etc/radiusclient/radiusclient.conf auth_order radius login_tries 4 login_timeout 60 nologin /etc/nologin issue /etc/radiusclient/issue authserver 10.x.x.41:1812 acctserver 10.x.x.41:1813 servers /etc/radiusclient/servers dictionary /etc/radiusclient/dictionary login_radius /usr/sbin/login.radius seqfile /var/run/radius.seq mapfile /etc/radiusclient/port-id-map default_realm radius_timeout 10 radius_retries 3 nas_identifier XX_NASPPP login_local /bin/login -- Serge |
|
From: Frank W. <Fra...@ct...> - 2007-02-05 14:44:12
|
Hi Heiko, I have just finished creating/booting a DL-1.2.9 Box by downloading pieces= =20 from a running box in one of my sites...=20 I am about to start fiddling with this; I'll let you know how it goes.=20 Thanks =46rank On Monday 05 February 2007 15:26:34 Heiko Zuerker wrote: > > > > Also, > > > > > > as I just went about to boot a test DL machine in order to toy with thi= s, > > I > > have noticed that in recent releases (11 and 12 at the least) have almo= st > > no radius modules on board (only 4 mysql and postgres related ones... > > chap pap ldap etc are missing....) DL 1.2.9 had 76 rlm_... modules..... > > > > I guess this is not intentional, so I thought I'd mention it here > > No it's not. > Do you know, was it working in older releases? =2D-=20 _______________________________________________ Centre de Technologie de l'Education 29 avenue John F. Kennedy L-1855 Luxembourg-Kirchberg email: Fra...@ct... t=E9l.: +352 478-5973 fax: +352 333797 _______________________________________________ |
|
From: Heiko Z. <he...@zu...> - 2007-02-05 14:27:01
|
On Mon, February 5, 2007 04:45, Frank Weis wrote: > On Sunday 04 February 2007 15:38:07 Serge Leschinsky wrote: > >> Matthew, >> >> >> you are absolutely right! I felt I missed something important ! :-) >> >> So, it looks like it's able to use 1 pptpd for 2 MS AD with DL. >> >> >> The scheme is the following: poptop --> Free Radius (proxy mode for 2 >> realms) --> MS IAS 1,2 >> >> http://wiki.freeradius.org/Proxy >> >> >> Frank, does it resolve you problem? >> >> >> -- >> Serge >> >> >> Matthew Hattersley wrote: >> >>> Surely you could set the Radius to proxy requests for the other >>> domains to the other radius. That way there would only be one radius, >>> but handling two domains. This is quite possible with a L2TP style >>> setup, we have 1 Primary Radius clusters which proxies requests for >>> multiple domains to several back end Radius servers. >>> >>> Cheers >>> >>> >>> Mat >>> >>> > Hi again, > > > does anybody have a sample config for this? As I am _almost_ a complete > ignorant with radius, this could get me going.... > > Also, > > > as I just went about to boot a test DL machine in order to toy with this, > I > have noticed that in recent releases (11 and 12 at the least) have almost > no radius modules on board (only 4 mysql and postgres related ones... chap > pap ldap etc are missing....) DL 1.2.9 had 76 rlm_... modules..... > > I guess this is not intentional, so I thought I'd mention it here No it's not. Do you know, was it working in older releases? -- Regards Heiko Zuerker http://www.devil-linux.org |
|
From: Ross P. <Ros...@ca...> - 2007-02-05 14:17:33
|
Thank=20you! -----Original=20Message----- From:=20d...@li... [mailto:dev...@li...]=20On=20Behalf=20= Of John=20Bridleman Sent:=2005=20February=202007=2013:52 To:=20d...@li... Subject:=20Re:=20[Devil-Linux-discuss]=20Turn=20off=20firewall On=202/5/07,=20Ross=20Petrie=20<Ros...@ca...>=20wrote: >=20Can=20someone=20please=20advise=20how=20I=20can=20completely=20disable= =20the=20firewall? Run=20Setup,=20go=20to=20the=20services=20section=20and=20uncheck=20Firewa= ll. --=20 John=20Bridleman ------------------------------------------------------------------------ - Using=20Tomcat=20but=20need=20to=20do=20more?=20Need=20to=20support=20web=20= services, security? Get=20stuff=20done=20quickly=20with=20pre-integrated=20technology=20to=20m= ake=20your=20job easier. Download=20IBM=20WebSphere=20Application=20Server=20v.1.0.1=20based=20on=20= Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D= 121642 _______________________________________________ Devil-linux-discuss=20mailing=20list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss ________________________________________________________________________ This=20email=20has=20been=20scanned=20for=20all=20viruses=20by=20the=20Mes= sageLabs=20Email security=20system.