Re: [Vyatta-users] Question about VPN's

2007-08-23 Thread Justin Fletcher
There should be no required configuration on the Vyatta; from the point of view of the router, it's just packets. The VPN will need to be configured to support NAT traversal, of course, as it looks like you're using NAT. Dropped VPN connections are not likely to be an issue with the Vyatta

Re: [Vyatta-users] DHCP-Server configuraion issues

2007-08-28 Thread Justin Fletcher
It's asking for one more piece of information - the interface to listen on, as in name CorpLAN { start 10.0.0.100 { stop: 10.0.0.200 } interface: eth2 Best, Justin On 8/28/07, Emmanuel Perez [EMAIL PROTECTED] wrote: I have been at

Re: [Vyatta-users] vyatta login

2007-09-22 Thread Justin Fletcher
unknown Sep 21 15:05:45 vyatta login[4802]: (pam_unix) check pass; user unknown Sep 21 15:05:51 vyatta login[4802]: (pam_unix) check pass; user unknown Hopefully this helps. Thanks for your interest, Mike On 9/21/07, Justin Fletcher [EMAIL PROTECTED] wrote: Well, piffle. If xorpsh

Re: [Vyatta-users] vyatta login

2007-09-24 Thread Justin Fletcher
Do you have other hardware you could try the CD on? It's likely to be something specific with that particular system, or it's possible there's a problem that occurred when the CD itself was created. Thanks, Justin On 9/21/07, silvertip257 [EMAIL PROTECTED] wrote: Marat, Here are the results.

Re: [Vyatta-users] Simple bridge configuration keeps rtrmgr from starting

2007-09-27 Thread Justin Fletcher
Any errors in /var/log/messages? If the router manager is running, show log will give you this information. Justin On 9/27/07, Art Perkins [EMAIL PROTECTED] wrote: I have setup a basic bridge. Built on: Wed Aug 22 00:18:00 UTC 2007 Build ID:

Re: [Vyatta-users] Hard drive errors?

2007-10-06 Thread Justin Fletcher
Yes, sounds like HD errors - I've installed this on systems without DMA, and there's just a DMA error on bootup error or two. Before you give up on your disk, run fsck (file system check) from the root shell - it might be able to find and fix a few errors for you. Best, Justin On 10/6/07, Scott

Re: [Vyatta-users] Main Vyatta web Page mysteriously gone and no login prompt

2007-10-08 Thread Justin Fletcher
It's a recent discovery tracked in the Bugzilla database. In the next release, the installation script checks for it, and ensures that you can't do that. Justin On 10/8/07, Scott Pickles [EMAIL PROTECTED] wrote: I agree with Jeff. I too installed Vyatta using the default prompts. If you are

Re: [Vyatta-users] Logging

2007-10-08 Thread Justin Fletcher
Easiest way is with a show interfaces - it'll give you packet statistics. By default, the system logs at warning level, so any major issues will be visible using show log. Justin On 10/8/07, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, I have been having problems with my web servers behind a

Re: [Vyatta-users] Logging

2007-10-08 Thread Justin Fletcher
exist. [edit] I missed something? Daren -Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Tuesday, 09 October 2007 10:49 To: Daren Tay Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Logging Easiest way is with a show interfaces - it'll give

Re: [Vyatta-users] Dropped packets from users at their end

2007-10-09 Thread Justin Fletcher
Yes, it's outside of the router, and something to debug on the web server. From http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.3: 10.3.3 302 Found The requested resource resides temporarily under a different URI. Since the redirection might be altered on occasion, the client

Re: [Vyatta-users] Logging

2007-10-09 Thread Justin Fletcher
On 10/9/07, Daren Tay [EMAIL PROTECTED] wrote: Hi there, thanks for the kind pointers. So if i want to use the default log (which I can view using show log) what options should I use? Daren -Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Tuesday, 09 October

Re: [Vyatta-users] Nagios plugin

2007-10-10 Thread Justin Fletcher
You certainly can; I monitor Vyatta routers with MRTG and Nagios. And, of course, there's Net-SNMP (see http://net-snmp.sourceforge.net/) if you're just looking for other open source SNMP tools. Looks like I'll have to check out JFFNMS :-) Justin On 10/10/07, SDamron [EMAIL PROTECTED] wrote: I

Re: [Vyatta-users] Problems with Vyatta yum repo?

