Search Results

Search found 26086 results on 1044 pages for 'site to site vpn'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 3/1044 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Openconnect for Cisco VPN doesn't recognize private key file - asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag

    - by Alexander Skwar
    I'm trying to use my Synology DS212 NAS box also act as VPN gateway to my companies VPN. Sadly, they only use Cisco ASA and to complicate stuff even further, we've got to use personal certificates (which is of course more secure, but more complicate to get going…). So I compiled OpenConnect v4.06 from http://www.infradead.org/openconnect/. As a very basic test, I tried to build a connection by manually invoking openconnect, passing along the key and cert files, like so: /lib/ld-linux.so.3 --library-path /opt/lib \ /opt/openconnect/sbin/openconnect \ --certificate=$VPN_CFG/alexander.crt \ --sslkey=$VPN_CFG/alexander.key \ --cafile=$VPN_CFG/Company_VPN_CA.crt \ --user=alexander --verbose <ip>:443 It fails :( Attempting to connect to <ip>:443 Using certificate file $VPN_CFG/alexander.crt Using client certificate '/[email protected]/OU=Company VPN' 5919:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1315: Loading private key failed (see above errors) Loading certificate failed. Aborting. Failed to open HTTPS connection to <ip> Failed to obtain WebVPN cookie When I run the same command with the same cert/key files on a Ubuntu 12.04 box, it works: openconnect \ --certificate=$VPN_CFG/alexander.crt \ --sslkey=$VPN_CFG/alexander.key \ --cafile=$VPN_CFG/Company_VPN_CA.crt \ --user=alexander --verbose <ip>:443 Attempting to connect to <ip>:443 Using certificate file $VPN_CFG/alexander.crt Extra cert from cafile: '/CN=Company AG VPN CA/O=Company AG/L=Zurich/ST=ZH/C=CH' SSL negotiation with <ip> Server certificate verify failed: self signed certificate Certificate from VPN server "<ip>" failed verification. Reason: self signed certificate Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on <ip> GET https://<ip>/ […] Well… The error on the NAS is this: 5919:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1315: Any ideas, what's causing this? On Syno, I use OpenConnect 4.06. On Ubuntu, I just compiled and installed to a custom location OpenConnect 4.06 as well. Thanks, Alexander

    Read the article

  • How can I solve Windows PPTP VPN issues?

    - by Robin M
    I'm having persistent problems with Windows PPTP VPN connections. The VPN appears up whilst the tunnel won't transfer traffic (ping to a remote IP within the VPN works for a while, and then fails). The client receives routing information via DHCP. When the connection fails, the routing table is still correct so I don't think it's a routing problem. My internet connection is via an ADSL2 line. There's software to deal with PPTP problems, like TunnelRat, but I don't want to install v1.1 of the .NET framework and I'd rather get to the bottom of the problem (I have multiple VPN connections and some are more unreliable than others). What can I do to get to the bottom of this? Alternatively, what can I do to keep the connection alive?

    Read the article

  • VPN Authentication Credentials (Local/Remote Identifiers) For Remote Access VPN

    - by thatidiotguy
    So I am trying to set up a remote access VPN using the free ShrewSoft vpn client: https://www.shrew.net/software I want to use a PSK as the authentication mechanism combined with XAuth so that a connection requires a valid username/pass combo. Under the authentication tab this particular VPN Client however is asking for a Local Identity and a Remote Identity. The options for Local Identity Type are: Fully Qualified Domain Name User Fully Qualified Domain Name IP Address Key Identifier The options for Remote Identity are: Any Fully Qualified Domain Name User Fully Qualified Domain Name IP Address Key Identifier My current thinking is that I can use the Fully Qualifed Domain Name provided by the remote firewall for the Remote Identity, but I do not know what it wants for local identity. Just to stress: I am not trying to set up a site to site VPN. Can anybody shed any light on what I am missing here? A screenshot can be provided if that would be helpful. The current error I am getting during the connection is: IKE Responder: Proposed IKE ID mismatch

    Read the article

  • Button "Add" is disabled in VPN Connection's dialog

    - by Innuendo
    I've just installed elementaryos-jupiter. (It's based on Ubuntu 10.10) I've entered VPN Connections' menu (nm - VPN Connections - Configure VPN) And there should be button "Add" - it is, but it's disabled (I can't press on it) I'm connecting via ethernet (LAN in a students' hostel) and we get internet via VPN connection (It worked for me in Ubuntu for a few years) Any suggestions? I've asked on IRC of elementaryos (there were few people) but they said that VPN is out-of-box, and it should work - they never met this.

