Search Results

Search found 256 results on 11 pages for 'asa ayers'.

Page 9/11 | < Previous Page | 5 6 7 8 9 10 11  | Next Page >

  • Quand Chrome gagne 40 millions d'utilisateurs, Firefox en gagne 100 millions d'après un cadre de Moz

    Mise à jour du 21/05/10 Quand Chrome gagne 40 millions d'utilisateurs, Firefox en gagne 100 D'après un cadre de Mozilla : qui parle de déclin ? Comme d'habitude avec la Fondation Mozilla, il ne s'agit pas d'une réponse officielle. Mais cela y ressemble furieusement. Sur son blog personnel, Asa Dotzler, directeur du développement de Firefox, vient de comparer les progressions respectives de Chrome et de Firefox sur l'année 2009. Cette mini-étude fait suite aux déclarations de Black Ross, un des créateurs du navigateur, pour qui le Panda Roux est proche du déclin et la Fondation empêtrée dans une culture bureaucratique qu...

    Read the article

  • Mozilla ne veut pas délaisser le monde professionnel, un de ses dirigeants assure que Firefox peut répondre aux besoins des entreprises

    Mozilla ne veut pas délaisser le monde professionnel Un de ses vice-présidents assure que Firefox peut répondre aux besoins des entreprises Mise à jour du 29/06/11 Les récentes affirmation de Asa Dotzler sur les relations entre Mozilla et les entreprises ont fait des remous. En écrivant noir sur blanc (cf. ci-avant) que les professionnels n'étaient pas - et ne devraient pas être - une priorité pour le développement de Firefox, plusieurs entreprises ont fait connaître leurs inquiétudes. Parmi elle, IBM, qui a récemment fait le choix de Firefox comme navigateur pour ses centaines de milliers d'employés. Le coeur du problème vient de l'accé...

    Read the article

  • Tunnel is up but cannot ping directly connected network

    - by drmanalo
    We configured a site-to-site VPN and here is the topology. I control the network on the left but not the one on the right. All devices in our network has public IPs. Server---ASA5505---Cisco887======Internet=====ASA5510---devices I can see the tunnel is up and can do extended ping using a loopback interface. From the 10.175 and 10.165 networks, they can also ping my loopback address. I can also dial in using a Cisco VPN client, and can connect to the devices on the right. #show crypto session Crypto session current status Interface: Vlan3 Profile: xxx-profile Session status: UP-ACTIVE Peer: 213.121.x.x port 500 IKEv1 SA: local 77.245.x.x/500 remote 213.121.x.x/500 Active IPSEC FLOW: permit ip 10.0.20.0/255.255.255.240 10.175.0.0/255.255.128.0 Active SAs: 0, origin: crypto map IPSEC FLOW: permit ip 10.0.20.0/255.255.255.240 10.165.0.0/255.255.192.0 Active SAs: 2, origin: crypto map #ping 10.165.29.39 source loopback 2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.165.29.39, timeout is 2 seconds: Packet sent with a source address of 10.0.20.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms My problem is the devices on the right cannot reach my server. They could only ping the loopback address and nothing else. I'm pasting some diagnostics related to routing thinking perhaps routing is my issue. I can paste all the running-config on my side of network if needed. #show ip int brief Interface IP-Address OK? Method Status Protocol ATM0 unassigned YES NVRAM administratively down down Ethernet0 unassigned YES NVRAM administratively down down FastEthernet0 unassigned YES unset up up connected to ASA FastEthernet1 unassigned YES unset administratively down down FastEthernet2 unassigned YES unset administratively down down FastEthernet3 unassigned YES unset up up Loopback1 10.0.20.65 YES NVRAM up up Loopback2 10.0.20.1 YES NVRAM up up Virtual-Template1 77.245.x.x YES unset up down Virtual-Template2 77.245.x.x YES unset up down Vlan1 unassigned YES unset down down Vlan3 77.245.x.x YES NVRAM up up connected to the Internet #show run | section ip route ip route 0.0.0.0 0.0.0.0 77.245.x.x ip route 213.121.240.36 255.255.255.255 Vlan3 #show access-list Extended IP access list 102 10 permit ip 10.0.20.0 0.0.0.15 10.175.0.0 0.0.127.255 (3332 matches) 20 permit ip 10.0.20.0 0.0.0.15 10.165.0.0 0.0.63.255 (3498 matches) #show vlan-switch VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active 3 VLAN0003 active Fa0, Fa1, Fa2, Fa3 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup #show ip route Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override Gateway of last resort is 77.245.x.x to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 77.245.x.x 10.0.0.0/8 is variably subnetted, 5 subnets, 3 masks C 10.0.20.0/28 is directly connected, Loopback2 L 10.0.20.1/32 is directly connected, Loopback2 C 10.0.20.64/28 is directly connected, Loopback1 L 10.0.20.65/32 is directly connected, Loopback1 S 10.165.0.0/18 [1/0] via 213.121.x.x 77.0.0.0/8 is variably subnetted, 3 subnets, 3 masks S 77.0.0.0/8 [1/0] via 77.245.x.x C 77.245.x.x/29 is directly connected, Vlan3 L 77.245.x.x/32 is directly connected, Vlan3 213.121.x.0/32 is subnetted, 1 subnets S 213.121.x.x is directly connected, Vlan3 I read some of the posts here which lead to NATing issue but I'not sure of my next step. Should I translate my public address to private and route it to the loopback address? (only guessing) CISCO VPN site to site Site-to-Site VPN between two ASA 5505s only working in one direction Hope someone could help. Thanks in advance!

    Read the article

  • Cisco Anyconnect Issue on HTC HD2

    - by Myles
    Hello, We've just got a HTC HD2 handset through (UK - T-mobile); and we've installed the Cisco Anyconnect client. It connects ok but then after a few seconds disconnects, then reconnects. It then keeps cycling through in this way, and at no point can we even attempt to sync Exchange! Our ASA 5510 reports; Group User IP <149.254.217.2 SVC Message: 17/ERROR: Reconnecting to recover from error.. And from the phone log; 10:56:03Debug Function: CSocketTransport::getTransportMTU File: ..\IPC\SocketTransport.cpp Line: 1058 Invoked Function: CNetInterface::GetTcpIpMTU Return Code: -32571377 (0xFE0F000F) Description: NETINTERFACE_ERROR_INTERFACE_NOT_AVAILABLE Does anyone have any advice on why it's constantly disconnecting? The phone log does suggest a lack of service; but the phone can browse the net, make calls, etc and appears to have good signal throughout. We did try the Anyconnect software on a Windows 7 PC which worked fine, no drop outs. Any help would be greatly appreciated! Thank you, Myles

    Read the article

  • 64-bit Cisco VPN client (IPsec) ?

    - by mika
    Cisco VPN client (IPsec) does not support 64bit Windows. Worse, Cisco does not even plan to release a 64-bit version, instead they say that "For x64 (64-bit) Windows support, you must utilize Cisco's next-generation Cisco AnyConnect VPN Client." Cisco VPN Client Introduction Cisco VPN Client FAQ But SSL VPN licences cost extra. For example, most new ASA firewalls come with plenty of IPSec VPN licences but only a few SSL VPN licences. What alternatives do you have for 64-bit Windows? So far, I know two: 32-bit Cisco VPN Client on a virtual machine NCP Secure Entry Client on 64-bit Windows Any other suggestions or experiences? -mika-

    Read the article

  • Best solution for Multi-WAN failover (inside & out)?