2007-10-15 Thread Justin Fletcher
Yes, we ran into an issue with the repositories on Friday, and disabled the repository while we resolve the issue, Hope to have it back shortly - Justin On 10/15/07, Roar Bjørgum Rotvik [EMAIL PROTECTED] wrote: Hi, I see that the Vyatta yum repo under http://archive.vyatta.com/vyatta seems

Re: [Vyatta-users] VRRP Possible with Vyatta router? Or is there in-built rollover functions

2007-10-19 Thread Justin Fletcher
This is available in the VC3 beta with the new clustering support. Best, Justin On 10/19/07, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, I am looking to implement a redundant router setup (based on vyatta). Is it possible to use applications like Heartbeat to do this? Or can I do it with

Re: [Vyatta-users] OSPF over high latency links

2007-10-23 Thread Justin Fletcher
Obvious question, but is this set the same on the routers on both sides of the link? Justin On 10/23/07, Jon [EMAIL PROTECTED] wrote: Hi all, I have a problem with ospf loosing connection over high latency links. The link in question will induce a delay from minimum 1 sec to a maximum of

Re: [Vyatta-users] subnet move/add/change misbehavior [grrrrr!]

2007-11-05 Thread Justin Fletcher
you possibly rephrase for me? :-) -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group 404.478.2790 www.sheltonjohns.com On Nov 5, 2007, at 11:31 PM, Justin Fletcher wrote: Good questions - I think you're just seeing a synchronization issue. If you see

Re: [Vyatta-users] Public to Public NAT

2007-11-07 Thread Justin Fletcher
There really shouldn't be any difference when you NAT with a public address; it'll just be that your inside address is in public address space instead of private. Best, Justin On Nov 7, 2007 3:17 PM, David Marrow Jr [EMAIL PROTECTED] wrote: Does any one have any suggestions? How would I go

Re: [Vyatta-users] pbm vpn with vyatta router

2007-11-13 Thread Justin Fletcher
There's nothing special about routing VPN packets from the view of the Vyatta router. You can see the traffic that the Vyatta is seeing using the integrated packet sniffer. While logged in as the root user, run tshark -n -i interface to see the packets. For full packet detail, add -V. Best,

Re: [Vyatta-users] IPsec configuration

2007-11-21 Thread Justin Fletcher
Just routing - you're identifying which traffic sources and destinations that are tunneled. Best, Justin On Nov 21, 2007 5:57 PM, Philippe Marcais [EMAIL PROTECTED] wrote: What is the purpose of the following configuration line; tunnel 1 { local-subnet:

Re: [Vyatta-users] install-system not working

2007-11-24 Thread Justin Fletcher
Try running parted before install-system and deleting any existing partitions - I've had that work on stubborn systems before ;-) Best, Justin On Nov 24, 2007 1:43 PM, Rodrigo Romero III [EMAIL PROTECTED] wrote: I'm trying to install VC3 on a server but it's giving me this error: vyatta:/#

Re: [Vyatta-users] Compaq DL360 G1 - cpqarray

2007-11-26 Thread Justin Fletcher
It's also an integrated system; you configure the entire router through the Vyatta interface, rather than running multiple programs and editing numerous and varied configuration files, all with different formats in entertaining locations. Justin On Nov 26, 2007 3:20 PM, Max [EMAIL PROTECTED]

Re: [Vyatta-users] Error: 102 Command failed TCP/UDP Protocol must be specified

2007-11-29 Thread Justin Fletcher
Try VC3; there were a number of firewall issues addressed in that release. Best, Justin On Nov 29, 2007 10:48 AM, Alain Kelder [EMAIL PROTECTED] wrote: Hello, I'm trying to set protocols to all for a destination NAT rule. But Vyatta complains that it wants either TCP or UDP. However, in

Re: [Vyatta-users] regarding source code

2007-11-30 Thread Justin Fletcher
The application is independent of the Vyatta router functions, but you'll need the Vyatta build environment defined by other packages. If all you're looking for is iputils, you can get the Debian source package, or iproute functions from http://www.linux-foundation.org/en/Net:Iproute2 . Best,

Re: [Vyatta-users] documentation suggestion

2007-12-03 Thread Justin Fletcher
There's an easier way - just edit /opt/vyatta/sbin/vrrpd.init to pass in the -n flag to vrrpd; that disables the virtual MAC handling. Best, Justin On Dec 3, 2007 4:02 PM, Jeff Stockett [EMAIL PROTECTED] wrote: FWIW, to verify if the r8169 driver problem was fixed, I built a 2.6.23.9 stock

Re: [Vyatta-users] Restricting traffic between networks

2007-12-06 Thread Justin Fletcher
You also need to apply the firewall rules to an interface, as in firewall { in { name: inbound } local { name: inbound } } In the above case, it's for inbound traffic, and traffic destined for the

Re: [Vyatta-users] Restricting traffic between networks

2007-12-10 Thread Justin Fletcher
: 10.10.0.0/24 } destination { network: 10.20.0.0/24 port-number 3389 } } } Quoting Justin Fletcher [EMAIL PROTECTED]: You also need to apply the firewall rules to an interface

Re: [Vyatta-users] Advises on configuring BGP

2007-12-10 Thread Justin Fletcher
Well, yes - Vyatta has full BGP support, so you'll be able to peer with your provider. Best, Justin On Dec 10, 2007 7:26 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: Hi, New here and to Vynatta and hope to get advises on getting this up. I wish to setup a BGP router for our current setup (We

Re: [Vyatta-users] IPsec and VRRP problem

2007-12-12 Thread Justin Fletcher
) ... On Dec 11, 2007 5:25 PM, Justin Fletcher [EMAIL PROTECTED] wrote: Certainly. Let me know if you need more information (though there's a new clustering chapter in the documentation for this :-) ) Best, Justin On Dec 11, 2007 8:22 AM, Senad Uka [EMAIL PROTECTED] wrote: Thank

Re: [Vyatta-users] VRRP Confusion

2007-12-13 Thread Justin Fletcher
Ah, yes - you can't actually change the MAC on some hardware, so you end up in this confused state and only see packets destined for the interface in promiscuous mode (hence the suggestion to disable the virtual MAC . . .) Justin On Dec 13, 2007 12:29 PM, Allan Leinwand [EMAIL PROTECTED] wrote:

Re: [Vyatta-users] Advises on configuring BGP

2007-12-17 Thread Justin Fletcher
would like to peer with so I have plug it into my eth0. So what IP address should I set on my eth0? Where can I set the IP range XX.XX.XX.XX/21 that I want to announce? Please advise. Thanks! Yongsan On Dec 12, 2007 12:03 AM, Justin Fletcher [EMAIL PROTECTED] wrote

Re: [Vyatta-users] I broke all logging-- need help to restore it

2007-12-17 Thread Justin Fletcher
The default is minimal: charon:~# cat /etc/syslog.conf *.warning /var/log/messages And by default, there's no syslog configuration in the Vyatta configuration file. Best, Justin On Dec 17, 2007 3:33 PM, [EMAIL PROTECTED] wrote: All, In my attempts to log firewall traffic (what I

Re: [Vyatta-users] VRRP Release Timeframe?

2007-12-18 Thread Justin Fletcher
Yes, it's based on heartbeat, and it should allow you to specify any init.d process as a service. However, not all are fully integrated with the router manager, so you may run into issues. Best, Justin On Dec 18, 2007 2:01 PM, Ken Price [EMAIL PROTECTED] wrote: Sanjoy, Thank you for your

Re: [Vyatta-users] VPN under NAT

2007-12-18 Thread Justin Fletcher
If they are both in private address space, the issue is whether the two know how to communicate with each other, as private address space isn't routeable -- Best, Justin On Dec 18, 2007 5:36 PM, Marco De Sortis [EMAIL PROTECTED] wrote: How to configure a VPN IPsec between 2 vyatta router both

Re: [Vyatta-users] Question about OSPF syslog events

2007-12-21 Thread Justin Fletcher
Try lowering your syslog level to debug; the messages from OSPF are likely filtered. Best, Justin Fletcher On Dec 21, 2007 6:56 AM, Adair, Nick [EMAIL PROTECTED] wrote: Hi All, This is my configuration for syslog logging, right now we have everything turned on and going to our syslog host

Re: [Vyatta-users] setting up at home

2007-12-22 Thread Justin Fletcher
If you haven't, you'll need to: Set up the internal address of the Vyatta router as the default gateway provided by DHCP Set up NAT so the private internal addresses are translated to your static IP from your provider Best, Justin On Dec 22, 2007 4:09 AM, Abhishek Jain [EMAIL PROTECTED] wrote:

Re: [Vyatta-users] I want to configure 2 ISPs on Vyatta Server

2007-12-23 Thread Justin Fletcher
Do you have any specific questions after reviewing the documentation at www.vyatta.com ? Best, Justin On Dec 23, 2007 10:10 PM, Amit Srivastava [EMAIL PROTECTED] wrote: Hi, I want to configure 2 ISPs on my Vyatta server, How can i configure it ? Someone can help me? -- Regards

Re: [Vyatta-users] happy with NAT. should I firewall also?