    Read the article

  • Ubuntu 12.04 - PPTP VPN is the only Internet Access

    - by user212553
    I know this has been covered. I've read dozens of posts but still have questions. I have a work server whose traffic should never leave my house without encryption. The VPN is PPTP. Currently I have a cron job that checks the status of the ppp0 adapter each minute. If the connection drops, which it does fairly often, it shuts key components down. It's fairly easy to restart PPTP with "nmcli con up id 'myVPNServer'" but there's no assurance it will reconnect and I need a better way to stop traffic (other than killing apps) when ppp0 is down. The two options I've seen discussed are the firewall (UFW, Firestarter, IPTables) or the route tables. I could be easily swayed to consider the firewall option but I focused on the route tables since no new function needs to be started. My questions involve the way the route tables change and then specifics on rules. When I start the PPTP VPN the route tables change. That suggests that if the VPN drops, the table will change back, defeating my stated intent of preventing external traffic. How can I make "sticky" changes to the route table that will persist even if the VPN connection drops? Perhaps the check boxes "Ignore automatically obtained routes" or "Use this connection only for resources on it's network" (which are part of the VPN configuration options)? It would seem that, if I can force the active VPN route table to stay in effect, even when the VPN drops, that this will effectively kill any external traffic should the VPN drop. This will give me the latitude to run a routine to restart the VPN from the command line (assuming the route table rules don't prevent me re-establishing the connection). My route table, with the VPN active is (ip route list): Any comments on what 10.10.1.1 is? $ ip route list default dev ppp0 proto static 10.10.1.1 dev ppp0 proto kernel scope link src 10.10.1.11 VPN_Server_IP_Address via 192.168.1.1 dev eth0 proto static VPN_Server_IP_Address via 192.168.1.1 dev eth0 src 192.168.1.60 169.254.0.0/16 dev eth0 scope link metric 1000 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.60 metric 1

    Read the article

  • VPN Device behind router/firewall

    - by David Steven
    ROUTER A: Peplink 310 serving as the gateway/router/firewall at one location. ROUTER B: Linksys RV082 serving as the gateway/router/firewall at another location. I want to VPN these two locations together. The Peplink has a PPTP server and has proprietary site-to-site vpn if you had another peplink device. The Linksys has an IPsec vpn server. VPN A: I also have another spare linksys rv082. I'm trying to setup the other rv082 (VPN A) behind the peplink (ROUTER A) and get VPN A to talk to ROUTER B. I setup VPN A with a lan ip address and plugged one of it's LAN ports into the LAN. I was able to get to it's web interface fine. On ROUTER A I one-to-one nat mapped one of our public ip's to the LAN IP for VPN A. I opened TCP 50-51 and UDP 500 to VPN A. I configured the VPN settings on VPN A to connect to ROUTER B. I did the opposite for ROUTER B. But the vpn doesn't connect. Then I tried pluging VPN A's wan port into the lan, and gave it another LAN IP. I thought perpahs VPN A didn't want to send VPN traffic out over the LAN and wanted do send it over it's WAN. The vpn still doesn't connect. It what I'm trying to do even possible?