    - by Sean O
    Looking for a way to setup 2 ISPs in failover mode, for both incoming & outgoing traffic, for our small (<100 devices) network. The leading contender for now seems to be the Peplink Balance 310. However, a reseller I spoke with said it's great for 100% outgoing connectivity, but didn't seem to be confident in its abilities to handle incoming traffic. This is important as we host our own web site, Exchange e-mail, and virtual desktops (RDP). Do any Peplink owners use this for failover of incoming traffic? Are there other devices I should be considering? We're currently using a Cisco 1800 series router & ASA 5500 series firewall, with Comcast & T-1 lines (the goal being to replace the T with DSL/FiOS {whenever that becomes availble}). Price range: ~$1000 - $2500 USD. Thanks.

    Read the article

  • Experiences with Google TiSP?

    - by Zypher
    i got an email from google a couple of hours ago (around 12AM EST today) that Google's TiSP service is now available in my area. this seems like a great deal compared to my cUrrent 16Mbps cable coNction at work, however i'm a lIttle nervous about the fact that linux support is "Coming soon". i was wOndering if anyone had successfully installed this system and gotten it woRking with their linux infrastructure? I'm assuming that there shouldn't be any issues siNce we have an ASA in front of our internet. TiSP Shouldn't care what is behind that. Any insight would be greatly appreciated!

    Read the article

  • Recurring network issues the same time every day.

    - by Peter Turner
    Something has been happening on my company's network at 9:30 every day. I'm not the sysadmin but he's not a ServerFault guy so I'm not privy to every aspect of the network but I can ask questions if follow up is needed. The symptoms are the following : Sluggish network and download speed (I don't notice it, but others do) 3Com phones start ringing without having people on the other end. We've got the following ports exposed to the public for a web server, a few other ports for communicating with our clients for tech support and a VPN. We've got a Cisco ASA blocking everything else. We've got a smallish network (less than 50 computers/vms on at any time). An Active Directory server and a few VM servers. We host our own mail server too. I'm thinking the problem is internal, but what's a good way to figure out where it's coming from?

    Read the article

  • What are the essential considerations for setting up systems in a location with unreliable power?

    - by dunxd
    I deal with a lot of remote offices located in parts of the world where the local grid power supply is unreliable. Power can go off anytime with no warning, with outages ranging from minutes to days Power fluctuation is wild, with spikes and brown outs Currently the offices will have some or all of the following: A generator, with an inverter, or some sort of manual switch A big UPS or battery array connecting a number of devices Several smaller APC UPS with computers attached Low cost Voltage Regulators sometimes connected between mains and UPS or device. I know that each of these things needs to be appropriately rated for the equipment to which it is connected (although I am not sure how to calculate the correct rating). The offices will generally have the following equipment (in varying quantities): some sort of internet connection device (VSAT router, ADSL modem, WiMax router) Cisco ASA 5505 firewall a bunch of PCs printers one server I don't seek to replace the advice of an electrician, but in some of these locations they only answer the questions you ask them, so I need to make sure I have enough understanding of the essentials to protect equipment from damage, and possibly get through some power cuts.

    Read the article

  • Random TCP Resets

    - by allenwei
    We got randomly TCP "reset" error when we send request to remote server. Log from remote server Cisco TCP Connection Terminated,Nov 05 14:43:39 EST: %ASA-session-6-302014: Teardown TCP connection 640068283 for Outside:xxxx to xxxx duration 0:00:00 bytes 4160 TCP Reset-O One my local machine I saw when I use netstat 100703 connections reset due to unexpected data 324186 connections reset due to early user close I also use tcpdump to see what's wrong with it, I saw xxxx.https: Flags [R.], seq 290, ack 1369, win 136, options [nop,nop,TS val 2871790533 ecr 1897173283], length 0 The problem just happened today, we didn't change anything on our server. Anyone know what's wrong with it? Is it related to code we wrote send out request or related to linux configuration?

    Read the article

  • How to tune Windows 2008r2 and IIS to maximize single file download speeds?

    - by uSlackr
    We recently put up an IIS site (on WinSvr 2008r2) that is used almost exclusively for downloading files over the internet. The data exists as a large collection of .zip files ranging from 1MB - 35GB in size. We want to allow a lot of downloads during a day (more than 500GB) but have implemented an outbound ASA throttle at 60mbps in order to preserve bandwidth for other uses. The total link speed is 100mbps. Here's the interesting part: While we can serve up multiple downloads to hit the 60mbps cap, we cannot get any single download to exceed 2.5M bytes/sec (20 Mbits/s). Is there any TCP or IIS tuning we can do to push up individual download speeds? Or something else to look at?

    Read the article

  • Excluding four IP's from a /32 static route

    - by Justin
    I have a Cisco ASA routing a /32 of public addresses (non RFC-1812) through a private link. When the device sees the destination address it selects the private route instead of going out over the public network. This works great but I am now trying to exclude 4 IP's from the private route. Traffic to these addresses should go over the public internet instead of being routed over the private network. Can I just add anothe route for these four IP's or do I have to modify the existing route for the /32?

    Read the article

  • SMTP 25 blocked externally

    - by Jeff
    not sure how to title this question... we run an exchange server with around 80 internal users, all outgoing mail is relayed off a smart host (ISP smtp server) so nothing is actually sent to the world via our server. i wanted to check the server, locally i can telnet to port 25 with no issues and receive the esmtp service ready reply. whenever i do it from an external address (off our local network) i receive unable to connect error 10060. can this cause problems with SPF records, and reverse DNS ? should my exchange server be able to accept smtp requests, requiring authentication before i am able to send from external addresses? if so how... also the exchange server is behind a NAT (asa) device, more than likely thinking that the nat is not configured to route the smtp 25 request to the exchange server.. thanks

    Read the article

  • Poante cu avocati

    - by interesante
    Avocatul isi intreaba unul din viitorii clienti: - Si aveti banii necesari pentru a va permite sa fiti aparat de mine? - Da, am doua casete cu bijuterii. - Bine, atunci sa vedem...De ce sunteti acuzat? - De furtul celor doua caste cu bijuterii...Relaxeaza-te citind un blog amuzant si haios cu cele mai noi glume si bancuri de tot felul.Intr-un avion, un avocat nimereste langa o blonda super. Bla, bla, tot incerca sa intre in vorba cu ea ... nimic. Blonda se uita pe geam, mai incerca sa doarma ... Avocatul, enervat: - Uite, hai sa jucam un joc ! Eu iti pun tie o intrebare, si daca nu stii imi dai 5$, apoi imi pui tu mie o intrebare, si daca nu stiu iti dau 5 $! Si tot asa ... - Nu, domnule, imi pare rau, sunt obosita. As prefera sa ma odihnesc ... Avocatul, enervandu-se si mai tare: - Bine, uite, jucam alt joc! Eu iti pun tie o intrebare, daca nu stii imi dai 5$; tu imi pui mie o intrebare, si daca nu stiu ... iti dau 500$ ! Blonda accepta, intr-un tarziu. - Care este distanta de la Pamant la Luna ? Blonda deschide geanta si ii da 5$, dupa care il intreaba: - Ce e mic, are 3 picioare si urca dealul ? Avocatul, se gandeste ... scoate laptop-ul, cauta in baza de date ... cauta pe Internet ... trimite mail-uri la toti prietenii ... In sfarsit, dupa o ora, transpirat, ii da blondei 500$. Blonda ii ia, apoi se intoarce si incepe sa se uite plictisita pe geam. Avocatul, isterizat, vrea sa afle raspunsul: - Bine, bine, ce e mic, are trei picioare si urca dealul ? La care, blonda deschide tacticoasa geanta si ii da o hartie de 5$.

