 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
| HomeDiscussion Groups Database Servers DB2InformixIngresMS SQLOraclePervasive.SQLPostgreSQLProgressSybaseDesktop Databases FileMakerFoxProMS AccessParadoxGeneral General DB TopicsDatabase TheoryRelated Topics Java Development.NET DevelopmentVB DevelopmentMore Topics ... |
Database Forum / Informix Topics / July 2008ids connections lost to vpn
This is probably a pure networking question and the wrong forum, but there are many networking experts here that may have encountered my problem. I am running 11.50.TC1DE on Windows 2008 Server (64bit). Informix Connect 3.50 is also installed. This is a development box and I am the only one on it. Everything runs fine until I use the VPN to connect to a certain customer site. (It is the only customer that has a VPN that I have to use before I can ftp or RDP.) As soon as I connect to the VPN, I lose connectivity to my local databases. Dbaccess still works, but other programs (using odbc) will not connect. Windows has hijacked the entire ip stack to the VPN. ( Skype, IE, etc ). I must bounce the IDS instance to get connections back. If I later disconnect from the VPN, all connections stop working and dbaccess stops connecting. I bounce the IDS again. This is not a major issue, but if I am in the middle of something when I need to go look at the customer site, it is annoying. Is this out of my control? Is it something about this particular VPN or all VPN's that have this behavior. Is there anything I can set in the Onconfig or registry or router that will stop the local IDS traffic from being hijacked? The router is a simple WRT52G . > This is probably a pure networking question and the wrong forum, but > there are many networking experts here [quoted text clipped - 28 lines] > The router is a simple WRT52G . > How do you access your local databases? By IP or by hostname? When you establish a VPN you probably get another IP address and possibly your routing table changes. %INFORMIXSQLHOSTS% and the errors you get may help... Also a netstat can help... If you setup your server with an explicit 127.0.0.1 port you should be safe... Regards.  SignatureFernando Nunes Portugal http://informix-technology.blogspot.com My email works... but I don't check it frequently... I think Fernando has got it right. I was unable to connect to an IDS instance using "localhost" on Vista as it's ambiguous in the "hosts" file. Instead, I added a host name alias against 127.0.0.1 and used this in "sqlhosts", ODBC and JDBC. Regards, Doug Lawry ____________________________________________ This is probably a pure networking question and the wrong forum, but there are many networking experts here that may have encountered my problem. I am running 11.50.TC1DE on Windows 2008 Server (64bit). Informix Connect 3.50 is also installed. This is a development box and I am the only one on it. Everything runs fine until I use the VPN to connect to a certain customer site. (It is the only customer that has a VPN that I have to use before I can ftp or RDP.) As soon as I connect to the VPN, I lose connectivity to my local databases. Dbaccess still works, but other programs (using odbc) will not connect. Windows has hijacked the entire ip stack to the VPN. ( Skype, IE, etc ). I must bounce the IDS instance to get connections back. If I later disconnect from the VPN, all connections stop working and dbaccess stops connecting. I bounce the IDS again. This is not a major issue, but if I am in the middle of something when I need to go look at the customer site, it is annoying. Is this out of my control? Is it something about this particular VPN or all VPN's that have this behavior. Is there anything I can set in the Onconfig or registry or router that will stop the local IDS traffic from being hijacked? The router is a simple WRT52G . So, on 64 bit Windows, I would use regedit on HKEY_LOCAL_MACHINE/Software/Wow6432Node/Informix/SQLHOSTS/dbname/HOST and change the REG_SZ value to 127.0.0.1 ??? (currently it is "*sixfore") > From: lawry@nildram.co.uk> Subject: Re: ids connections lost to vpn> Date: Wed, 30 Jul 2008 16:06:56 +0100> To: informix-list@iiug.org> > I think Fernando has got it right. I was unable to connect to an IDS > instance using "localhost" on Vista as it's ambiguous in the "hosts" file. > Instead, I added a host name alias against 127.0.0.1 and used this in > "sqlhosts", ODBC and JDBC.> > Regards,> Doug Lawry> You might find it easier to use IBM Informix / Client-SDK / Setnet32 (or similar) from your Windows Start Menu! Should you wish to add a host name alias instead of using 127.0.0.1, the DOS command is: write %SystemRoot%\system32\drivers\etc\hosts So, on 64 bit Windows, I would use regedit on HKEY_LOCAL_MACHINE/Software/Wow6432Node/Informix/SQLHOSTS/dbname/HOST and change the REG_SZ value to 127.0.0.1 ??? (currently it is "*sixfore") > From: lawry@nildram.co.uk > Subject: Re: ids connections lost to vpn [quoted text clipped - 8 lines] > Regards, > Doug Lawry The Informix docs state "On Windows, INFORMIXSQLHOSTS points to the computer whose registry contains the SQLHOSTS subkey. " It says it will default to this machine. I tried setnet32 anyway, but it did not change the registry and did not write to system32\drivers\etc\hostsMy hosts file has 127.0.0.1 localhost::1 localhost If my machine name is sixfore, you saying I should add a line like this127.0.0.1 sixfore I that what you mean? The registry subkey at "HKEY_LOCAL_MACHINE\SOFTWARE\Informix\SQLHOSTS" has the value "New" whatever that means. > From: lawry@nildram.co.uk> Subject: Re: ids connections lost to vpn> Date: Wed, 30 Jul 2008 17:53:29 +0100> To: informix-list@iiug.org> > You might find it easier to use IBM Informix / Client-SDK / Setnet32 (or > similar) from your Windows Start Menu!> > Should you wish to add a host name alias instead of using 127.0.0.1, the DOS > command is:> > write %SystemRoot%\system32\drivers\etc\hosts> INFORMIXSQLHOSTS is not relevant to your problem. Setnet32 will change the registry, not the hosts file. Make sure you are running it as an administrator, and it will change the relevant keys. Don't remove "localhost" from any entry in the hosts file!! You would add an additional alias to the end of the line, but I'm not sure that adding your machine name as an alias is a good idea as that would be a further ambiguity. I suggest you get familiar with Setnet32 and just enter 127.0.0.1 instead of localhost. The Informix docs state "On Windows, INFORMIXSQLHOSTS points to the computer whose registry contains the SQLHOSTS subkey. " It says it will default to this machine. I tried setnet32 anyway, but it did not change the registry and did not write to system32\drivers\etc\hosts My hosts file has 127.0.0.1 localhost ::1 localhost If my machine name is sixfore, you saying I should add a line like this 127.0.0.1 sixfore I that what you mean? The registry subkey at "HKEY_LOCAL_MACHINE\SOFTWARE\Informix\SQLHOSTS" has the value "New" whatever that means. > From: lawry@nildram.co.uk > Subject: Re: ids connections lost to vpn [quoted text clipped - 9 lines] > > write %SystemRoot%\system32\drivers\etc\hosts It's not something like the vpn connection having "use default gateway" ticked in it's advanced tcp/ip settings is it? (that's where it is in xp anyway, not sure about vista). Not ticking it may have security implications for the host site, but it should stop all traffic being directed through the vpn connection. Regards, Bryce Stenberg. This is probably a pure networking question and the wrong forum, but there are many networking experts here that may have encountered my problem. I am running 11.50.TC1DE on Windows 2008 Server (64bit). Informix Connect 3.50 is also installed. This is a development box and I am the only one on it. Everything runs fine until I use the VPN to connect to a certain customer site. (It is the only customer that has a VPN that I have to use before I can ftp or RDP.) As soon as I connect to the VPN, I lose connectivity to my local databases. Dbaccess still works, but other programs (using odbc) will not connect. Windows has hijacked the entire ip stack to the VPN. ( Skype, IE, etc ). I must bounce the IDS instance to get connections back. If I later disconnect from the VPN, all connections stop working and dbaccess stops connecting. I bounce the IDS again. This is not a major issue, but if I am in the middle of something when I need to go look at the customer site, it is annoying. Is this out of my control? Is it something about this particular VPN or all VPN's that have this behavior. Is there anything I can set in the Onconfig or registry or router that will stop the local IDS traffic from being hijacked? The router is a simple WRT52G . > It's not something like the vpn connection having "use default gateway" > ticked in it's advanced tcp/ip settings is it? (that's where it is in xp [quoted text clipped - 4 lines] > Regards, > Bryce Stenberg. And thats the problem. Think paranoid. Any inbound traffic the VPN has control over what is happening. Outbound traffic? Your guess is as good as mine, so that the VPN will want to control all traffic. I'm not sure how the VPN's will react with a PC that has multiple NIC cards. I don't have a desktop set up that way, only my servers and they run Linux. (I had to convert my solaris x86 box) Personally I think its stupid and doesn't really matter. There is nothing stopping someone to stage material on the pc outside the network, disconnect from the VPN and then push the data out. Of course not all VPNs are created equal. I'm wondering if how a Cisco VPN would work.... |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.