    Read the article

  • VPN - force a selective range of ip to run on VPN (linux)

    - by Francesco
    Preface: I know there are similar question here and there however I'm a kind of newbie on Net stuff so I need an answer on this specific scenario, hoping that can help others too as it is a common problem Let say I cannot do anything on the local switch to change the local ip range, I don't want to use any complicate trick as use VMachine to hide the local ip range but I want to use net tools to solve the issue. Scenario my local net assign me an IP of this class 192.168.1.xxx (ex. 192.168.1.116) and my VPN (VPNC) assign me IP of same class 192.168.1.xxx (ex. 192.168.1.247) Obviously I need VPN to access local address (ex. 192.168.1.100) but when I open any address of the class 192.168.1.xx the route point to my local net and not to the VPN ones. I'm on linux and i'd like gui solution (network manager) in case it is not possible let play with route command. here what network manager offer me: Here my actual route once connected to the VPN: Here some route information (route -n) Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0 182.71.21.106 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0 182.71.21.106 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0 192.168.1.0 0.0.0.0 255.255.255.0 U 9 0 0 wlan0 192.168.1.246 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 Here my ifconfig : ppp0 Link encap:Point-to-Point Protocol inet addr:192.168.1.247 P-t-P:192.168.1.246 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1 RX packets:3415 errors:0 dropped:0 overruns:0 frame:0 TX packets:2525 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:3682328 (3.6 MB) TX bytes:402315 (402.3 KB) wlan0 Link encap:Ethernet HWaddr 4c:eb:42:06:a3:a6 inet addr:192.168.1.116 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::4eeb:42ff:fe06:a3a6/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:72598 errors:0 dropped:0 overruns:0 frame:0 TX packets:42300 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:76000532 (76.0 MB) TX bytes:13919400 (13.9 MB) The Question So basically I would like to add a rule to force this particular address (192.168.1.100) on the VPN and not on my local net

    Read the article

  • Cisco AnyConnect VPN client - prevent connecting as work network

    - by Opmet
    From Windows 7 I'm using "Cisco AnyConnect Secure Mobility Client 3.0" to connect to our corporate network. Every time I establish the VPN connection Windows will set the type as "work network". I don't want this. So I go to "network and sharing center" and manually / interactively change it to "public network". But I have to repeat it for every new VPN connection. Is there any way to make Windows remember / persist this configuration? Can it be configured in the VPN client? Do our IT admins need to change something at server end? Motivation: A "work network" per default uses different firewall settings that allows for stuff like "network discovery" and "file shares". But I just need "remote desktop" (mstsc). Additional info: Our IT admins claimed this would be Windows default behaviour and there was nothing we could do about it: Windows would always initiate a VPN connection as "work network". Based on this statement I assume this is a "general" issue and went ahead posting here (at superuser.com).

    Read the article

  • How to make iPhone Cisco VPN client work with ASA with certificate authentication

    - by Ben Jencks
    I have an ASA that's providing IPsec VPN services using certificate authentication (no xauth, just the certs). It works perfectly with the Cisco IPsec VPN Client. Now I'm trying to let iPhones connect. I've installed the CA cert and a client certificate on the iPhone with a profile using iPCU, along with the VPN configuration. Then connecting gives the error "Could not validate the server certificate". Additionally, the ASA logs the error "Received encrypted Oakley Informational packet with invalid payloads". FWIW, I receive the same invalid payload error when trying to use the Snow Leopard IPsec client to connect. Has anyone successfully gotten the iPhone IPsec client to work with certificate auth?

    Read the article

  • Cisco 877 as a VPN server?

    - by Massimo
    I have a Cisco 877 router which connects my network to the Internet using an ADSL line, a single public IP address and NAT; the IOS version is 15. Everything is working ok, but I'd like to configure this router to be a VPN server, to be able to connect to the network from the outside. I've tried looking for documentation, but everything I can find is related to having the 877 act as a VPN client, or to site-to-site VPNs; I can't find anything about letting single remote computers access the internal network, which is something I can do quite easily using Windows' RRAS or ISA Server. Can the Cisco 877 act as a VPN server for remote client computers? (Looks like it should, but just to be sure...) Which type of VPNs does it support? Do they require some special software on the client machines, or can they be used by standard out-of-the-box Windows computers? And, finally: how to set up this?

    Read the article

  • VPN no longer works, saves old password?

    - by nathanvda
    I am not sure if this question is related to 11.10 or gnome 3.2, but the VPN configuration screen has changed, and now the user and password is optional, but there is no way for me to override it. On our VPN we use a token, so I have to enter the password each time. But even if I clear the password, clear the password and the user, there is no way for me to unset the user and password, so I am unable to access the VPN. Because he never asks the password anymore, and each time I return to the VPN configuration window, I see the same setting. Please help. Is there another way to configure the VPN? [Found Quick Fix] Recreate the VPN connection, fill everything in but the password, and this will work the first time.

