SSL-Explorer’s Community Version doesn’t give you full network access like some commercial SSL VPN solutions, but that shouldn’t stop you from printing.
This assumes that you’ve got some sort of network-enabled printer - such as a HP with an internal JetDirect card. From memory, if you’ve got an external JetDirect device with multiple physical Parallel or USB ports, the network port number changes according to the physical port used.
The setup is as follows:
- Go to Access Control, Policies, and create a new policy. Assign some users to the policy if you like.
- Go to Resources, SSL Tunnels, and create a new Tunnel with the following properties:
- Source Interface: 127.0.0.1
- Source Port: 9100
- Destination Host: Printer’s IP Address
- Destination Port: 9100
- Auto Start: Ticked, if you want the tunnel to be enabled as soon as the Java client starts
- Type: Local
- Assign the policy that was created in step one to this tunnel.
That’s it for the SSL-Explorer side of things. In Windows, make sure you’ve got the driver for your printer handy, and follow these steps:
- Go to Control Panel, Printers and Faxes, and add a new Local Printer (untick ‘Automatically Detect’ if it’s ticked)
- Create a new Standard TCP/IP Port
- As the address for the port, enter 127.0.0.1
- Click ‘Custom’, and leave the settings as:
- RAW mode
- Port 9100
- IP 127.0.0.1
- Point the Wizard to the correct printer driver, and finish the installation. If you want to print a test page, make sure that the SSL Tunnel is activated first. This can be verified by right-clicking on the SSL client’s tasktray icon and selecting ‘Tunnel Monitor’. You should see and entry for port 9100.
The way this works is that once the tunnel is enabled, it listens on 127.0.0.1 on the port you’ve specified, and redirects traffic to the IP and port specified on the network behind the SSL VPN.
In addition to this, you can add a ‘Web Forward’ of type ‘Tunneled proxy’ to the printer’s port 80 if you’d like to check up on the printer’s status via the web interface. You can then add this ‘Web Forward’ to the policy created in step 1.
Here is a brief guide to installing SSL-Explorer, a great SSL VPN solution, on Centos. I used Centos 4.4, as there is currently no Server CD for version 5. I had to search around a bit in order to find out how to set the JAVA_HOME environment variable to the correct location, so here it is - to save you time.
Centos was installed with a minimum of options - no Apache, no X. If you install Apache, you’ll have to either change the ports it listens on, or change the ports SSL-Explorer listens on. If you don’t, then you’ll get conflicts. Configure the firewall to allow port 443, as that’s what SSLExplorer will be running on.
[root@server ~]# service ipchains stop
[root@server ~]# cd /root
[root@server ~]# wget http://link.to.sf.net/download
[root@server ~]# chmod 755 sslexplorer_linux_0_2_12.rpm
Download JRE, and copy to /root. I used FileZilla with FTP/SSH to put the file on the linux box
[root@server ~]# chmod 755 jre-6u1-linux-i586-rpm.bin
[root@server ~]# ./jre-6u1-linux-i586-rpm.bin
[root@server ~]# /usr/local/bin/install-sslexplorer
Configure using Web interface
[root@server /]# export JAVA_HOME=/usr/java/jre1.6.0_01
[root@server /]# /opt/sslexplorer/install/platforms/linux/install-service
[root@server /]# service sslexplorer start
Note that if you’re copying and pasting these directions, get the link to the newest version from sourceforge, and replace the generic link on the 3rd line.
Just been looking into a replacement systems monitoring box for work. It seems that Zabbix is the most professional. ZenOSS looked good, but requires Python to be installed on the Windows Server clients in order to run the monitoring client. We’re currently running a combination of Hobbit, Cacti, Syslog-NG logging to a MySQL database, and PHPSyslog-NG. I’m trying to determine if Zabbix is a viable alternative to Hobbit.
ZABBIX is all-in-one 24×7 monitoring solution without high cost.
ZABBIX is software for monitoring of your applications, network and servers. ZABBIX supports both polling and trapping techniques to collect data from monitored hosts. A flexible notification mechanism allows easy and quickly configure different types of notifications for pre-defined events.
Here is a tutorial created from the notes I took while setting Zabbix up on a virtual machine.
Continue reading ‘Setting up Zabbix on Fedora Core 5′