    Read the article

  • JQuery dirtyForm not working on text boxes in ajaxToolkit:TabPanel

    - by dustinson
    I'm a newb to jQ so please forgive my ignorance. I'm using Asa Wilson's plugin jquery.dirtyform.js to prompt a user of unsaved changes before they nav away from a page (ASP.Net C# 3.5). It basically loops through all controls and appends a class and handler to each input. Controls w/i an ajaxToolkit:TabPanel are ignored, unfortunately. I'd appreciate if anyone knows of this type of error and how to resolve it short of manually manipulating each control (as I have this logic in the master page). Thank you.

    Read the article

  • how to set the rounded inside corners of a grid in Silverlight 4

    - by Phani Kumar PV
    I need to set the rounded corners inside the grid control using silverlight 4. wehn i tried to do something like this <Border BorderThickness="2" BorderBrush="#FF3EA9F5" Grid.Row="1" CornerRadius="5,5,0,0" Height="10" VerticalAlignment="Bottom"> <Grid x:Name="Phani1" Width="auto"> </Grid> </Border> i am able to see rounded corners outside the gird. but i want to grid to appear asa rectangel from outside border. but inside corners of the grid should appear as rounded. Please let me knowhow to do that if anyone had any idea on that. Thanks in advance.

    Read the article

  • DBD::Advantage and 64-bit Perl - Always 6060

    - by WarheadsSE
    I realize that I am attempting to go beyond the "supported" behavior of the manf's released drivers for perl, after all they have only released it in package with x86 .so's. However, since I cannot use their package with x64 Perl on a RHEL 5.4 x86_64 box, and maintaining a seperate install of x86 perl just for this one package, I have made an attempt to get this puppy working thanks to released 64-bit .so's that accompany other driver packages for Advantage. What I have done to this point: download beta 10 DBI drivers, in 32 download beta 10 PHP extension (it contains 32 and x86_64) copy the required DLLs into the ads-lib location (eg /usr/local/ads/lib64) compile the Perl DBI driver with the path to the lib64's .so's Good compilation, good install, good use. The problem is that I always get : failed: [iAnywhere Solutions][Advantage SQL][ASA] Error 6060: Advantage Database Server not available on specified server. axServerConnect (SQL-HY000)(DBD: db_login/SQLConnect err=-1) Does anyone have any ideas? EDIT: fixed package name in post title

    Read the article

  • Using the AND and NOT Operator in Python

    - by NoahClark
    Here is my custom class that I have that represents a triangle. I'm trying to write code that checks to see if self.a, self.b, and self.c are greater than 0, which would mean that I have Angle, Angle, Angle. Below you will see the code that checks for A and B, however when I use just self.a != 0 then it works fine. I believe I'm not using & correctly. Any ideas? Here is how I am calling it: print myTri.detType() class Triangle: # Angle A To Angle C Connects Side F # Angle C to Angle B Connects Side D # Angle B to Angle A Connects Side E def __init__(self, a, b, c, d, e, f): self.a = a self.b = b self.c = c self.d = d self.e = e self.f = f def detType(self): #Triangle Type AAA if self.a != 0 & self.b != 0: return self.a #If self.a > 10: #return AAA #Triangle Type AAS #elif self.a = 0: #return AAS #Triangle Type ASA #Triangle Type SAS #Triangle Type SSS #else: #return unknown

    Read the article

  • Stored Connection Strings per user

    - by pehaada
    In the past I've used a Singleton Pattern to load the connection string when the application starts via the global.asa file. I have a project now where each user has a unique connection string to the database. I would like to load this connection string once. The issue is that the singleton pattern will not work for me since each user has there own connection string. Basically the connection string is created dynamically. I do not want to store it is session. If anyway has a clever way of doing this in .NET let me know ?

    Read the article

  • How do I get the current Application Name (in terms of IIS) in a classic asp Web application

    - by Mr AH
    I have a classic asp application which retrieves the current application name and sets an Application variable containing that name. This name is important (I wont go into why) and is essentially the friendly name in IIS. The problem is, the implementation used to get this name is flawed, it a) assumes the home directory contains the string wwwroot, and b) assumes the folder name is the same as the application name. I can no longer guarantee these conditions. I would have thought the application name is know at run-time but I can't seem to find it in either Session or Application variables (at application start up entry point in global.asa). Any ideas?