    Read the article

  • IPSec tunnelling with ISA Server 2000...

    - by Izhido
    Believe it or not, our corporate network still uses ISA Server 2000 (in a Windows Server 2003 machine) to enable / control Internet access to / from it. I was asked recently to configure that ISA Server to create a site-to-site VPN for a new branch in a office about 25 km. away from it. The idea is basically to enable not only computers, but also Palm devices (WiFi-enabled, of course), to be able to see other computers in both sites. I was also told that a simple VPN-enabled wireless AP/router (in this case, a Cisco WRV210 unit) should be enough to establish communications with the main office. To be fair, the router looks easy to configure; it was confusing at first, but further understanding of how site-to-site VPNs work cleared all doubts about it. Now I need to make modifications to our ISA Server in order to recognize the newly installed & configured "remote" VPN site. Thing is, either my Googling skills are pathethically horrible, or there doesn't seem to be much (or any, at all) information about how to configure an ISA Server 2000 for this purpose. Lots of stuff on 2004, of course; also, I think I saw something for 2006. But nothing I could find about 2000. Reading about 2004, it seems that the only way I can do site-on-site with a Cisco router (read: a non-ISA-Server machine) is through something they call a "IPSec tunnel". Fair enough. However, I can't figure for the life of me how could I even start to find, leave alone configure, such a thing. Do you, people, happen to know how to do IPSec tunelling on a ISA Server 2000, so I can connect to a Cisco WRV210 VPN-enabled router, and build a site-to-site VPN for both networks? Or is this not possible at all? (Meaning I should change anything in this configuration to make it work...)

    Read the article

  • Cisco: Site-to-site VPN with cisco 878 and ASA weirdness

    - by cpf
    I currently have 2 sites, both connected to each other through 2 firewalls / routers in a site-to-site VPN. Pinging from server to server (Using 2mb/2mb SDSL) through that VPN obviously works, however, at one site, we have another internet connection (7m/400k ADSL), and only the link between the two sites should be on the other connection. All pc's should go over the other connection for internet, just communication between servers & Communication between pc's and the server at the other side should go through there too. What is configured at the moment is the server is using the SDSL directly as default gateway. Since it's not intended to surf anything it is a safe config. PC's are configured on the ADSL as default gateway. Now I wanted to route through everything that uses the range used on the other site, it should be sent from the ADSL modem to the SDSL modem, which has the VPN connection. I figured I could use OSPF to do so, however, OSPF doesn't seem to "detect" the range of the external site. Also (due to bad ip subnetting thanks to the other administrator), the ip used internally as the server on the other site also exists on the internet (causing a lot of confusion), so rdp-ing from our server to the server of the other site works (somehow), but tracerouting on the SDSL router (which should actually, in my opinion, go over the VPN) actually goes all over the internet. My question(s): Why doesn't the SDSL router ping the external ip through VPN, but the server does? Why can't I route from the ADSL router to the SDSL over VPN? I would seriously appreciate some help, since I can't figure out why it does it like this.

