Search Results

Search found 1181 results on 48 pages for 'cisco asa'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 1/48 | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Cisco ASA Act as a Hardware Security Module?

    - by Derek
    Hello, We have a partner that is requiring us to get a HSM for a web application that we host for them. This is something new for us, we've always installed our SSL certificates on our web servers and never needed a hardware device. We currently have 2 Cisco ASA 5510 firewalls in an active/standby configuration. Both ASAs have a ASA-SSM-10 security module installed in them. The web application is a standard HTTPS webpage with no authentication required. I was wondering if we could use our Cisco ASAs to meet this requirement or if we'll have to buy another device. I was doing some searching and read about Cisco's clientless webvpn feature. It sounds like it might work, but I'm not sure. We basically want the ASA to handle the SSL and proxy the connection to our web servers. We do not want to prompt for a username or password to connect or show any portals, just display the web page. If the ASA cannot do this, does any one have any recommendations for network attached hardware security modules? We are using VMware vCenter, so we'd rather have an external device attached to the network, rather than buying HSM cards for every ESXi host. Thanks, Derek

    Read the article

  • Cisco Prime NCS not starting

    - by Kwazii
    I have received the Cisco Prime OVA file and which we placed onto an Oracle virtual environment. We turn the VM on and the CLI boots, When we try to start the NCS service we get errors. HOSTNAME/USER# ncs start Starting Network Control System... Exception in thread "main" java.lang.NullPointerException at com.cisco.wnbu.udi.impl.UDIManager.isPhysicalAppliance(UDIManager.java:184) at com.cisco.packaging.WCSAdmin.start(WCSAdmin.java:335) at com.cisco.packaging.WCSAdmin.runMain(WCSAdmin.java:281) at com.cisco.packaging.WCSAdmin.main(WCSAdmin.java:901) Logs HOSTNAME/USER# show logging 07/18/13 10:25:38.878 INFO [system] [main] Setting management interface address to 192.168.0.10 07/18/13 10:25:38.884 INFO [system] [main] Setting peer server interface address to 192.168.0.10 07/18/13 10:25:38.884 INFO [system] [main] Setting client interface address to 192.168.0.10 07/18/13 10:25:38.884 INFO [system] [main] Setting local host name to HOSTNAME 07/18/13 10:25:40.341 ERROR [system] [main] THROW java.sql.SQLRecoverableException: IO Error: The Network Adapter could not establish the connection at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:419) at oracle.jdbc.driver.PhysicalConnection.<init>(PhysicalConnection.java:536) at oracle.jdbc.driver.T4CConnection.<init>(T4CConnection.java:228) at oracle.jdbc.driver.T4CDriverExtension.getConnection(T4CDriverExtension.java:32) at oracle.jdbc.driver.OracleDriver.connect(OracleDriver.java:521) at java.sql.DriverManager.getConnection(Unknown Source) at java.sql.DriverManager.getConnection(Unknown Source) at com.cisco.server.persistence.util.OracleSchemaUtil.openConnection(OracleSchemaUtil.java:277) at com.cisco.server.persistence.util.OracleSchemaUtil.dbServerUp(OracleSchemaUtil.java:836) at com.cisco.packaging.DBAdmin.dbServerUp(DBAdmin.java:1429) at com.cisco.packaging.WCSAdmin.status(WCSAdmin.java:833) at com.cisco.packaging.WCSAdmin.status(WCSAdmin.java:757) at com.cisco.packaging.WCSAdmin.wcsServerUp(WCSAdmin.java:637) at com.cisco.packaging.WCSAdmin.start(WCSAdmin.java:294) at com.cisco.packaging.WCSAdmin.runMain(WCSAdmin.java:281) at com.cisco.packaging.WCSAdmin.main(WCSAdmin.java:901) Caused by: oracle.net.ns.NetException: The Network Adapter could not establish the connection at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:375) at oracle.net.resolver.AddrResolution.resolveAndExecute(AddrResolution.java:422) at oracle.net.ns.NSProtocol.establishConnection(NSProtocol.java:678) at oracle.net.ns.NSProtocol.connect(NSProtocol.java:238) at oracle.jdbc.driver.T4CConnection.connect(T4CConnection.java:1054) at oracle.jdbc.driver.T4CConnection.logon(T4CConnection.java:308) ... 15 more Caused by: java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.PlainSocketImpl.doConnect(Unknown Source) at java.net.PlainSocketImpl.connectToAddress(Unknown Source) at java.net.PlainSocketImpl.connect(Unknown Source) at java.net.SocksSocketImpl.connect(Unknown Source) at java.net.Socket.connect(Unknown Source) at oracle.net.nt.TcpNTAdapter.connect(TcpNTAdapter.java:209) at oracle.net.nt.ConnOption.connect(ConnOption.java:123) at oracle.net.nt.ConnStrategy.execute(ConnStrategy.java:353) ... 20 more 07/18/13 10:25:40.347 INFO [admin] [main] 07/18/13 10:25:40.347 INFO [admin] [main] Starting Network Control System... 07/18/13 10:25:40.347 INFO [admin] [main] 07/18/13 10:25:40.394 ERROR [admin] [main] Problem using CARS API: com.cisco.cars.fnd.CARSException: CARS_FAILURE : -999 : Failed to get UDI configuration. : Failure occurred during request at com.cisco.cars.fnd.CARSException.analyzeReturnCode(CARSException.java:118) at com.cisco.cars.serviceEngine.impl.EngineAdminServiceImpl.getUDI(EngineAdminServiceImpl.java:66) at com.cisco.wnbu.udi.impl.UDIManager.generateUDI(UDIManager.java:69) at com.cisco.wnbu.udi.impl.UDIManager.setPersistenceDirectory(UDIManager.java:139) at com.cisco.packaging.WCSAdmin.start(WCSAdmin.java:332) at com.cisco.packaging.WCSAdmin.runMain(WCSAdmin.java:281) at com.cisco.packaging.WCSAdmin.main(WCSAdmin.java:901) 07/18/13 10:25:40.396 ERROR [admin] [main] Problem using CARS API: com.cisco.cars.fnd.CARSException: CARS_FAILURE : -999 : Failed to get UDI configuration. : Failure occurred during request at com.cisco.cars.fnd.CARSException.analyzeReturnCode(CARSException.java:118) at com.cisco.cars.serviceEngine.impl.EngineAdminServiceImpl.getUDI(EngineAdminServiceImpl.java:66) at com.cisco.wnbu.udi.impl.UDIManager.generateUDI(UDIManager.java:69) at com.cisco.wnbu.udi.impl.UDIManager.setVirtualPID(UDIManager.java:169) at com.cisco.packaging.WCSAdmin.start(WCSAdmin.java:333) at com.cisco.packaging.WCSAdmin.runMain(WCSAdmin.java:281) at com.cisco.packaging.WCSAdmin.main(WCSAdmin.java:901) 07/18/13 10:25:40.397 ERROR [admin] [main] Problem using CARS API: com.cisco.cars.fnd.CARSException: CARS_FAILURE : -999 : Failed to get UDI configuration. : Failure occurred during request at com.cisco.cars.fnd.CARSException.analyzeReturnCode(CARSException.java:118) at com.cisco.cars.serviceEngine.impl.EngineAdminServiceImpl.getUDI(EngineAdminServiceImpl.java:66) at com.cisco.wnbu.udi.impl.UDIManager.generateUDI(UDIManager.java:69) at com.cisco.wnbu.udi.impl.UDIManager.setPhysicalPID(UDIManager.java:154) at com.cisco.packaging.WCSAdmin.start(WCSAdmin.java:334) at com.cisco.packaging.WCSAdmin.runMain(WCSAdmin.java:281) at com.cisco.packaging.WCSAdmin.main(WCSAdmin.java:901) 07/18/13 10:25:40.397 ERROR [admin] [main] Problem using CARS API: com.cisco.cars.fnd.CARSException: CARS_FAILURE : -999 : Failed to get UDI configuration. : Failure occurred during request at com.cisco.cars.fnd.CARSException.analyzeReturnCode(CARSException.java:118) at com.cisco.cars.serviceEngine.impl.EngineAdminServiceImpl.getUDI(EngineAdminServiceImpl.java:66) at com.cisco.wnbu.udi.impl.UDIManager.generateUDI(UDIManager.java:69) at com.cisco.wnbu.udi.impl.UDIManager.getUDI(UDIManager.java:112) at com.cisco.wnbu.udi.impl.UDIManager.isPhysicalAppliance(UDIManager.java:184) at com.cisco.packaging.WCSAdmin.start(WCSAdmin.java:335) at com.cisco.packaging.WCSAdmin.runMain(WCSAdmin.java:281) at com.cisco.packaging.WCSAdmin.main(WCSAdmin.java:901) Any help is appreciated, Thanks