    Read the article

  • ORM Profiler v1.1 has been released!

    - by FransBouma
    We've released ORM Profiler v1.1, which has the following new features: Real time profiling A real time viewer (RTV) has been added, which gives insight in the activity as it is received by the client, in two views: a chronological connection overview and an activity graph overview. This RTV allows the user to directly record to a snapshot using record buttons, pause the view, mark a range to create a snapshot from that range, and view graphs about the # of connection open actions and # of commands per second. The RTV has a 'range' in which it keeps live data and auto-cleans data that's older than this range. Screenshot of the activity graphs part of the real-time viewer: Low-level activity tab A new tab has been added to the Application tabs: the Low-level activity tab. This tab shows the main activity as it has been received over the named pipe. It can help to get insight in the chronological activity without the grouping over connections, so multiple connections at the same time per thread are easier to spot. Clicking a command will sync the rest of the application tabs, clicking a row will show the details below the splitter bar, as it is done with the other application tabs as well. Default application name in interceptor When an empty string or null is passed for application name to the Initialize method of the interceptor, the AppDomain's friendly name is used instead. Copy call stack to clipboard A call stack viewed in a grid in various parts of the UI is now copyable to the clipboard by clicking a button. Enable/Disable interceptor from the config file It's now possible to enable/disable the interceptor Initialization from the application's config file, using: Code: <appSettings> <add key="ORMProfilerEnabled" value="true"/> </appSettings> if value is true, the interceptor's Initialize method will proceed. If the value is false, the interceptor's Initialize method will not proceed and initialization won't be performed, meaning no interception will take place. If the setting is absent, or misconfigured, the Initialize method will proceed as normal and perform the initialization. Stored procedure calls for select databases are now properly displayed as a call For the databases: SQL Server, Oracle, DB2, Sybase ASA, Sybase ASE and Informix a stored procedure call is displayed as an execute/call statement and copy to clipboard works as-is. I'm especially happy with the new real-time profiling feature in ORM Profiler, which is the flagship feature for this release: it offers a completely new way to use the profiler, namely directly during debugging: you can immediately see what's going on without the necessity of a snapshot. The activity graph feature combined with the auto-cleanup of older data, allows you to keep the profiler open for a long period of time and see any spike of activity on the profiled application.

    Read the article

  • ignoring informational payload, type INVALID_COOKIE msgid=00000000

    - by user197279
    I'm configuring a site-to-site vpn between openswan ipsec and cisco asa 5540. After the step, i started ipesc service but the error i'm seeing is: ignoring informational payload, type INVALID_COOKIE msgid=00000000 Nov 5 09:42:30 pluto[11712]: "myVPN" #1: received and ignored informational message Nov 5 09:42:51 pluto[11712]: "myVPN" #1: ignoring informational payload, type INVALID_COOKIE msgid=00000000 Nov 5 09:42:51 pluto[11712]: "myVPN" #1: received and ignored informational message Nov 5 09:43:30 pluto[11712]: "myVPN" #1: max number of retransmissions (2) reached STATE_MAIN_I2 Nov 5 09:43:30 pluto[11712]: "myVPN" #1: starting keying attempt 2 of at most 3 Any advise why I'm getting this error on openswan? Also sudo ipsec whack --status gives: "myVPN": 10.0.xx.0/24===10.0.7x.x[54.209.y.yyy,+S=C]---10.0.xx.x...10.0.70.x---41.22x.4.xx<41.22x.4.xx[+S=C]===41.22y.4.yyy/32; unrouted; eroute owner: #0 000 "myVPN": myip=54.209.zz.zz; hisip=unset; 000 "myVPN": ike_life: 86400s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 3 000 "myVPN": policy: PSK+ENCRYPT+TUNNEL+DONTREKEY+UP+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD; prio: 24,32; interface: eth0; 000 "myVPN": newest ISAKMP SA: #0; newest IPsec SA: #0; 000 "myVPN": IKE algorithms wanted: AES_CBC(7)_256-SHA1(2)_000-MODP1024(2); flags=-strict 000 "myVPN": IKE algorithms found: AES_CBC(7)_256-SHA1(2)_160-MODP1024(2) 000 "myVPN": ESP algorithms wanted: AES(12)_256-SHA1(2)_000; flags=-strict 000 "myVPN": ESP algorithms loaded: AES(12)_256-SHA1(2)_160 000 000 #5: "myVPN":500 STATE_MAIN_I2 (sent MI2, expecting MR2); EVENT_RETRANSMIT in 8s; nodpd; idle; import:admin initiate 000 #5: pending Phase 2 for "myVPN" replacing #0 Thanks.