    Read the article

  • Cisco VPN Client Behind ASA 5505

    - by fdf33
    I'm trying to get connected to another ASA via Cisco VPN Client. I am behind an ASA 5505 myself and I am tryihng to VPN to a 5510. I get the message: Secure VPN Connection terminated locally by the Client. Reason 412: The remote peer is no longer responding. I can connect to the other ASA if I use a normal cheap Linksys. Here's the version of my ASA: Result of the command: "sh ver" Cisco Adaptive Security Appliance Software Version 8.4(1) Any help would be great. Thanks running-config : Saved : Written by enable_15 at 23:12:32.378 UTC Fri Jul 1 2011 ! ASA Version 8.4(1) ! hostname aaaasa domain-name aaa.local enable password xxxxxxxxxxxxxxx encrypted passwd xxxxxxxxxxxxxxxxxxxx encrypted names ! interface Vlan1 nameif inside security-level 100 ip address 192.168.1.254 255.255.255.0 ! interface Vlan2 nameif outside security-level 0 ip address xxx.xxx.xxx.xxx 255.255.254.0 ! interface Vlan5 no nameif security-level 50 ip address 172.16.0.254 255.255.255.0 ! interface Vlan500 no nameif security-level 100 ip address 10.10.10.1 255.255.255.0 ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! boot system disk0:/asa841-k8.bin ftp mode passive dns domain-lookup inside dns domain-lookup outside dns server-group DefaultDNS name-server 4.2.2.2 domain-name aaa.local same-security-traffic permit inter-interface same-security-traffic permit intra-interface object network obj_any subnet 0.0.0.0 0.0.0.0 object network A_93.97.168.1 host 93.97.168.1 object network rdp host 192.168.1.2 object network NETWORK_OBJ_192.168.1.0_24 subnet 192.168.1.0 255.255.255.0 access-list 101 extended permit tcp any host 192.168.1.2 eq 3389 access-list 101 extended permit icmp any any echo-reply access-list 101 extended permit icmp any any source-quench access-list 101 extended permit icmp any any time-exceeded access-list 101 extended permit icmp any any unreachable access-list 102 extended permit ip any any pager lines 24 logging enable logging asdm informational mtu inside 1500 mtu outside 1492 ip local pool VPNPool 192.168.2.200-192.168.2.210 mask 255.255.255.0 icmp unreachable rate-limit 1 burst-size 1 asdm image disk0:/asdm-641.bin no asdm history enable arp timeout 14400 ! object network rdp nat (inside,outside) static interface service tcp 3389 3389 ! nat (inside,outside) after-auto source dynamic any interface access-group 101 in interface outside access-group 102 out interface outside ! router ospf 1 network 192.168.1.0 255.255.255.0 area 0 log-adj-changes ! route outside 0.0.0.0 0.0.0.0 93.97.168.1 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy http server enable http 192.168.1.0 255.255.255.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec ikev2 ipsec-proposal DES protocol esp encryption des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal 3DES protocol esp encryption 3des protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES protocol esp encryption aes protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES192 protocol esp encryption aes-192 protocol esp integrity sha-1 md5 crypto ipsec ikev2 ipsec-proposal AES256 protocol esp encryption aes-256 protocol esp integrity sha-1 md5 crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP crypto map outside_map interface outside crypto ca trustpoint ASDM_TrustPoint0 enrollment self subject-name CN=ciscoasa proxy-ldc-issuer crl configure crypto ca certificate chain ASDM_TrustPoint0 certificate 8877d64d 30820248 308201b1 a0030201 02020488 77d64d30 0d06092a 864886f7 0d010105 05003036 3111300f 06035504 03130863 6973636f 61736131 21301f06 092a8648 86f70d01 09021612 63697363 6f617361 2e6e6a64 2e6c6f63 616c301e 170d3131 30353231 30383533 34325a17 0d323130 35313830 38353334 325a3036 3111300f 06035504 03130863 6973636f 61736131 21301f06 092a8648 86f70d01 09021612 63697363 6f617361 2e6e6a64 2e6c6f63 616c3081 9f300d06 092a8648 86f70d01 01010500 03818d00 30818902 818100ea 1aa95141 480e616c efee6816 a96d6511 313b6776 cd3dd57b cd84b4d2 5e108aee 7c980086 4d92e2eb b6c7bf66 4585af0a ccbf153a db9270be c6f5c67b db9dd8d1 2f78d033 3348b056 df4be0da 70e08953 