    Read the article

  • Cisco ASA not forwarding traffic from one interface to another

    - by Antoine Benkemoun
    Hello ServerFault, I am needing help in the configuration process of my Cisco ASA 5510. I have set up 4 Cisco ASA interconnected together via a big LAN. Each Cisco ASA has 3 or 4 LANs attached to them. The IP routing part is taken care of by OSPF. My problem is on another level. A computer connected to one of the LANs attached to an ASA has no problem communicating with the outside world. The outside world being anything "after" the ASA. My problem is that I am completely unable to have them communicate with another LAN connected to the same ASA. To rephrase this, I am unable to send traffic from one interface of a given ASA to another interface of the same ASA. My configuration is the following : ! hostname Fuji ! interface Ethernet0/0 speed 100 duplex full nameif outside security-level 0 ip address 10.0.0.2 255.255.255.0 no shutdown ! interface Ethernet0/1 speed 100 duplex full nameif cs4 no shutdown security-level 100 ip address 10.1.4.1 255.255.255.0 ! interface Ethernet0/2 speed 100 duplex full no shutdown ! interface Ethernet0/2.15 vlan 15 nameif cs5 security-level 100 ip address 10.1.5.1 255.255.255.0 ! interface Ethernet0/2.16 vlan 16 nameif cs6 security-level 100 ip address 10.1.6.1 255.255.255.0 ! interface Management0/0 speed 100 duplex full nameif management security-level 100 ip address 10.6.0.252 255.255.255.0 ! access-list nat_cs4 extended permit ip 10.1.4.0 255.255.255.0 any access-list acl_cs4 extended permit ip 10.1.4.0 255.255.255.0 any access-list nat_cs5 extended permit ip 10.1.5.0 255.255.255.0 any access-list acl_cs5 extended permit ip 10.1.5.0 255.255.255.0 any access-list nat_cs6 extended permit ip 10.1.6.0 255.255.255.0 any access-list acl_cs6 extended permit ip 10.1.6.0 255.255.255.0 any ! access-list nat_outside extended permit ip any any access-list acl_outside extended permit ip any 10.1.4.0 255.255.255.0 access-list acl_outside extended permit ip any 10.1.5.0 255.255.255.0 access-list acl_outside extended permit ip any 10.1.6.0 255.255.255.0 ! nat (outside) 0 access-list nat_outside nat (cs4) 0 access-list nat_cs4 nat (cs5) 0 access-list nat_cs5 nat (cs6) 0 access-list nat_cs6 ! static (outside,cs4) 0.0.0.0 0.0.0.0 netmask 0.0.0.0 static (outside,cs5) 0.0.0.0 0.0.0.0 netmask 0.0.0.0 static (outside,cs6) 0.0.0.0 0.0.0.0 netmask 0.0.0.0 ! static (cs4,outside) 10.1.4.0 10.1.4.0 netmask 255.255.255.0 static (cs4,cs5) 10.1.4.0 10.1.4.0 netmask 255.255.255.0 static (cs4,cs6) 10.1.4.0 10.1.4.0 netmask 255.255.255.0 ! static (cs5,outside) 10.1.5.0 10.1.5.0 netmask 255.255.255.0 static (cs5,cs4) 10.1.5.0 10.1.5.0 netmask 255.255.255.0 static (cs5,cs6) 10.1.5.0 10.1.5.0 netmask 255.255.255.0 ! static (cs6,outside) 10.1.6.0 10.1.6.0 netmask 255.255.255.0 static (cs6,cs4) 10.1.6.0 10.1.6.0 netmask 255.255.255.0 static (cs6,cs5) 10.1.6.0 10.1.6.0 netmask 255.255.255.0 ! access-group acl_outside in interface outside access-group acl_cs4 in interface cs4 access-group acl_cs5 in interface cs5 access-group acl_cs6 in interface cs6 ! router ospf 1 network 10.0.0.0 255.255.255.0 area 1 network 10.1.4.0 255.255.255.0 area 1 network 10.1.5.0 255.255.255.0 area 1 network 10.1.6.0 255.255.255.0 area 1 log-adj-changes ! There is nothing really complicated in this configuration. It just NATs from one interface to another and that's it. I have tried enabling same-security-traffic permit inter-interface but that doesn't help. I therefore must be missing something a little bit more complicated. Does anyone know why I cannot foward traffic from one interface to another ? Thank you in advance for your help, Antoine

    Read the article

  • Cisco ASA 5510 Time of Day Based Policing

    - by minamhere
    I have a Cisco ASA 5510 setup at a boarding school. I determined that many (most?) of the students were downloading files, watching movies, etc, during the day and this was causing the academic side of our network to suffer. The students should not even be in their rooms during the day, so I configured the ASA to police their network segment and limit their outbound bandwidth. This resolved all of our academic issues, and everyone was happy. Except the resident students. I have been asked to change/remove the policing policy at the end of the day, to allow the residents access to the unused bandwidth at night. There's no reason to let bandwidth sit unused at night just because it would be abused during the day. Is there a way to setup Time of Day based Policies on the ASA? Ideally I'd like to be able to open up the network at night and all day during weekends. If I can't set Time based policies, is is possible to schedule the ASA to load a set of commands at a specific time? I suppose I could just setup a scheduled task on one of our servers to log in and make the changes with a simple script, but this seems like a hack, and I'm hoping there is a better or more standard way to accomplish this. Thanks. Edit: If there is a totally different solution that would accomplish a similar goal, I'd be interested in that as well. Free/Cheap would be ideal, but if a separate internet connection is my only other option, it might be worth fighting for money for hardware or software to do this better or more efficiently.

    Read the article

  • Cisco Unifed Communication integration for Microsoft Lync crashes on Remote Desktop services 2008 R2!

    - by user66267
    Hi everybody i have deployed office communication server 2007 R2 and communicator 2007 R2 and i made integration with Cisco Unified Communication Manager 7.1 in my network, i also uses Remote Desktop Servers 2008 R2 for Thin Client Computers, now that i installed Cisco UC integration client for communicator 2007 R2 (Ver. 8.0.3) or Cisco UC integration client for Microsoft Lync that works fine on PCs but Not on Remote Desktop Servers. i have Three Remote Desktop Servers in a Farm with loadbalancing enabled. all other applications on these RDP servers works fine for 120 active users. some times when i start Cisco UC client on Remote Desktop servers i get the following error "The Port Reguired for callbacks from Cisco unified client framework could not be read, please retry" i also found the folowing log so i think that may be the cause: 2011-01-05 08:24:21,489 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.SingleInstanceManager] [SingleInstanceManager.acquireMutex(0)] - Acquiring Mutex... 2011-01-05 08:24:21,512 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.IPC.PipeServer] [PipeServer.start(0)] - Starting Pipe Server 2011-01-05 08:24:21,516 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.SingleInstanceManager] [SingleInstanceManager.acquireMutex(0)] - Mutex Acquired... 2011-01-05 08:24:25,437 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.process.ProcessUtil] [ProcessUtil.isOtherPRTProcessRunning(0)] - No other instance(s) of ProblemReportingTool.exe found 2011-01-05 08:24:25,438 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - ******************************* 2011-01-05 08:24:25,439 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - **Launching CUCSF Problem Reporting Tool v0.8.3.2** 2011-01-05 08:24:25,440 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - ******************************* 2011-01-05 08:24:25,441 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - Raw input: -reason=Launched by the user from CUCIMOC ver 8.5.105.17095 -file=C:\Users\MA899~1.SAD\AppData\Local\Temp\36\CUCIMOCInstaller.txt 2011-01-05 08:24:25,445 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - Current culture: English (United States) 2011-01-05 08:24:25,448 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.init(0)] - Loading string resources from file 2011-01-05 08:24:25,455 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.context.CLIUtil] [CLIUtil.parse(0)] - Argument -reason Launched by the user from CUCIMOC ver 8.5.105.17095 received 2011-01-05 08:24:25,456 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.context.CLIUtil] [CLIUtil.parse(0)] - Argument -file C:\Users\MA899~1.SAD\AppData\Local\Temp\36\CUCIMOCInstaller.txt received 2011-01-05 08:24:25,457 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.startup(0)] - Launching GUI... 2011-01-05 08:24:25,536 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PROG.PleaseWaitText from resource file 2011-01-05 08:24:25,545 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.OKButtonText from resource file 2011-01-05 08:24:25,548 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.CancelButtonText from resource file 2011-01-05 08:24:25,549 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.ErrorMsgText1 from resource file 2011-01-05 08:24:25,549 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.Title from resource file 2011-01-05 08:24:25,552 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.WindowTitle from resource file 2011-01-05 08:24:25,553 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.AgreeText from resource file 2011-01-05 08:24:25,553 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.PrivacyText from resource file 2011-01-05 08:24:25,554 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.PrivacyTitle from resource file 2011-01-05 08:24:25,555 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.PrivacyLinkText from resource file 2011-01-05 08:24:25,555 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.DescriptionTitle from resource file 2011-01-05 08:24:25,629 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager..ctor(0)] - Starting SysInfoManager... 2011-01-05 08:24:25,634 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: systeminfo.exe 2011-01-05 08:24:25,669 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: tasklist.exe 2011-01-05 08:24:25,672 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: ipconfig.exe 2011-01-05 08:24:25,676 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: netstat.exe 2011-01-05 08:24:25,684 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: net.exe 2011-01-05 08:24:25,926 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.launchHardwareInfoThread(0)] - Launching worker thread: HardwareInfo 2011-01-05 08:24:25,928 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getHardWareInfo(0)] - Gathering CPU data 2011-01-05 08:24:26,149 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.launchCSFDirectoryInfoThread(0)] - Gathering CSF Directory Listing 2011-01-05 08:24:26,153 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [CSFDirectoryInfo.getCSFInstallPath(0)] - Retrieving CSF Install Directory 2011-01-05 08:24:26,159 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [CSFDirectoryInfo.getCSFInstallPath(0)] - CSF Install Path: C:\Program Files (x86)\Common Files\Cisco Systems\Client Services Framework 2011-01-05 08:24:26,162 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.launchWMIInfoThread(0)] - Launching worker thread: WMIInfo 2011-01-05 08:24:26,164 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getWMIInfo(0)] - Gathering Audio info... 2011-01-05 08:24:26,168 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.launchRegistryAndEnvironmentalVarInfoThread(0)] - Launching worker thread: Registry & Environment Variables 2011-01-05 08:24:26,173 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\Cisco Systems, Inc.