=20For=20more=20information=20visit=20www.messagelabs.co= m ________________________________________________________________________ ________________________________________________________________________ IMPORTANT=20=96=20our=20=93canoffshore.ltd.uk=94=20address=20is=20schedule= d=20for=20cancellation.=20=20Address=20books=20should=20be=20changed=20to=20= use=20our=20=93cangroup.net=94=20address.=20=20Thank=20you=20for=20your=20= cooperation. This=20transmission=20contains=20information=20which=20may=20be=20confiden= tial=20and=20that=20may=20also=20be=20privileged.=20=20It=20is=20intended=20= for=20the=20named=20addressee=20only.=20=20Unless=20you=20are=20the=20name= d=20addressee,=20or=20authorised=20to=20receive=20it=20on=20behalf=20of=20= the=20addressee,=20you=20may=20not=20copy=20or=20use=20it,=20or=20disclose= =20it=20to=20anyone=20else.=20=20If=20you=20have=20received=20this=20trans= mission=20in=20error=20please=20contact=20the=20sender.=20=20Thank=20you=20= for=20your=20cooperation. This=20email=20has=20been=20scanned=20for=20all=20viruses=20by=20the=20Mes= sageLabs=20SkyScan=20service.=20=20CAN=20also=20uses=20the=20MessageLabs=20= spam=20filtering=20service.=20=20This=20should=20not=20affect=20routine=20= messages=20but=20in=20rare=20cases=20a=20bona-fide=20message=20could=20be=20= blocked.=20=20Please=20contact=20CAN=20if=20you=20experience=20any=20diffi= culties. ________________________________________________________________________ |
|
From: John B. <jbr...@gm...> - 2007-02-05 13:51:54
|
On 2/5/07, Ross Petrie <Ros...@ca...> wrote: > Can someone please advise how I can completely disable the firewall? Run Setup, go to the services section and uncheck Firewall. -- John Bridleman |
|
From: Frank W. <Fra...@ct...> - 2007-02-05 10:44:04
|
On Sunday 04 February 2007 15:38:07 Serge Leschinsky wrote: > Matthew, > > you are absolutely right! I felt I missed something important ! :-) > > So, it looks like it's able to use 1 pptpd for 2 MS AD with DL. > > The scheme is the following: poptop --> Free Radius (proxy mode for 2 > realms) --> MS IAS 1,2 > > http://wiki.freeradius.org/Proxy > > Frank, does it resolve you problem? > > -- > Serge > > Matthew Hattersley wrote: > > Surely you could set the Radius to proxy requests for the other domains > > to the other radius. That way there would only be one radius, but > > handling two domains. This is quite possible with a L2TP style setup, we > > have 1 Primary Radius clusters which proxies requests for multiple > > domains to several back end Radius servers. > > > > Cheers > > > > Mat > > Hi again, does anybody have a sample config for this? As I am _almost_ a complete=20 ignorant with radius, this could get me going.... Also,=20 as I just went about to boot a test DL machine in order to toy with this, I= =20 have noticed that in recent releases (11 and 12 at the least) have almost n= o=20 radius modules on board (only 4 mysql and postgres related ones... chap pap= =20 ldap etc are missing....) DL 1.2.9 had 76 rlm_... modules..... I guess this is not intentional, so I thought I'd mention it here Thanks =46rank =2E=20 > > -----Original Message----- > > From: dev...@li... > > [mailto:dev...@li...] On Behalf Of > > Serge Leschinsky > > Sent: 02 February 2007 16:30 > > To: dev...@li... > > Subject: Re: [Devil-Linux-discuss] [BULK] Re: Dual VPN Servers > > > > Serge Leschinsky wrote: > >>> Hmm, how will radius be different from samba/winbind? > >> > >> You can use login in user@realm form and set 2 radius servers. So, > >> only one IAS be able to authenticate user. If you define static address > >> ( Framed-IP-Address in radius terms) for remote users and tune > >> firewall, theoretically it should work. > > > > After some thinking I believe that it _would_ _not_ work because the > > first radius server will send "auth fail" and the second will not be > > queried. > > > > Sorry for confusing > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat= =3D121642 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss =2D-=20 _______________________________________________ Centre de Technologie de l'Education 29 avenue John F. Kennedy L-1855 Luxembourg-Kirchberg email: Fra...@ct... t=E9l.: +352 478-5973 fax: +352 333797 _______________________________________________ |
