2 networks ( VPN and local)

Similar Messages

• RMAN backup to network share and local at the same time ?

  Hi all,
  is it possible to force rman to backup database into two different locations ? one location would be network drive, another local directory.
  I was trying to do it with this script:
  run
  allocate channel c1 type disk format '\\10.236.196.247\BACKUP\%U' maxpiecesize 2g;
  allocate channel c2 type disk format 'F:\data\flashback\db_recovery_area/%U' MAXPIECESIZE 2g;
  backup database;
  backup current controlfile;
  release channel c1;
  release channel c2;
  what I get is my backup is split between these two locations... unable to recover database from one of them.

  Hi,
  You can check the documentation: Multiple Copies of RMAN Backups ;-)
  When backing up datafiles, archived redo log files, server parameter files and control files into backup pieces, RMAN can duplex the backup set, producing up to four identical copies of each backup piece in the backup set on different backup destinations with one BACKUP command. (Note that duplexing is not supported for backup operations that produce image copies.)
  There are three ways to specify duplexing of backup sets when using the BACKUP command:
  Specify a default level of duplexing with CONFIGURE... BACKUP COPIESAll backup commands that back up data into backup sets will be affected if you use this option, unless you specify different duplexing options for a command using SET BACKUP COPIES or provide a COPIES option for the BACKUP command.
  Use SET BACKUP COPIES in a RUN block All commands in the RUN block will be affected, overriding any CONFIGURE... BACKUPCOPIES setting, except those where you provide a COPIES option as part of the BACKUP command.
  Provide a COPIES option to the BACKUP command For this specific BACKUP command, files will be duplexed to produce the number of copies you specify.
  Cheers
  Legatti

• Check Point VPN and local wireless network

  I need to use Check Point VPN to access a client's remote network. Now I cannot access my wireless printer or AirPort base station, even when I have disconnected and shutdown the Check Point client. I have removed the Check Point startup items from LaunchAgents and LaunchDaemons in order to restart without Check Point loading at start up.
  When I start in Safe Boot I can access the printer, but not with a normal start up. How can I find the other startup items that are interfering with my local wireless network?
  Am running Mountain Lion.

  Thanks for the reply.
  I found an installer in the Library as suggested.
  The installer did not install successfully.
  I trashed the installer, repaired permissions, downloaded the software again and was able to install successfully.
  I will not be able to test the connection until I am off the network but I am better off.

• Access AFP, email, Remote Desktop via VPN and local network but NOT web

  How can I do this? Right now I can set up all these services where I can access them via VPN only, but not on the local network or via the web. If I want to access them via the local network I have to open up the ports in the firewall, however this opens up access via the web (not requiring VPN) which I do NOT want. How do I remedy this?

  How can I do this? Right now I can set up all these services where I can access them via VPN only, but not on the local network or via the web. If I want to access them via the local network I have to open up the ports in the firewall, however this opens up access via the web (not requiring VPN) which I do NOT want. How do I remedy this?

• I have a macbook pro. i have a photosmart 7510. we just bought a new windows tower and the printer works wireless for us, but now the mac does not print anymore wirelessly. i keep getting a message Network host 'HPE93F2A.local.' is busy. what can i do to

  I have a macbook pro. i have a photosmart 7510. we just bought a new windows tower and the printer works wireless for us, but now the mac does not print anymore wirelessly. i keep getting a message Network host 'HPE93F2A.local.' is busy. what can i do to

  it is a windows 8

• Transparent Tunneling and Local Lan Access via VPN Client

  Remote users using Cisco VPN 4.2 connect successfully to a Cisco Pix 515 (ver. 6.3). The client is configured to allow Transparent Tunneling and Local Lan access, but once connected to the Pix, these two options are disabled. What configuration changes are required on the Pix to enable these options? Any assistance will be greatly appreciated.
  Mike Bowyer