\Client Services Framework\AdminData\ 2011-01-05 08:24:26,180 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\Policies\Cisco Systems, Inc.\Client Services Framework\AdminData\ 2011-01-05 08:24:26,182 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\Cisco Systems, Inc.\Unified Communications\CUCSF 2011-01-05 08:24:26,183 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\JavaSoft\Java Runtime Environment 2011-01-05 08:24:26,184 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\JavaSoft\Java Runtime Environment\1.6 2011-01-05 08:24:26,186 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\JavaSoft\Java Runtime Environment\1.6.0_17 2011-01-05 08:24:26,188 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\JavaSoft\Java Runtime Environment\1.6.0_17\MSI 2011-01-05 08:24:26,190 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.gatherRegistryAndEnvInfo(0)] - Gathering Environment Variables data 2011-01-05 08:24:26,283 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getWMIInfo(0)] - Gathering Video driver info... 2011-01-05 08:24:26,750 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.writeFile(0)] - Creating file: DirectoryInfo.txt 2011-01-05 08:24:26,759 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getWMIInfo(0)] - Gathering Monitor info... 2011-01-05 08:24:34,483 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.gatherFiles(0)] - Config Dir C:\Users\m.sadeghi\AppData\Roaming\Cisco\Unified Communications\ 2011-01-05 08:24:34,530 [WARN ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.addFile(0)] - C:\Users\MA899~1.SAD\AppData\Local\Temp\36\CUCIMOCInstaller.txt not found 2011-01-05 08:24:34,561 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.addSystemInfo(0)] - Waiting for worker threads... 2011-01-05 08:24:38,180 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getHardWareInfo(0)] - Gathering Resolution data 2011-01-05 08:24:55,565 [ERROR] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.addSystemInfo(0)] - One or more worker threads have not returned in a timely manner. Forcing quit. 2011-01-05 08:24:55,568 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.writeFile(0)] - Creating file: SystemInfo.txt 2011-01-05 08:24:55,577 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Checking for files to be excluded 2011-01-05 08:24:55,578 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: d11bfd8f-9745-41db-a35b-200389e65583.dat 2011-01-05 08:24:55,579 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: cacerts 2011-01-05 08:24:55,580 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: Voicemail.2639.20110103081119+0330.wav 2011-01-05 08:24:55,581 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: Voicemail.farhad.20101224165510+0330.wav 2011-01-05 08:24:55,581 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: Voicemail.postmaster.20101224165906+0330.wav 2011-01-05 08:24:55,582 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: VoicemailBeep.wav 2011-01-05 08:24:55,583 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: secModeNone 2011-01-05 08:24:55,586 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Preparing to create zip file... 2011-01-05 08:24:55,588 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - 60 files found 2011-01-05 08:24:55,589 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying .CSFExit.loc to temp folder. 2011-01-05 08:24:55,595 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CSF.loc to temp folder. 2011-01-05 08:24:55,597 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CsfAddress.dat to temp folder. 2011-01-05 08:24:55,600 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CSFLogSetting.dat to temp folder. 2011-01-05 08:24:55,634 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CSFSecurityKey.dat to temp folder. 2011-01-05 08:24:55,637 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CommunicationHistory.xml to temp folder. 2011-01-05 08:24:55,641 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying MehdiSadeghi.cnf.xml to temp folder. 2011-01-05 08:24:55,751 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying jtapi.jar to temp folder. 2011-01-05 08:24:55,812 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi.index to temp folder. 2011-01-05 08:24:55,820 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi01.log to temp folder. 2011-01-05 08:24:55,887 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi02.log to temp folder. 2011-01-05 08:24:55,968 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi03.log to temp folder. 2011-01-05 08:24:55,972 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi04.log to temp folder. 2011-01-05 08:24:56,008 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi05.log to temp folder. 2011-01-05 08:24:56,038 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi06.log to temp folder. 2011-01-05 08:24:56,079 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi07.log to temp folder. 2011-01-05 08:24:56,100 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi08.log to temp folder. 2011-01-05 08:24:56,140 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi09.log to temp folder. 2011-01-05 08:24:56,215 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi10.log to temp folder. 2011-01-05 08:24:56,296 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log to temp folder. 2011-01-05 08:24:56,319 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.1 to temp folder. 2011-01-05 08:24:56,498 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.2 to temp folder. 2011-01-05 08:24:56,708 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.3 to temp folder. 2011-01-05 08:24:56,912 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.4 to temp folder. 2011-01-05 08:24:57,105 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.5 to temp folder. 2011-01-05 08:24:57,292 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.6 to temp folder. 2011-01-05 08:24:57,505 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying tracker.log to temp folder. 2011-01-05 08:24:57,523 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying VideoEngineEncryptedTrace.txt to temp folder. 2011-01-05 08:24:57,542 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying VoiceEngineDebugTrace.txt to temp folder. 2011-01-05 08:24:57,545 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying VoiceEngineTrace.txt to temp folder. 2011-01-05 08:24:57,548 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying operationreport.log to temp folder. 2011-01-05 08:24:57,551 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying voicemailbox.dat to temp folder. 2011-01-05 08:24:57,554 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying voicemailfolder.dat to temp folder. 2011-01-05 08:24:57,558 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying UIPrefs.xml to temp folder. 2011-01-05 08:24:57,562 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log to temp folder. 2011-01-05 08:24:57,569 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.1 to temp folder. 2011-01-05 08:24:57,752 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.10 to temp folder. 2011-01-05 08:24:58,099 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.2 to temp folder. 2011-01-05 08:24:58,302 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.3 to temp folder. 2011-01-05 08:24:58,517 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.4 to temp folder. 2011-01-05 08:24:58,697 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.5 to temp folder. 2011-01-05 08:24:58,899 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.6 to temp folder. 2011-01-05 08:24:59,100 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.7 to temp folder. 2011-01-05 08:24:59,303 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.8 to temp folder. 2011-01-05 08:24:59,500 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.9 to temp folder. 2011-01-05 08:24:59,895 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Cisco.ClickToCall.Common.Core.dll.config to temp folder. 2011-01-05 08:24:59,915 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying ClickToCall.pref to temp folder. 2011-01-05 08:24:59,918 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoClickToCall.dll.config to temp folder. 2011-01-05 08:24:59,928 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoClickToCallContacts.dll.config to temp folder. 2011-01-05 08:24:59,948 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoPersonName.dll.config to temp folder. 2011-01-05 08:24:59,980 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying userData.properties to temp folder. 2011-01-05 08:24:59,988 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying userData.properties.backup to temp folder. 2011-01-05 08:24:59,990 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying cisco-uc-client.log4net.config to temp folder. 2011-01-05 08:24:59,994 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying cisco-uc-tab.log4net.config to temp folder. 2011-01-05 08:25:00,011 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying LocalSettings.xml to temp folder. 2011-01-05 08:25:00,025 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Description.txt to temp folder. 2011-01-05 08:25:00,028 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying LaunchInfo.txt to temp folder. 2011-01-05 08:25:00,031 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying DirectoryInfo.txt to temp folder. 2011-01-05 08:25:00,034 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying SystemInfo.txt to temp folder. 2011-01-05 08:25:00,036 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying csf-prt.log to temp folder.

    Read the article

  • Cisco Unified Communication integration for Microsoft Lync crashes on Remote Desktop services 2008 R2!

    - by user66267
    Hi everybody i have deployed office communication server 2007 R2 and communicator 2007 R2 and i made integration with Cisco Unified Communication Manager 7.1 in my network, i also use Remote Desktop Servers 2008 R2 for Thin Client Computers, now that i installed Cisco UC integration client for communicator 2007 R2 (Ver. 8.0.3) or Cisco UC integration client for Microsoft Lync that works fine on PCs but Not on Remote Desktop Servers. i have Three Remote Desktop Servers in a Farm with loadbalancing enabled. all other applications on these RDP servers works fine for 120 active users. some times when i start Cisco UC client on Remote Desktop servers i get the following error: "The Port Reguired for callbacks from Cisco unified client framework could not be read, please retry" i also found the folowing log so i think that may be the cause: 2011-01-05 08:24:21,489 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.SingleInstanceManager] [SingleInstanceManager.acquireMutex(0)] - Acquiring Mutex... 2011-01-05 08:24:21,512 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.IPC.PipeServer] [PipeServer.start(0)] - Starting Pipe Server 2011-01-05 08:24:21,516 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.SingleInstanceManager] [SingleInstanceManager.acquireMutex(0)] - Mutex Acquired... 2011-01-05 08:24:25,437 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.process.ProcessUtil] [ProcessUtil.isOtherPRTProcessRunning(0)] - No other instance(s) of ProblemReportingTool.exe found 2011-01-05 08:24:25,438 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - ******************************* 2011-01-05 08:24:25,439 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - **Launching CUCSF Problem Reporting Tool v0.8.3.2** 2011-01-05 08:24:25,440 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - ******************************* 2011-01-05 08:24:25,441 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - Raw input: -reason=Launched by the user from CUCIMOC ver 8.5.105.17095 -file=C:\Users\MA899~1.SAD\AppData\Local\Temp\36\CUCIMOCInstaller.txt 2011-01-05 08:24:25,445 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.Main(0)] - Current culture: English (United States) 2011-01-05 08:24:25,448 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.init(0)] - Loading string resources from file 2011-01-05 08:24:25,455 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.context.CLIUtil] [CLIUtil.parse(0)] - Argument -reason Launched by the user from CUCIMOC ver 8.5.105.17095 received 2011-01-05 08:24:25,456 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.context.CLIUtil] [CLIUtil.parse(0)] - Argument -file C:\Users\MA899~1.SAD\AppData\Local\Temp\36\CUCIMOCInstaller.txt received 2011-01-05 08:24:25,457 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.controller.Controller] [Controller.startup(0)] - Launching GUI... 2011-01-05 08:24:25,536 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PROG.PleaseWaitText from resource file 2011-01-05 08:24:25,545 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.OKButtonText from resource file 2011-01-05 08:24:25,548 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.CancelButtonText from resource file 2011-01-05 08:24:25,549 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.ErrorMsgText1 from resource file 2011-01-05 08:24:25,549 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.Title from resource file 2011-01-05 08:24:25,552 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.WindowTitle from resource file 2011-01-05 08:24:25,553 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.AgreeText from resource file 2011-01-05 08:24:25,553 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.PrivacyText from resource file 2011-01-05 08:24:25,554 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.PrivacyTitle from resource file 2011-01-05 08:24:25,555 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.PrivacyLinkText from resource file 2011-01-05 08:24:25,555 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.controller.ResourceUtil] [ResourceUtil.getResourceFileString(0)] - Retrieving Key: com.cisco.uc.csf.prt.PF.DescriptionTitle from resource file 2011-01-05 08:24:25,629 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager..ctor(0)] - Starting SysInfoManager... 2011-01-05 08:24:25,634 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: systeminfo.exe 2011-01-05 08:24:25,669 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: tasklist.exe 2011-01-05 08:24:25,672 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: ipconfig.exe 2011-01-05 08:24:25,676 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: netstat.exe 2011-01-05 08:24:25,684 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.WindowsUtilsInfo] [WindowsUtilsInfo.startWindowsUtilsThreads(0)] - Launching worker thread: net.exe 2011-01-05 08:24:25,926 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.launchHardwareInfoThread(0)] - Launching worker thread: HardwareInfo 2011-01-05 08:24:25,928 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getHardWareInfo(0)] - Gathering CPU data 2011-01-05 08:24:26,149 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.launchCSFDirectoryInfoThread(0)] - Gathering CSF Directory Listing 2011-01-05 08:24:26,153 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [CSFDirectoryInfo.getCSFInstallPath(0)] - Retrieving CSF Install Directory 2011-01-05 08:24:26,159 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [CSFDirectoryInfo.getCSFInstallPath(0)] - CSF Install Path: C:\Program Files (x86)\Common Files\Cisco Systems\Client Services Framework 2011-01-05 08:24:26,162 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.launchWMIInfoThread(0)] - Launching worker thread: WMIInfo 2011-01-05 08:24:26,164 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getWMIInfo(0)] - Gathering Audio info... 2011-01-05 08:24:26,168 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.launchRegistryAndEnvironmentalVarInfoThread(0)] - Launching worker thread: Registry & Environment Variables 2011-01-05 08:24:26,173 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\Cisco Systems, Inc.\Client Services Framework\AdminData\ 2011-01-05 08:24:26,180 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\Policies\Cisco Systems, Inc.\Client Services Framework\AdminData\ 2011-01-05 08:24:26,182 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\Cisco Systems, Inc.\Unified Communications\CUCSF 2011-01-05 08:24:26,183 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\JavaSoft\Java Runtime Environment 2011-01-05 08:24:26,184 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\JavaSoft\Java Runtime Environment\1.6 2011-01-05 08:24:26,186 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\JavaSoft\Java Runtime Environment\1.6.0_17 2011-01-05 08:24:26,188 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.generateRegString(0)] - Gathering Registry data under: Software\JavaSoft\Java Runtime Environment\1.6.0_17\MSI 2011-01-05 08:24:26,190 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.RegistryEnvironmentInfo] [RegistryEnvironmentInfo.gatherRegistryAndEnvInfo(0)] - Gathering Environment Variables data 2011-01-05 08:24:26,283 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getWMIInfo(0)] - Gathering Video driver info... 2011-01-05 08:24:26,750 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.writeFile(0)] - Creating file: DirectoryInfo.txt 2011-01-05 08:24:26,759 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getWMIInfo(0)] - Gathering Monitor info... 2011-01-05 08:24:34,483 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.gatherFiles(0)] - Config Dir C:\Users\m.sadeghi\AppData\Roaming\Cisco\Unified Communications\ 2011-01-05 08:24:34,530 [WARN ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.addFile(0)] - C:\Users\MA899~1.SAD\AppData\Local\Temp\36\CUCIMOCInstaller.txt not found 2011-01-05 08:24:34,561 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.addSystemInfo(0)] - Waiting for worker threads... 2011-01-05 08:24:38,180 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.CSFDirectoryInfo] [HardwareInfo.getHardWareInfo(0)] - Gathering Resolution data 2011-01-05 08:24:55,565 [ERROR] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.addSystemInfo(0)] - One or more worker threads have not returned in a timely manner. Forcing quit. 2011-01-05 08:24:55,568 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.sysinfo.SysInfoManager] [SysInfoManager.writeFile(0)] - Creating file: SystemInfo.txt 2011-01-05 08:24:55,577 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Checking for files to be excluded 2011-01-05 08:24:55,578 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: d11bfd8f-9745-41db-a35b-200389e65583.dat 2011-01-05 08:24:55,579 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: cacerts 2011-01-05 08:24:55,580 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: Voicemail.2639.20110103081119+0330.wav 2011-01-05 08:24:55,581 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: Voicemail.farhad.20101224165510+0330.wav 2011-01-05 08:24:55,581 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: Voicemail.postmaster.20101224165906+0330.wav 2011-01-05 08:24:55,582 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: VoicemailBeep.wav 2011-01-05 08:24:55,583 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.FileUtil] [FileUtil.removePrivateFiles(0)] - Excluding: secModeNone 2011-01-05 08:24:55,586 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Preparing to create zip file... 2011-01-05 08:24:55,588 [INFO ] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - 60 files found 2011-01-05 08:24:55,589 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying .CSFExit.loc to temp folder. 2011-01-05 08:24:55,595 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CSF.loc to temp folder. 2011-01-05 08:24:55,597 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CsfAddress.dat to temp folder. 2011-01-05 08:24:55,600 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CSFLogSetting.dat to temp folder. 2011-01-05 08:24:55,634 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CSFSecurityKey.dat to temp folder. 2011-01-05 08:24:55,637 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CommunicationHistory.xml to temp folder. 2011-01-05 08:24:55,641 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying MehdiSadeghi.cnf.xml to temp folder. 2011-01-05 08:24:55,751 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying jtapi.jar to temp folder. 2011-01-05 08:24:55,812 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi.index to temp folder. 2011-01-05 08:24:55,820 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi01.log to temp folder. 2011-01-05 08:24:55,887 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi02.log to temp folder. 2011-01-05 08:24:55,968 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi03.log to temp folder. 2011-01-05 08:24:55,972 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi04.log to temp folder. 2011-01-05 08:24:56,008 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi05.log to temp folder. 2011-01-05 08:24:56,038 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi06.log to temp folder. 2011-01-05 08:24:56,079 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi07.log to temp folder. 2011-01-05 08:24:56,100 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi08.log to temp folder. 2011-01-05 08:24:56,140 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi09.log to temp folder. 2011-01-05 08:24:56,215 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoJtapi10.log to temp folder. 2011-01-05 08:24:56,296 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log to temp folder. 2011-01-05 08:24:56,319 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.1 to temp folder. 2011-01-05 08:24:56,498 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.2 to temp folder. 2011-01-05 08:24:56,708 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.3 to temp folder. 2011-01-05 08:24:56,912 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.4 to temp folder. 2011-01-05 08:24:57,105 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.5 to temp folder. 2011-01-05 08:24:57,292 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Core.log.6 to temp folder. 2011-01-05 08:24:57,505 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying tracker.log to temp folder. 2011-01-05 08:24:57,523 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying VideoEngineEncryptedTrace.txt to temp folder. 2011-01-05 08:24:57,542 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying VoiceEngineDebugTrace.txt to temp folder. 2011-01-05 08:24:57,545 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying VoiceEngineTrace.txt to temp folder. 2011-01-05 08:24:57,548 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying operationreport.log to temp folder. 2011-01-05 08:24:57,551 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying voicemailbox.dat to temp folder. 2011-01-05 08:24:57,554 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying voicemailfolder.dat to temp folder. 2011-01-05 08:24:57,558 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying UIPrefs.xml to temp folder. 2011-01-05 08:24:57,562 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log to temp folder. 2011-01-05 08:24:57,569 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.1 to temp folder. 2011-01-05 08:24:57,752 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.10 to temp folder. 2011-01-05 08:24:58,099 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.2 to temp folder. 2011-01-05 08:24:58,302 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.3 to temp folder. 2011-01-05 08:24:58,517 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.4 to temp folder. 2011-01-05 08:24:58,697 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.5 to temp folder. 2011-01-05 08:24:58,899 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.6 to temp folder. 2011-01-05 08:24:59,100 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.7 to temp folder. 2011-01-05 08:24:59,303 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.8 to temp folder. 2011-01-05 08:24:59,500 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying uc-client.log.9 to temp folder. 2011-01-05 08:24:59,895 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Cisco.ClickToCall.Common.Core.dll.config to temp folder. 2011-01-05 08:24:59,915 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying ClickToCall.pref to temp folder. 2011-01-05 08:24:59,918 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoClickToCall.dll.config to temp folder. 2011-01-05 08:24:59,928 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoClickToCallContacts.dll.config to temp folder. 2011-01-05 08:24:59,948 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying CiscoPersonName.dll.config to temp folder. 2011-01-05 08:24:59,980 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying userData.properties to temp folder. 2011-01-05 08:24:59,988 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying userData.properties.backup to temp folder. 2011-01-05 08:24:59,990 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying cisco-uc-client.log4net.config to temp folder. 2011-01-05 08:24:59,994 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying cisco-uc-tab.log4net.config to temp folder. 2011-01-05 08:25:00,011 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying LocalSettings.xml to temp folder. 2011-01-05 08:25:00,025 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying Description.txt to temp folder. 2011-01-05 08:25:00,028 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying LaunchInfo.txt to temp folder. 2011-01-05 08:25:00,031 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying DirectoryInfo.txt to temp folder. 2011-01-05 08:25:00,034 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying SystemInfo.txt to temp folder. 2011-01-05 08:25:00,036 [DEBUG] [com.cisco.uc.ucsf.ProblemReportingTool.file.Zip] [Zip.zipMultipleFiles(0)] - Copying csf-prt.log to temp folder.

    Read the article

  • Cisco ASA 5505 site to site IPSEC VPN won't route from multiple LANs

    - by franklundy
    Hi I've set up a standard site to site VPN between 2 ASA 5505s (using the wizard in ASDM) and have the VPN working fine for traffic between Site A and Site B on the directly connected LANs. But this VPN is actually to be used for data originating on LAN subnets that are one hop away from the directly connected LANs. So actually there is another router connected to each ASA (LAN side) that then route to two completely different LAN ranges, where the clients and servers reside. At the moment, any traffic that gets to the ASA that has not originated from the directly connected LAN gets sent straight to the default gateway, and not through the VPN. I've tried adding the additional subnets to the "Protected Networks" on the VPN, but that has no effect. I have also tried adding a static route to each ASA trying to point the traffic to the other side, but again this hasn't worked. Here is the config for one of the sites. This works for traffic to/from the 192.168.144.x subnets perfectly. What I need is to be able to route traffic from 10.1.0.0/24 to 10.2.0.0/24 for example. ASA Version 8.0(3) ! hostname Site1 enable password ** encrypted names name 192.168.144.4 Site2 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.144.2 255.255.255.252 ! interface Vlan2 nameif outside security-level 0 ip address 10.78.254.70 255.255.255.252 (this is a private WAN circuit) ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! passwd ** encrypted ftp mode passive access-list inside_access_in extended permit ip any any access-list outside_access_in extended permit icmp any any echo-reply access-list outside_1_cryptomap extended permit ip 192.168.144.0 255.255.255.252 Site2 255.255.255.252 access-list inside_nat0_outbound extended permit ip 192.168.144.0 255.255.255.252 Site2 255.255.255.252 pager lines 24 logging enable logging asdm informational mtu inside 1500 mtu outside 1500 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-603.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 access-group inside_access_in in interface inside access-group outside_access_in in interface outside route outside 0.0.0.0 0.0.0.0 10.78.254.69 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout uauth 0:05:00 absolute dynamic-access-policy-record DfltAccessPolicy aaa authentication ssh console LOCAL http server enable http 0.0.0.0 0.0.0.0 outside http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto map outside_map 1 match address outside_1_cryptomap crypto map outside_map 1 set pfs crypto map outside_map 1 set peer 10.78.254.66 crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 no crypto isakmp nat-traversal telnet timeout 5 ssh 0.0.0.0 0.0.0.0 outside ssh timeout 5 console timeout 0 management-access inside threat-detection basic-threat threat-detection statistics port threat-detection statistics protocol threat-detection statistics access-list group-policy DfltGrpPolicy attributes vpn-idle-timeout none username enadmin password * encrypted privilege 15 tunnel-group 10.78.254.66 type ipsec-l2l tunnel-group 10.78.254.66 ipsec-attributes pre-shared-key * ! ! prompt hostname context

    Read the article

  • Cisco ASA - VPN and Hairpinning....

    - by Nordberg
    Hi, We have 2 sites that will be linked by a IPSEC VPN between 2 Cisco ASAs: Site 1 8Mb ADSL Connection Cisco ASA 505 Site 2 2Mb SDSL Connection Cisco ASA 505 Basically, both sites need access to a service at the end of another IPSEC VPN, Site 3, which I plan to terminate at Site 2. This is due to the way the service is sold - it's billed per gateway. So if both Site 1 and Site 2 had their own VPN connection to Site 3, it would cost us twice as much... Anyway, my idea is to have all traffic from Site 1 destined for Site 3 to go via the VPN between Site 1 and Site 2. The end result being all traffic that hits Site 3 has come via Site 2. I understand this is known as hairpinning but I'm struggling to find a great deal of information on how this is setup. So, firstly, can anyone confirm that what I'm trying to achieve is possible and, secondly, can anyone point me in the direction of an example of such a configuration? Many Thanks.

