Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On Thu, 17 Nov 2011 18:37:46 +, James Courtier-Dutton wrote: I would recommend IPSEC but I have really bad experiences with anything talking to the Windows implementation of IPSEC. For example, Linux, Juniper, Cisco and most firewalls that support IPSEC VPNs fail to work to a Windows machine. The IPSEC connection works, but as soon as a rekey happens it all falls apart. That's not my experience. I've just set up a new IPsec server which seems to work OK with Windows and Linux clients. Not tried Mac OS, but it will probably be OK. Just whatever you do, if you're using openswan, build it from source tarballs... The Debian stable packages are very, very, broken with xL2TPd, and other l2tp implementations. I even had to have the horrific issue of the IPsec server behind a NAT. Once I ironed out a few creases, it worked near enough first time. Chris Malton -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
Hi Guys, Thanks for all the feedback. On 17/11/2011 18:37, James Courtier-Dutton wrote: I would make sure the company put in a purpose built VPN gateway so that people can connect with normal VPN clients, such as CISCO, JUNIPER, Checkpoint etc. There are very cheap VPN boxes out there from about £50 upwards, and they actually work! I'm not sure which model our router is, I'll check next time I'm in the office (or maybe 'phone and ask), but it's definitely a Draytek Vigor with WiFi and three aerials, which seems from Draytek's site to suggest it already supports a number of VPN connection methods. One of the support company's arguments for offering only PPTP was that our available bandwidth is too low to allow too many other machines to have VPN access. My counter was that what I wanted to do was have a copy of the relevant data from their fileserver on my fileserver and synchronise overnight, when I'll have a minimal effect on other users and also do the data transfers off-tarrif (midnight to 8am). Time I think to make my case more assertively. ATB, Gordon. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On 18 November 2011 09:34, Chris Malton chr...@cmalton.me.uk wrote: On Thu, 17 Nov 2011 18:37:46 +, James Courtier-Dutton wrote: I would recommend IPSEC but I have really bad experiences with anything talking to the Windows implementation of IPSEC. For example, Linux, Juniper, Cisco and most firewalls that support IPSEC VPNs fail to work to a Windows machine. The IPSEC connection works, but as soon as a rekey happens it all falls apart. That's not my experience. I've just set up a new IPsec server which seems to work OK with Windows and Linux clients. Not tried Mac OS, but it will probably be OK. Just whatever you do, if you're using openswan, build it from source tarballs... The Debian stable packages are very, very, broken with xL2TPd, and other l2tp implementations. I even had to have the horrific issue of the IPsec server behind a NAT. Once I ironed out a few creases, it worked near enough first time. Maybe I did not make the set up clear. The problem case was the Windows box being the central VPN Gateway/server and after a period of time connections would start failing. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On Fri, 18 Nov 2011 09:50:38 +, Gordon Scott wrote: I'm not sure which model our router is, I'll check next time I'm in the office (or maybe 'phone and ask), but it's definitely a Draytek Vigor with WiFi and three aerials, which seems from Draytek's site to suggest it already supports a number of VPN connection methods. Oh dear god! You're probably about to run into the same problem we had then. The DrayTek 2800 series (specifically the 2820s), seem to have a nasty firmware bug that causes outbound ESP packets to go walkabouts somewhere in the router, especially if you're doing any kind of NAT with it. If you find a solution, I'd love to know what you need to do. We found that a Netgear DG834 works great for testing purposes! Just a word of warning. Chris -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On Fri, 18 Nov 2011 10:14:46 +, James Courtier-Dutton wrote: Maybe I did not make the set up clear. The problem case was the Windows box being the central VPN Gateway/server and after a period of time connections would start failing. No, it's my inability to be awake properly by half 10 in the morning that's cause the confusion here... Chris -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