|
From: Ross P. <Ros...@ca...> - 2007-02-05 09:53:48
|
Hi, =20 Can=20someone=20please=20advise=20how=20I=20can=20completely=20disable=20t= he=20firewall? =20 Thanks =20 Ross=20Petrie =20 IT=20Administrator CAN=20Offshore=20Ltd Hareness=20Road Altens Aberdeen AB12=203LE =20 ________________________________________________________________________ IMPORTANT=20=96=20our=20=93canoffshore.ltd.uk=94=20address=20is=20schedule= d=20for=20cancellation.=20=20Address=20books=20should=20be=20changed=20to=20= use=20our=20=93cangroup.net=94=20address.=20=20Thank=20you=20for=20your=20= cooperation. This=20transmission=20contains=20information=20which=20may=20be=20confiden= tial=20and=20that=20may=20also=20be=20privileged.=20=20It=20is=20intended=20= for=20the=20named=20addressee=20only.=20=20Unless=20you=20are=20the=20name= d=20addressee,=20or=20authorised=20to=20receive=20it=20on=20behalf=20of=20= the=20addressee,=20you=20may=20not=20copy=20or=20use=20it,=20or=20disclose= =20it=20to=20anyone=20else.=20=20If=20you=20have=20received=20this=20trans= mission=20in=20error=20please=20contact=20the=20sender.=20=20Thank=20you=20= for=20your=20cooperation. This=20email=20has=20been=20scanned=20for=20all=20viruses=20by=20the=20Mes= sageLabs=20SkyScan=20service.=20=20CAN=20also=20uses=20the=20MessageLabs=20= spam=20filtering=20service.=20=20This=20should=20not=20affect=20routine=20= messages=20but=20in=20rare=20cases=20a=20bona-fide=20message=20could=20be=20= blocked.=20=20Please=20contact=20CAN=20if=20you=20experience=20any=20diffi= culties. ________________________________________________________________________ |
|
From: Dick M. <di...@li...> - 2007-02-05 07:44:12
|
Fred Frigerio wrote: > I have tried to get the install to USB to work with no luck. FWIW I've never managed to get the grub or lilo installs working. I always use the syslinux version. Dick |
|
From: Frank W. <Fra...@ct...> - 2007-02-05 07:40:49
|
Hello, this could be the solution.... I'll see if I can get it to work. Thanks a lot =46rank On Sunday 04 February 2007 15:38:07 Serge Leschinsky wrote: > Matthew, > > you are absolutely right! I felt I missed something important ! :-) > > So, it looks like it's able to use 1 pptpd for 2 MS AD with DL. > > The scheme is the following: poptop --> Free Radius (proxy mode for 2 > realms) --> MS IAS 1,2 > > http://wiki.freeradius.org/Proxy > > Frank, does it resolve you problem? > > -- > Serge > > Matthew Hattersley wrote: > > Surely you could set the Radius to proxy requests for the other domains > > to the other radius. That way there would only be one radius, but > > handling two domains. This is quite possible with a L2TP style setup, we > > have 1 Primary Radius clusters which proxies requests for multiple > > domains to several back end Radius servers. > > > > Cheers > > > > Mat > > > > -----Original Message----- > > From: dev...@li... > > [mailto:dev...@li...] On Behalf Of > > Serge Leschinsky > > Sent: 02 February 2007 16:30 > > To: dev...@li... > > Subject: Re: [Devil-Linux-discuss] [BULK] Re: Dual VPN Servers > > > > Serge Leschinsky wrote: > >>> Hmm, how will radius be different from samba/winbind? > >> > >> You can use login in user@realm form and set 2 radius servers. So, > >> only one IAS be able to authenticate user. If you define static address > >> ( Framed-IP-Address in radius terms) for remote users and tune > >> firewall, theoretically it should work. > > > > After some thinking I believe that it _would_ _not_ work because the > > first radius server will send "auth fail" and the second will not be > > queried. > > > > Sorry for confusing > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat= =3D121642 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss =2D-=20 _______________________________________________ Centre de Technologie de l'Education 29 avenue John F. Kennedy L-1855 Luxembourg-Kirchberg email: Fra...@ct... t=E9l.: +352 478-5973 fax: +352 333797 _______________________________________________ |