  Hi Mike,
  "Transparent Tunneling" and "Local Lan Access" are two different things. "Transparent Tunneling" is dealing with establishing an IPSec Tunnel even if a NAT device is between your client and the VPN-Headend-Device. "Local LAN Access" is dealing with access to devices in the LAN your VPN-Client-Device is connected to.
  What do you mean exactly with "disabled once the connection is made" ?
  You can check the local LAN Access by having a look at the Route-Table of the VPN-Client:
  Right Click the yellow VPN-lock Icon in System-Tray while the VPN-Connection is active and select "Statistics ...". Have a look at the second register page "route details".
  Are any local LAN routes displayed when your are connected ?
  And - always remember two important restrictions the Online Help of the VPN-Client is mentioning:
  1: This feature works only on one NIC card, the same NIC card as the tunnel.
  2: While connected, you cannot print or browse the local LAN by name; when disconnected, you can print and browse by name.
  Carsten
  PS: Removing Split Tunnel won't enable local LAN access as all traffic would be sent into the IPSec tunnel.

• AirPort Extreme 802.11n as a wireless router and local network switch?

  Good afternoon,
  I'm curious if its possible to have the APE in wireless network mode and connect systems via hard line as well?
  I have an AirPort Extreme 802.11n set to "Create a Wireless Network" mode that is attached directly to a cable modem for internet connectevity. My issue is that while all wireless devices (several iPods, two iPhones and three laptop computers) connect to the APE without issue (and have internet access), when I try to plug in a Windows 7 desktop computer via one of the ethernet jacks, Windows is unable to connect and shows the network as "unidentified," spitting back a private IP address as opposed to a local LAN (this behavior repeats for an Ubuntu Linux box as well).
  Not sure if the APE is misconfigured, this is a Windows 7 issue or if its improper use on my part (though this also precludes me from connecting a gigabit switch to the APE).
  Thank you,
  Nathan

  Properly configured, the AirPort should provide both wired and wireless network client with Internet access.
  At this point, I would recommend that you do the following as a minimum:
  Power-down the modem, AirPort base station, and computer(s).
  Power-up the modem; wait at least 10-15 minutes to allow it adequate time to initialize.
  Power-up the AirPort base station; wait at least 5-10 minutes. Note: The AirPort's status light may continue to flash amber after it has intialized. That is because, there may be some additional configuration items necessary, like setting up wireless security, before the overall setup is completed to get a green status.
  Power-up your computer(s).
  If the above steps do not solve the problem, start over with step 1 above, but then perform the next steps between steps 1 & 2. above.
  Disconnect the AirPort base station from the Internet broadband modem.
  While all of the devices are powered-down, perform a "factory default" reset on the base station. This will get it back to its "out-of-the-box" configuration and make setting it up much easier, especially if you use the "Assist me" process within the AirPort Utility. (ref: Resetting an AirPort Base Station or Time Capsule)
  After the base station resets, go ahead and power it back down.
  Reconnect the AirPort base station to the Internet broadband modem. For the Extreme and Time Capsule, be sure to connect the cable to the base station's WAN (circle-of-dots) port.
  Continue with step 2 in the first set of steps.
  In this basic configuration, the AirPort base station will broadcast an unsecured wireless network with a Network Name (SSID) of Apple Network NNNNNN. Network clients, connected to the base station either by wire or wireless, should now be able to access the Internet through the ISP's modem. Once Internet connectivity has been verified, you can use the AirPort Utility to configure the base station for wireless security and any other desired options. Please post back your results.

• I have 2 lan connections, 1 connect to local network server and other to internet, how do i configure firefox to open website on my local network connection and internet also

  ''locking as a duplicate - https://support.mozilla.com/en-US/questions/812283''
  I have 2 local area connections in my computer, one connects to local office network server and another to the internet. when i use firefox i want to configure it to use it to connect to my local office network server website which has address as http://199.123.9.1 and also internet web address simultaneously,

  I found the solution, myself, you need to go to network settings and then select manual proxy setting and provide the ip address of the internet server . that's all
  "it is not OS setting up problem, around DNS and routing Problems." as stated by you,
  anyway thanks.

• "The file [name of file] may have been changed by another user since you last saved it." Issue affects both network and local files.

  When a certain user saves a file in Excel 2010, she gets a message: "The file <name of file> may have been changed by another user since you last saved it."  She can choose to save as another file or overwrite with her changes. 
  This just started happening a week or so ago.  She was concerned that someone else was accessing her files, but we did several tests that opened, made a change and saved in a matter of seconds, and she still gets the message.  It happens on
  most files, but not all – both network and local.
  We already tried the QFE_Saskatchewan registry fix.  I also checked the file server for Services for Macintosh.

