Posts Tagged ‘firewall’

Enable PPTP Passthrough on MikroTik RouterOS

At the CLI:

> ip firewall service-port set pptp disabled=no

Configure Stand-Alone Bridge on Debian

I like to start my Xen networking by creating two (or more) bridges, one connected to the physical interface on the dom0 and another which is only connected to by virtual machines. This lets me set up an internal private network for cross-VM interaction and administration which is insulated from the DC’s network. If you put a router VM on both bridges which occupies your public IP addresses you can use 1-1 NAT to stack services from different VMs behind one IP and firewall the virtual machines. This is particularly handy where your address space is small but your VMs are many.

Unfortunately, the Debian interfaces configuration scheme doesn’t like setting up bridges with no bridge_ports directive so we have to give it a little boost. You will end up with a configuration file that looks something like this:

auto lo
iface lo inet loopback

iface eth0 inet manual

auto extbr0
iface extbr0 inet static
        bridge_ports eth0
        address x.x.x.x
        network x.x.x.0
        broadcast x.x.x.255
        gateway x.x.x.1

auto intbr0
iface intbr0 inet manual
        pre-up    brctl addbr $IFACE
        post-down brctl delbr $IFACE
        up        ifconfig    $IFACE up y.y.y.y
        down      ifconfig    $IFACE down

Where y.y.y.y is an internal IP you can use to access the dom0. For example you might prefer not to expose SSH on your dom0 to the wild, you would make sshd listen on this IP and shell in over a VPN.

Unable to Connect to Zimbra Web Interface on Port 80

First check that port 80 is open on your server:

# iptables-save | grep 80
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT 

Switch to the zimbra user:

# su - zimbra

Turn on redirection to SSL:

zmtlsctl redirect

Now restart mailboxd:

[zimbra@mail ~]$ zmmailboxdctl stop 
Stopping mailboxd...done.
[zimbra@mail ~]$ zmmailboxdctl start
Starting mailboxd...done.

Now when your users connect to port 80 they will automatically be redirected to

More information on zmtlsctl is available at

Return top
Online Marketing Toplist
Technology Blogs - Blog Rankings

Internet Blogs - BlogCatalog Blog Directory

Bad Karma Networks

Please Donate!

Made in Canada  •  There's a fox in the Gibson!  •  2010-12