|
From: Fred F. <ffr...@lo...> - 2007-02-04 23:32:38
|
I have tried to get the install to USB to work with no luck. I used the script provided and that builds a stick good enough so that the machine sees GRUB and tries to boot but it dumps me to the BASH-LIKE interface of GRUB. I tried to cat (hd0,0)/boot/grub/grub.conf but all I got was garbage (a series of ??????????) I copied all the startup commands on a separate computer (I did that to make sure grub.conf was not corrupted) and I could look at the file fine. I tried again and this time I type the root/kernel/initrd commands that I copied from the file and the bastard booted fine. At that point suspecting a GRUB problem I wiped the stick and tried to rebuild it by hand with the GRUB from my computer (version 0.97). I did what I am used to which is a boot partition (sdh1) a root partition (sdh3) and a config partition (sdh2) all ext2. I installed grub to sdh1 and changed the config so that it was (hd0,0)/ instead of (hd0,0)/boot/ and strange enough that worked just fine. No problem booting up, other than failing to find the iso to finish booting. I need help either getting the original scheme working (how can I make grub see grub.conf?) or my manual scheme working (how can I tell it where the ISO is?) Any help is much appreciated. |
|
From: Serge L. <fi...@in...> - 2007-02-04 14:38:19
|
Matthew, you are absolutely right! I felt I missed something important ! :-) So, it looks like it's able to use 1 pptpd for 2 MS AD with DL. The scheme is the following: poptop --> Free Radius (proxy mode for 2 realms) --> MS IAS 1,2 http://wiki.freeradius.org/Proxy Frank, does it resolve you problem? -- Serge Matthew Hattersley wrote: > Surely you could set the Radius to proxy requests for the other domains > to the other radius. That way there would only be one radius, but > handling two domains. This is quite possible with a L2TP style setup, we > have 1 Primary Radius clusters which proxies requests for multiple > domains to several back end Radius servers. > > Cheers > > Mat > > -----Original Message----- > From: dev...@li... > [mailto:dev...@li...] On Behalf Of > Serge Leschinsky > Sent: 02 February 2007 16:30 > To: dev...@li... > Subject: Re: [Devil-Linux-discuss] [BULK] Re: Dual VPN Servers > > Serge Leschinsky wrote: >>> Hmm, how will radius be different from samba/winbind? >> You can use login in user@realm form and set 2 radius servers. So, >> only one IAS be able to authenticate user. If you define static address ( >> Framed-IP-Address in radius terms) for remote users and tune firewall, theoretically it >> should work. > After some thinking I believe that it _would_ _not_ work because the > first radius server will send "auth fail" and the second will not be queried. > > Sorry for confusing |
|
From: Matthew H. <mat...@va...> - 2007-02-02 16:57:54
|
Surely you could set the Radius to proxy requests for the other domains to the other radius. That way there would only be one radius, but handling two domains. This is quite possible with a L2TP style setup, we have 1 Primary Radius clusters which proxies requests for multiple domains to several back end Radius servers. Cheers Mat -----Original Message----- From: dev...@li... [mailto:dev...@li...] On Behalf Of Serge Leschinsky Sent: 02 February 2007 16:30 To: dev...@li... Subject: Re: [Devil-Linux-discuss] [BULK] Re: Dual VPN Servers Serge Leschinsky wrote: >> Hmm, how will radius be different from samba/winbind?=20 > You can use login in user@realm form and set 2 radius servers. So, only one IAS > be able to authenticate user. If you define static address ( Framed-IP-Address > in radius terms) for remote users and tune firewall, theoretically it should work. After some thinking I believe that it _would_ _not_ work because the first radius server will send "auth fail" and the second will not be queried. Sorry for confusing -- Serge ------------------------------------------------------------------------ - Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D= 121642 _______________________________________________ Devil-linux-discuss mailing list Dev...@li... https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss |
|
