[Anonymous]

Okay. I fixed it in a bit of a ditry way, but it worked for my situation.

Here’s what I did.

1. Use Apple’s Mail to IMAP into all users email and archive it to local mailboxes. (Major Pain, but I only had 7 users to deal with)

2. Build an ENTIRELY new 10.3 server and update it.

3. Made it a Open Directory Replica (Required for my setup, and probably completely secondary)

4. Ditto the /var/spool/postfix directory to the new server (Target Disk Mode is my friend)

5. run ‘postfix check’ as root.

6. start up mail server and BAM! You’ve got all yor mail from your queue.

7. Use Apple’s Mail to upload archived mail to user accounts.

[Anonymous]

Hi,

I need to do a very similar thing.
Did you manage to connec to the zyWALL 10 using Panther or Jaguar?

Thanks in advance.

[Anonymous]

Still ‘no go’ with VaporSec and OBSD box.
I looked at the system.log and noticed that my PowerBook did contact the OBSD box but could not establish ‘phase 1’ Security Association. It always timed out. I was using similar IPSec configuration setting on VaporSec as in the Sentinel VPN client.

I do not know if it is the VaporSec version 1.0 problem. I’ll try again when the VaporSec Panther version is available. Thanks for your reply.

[Anonymous]

DAMN I did not post in the right tread (please deleteme!)

I’ll repost in the right thread.

Sorry again!

Patrick

[Anonymous]

my_identifier keyid filename

I added it and it seems to give me a different error. But the guys from Symantec said it only responds to keyid, not fqdn, so at least we are getting closer. Please add it to interface. If you need any help let me know. I’ve been programming for years and have a vast knowledge of unix.

[Anonymous]

The identifier is sent as a user_fqdn (fully qualified domain name). We need the interface to allow us to change this to a keyid. Please include this in the next version.

[Anonymous]

I have tried in the last two day to allow my Powerbook G4 with Airport card to access the Internet via a OpenBSD 3.3 box using VaporSec but without success.

My OBSD box has three network cards :-
fx0 connects to cable modem with an IP address of w.x.y.z (an routable IP address assigned by the ISP).
fx1 connects to a hub which allows me to plug in computers and printer. fx1 has an IP address of 192.168.1.1/255.255.255.0.
dc0 connects via a cross-over cable to an Intel PRO wireless access point and has an IP address of 192.168.2.1/255.255.255.0

My laptop has an Intel wireless network card, running Windows XP Pro with an IP address of 192.168.2.14/255.255.255.0. I can use ‘Sentinel VPN Client’ to secure my WLAN with IPSec to surf the Internet via the OBSD firewall, as well as accessing printing device on the internal network (192.168.1.0/255.255.255.0). This shows that I have a functional IPSec setup on my OBSD box.

My 12″ PowerBook running ‘Panther’ with an Airport card cannot do a thing. The ‘ifconfig -a’ command output shows that my airport card ‘en1’ is up and running, also showing the manually assigned IP address (192.168.2.2/255.255.255.0) correctly. The VaporSec ‘Show ’em’ output indicates there are IPSec tunnels between 192.168.2.1 and 192.168.2.2. But I cannot ‘ping’ the IP address of 192.168.2.1.

I looked up some older comments from the bulletin board and found one comment saying that ‘racoon’ (which is what VaporSec based on) does not allow IPSec setup between two hosts on the same subnet (which is what I am trying to do). ‘Racoon’ only allows a computer to setup an IPSec connection with a remote IPSec gateway and communicates with hosts behind the IPSec gateway. Is this correct ?

Would you be so kind to share your experience in using ‘VaporSec’ to secure wireless connection. Thanks.

Alex Lee

[Anonymous]

UPDATE: It looks like I can’t send to the outside world and cannot recive mail

Help Please!

[Anonymous]

Joel, I am running NAT. But I am not sure what I have to do. I have been a M$ Exchange admin for a couple of years and since the DNS was on the outside I never had to do any DNS on the inside. I had the server that that way it could provide DNS service to local computers.

How to I replicat my domain internally on my server. What should I put for DNS entry’s. I own both bovie.us and boviecomputer.com and DNS on the outside points to my IP. The Linksys NAT router just forward’s Port 25, and 80.

How would I set this up (internal DNS to resolve your DNS names to you NAT’ed internal IP addresses.)

My server IP is 192.168.1.10 and I have DHCP working on 192.168.1.100-254.
So how would I put the DNS in?

Thanks so much for the help!
Everything else on the server works great so I am sure once I get mail working I will be a happy convert from M$ based servers.

[Anonymous]

My configuration is virtually identical to yours (local wifi through router with DHCP to workplace LAN, not working with Vaporsec), but when I try your hack I get:

Dec 29 20:55:50 localhost racoon: ERROR: sockmisc.c:731:str2saddr(): getaddrinfo(192.168.0,0): No address associated with nodename
Dec 29 20:55:50 localhost racoon: ERROR: cfparse.y:1350:cfparse(): fatal parse failure.

This is different in that before applying your hack the erro was due to a null value passed to sockmisc. Is this a DNS problem? Any clues?

B

[Anonymous]

I think you need Dave to mount native Windows shares.

[Anonymous]

Hi.

Just wondering, 1 month after the last “Panther” post, if it was going to happen sooner or later.

Basically, the big question is: should I continue to fiddle my settings by hand (Helped by VPNTracker) or will I finally be able to get a nice tunnel using VaporSec.

I would’ve helped if I knew anything about IpSec other than the last 20 hours of trials and errors (and headaches) I did this week.

Thx
Mike

PS: Merry Xmas.

[Anonymous]

yes.. as long as you are running anything later than like 10.2.6 Server it should work just fine.

[Anonymous]

I have it loaded on my 12″ 867 and it works fine. I use to do just what you said – lean the admin tools, try different configs and mess around w/ features of the OS. Although I don’t have PSD loaded on the 12″, I can tell you that there is no noticeable slowdown in other apps like, Word, Excel, Entourage, FileMaker, GoLive.

[Anonymous]

Thanks McTroll, I will go to take a look and try to set it.
I will post my experience later.

[Author]

Posts