The problem case was the Windows box being the central VPN Gateway/server and after a period of time connections would start failing. Hmmm. I've not seen that happen - and I used to use PPTP a lot. The biggest issues I used to see were ISPs dropping packets that I rather wanted delivered... Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
[Hampshire] NAS only write as root
Hi all I know this is an old chetnut but I never did get it sorted when I asked last... I'm having trouble accessing my nas devices through Ubuntu. I have 3 devices. I tend to mount them as follows: mount -t smbfs //ip/sharename /mnt/share -o user=rob This seems to work for all 3 but has two oddities: 1) I can only write to them as root 2) In one case, the share comes up as 3% used through df -h, the other time it comes up as 100% used. Should I be looking at: a) the mount syntax to mount it read write b) the umask c) the permissions on /mnt/share One of the 3 nas devices (a Netgear ReadyNAS duo) doesn't have any users. Even more weirdly, if I copy a 27Mb file to it - no problem. But if I copy a 450Mb file to it, it seems to work ok but when I ls -l I get file size is 0. All in all there's a lot wrong here and I'm a bit lost as to where to start so any helpful suggestions would be very welcome. FWIW, the Linux machine is virtual - Ocelot whatever it's called sitting on a W7 host. Cheers Rob -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] [Surrey] Samsung N145+ netbook (battery life)
Thank you Richard; I recall your earlier postings about laptop batteries and have been in the habit of having mine on mains power only in actual use - and set to take only 80% charge. The problem here seems to have been resolved by this time leaving the netbook charging overnight - my thinking was that if the cells had been somehow charged unevenly, the trickle through charged cells would beef up the rest. Seems to have worked. For good measure, today I ran the netbook on battery power for more than six hours until it went flat, then charged it, all whilst running programs and wireless to router. Stats and graphs on 'Power Statistics' look OK and I'll run that a few times over the next days to see progress. Good idea of yours to unplug the battery when not in use. TYVM. I'm typing this on battery power and will again let it run to flat before charging. Others have pointed out that the netbook figure for running time remaining in batteries is unreliable; I endorse that, though it does indicate more or less correctly when it's about to run out. Anyway, looks as though a new battery pack is not yet needed. Great relief; the N145+ is a likeable little beast. Tony Wood (from Linux Netbook) On 18/11/11 12:05, Richard Crossley wrote: On Wed, 2011-11-16 at 20:37 +, Tony Wood wrote: Anyone else with one of these, please ? Mine is mostly used with the power unit plugged in and runs Ubuntu (now 11.10.) Only problem has been an apparently sharp decline in battery life; it indicates about 3½ hours when switched on fully charged but soon shows a lot less, never runs more than an hour now. I reckon one of the cells is dud because it is behaving like a torch with one cell failing. The battery connects to the netbook via a lot of pins, which seem clean. Bought it new in March 2011 so I may yet take it back - despite the hassle. Any thoughts welcomed. Hi, I have been on about this for a while. Keeping a laptop battery in a laptop when it's fully charged and plugged into to mains is not good and shortens the battery life. There are a number of reasons why this is the case, but I have seen batteries die to the point of being unable to run long enough to boot the host to allow the user to login. This state of affairs is often reached within 12 months of purchase. With respect to my own experience of laptops ( 10 years) I have routinely kept the batteries charged - not flat and not at 100%. I also keep them in cool dry places - Laptop bag or cupboard. My current laptop - Fujitsu Siemens E8010, purchased in Sept, 2004 still runs on it's batteries for 2-3 hours per day. This is down from 8 hours when it was first bought. My netbook also runs for a significant amount of time, longer with wireless disabled in the BIOS (planes). I have also found that it discharges the battery when it is not operational. Those powered USB ports take juice even when nothing is connected. As a result I routinely remove the battery from the host. This site has some useful details. http://batteryuniversity.com/ With respect to your N145, you need a new battery, don't bother with a used one. Kindest Regards, Richard C. ___ Surrey mailing list sur...@mailman.lug.org.uk https://mailman.lug.org.uk/mailman/listinfo/surrey http://www.surrey.lug.org.uk -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
[Hampshire] S.D. Card stuck in read only
Hi, I have a 16gb micro sd that's suddenly read only. Tried gparted etc. and getting nowhere. Anyone got any ideas?. Cheers Bryn -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On 18/11/2011 10:20, Chris Malton wrote: On Fri, 18 Nov 2011 09:50:38 +, Gordon Scott wrote: I'm not sure which model our router is, I'll check next time I'm in the office (or maybe 'phone and ask), but it's definitely a Draytek Vigor with WiFi and three aerials, which seems from Draytek's site to suggest it already supports a number of VPN connection methods. Oh dear god! You're probably about to run into the same problem we had then. The DrayTek 2800 series (specifically the 2820s), seem to have a nasty firmware bug that causes outbound ESP packets to go walkabouts somewhere in the router, especially if you're doing any kind of NAT with it. I suspect it's a 2920n. IIRC it was black, somewhat curvy and with three aerials at the back. Hopefully the firmware bug is fixed/absent in this version Hopefully :-/ Google finds the 2820 bug, but not a 2920 bug. Might be a good sign. ESP packets .. those are the ones that know what data you want before you ask for it. I think you'll find there's only apochyphal evidence that those ever get delivered anywhere :-) If you find a solution, I'd love to know what you need to do. We found that a Netgear DG834 works great for testing purposes! I use Netgear at home. They seem to get it pretty much right most of the time. Just a word of warning. So long as you're not planning to send the boys round :-) At this moment it feels like everything with the probable exception of OpenVPN is a bit of a mess. Which probably suggests my best options. ATB, Gordon. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] S.D. Card stuck in read only
On 18.11.2011 16:08, Bryn Jones wrote: Hi, I have a 16gb micro sd that's suddenly read only. Tried gparted etc. and getting nowhere. Anyone got any ideas?. Look on the left hand side, you will see a lock slider: http://www.tracyandmatt.co.uk/blogs/media/blogs/tracyandmatts_blog/sandisk-2gb-sd-card.jpg This may be in the wrong position, which will cause the medium to be read-only. Alternatively, the slider may have fallen out entirely and therefore be rendered effectively useless! I have had this happen with some SD cards. (Compact Flash FTW!) Tony -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
ESP packets .. those are the ones that know what data you want before you ask for it. ESP is part of why IPSec is so damned horrible - it's IP, but it's protocol 50 (Note: *protocol*, not port). At this moment it feels like everything with the probable exception of OpenVPN is a bit of a mess. Which probably suggests my best options. OpenVPN has a lot to recommend it. But the first question I would ask is this: what, exactly, are you trying to enable with this tunnel? Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] S.D. Card stuck in read only
On 18 November 2011 16:19, Tony Whitmore t...@tonywhitmore.co.uk wrote: Look on the left hand side, you will see a lock slider: http://www.tracyandmatt.co.uk/blogs/media/blogs/tracyandmatts_blog/sandisk-2gb-sd-card.jpg This may be in the wrong position, which will cause the medium to be read-only. Alternatively, the slider may have fallen out entirely and therefore be rendered effectively useless! I have had this happen with some SD cards. (Compact Flash FTW!) Wow. Just like on the old floppy disks! -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] S.D. Card stuck in read only
Look on the left hand side, you will see a lock slider: MicroSD doesn't have the lock slider (although a SD adaptor might). Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] S.D. Card stuck in read only
Yup exactly, 2 different adapters both unlocked and no joy. Interestingly I tried it in a card reader directly and it didn't even show up. My hearts saying its died but I'm in no way shape or form an expert on these things!. On 18/11/11 16:22, Vic wrote: Look on the left hand side, you will see a lock slider: MicroSD doesn't have the lock slider (although a SD adaptor might). Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk -- -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] S.D. Card stuck in read only
Interestingly I tried it in a card reader directly and it didn't even show up. Does that card reader explicitly claim SDHC operation? A standard SD reader won't see a SDHC card (and 16GB is SDHC). My hearts saying its died but I'm in no way shape or form an expert on these things!. You might be right. I'd be having a good look through /var/log/messages to see what that says. Read-only filesystems tend to imply damage - but it might be repairable. Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] S.D. Card stuck in read only
Thanks Vic, I'm going to 'assume' you are right re SDHC (for now). All the kern.log reveals is - Nov 18 16:54:08 HP2 kernel: [135648.708306] usb 1-5: new high speed USB device using ehci_hcd and address 59 Nov 18 16:54:08 HP2 kernel: [135648.849530] scsi27 : usb-storage 1-5:1.0 Nov 18 16:54:09 HP2 kernel: [135649.849286] scsi 27:0:0:0: Direct-Access Single Flash Reader 1.00 PQ: 0 ANSI: 0 Nov 18 16:54:09 HP2 kernel: [135649.851726] sd 27:0:0:0: Attached scsi generic sg1 type 0 Nov 18 16:54:10 HP2 kernel: [135650.374744] sd 27:0:0:0: [sdb] 31090688 512-byte logical blocks: (15.9 GB/14.8 GiB) Nov 18 16:54:10 HP2 kernel: [135650.375604] sd 27:0:0:0: [sdb] Write Protect is on Nov 18 16:54:10 HP2 kernel: [135650.375622] sd 27:0:0:0: [sdb] Mode Sense: 03 00 80 00 Nov 18 16:54:10 HP2 kernel: [135650.377610] sd 27:0:0:0: [sdb] No Caching mode page present Nov 18 16:54:10 HP2 kernel: [135650.377632] sd 27:0:0:0: [sdb] Assuming drive cache: write through Nov 18 16:54:10 HP2 kernel: [135650.386593] sd 27:0:0:0: [sdb] No Caching mode page present Nov 18 16:54:10 HP2 kernel: [135650.386612] sd 27:0:0:0: [sdb] Assuming drive cache: write through Nov 18 16:54:10 HP2 kernel: [135650.389249] sdb: sdb1 Nov 18 16:54:10 HP2 kernel: [135650.396193] sd 27:0:0:0: [sdb] No Caching mode page present Nov 18 16:54:10 HP2 kernel: [135650.396219] sd 27:0:0:0: [sdb] Assuming drive cache: write through Nov 18 16:54:10 HP2 kernel: [135650.396243] sd 27:0:0:0: [sdb] Attached SCSI removable disk Out of which all I see of use is the write protected line (again not expert!). Any other thoughts? Cheers Bryn On 18/11/11 16:45, Vic wrote: Interestingly I tried it in a card reader directly and it didn't even show up. Does that card reader explicitly claim SDHC operation? A standard SD reader won't see a SDHC card (and 16GB is SDHC). My hearts saying its died but I'm in no way shape or form an expert on these things!. You might be right. I'd be having a good look through /var/log/messages to see what that says. Read-only filesystems tend to imply damage - but it might be repairable. Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk -- -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] S.D. Card stuck in read only
Nov 18 16:54:10 HP2 kernel: [135650.375604] sd 27:0:0:0: [sdb] Write Protect is on OK, your machine believes you' redelberately tellig it not to write to the card. How do you plug it in? Adaptor? Is there a lock switch - and if not, *was* there a lock switch? Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] S.D. Card stuck in read only
Two different adapters. Both with lock switches open. Both tested through this laptops internal reader and a USB SD adapter. Both working with spare 8gb card. Also tested with 2 machines. :/ Bryn On 18/11/11 17:06, Vic wrote: Nov 18 16:54:10 HP2 kernel: [135650.375604] sd 27:0:0:0: [sdb] Write Protect is on OK, your machine believes you' redelberately tellig it not to write to the card. How do you plug it in? Adaptor? Is there a lock switch - and if not, *was* there a lock switch? Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk -- -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On 18/11/2011 16:20, Vic wrote: OpenVPN has a lot to recommend it. But the first question I would ask is this: what, exactly, are you trying to enable with this tunnel? With hindsight I should have said at the start, but I thought the VPN should be a relatively minor issue. The company for which I work has recently been spun off from it's parent and is in new premises as of six weeks ago, with a new Win-SBS server. At essentially the same time, I began to work mostly from home, instead of in the office. I have on their new server a substantial amount of data for electronics CAD, software, documentation, svn repositories and so on, which at present I access through the proffered PPTP link. That works after a fashion, but the link is too slow. Sometimes that's just frustrating, sometimes worse as, for example, the CAD times out waiting for svn checkins to complete, even on only modestly large files. The bottle-necks are the uplink speeds at both ends, of around 1.2Mbps. Now I have two perfectly good fileservers here, both running proper(tm) operating systems (Ubuntu Server 10.04 LTS), one as a working server, the other I plan to use as a back-up mirror to the first. What I want to do is to copy all my data from the corporate server to my own server; use my own server for all the workaday activity, then overnight, synchronise my server's data with the company's server data. Overnight means I'm not swamping the limited uplink bandwidth when others are also trying to use it, and also means any large transfers can be done off-tarrif on my DSL. As a very useful side-effect, I also get good spatial redundancy of the data ... in the company's offices, in my home office, in my 'off-site' backup server (actually my garage, which is separated from the main house by some very significant firewalling), and also on the external drives that the company feels are sufficient for backup. They do at least take those off-site. Little oddities that add to this .. we have an ACT! crm system with which I'm expected to synchronise, which is presently on a fileserver at the parent company on another VPN link (Cisco). Hopefully ACT! will eventually collocate with the company's fileserver. But that's all Windoze and as I'm mostly on Linux here, I may just ignore it. I do sometimes need access to other data on the server, though not that much. I'm in two minds whether to mirror everything so I have that here also, or just my own stuff and access the other stuff by VPN when I need to. As an aside, I also have some external cloud storage, but that's available for Windoze only and suffers the same uplink issues as the VPN. I turned that off the other day when it was some 1700 files behind my work. Company email is the usual Microsoft klutz, which I presently access from here with a web browser. Kind regards, Gordon. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
[Hampshire] LUG equipment
I need a willing (or not so willing, I'm not picky) volunteer to look after a box of LUG equipment - mainly printer, firewall, cables. It's just the one box (it's compresssed over the years as things have become obsolete). I'm finally moving out of Hampshire to the big smoke as an opportunity to enter the world of web scale and big data has arisen. Sadly it's also the world of small expensive places to rent so I won't be able to look after it any more I'm afraid. *Freecycle/Freegle is _great_ for disposing of things without resorting to a skip. Adrian -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On 18 November 2011 16:20, Vic l...@beer.org.uk wrote: ESP packets .. those are the ones that know what data you want before you ask for it. ESP is part of why IPSec is so damned horrible - it's IP, but it's protocol 50 (Note: *protocol*, not port). Yes, but there is a NAT traversal option with IPSEC where they put the encrypted payload in UDP packets. That method is much more likely to get through. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