From: Serge L. <fi...@in...> - 2007-02-02 16:30:47
|
Serge Leschinsky wrote: >> Hmm, how will radius be different from samba/winbind? > You can use login in user@realm form and set 2 radius servers. So, only one IAS > be able to authenticate user. If you define static address ( Framed-IP-Address > in radius terms) for remote users and tune firewall, theoretically it should work. After some thinking I believe that it _would_ _not_ work because the first radius server will send "auth fail" and the second will not be queried. Sorry for confusing -- Serge |
|
From: Serge L. <fi...@in...> - 2007-02-02 16:04:31
|
Frank Weis wrote: >>> Do you ppl have any ideas for alternatives? >> May I suggest to try radius? As far as I know it's quite easy to implement. >> I did it several times (DL with pptp + MS AD with radius). If it's >> interesting for you I'll send config for poptop and MS IAS as well. >> > > Hmm, how will radius be different from samba/winbind? You can use login in user@realm form and set 2 radius servers. So, only one IAS be able to authenticate user. If you define static address ( Framed-IP-Address in radius terms) for remote users and tune firewall, theoretically it should work. > Do I get a chance to differenciate users from both domains on the firewall? Try to use Framed-IP-Address ( 'Assign Static IP address' in user properties, MS AD) from different networks. > It would already help a lot if I could hardwire dedicated IP addresses to a handful of users. > I have done a few tests, and I can't get a second instance op pptpd to run, > even if I specify a different config file, listen address, options file and > pid file on the command line .... Have you got a pppd log with debug level? Is there anything in the logs pointing to the problem? -- Serge |
|
From: Frank W. <Fra...@ct...> - 2007-02-02 15:22:41
|
On Friday 02 February 2007 15:37:30 Serge Leschinsky wrote: > Frank Weis wrote: > > Now, users of the other Network/Domain also need VPN access to their > > network from outside. I can easily add a second IP to the outside NIC, > > and run a separate pptpd, but i'd also need to instances of Samba > > running; this seems exremely complicated and hard to maintain, IF I can > > manage to get it to work at all. > > > > Do you ppl have any ideas for alternatives? > > May I suggest to try radius? As far as I know it's quite easy to implemen= t. > I did it several times (DL with pptp + MS AD with radius). If it's > interesting for you I'll send config for poptop and MS IAS as well. > Hmm, how will radius be different from samba/winbind? Do I get a chance to= =20 differenciate users from both domains on the firewall? It would already hel= p=20 a lot if I could hardwire dedicated IP addresses to a handful of users. I have done a few tests, and I can't get a second instance op pptpd to run,= =20 even if I specify a different config file, listen address, options file and= =20 pid file on the command line .... Thanks=20 =46rank =2D-=20 _______________________________________________ Centre de Technologie de l'Education 29 avenue John F. Kennedy L-1855 Luxembourg-Kirchberg email: Fra...@ct... t=E9l.: +352 478-5973 fax: +352 333797 _______________________________________________ |
|
From: Serge L. <fi...@in...> - 2007-02-02 15:13:50
|
Frank Weis wrote: > Now, users of the other Network/Domain also need VPN access to their network > from outside. I can easily add a second IP to the outside NIC, and run a > separate pptpd, but i'd also need to instances of Samba running; this seems > exremely complicated and hard to maintain, IF I can manage to get it to work > at all. > > Do you ppl have any ideas for alternatives? May I suggest to try radius? As far as I know it's quite easy to implement. I did it several times (DL with pptp + MS AD with radius). If it's interesting for you I'll send config for poptop and MS IAS as well. -- Serge |
|
From: Heiko Z. <he...@zu...> - 2007-02-02 14:17:11
|
