serverfault.com

So i have centos 7.9 with strongswan and xl2tpd installed. I can only connect with success when i setup client with a l2tp connection without ipsec psk - just unencrypted l2tp. Other connections - l2tp ipsec psk, xauth psk, ikev2 psk - are not working. Here are my configs: /etc/strongswan/ipsec.conf: config setup #virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12 #virtual-private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12 #protostack=netkey # Add connections here conn l2tpvpn type=transport authby=secret pfs=no rekey=no keyingtries=2 left=%any leftprotoport=udp/l2tp leftid=@l2tpserver right=%any rightprotoport=udp/%any auto=add conn ikev2vpn auto=add compress=no type=tunnel keyexchange=ikev2 ike=chacha20poly1305-sha512-curve25519-prfsha512,aes256gcm16-sha384-prfsha384

I have been trying for several days to configure a vbulletin server to use SMTP mail rather than PHP mail because I need to use Postfix rather than Sendmail as the MTA. I was initially getting SMTP error 454 but that was becasue I'd chosen the wrong port. Once I changed that to 143 I now get an SMTP error 0 (unexpected response). The mail log shows the connection attempt: dovecot: imap-login: Disconnected (no auth attempts in 60 secs): user=<>, rip=127.0.0.1, lip=127.0.0.1, secured Dovecot is configured to allow no auth for localhost but it doesn't matter whether I set valid credentials in the vbulletin config or not, I get the same error. Google suggested it might be a firewall issue but the input chain has a rule to accept If input interface is lo and I have added rules for the listening ports (110/143/993/995) and the Postfix outbound port (25) without any change in the error. I'm at a loss.

I’m trying to connect to my VPS using SSH with the following configuration located in ~/.ssh/config: Host vultr HostName <vps ip> User root Port 22 PreferredAuthentications publickey IdentityFile ~/.ssh/vultr When I run: ssh -vvv vultr I get debug output that looks like this (trimmed for security): debug1: OpenSSH_10.2p1, OpenSSL 3.6.1 27 Jan 2026 debug3: Running on Linux <...> debug3: Started with: ssh -vvv vultr debug1: Reading configuration data /home/my-user/.ssh/config debug1: /home/my-user/.ssh/config line 7: Applying options for vultr debug1: Reading configuration data /etc/ssh/ssh_config debug3: /etc/ssh/ssh_config line 2: Including file /etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf depth 0 debug1: Reading configuration data /etc/ssh/ssh_config.d/20-systemd-ssh-proxy.conf debug2: resolve_canonicalize: hostname <vps ip> is address debug3: expan

We want to prevent users from downloading documents to unmanaged devices. To do so, we configured "SharePoint Online admin center", then "Polices", then "Access Policy", and selected the second option: I know that this will prevent users from downloading and printing SharePoint documents from unmanaged devices from the SharePoint UI, and they can only view the document inside the browser. What effect will be applied to the Teams desktop app and Outlook desktop app? If a user has the Teams desktop app, will they be able to use them to chat, view SharePoint documents and upload new documents, or they can only do so using Teams on the web? Thanks

I am planning to migrate from VMware and would like to choose a suitable alternative virtualization platform. Current environment: 5 physical servers, ~40 VMs Storage: local disks + SAN (fiber-connected) Network: 1 Gbps No requirement for Ceph, ZFS, or distributed storage Workloads: Primarily Linux VMs Some Windows VMs (Active Directory, File Server, Veeam Backup) Concerns: Hyper-V: Windows Admin Center is complex, Hyper-V Manager lacks advanced features Proxmox: good UI, but Windows VM performance is not optimal even with VirtIO XCP-ng: no direct experience, but XenServer was previously stable; unsure about current adoption and support Question: Which of these platforms provides the best balance of: Stability in enterprise environments

Is there anyway to find from the logs if a user is added to ediscovery Manager or ediscovery admin role group? KQL or splunk query would be helpful. I suppose for the query the Workload would be SecurityComplianceCenter but what would be the rest of the query specifically the "operation" field if I'm only looking to identify when a user is added to this role group and not for any other changes.

I am attempting to implement block-level remote disk access between two Windows systems: System B (Target): Hosts a physical disk (e.g., \.\PhysicalDrive0) System A (Initiator): Connects over iSCSI and mounts the disk as a local block device Current Approach: Using Windows iSCSI Target Server, which requires virtual disks backed by VHD/VHDX files. Issue: Creating a VHDX for a physical disk results in full-size allocation (e.g., a 400 GB disk requires ~400 GB storage) This introduces: Significant storage overhead Delay in provisioning It prevents instant exposure of the physical disk over the network Requirements: Export a raw physical disk directly (no intermediate full-size VHDX) Enable immediate / near-instant provisioning Maintain read-only access on the initiator side Ensure no additional storage footprint (no disk duplication) Preferably using Windows-native mechanism

I am planning to deploy a high traffic application on AWS EC2. The backend includes both PHP and Node.js. For PHP I need Apache compatibility due to .htaccess and existing behavior, while Node.js handles APIs and background services. I am deciding between using a control panel such as Plesk or cPanel, or configuring everything manually. In both cases the stack would be similar, with Nginx in front and Apache with PHP FPM handling PHP, alongside Node.js running separately. The difference is that a control panel adds extra services like its interface and other background components, while a manual setup would remain minimal. My focus is only on performance and security in a production environment under high traffic. Does a control panel introduce any meaningful overhead compared to a minimal manual setup with the same stack? From a security perspective, how significant is the additional attack surface of a control panel in real-world use? Also

I'm having trouble setting up SPF for my domain. I use email marketing services, but I keep getting SPF errors when sending emails. For example, one of the errors looks like this: 185.225... - SPF fail I'm not sure which service this IP is from. It's a Google IP address, but I don't know how to properly configure SPF for all the services I use (like MailerLite and others). I also have questions about configuring these services with the correct SPF records to prevent errors. My current SPF record looks like this: stratoplan-school.com. 3600 TXT "google-site-verification=Vd2u0DJC65p1w4iGqNS6U9D0u0wa6i8-l5UYtM7qB6I" 8.8.8.8 (103 msec) stratoplan-school.com. 3600 TXT "v=spf1 include:_spf.mlsend.com include:_spf.google.com include:mxsspf.sendpulse.com include:_spf.amocrmmail.com ~all" 8.8.8.8 (103 msec) stratoplan-school.com. 3600 TXT "shop-verification-oa2QwwqvAl" 8.8.8.8 (103 msec) strato

I sort of frequently encounter software that pretends it owns all of a PostgreSQL instance and wants to create a database, even if it's already there and the software uses the account owning the database. I know how to alter user <application_user> createdb;, but would like to have an option to say something like alter user <application_user> createdb matching ('regular expression here');, so that the user can only create databases with names matching the given regular expression. What are my options, please?