    Read the article

  • Cisco AnyConnect on IOS 12.4(20)T

    - by natacado
    There are plenty of tutorials on setting up AnyConnect on an ASA unit, and a handful of links noting that IOS 12.4(15) and later support AnyConnect, but I can't seem to find any good documentation about how to setup AnyConnect on IOS; most tutorials assume you only want a clientless VPN on IOS. the best I've found is this document on Cisco's site, but it's not working for me in practice - see below. This is all on a Cisco 881W: router#show version | include Version Cisco IOS Software, C880 Software (C880DATA-UNIVERSALK9-M), Version 12.4(20)T1, RELEASE SOFTWARE (fc3) ROM: System Bootstrap, Version 12.4(15r)XZ2, RELEASE SOFTWARE (fc1) The old SSL VPN Client seems to install just fine: router#show webvpn install status svc SSLVPN Package SSL-VPN-Client version installed: CISCO STC win2k+ 1.0.0 1,1,4,176 Thu 08/16/2007 12:37:00.43 However, when I install the AnyConnect client, after authenticating it hangs for a while during the self-update process, and stops with an error that the "AnyConnect package unavailable or corrupted." When I try to install the AnyConnect package on the router, I'm told that it's an invalid archive: router(config)#webvpn install svc flash:/webvpn/anyconnect-win-2.3.2016-k9.pkg SSLVPN Package SSL-VPN-Client (seq:2): installed Error: Invalid Archive Does anyone have a good sample on how to get the 2.x AnyConnect clients working with a Cisco device running IOS?

    Read the article

  • Ipsec config problem // openswan

    - by user90696
    I try to configure Ipsec on server with openswan as client. But receive error - possible, it's auth error. What I wrote wrong in config ? Thank you for answers. #1: STATE_MAIN_I2: sent MI2, expecting MR2 003 "f-net" #1: received Vendor ID payload [Cisco-Unity] 003 "f-net" #1: received Vendor ID payload [Dead Peer Detection] 003 "f-net" #1: ignoring unknown Vendor ID payload [ca917959574c7d5aed4222a9df367018] 003 "f-net" #1: received Vendor ID payload [XAUTH] 108 "f-net" #1: STATE_MAIN_I3: sent MI3, expecting MR3 003 "f-net" #1: discarding duplicate packet; already STATE_MAIN_I3 010 "f-net" #1: STATE_MAIN_I3: retransmission; will wait 20s for response 003 "f-net" #1: discarding duplicate packet; already STATE_MAIN_I3 003 "f-net" #1: discarding duplicate packet; already STATE_MAIN_I3 003 "f-net" #1: discarding duplicate packet; already STATE_MAIN_I3 010 "f-net" #1: STATE_MAIN_I3: retransmission; will wait 40s for response 031 "f-net" #1: max number of retransmissions (2) reached STATE_MAIN_I3. Possible authentication failure: no acceptable response to our first encrypted message 000 "f-net" #1: starting keying attempt 2 of at most 3, but releasing whack other side - Cisco ASA. parameters for my connection on our Linux server : VPN Gateway 8.*.*.* (Cisco ) Phase 1 Exchange Type Main Mode Identification Type IP Address Local ID 4.*.*.* (our Linux server IP) Remote ID 8.*.*.* (VPN server IP) Authentication PSK Pre Shared Key Diffie-Hellman Key Group DH 5 (1536 bit) or DH 2 (1024 bit) Encryption Algorithm AES 256 HMAC Function SHA-1 Lifetime 86.400 seconds / no volume limit Phase 2 Security Protocol ESP Connection Mode Tunnel Encryption Algorithm AES 256 HMAC Function SHA-1 Lifetime 3600 seconds / 4.608.000 kilobytes DPD / IKE Keepalive 15 seconds PFS off Remote Network 192.168.100.0/24 Local Network 1 10.0.0.0/16 ............... Local Network 5 current openswan config : # config setup klipsdebug=all plutodebug="control parsing" protostack=netkey nat_traversal=no virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12 oe=off nhelpers=0 conn f-net type=tunnel keyexchange=ike authby=secret auth=esp esp=aes256-sha1 keyingtries=3 pfs=no aggrmode=no keylife=3600s ike=aes256-sha1-modp1024 # left=4.*.*.* leftsubnet=10.0.0.0/16 leftid=4.*.*.* leftnexthop=%defaultroute right=8.*.*.* rightsubnet=192.168.100.0/24 rightid=8.*.*.* rightnexthop=%defaultroute auto=add

    Read the article

  • Openconnect for Cisco VPN doesn't recognize private key file - asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag

    - by Alexander Skwar
    I'm trying to use my Synology DS212 NAS box also act as VPN gateway to my companies VPN. Sadly, they only use Cisco ASA and to complicate stuff even further, we've got to use personal certificates (which is of course more secure, but more complicate to get going…). So I compiled OpenConnect v4.06 from http://www.infradead.org/openconnect/. As a very basic test, I tried to build a connection by manually invoking openconnect, passing along the key and cert files, like so: /lib/ld-linux.so.3 --library-path /opt/lib \ /opt/openconnect/sbin/openconnect \ --certificate=$VPN_CFG/alexander.crt \ --sslkey=$VPN_CFG/alexander.key \ --cafile=$VPN_CFG/Company_VPN_CA.crt \ --user=alexander --verbose <ip>:443 It fails :( Attempting to connect to <ip>:443 Using certificate file $VPN_CFG/alexander.crt Using client certificate '/[email protected]/OU=Company VPN' 5919:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1315: Loading private key failed (see above errors) Loading certificate failed. Aborting. Failed to open HTTPS connection to <ip> Failed to obtain WebVPN cookie When I run the same command with the same cert/key files on a Ubuntu 12.04 box, it works: openconnect \ --certificate=$VPN_CFG/alexander.crt \ --sslkey=$VPN_CFG/alexander.key \ --cafile=$VPN_CFG/Company_VPN_CA.crt \ --user=alexander --verbose <ip>:443 Attempting to connect to <ip>:443 Using certificate file $VPN_CFG/alexander.crt Extra cert from cafile: '/CN=Company AG VPN CA/O=Company AG/L=Zurich/ST=ZH/C=CH' SSL negotiation with <ip> Server certificate verify failed: self signed certificate Certificate from VPN server "<ip>" failed verification. Reason: self signed certificate Enter 'yes' to accept, 'no' to abort; anything else to view: yes Connected to HTTPS on <ip> GET https://<ip>/ […] Well… The error on the NAS is this: 5919:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1315: Any ideas, what's causing this? On Syno, I use OpenConnect 4.06. On Ubuntu, I just compiled and installed to a custom location OpenConnect 4.06 as well. Thanks, Alexander

    Read the article

< Previous Page | 5 6 7 8 9 10 11  | Next Page >