2008-01-01 Thread Justin Fletcher
Depends on what you're looking for (of course :-) ) Since you're under NAT, nothing can find your system that you don't have set up for forwarding. You could set up firewall rules for the public address of your router, as it's wide-open otherwise, of course. A happy 2008 to you, Justin On Jan

Re: [Vyatta-users] router on the stick

2008-01-02 Thread Justin Fletcher
On Jan 2, 2008 12:18 AM, Vects [EMAIL PROTECTED] wrote: Hello there, Does vyatta support router on the stick configuration? I want to deploy it in web hosting environment when every customer has the own vlan. Is there any known problem with firewall in such a configuration? Thanks, Alexc

Re: [Vyatta-users] jdocs anything like this for vyatta

2008-01-02 Thread Justin Fletcher
Not sure what like this means, but there's full documentation available at vyatta.com, and on-line CLI help; just use the '?' key. Best, Justin On Jan 2, 2008 2:55 PM, Ken Felix (C) [EMAIL PROTECTED] wrote: Do we have any future support for something similar in vyatta? Cli online help.

Re: [Vyatta-users] Commit Error

2008-01-04 Thread Justin Fletcher
When all else fails, reboot the router when you can try again. Best, Justin On Jan 4, 2008 7:51 PM, Clint Chapman [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] configure Entering configuration mode. User vyatta is also in configuration mode. [EMAIL PROTECTED] set protocols bgp [edit] [EMAIL

Re: [Vyatta-users] Commit Error

2008-01-04 Thread Justin Fletcher
, Justin Fletcher wrote: When all else fails, reboot the router when you can try again. Best, Justin On Jan 4, 2008 7:51 PM, Clint Chapman [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] configure Entering configuration mode. User vyatta is also in configuration mode. [EMAIL PROTECTED

Re: [Vyatta-users] Fwd: A question on exporting connected routes intoOSPF

2008-01-08 Thread Justin Fletcher
And, of course, routes you add outside of the CLI aren't known to XORP. If you add the route using protocol static you can then redistribute via OSPF. Justin On Jan 8, 2008 11:57 AM, Jonathon Exley [EMAIL PROTECTED] wrote: I have also had problems exporting connected routes into OSPF. Try

Re: [Vyatta-users] Network ports Compatibility issue for Vyatta? to install in production box for router use

2008-01-10 Thread Justin Fletcher
No, no known issues the the cards, and six ports should be fine. I've got that many ports in production :-) Justin On Jan 10, 2008 2:22 AM, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, just wanna check if there's any known issues for the following network cards with Vyatta: Intel

Re: [Vyatta-users] Disable forwarding of broadcast directed packets

2008-01-10 Thread Justin Fletcher
It's disabled, and the current best practices have had it set this way for quite a while. See ftp://ftp.rfc-editor.org/in-notes/rfc2644.txt if you really want the details :-) Best, Justin On Jan 10, 2008 1:27 PM, Shane McKinley [EMAIL PROTECTED] wrote: Is broadcast forwarding disabled by

Re: [Vyatta-users] RFC 1918 Private IP addresses

2008-01-17 Thread Justin Fletcher
You'll want to create a firewall rule. By default, a router just forwards the traffic it's sent (assuming it can find a route to use for forwarding . . .) Best, Justin On Jan 17, 2008 11:39 AM, Ben Speckien [EMAIL PROTECTED] wrote: I am using Vyatta as a gateway to the internet and have

Re: [Vyatta-users] Waiting for xorp_rtrmgr...

2008-01-17 Thread Justin Fletcher
You'll also want to edit /etc/syslog.conf and change *.warning to *.* to record all log messages; otherwise, lower-level messages will be discared You can check startup by hand by running /etc/init.d/vyatta-rtrmgr start which will save you the physical reboot -- Justin On Jan 17, 2008 12:54 PM,

Re: [Vyatta-users] Waiting for xorp_rtrmgr...

