[THIN] Re: Issue with AG 4.2.2 code

Thanks for that tip Rick. I'm not much of a Linux person, but managed to
work my way around theVPNAdmin Console okay.

Ethereal showed that everything was okay. However, when I ran netmon on the
Internal servers, they were showing traffic being received from a NAT'd
address, rather than the real address of the AG. So the PIX firewall logs
weren't showing any drops, it was just not working because I was unaware of
the NAT. I've spent two days trying to get this AG working. One problem was
my fault, the rest have been firewall issues, which we have no control over
:(

Having said that, the more you have to trace through these issues to
diagnose what's going on, the more you learn.

Cheers.

 Kind regards,

 Jeremy Saunders
 Senior Technical Specialist

 Infrastructure Technology Services
 (ITS) & Cerulean
 Global Technology Services (GTS)
 IBM Australia
 Level 2, 1060 Hay Street
 West Perth  WA  6005

 Visit us at
 http://www.ibm.com/services/au/its

 P:  +61 8 9261 8412                F:  +61 8 9261 8486
 M:  TBA                            E-mail:
                                    jeremy.saunders@xxxxxxxxxxx










                                                                       
             "Rick Mack"                                               
             <Rick.Mack@volant                                         
             e.com.au>                                                  To
             Sent by:                  <thin@xxxxxxxxxxxxx>            
             thin-bounce@freel                                          cc
             ists.org                                                  
                                                                   Subject
                                       [THIN] Re: Issue with AG 4.2.2 code
             31/05/2006 06:47                                          
             AM                                                        
                                                                       
                                                                       
             Please respond to                                         
                   thin                                                
                                                                       
                                                                       




Hi Jeremy,

Try using ethereal in the VPNAdmin console. That might give you a clue as
to what's broken.

It's actually not that hard to extend the diagnostic capability on the CAG.


Once you know the config layout, you can either use a Knoppix CDROM to
access the CAG file system directly for editting [not recommended], or edit
the config pre-installation by using something like MagicISO, for customer
specific branding and other mods.

regards,

Rick

Ulrich Mack
Volante Systems


________________________________

From: thin-bounce@xxxxxxxxxxxxx on behalf of Jeremy Saunders
Sent: Wed 31/05/2006 0:32
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Issue with AG 4.2.2 code



No the same config. I'm using it without AAC, so the authentication is done
from the AG to the Domain Controllers through the firewall. We've got TCP
389 open (amongst others), but are getting the unsuccessful bind errors.

 Kind regards,

 Jeremy Saunders
 Senior Technical Specialist

 Infrastructure Technology Services
 (ITS) & Cerulean
 Global Technology Services (GTS)
 IBM Australia
 Level 2, 1060 Hay Street
 West Perth  WA  6005

 Visit us at
 http://www.ibm.com/services/au/its

 P:  +61 8 9261 8412                F:  +61 8 9261 8486
 M:  TBA                            E-mail:
                                    jeremy.saunders@xxxxxxxxxxx











             "Pavlo Ignatusha"
             <Pavlo.Ignatusha@
             pemreghos.org>                                             To
             Sent by:                  <thin@xxxxxxxxxxxxx>
             thin-bounce@freel                                          cc
             ists.org
                                                                   Subject
                                       [THIN] Re: Issue with AG 4.2.2 code
             30/05/2006 08:26
             PM


             Please respond to
                   thin






We are running 4.2.2 with AAC and authenticate to AD. It seems to work fine
(updated May 24).

Thanks,

Pavlo Ignatusha
Systems Network Coordinator
Pembroke Regional Hospital
tel.  +1 (613) 732-3675 ext.6150
fax.  +1 (613) 732-9986

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Jeremy Saunders
Sent: May 30, 2006 7:55 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Issue with AG 4.2.2 code

Hi,

I've just set up a new AG with the latest code and we are unable to use the
LDAP Authentication. The logs give us an unsuccessful bind error, which we
cannot explain, as an ldap authentication to their domain controllers is
working fine from my laptop, etc, and there is nothing being blocked on the
firewall between the AG and the domain controllers.

Has anyone else found any issues with this release of code?

Just the AG...no AAC involved here.

Cheers.

 Kind regards,

 Jeremy Saunders
 Senior Technical Specialist

 Infrastructure Technology Services
 (ITS) & Cerulean
 Global Technology Services (GTS)
 IBM Australia
 Level 2, 1060 Hay Street
 West Perth  WA  6005

 Visit us at
 http://www.ibm.com/services/au/its

 P:  +61 8 9261 8412                F:  +61 8 9261 8486
 M:  TBA                            E-mail:
                                    jeremy.saunders@xxxxxxxxxxx









************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://www.freelists.org/list/thin
************************************************

--
The information in this email belongs to the Pembroke Regional Hospital
and may contain confidential and privileged information for the sole use
of the individual or organization to which it is addressed.  If you are
not the intended recipient, you are hereby notified that any disclosure,
copying or distribution of the contents of this email is prohibited.
If you have received this email in error, please contact the sender and
destroy all copies of the original message.

************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://www.freelists.org/list/thin
************************************************


************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://www.freelists.org/list/thin
************************************************



#####################################################################################

This e-mail, including all attachments, may be confidential or privileged.
Confidentiality or privilege is not waived or lost because this e-mail has
been sent to you in error.  If you are not the intended recipient any use,
disclosure or copying of this e-mail is prohibited.  If you have received
it in error please notify the sender immediately by reply e-mail and
destroy all copies of this e-mail and any attachments.  All liability for
direct and indirect loss arising from this e-mail and any attachments is
hereby disclaimed to the extent permitted by law.
#####################################################################################

(See attached file: winmail.dat)

Other related posts: