when connected to a corporate vpn or in a corporate wifi environment, the corporation network uses a proxy for all http traffic. When connect to a personal wifi and not connected to the corporate vpn, all internet connection will display a page where it says "please connect to corporate vpn before you can visit any website". There is a McAfee root CA also being added to the system that allows this to happen. How does this work behind the scene?
the deployed service to client laptop is called McAfee SaaS Web Operations, I just wonder how it works to make root CA redirecting traffic
Related
I need to connect to a work remote server via work VPN (the server is web GUI so connection is via https) which requires hosts resolution, meaning I have to configure the host name and map to the IP address in the hosts file. This is how I connect to the remote server on my Mac.
I just got a new iPad 2020 and I will like to connect to the server on my iPad.
For me to access the hosts file on iPad, I will have to jailbreak of which I don’t wanna do that. I’ve read counts of articles online on how to go about using some other apps, but it only works for if your server and your device are both on thesame network and VPN is not used.
Appreciate if there is a workaround for me to do this:
I need to connect via work VPN;
Access the server using the host name on safari etc.
Thanks.
I've fake IP in local network for some IOT, like 192.168.1.11, 192.168.1.15 etc. My LAN connect to Internet via provider with fake IP too, like 10.10.10.15. I've task connecting (REST) to my IOT-device through Internet. For that I want use DO droplet with real IP(for sample 178.62.209.11) and setup OpenVPN on it. For my home LAN I've buy the Mikrotik Router RB951Ui-2HnD which must allow setup the OpenVPN client. So, my LAN with DO Droplet must be VPN.
And now my question is how to do traffic translation from MY SERVER 178.62.209.11 to LOCAL device IOT 192.168.1.11? I understand that my server have only one IP, but I look that may be port forwording! For sample, if I want send request to my IOT device by 80 port, then I can use for that port forwards, like 178.62.209.11:1234 <=> 192.168.1.11:80, and for second IOT device 178.62.209.11:1235 <=> 192.168.1.15:80, and etc.
I found how to set OpenVPN to DO Droplet, I found how adjust OpenVPN client on the router, but can not found how get simple access to my device. Can you help?
I currently have a Firebird 2.5 database at a client premises, installed on a Windows 7 Pro machine (32 bit), that has multiple stations in their local network that can connect to the database, along with the local machine being able to connect with our application and IBExpert.
However, for some of our software packages, a remote connection is required (outside of the local network). This previously was working but no longer works.
When I connect with FlameRobin from my office (I'm located in a different city / different network), I receive the following error message:
IBPP::SQLException
Context: Database::Connect
Message: isc_attach_database failed
SQL Message: -923
Connection not established
Engine Code : 335544421
Engine Message :
connection rejected by remote interface.
Performing this connection attempt with IBExpert, both from my office and from other external networks fail with a same message.
However, I am getting TCP/IP communication from what I can see. Here are the details of my troubleshooting steps for the last week:
Originally, I was receiving the following error when connecting from outside the network:
"Connection not established
Connection refused by remote interface"
Since that time, we have done a restart of the router and now have the current "connection rejected by remote interface." error message.
I can telnet to the public IP through port 3050 from my office and other outside networks.
I tested port 3050 on sites like YouGetSignal.com or CanYouSeeMe.org and they appear as open.
Other ports that we communicate on publicly are open and communicating.
The site has Kaspersky antivirus installed but all tests to connect via IBExpert while Kaspersky was in sleep mode behaved the same.
Installation of Firebird 2.5 to another workstation in the same local network, pointing to port 3051 (both in Firebird.conf and in the Windows Firewall and Router) show up as being open through Telnet and CanYouSeeMe.org but again, cannot be communicated on from outside via port 3051.
IBExpert works from a workstation in the network to the server
The server currently has no entry for RemoteBindAddress in the Firebird.conf
Wireshark shows that when a connecting from outside, there are packets coming through.
The TCP/IP test in IBexpert under Communication Diagnostics for the public IP as the host and the Service show the following Test Results:
Attempt connecting to XX.YY.ZZ.AAA.
Socket for connection obtained.
Found service 'GDS_DB' at port '3050'
Connection established to host 'XX.YY.ZZ.AAA',
on port 3050.
TCP/IP Communication Test Passed!
Database path, username, and password have all been checked multiple times.
locally on the server, I've changed security of the database.FDB and the security2.FDB to have Everyone, Full Control
At this point, we have a scheduled restart of the ISP's modem happening soon, although the fact that we have full TCP/IP communication over the port makes me doubtful that this is the issue.
If anyone can lead me down any recommended next steps to debug or to any tools that are available to help in this situation, that would be greatly appreciated.
This turns out to be a networking issue. We performed the following tests:
We performed a power cycle on the ISP's modem which showed no change in behavior
We connected a laptop directly to the ISP's modem but couldn't communicate to FB even with proper port forwarding rules in place on the machine and firewall.
We ran wireshark on both sides and on connection attempts, we found many attempts to connect with retransmissions that failed.
The technical team at the client side decided to install a VPN capable router and now we're good to go. From what we found there may be some kind of ISP blocking occurring as many of the tech teams remote services were failing to connect with similar behavior.
Hopefully this post helps people in the future with remote connectivity debugging, and all of the places you can look at when you're running into this problem.
I'm doing a MITM research paper on iOS and Android focused on WebView / Hybrid Apps. This is my test setup:
Open WIFI Hotspot
iOS and Android Devices on the WIFI
Linux machine with Apache Proxy on the WIFI
ICMP Redirect (DoubleDirect), DNS or Forwarding to pipe all traffic through my Linux machine
For www.example.com I have a valid certificate from a trusted CA
I want to redirect a WebView request to https://www.facebook.com/ to my own site https://www.example.com/ directly on my Apache Proxy, without the user noticing anything in a hybrid App.
If this possible and how can I do that?
I'm about to being developing an application that will connect to a Unix machine on a network (via internal IP). The machines that will be running this application already have access to connect to the Unix machine.
If I develop an ASP.NET MVC Web App running on an external IIS instance, will the web app be able to connect to a private local machine? I realise the IIS server won't (as it's private), but there will be locally executed code. Is this going to be able to access the machine? If not, I will have to resort to Windows desktop app.
You can use a VPN connection from an external server to the private network. Virtual hosting hasn't this feature, so you must use virtual machine.
A firewall software allows you to create VPN server usually, and any version of Windows allows you to establish a VPN connection to the server.
With a help of VPN connection your virtual machine can get ф private IP-address, and can access private network resources.