    Read the article

  • Cisco VPN Client Behind ASA 5505

    - by fdf33
    I'm trying to get connected to another ASA via Cisco VPN Client. I am behind an ASA 5505 myself and I am tryihng to VPN to a 5510. I get the message: Secure VPN Connection terminated locally by the Client. Reason 412: The remote peer is no longer responding. I can connect to the other ASA if I use a normal cheap Linksys. Here's the version of my ASA: Result of the command: "sh ver" Cisco Adaptive Security Appliance Software Version 8.4(1) Any help would be great. Thanks running-config : Saved : Written by enable_15 at 23:12:32.378 UTC Fri Jul 1 2011 ! ASA Version 8.4(1) ! hostname aaaasa domain-name aaa.local enable password xxxxxxxxxxxxxxx encrypted passwd xxxxxxxxxxxxxxxxxxxx encrypted names ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.254 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address xxx.xxx.xxx.xxx 255.255.254.0 ! interface Vlan5 no nameif security-level 50 ip address 172.16.0.254 255.255.255.0 ! interface Vlan500 no nameif security-level 100 ip address 10.10.10.1 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! boot system disk0:/asa841-k8.bin ftp mode passive dns domain-lookup inside dns domain-lookup outside dns server-group DefaultDNS name-server 4.2.2.2 domain-name aaa.local same-security-traffic permit inter-interface same-security-traffic permit intra-interface object network obj_any subnet 0.0.0.0 0.0.0.0 object network A_93.97.168.1 host 93.97.168.1 object network rdp host 192.168.1.2 object network NETWORK_OBJ_192.168.1.0_24 subnet 192.168.1.0 255.255.255.0 access-list 101 extended permit tcp any host 192.168.1.2 eq 3389 access-list 101 extended permit icmp any any echo-reply access-list 101 extended permit icmp any any source-quench access-list 101 extended permit icmp any any time-exceeded access-list 101 extended permit icmp any any unreachable access-list 102 extended permit ip any any pager lines 24 logging enable logging asdm informational mtu inside 1500 mtu outside 1492 ip local pool VPNPool 192.168.2.200-192.168.2.210 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-641.bin no asdm history enable arp timeout 14400 ! object network rdp nat (inside,outside) static interface service tcp 3389 3389 ! nat (inside,outside) after-auto source dynamic any interface access-group 101 in interface outside access-group 102 out interface outside ! router ospf 1 network 192.168.1.0 255.255.255.0 area 0 log-adj-changes ! route outside 0.0.0.0 0.0.0.0 93.97.168.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy http server enable http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=ciscoasa proxy-ldc-issuer crl configure crypto ca certificate chain ASDM_TrustPoint0 certificate 8877d64d 30820248 308201b1 a0030201 02020488 77d64d30 0d06092a 864886f7 0d010105 05003036 3111300f 06035504 03130863 6973636f 61736131 21301f06 092a8648 86f70d01 09021612 63697363 6f617361 2e6e6a64 2e6c6f63 616c301e 170d3131 30353231 30383533 34325a17 0d323130 35313830 38353334 325a3036 3111300f 06035504 03130863 6973636f 61736131 21301f06 092a8648 86f70d01 09021612 63697363 6f617361 2e6e6a64 2e6c6f63 616c3081 9f300d06 092a8648 86f70d01 01010500 03818d00 30818902 818100ea 1aa95141 480e616c efee6816 a96d6511 313b6776 cd3dd57b cd84b4d2 5e108aee 7c980086 4d92e2eb b6c7bf66 4585af0a ccbf153a db9270be c6f5c67b db9dd8d1 2f78d033 3348b056 df4be0da 70e08953 53adf294 9db6c020 597d250f bf448b43 b90179c8 ff0b15d8 744632d9 31c1945f 0b11e258 b4c1d224 692efff4 7b2f5102 03010001 a3633061 300f0603 551d1301 01ff0405 30030101 ff300e06 03551d0f 0101ff04 04030201 86301f06 03551d23 04183016 8014493c 19db183a ab1af9e9 b1e44ad4 2a408b3c 89d1301d 0603551d 0e041604 14493c19 db183aab 1af9e9b1 e44ad42a 408b3c89 d1300d06 092a8648 86f70d01 01050500 03818100 1dd1760a fdd15941 4803fb9a cd6f44a7 2e275854 a1c0fbe1 d19f2cc9 182d43ef a547f854 8df96d15 3ea79c62 cf3fcb1c 5820360b c607dbfc 4de8bb16 19f727e9 b928a085 665816d8 138e4a35 ed610950 7910dd4a 0b1a9dd9 0e26f1c8 b78bc0cc cbf19eb2 4c4c3931 45199ea5 249e3266 661e44fd 7a00d376 dcfc6e4e d43f10b8 quit crypto isakmp nat-traversal 30 crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 enable outside client-services port 443 crypto ikev2 remote-access trustpoint ASDM_TrustPoint0 telnet timeout 5 ssh 192.168.1.0 255.255.255.0 inside ssh timeout 5 console timeout 0 dhcpd auto_config outside ! dhcpd address 192.168.1.5-192.168.1.36 inside dhcpd dns 4.2.2.2 interface inside dhcpd enable inside ! threat-detection basic-threat threat-detection statistics host number-of-rate 3 threat-detection statistics port threat-detection statistics protocol threat-detection statistics access-list threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200 ntp server 82.219.4.31 source outside prefer ssl trust-point ASDM_TrustPoint0 outside webvpn enable outside anyconnect image disk0:/anyconnect-win-2.4.1012-k9.pkg 1 anyconnect profiles AnyConnectVPN_client_profile disk0:/AnyConnectVPN_client_profile.xml anyconnect profiles SSLAnyConnectVPN_client_profile disk0:/SSLAnyConnectVPN_client_profile.xml anyconnect enable tunnel-group-list enable group-policy GroupPolicy_AnyConnectVPN internal group-policy GroupPolicy_AnyConnectVPN attributes wins-server none dns-server value 4.2.2.2 vpn-tunnel-protocol ikev2 ssl-client ssl-clientless default-domain value aaa.local webvpn url-list none anyconnect profiles value AnyConnectVPN_client_profile type user group-policy GroupPolicy_SSLAnyConnectVPN internal group-policy GroupPolicy_SSLAnyConnectVPN attributes wins-server none dns-server value 4.2.2.2 vpn-tunnel-protocol ikev2 ssl-client default-domain value aaa.local webvpn anyconnect profiles value SSLAnyConnectVPN_client_profile type user username testuser password xxxxxxxxxxxxxxxxx encrypted privilege 0 username testuser attributes vpn-group-policy GroupPolicy_AnyConnectVPN tunnel-group SSLPOL type remote-access tunnel-group SSLPOL general-attributes default-group-policy GroupPolicy_AnyConnectVPN tunnel-group SSLAnyConnectVPN type remote-access tunnel-group SSLAnyConnectVPN general-attributes address-pool VPNPool default-group-policy GroupPolicy_SSLAnyConnectVPN tunnel-group SSLAnyConnectVPN webvpn-attributes group-alias SSLAnyConnectVPN enable ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect esmtp inspect ftp inspect h323 h225 inspect h323 ras inspect ip-options inspect netbios inspect rsh inspect rtsp inspect sip inspect skinny inspect sqlnet inspect sunrpc inspect tftp inspect xdmcp ! service-policy global_policy global prompt hostname context call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email [email protected] destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily Cryptochecksum:94a65341aa27d3929d5e92a32ba22120 : end

    Read the article

  • Creating static NAT blocks outbound traffic Cisco ASA

    - by natediggs
    Hi Everyone, I have two web servers sitting behind a Cisco ASA 5505, which I don't have much experience with. I'm trying to create two static NATs. One static NAT that goes to xx.xx.xx.150 and another that goes to xx.xx.xx.151. I've created the static NAT for the .150 web server and it works FINE. Incoming and outgoing traffic work great. This is the staging web server. I now need to duplicate the setup for the production web server. So, I connect the webserver to the firewall, change the public IP address on one of the NICs reboot the server and I have outbound internet access. Then I run the command: static (inside,outside) xx.xx.xx.150 192.168.1.x which is successful. I then run the command: access-list acl-outside permit tcp any host xx.xx.xx.150 eq 80 Which is successful. I then try to browse the internet and I get nothing. I try to telnet in through port 80 and I get nothing (though I'm guessing because the response to the telnet request is being blocked). I've tried this with the production web server and then I tried it with another web server that is for internal testing and have the exact same problem. Both work fine until I run the static NAT rule and then no outbound internet access. I have a feeling that it's something simple that I'm missing, but my limited experience with this device is killing me. Below I've pasted the current configuration. I'm currently trying to get this to work on the .153 server which is the internal testing server. Once I can verify that works, I'll try it with production. : Saved : ASA Version 8.2(4) ! hostname QG domain-name XX.com enable password passwd names ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address XX.XX.XX.148 255.255.255.0 ! interface Vlan3 shutdown no forward interface Vlan1 nameif dmz security-level 50 ip address dhcp ! boot system disk0:/asa824.bin ftp mode passive clock timezone EST -5 clock summer-time EDT recurring dns server-group DefaultDNS domain-name fw.XXgroup.com same-security-traffic permit inter-interface access-list acl-outside extended permit tcp any host XX.XX.XX.150 eq www access-list acl-outside extended permit tcp any host XX.XX.XX.150 eq https access-list acl-outside extended permit tcp any host XX.XX.XX.151 eq www access-list acl-outside extended permit tcp any host XX.XX.XX.151 eq https access-list acl-outside extended permit tcp any host XX.XX.XX.153 eq www access-list inside_access_in extended permit ip 192.168.1.0 255.255.255.0 any access-list inside_nat0_outbound extended permit ip any 192.168.1.32 255.255.255.240 pager lines 24 logging enable logging asdm informational mtu inside 1500 mtu outside 1500 mtu dmz 1500 ip local pool VPNIPs 192.168.1.35-192.168.1.44 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-635.bin no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 static (inside,outside) XX.XX.XX150 192.168.1.100 netmask 255.255.255.255 static (inside,outside) XX.XX.XX153 192.168.1.102 netmask 255.255.255.255 access-group acl-outside in interface outside route outside 0.0.0.0 0.0.0.0 XX.XX.XX129 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy aaa authorization command LOCAL http server enable http 192.168.1.0 255.255.255.0 inside http 0.0.0.0 0.0.0.0 outside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map outside_dyn_map 20 set pfs group1 crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication crack encryption 3des hash sha group 2 lifetime 86400 no crypto isakmp nat-traversal client-update enable telnet timeout 5 ssh timeout 5 console timeout 0 dhcpd auto_config outside ! dhcpd address 192.168.1.2-192.168.1.33 inside dhcpd dns 208.77.88.4 interface inside dhcpd enable inside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn enable outside svc image disk0:/sslclient-win-1.1.0.154.pkg 1 svc image disk0:/anyconnect-win-2.5.2019-k9.pkg 2 svc enable group-policy ATSAdmin internal group-policy ATSAdmin attributes dns-server value 208.77.88.4 208.85.174.9 vpn-tunnel-protocol IPSec svc webvpn webvpn url-list none svc keep-installer installed svc rekey method ssl svc ask enable username qgadmin password /oHfeGQ/R.bd3KPR encrypted privilege 15 username benl password 0HNIGQNI0uruJvhW encrypted privilege 0 username benl attributes vpn-group-policy ATSAdmin username kuzma password rH7MM7laoynyvf9U encrypted privilege 0 username kuzma attributes vpn-group-policy ATSAdmin username nate password BXHOURyT37e4O5mt encrypted privilege 0 username nate attributes vpn-group-policy ATSAdmin tunnel-group ATSAdmin type remote-access tunnel-group ATSAdmin general-attributes address-pool VPNIPs default-group-policy ATSAdmin tunnel-group SSLVPN type remote-access tunnel-group SSLVPN general-attributes address-pool VPNIPs default-group-policy ATSAdmin ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global privilege cmd level 3 mode exec command perfmon privilege cmd level 3 mode exec command ping privilege cmd level 3 mode exec command who privilege cmd level 3 mode exec command logging privilege cmd level 3 mode exec command failover privilege show level 5 mode exec command running-config privilege show level 3 mode exec command reload privilege show level 3 mode exec command mode privilege show level 3 mode exec command firewall privilege show level 3 mode exec command interface privilege show level 3 mode exec command clock privilege show level 3 mode exec command dns-hosts privilege show level 3 mode exec command access-list privilege show level 3 mode exec command logging privilege show level 3 mode exec command ip privilege show level 3 mode exec command failover privilege show level 3 mode exec command asdm privilege show level 3 mode exec command arp privilege show level 3 mode exec command route privilege show level 3 mode exec command ospf privilege show level 3 mode exec command aaa-server privilege show level 3 mode exec command aaa privilege show level 3 mode exec command crypto privilege show level 3 mode exec command vpn-sessiondb privilege show level 3 mode exec command ssh privilege show level 3 mode exec command dhcpd privilege show level 3 mode exec command vpn privilege show level 3 mode exec command blocks privilege show level 3 mode exec command uauth privilege show level 3 mode configure command interface privilege show level 3 mode configure command clock privilege show level 3 mode configure command access-list privilege show level 3 mode configure command logging privilege show level 3 mode configure command ip privilege show level 3 mode configure command failover privilege show level 5 mode configure command asdm privilege show level 3 mode configure command arp privilege show level 3 mode configure command route privilege show level 3 mode configure command aaa-server privilege show level 3 mode configure command aaa privilege show level 3 mode configure command crypto privilege show level 3 mode configure command ssh privilege show level 3 mode configure command dhcpd privilege show level 5 mode configure command privilege privilege clear level 3 mode exec command dns-hosts privilege clear level 3 mode exec command logging privilege clear level 3 mode exec command arp privilege clear level 3 mode exec command aaa-server privilege clear level 3 mode exec command crypto privilege cmd level 3 mode configure command failover privilege clear level 3 mode configure command logging privilege clear level 3 mode configure command arp privilege clear level 3 mode configure command crypto privilege clear level 3 mode configure command aaa-server prompt hostname context call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email [email protected] destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily Cryptochecksum:0ed0580e151af288d865f4f3603d792a : end asdm image disk0:/asdm-635.bin no asdm history enable