  You may be confused by the error in Excel saying “another user”. Actually Excel cannot tell who (the real human) is editing the file. Based on my research the No.1 possibility of the error is KB2626998.
  2626998  Connection to a network document is lost in the 2007 Office system or in Office 2010 after the computer resumes from standby
  http://support.microsoft.com/kb/2626998
  For Excel 2010, follow these steps:
  a.  Click Start , click Run , type regedit in the Open box, and then click OK .
  b.  Locate and then select the following registry subkey: HKEY_CURRENT_USER\Software\Microsoft\Office\14.0\Excel\Options
  c.  On the Edit menu, point to New , and then click Dword Value .
  d.  Type NetworkAvailableTimeInSeconds , and then press Enter.
  e.  Right-click NetworkAvailableTimeInSeconds , and then click Modify .
  f.  In the Value data box, click Decimal , type a number value, and then click OK .
  Note This registry subkey sets the time, in seconds, that Excel waits for the network to resume. For example, if you type 15 for the number value, Excel waits 15 seconds for the network to resume. You might have to do some tests in your own environment to
  determine an appropriate value. You may have to try multiple numbers.
  g.  Locate and then select the following registry subkey.
  HKEY_CURRENT_USER\Software\Microsoft\office\14.0\common\Internet
  h.  Repeat step 2C through step 2F again. Reuse the same value that you used previously.
  i.  Exit Registry Editor.
  Feel free to post back. Thanks.
  Cheers,
  Tony Chen
  Forum Support
  Come back and mark the replies as answers if they help and unmark them if they provide no help.
  If you have any feedback on our support, please contact
  [email protected]

• AD and Local Network accounts take three attempts to log in successfully

  Our lab's Mac Mini server is running a patched-up 10.9 + OS X Server (though this problem has persisted since 10.7)
  Our server is 'local' to our laboratory and serves 4-5 machines, 10-15 people.
  The server (and the connected machines) are bound to the college's Active Directory server.
  We have a 'Local Network' group  (called FlipLab) on the Server that contains laboratory members from the AD server.
  The lab client machines are set to only allow network logins from that group. We also have an occasional 'visiting' scholar who doesn't have a college-wide AD account, so we set them up as a 'Local Network' user and add them to the FlipLab group so they too can log in to the lab's machines.
  About 75% of the time, a user logging into a lab machine take three attempts to get logged in successfully. We've noticed that they don't need to re-type the password or username each time, just once and hit 'enter/return' three times in the password field. It never takes two tries- only either one (very rarely, usually after successfully logging in earlier in the day) and more commonly three tries.
  This doesn't seem to happen with file sharing (though I think one of the guys has noticed an occasional problem logging in to a SMB share from a Boot Camp'd machine). It isn't a problem w/ Time Machine backups either. BUT We recently noticed that even the 'Local Network' users (e.g. belong to the FlipLab group but don't have AD credentials) occasionally have this problem. Hitting 'return' three times in the password field gets you logged in though in any case (well, assuming you have your password correct).
  I've tried moving around the directory search order on the client machines, but not in a systematic-enough way.
  Since we can get logged in this isn't the worst problem ever. But I'd like to be able to figure out what is going on - and maybe learn something about configuring it in the process.

  Thanks- good observation.
  Unusual, perhaps, but it is what we need in our setting. And- allegedly this is supported / encouraged based on my understanding of the OS X Server docs. I don't have any control over the AD server (since it's in the university-level IT management's hands) but I -do-, of course, have control over my own server. So I just want to use their authentication (and save my students / lab folk the trouble of having multiple logins, etc).
  You make a good point / observation / point-of-debuggery. Indeed, if I set the client machines to use -only- the main campus AD server (and thus allow logins from everyone on campus) it works first time. So it is some interesting interaction betwixt the Mac OS Server and the client methinks. In fact, across campus, all the 'public' machines are simply bound to the AD server and you can just log in that way.

• Can I connect to my microsoft network via VPN and download network files?

  Can I connect to my microsoft network via VPN and download network files to my iPad2?  If so, what app is required?

