Phil Mayers (p.may...@imperial.ac.uk) [11.12.08 16:31] wrote:
On 08/12/11 13:18, Zeus V Panchenko wrote:
Alan DeKok (al...@deployingradius.com) [11.10.14 13:05] wrote:
so, may be it is worth to mention that somewhere amongst the possible
causes?
The wiki can be edited by anyone. Go
https://github.com/
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
finally the cause was found!
in my case it was MTU, the default value for ethernet and ADSL was not
allowing for the client responce with certificate to get radius side
after decreasing mtu to 1350 i finally got every mobile device in my
network authenticated
Zeus V Panchenko (z
like the problem i faced too
have a look at thread EAP-TLS + Symbian = weird behaviour here in ml
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
)
the cause was MTU issue, and it is due to it the last response from
client was not received by radius and consequently the warning was
written to debug ...
so, may be it is worth to mention that somewhere amongst the possible
causes?
--
Zeus V. Panchenko
JID:z...@gnu.org.ua
= fallback.radius.my.domain
}
but than, I need configure EAP/TLS on fallback.radius.my.domain
identical to core.radius.my.domain one, correct?
since without the same server certificates my clients will not be able
authenticate with fallback.radius.my.domain
am I correct?
--
Zeus V. Panchenko
JID:z
the central radius
2. if inet connection is not established, authenticate via local mechanism
(preferably EAP)
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi,
replying self question ...
ipv4_addrs_lagg0=x.x.x.x/29 y.y.y.y/30 z.z.z.z/26
did help
everything works
after reboot all addressess are assigned and interface is up
seems it is the only way to do that ...
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2
aliases on lagg(4)
interface (aggregation protocol `lacp') in /etc/rc.conf file?
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo
ipsec box wan ... though when attempt was made via wifi
the packet was appearing indeed ...
so, i believe either my cell operator filtering out ipsec traffic or
android ipsec is lame ... in any case cyanogenmod+openvpn is better
alternative
--
Zeus V. Panchenko
JID:z...@gnu.org.ua
=0xad597f86,seq=0x9), length 132
00:00:00.024286 ethertype IPv4 (0x0800), length 166: y.y.y.y x.x.x.x:
ESP(spi=0x060bc3e3,seq=0x9), length 132
so, is it possible to get it working?
if yes, where is my mistake, please?
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT
Hi,
may somebody clarify, pls:
can pf do `nat before vpn' to make it is possible for LAN to access
networks behind the Cisco ipsec over single ipsec tunnel ip?
i talk about RELENG_8
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET
=0xad597f86,seq=0x9), length 132
00:00:00.024286 ethertype IPv4 (0x0800), length 166: y.y.y.y x.x.x.x:
ESP(spi=0x060bc3e3,seq=0x9), length 132
so, is it possible to get it working?
if yes, where is my mistake, please?
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT
ugen0.1 0660
permugen0.2 0660
...
permugen2.4 0660
and after device plugged in, the owner changes to toor:operator ...
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
___
freebsd-usb@freebsd.org mailing list
Hi,
our users have began to report often messages lost
how to discover the possible cause?
jabberd-2.2.11 runs on FreeBSD 8.1-PRERELEASE i386
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
--
To unsubscribe send a mail to jabberd2+unsubscr
or about the message
delivery status (like sendmail log, where i can be sure that the
messag was delivered e.t.c.) ...
i can redirect -D output to somewhere, but it is not good idea to my
mind
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
--
To unsubscribe
150Kb, gpsbabel fails to download the
data from the device :(
so, may somebody share, which vendor/model to choose?
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
___
freebsd-usb@freebsd.org mailing list
http
seconds of successfull ping ...
looks like rekeying to my mind
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
___
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
Da Rock (freebsd...@herveybayaustralia.com.au) [11.05.23 08:23] wrote:
Ok. So I've tried wifi hotspots and the mobile network- all no go.
Racoon's obviously not the problem or L2TP; its definitely PF.
does your configuration work without pf?
--
Zeus V. Panchenko
JID:z...@gnu.org.ua
in one, the same mjpeg-streamer
configuration file?
--
Zeus V. Panchenko
JID:z...@gnu.org.ua GMT+2 (EET)
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt
i was not able to figure it out too ...
ipsec esteblishes connection, android receives ip address, even can
ping for a short time and after that it breaks
no idea what's wrong ...
