ibVPN was taken over by StrongVPN who have then shut down the ibVPN api so it is not possible to populate that list, so update any of the endpoints. StrongVPN themselves do not have an api which can be called. At the same time it is a third-party which currently has very low usage so there is little incentive for them to fix it. Having said that, see this thread where I have posted a workaround so you can use StrongVPN configs. It is not ideal as to needs to be changed manually for any endpoint, but it **may** just be a case of changing the "remote" line.

Are the failures for valid users in the pam messages? If so the short answer is don't worry about them. You will probably get them every time a user logs on. For the long answer see https://www.clearos.com/clearfoundation/social/community/pam-unix-authentication-failure and similar threads. I use the file in this post in a different thread. The issue is that the authentication mechanism tries against unix accounts first and reports an error if it fails and then it tries against ldap accounts. All cyrus-imap users are ldap users.

if you want one LAN for one WAN, you could do it with 5 ClearOS. One as a KVM hypervisor running 4 instances of ClearOS. With one ClearOS you won't get separation of your LAN's. Even WAN's won't separate if one fails, but otherwise source-based routing should work.

The potential benefits of 2 or 3 is that you could use dedicated hypervisor o/s. I have one proxmox server, a server which was ClearVM but we did things to break ClearVM and now just run it as Centos with KVM command line, and I have ClearOS running KVM/Kimchi.

I have no idea about this set up. If you have four ports on the ISP box and they carry different traffic, then you'll need 4 NIC's in ClearOS unless you can redirect all the ISP traffic over VLANS on a single port.

ClearOS is not really designed to tie a WAN port to a LAN port and port forwarding operates on all WAN ports at the same time.

I think hypervisors often have the ability to pass through NIC's and ports. From Googling, Xen does - https://www.google.com/search?q=xen+passthrough+wifi+nic.

From your link, there are a couple of glitches installing KVM in ClearOS but I run it. I also sometimes use Kimchi, but it is relatively old and there is an annoying bug (if you upload an iso, it ends up with the wrong permissions so you have to change them before you can use them). You can also use the graphical desktop and Virtual Machine Manager to manage KVM. There is a howto in our knowledgebase. The command line isn't too bad either. In ClearOS you can also run VirtualBox.

I've patched syswatch and there is a version now available for testing. Note this only affects people with an interface which get its IP address by DHCP . To test, please do a:

Re: Network interface cycles Link Yes/No when DHCP client

If you're into hacking, have a look at /usr/sbin/syswatch around lines 666 to 669. This is where it takes down and brings back up the interface. You can probably add a:I am not sure where they should appear in the sequence. It is something to play with.

You just have to remember that each version of PHP has its own php.ini file. I think you can also do the change in a .htaccess file, but I'd need to research it. If you can, that would work irrespective of the version of PHP.

I don't see why we can't go to NC20, except for lack of developer time. Running occ commands in the upgrade script is easy-enough. I think we do it already. NC21 is an issue. The problem is that system-mariadb is not fully sandboxed so any upgrade to mariadb, even using the rh-mariadb102/3 packages may destroy you system-database. I know it gets destroyed using third party repos. I think it may also with the rh- packages. Work would need to be done here and there is no one to do it. There is a bug report which gives an outline and it may not be too hard, but I don't know.