53adf294 9db6c020 597d250f bf448b43 b90179c8 ff0b15d8 744632d9 31c1945f 0b11e258 b4c1d224 692efff4 7b2f5102 03010001 a3633061 300f0603 551d1301 01ff0405 30030101 ff300e06 03551d0f 0101ff04 04030201 86301f06 03551d23 04183016 8014493c 19db183a ab1af9e9 b1e44ad4 2a408b3c 89d1301d 0603551d 0e041604 14493c19 db183aab 1af9e9b1 e44ad42a 408b3c89 d1300d06 092a8648 86f70d01 01050500 03818100 1dd1760a fdd15941 4803fb9a cd6f44a7 2e275854 a1c0fbe1 d19f2cc9 182d43ef a547f854 8df96d15 3ea79c62 cf3fcb1c 5820360b c607dbfc 4de8bb16 19f727e9 b928a085 665816d8 138e4a35 ed610950 7910dd4a 0b1a9dd9 0e26f1c8 b78bc0cc cbf19eb2 4c4c3931 45199ea5 249e3266 661e44fd 7a00d376 dcfc6e4e d43f10b8 quit crypto isakmp nat-traversal 30 crypto ikev2 policy 1 encryption aes-256 integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 10 encryption aes-192 integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 20 encryption aes integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 30 encryption 3des integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 policy 40 encryption des integrity sha group 5 prf sha lifetime seconds 86400 crypto ikev2 enable outside client-services port 443 crypto ikev2 remote-access trustpoint ASDM_TrustPoint0 telnet timeout 5 ssh 192.168.1.0 255.255.255.0 inside ssh timeout 5 console timeout 0 dhcpd auto_config outside ! dhcpd address 192.168.1.5-192.168.1.36 inside dhcpd dns 4.2.2.2 interface inside dhcpd enable inside ! threat-detection basic-threat threat-detection statistics host number-of-rate 3 threat-detection statistics port threat-detection statistics protocol threat-detection statistics access-list threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200 ntp server 82.219.4.31 source outside prefer ssl trust-point ASDM_TrustPoint0 outside webvpn enable outside anyconnect image disk0:/anyconnect-win-2.4.1012-k9.pkg 1 anyconnect profiles AnyConnectVPN_client_profile disk0:/AnyConnectVPN_client_profile.xml anyconnect profiles SSLAnyConnectVPN_client_profile disk0:/SSLAnyConnectVPN_client_profile.xml anyconnect enable tunnel-group-list enable group-policy GroupPolicy_AnyConnectVPN internal group-policy GroupPolicy_AnyConnectVPN attributes wins-server none dns-server value 4.2.2.2 vpn-tunnel-protocol ikev2 ssl-client ssl-clientless default-domain value aaa.local webvpn url-list none anyconnect profiles value AnyConnectVPN_client_profile type user group-policy GroupPolicy_SSLAnyConnectVPN internal group-policy GroupPolicy_SSLAnyConnectVPN attributes wins-server none dns-server value 4.2.2.2 vpn-tunnel-protocol ikev2 ssl-client default-domain value aaa.local webvpn anyconnect profiles value SSLAnyConnectVPN_client_profile type user username testuser password xxxxxxxxxxxxxxxxx encrypted privilege 0 username testuser attributes vpn-group-policy GroupPolicy_AnyConnectVPN tunnel-group SSLPOL type remote-access tunnel-group SSLPOL general-attributes default-group-policy GroupPolicy_AnyConnectVPN tunnel-group SSLAnyConnectVPN type remote-access tunnel-group SSLAnyConnectVPN general-attributes address-pool VPNPool default-group-policy GroupPolicy_SSLAnyConnectVPN tunnel-group SSLAnyConnectVPN webvpn-attributes group-alias SSLAnyConnectVPN enable ! class-map inspection_default match default-inspection-traffic ! ! policy-map type inspect dns preset_dns_map parameters message-length maximum 512 policy-map global_policy class inspection_default inspect dns preset_dns_map inspect esmtp inspect ftp inspect h323 h225 inspect h323 ras inspect ip-options inspect netbios inspect rsh inspect rtsp inspect sip inspect skinny inspect sqlnet inspect sunrpc inspect tftp inspect xdmcp ! service-policy global_policy global prompt hostname context call-home profile CiscoTAC-1 no active destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address email [email protected] destination transport-method http subscribe-to-alert-group diagnostic subscribe-to-alert-group environment subscribe-to-alert-group inventory periodic monthly subscribe-to-alert-group configuration periodic monthly subscribe-to-alert-group telemetry periodic daily Cryptochecksum:94a65341aa27d3929d5e92a32ba22120 : end