  There are several apps available from App Store but the one I use is iTeleport.
  Oops the Windows specific version is called Jaadu Remote Desktop for Windows
  Message was edited by: Joe Bailey to add Windows version

• Connect to workplace network - Using VPN and having trouble mapping to path

  I need to connect to a couple of drives on my workplace. I work remotely. I was able to create a VPN connection (via System Preferences > Network) with the info they provided. I connect and it shows the connection as being successful.
  However, I haven't been able to connect to a couple of directories. The paths they provided look something like this:
  \\ServerName\DirectoryName
  \\ServerName\users\UserName
  I tried the Go > Connect to server and typed it like this:
  smb://servername/directoryname
  But I haven't been able to connect. I get an error window that says:
  Connection Failed.
  The server may not exist or it is not operational at this time. Check the server name or IP address and your network connection and try again.
  What am I doing wrong?

  This is a very strange one, I had same issues and was able to fix it. Let’s see if the fix works for you.
  If SMB enabled on your Server.
  What I did was to change connection to smb://Server IP/ShareName
  Then connect and it all worked fine. The next time I connected to the Server I just connected the normal way i.e. just ServerName and ShareName using AFP and it all works fine now.
  See if this helps you.

• VPN and Internet Connection Sharing? (bridging remote networks)

  I'd like to try an experiment and some advice from this list will be useful.
  +Summary: Can a Mac with two interfaces activate VPN and Internet sharing simultaneously to bridge two remote networks?+
  I've created a PPTP VPN server on our XServe at work and opened the appropriate ports on our firewall. This and a second location are linked with standard (but fast) ADSL broadband. I can log in from both Mac and Windows VPN clients at an external location and indeed the experience is just like being at work- printers, file servers and other resources (eg networked Filemaker databases) are all visible. Yay.
  Question: Is it possible to extend this concept further by logging onto our VPN with once interface (eg Airport) +and then+ enabling Internet Sharing through the second interface (eg Ethernet)? Will this allow a small network connected through the second interface to all behave as though they are on the work network, with transparent access to fileservers, printers and so on, without each bothering individually with VPNs and so on? I suspect there are physical boxes that will do this, but it would be wonderful to know if I can get a Mac with two NICs to do the same job, acting as a router between the two networks. Are there any limitations to this? I am happy to tweak under the hood if need be. I just need to know if this is possible, even in theory, and what the limitations might be.
  Thanks.

  Hey Nathan...
  My VPN is down at the moment, but I think your going to have to manually configure all of the "clients" who are sharing the VPN to an IP range that your office uses. When you connect to your VPN, check your network prefs, and you'll see the IP addresses assigned to your VPN are similar to your network at the office. So, in a way, your sharing computer has 2 IP addresses... one from your modem or router at home, and one from the VPN server at the office. It's this 2nd IP address that allows you to appear to be on the network at the office.
  So, if you can find a way to set up your shared clients the same way.... it might work. It will also be VERY helpful if your IP range at home is different from the IP range at the office....192.168... for one...and 10.0.0 for the other. (Whether traffic will pass thru your "sharing server" is a different matter altogether.)
  Now, and I'm really guessing here.. if this works at all... you may be only able to access stuff from the office on your "shared clients" (ie no internet).... the way around that is to set up your VPN to allow VPN clients to pull stuff from the internet from the office thu the VPN... and for the life of me don't remember how that is done. But it will most likely be a bit slow.
  I'd start with the basics... setup one client with a manual IP address/router/dns servers, and try to ping a computer at the office. If this works... at least part of your problem is solved.
  With all that said... it may not work at all. Good Luck!