On Fri, February 2, 2007 08:00, Frank Weis wrote: > On Friday 02 February 2007 14:47:13 Heiko Zuerker wrote: > >> On Fri, February 2, 2007 04:59, Frank Weis wrote: >> >>> Hi all, >>> >>> >>> >>> I know this is slightly off topic, but here's what I'm trying todo: >>> >>> >>> >>> I have two different networks behind my firewalls. Both are Windows >>> domains. At the moment users of one network have VPN access from the >>> outside: on their >>> AD server, the vpn-users are all member of a special container, and I >>> use pptpd with samba/winbind/ntlm_auth via ntlm_auth-helper to >>> authenticate them. >>> >>> Now, users of the other Network/Domain also need VPN access to their >>> network from outside. I can easily add a second IP to the outside NIC, >>> and run a separate pptpd, but i'd also need to instances of Samba >>> running; this seems exremely complicated and hard to maintain, IF I >>> can manage to get it to work at all. >>> >>> Do you ppl have any ideas for alternatives? I could possibly use a >>> different vpn server for the second network but there has to be a >>> windows client, and the client setup has to be straightforward (ie >>> openvpn is considered too hard for my users). >>> >>> Thanks a lot in advance >>> >> >> What about the option of just using another DL box? > > > I forgot to mention: it mustn't cost any money :-P I knew it couldn't have been that easy... ;-) How many users are you talking about? Can you just re-use an old box? Did you look at the 2.x OpenVPN version, maybe that's easier to use for Endusers. -- Regards Heiko Zuerker http://www.devil-linux.org |
|
From: Frank W. <Fra...@ct...> - 2007-02-02 14:00:39
|
On Friday 02 February 2007 14:47:13 Heiko Zuerker wrote: > On Fri, February 2, 2007 04:59, Frank Weis wrote: > > Hi all, > > > > > > I know this is slightly off topic, but here's what I'm trying todo: > > > > > > I have two different networks behind my firewalls. Both are Windows > > domains. At the moment users of one network have VPN access from the > > outside: on their > > AD server, the vpn-users are all member of a special container, and I u= se > > pptpd with samba/winbind/ntlm_auth via ntlm_auth-helper to authenticate > > them. > > > > Now, users of the other Network/Domain also need VPN access to their > > network from outside. I can easily add a second IP to the outside NIC, > > and run a separate pptpd, but i'd also need to instances of Samba > > running; this seems exremely complicated and hard to maintain, IF I can > > manage to get it to work at all. > > > > Do you ppl have any ideas for alternatives? I could possibly use a > > different vpn server for the second network but there has to be a windo= ws > > client, and the client setup has to be straightforward (ie openvpn is > > considered too hard for my users). > > > > Thanks a lot in advance > > What about the option of just using another DL box? I forgot to mention: it mustn't cost any money :-P =46rank =2D-=20 _______________________________________________ Centre de Technologie de l'Education 29 avenue John F. Kennedy L-1855 Luxembourg-Kirchberg email: Fra...@ct... t=E9l.: +352 478-5973 fax: +352 333797 _______________________________________________ |
|
From: Heiko Z. <he...@zu...> - 2007-02-02 13:47:44
|
On Fri, February 2, 2007 04:59, Frank Weis wrote: > Hi all, > > > I know this is slightly off topic, but here's what I'm trying todo: > > > I have two different networks behind my firewalls. Both are Windows > domains. At the moment users of one network have VPN access from the > outside: on their > AD server, the vpn-users are all member of a special container, and I use > pptpd with samba/winbind/ntlm_auth via ntlm_auth-helper to authenticate > them. > > Now, users of the other Network/Domain also need VPN access to their > network from outside. I can easily add a second IP to the outside NIC, and > run a separate pptpd, but i'd also need to instances of Samba running; > this seems exremely complicated and hard to maintain, IF I can manage to > get it to work at all. > > Do you ppl have any ideas for alternatives? I could possibly use a > different vpn server for the second network but there has to be a windows > client, and the client setup has to be straightforward (ie openvpn is > considered too hard for my users). > > Thanks a lot in advance What about the option of just using another DL box? -- Regards Heiko Zuerker http://www.devil-linux.org |
50 messages has been excluded from this view by a project administrator.