    Read the article

  • Cisco ASA Site-to-Site VPN Dropping

    - by ScottAdair
    I have three sites, Toronto (1.1.1.1), Mississauga (2.2.2.2) and San Francisco (3.3.3.3). All three sites have ASA 5520. All the sites are connected together with two site-to-site VPN links between each other location. My issue is that the tunnel between Toronto and San Francisco is very unstable, dropping every 40 min to 60 mins. The tunnel between Toronto and Mississauga (which is configured in the same manner) is fine with no drops. I also noticed that my pings with drop but the ASA thinks that the tunnel is still up and running. Here is the configuration of the tunnel. Toronto (1.1.1.1) crypto map Outside_map 1 match address Outside_cryptomap crypto map Outside_map 1 set peer 3.3.3.3 crypto map Outside_map 1 set ikev1 transform-set ESP-AES-256-MD5 ESP-AES-256-SHA crypto map Outside_map 1 set ikev2 ipsec-proposal AES256 group-policy GroupPolicy_3.3.3.3 internal group-policy GroupPolicy_3.3.3.3 attributes vpn-idle-timeout none vpn-tunnel-protocol ikev1 ikev2 tunnel-group 3.3.3.3 type ipsec-l2l tunnel-group 3.3.3.3 general-attributes default-group-policy GroupPolicy_3.3.3.3 tunnel-group 3.3.3.3 ipsec-attributes ikev1 pre-shared-key ***** isakmp keepalive disable ikev2 remote-authentication pre-shared-key ***** ikev2 local-authentication pre-shared-key ***** San Francisco (3.3.3.3) crypto map Outside_map0 2 match address Outside_cryptomap_1 crypto map Outside_map0 2 set peer 1.1.1.1 crypto map Outside_map0 2 set ikev1 transform-set ESP-AES-256-MD5 ESP-AES-256-SHA crypto map Outside_map0 2 set ikev2 ipsec-proposal AES256 group-policy GroupPolicy_1.1.1.1 internal group-policy GroupPolicy_1.1.1.1 attributes vpn-idle-timeout none vpn-tunnel-protocol ikev1 ikev2 tunnel-group 1.1.1.1 type ipsec-l2l tunnel-group 1.1.1.1 general-attributes default-group-policy GroupPolicy_1.1.1.1 tunnel-group 1.1.1.1 ipsec-attributes ikev1 pre-shared-key ***** isakmp keepalive disable ikev2 remote-authentication pre-shared-key ***** ikev2 local-authentication pre-shared-key ***** I'm at a loss. Any ideas?

    Read the article

  • Cisco ASA: Allowing and Denying VPN Access based on membership to an AD group

    - by milkandtang
    I have a Cisco ASA 5505 connecting to an Active Directory server for VPN authentication. Usually we'd restrict this to a particular OU, but in this case users which need access are spread across multiple OUs. So, I'd like to use a group to specify which users have remote access. I've created the group and added the users, but I'm having trouble figuring out how to deny users which aren't in that group. Right now, if someone connects they get assigned the correct group policy "companynamera" if they are in that group, so the LDAP mapping is working. However, users who are not in that group still authenticate fine, and their group policy becomes the LDAP path of their first group, i.e. CN=Domain Users,CN=Users,DC=example,DC=com, and then are still allowed access. How do I add a filter so that I can map everything that isn't "companynamera" to no access? Config I'm using (with some stuff such as ACLs and mappings removed, since they are just noise here): gateway# show run : Saved : ASA Version 8.2(1) ! hostname gateway domain-name corp.company-name.com enable password gDZcqZ.aUC9ML0jK encrypted passwd gDZcqZ.aUC9ML0jK encrypted names name 192.168.0.2 dc5 description FTP Server name 192.168.0.5 dc2 description Everything server name 192.168.0.6 dc4 description File Server name 192.168.0.7 ts1 description Light Use Terminal Server name 192.168.0.8 ts2 description Heavy Use Terminal Server name 4.4.4.82 primary-frontier name 5.5.5.26 primary-eschelon name 172.21.18.5 dmz1 description Kerio Mail Server and FTP Server name 4.4.4.84 ts-frontier name 4.4.4.85 vpn-frontier name 5.5.5.28 ts-eschelon name 5.5.5.29 vpn-eschelon name 5.5.5.27 email-eschelon name 4.4.4.83 guest-frontier name 4.4.4.86 email-frontier dns-guard ! interface Vlan1 nameif inside security-level 100 ip address 192.168.0.254 255.255.255.0 ! interface Vlan2 description Frontier FiOS nameif outside security-level 0 ip address primary-frontier 255.255.255.0 ! interface Vlan3 description Eschelon T1 nameif backup security-level 0 ip address primary-eschelon 255.255.255.248 ! interface Vlan4 nameif dmz security-level 50 ip address 172.21.18.254 255.255.255.0 ! interface Vlan5 nameif guest security-level 25 ip address 172.21.19.254 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 switchport access vlan 3 ! interface Ethernet0/2 switchport access vlan 4 ! interface Ethernet0/3 switchport access vlan 5 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! ftp mode passive clock timezone PST -8 clock summer-time PDT recurring dns domain-lookup inside dns server-group DefaultDNS name-server dc2 domain-name corp.company-name.com same-security-traffic permit intra-interface access-list companyname_splitTunnelAcl standard permit 192.168.0.0 255.255.255.0 access-list companyname_splitTunnelAcl standard permit 172.21.18.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.20.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip any 172.21.18.0 255.255.255.0 access-list bypassingnat_dmz extended permit ip 172.21.18.0 255.255.255.0 192.168.0.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 12288 logging buffered warnings logging asdm notifications mtu inside 1500 mtu outside 1500 mtu backup 1500 mtu dmz 1500 mtu guest 1500 ip local pool VPNpool 172.21.20.50-172.21.20.59 mask 255.255.255.0 no failover icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 global (outside) 1 interface global (outside) 2 email-frontier global (outside) 3 guest-frontier global (backup) 1 interface global (dmz) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 2 dc5 255.255.255.255 nat (inside) 1 192.168.0.0 255.255.255.0 nat (dmz) 0 access-list bypassingnat_dmz nat (dmz) 2 dmz1 255.255.255.255 nat (dmz) 1 172.21.18.0 255.255.255.0 access-group outside_access_in in interface outside access-group dmz_access_in in interface dmz route outside 0.0.0.0 0.0.0.0 4.4.4.1 1 track 1 route backup 0.0.0.0 0.0.0.0 5.5.5.25 254 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 ldap attribute-map RemoteAccessMap map-name memberOf IETF-Radius-Class map-value memberOf CN=RemoteAccess,CN=Users,DC=corp,DC=company-name,DC=com companynamera dynamic-access-policy-record DfltAccessPolicy aaa-server ActiveDirectory protocol ldap aaa-server ActiveDirectory (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft aaa-server ADRemoteAccess protocol ldap aaa-server ADRemoteAccess (inside) host dc2 ldap-base-dn dc=corp,dc=company-name,dc=com ldap-scope subtree ldap-login-password * ldap-login-dn cn=administrator,ou=Admins,dc=corp,dc=company-name,dc=com server-type microsoft ldap-attribute-map RemoteAccessMap aaa authentication enable console LOCAL aaa authentication ssh console LOCAL http server enable http 192.168.0.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart sla monitor 123 type echo protocol ipIcmpEcho 4.4.4.1 interface outside num-packets 3 frequency 10 sla monitor schedule 123 life forever start-time now crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto dynamic-map outside_dyn_map 20 set pfs crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 ! track 1 rtr 123 reachability telnet timeout 5 ssh 192.168.0.0 255.255.255.0 inside ssh timeout 5 ssh version 2 console timeout 0 management-access inside dhcpd auto_config outside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept webvpn group-policy companynamera internal group-policy companynamera attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com group-policy companyname internal group-policy companyname attributes wins-server value 192.168.0.5 dns-server value 192.168.0.5 vpn-tunnel-protocol IPSec password-storage enable split-tunnel-policy tunnelspecified split-tunnel-network-list value companyname_splitTunnelAcl default-domain value corp.company-name.com split-dns value corp.company-name.com username admin password IhpSqtN210ZsNaH. encrypted privilege 15 tunnel-group companyname type remote-access tunnel-group companyname general-attributes address-pool VPNpool authentication-server-group ActiveDirectory LOCAL default-group-policy companyname tunnel-group companyname ipsec-attributes pre-shared-key * tunnel-group companynamera type remote-access tunnel-group companynamera general-attributes address-pool VPNpool authentication-server-group ADRemoteAccess LOCAL default-group-policy companynamera tunnel-group companynamera ipsec-attributes pre-shared-key * ! class-map type inspect ftp match-all ftp-inspection-map class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect ftp ftp-inspection-map parameters class ftp-inspection-map policy-map type inspect dns migrated_dns_map_1 parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns migrated_dns_map_1 inspect ftp inspect h323 h225 inspect h323 ras inspect http inspect ils inspect netbios inspect rsh inspect rtsp inspect skinny inspect sqlnet inspect sunrpc inspect tftp inspect sip inspect xdmcp inspect icmp inspect icmp error inspect esmtp inspect pptp ! service-policy global_policy global prompt hostname context Cryptochecksum:487525494a81c8176046fec475d17efe : end gateway# Thanks so much!

    Read the article

  • VPN - Cisco 2800 Series Router and Cisco ASA

    - by NickToyota
    What I currently have: Windows 2003/2008 servers supporting a 150 user environment. Linksys RV082 Router (HQ) and RV042 (satellite) routers Site to Site VPN Tunneling to 5 satellite (< 10 user) offices What I need: End-user VPN allowing myself and users to connect remotely to my network I need to replace our current routers and have been recommended the 2811 Router. Can this router alone be enough to get what I need (VPN tunnelling for users and site to site VPN) or will I require purchasing an additional ASA appliance?

    Read the article

  • Configure Cisco Pix 515 with DMZ and no NAT

    - by Rickard
    I hope that someone could shed some light over my situation, as I am fairly new to PIX configurations. I will be getting a new net for my department, which I am going to configure. At my hands, I have a Cisco PIX 515 (not E), a Cisco 2948 switch (and if needed, I can bring up a 2621XM router, but this is my private and not owned by my dept.). The network I will be getting is the following: 10.12.33.0/26 Link net between the ISP routers and my network will be 10.12.32.0/29 where GW is .1 and HSRP roututers are .2 and .3 The ISP has asked me not to NAT the addresses on my side, as they will set it up to give 10.12.33.2 as a one-to-one nat to a public IP. The rest of the IP's will be a many-to-one NAT to another public IP. 10.12.33.2 is supposed to be my server placed on the DMZ, the rest of the IP's will be used for my clients and the AD server (which is currently also acting as a DHCP server in the old network config with another ISP). Now, the question is, how would I best configure this? I mean, am I thinking wrong here, I am expected to put the PIX first from the ISP outlet, then to the switch which will connect my clients. But with the ISP routers being on a different network, how will the firewall forward the packets to the other network, it's a firewall, not a router. I have actually never configured a pix before, and fortunately, this is more like a lab network, not a production network, so if something goes wrong it's not the end of the world, if though annoying. I am not asking for a full configuration from anyone, just some directions, or possibly some links which will give me some hints. Thank you very much!

    Read the article

  • Cant route VLAN over VPN between Cisco ASA 5505 and Cisco 870

    - by user60984
    We've had an existing VPN between a 5505 and 870 for some time. We've just added VLANs to the network on the 5505 side. We can't seem to figure out how to get devices on the VLANs to communicate with devices on the 870 network which have no VLANs. We're thinking we might have to use a router of sorts to handle the routing before hitting the ASA. We thought PFsense might work well. We've been banging our heads against this thing for 2 days so any immediate help would be great. We're up against a deadline. Thanks!!!

    Read the article

  • Cisco ASA intermittently fails to see traffic

    - by DrStalker
    users | Mikrotik -- Internet | ASA | ServerA and ServerB I'm trying to troubleshoot a problem with a new Cisco ASA 5505. The network design is as above - the Microtik is the existing router, ServerA and ServerB used to plug directly into it. ServerA has IP 10.30.1.10, ServerB has IP 10.30.1.11 The ASA is configured with no NAT, a "allow anything" firewall, and uses the microtik as its default gateway. In effect, it is currently a simple IP router; the firewall and VPN stuff will all come later once the basics are working. Th problem is access to ServerA and ServerB is erratic - sometimes it will work, sometimes it will fail. It can fail for either one of the servers only, or both. When it is working: The Mikrotik logs show ping packets being sent out over the proper interface The ASA logs show the incoming connections. When it is failing: The Mikrotik logs show ping packets being sent out over the proper interface The ASA logs show nothing reaching the ASA. This can fail for one server only (e.g.: the Mikrotik is putting out packets to 10.30.1.10 and 10.30.1.11, but the ASA is only seeing packets arrive destined for 10.30.1.11) It can fail for one source only (e.g.: ClientA on the users network can ping 10.30.1.11, but clientB cannot) The problem can also be seen from the mikrotik router itself; sometimes it can ping ServerA and ServerB, sometimes it can only ping one of them What could be causing this? I can't think of any possible cause that is intermittent and could explain why the problem may occur for one destination server and not others. edit: Link to ASA config

    Read the article

  • IPSEC site-to-site Openswan to Cisco ASA

    - by Jim
    I recieved a list of commands that were run on the right side of the VPN tunnel which is where the Cisco ASA resides. On my side, I have a linux based firewall running debian with openswan installed. I am having an issue with getting to Phase 2 of the VPN negotiation. Here is the Cisco Information I was sent: {my_public_ip} = left side of connection tunnel-group {my_public_ip} type ipsec-l2l tunnel-group {my_public_ip} ipsec-attributes pre-shared-key fakefake crypto map vpn1 1 match add customer-ipsec crypto map vpn1 1 set peer {my_public_ip} crypto map vpn1 1 set transform-set aes-256-sha crypto map vpn1 interface outside static (outside,inside) 10.2.1.200 {my_public_ip} netmask 255.255.255.255 crypto ipsec transform-set aes-256-sha esp-aes-256 esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map vpn1 1 match address customer-ipsec crypto map vpn1 1 set peer {my_public_ip} crypto map vpn1 1 set transform-set aes-256-sha crypto map vpn1 interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 Myside ipsec.conf config setup klipsdebug=none plutodebug=none protostack=netkey #nat_traversal=yes conn cisco #name of VPN connection type=tunnel authby=secret #left side (myside) left={myPublicIP} leftsubnet=172.16.250.0/24 #net subnet on left sdie to assign to right side leftnexthop=%defaultroute #right security gateway (ASA side) right={CiscoASA_publicIP} #cisco ASA rightsubnet=10.2.1.0/24 rightnexthop=%defaultroute #crypo stuff keyexchange=ike ikelifetime=86400s auth=esp pfs=no compress=no auto=start ipsec.secrets file {CiscoASA_publicIP} {myPublicIP}: PSK "fakefake" When I start ipsec from the left side/my side I don't recieve any errors, however when I run the ipsec auto --status command: 000 "cisco": 172.16.250.0/24==={left_public_ip}<{left_public_ip}>[+S=C]---{left_public_ip_gateway}...{left_public_ip_gateway}--{right_public_ip}<{right_public_ip}>[+S=C]===10.2.1.0/24; prospective erouted; eroute owner: #0 000 "cisco": myip=unset; hisip=unset; 000 "cisco": ike_life: 86400s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "cisco": policy: PSK+ENCRYPT+TUNNEL+UP+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD; prio: 24,24; interface: eth0; 000 "cisco": newest ISAKMP SA: #0; newest IPsec SA: #0; 000 000 #2: "cisco":500 STATE_MAIN_I1 (sent MI1, expecting MR1); EVENT_RETRANSMIT in 10s; nodpd; idle; import:admin initiate 000 #2: pending Phase 2 for "cisco" replacing #0 Now I'm new to setting up an site-to-site IPSEC tunnel so the status informatino I am unsure what it means. All I know is it sits at this "pending Phase 2" and I can't ping the other side, Another question I have is, if I do a route -n, should I see anything relating to this connection? Also, I read a few artilcle where configs contained the interface="ipsec0=eth0", is this an interface that I have to create on the linux debian firewall on my side? Appreciate your time to look at this.

    Read the article

  • Enable Cisco ASA as an SSH Tunneling

    - by Jim
    I am trying to utilize my Cisco ASA as a SSH Tunnel. I've configured this before when using a Linux server as the SSH target, however I cannot seem to get it to work with the ASA. I have configured and enabled SSH on the Cisco ASA, as well as a username that I can SSH to the console, however the SSH Tunneling feature does not work. For example, on my PC I use Putty with a Local Tunnel defined to a server behind the ASA. I should be able to (if SSH connected to the ASA) be able to access the server. See screenshot of putty. has anyone come across this before? Again this is to use my Cisco ASA as a SSH tunnel, this is not a port forwarding. -Jim

    Read the article

  • Cisco ASA 5505 allowing inbound ICMPv6

    - by Astron
    I am trying to allow inbound unsolicited ICMPv6 requests from an external link-local address to my outside (external) interfaces link-local address. I can ping (echo-request) the external address and receive a pong (echo-reply) but ICMPv6 messages initiated on the far side are dropped. I am running 9.0(1) in order to use some of the newer features. Does the Cisco ASA not allow unsolicited inbound requests from a link-local address? Should it matter if all ICMPv6 is allowed? Statements being denied: %ASA-3-313008: Denied IPv6-ICMP type=129, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=131, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=131, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=136, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=136, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside %ASA-3-313008: Denied IPv6-ICMP type=136, code=0 from fe80::XXXX:XXXX:XXXX:XXXX on interface outside I created both an inbound ACL and ICMP permit statements: access-list OUTSIDE-IN extended permit icmp6 any any access-list OUTSIDE-IN extended permit icmp6 any any membership-report access-list OUTSIDE-IN extended permit icmp6 any any membership-report 0 access-list OUTSIDE-IN extended permit icmp6 any any echo-reply 0 access-list OUTSIDE-IN extended permit icmp6 any any echo-reply access-list OUTSIDE-IN extended permit icmp6 any interface outside membership-report access-list OUTSIDE-IN extended permit icmp6 any interface outside membership-report 0 access-list OUTSIDE-IN extended permit icmp6 any6 any6 echo-reply access-list OUTSIDE-IN extended permit icmp6 any6 any6 membership-report access-list OUTSIDE-IN extended permit icmp6 any6 any6 echo-reply 0 access-list OUTSIDE-IN extended permit icmp6 any6 any6 membership-report 0 snip access-group OUTSIDE-IN in interface outside ipv6 icmp permit any inside ipv6 icmp permit any membership-report outside ipv6 icmp permit any echo-reply outside ipv6 icmp permit any router-advertisement outside ipv6 icmp permit any neighbor-solicitation outside ipv6 icmp permit any neighbor-advertisement outside ipv6 icmp permit any outside

    Read the article

  • Cisco ASA and SixXS IPv6 tunnel endpoint?