• IpSec VPN and NAT don't work togheter on HP MSR 20 20

  Hi People,
  I'm getting several issues, let me explain:
  I have a Router HP MSR with 2 ethernet interfaces, Eth 0/0 - WAN (186.177.159.98) and Eth 0/1 LAN (192.168.100.0 /24). I have configured a VPN site to site thru the internet, and it works really well. The other site has the subnet 10.10.10.0 and i can reache the network thru the VPN Ipsec. The issue is that the network 192.168.100.0 /24 needs to reach internet with the same public address, so I have set a basic NT configuration, when I put the nat configuration into Eth 0/0 all network 192.168.100.0 can go to internet, but the VPN goes down, when I remove the NAT from Eth 0/0 the VPN goes Up, but the network 192.168.100.0 Can't go to internet.
  I'm missing something but i don't know what it is !!!!, See below the configuration.
  Can anyone help me qith that, I need to send te traffic with target 10.10.10.0 thru the VPN, and all other traffic to internet, Basically I need that NAT and VPN work fine at same time.
  Note: I just have only One public Ip address.
  version 5.20, Release 2207P41, Standard
  sysname HP
  nat address-group 1 186.177.159.93 186.177.159.93
  domain default enable system
  dns proxy enable
  telnet server enable
  dar p2p signature-file cfa0:/p2p_default.mtd
  port-security enable
  acl number 2001
  rule 0 permit source 192.168.100.0 0.0.0.255
  rule 5 deny
  acl number 3000
  rule 0 permit ip source 192.168.100.0 0.0.0.255 destination 10.10.10.0 0.0.0.255
  vlan 1
  domain system
  access-limit disable
  state active
  idle-cut disable
  self-service-url disable
  ike proposal 1
  encryption-algorithm 3des-cbc
  dh group2
  ike proposal 10
  encryption-algorithm 3des-cbc
  dh group2
  ike peer vpn-test
  proposal 1
  pre-shared-key cipher wrWR2LZofLx6g26QyYjqBQ==
  remote-address <Public Ip from VPN Peer>
  local-address 186.177.159.93
  nat traversal
  ipsec proposal vpn-test
  esp authentication-algorithm sha1
  esp encryption-algorithm 3des
  ipsec policy vpntest 30 isakmp
  connection-name vpntest.30
  security acl 3000
  pfs dh-group2
  ike-peer vpn-test
  proposal vpn-test
  dhcp server ip-pool vlan1 extended
  network mask 255.255.255.0
  user-group system
  group-attribute allow-guest
  local-user admin
  password cipher .]@USE=B,53Q=^Q`MAF4<1!!
  authorization-attribute level 3
  service-type telnet
  service-type web
  cwmp
  undo cwmp enable
  interface Aux0
  async mode flow
  link-protocol ppp
  interface Cellular0/0
  async mode protocol
  link-protocol ppp
  interface Ethernet0/0
  port link-mode route
  nat outbound 2001 address-group 1
  nat server 1 protocol tcp global current-interface 3389 inside 192.168.100.20 3389
  ip address dhcp-alloc
  ipsec policy vpntest
  interface Ethernet0/1
  port link-mode route
  ip address 192.168.100.1 255.255.255.0
  interface NULL0
  interface Vlan-interface1
  undo dhcp select server global-pool
  dhcp server apply ip-pool vlan1

  ewaller wrote:
  What is under the switches tab?
  Oh -- By the way, that picture is over the size limit defined in the forum rules in tems of pixels, but the file size is okay.  I'll let it slide.  Watch the bumping as well.
  If you want to post the switches tab, upload it to someplace like http://img3.imageshack.us/, copy the thumbnail (which has the link to the original)  back here, and you are golden.
  I had a bear of a time getting the microphone working on my HP DV4, but it does work.  I'll look at the set up when I get home tonight [USA-PDT].
  Sorry for the picture and the "bumping"... I have asked in irc in arch and alsa channels and no luck yet... one guy from alsa said I had to wait for the alsa-driver-1.0.24 package (currently I have alsa-driver-1.0.23) but it is weird because the microphone worked some months ago...
  So here is what it is under the switches tab

• Clientless SSL VPN and ActiveX question

  Hey All,
  First post for me here, so be gentle.  I'll try to be as detailed as possible.
  With the vast majority of my customers, I am able to configure an IPSEC L2L VPN, and narrow the traffic down to a very minimal set of ports.  However, I have a customer that does not want to allow a L2L VPN tunnel between their remote site, and their NOC center.  I thought this might be a good opportunity to get a clientless (they don't want to have to launch and log into a separate client) SSL VPN session setup.  Ultimately, this will be 8 individual sites, so setting up SSL VPN's at each site would be cost prohibitive from a licensing perspective.  My focus has been on using my 5510 (v8.2(5)) at my corp site as the centralized portal entrance, and creating bookmarks to each of the other respective sites, since I already have existing IPSEC VPN's via ASA5505, (same rev as the 5510 )setup with each of the sites.
  First issue I've run into is that I can only access bookmarks that point to the external address for the remote web-server (the site has a static entry mapping an external address to the internal address of the web server).  I am unable to browse (via bookmark) to the internal address of the remote web server.  Through my browser at the office, I can access the internal address fine, just not through the SSL VPN portal.  I am testing this external connectivity using a cell card to be able to simulate outside access.  Is accessing the external IP address by design, or do I have something hosed?
  Second issue I face is when I access the external address through the bookmark, I am ultimately able to log onto my remote website, and do normal browsing and javascript-type functions.  I am not able to use controls that require my company's ActiveX controls (video, primarily).  I did enable ActiveX relay, and that did allow the browser to start prompting me to install the controls as expected, but that still didn't allow the video stream through.  The stream only runs at about 5 fps, so it's not an intense stream.
  I have researched hairpinning for this situation, and "believe" that I have the NAT properly defined - even going as far as doing an ANY ANY, just for testing purposes to no avail.  I do see a decent number of "no translates" from a show nat:
    match ip inside any outside any
      NAT exempt
      translate_hits = 8915, untranslate_hits = 6574
  access-list nonat extended permit ip any any log notifications
  access-list nonat extended permit ip 192.168.17.0 255.255.255.0 192.168.2.0 255.255.255.0
  access-list nonat extended permit ip 192.168.16.32 255.255.255.224 192.168.2.0 255.255.255.0
  access-list nonat extended permit ip 192.168.17.0 255.255.255.0 192.168.16.32 255.255.255.224
  access-list nonat extended permit ip 192.168.16.32 255.255.255.224 192.168.17.0 255.255.255.0
  access-list nonat extended permit ip 192.168.17.0 255.255.255.0 172.16.250.0 255.255.255.0
  access-list nonat extended permit ip 192.168.16.32 255.255.255.224 172.16.250.0 255.255.255.0
  access-list nonat extended permit ip 192.168.16.32 255.255.255.224 172.16.254.0 255.255.255.0
  access-list nonat extended permit ip 192.168.17.0 255.255.255.0 172.16.254.0 255.255.255.0
  access-list nonat extended permit ip 192.168.17.0 255.255.255.0 host A-172.16.9.34
  access-list nonat extended permit ip 192.168.18.0 255.255.255.0 192.168.2.0 255.255.255.0
  access-list nonat extended permit ip 192.168.18.0 255.255.255.0 192.168.16.32 255.255.255.224
  access-list nonat extended permit ip 192.168.18.0 255.255.255.0 192.168.17.0 255.255.255.0
  access-list nonat extended permit ip 192.168.18.0 255.255.255.0 172.16.250.0 255.255.255.0
  access-list nonat extended permit ip 192.168.18.0 255.255.255.0 172.16.254.0 255.255.255.0
  access-list nonat extended permit ip 192.168.18.0 255.255.255.0 host A-172.16.9.34
  access-list nonat extended permit ip 192.168.17.0 255.255.255.0 192.168.18.0 255.255.255.0
  access-list nonat extended permit ip 192.168.16.32 255.255.255.224 192.168.18.0 255.255.255.0
  access-list nonat extended permit ip 192.168.16.32 255.255.255.224 host 172.16.62.57
  access-list nonat extended permit ip 192.168.17.0 255.255.255.0 host 172.16.62.57
  access-list nonat extended permit ip 192.168.18.0 255.255.255.0 host 172.16.62.57
  access-list nonat extended permit ip 192.168.17.0 255.255.255.0 172.16.8.0 255.255.254.0