    Read the article

  • Windows 7 VPN Client Default IPsec Configuration?

    - by bwerks
    As far as I can tell, the windows VPN client doesn't provide a lot of flexibility in its IPsec settings. Assuming full configurability on the site end of a client-site VPN configuration, does anyone how to configure the site to match the windows client? Bonus points: how would I discover these settings for myself?

    Read the article

  • Unable to access the WCF service over VPN!

    - by kurozakura
    Heres the scenario, im on a network A, and i use a vpn client to connect network B to access the webservice which can be accessed in network B.Even though im connect to network B , im unable to access the webservice link.Do i need to configure any settings. But if u r originally in network B and even though if u have connected to network A using vpn client, im able to access the webservice link. But the other way isnt working.

    Read the article

  • WSS 3.0 Backup/Restore Root Site Collection to Sub-Site of New Site Collection

    - by bfrancis
    Our intranet was originally setup to be at the root of its site collection. We are trying to change this so that our new internet site will live in the root and the intranet will be a sub-site. At this point I have created a new web application and site collection to house the internet and intranet. I used the 'stsadm -o backup' command to create a backup of our current intranet. I then ran the 'stsadm -o restore' command to restore the intranet site collection to wss/sites/intranet. This seems to have worked as I am able to access the intranet from this location. The issue I now seem to have is that images, sub-sites, etc. are all making reference as if the intranet is still the root site. So for example a link to a sub-site is pointing to wss/department/technology/default.aspx and it needs to point to wss/sites/intranet/department/technology/default.aspx. I am looking for help and/or clarification on two things: 1. Am I approaching the migration of a root site collection to a sub-site the best way? 2. How would I go about updating the link references so that they are based on the intranet now being a sub-site instead of the root site?

    Read the article

  • Site to site VPN using RRAS from an untrusted network?

    - by DrZaiusApeLord
    Our remote office will be moving to a new space where internet will be provided. They'll be behind a router doing NAT (I do not have admin rights to this router). They will be sharing a printer with the other people on the LAN, but will need VPN to our network for email and file shares. I was thinking of just having them run the windows VPN client and connecting via PPTP like they do when they are off-site, but I have read that multiple PPTP connections from the same NAT'd address to the same destination doesn't work well or at all. I am thinking some kind of site-to-site VPN is needed so there is just one tunnel. Can I just put in a VPN gateway, set it to connect to our RRAS/PPTP server, and have them use it as their default gateway? Perhaps even use the local default gateway for internet traffic. If so, what VPN gateway/device is recommended for this? Or other solutions? Thanks.

    Read the article

  • IPSec VPN using ZyWALL IPSec VPN Client: unable to connect from some providers

    - by Reshi
    I'm trying to configure an IPSec VPN to one company from my home. The company has SANET internet service provider. I was able to create a VPN connection from another company that has the same internet service provider. The problem begins when I'm trying to connect from another ISP like Orange or Telekom. Here is the log from ZyWall: 20120816 10:06:18:359 Default (SA Gateway-P1) SEND phase 1 Main Mode [SA] [VID] [VID] [VID] [VID] [VID] 20120816 10:06:18:375 Default (SA Gateway-P1) RECV phase 1 Main Mode [SA] [VID] [VID] [VID] [VID] [VID] [VID] [VID] [VID] 20120816 10:06:18:390 Default (SA Gateway-P1) SEND phase 1 Main Mode [KEY_EXCH] [NONCE] [NAT_D] [NAT_D] 20120816 10:06:18:718 Default (SA Gateway-P1) RECV phase 1 Main Mode [KEY_EXCH] [NONCE] [NAT_D] [NAT_D] 20120816 10:06:18:734 Default (SA Gateway-P1) SEND phase 1 Main Mode [HASH] [ID] 20120816 10:06:18:750 Default (SA Gateway-P1) RECV phase 1 Main Mode [HASH] [ID] 20120816 10:06:18:750 Default phase 1 done: initiator id [email protected], responder id 111.112.113.114 20120816 10:06:18:765 Default (SA Gateway-Tunnel-P2) SEND phase 2 Quick Mode [HASH] [SA] [KEY_EXCH] [NONCE] [ID] [ID] 20120816 10:06:18:953 Default (SA Gateway-Tunnel-P2) RECV phase 2 Quick Mode [HASH] [SA] [KEY_EXCH] [NONCE] [ID] [ID] 20120816 10:06:18:953 Default (SA Gateway-Tunnel-P2) SEND phase 2 Quick Mode [HASH] 20120816 10:06:48:968 Default (SA Gateway-P1) SEND Informational [HASH] [NOTIFY] type DPD_R_U_THERE 20120816 10:06:48:984 Default (SA Gateway-P1) RECV Informational [HASH] [NOTIFY] type DPD_R_U_THERE_ACK ZyWall informs me that the tunnel was opened. But I can't ping or access any computer in the network. My configuration at home: ISP: Orange Optical connection Terminal: GPON OPTICAL NETWORK TERMINAL G-25E Router: TPLink TL-WR941N --> SPI Firewall Enabled --> VPN - IPSEC Passthrough Enabled I was wondering if the problem could not be on ISP side (that he blocks somehow this connection because in SANET ISP it worked fine) or even in my terminal or router. What could I check? Where could be the problem ?

    Read the article

  • Site to Site VPN problem, connection succesful data only oneway?

    - by Charles
    To start things off, I'm not the actual Administrator for the VPN Server, but he is also at a loss so I thought I'd ask it here. I know it's a Cisco ASA Firewall/VPN. I have a router that connects to the Cisco VPN server, it does so succesfully. I can ping everything within the remote network and from the remote network into my own. I've been able to SSH into a remote server over VPN as well, it all seems to work; until there's some more data returned. A quick example would be an internal webserver. The default homepage simply redirects, so only sends back HTTP headers with a "Location:". I receive this on my computer, but when I request the actual page then (which isn't that big) I don't get a response at all - it just stalls. And it does this for other services as well, for example SSH. I can do a couple of things while connected, but if there's more than xx output it seems to do nothing. The connection remains active throughout all of this. Has anyone ever experienced anything like this before / know what the problem might be? Another user who has a site-to-site connection with this VPN using the -exact same setup- has no problems, the only difference is that I have around 200ms ping to the VPN server/network because of a very long distance (other continent).

    Read the article

  • Cannot Import VPN connection

    - by ECII
    Since 12.04 I cannot connect to my VPN. my ovpn file is the following http://email.uoa.gr/help/download/vpn/edunet.ovpn When I try to import the VPN file i get the following error The file 'edunet.ovpn' could not be read or does not contain recognized VPN connection information Error: unknown PPTP file extension. Is there any way arround this error? I have already installed network-manager-openvpn

    Read the article

  • OpenVPN DNS: VPN DNS stomping local VPN

    - by Eddie Parker
    I've finally noodled with OpenVPN enough to get it working. Even better, I can mount samba drives, ping network machines through the TUN device, etc - it's all great. However, I'm noticing that if I use the following directive, then some of the machines that are normally visible by the client, on the client's side (i.e., not through the VPN) get masked with some other server out on the Internet. push "dhcp-option DNS 10.0.1.1" # Push our local DNS to clients Is there any way to avoid this, besides hacking the 'hosts' file on the client machine? Ideally I'd like to only use my VPN's DNS for machines within that domain.

    Read the article

  • Cisco VPN disconnects after 5 seconds with error 422

    - by Marius
    I'm trying to connect to my university's server with VPN using Cisco VPN Client version 5.0.04, but after 5 seconds it disconnects with the error message 422: Lost contact with the secure gateway. Check your connection. From my research on the net it seems this could be because it tries to find my IP, and finds out that this is 127.0.0.1. Then 5 seconds later it discovers that I have a new IP (my actual IP), and it disconnects because I'm not allowed to change IP. Does anyone know how I could fix this, or if there is another reason i get this error? Update I looked through the log, and found this error, which confirms what I thought, except it gets the correct IP first, then changes it to localhost. 87 18:56:53.250 08/24/09 Sev=Warning/3 CM/0xA3100027 Adapter address changed from 149.171.237.25. Current address(es): 127.0.0.1.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >