We're using ms direct access.
Setting it up on server 2012 was super simple.
Working great so far, knocking on wood.
From: Tom Miller [mailto:tmil...@sfgtrust.com]
Sent: Tuesday, January 29, 2013 7:47 AM
To: NT System Admin Issues
Subject: Favorite VPN solution?
Hi Folks,
I currently use the
Has anyone managed to get this working in a multi - domain environment (ie via
forest trusts ) as MS say it can do with 2012?
From: Glen Johnson [mailto:gjohn...@vhcc.edu]
Sent: 29 January 2013 13:07
To: NT System Admin Issues
Subject: RE: Favorite VPN solution?
We're using ms direct access.
Not applicable here, sorry I can't help out with that scenario.
From: Liam Freeman [mailto:liam.free...@infrasys.co.uk]
Sent: Tuesday, January 29, 2013 8:20 AM
To: NT System Admin Issues
Subject: RE: Favorite VPN solution?
Has anyone managed to get this working in a multi - domain environment
Never happened on DC20 ? When this happens, does a reboot resolve the
issue?
What has been the frequency? any chance you run a daily DCDIAG report?
What does your replication health look like on a daily basis?
Christopher Bodnar
Enterprise Architect I, Corporate Office of
Hey Glen,
Do the client need to be Windows 8 or will this work with 7? Which tech
doc did you follow to set it up?
Thanks
Steve
On Tue, Jan 29, 2013 at 7:06 AM, Glen Johnson gjohn...@vhcc.edu wrote:
We’re using ms direct access.
Setting it up on server 2012 was super simple.
Both 7 and 8 work.
I used the MS doc here.
http://technet.microsoft.com/en-us/library/hh831658.aspx
With a bit of changes.
We still run both UAG-DirectAccess 2010 and the new 2012.
We need to make sure the user is on our local lan, change security group
memberships, reboot a couple times to get
A reboot does fix the issue. We've rebooted three times this month to fix
the issue. Oddly, the errors do go back to 12/20/12, but we apparently
didn't notice the problem in December.
It has never happened on DC20 (our only 2008R2 DC). The Linux servers are
in the CAL site and can talk to the
Actually if you aren't migrating, the setup is pretty simple with 2012.
You have to have the internal certificate authority if you need win 7 client
support.
If only win 8, then the da server can use its' own self signed cert.
From: Steve Ens [mailto:stevey...@gmail.com]
Sent: Tuesday, January
Awesome. Thanks!
On Tue, Jan 29, 2013 at 9:24 AM, Glen Johnson gjohn...@vhcc.edu wrote:
Both 7 and 8 work.
I used the MS doc here.
http://technet.microsoft.com/en-us/library/hh831658.aspx
With a bit of changes.
We still run both UAG-DirectAccess 2010 and the new
Interesting. When you say that the Linux (samba) servers can't talk to
DC20, what are you seeing? Authentication failures? How is Samba
configured? NTLM, or Kerberos ?
Any thoughts of upgrading the 2008 DCs to 2008 R2? See if the issue
persists?
Christopher Bodnar
Enterprise Architect I,
They can't talk to DC20 because it is blocked by the firewall. DC20 is at
our disaster recovery site. The Linux servers at the CAL site can only talk
to domain controllers in the CAL and CORP sites, because of the firewall
access rules.
Samba is configured with 'security = ADS', but kerberos is
On Tue, Jan 29, 2013 at 7:46 AM, Tom Miller tmil...@sfgtrust.com wrote:
The clients work fine, but I’m wondering if there are other solutions out
there.
We're using OpenVPN because (1) it's based on extremely well-tested
code, (2) it's light-weight, and (3) it's free.
The main UI is
I was looking at OpenVPN, but it looks to me like it won't work in our
environment. We have multiple subnets on our internal network, and it looks
like the OpenVPN client needs admin rights on the endpoint to update routes.
Our users don't have admin rights and that's not something I'm looking
Have you looked at any of the sslvpn options. I use a sonicwall sslvpn and
like it a lot. Has clients for mac and linux as well as windows.
Bill
-Original Message-
From: Tim Evans
Sent: Tuesday, January 29, 2013 12:47 PM
To: NT System Admin Issues
Subject: RE: Favorite VPN
We use Barracuda's SSLVPN. It is based off the old sslExplorer open source
product, and does the Java-based install of their vpn client. In many ways, I
think this is similar to the Sonicwall SSLVPN.
The barracuda didn't have any per-user license fees. This was a major factor in
our choice of
So Java and Barracuda? Two exploited products in one. Sweet! :)
Thanks
Webster
-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
Subject: Re: Favorite VPN solution?
We use Barracuda's SSLVPN. It is based off the old sslExplorer open source
product, and
Ok, you owe the taxpayers of Elyria a new screen. I haven't CC'd like that in
years.
-Original Message-
From: Webster [mailto:webs...@carlwebster.com]
Sent: Tuesday, January 29, 2013 2:19 PM
To: NT System Admin Issues
Subject: RE: Favorite VPN solution?
So Java and Barracuda? Two
Sm:)e. Ya know it!
-
In all fairness, Barracuda has fixed their issue. As for Java...
--Matt Ross
Ephrata School District
- Original Message -
From: Webster
[mailto:webs...@carlwebster.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Tue, 29
From: Kennedy, Jim
Ok, you owe the taxpayers of Elyria a new screen. I haven't CC'd like that
in years.
Webster: You win.
--Matt Ross
Ephrata School District
- Original Message -
From: Kennedy, Jim
[mailto:kennedy...@elyriaschools.org]
To: NT System Admin Issues
I knew someone would say it before too long. :)
*ASB
**http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker*
**Providing Virtual CIO Services (IT Operations Information Security) for
the SMB market…***
On Tue, Jan 29, 2013 at 2:19 PM, Webster webs...@carlwebster.com wrote:
So
On Tue, Jan 29, 2013 at 12:47 PM, Tim Evans tev...@sparling.com wrote:
I was looking at OpenVPN, but it looks to me like it won't work in our
environment.
We have multiple subnets on our internal network, and it looks like the
OpenVPN
client needs admin rights on the endpoint to update
LOL! Beat me to it!!!
On Tue, Jan 29, 2013 at 11:19 AM, Webster webs...@carlwebster.com wrote:
So Java and Barracuda? Two exploited products in one. Sweet! :)
Thanks
Webster
-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
Subject: Re: Favorite
Not surprisingly, you're going to see a lot of alerts coming out on this
subject. Here's the Cisco one:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130129-upnpwhich
you can expect to be updated as more is learned about which products
are affected.
On Tue, Jan
Would any of you who have Barracuda spam filters mind checking something
for me?
The other day I noticed outbound traffic from my spam appliance to port 80
at destinations not owned by Barracuda Networks. I started a packet cap on
my firewall and got some very interesting results. In addition
Sorry, no spam filter, just a web filter.
On Tue, Jan 29, 2013 at 3:25 PM, Richard Stovall rich...@gmail.com wrote:
Would any of you who have Barracuda spam filters mind checking something
for me?
The other day I noticed outbound traffic from my spam appliance to port 80
at destinations
How often are you seeing it? What model do you have? I've had my ASA logging
for a few min now but nothing on port 80 yet. I'll let it run overnight and
search the logs. It could be part of the the spam checking to see if URL's
imbedded in emails are legit to aid in scoring? Don't know if
Holy cow! That could be worse!
:)
On Tue, Jan 29, 2013 at 4:32 PM, Steve Ens stevey...@gmail.com wrote:
Sorry, no spam filter, just a web filter.
On Tue, Jan 29, 2013 at 3:25 PM, Richard Stovall rich...@gmail.comwrote:
Would any of you who have Barracuda spam filters mind checking
My best guess is that it's parsing the content gained from the URLs
for spam/malware. This is, IIRC, a feature of SpamAssassin, upon with
the Barracudas are built.
In the case of those for which it doesn't fetch content, I'm guessing
that the embedded URLs are already known.
Kurt
On Tue, Jan
Thanks for having a look at it.
The activity is pretty frequent, actually. The latest capture has about 30
gets to non-Barracuda sites in a few hours, all of which are embedded in
inbound spam messages.
My suspicion is that it is something along the lines you describe, but I
can't find anything
That should read upon which
On Tue, Jan 29, 2013 at 2:32 PM, Kurt Buff kurt.b...@gmail.com wrote:
My best guess is that it's parsing the content gained from the URLs
for spam/malware. This is, IIRC, a feature of SpamAssassin, upon with
the Barracudas are built.
In the case of those for which
The Barracuda tech wrote back a while ago and informed that the behavior
I'm seeing is indeed part of their intent scanning methodology. What kind
of freaked me out initially, and alerted me to what is going on, was that
last Friday my UTM firewall blocked the spam filter from downloading what
I do not use XenApp, nor Citrix, but I do have a word of advice.
Do not deprecate your skills with PowerShell. You have to start
somewhere, and this is a very large project on which to cut your
teeth.
In addition, you are obviously filling a very needed hole in the
ecosystem, and for this you
Thanks, that gives me a couple of things to look into: I didn't know there was
an OpenVPN service and the idea of supernetting, which should work for us.
...Tim
-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Tuesday, January 29, 2013 12:45 PM
To: NT System Admin
So, it's month end, and our UK office is noticing that emails are not
processing outbound from their office. All of their emails come
through the US server, to be delivered wherever, and there are some
big emails (4-8mbytes) with proposals and orders and such, and they're
getting desperate. Lots
34 matches
Mail list logo