2008-01-17 Thread Justin Fletcher
Are they all assigned to a system that's on a network that's directly connected to the router? On Jan 17, 2008 3:59 PM, Shane McKinley [EMAIL PROTECTED] wrote: None of these next-hop addresses are assigned to an interface on the router. Shane -Original Message- From: Justin

Re: [Vyatta-users] Waiting for xorp_rtrmgr...

2008-01-17 Thread Justin Fletcher
Are the next hops directly connected? There was an issue with recursive route lookup -- On Jan 17, 2008 2:56 PM, Shane McKinley [EMAIL PROTECTED] wrote: I have found the static routes causing the issue: route XZ.85.142.64/26 { next-hop: XX.128.129.18 metric:

Re: [Vyatta-users] vmware server and live CD

2008-01-17 Thread Justin Fletcher
Can you provide just a bit more information? Justin On Jan 17, 2008 4:41 PM, Rick Mitchell [EMAIL PROTECTED] wrote: I cannot get the live cd to successfully boot up it tries to but fails any suggestions -- Rick Mitchell ___ Vyatta-users

Re: [Vyatta-users] Waiting for xorp_rtrmgr...

2008-01-17 Thread Justin Fletcher
to an interface on the router. Shane -Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Thu 1/17/2008 6:46 PM To: Shane McKinley Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Waiting for xorp_rtrmgr... Are the next

Re: [Vyatta-users] Emergency Config paste? How do you prepare?

2008-01-18 Thread Justin Fletcher
There are a couple of choices. You can copy your configuration using scp (it's /opt/vyatta/etc/config/config.boot) to another server. From a blank slate/system, all you need to do is to configure an interface and a default gateway, scp the configuration back, and load the restored configuration.

Re: [Vyatta-users] DHCP

2008-01-22 Thread Justin Fletcher
What are the destination addresses that are being forwarded? Broadcasts shouldn't be forwarded, but the router needs to know that they're broadcast addresses. It'll only recognize 10.1.255.255 and 10.2.255.255 as broadcast addresses. If a system is sending requests to, say, 10.1.12.255 where a

Re: [Vyatta-users] VPN: clients to router configuration

2008-01-27 Thread Justin Fletcher
and spoke setup. I am not using Glendale. 2008/1/27, Justin Fletcher [EMAIL PROTECTED]: A few questions - are you terminating the VPN on the Vyatta router? Is it site-to-site, or are you running Glendale alpha and trying out the remote access VPN? Or is the VPN a separate system

Re: [Vyatta-users] E-mail only

2008-01-28 Thread Justin Fletcher
You'll find good firewall documentation and examples at http://www.vyatta.com/documentation/index.php. Best, Justin On Jan 27, 2008 10:38 PM, Erwin kobe Tolentino [EMAIL PROTECTED] wrote: i want to to setup my vyatta as a router and firewall i configured already the vyatta router but i want to

Re: [Vyatta-users] Firewall question.

2008-01-28 Thread Justin Fletcher
You shouldn't need the out rule; until a firewall is applied, everything is accepted. However, the simple rule is protocol any action accept. That should do it if you want to be thorough :-) Justin On Jan 28, 2008 7:28 AM, Nathan McBride [EMAIL PROTECTED] wrote: Hey guys, I just installed

Re: [Vyatta-users] Does vyatta read all iptables rules ?

2008-01-28 Thread Justin Fletcher
It'll just work the other way to translate the Vyatta CLI into iptables. It's not the other direction (but if you'd like to write a translator, I'm sure it'd be appreciated!) Justin On Jan 28, 2008 1:44 PM, Go Wow [EMAIL PROTECTED] wrote: hey I want to create a rule with iptables, I want to

Re: [Vyatta-users] glendale problems my 1st view

2008-01-29 Thread Justin Fletcher
5. any help on the CLI regardless of level show bash options vrs th vyatta engine options. (confusing to say the least ) If you're logged in as root, you'll get Unix commands listed as well as Vyatta commands during tab completion/help. However, if you're an admin level user, you'll just

Re: [Vyatta-users] just two more questions for today... :D

2008-01-29 Thread Justin Fletcher
I think we covered port forwarding :-) The Vyatta sides of the VPN will be the same; configuring the other end of the VPN client will be up to you for a site-to-site tunnel. Undocumented now, but actually in Glendale Alpha 1 is remote client VPN which works with Windows l2tp. It's under VPN