--
Zeus V. Panchenko GMT+2 (EET
. I have defined one outbound route for the local private
network to the remote private network and vice versa.
what tcpdump shows?
is there firewall?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET
Hi,
is it possible to do the sabj?
in another words, is it possible to use geli disk with hardware
acceleration of AES functions by CPU like Intel Core i7 or others?
like mentioned here:
http://ark.intel.com/MySearch.aspx?s=tAESTech=true
--
Zeus V. Panchenko
IT Dpt., IBS ltd
and more MBit/s?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to freebsd-net-unsubscr
is created by OpenVPN with configuration:
client
dev tun1
proto udp
...
so, what can cause the collisions and can i fix them?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-net@freebsd.org mailing list
http
YongHyeon PYUN (pyu...@gmail.com) [11.04.29 21:29] wrote:
On Fri, Apr 29, 2011 at 12:52:31PM +0300, Zeus V Panchenko wrote:
Hi,
may somebody epxplain it for me, what can cause collisions on tun
interfaces created by ppp(8) and openvpn?
uname -a
FreeBSD 8.2-STABLE #0 i386
Fajar A. Nugraha (l...@fajar.net) [11.04.16 10:58] wrote:
I suggest check your VPN. Something might be interfering with UDP
packets (making it slow, missing, etc).
---end quoted text---
wan interface exposed collisions, after reboot the problem disappeared ...
--
Zeus V. Panchenko
IT Dpt
?
thank you much for taking time to read all this and reply.
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-pf@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe
traffic
is defined by the outgoing from lan request ...
still a bit weird for me ...
So, take the initial packet of that connection (the HTTP connection from
client to proxy, incoming on the LAN interface)
it is the key i was lacking
thnx again
--
Zeus V. Panchenko
IT Dpt., IBS ltd
freeradius locally at the remote vpn side, than i can get
authorization for the device which was unable to get it with core
freeradius remotely
so, what can be the cause of this weird behaviour?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
-
List info/subscribe
some additional details:
the same behaviour with different AP
i use AP mostly under OpenWRT but now have tried Lynksys WAP54G which
was working at the place where no problem found
and now no it's no way to authorize via it ...
any idea?
--
Zeus V. Panchenko
IT Dpt., IBS ltd
Thank you Daniel for reply,
Daniel Hartmeier (dan...@benzedrine.cx) [11.04.11 09:18] wrote:
On Mon, Apr 11, 2011 at 08:45:44AM +0300, Zeus V Panchenko wrote:
It seems you want log(all), but are only using log, see pf.conf(5):
it didn't help ...
pftop output still shows no lan_http counters
Daniel Hartmeier (dan...@benzedrine.cx) [11.04.11 11:57] wrote:
On Mon, Apr 11, 2011 at 11:06:48AM +0300, Zeus V Panchenko wrote:
pass out log (all) on $if_wan inet proto { tcp, udp } from $if_wan:0 \
to any port { $ports_proxy } keep state queue wan_http
pass out log (all
to be mentioned, that as it written, the last packet from
radiusd is challenge after what EAP session for state ... did not finish!
appears ... while other OS-es works perfectly in any point.
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
-
List info/subscribe
and what to test?
the weird thing is that i have two offices with the same ISP connected
to via ADSL (FreeBSD+ppp), both offices are using the same OpenVPN
server, the same radius with the same CA ... for one everything is ok
but another one shows EAP session did not finish ...
--
Zeus V. Panchenko
} \
to $if_lan:0 queue lan_http
pass out log on $if_lan inet proto { tcp, udp } from any port { $ports_smb } \
to $if_lan:network queue lan_smb
pass out log on $if_vpn inet proto { tcp, udp } from $if_lan:network \
to any port { $ports_smb } queue vpn_smb
--
Zeus V. Panchenko
IT Dpt., IBS ltd
hi,
if i need several realms for the services running on the dedicated
boxes (openvpn and radius for example) than how can i distribute CRL
to the boxes?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET
V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
--
The ultimate all-in-one performance toolkit: Intel(R) Parallel Studio XE:
Pinpoint memory and threading errors before they happen.
Find
it makes difference or not but
it would be worth a try. Note, vendor's driver treat your
controller as old 8139 such that it disables all offload features
and does not work on non-x86 architectures.
i386 exposes the same problem :(
as for vendor's drivers, i didn't try them yet ...
--
Zeus V
?
http://people.freebsd.org/~yongari/re/rgephy.link.patch3
Previous one had a bug, please update one.
http://people.freebsd.org/~yongari/re/rgephy.link.patch4
no change :(
interface continues to flap
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET
changed to UP
re0: link state changed to DOWN
re0: link state changed to UP
re0: link state changed to DOWN
re0: link state changed to UP
re0: link state changed to DOWN
re0: link state changed to UP
re0: link state changed to DOWN
re0: link state changed to UP
...
--
Zeus V. Panchenko
IT Dpt., IBS
= network
subclass = ethernet
while connected directly NIC - NIC they flaps too
so, the issue with switch related causes can be excluded i believe
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET
and to the switch, even without
ip assignment
switch used is TP-LINK TL-SG5426
the problem persists already about year and the only solution is to use
external nic ...
any idea/news?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET
of the cataloging tasks.
what do you think?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
--
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics
what was planned
and allowed at the project start
and again, can it be considered applicable to place db integration
into todo list? :)
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET
is recommended of course.
what if i detach one hdd from mirror, than recover the one in mirror
and attach the first one again, will it be right way?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-geom
Bob Bishop (r...@gid.co.uk) [10.11.26 12:54] wrote:
Hi,
On 26 Nov 2010, at 06:46, Zeus V Panchenko wrote:
i'm trying to understand, why firefox loads one core constantly up to
100% and even more ... [etc]
Do you have Flash in the mix?
no flash no java or other `external' plugins
i
to login ssh. as soon as i do that the ping and
the rest of network activity resumes - http.
looks like cached MAC at the router/commutator
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-net
-Link
TL-SG5426 but no other nic behaves this way)
i have 7 boxes of this configuration and all 6 are running
now on external nics
if i can provide any debug/info/e.t.c. please let me know, i'd be
happy it'd work at last :)
--
Zeus V. Panchenko
IT Dpt., IBS ltd
Internal Connector Type: None
External Reference Designator: LAN
External Connector Type: RJ-45
Port Type: Network Port
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd
cold reboot of box A helped ...
why only cold? :(
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe
A ...
but who can to continue to remembers box B old nic mac address after all of
that cleanings?
thanks in advance
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-performance@freebsd.org mailing list
=0x816810ec Gigabit Ethernet NIC(NDIS 6.0)
(RTL8168/8111/8111c)
flapping
really i have no idea what to do except cold reboot of box A ...
but who can to continue to remembers box B old nic mac address after all of
that cleanings?
thanks in advance
--
Zeus V. Panchenko
IT Dpt., IBS ltd
Hi All,
is there any special mode for emacs to edit pf.conf (except conf-mode itself :)
of course), please?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-pf@freebsd.org mailing list
http
with
wrong connection
is there correct way to do that with some of the sturtup scripts or i
have to do that by hands somewhere in rc.early?
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-net
is there any info i can provide?
thanks in advance
--
Zeus V. Panchenko
IT Dpt., IBS ltdGMT+2 (EET)
___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail
Pyun YongHyeon (pyu...@gmail.com) [10.08.11 19:31] wrote:
On Wed, Aug 11, 2010 at 03:50:14PM +0300, Zeus V Panchenko wrote:
Hi All,
can enybody help with the subj, please?
problem: onboard interface re0 link state UP/DOWN flapping
i have:
# uname -a
FreeBSD 8.1-STABLE #0
. 0x
miibus0: MII bus on re0
rgephy0: RTL8169S/8110S/8211B media interface PHY 1 on miibus0
rgephy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT,
1000baseT-FDX, auto
re0: Ethernet address: 48:5b:39:d2:1d:89
re0: [FILTER]
--
Zeus V. Panchenko
IT Dpt., IBS ltd
Pyun YongHyeon (pyu...@gmail.com) [10.08.11 23:09] wrote:
On Wed, Aug 11, 2010 at 10:34:07PM +0300, Zeus V Panchenko wrote:
oh, i forgoten :(
dmesg.boot contains:
re0: RealTek 8168/8168B/8168C/8168CP/8168D/8111B/8111C/8111CP PCIe Gigabit
Ethernet port 0xe800-0xe8ff mem
) and igb(4) - works! :)
i was testing them with nc(1)
server side: nc -u -l 5 /dev/null
client side: nc -u server ip 5 /dev/random
but the maximum i was able to get was 500Mbit/s
btw, is it correct to test it such way?
--
Zeus V. Panchenko
IT Dpt., IBS ltd
Hi All,
can somebody share experience in OpenXPKI usage with OpenVPN?
--
Zeus V. Panchenko GMT+2 (EET)
--
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
have:
FreeBSD 7.2-RELEASE #0 i386
p5-openxpki-0.9.1472
p5-openxpki-client-0.9.1401
p5-openxpki-client-html-mason-0.9.1471
p5-openxpki-client-scep-0.9.1313
p5-openxpki-deployment-0.9.1488
p5-openxpki-i18n-0.9.1489
--
Zeus V. Panchenko
Respected All, ...
excuse me for a such stupid question, but would anybody willing, to explain
me, how to compile squid with socket support?
I red the FAQ but while trying to find the place, where i have to place the
strings described, i was confused ...
Thankfull in advance.
--
Zeus V
63 matches
Mail list logo