Yes, but there is a NAT traversal option with IPSEC where they put the encrypted payload in UDP packets. That method is much more likely to get through. That's NAT-T. To quote from Microsoft's own page[1]: We do not recommend Internet Protocol security (IPSec) network address translation (NAT) traversal (NAT-T) for Windows deployments that include VPN servers and that are located behind network address translators. NAT-T is considered a security risk, and is disabled by default. It's best that it remain so. Vic. [1] http://support.microsoft.com/kb/885348/en-us -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] S.D. Card stuck in read only
On 18 November 2011 16:58, Bryn Jones bryn.jon...@gmail.com wrote: Thanks Vic, I'm going to 'assume' you are right re SDHC (for now). All the kern.log reveals is - Nov 18 16:54:08 HP2 kernel: [135648.708306] usb 1-5: new high speed USB device using ehci_hcd and address 59 Nov 18 16:54:08 HP2 kernel: [135648.849530] scsi27 : usb-storage 1-5:1.0 Nov 18 16:54:09 HP2 kernel: [135649.849286] scsi 27:0:0:0: Direct-Access Single Flash Reader 1.00 PQ: 0 ANSI: 0 Nov 18 16:54:09 HP2 kernel: [135649.851726] sd 27:0:0:0: Attached scsi generic sg1 type 0 Nov 18 16:54:10 HP2 kernel: [135650.374744] sd 27:0:0:0: [sdb] 31090688 512-byte logical blocks: (15.9 GB/14.8 GiB) Nov 18 16:54:10 HP2 kernel: [135650.375604] sd 27:0:0:0: [sdb] Write Protect is on Nov 18 16:54:10 HP2 kernel: [135650.375622] sd 27:0:0:0: [sdb] Mode Sense: 03 00 80 00 Nov 18 16:54:10 HP2 kernel: [135650.377610] sd 27:0:0:0: [sdb] No Caching mode page present Nov 18 16:54:10 HP2 kernel: [135650.377632] sd 27:0:0:0: [sdb] Assuming drive cache: write through Nov 18 16:54:10 HP2 kernel: [135650.386593] sd 27:0:0:0: [sdb] No Caching mode page present Nov 18 16:54:10 HP2 kernel: [135650.386612] sd 27:0:0:0: [sdb] Assuming drive cache: write through Nov 18 16:54:10 HP2 kernel: [135650.389249] sdb: sdb1 Nov 18 16:54:10 HP2 kernel: [135650.396193] sd 27:0:0:0: [sdb] No Caching mode page present Nov 18 16:54:10 HP2 kernel: [135650.396219] sd 27:0:0:0: [sdb] Assuming drive cache: write through Nov 18 16:54:10 HP2 kernel: [135650.396243] sd 27:0:0:0: [sdb] Attached SCSI removable disk Out of which all I see of use is the write protected line (again not expert!). Any other thoughts? Cheers Bryn A common failure mode for flash devices is to lock them in Read Only mode. There is probably a fault on the SD card. I have seen the same thing happen with USB memory sticks. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On 18/11/11 18:28, Vic wrote: NAT-T is considered a security risk, and is disabled by default. It's best that it remain so. Agreed... pity in my case both devices were behind NAT firewalls... The situation is, apparently, rare and we evaluated the options and decided it was probably best to make the needed registry change on Windows clients to make it work, rather than fight with our ISP to get proper (sane) addresses (our public IPs come from the 10.x.y.z pool). Chris -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
On 18 November 2011 18:28, Vic l...@beer.org.uk wrote: Yes, but there is a NAT traversal option with IPSEC where they put the encrypted payload in UDP packets. That method is much more likely to get through. That's NAT-T. To quote from Microsoft's own page[1]: We do not recommend Internet Protocol security (IPSec) network address translation (NAT) traversal (NAT-T) for Windows deployments that include VPN servers and that are located behind network address translators. NAT-T is considered a security risk, and is disabled by default. It's best that it remain so. It seems that SSL/TLS tunnels seem more popular now days. That is what some of the Juniper VPN clients use. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --
Re: [Hampshire] PPTP VPN from Ubuntu server 10.04 LTS to recent Win-SBS?
It seems that SSL/TLS tunnels seem more popular now days. Of course. They are extraordinarily simple to set up, and provide all the security you need. IPSec is largely a relic... Vic. -- Please post to: Hampshire@mailman.lug.org.uk Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire LUG URL: http://www.hantslug.org.uk --