Re: [Vyatta-users] Starting to get really frustrated... GRRR :D

2008-01-29 Thread Justin Fletcher
Here's what I use to port-forward ssh; just adjust for address (where destination address is the public IP) and change it to http. rule 2 { type: destination inbound-interface: eth0 protocols: tcp source { network: 0.0.0.0/0

Re: [Vyatta-users] Weird Routing problem on VC2

2008-01-29 Thread Justin Fletcher
-Original Message- From: Justin Fletcher [mailto:[EMAIL PROTECTED] Sent: Tuesday, January 29, 2008 12:18 AM To: Daren Tay Cc: Robert Bays; Vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] Weird Routing problem on VC2 Glad you got that figured out - many pieces in play

Re: [Vyatta-users] Firewall: block internal telnet

2008-01-29 Thread Justin Fletcher
See the Vyatta docs at http://www.vyatta.com/documentation/index.php; there are examples in the firewall chapters. Best, Justin On Jan 29, 2008 12:17 PM, Go Wow [EMAIL PROTECTED] wrote: okay thanks for replies. People help with this please, how can I block ssh on router i.e. 192.168.10.45

Re: [Vyatta-users] Unable to login, solved by reboot

2008-01-29 Thread Justin Fletcher
Give show log | match ERROR a try. Justin On Jan 29, 2008 2:00 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: I have this problem again. Now i was able to login to a user account I created, but unable to view logfiles since im in xorpsh. 2008/1/28, Justin Fletcher [EMAIL PROTECTED

Re: [Vyatta-users] Unable to login, solved by reboot

2008-01-30 Thread Justin Fletcher
for my troubled users. Somethimes the encrypted-password didn't get encrypted. 2008/1/29, Justin Fletcher [EMAIL PROTECTED]: Give show log | match ERROR a try. Justin On Jan 29, 2008 2:00 PM, Jostein Martinsen-Jones [EMAIL PROTECTED] wrote: I have this problem again. Now i was able

Re: [Vyatta-users] help me with firewall

2008-01-30 Thread Justin Fletcher
See the Quick Start Guide or Configuration Guide for multiple examples (http://www.vyatta.com/twiki/bin/view/Community/DocumentationSet) . Make sure you accept tcp established to ensure that responses to outbound requests make it back through the firewall. Best, Justin On Jan 29, 2008 8:05 PM,

Re: [Vyatta-users] Managing different subnet with different gateway

2008-01-30 Thread Justin Fletcher
Yes, eth0 and eth1 should be on different subnets; if not, the router doesn't know which interface should be used to send traffic to another device on that subnet. Best, Justin On Jan 30, 2008 7:47 AM, Daren Tay [EMAIL PROTECTED] wrote: Hi guys, I revisited the issue after getting a box to

Re: [Vyatta-users] Unable to login, solved by reboot

2008-01-30 Thread Justin Fletcher
:( Maybe next time i'm unable to login with any account? 2008/1/30, Justin Fletcher [EMAIL PROTECTED]: As you can see, nothing jumps out in the log. A detailed search may turn up more information; otherwise, at least you've got a work-around :-) Justin On Jan 29, 2008 2:48 PM

Re: [Vyatta-users] Unable to login, solved by reboot

2008-01-30 Thread Justin Fletcher
as router/firewall in front of a couple of servers that soon will go live... Since it's alpha, do you think I should do it? Just printed the whole manual... 2008/1/30, Justin Fletcher [EMAIL PROTECTED]: Maybe . . . However, much of this has been resolved with associated changes in Glendale

Re: [Vyatta-users] Dual-screened subnet

2008-01-31 Thread Justin Fletcher
You apply a firewall on an interface-basis, and whether it's inbound, outbound, or local to the router, so I think that'll do what you want (if I'm interpreting correctly). Best, Justin On Jan 22, 2008 8:58 AM, Elías Manchón López [EMAIL PROTECTED] wrote: Hi Folks!. I need set up a

Re: [Vyatta-users] Firewall Logs

2008-02-01 Thread Justin Fletcher
Yes, I've had it enabled and working before. The traffic needs to hit a firewall rule before it'll be logged; you may also need to adjust the global log level down from it's current default of warning to informational or lower. Justin On Feb 1, 2008 2:12 PM, Go Wow [EMAIL PROTECTED] wrote:

Re: [Vyatta-users] Managing different subnet with different gateway

2008-02-01 Thread Justin Fletcher
To summarize, traffic does know anything about where it's been. There's no guarantee that traffic will go back the same route it came in; asymmetric routing is very common. All a router knows is the IP address of the destination packet it needs to forward; it'll then use its routing information

Re: [Vyatta-users] vLAN Switch

2008-02-04 Thread Justin Fletcher
Definitely. It's part of the VLAN tag. Best, Justin On Feb 4, 2008 9:26 PM, Go Wow [EMAIL PROTECTED] wrote: Hey I Have configured vlan in vyatta and bought a vlan enabled switch its D-link DES-1226. I want to know when configuring the switch whether I need to give the VID in switch the

Re: [Vyatta-users] Bandwidth limitation

2008-02-04 Thread Justin Fletcher
Coming soon in a Glendale build near to you :-) Justin On Feb 4, 2008 9:26 PM, Dams [EMAIL PROTECTED] wrote: Hi, I would like to know if there is an option in vyatta to limit the bandwidth on specific ip or all ip ? Thanks -- Cordialement / Sincerely Dams

Re: [Vyatta-users] ps3

2008-02-04 Thread Justin Fletcher
Port forwarding should be straight-forward with the Vyatta CLI; look for recent ssh examples on this list. Personally, I'd create a rule for each protocol and port/port range. Best, Justin On Feb 4, 2008 8:31 PM, Nathan McBride [EMAIL PROTECTED] wrote: Hey guys, I finally got my old comp which

Re: [Vyatta-users] Possible OSPF problems

2008-02-06 Thread Justin Fletcher
If you're pinging public - public, it's the same subnet, which means the devices are communicating directly, and not even going through the router, so OSPF shouldn't be an issue. Trace a traceroute from one of the devices in question, or see if you can get a packet capture. COULD be a switch,

Re: [Vyatta-users] Possible OSPF problems

2008-02-06 Thread Justin Fletcher
Ah - my mistake in terminology translation :-) Since is IS running through the router, turn on tshark on one of the router interfaces, see what's on the (virtual) wire when you start a ping. Does the router even see it inbound through the virtual switch? Justin On Feb 6, 2008 5:05 AM, Joe Pub

Re: [Vyatta-users] Transparent IP Mapping

2008-02-06 Thread Justin Fletcher
Yes, the Vyatta will do this - with a LOT more control. Your Netopia is doing NAT for you; if you want it, you'll be able to configure it. By default, of course, NAT isn't configured on the Vyatta, so you'll have to set it up to get the results you want. Best, Justin On Feb 6, 2008 7:42 AM,

Re: [Vyatta-users] Vyatta running on appliance...

2008-02-07 Thread Justin Fletcher
What's the last message before it hangs? Justin On Feb 7, 2008 2:12 PM, ken Felix [EMAIL PROTECTED] wrote: I'm doing the same but with a 2gb and 4gb fast Compact Flash. It runs great but I just notice a problem the last 2 days in my test lab and it ( host ) hangs at boot time. Could be y

Re: [Vyatta-users] interface names move

2008-02-08 Thread Justin Fletcher
It's just the order they were initially discovered by the system, and it can vary. It's also one of the reasons there's the hw-id parameter in the interfaces section - that way the interface your prefer is locked to an interface name. If you want to change the order, change the hw-id entry,

Re: [Vyatta-users] Going to shell on Vyatta

2008-02-11 Thread Justin Fletcher
However, changes made directly to /etc/passwd are not preserved on reboot, so you'd need to re-create the user account each time. Justin On Feb 11, 2008 3:44 AM, Davide Bologna [EMAIL PROTECTED] wrote: Usually the vyatta user is meant for router administration, so it have direct access to

Re: [Vyatta-users] Going to shell on Vyatta

2008-02-10 Thread Justin Fletcher
Log in as root; that'll give you the Linux shell. Best, Justin On Feb 10, 2008 9:09 PM, piyush sharma [EMAIL PROTECTED] wrote: Sorry Stig, my question was meant for Vyatta in general. I didn't edit the subject line earlier. I have to run an application on the linux on the Vyatta machine.

Re: [Vyatta-users] Vyatta Crashing -- Have to reboot

2008-02-14 Thread Justin Fletcher
Unfortunately, you need to restart the system to recover from these errors in this version. However, major changes have been made in Glendale, so you won't see these issues in the next release. Alpha 1 is available, so you can give it a try now. Justin On Thu, Feb 14, 2008 at 7:27 AM, [EMAIL

Re: [Vyatta-users] Adding Firewall rules remotely

2008-02-22 Thread Justin Fletcher
One way to do it would be with an expect script that logs in and updates a firewall rule. You'd need to track locally when the rule was added, so you could then removed it, perhaps with a simple text file and a cron job. Best, Justin On Fri, Feb 22, 2008 at 1:08 PM, Christopher Johnson [EMAIL

Re: [Vyatta-users] MIssing the sysServices.0 OID from the MIB

2008-02-22 Thread Justin Fletcher
Yes, it's not in the SNMP configuration file, but it's easy to fix. As root, add to /etc/snmp/snmpd.conf: sysServices 4 which shows that up to and including the internet layer is supported. Then run /opt/vyatta/sbin/snmpd.init restart These are the commands for Glendale, but it'll either be

Re: [Vyatta-users] Clustering Causes Reboots

2008-02-24 Thread Justin Fletcher
No, that's not intentional ;-) I haven't seen that before either - is there any information in the log files, or from show cluster status? Do you end up in a split-brain situation where the two systems can't exchange heartbeats? The reboot-on-panic option takes effect on kernel panic, so it

Re: [Vyatta-users] vrrp issues on VC3

2008-02-25 Thread Justin Fletcher
Some systems have issues with the virtual MAC addresses - try the option to disable it. Best, Justin On Mon, Feb 25, 2008 at 8:35 AM, Tobias Orlamuende [EMAIL PROTECTED] wrote: Ken, You might have seen the vrrp priority of 150 for eth2 on R2 which was just a test and replaced with 20 since

Re: [Vyatta-users] Glendale Alpha 1 ERROR!!!

2008-02-28 Thread Justin Fletcher
However, make sure it's not already filed before you do - this was bug 2478 :-) https://bugzilla.vyatta.com/show_bug.cgi?id=2478 Justin On Thu, Feb 28, 2008 at 10:42 AM, Dave Roberts [EMAIL PROTECTED] wrote: File it for the bug bounty contest! ;-) You are absolutely correct. Therefore

Re: [Vyatta-users] Problem sending prefixes to my upstream provider

2008-02-29 Thread Justin Fletcher
On Fri, Feb 29, 2008 at 1:15 PM, Poh Yong Hwang [EMAIL PROTECTED] wrote: So the docs talking about Originating a route to eBGP Neighbours where it uses static instead of connected is not really correct? Sorry, trying to understand the difference between using a static route compared to using a

Re: [Vyatta-users] Booting from Live-CD

2008-02-29 Thread Justin Fletcher
That's actually a harder problem - you can do it by changing where the system looks for configuration on boot, install to disk and then modify the files to change what's mounted and where the system looks for the configuration, or build from scratch and create your own LiveCD with the changes in

Re: [Vyatta-users] Booting from Live-CD

2008-02-29 Thread Justin Fletcher
:33 PM, Justin Fletcher [EMAIL PROTECTED] wrote: That's actually a harder problem - you can do it by changing where the system looks for configuration on boot, install to disk and then modify the files to change what's mounted and where the system looks for the configuration, or build from

Re: [Vyatta-users] Vyatta-Hackers inactive?

2008-03-04 Thread Justin Fletcher
It's still active - sometimes no one has a good answer (yet) :-) The build system for VC4 is a bit complex, and some of the details are still being worked out; it'll be posted when it's ready to go, which should be any day now. After all, you've got to be able to build a project to contribute to

Re: [Vyatta-users] Cluster heartbeat / change to ucast?

2008-03-04 Thread Justin Fletcher
Of Justin Fletcher Sent: Tuesday, March 04, 2008 11:16 AM To: [EMAIL PROTECTED] Subject: Re: [Vyatta-users] Cluster heartbeat / change to ucast? Yes, you can edit the configuration directly; however, you'll need to modify it again on reboot as it's created from the Vyatta configuration

Re: [Vyatta-users] How to use gcc for VC3

2008-03-20 Thread Justin Fletcher
You'll need to edit /etc/apt/sources.list to point to a Debian repository, then install using apt-get. Best, Justin On Thu, Mar 20, 2008 at 2:19 AM, piyush sharma [EMAIL PROTECTED] wrote: Hi, I am using VC3. I need to compile a package on the Vyatta machine using gcc. I was not able