  access-list nonat extended permit ip 192.168.16.32 255.255.255.224 172.16.8.0 255.255.254.0
  access-list D_Traffic extended permit ip 192.168.16.32 255.255.255.224 192.168.2.0 255.255.255.0
  access-list D_Traffic extended permit ip 192.168.16.32 255.255.255.224 192.168.17.0 255.255.255.0
  access-list D_Traffic extended permit ip 192.168.16.32 255.255.255.224 192.168.18.0 255.255.255.0
  access-list D_Traffic extended permit ip 192.168.16.32 255.255.255.224 172.16.250.0 255.255.255.0
  access-list D_Traffic extended permit ip 192.168.17.0 255.255.255.0 192.168.2.0 255.255.255.0
  access-list D_Traffic extended permit ip 192.168.17.0 255.255.255.0 192.168.16.32 255.255.255.224
  access-list D_Traffic extended permit ip 192.168.17.0 255.255.255.0 192.168.18.0 255.255.255.0
  access-list D_Traffic extended permit ip 192.168.18.0 255.255.255.0 192.168.2.0 255.255.255.0
  access-list D_Traffic extended permit ip 192.168.18.0 255.255.255.0 192.168.16.32 255.255.255.224
  access-list D_Traffic extended permit ip 192.168.18.0 255.255.255.0 192.168.17.0 255.255.255.0
  access-list D_Traffic extended permit ip 192.168.18.0 255.255.255.0 172.16.250.0 255.255.255.0
  access-list D_Traffic extended permit ip 192.168.17.0 255.255.255.0 172.16.250.0 255.255.255.0
  access-list outside_1_cryptomap extended permit ip 192.168.16.32 255.255.255.224 host A-172.16.9.34
  access-list outside_1_cryptomap extended permit ip 192.168.17.0 255.255.255.0 host A-172.16.9.34
  access-list outside_1_cryptomap extended permit ip 192.168.18.0 255.255.255.0 host A-172.16.9.34
  access-list outside_1_cryptomap extended permit ip 192.168.16.32 255.255.255.224 host 172.16.62.57
  access-list outside_1_cryptomap extended permit ip 192.168.17.0 255.255.255.0 host 172.16.62.57
  access-list outside_1_cryptomap extended permit ip 192.168.18.0 255.255.255.0 host 172.16.62.57
  access-list External_VPN extended permit ip 192.168.16.32 255.255.255.224 172.16.254.0 255.255.255.0
  access-list External_VPN extended permit ip 192.168.17.0 255.255.255.0 172.16.254.0 255.255.255.0
  access-list outside_in extended permit icmp any any log notifications
  access-list outside_in extended permit tcp any any log notifications
  pager lines 24
  logging enable
  logging asdm informational
  logging ftp-server 192.168.16.34 / syslog *****
  mtu inside 1500
  mtu outside 1500
  ip local pool Remote 172.16.254.1-172.16.254.25 mask 255.255.255.0
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-645.bin
  no asdm history enable
  arp timeout 14400
  global (inside) 1 interface
  global (outside) 1 interface
  nat (inside) 0 access-list nonat
  nat (inside) 1 192.168.16.32 255.255.255.224
  nat (inside) 1 192.168.17.0 255.255.255.0
  nat (inside) 1 0.0.0.0 0.0.0.0
  access-group outside_in in interface outside
  192.168.2.0 is my corp network range
  192.168.2.171 is my internal IP for corp ASA5510
  97.x.x.x is the external interface for my corp ASA5510
  192.168.16.34 is the internal interface for the remote ASA5505
  64.x.x.x is the external interface for the remote ASA5505
  192.168.17.0, and 192.168.18.0 are two other private LANS behind the remote 5505
  As you can see, I have things reasonably wide open - with no port restrictions on this one yet - this is for troubleshooting purposes, and it will get restrictive as soon as I figure this out   Right now, the ASA5510 is pretty restrictive, and to be brutally honest, I'm not certain I'm even using the packet tracer 100% proper to be able to simulate coming from the outside of the network through my ASA5510, out to a remote ASA5505, and to a web server behind that 5505.  I'm sure that the issue is probably going to be a mix of ACL's between the 5510, and the 5505.
  I guess the main question, is Clientless SSL VPN really a good choice for this, or are there other real alternatives - especially since my client doesn't want to have to install, or use an actual client (like AnyConnect), nor do they want to have an always-on IPSEC VPN.  Am I going about this the right way?  Anyone have any suggestions, or do I have my config royally hosed?
  Thanks much for any and all ideas!

  Hey All,  I appreciate all of the views on this post.  I would appreciate any input - even if you think it might be far-fetched.  I'm grasping at straws, and am super-hesitant to tell my customer this is even remotely possible if I can't have a POC myself.  Thanks, in advance!!