    - by Martijn Heemels
    I recently installed a Cisco ASA 5505 firewall on the edge of our LAN. The setup is simple: Internet <-- ASA <-- LAN I would like provide the hosts in the LAN with IPv6 connectivity by setting up a 6in4 tunnel to SixXS. It would be nice to have the ASA as tunnel endpoint so it can firewall both IPv4 and IPv6 traffic. Unfortunately the ASA apparently can't create a tunnel itself, and can't port-forward protocol 41 traffic, so I believe I would have to do one of the following instead: Set up a host with it's own IP outside the firewall, and have that function as tunnel-endpoint. The ASA can then firewall and route the v6 subnet to the LAN. Set up a host inside the firewall that functions as endpoint, separated via vlan or whatever, and loop the traffic back into the ASA where it can be firewalled and routed. This seems contrived, but would allow me to use a VM instead of a physical machine as endpoint. Any other way? What would you suggest is the optimal way to set this up? P.S. I do have a spare public IP address available if needed, and can spin up another VM in our VMware infrastructure.

    Read the article

  • Cisco ASA and static IPv6 tunnel endpoint?

    - by Martijn Heemels
    I recently installed a Cisco ASA 5505 firewall on the edge of our LAN. The setup is simple: Internet <-- ASA <-- LAN I would like provide the hosts in the LAN with IPv6 connectivity by setting up a 6in4 tunnel to SixXS. It would be nice to have the ASA as tunnel endpoint so it can firewall both IPv4 and IPv6 traffic. Unfortunately the ASA apparently can't create a tunnel itself, and can't port-forward protocol 41 traffic, so I believe I would have to do one of the following instead: Set up a host with it's own IP outside the firewall, and have that function as tunnel-endpoint. The ASA can then firewall and route the v6 subnet to the LAN. Set up a host inside the firewall that functions as endpoint, separated via vlan or whatever, and loop the traffic back into the ASA where it can be firewalled and routed. This seems contrived, but would allow me to use a VM instead of a physical machine as endpoint. Any other way? What would you suggest is the optimal way to set this up? P.S. I do have a spare public IP address available if needed, and can spin up another VM in our VMware infrastructure.

    Read the article

  • Cisco ASA site-to-site vpn not initiating phase 1 (not sending udp 500 packets)

    - by Sean Steadman
    I am hoping someone here can help me with my problem. I am trying to setup an IPSEC site-to-site VPN between two cisco ASA 5520's in GNS3 (both using 8.4.2). I have been unsuccesful in getting the tunnel up and it appears neither ASA is sending packets out,in regards to phase 1 and phase 2 (tested by using wireshark and seeing NO udp 500 packets). Doing show ipsec sa and such shows nothing. CALIFORNIA(config)# show ipsec sa There are no ipsec sas FLA-ASA# show ipsec sa There are no ipsec sas I will attach both configurations in two different pastebin files as to keep this post a bit cleaner. Essentially California side has 172.20.1.0/24 and Florida side has 10.10.10.0/24. California ASA config: http://pastebin.com/v0pngYzF Florida ASA config: http://pastebin.com/E2geybta Please let me know if there is any other vital information that could help. I have gotten IPSEC tunnels to work using openSwan (linux) and cisco routers but cannot for the life of me get ASA IPSEC tunnels to work. The ASDM is out of the question I only use cli. Thanks for any useful help!

    Read the article

  • Cisco Catalyst 3750 connected to Cisco ASA 5505 and dropping packets

    - by Bo102010
    (Cross posted from Super User per suggestion there) At the office, I have inherited a network that I am still trying to fully comprehend. I have a problem today with a new connection between: A port on a Cisco Catalyst 3750 [WS-C3750G-48TS-S running C3750-IPSERVICESK9-M version 12.2(53)SE1] A port on a Cisco ASA 5505 [ASA Software version 8.3(2)] The 3750 is home to a Vlan that has a few ports assigned to it. interface Vlan3 description Internal network (172.18.160.0/24) ip address 172.18.160.1 255.255.255.0 I have a host (outside of my control) that needs to be in this VLAN (i.e it must have an address 172.18.160.something/24) that also needs to access the Internet. To accomplish this, I ran a link from the Catalyst (Gi1/0/13) to the ASA (Ethernet 0/5). I configured the Catalyst port like so: interface GigabitEthernet1/0/13 description To ASA, 172.18.160.69 switchport access vlan 3 switchport mode access speed 100 duplex full I configured the ASA like so: interface Vlan1 nameif inside security-level 100 ip address 172.18.160.69 255.255.255.0 interface Ethernet0/5 speed 100 duplex full Then I plugged the host into Ethernet 0/4 on the ASA and instructed its owner to make its default gateway 172.18.160.69. I made a NAT rule in the ASA and set up some rules, and it's able to access the Internet without issue. However, I noticed that the Catalyst reports a ton of packets being dropped toward the ASA. Catalyst3750#show interfaces GigabitEthernet 1/0/13 | include counters|drops Last clearing of "show interface" counters 00:28:13 Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 136909347 This is a huge number of drops, since there's not much traffic on this VLAN at all. I tried these things: Make sure speed and duplex agree on both sides (100 Mbps / Full) Set no cdp enable on the Catalyst Gi10/13 Set no keepalive on the Catalyst Gi10/13 Checked for excessive CPU usage on both Checked for excessive traffic on both Am I missing something? Any help would be appreciated.

    Read the article

  • Exposing the AnyConnect HTTPS service to outside network

    - by Maciej Swic
    We have a Cisco ASA 5505 with firmware ASA9.0(1) and ASDM 7.0(2). It is configured with a public ip address, and when trying to reach it from the outside by HTTPS for AnyConnect VPN, we get the following log output: 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Built inbound TCP connection 2889 for outside:<client-ip>/51000 (<client-ip>/51000) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Built inbound TCP connection 2890 for outside:<client-ip>/50999 (<client-ip>/50999) to identity:<asa-ip>/443 (<asa-ip>/443) 6 Nov 12 2012 07:01:40 <client-ip> 51000 <asa-ip> 443 Teardown TCP connection 2889 for outside:<client-ip>/51000 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency 6 Nov 12 2012 07:01:40 <client-ip> 50999 <asa-ip> 443 Teardown TCP connection 2890 for outside:<client-ip>/50999 to identity:<asa-ip>/443 duration 0:00:00 bytes 0 No valid adjacency We finished the startup wizard and the anyconnect vpn wizard and here is the resulting configuration: Cryptochecksum: 12262d68 23b0d136 bb55644a 9c08f86b : Saved : Written by enable_15 at 07:08:30.519 UTC Mon Nov 12 2012 ! ASA Version 9.0(1) ! hostname vpn domain-name office.<redacted>.com enable password <redacted> encrypted passwd <redacted> encrypted names ip local pool vpn-pool 192.168.67.2-192.168.67.253 mask 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 192.168.68.250 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address <redacted> 255.255.255.248 ! ftp mode passive dns server-group DefaultDNS domain-name office.<redacted>.com object network obj_any subnet 0.0.0.0 0.0.0.0 pager lines 24 logging enable logging asdm informational mtu outside 1500 mtu inside 1500 icmp unreachable rate-limit 1 burst-size 1 no asdm history enable arp timeout 14400 no arp permit-nonconnected ! object network obj_any nat (inside,outside) dynamic interface timeout xlate 3:00:00 timeout pat-xlate 0:00:30 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy user-identity default-domain LOCAL http server enable http 192.168.68.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto ipsec security-association pmtu-aging infinite crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map inside_map interface inside crypto ca trustpoint _SmartCallHome_ServerCA crl configure crypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=vpn proxy-ldc-issuer crl configure crypto ca trustpool policy crypto ca certificate chain _SmartCallHome_ServerCA certificate ca 6ecc7aa5a7032009b8cebcf4e952d491 <redacted> quit crypto ca certificate chain ASDM_TrustPoint0 certificate f678a050 <redacted> quit crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 2 prf sha lifetime seconds 86400 crypto ikev2 enable outside client-services port 443 crypto ikev2 remote-access trustpoint ASDM_TrustPoint0 telnet timeout 5 ssh 192.168.68.0 255.255.255.0 inside ssh timeout 5 console timeout 0 vpn-addr-assign local reuse-delay 60 dhcpd auto_config outside ! dhcpd address 192.168.68.254-192.168.68.254 inside ! threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept ssl trust-point ASDM_TrustPoint0 inside ssl trust-point ASDM_TrustPoint0 outside webvpn enable outside enable inside anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 1 anyconnect image disk0:/anyconnect-linux-3.1.01065-k9.pkg 2 anyconnect image disk0:/anyconnect-macosx-i386-3.1.01065-k9.pkg 3 anyconnect profiles GM-AnyConnect_client_profile disk0:/GM-AnyConnect_client_profile.xml anyconnect enable tunnel-group-list enable group-policy GroupPolicy_GM-AnyConnect internal group-policy GroupPolicy_GM-AnyConnect attributes wins-server none dns-server value 192.168.68.254 vpn-tunnel-protocol ikev2 ssl-client default-domain value office.<redacted>.com webvpn anyconnect profiles value GM-AnyConnect_client_profile type user username <redacted> password <redacted> encrypted tunnel-group GM-AnyConnect type remote-access tunnel-group GM-AnyConnect general-attributes address-pool vpn-pool default-group-policy GroupPolicy_GM-AnyConnect tunnel-group GM-AnyConnect webvpn-attributes group-alias GM-AnyConnect enable ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options ! service-policy global_policy global prompt hostname context call-home reporting anonymous Cryptochecksum:12262d6823b0d136bb55644a9c08f86b : end Clearly we are missing something, but the question is, what?

    Read the article

  • How can I forward all web traffic from my Cisco ASA 5100 to a checkpoint firewall?

    - by Scott Clements
    Hi, I currently have two Cisco ASA 5100 routers setup with a site-to-site VPN at different physical locations. They are successfully configured so that all traffic at our remote site is forwarded over this VPN tunnel to our router here, which is fine, however I need the web traffic that comes here to then be forwarded onto our Check Point firewall router. Can someone please tell me how I can configure this?? Many Thanks, Scott

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >