Airlink Raven X and VPN Connection

Similar Messages

• Two active active ISPs with load balancing, publishing and VPN connection

  Hi,
  I wonder how to enable a scenario where i have to use  two ISP's to share 30/70 load on our internet traffic, have to configure almost 60 internal websites already published using microsoft TMG firewall and connect client VPN connections and site-to-site vpn connections. I know that ASA firewall has limitation when using security contexts. Is good idea that how to achieve this gool?
  I previously tried connecting four sites running ASA devices with this fifth site running Microsoft TMG firewall but i was able to connect only two ASA firewalls using site-to-site VPN, though I was able to connect remaining two as well but last two were not able to access ASA-TMG resources. furthermore behavious of two ASA-TMG connected sites was strange: sometime i was not able to access cross site resources from one machine but was able to do so from another machine.
  I noticed that two of ASA sites connected with TMG site has different internal IP class (e.g site one 192.168.0.* and site two using 172.16.*.*) while remaining two have same class like the first site e.g 192.168.128.* and 192.168.100.*
  Did anyone has experiance connecting TMG-ASA with multiple sites within same IP class scenario?
  OR
  How to enable same features using Cisco devices as they are on a single Microsoft TMG?
  Best,
  Saulat (Contact# 0092-321-4025587)

  Sulat,
  You can load balance between the two ISPs. That is not possible. But, we do have some options that I have discussed here:
  Hope the above link gives you some ideas to utilize both your ISP links.
  -Kureli

• SMB and VPN connected to Windows Server 2003

  I have search the web for an answer on this problem, I've only found peoble with same problem, but still no solution :o/
  I wan't to connect to my office (windows2003) from my OSX 10.4.2 at home. I've set up an VPN connection and can PING the server (and others) on the network. Works fine.
  When I connect to the server via SMB://server/ I get a list with all different folders (or servers) I can connect to but I get rejected with the answer Bad name or password. Now to the funny part; I can connect in the Terminal using smbclient with the same user and pwd just rejected in Finder!!!
  I've read about this problem on http://www.macwindows.com/tiger.html#052305a but I can't find a solution. Someone mentioned a bug with apple number #4108992 - Can anyone tell me where I can read about that? Or better - Where I can find a solution. (I've tried to erase keychain)
  Rgds
  /Johan

  My school sets up our network disk space with access via FTP. I don't know if that is an option through your company. While I have to download files to work with them and then upload them again to the network space to access them at work, it does allow me to look at the directory structure. I use an FTP client (not the one built into OS X). This might be an option for you to check on with your IT department. (This also eliminates my need to use VPN.)
  Hope this helps.
  PB G4 15"   Mac OS X (10.4.3)  

• Lookout 6.7 or 6.7.1 and VPN Connections

  I am having difficulty after upgrading to Lookout 6.7 and 6.7.1 from 6.1 with a client process that is receiving its data from a Lookout server across a VPN. Two different VPNs have been tested and multiple computers running various versions of the client process. This is used for a water utility. Tank levels do not update, pump spinners do not spin, etc. If i start another process that is looking at the same server and then restart the initial process everything updates normally. I can then close the unnecessary process and the failing process continues to communicate until it is restarted. Ports across the VPN are wide open, no restritions, firewalls have been turned off. I did not have this problem until after I updated from version 6.1 to 6.7. I then updated to version 6.7.1 hoping the problem woud go away, but no joy. Also, if the computer running the client process is on the local network, there is no problem. This only occurs when connecting through a VPN tunnel. I have spent time building a new process and testing as the build goes along and I am seeing the same issue with very few components of the complete process. FYI, this is not a web client,  this is the free client application running a client process file. Also, the state file for the process always shows the current time and date when the process was started. I have also tried starting the process by placing the source file in a separate folder and starting the process using the source file with the same result. Has anyone seen this issue? 
  Thanks,
  Brad Adams
  Communications Group Inc.
  Nashville, TN 
  Phone: 615-889-4756
  Email: [email protected]

  Odd, may have been a permissions problem.   
  Forshock - Consult.Develop.Solve.

• Outlook 2010 sticks on "Trying to Connect" when undock Laptops and VPN Connects Automatically

  When our users undock their laptops the VPN kicks in automatically.  All of the other network services just continue seamlessly.  Outlook, however, sticks at "trying to connect".  This is often accompanied by a password prompt. 
  This is easily solved by closing Outlook and reopening it (no need to enter password).
  It doesn't seem unreasonable that outlook should require a restart after being disconnected like this.  Just want to establish whether there is a way to have Outlook just re-connect without the need to close it and reopen it.  Or is the need to
  restart it unavoidable?
  Thanks.

  When our users undock their laptops the VPN kicks in automatically.  All of the other network services just continue seamlessly.  Outlook, however, sticks at "trying to connect".  This is often accompanied by a password prompt. 
  This is easily solved by closing Outlook and reopening it (no need to enter password).
  It doesn't seem unreasonable that outlook should require a restart after being disconnected like this.  Just want to establish whether there is a way to have Outlook just re-connect without the need to close it and reopen it.  Or is the need to
  restart it unavoidable?
  Thanks.
  This is really a question for the Outlook forum, but from what I have seen over the years, thats just the way it is with OUtlook and MAPI or Outlook Anywhere. When you change the network, Outlook struggles..
  Having said that, MAPI over HTTP with Exchange 2013 SP1 is working to eliminate those issues:
  http://technet.microsoft.com/en-us/library/dn635177(v=exchg.150).aspx
  Twitter!: Please Note: My Posts are provided “AS IS” without warranty of any kind, either expressed or implied.

• JMS doesn't work with VPN connection on weblogic8.1

            Hi:
            We have used JMS topic on weblogic 7.x and we use both LAN and VPN connection.
            However, when we switch to weblogic 8.1, although it works fine when using
            LAN connection,
            it does not work when using VPN connection. We tried three different machines,
            got the same
            error.
            The error is:
            weblogic.jms.common.JMSException: Error creating connection on the server
            at weblogic.jms.client.JMSConnectionFactory.createConnectionInternal(JMS
            ConnectionFactory.java:160)
            at weblogic.jms.client.JMSConnectionFactory.createTopicConnection(JMSCon
            nectionFactory.java:95)
            at com.dynamex.decs.common.jms.DecsSubscriber.initialize(DecsSubscriber.
            java:59)
            at com.dynamex.decs.client.orderentry.swing.OrderEntry.initRMI(OrderEntr
            y.java:1714)
            at com.dynamex.decs.client.orderentry.swing.OrderEntry.<init>(OrderEntry
            .java:124)
            at com.dynamex.decs.client.orderentry.swing.OrderEntry.main(OrderEntry.j
            ava:3180)
            Caused by: java.rmi.MarshalException: CORBA COMM_FAILURE 1398079697 No; nested
            e
            xception is:
            org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 209 completed:
            No
            at com.sun.corba.se.internal.iiop.ShutdownUtilDelegate.mapSystemExceptio
            n(Unknown Source)
            at javax.rmi.CORBA.Util.mapSystemException(Unknown Source)
            at weblogic.jms.frontend._FEConnectionFactoryRemote_Stub.connectionCreat
            eRequest(_FEConnectionFactoryRemote_Stub.java:106)
            at weblogic.jms.client.JMSConnectionFactory.createConnectionInternal(JMS
            ConnectionFactory.java:139)
            ... 5 more
            Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 209 completed:
            No
            at com.sun.corba.se.internal.iiop.IIOPConnection.purge_calls(Unknown Sou
            rce)
            at com.sun.corba.se.internal.iiop.MessageMediator.handleInput(Unknown
            So
            urce)
            at com.sun.corba.se.internal.iiop.messages.MessageBase.callback(Unknown
            Source)
            at com.sun.corba.se.internal.iiop.MessageMediator.processRequest(Unknown
            Source)
            at com.sun.corba.se.internal.iiop.IIOPConnection.processInput(Unknown
            So
            urce)
            at com.sun.corba.se.internal.iiop.ReaderThread.run(Unknown Source)
            Does anybody have the experience? Can anybody give a hint?
            Thanks,
            Tony
            

  Hi Tony,
            Given that the thick jar works, I would classify the problem
            as a bug - not a missing feature. The thin jar is contracted
            to be just as capable as the thick jar. My guess is that
            the bug is likely in IIOP but perhaps could be in JMS.
            Contact customer support (this forum is not maintained by
            customer support). Meanwhile, you can post your info
            to the IIOP newsgroup to see if they can help.
            You asked how long it would take to fix? That depends
            on bug priority (set by the customer) and bug complexity,
            but its usually measured in days or weeks (not months).
            You can speed up the process by giving support your
            logs and stack traces, as well as a simple reproducer,
            and telling them you are willing to try out a prototype
            patch. But before going through extra trouble, just give
            them the logs/stack traces, in case it is a known issue
            for which there is already a fix or there is a fix in progress.
            Tom
            tony yang wrote:
            > Tom:
            >
            > Thanks,
            > We actually use t3. However, in terms of weblogic 8.1 doc, t3 transparently
            > uses iopp. So t3 or iopp both fails over VPN connection.
            >
            > After replacing with full weblogic jar as you suggested, it works.
            >
            > However, we really want the thin client because we have huge amount of client
            > deployments.
            >
            > The other developers here also noticed other problems beside JMS problem
            > when using VPN connection and thin client jars.
            >
            > We guess full weblogic.jar uses real t3 instead of iiop.
            >
            > Seems that iiop does not work well over VPN connection.
            >
            > Could you give some estimate of when we can have the new thin client jars
            > to support VPN connection (even not official release)?
            >
            > Tony
            >
            > Tom Barnes <[email protected]> wrote:
            >
            >>Hi Tony,
            >>
            >>At first glance I don't know what is going on, and can only
            >>make some random suggestions. Perhaps try
            >>the t3 protocol (rather than iiop protocol) if you are using iiop
            >>URLs to connect to JMS. If you are using the new 8.1 thin
            >>client jars, try switching back and using full jar instead.
            >>Perhaps try posting to the IIOP newsgroup.
            >>
            >>Tom, BEA
            >>
            >>tony yang wrote:
            >>
            >>
            >>>I also have the log from weblogic server:
            >>>
            >>>weblogic.jms.dispatcher.DispatcherException: Could not register a HeartbeatMoni
            >>>orListener for [weblogic.iiop.IIOPRemoteRef@745152c4] for weblogic.jms.C:dal603
            >>>t05:rcy:-l91
            >>> at weblogic.jms.dispatcher.DispatcherWrapperState.addPeerGoneListener(D
            >>>spatcherWrapperState.java:563)
            >>> at weblogic.jms.dispatcher.DispatcherManager.dispatcherAdd(DispatcherMa
            >>>ager.java:106)
            >>> at weblogic.jms.dispatcher.DispatcherManager.addDispatcherReference(Dis
            >>>atcherManager.java:196)
            >>> at weblogic.jms.frontend.FEConnectionFactory.connectionCreateInternal(F
            >>>ConnectionFactory.java:413)
            >>> at weblogic.jms.frontend.FEConnectionFactory.connectionCreateRequest(FE
            >>>onnectionFactory.java:385)
            >>> at weblogic.jms.frontend.FEConnectionFactory_WLSkel.invoke(Unknown
            >>
            >>Sour
            >>
            >>>e)
            >>> at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:466)
            >>> at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServer
            >>>ef.java:108)
            >>> at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:409)
            >>> at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticat
            >>>dSubject.java:353)
            >>> at weblogic.security.service.SecurityManager.runAs(SecurityManager.java
            >>>144)
            >>>@
            >>>
            >>>
            >>>"tony yang" <[email protected]> wrote:
            >>>
            >>>
            >>>>Hi:
            >>>>
            >>>> We have used JMS topic on weblogic 7.x and we use both LAN and
            >>>>VPN connection.
            >>>> However, when we switch to weblogic 8.1, although it works fine
            >>>>when using
            >>>>LAN connection,
            >>>>it does not work when using VPN connection. We tried three different
            >>>>machines,
            >>>>got the same
            >>>>error.
            >>>> The error is:
            >>>>
            >>>>weblogic.jms.common.JMSException: Error creating connection on the
            >>
            >>server
            >>
            >>>> at weblogic.jms.client.JMSConnectionFactory.createConnectionInternal(JMS
            >>>>ConnectionFactory.java:160)
            >>>> at weblogic.jms.client.JMSConnectionFactory.createTopicConnection(JMSCon
            >>>>nectionFactory.java:95)
            >>>> at com.dynamex.decs.common.jms.DecsSubscriber.initialize(DecsSubscriber.
            >>>>java:59)
            >>>> at com.dynamex.decs.client.orderentry.swing.OrderEntry.initRMI(OrderEntr
            >>>>y.java:1714)
            >>>> at com.dynamex.decs.client.orderentry.swing.OrderEntry.<init>(OrderEntry
            >>>>.java:124)
            >>>> at com.dynamex.decs.client.orderentry.swing.OrderEntry.main(OrderEntry.j
            >>>>ava:3180)
            >>>>Caused by: java.rmi.MarshalException: CORBA COMM_FAILURE 1398079697
            >>
            >>No;
            >>
            >>>>nested
            >>>>e
            >>>>xception is:
            >>>> org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 209 completed:
            >>>>No
            >>>>
            >>>> at com.sun.corba.se.internal.iiop.ShutdownUtilDelegate.mapSystemExceptio
            >>>>n(Unknown Source)
            >>>> at javax.rmi.CORBA.Util.mapSystemException(Unknown Source)
            >>>> at weblogic.jms.frontend._FEConnectionFactoryRemote_Stub.connectionCreat
            >>>>eRequest(_FEConnectionFactoryRemote_Stub.java:106)
            >>>> at weblogic.jms.client.JMSConnectionFactory.createConnectionInternal(JMS
            >>>>ConnectionFactory.java:139)
            >>>> ... 5 more
            >>>>Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 209
            >>>>completed:
            >>>>No
            >>>> at com.sun.corba.se.internal.iiop.IIOPConnection.purge_calls(Unknown
            >>>>Sou
            >>>>rce)
            >>>> at com.sun.corba.se.internal.iiop.MessageMediator.handleInput(Unknown
            >>>>So
            >>>>urce)
            >>>> at com.sun.corba.se.internal.iiop.messages.MessageBase.callback(Unknown
            >>>>Source)
            >>>> at com.sun.corba.se.internal.iiop.MessageMediator.processRequest(Unknown
            >>>>Source)
            >>>> at com.sun.corba.se.internal.iiop.IIOPConnection.processInput(Unknown
            >>>>So
            >>>>urce)
            >>>> at com.sun.corba.se.internal.iiop.ReaderThread.run(Unknown Source)
            >>>>
            >>>>
            >>>> Does anybody have the experience? Can anybody give a hint?
            >>>>
            >>>> Thanks,
            >>>>
            >>>>Tony
            >>>
            >>>
            >
            

• Check for VPN Connection Exists

  Hello
  I am working on a windows store app for Enterprise. This app will require internet and VPN connection to get data. I have found a way to check for internet access. However, I am not sure how to check if there is a VPN tunnel available. If VPN is available
  then I can make a call to a WebService and get data. If there is no VPN then the WebService call will fail [after about 10-15 seconds]. I can assume that if the WebService calls fails that means there is no VPN but there must be another way to find this out
  before even calling a Service.
  Please help.
  Thanks
  Bevan

  We're using Microsoft Direct Access rather than a VPN but I think this is worth sharing anyway.
  Rather than calling a web service I'm just using the HttpClient's GetAsync() method to call a small file hosted on an internally hosted web server. This minimises the payload as much as possible which may be important if your users are connected using devices
  with 3G/4G with data limit.
  I'm wrapping the call in a Stopwatch to get a rough idea of the round robin request/response and visualising that for the users so they know how good their connection to the corporate network is. This info is far more useful than the WiFi/Mobile signal bars.
  Stopwatch stopWatch = new Stopwatch();
  stopWatch.Start();
  HttpClient httpClient = new HttpClient();
  HttpResponseMessage response = await httpClient.GetAsync(nslUri);
  response.EnsureSuccessStatusCode(); // -- throw exception if not a success code
  stopWatch.Stop();
  TimeSpan ts = stopWatch.Elapsed;
  This might also be of interest...
  https://msdn.microsoft.com/en-us/library/windows/apps/xaml/windows.networking.vpn.aspx

• Hi there, I am trying to connect to my server at work from home using a vpn connection. It connects fine and the time ticks along, but when i click go - connect to server, it comes up with connection failed. Please help!

  Hi there, I am trying to connect to my server at work from home using a vpn connection. It connects fine and the time ticks along, but when i click go - connect to server, it comes up with connection failed. Please help!

  ... when i click go - connect to server, it comes up with connection failed.
  If you're trying to connect to a Bonjour server on the remote network, that won't work over a layer 3 VPN. Use something like Hamachi or one of the SSH-tunnelling Bonjour proxy apps for that.

• Automatically create a custom VPN connection and set default wallpaper in a deployment...

  Hey guys,
  I've been hard at work on creating a custom deployment for our company to allow us to start rolling out Windows 7 at the first of next month. I demonstrated it to the brass today and they were blown away. All they asked for was two changes and I admit I'm stumped. Hopefully someone here can help:
  1 - Set Default Wallpaper for *all* users: I've written a script to copy our company wallpaper to "C:\Windows\Web\Wallpaper" during a deployment. Is there any way I can modify that script to set that wallpaper as default for anyone who logs into that computer. Or if there's a non-script way to do this I'm all ears. I just need that wallpaper as default.
  2 - Create a VPN Connection for our company intranet: Right now this is being done manually in the Network and Sharing Center. All they are doing is choosing "Set up a new connection or network" >> "Connect to a workplace" >> "Use my Internet Connection (VPN)" and just entering our VPN server IP Address and giving the connection a name. Surely there has to be a way to automate this with a script or something? Can anyone help?
  3 - BONUS: This is just gravy, but if anyone can tell me how to "silently" or "automatically" disable the "Highlight newly installed programs" checkbox for all users using a script or something, that would be *wonderful*.
  Can anyone help me here?

  1. Go here http://blogs.technet.com/deploymentguys/archive/2008/06/06/useful-script-number-5-adjusting-the-default-user-registry-hive.aspx . There is a script that will set your default wallpaper for you.
  2. Does your company use a VPN client?
  3. This option is set in the Registry. You could create a startup script or add this to your Task Sequence. Create the Dword and set it to 0 to disable highlighting.
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Start_NotifyNewApps
  Rich
  http://deploywindows7.wordpress.com/
  Thanks for responding Rich,
  1. I actually came across that script when I was poking around the Deployment guys forums, but I noticed that it did a lot more than just set the Wallpaper. I was trying to "keep it simple" plus the registry editing sort of made me nervous. I guess I can give it a go and see if it can be made to work for me.
  2. Our company dos not use a VPN client. If you look back at my description of the process in bullet point #2 we are just using the Network and Sharing Center that is built into Windows 7 to create a simple VPN connection. That's why I'm so certain there has to be a way to automate this process. ll we are doing is entering an IP Address and giving the connection a name. Surely I can script that, or is there maybe some way to create the connection on one computer and save it as a file that I can then copy to each machine during my deployment?
  3. Thanks for answering my bonus one too. Please forgive my ignorance because I am new to a lot of this. I assume I can create a "file" with the proper registry settings that can be applied during deployment right? I've seen people crate files that do this and use the .reg extension. Do you know how to make one of these or can you link me to a tutorial that steps me through it?
  You could always edit the script to leave the other parts out.  Thanks for the clarification on the VPN Client, just wanted to make absolutely sure. Let me know how if the process you found works for you.
  For the reg key, you would want to create the key I described, add it to your scripts directory, and then add a Client Build Custom Task in StateRestore to set the key in the registry. You can do this by adding a RunLineCommand to the Task Sequence. Then the command would look like this
  cmd /c regedit /s %deployroot%\scripts\NameOfRegKey.reghttp://deploywindows7.wordpress.com/

• Error with Ericsson h5321gw and IPSEC VPN-Connections

  There is an error in the Lenovo drivers [7.x] for the Ericsson h5321gw UMTS module.
  Symptoms on Windows 7 x64:
  UMTS is working fine. When you connect a vpn ipsec connection though the UMTS , the internet connection (and the vpn as well) gets unstable and has a packet loss of 30% to 50%.
  Solution:
  Install the UMTS drivers in the NDIS 5.0 mode on Windows 7. (The only problem is, that the system boot takes about 1 minute longer with the ndis 5 drivers).
  Further Reading: Message 5: http://forums.lenovo.com/t5/T400-T500-and-newer-T-series/Outlook-Exchange-connection-unstable-on-T52...
  Howto form the Lenovo Forum:
  Force the installation to install Ericsson's vista driver instead of win7 driver. Vista driver is NDIS 5. Installation can be done.
  -> extract the Ericsson drivers package but don't let it install the driver. There should be extracted a setup.exe file
  -> do the installation with command: setup.exe /zFORCEVISTA
  This helped for us.
  Tip:
  If you want to install the win7 driver back, it can be done with command: setup.exe /zFORCEWIN7
  Otherwise using the setup.exe will install the vista ndis 5 when since it once have been told to to install it by /zFORCEVISTA
  I hope, Lenovo can solve this issue quickly.
  Greetings

  I’m not sure this is the same issue you guys are running into, but I’m using the built-in Ericsson h5321gw and ATT SIM on an i7 X1 Carbon. I am required to use a Cisco VPN Client and after connecting successfully to my VPN endpoint via ATT WWAN, I could not get any data in/out the tunnel.
  I tried in both Windows 7 and Windows 8 OS, even trying the setup.exe /zFORCEWIN7 work around to no avail.
  After doing some searching, I came across a blog post describing the same issue I had.
  There is an update to Windows’ DNE that actually solved the issue for me using the standard Erricson W8 (and W7) drivers. (I also performed the h5321gw fireware update from Lenovo, but I did that before the DNEUpdate – that alone did _not_ fix it)
  DNEUpdate x64: ftp://files.citrix.com/dneupdate64.msi
  DNEUpdate x86: ftp://files.citrix.com/dneupdate.msi
  Hope this helps.
  Credit from: http://stenby.wordpress.com/2012/10/03/cisco-vpn-client-and-built-in-lenovo-h5321gw-3g-card/

• HT1433 Hi, my internet sharing was working perfectly in 10.6.8, sharing my vpn connection to my apple tv with no problems. I then upgraded to 10.7 etc and internet sharing stopped. I have since reverted my computer back to 10.6.8 but no luck still, though

  Hi, my internet sharing was working perfectly in 10.6.8, sharing my vpn connection to my apple tv with no problems. I then upgraded to 10.7 etc and internet sharing stopped. I have since reverted my computer back to 10.6.8 but no luck still, thoughts?

  Hi, my internet sharing was working perfectly in 10.6.8, sharing my vpn connection to my apple tv with no problems. I then upgraded to 10.7 etc and internet sharing stopped. I have since reverted my computer back to 10.6.8 but no luck still, thoughts?

• ARD connection and VPN

  Hi All,
  I am wanting to securely set up a connection to allow me to connect to, and to control my home computer whilst I am away. I have a standard NAT router at home with a good firewall with my emac securely plugged in behind it. I travel with my powerbook and successfully connect using to the emac from the internet using ARD and everything works fine.
  I would however like some more security and I get the impression that a VPN might be the solution for me. Google searches provide almost too many options & differences which I don't really understand and makes it a bit hard to decide which path to take and how to set the thing up.
  I am running 10.4.8 and do not have OS X Server.
  Can anyone please explain (or point me towards a good mac website) which will talk me through everything I need to do to set up and configure a VPN server and set the whole project up.
  If you could suggest any other solutions I would really appreciate your opinions.
  Thanks in advance.
  mjharps
  you can never have too much security...

  Thanks Rick,
  I have a Dlink G604T ADSL Router. It acts as my modem and router all in one.
  mjharps

• VPN connection between ASA5520 and RV215w

  Hello everyone,
  I am trying to setup a vpn connection between ASA5520 with 9.1.(3) and rv215w 1.1.0.6
  Here is my setup ...
  But the vpn connection fails with an error message on ASA.
  RV215w shows ipsec established but i cannot ping the network behind.
  You can find asa-config and show-tech as attachment. I have added also some screenshots from RV215w.
  Any hint or help is appreciated.
  Cengiz

  Hi Cengiz,
  Dynamic CRYPTO maps mostly used in a Remote Access or Client to site VPN because end users working from home can have IP address new every time or like different whcn connect from home or from Internet cafe , hence ASA cant make a fix IP as Peer.
  But for site to site also Dynamic Crypto Map can be used but only at one side , else if you use Dynamic crypto map at both ends , both peer will wait for each other to initiate a tunnel Request as the device n this case ASA) configured with Dynamic Crypto map can only REPLY for a tunnel initiation , it can never send tunned initilaization request as it never know the IP address of the peer. Hence never make both device as dynamic crypto map or else they both never initiate and wait for each pther and tunnel will never happen.
  The main steps to be configured on the ASA end in order to establish dynamic tunnel:
      Phase 1 ISAKMP related configuration
      Nat exemption configuration
      Dynamic crypto map configuration
  The Cisco IOS router has a static crypto map configured because the ASA is assumed to have a static public IP address. Now this is the list of main steps to be configured on the Cisco IOS Router end to establish dynamic IPSEC tunnel.
      Phase 1 ISAKMP related configuration
      Static crypto map related configuration
  !---1. Configure the IPsec transform-set
  crypto ipsec transform-set myset esp-des esp-md5-hmac
  !--- 2. Configure the dynamic crypto map. Always rememeber to bind a dynamic crypto map to a blank static crypto map and then call that static crypto map to a ASA OUTSIDE Interface as Dynamic Crypto maps cannot be bind directly to ASA OUTSIDE Interface or say any interface.
  crypto dynamic-map MY_DYNAMIC_MAP 1 set transform-set myset
  crypto dynamic-map MY_DYNAMIC_MAP 1 set reverse-route
  !--- Enable Reverse Route Injection (RRI), which allows the ASA
  !--- to learn routing information for connected clients hence the static route will come above defaut route and hence
  !... will make the routing decision fast else every time for the other side router dynamic IP , default route have to get a hit but only after checking the entire routing table and when no match then use default route , so to save this entire route matchin process always good to use reverse route enjection so that other side non dynamic crypt peer can insert a static route enrty in ASA.
  !--- 2A. Always Bind dynamic crypto map named MY_DYNAMIC_MAP to a static crypto map named STATIC_MAP_CALLING_DYMANIC_MAP using a keyword dynamic in the last 
  crypto map STATIC_MAP_CALLING_DYMANIC_MAP 10 IPSec-isakmp dynamic MY_DYNAMIC_MAP
  !--- 2B.now apply static map on ASA OUTSIDE Interface
  crypto map STATIC_MAP_CALLING_DYMANIC_MAP interface outside
  !--- 3. Configure the phase I ISAKMP policy
  crypto isakmp policy 10
  authentication pre-share
  encryption des
  hash md5
  group 2
  lifetime 86400
  !--- 4. Configure the default L2L tunnel group parameters
  tunnel-group DefaultL2LGroup IPSec-attributes
  pre-shared-key *
  Plase rate if you like my post.
  Best Regards
  Sachin Garg

• Window 8.1 system unable to access network shares via VPN connection

  Is there something inherent to Windows 8.1 that prevents it from accessing shares on a domain?
  I know that it cannot join a domain, but does that also mean that it cannot access shares which are on a domain?
  My problem is that I have several user that are running windows 8.1 that are connecting to our network via a VPN.
  The users have domain accounts but their computers as windows 8.1 cannot joined to the domain.
  So to access network shares they have to use their domain credentials to create a VPN connection.
  Once connected the user can RDP to systems on the domain using their domain accounts, so I know that their user names/passwords and permissions are correct. They can access these systems using the computer name, so I don't feel that I have a DNS issue.
  They can see the shares on our file server, but when they try to access their departments shared file, they receive an access denied message. There are a few shares that are completely wide open, shared to all users and all departments but they cannot access
  those shares either.
  You can ping the file server, from the the client when they are connected to the VPN but you just cannot access any of the shares.
  So...
  I am thinking that it has something to do with windows 8.1 and not being able to join a domain, but I cannot find anything to explicitly support this thought.
  Other users running a variety different OS (windows 7, OSX, Linux) can all access the shares without any problems via the VPN, so I am a little stumped.

  I have done some more testing and oddly enough I can map a drive if I use the IPaddress, but not the computer name, when checking the check box "connect using different credentials"and providing they users domain credentials.
  This seems to point to a DNS issue, one would think, but I can hit the file share server by name \\fileserver.dev.lan
  I can see all the shares, so dns seems to be fine right?
  So I don't understand why I can map a drive using do the IPaddress and not the machine name, but yet I can see and ping the server by name?
  When I try to create a mapped drive by machine name I receive the following message:
  Windows cannot access \\fileserver.dev.lan\all
  You do not have permissions to access \\fileserver.dev.lan. contact your network administrator  to request access.
  But if I use the \\x.x.x.x\all using the very same user and password I get connected with no problem.
  This only seems to happen on windows 8.1, which leads me to think that has something to do with OS. 
  I am thinking about upgrading to windows 8.1 pro, but I don't want to go though the hassle and expanse is the OS is not the problem.

• How can i use an existing vpn connection without using the option "Send all traffic over vpn connection"?

  I have been trying to get my computer (os x.7) to astablish a remote desktop connection to my work computer via a vpn tunnel. In fact I have just discovered that it works fine if i select to "send all traffic over vpn connection" from the options in the advanced setup of the vpn.
  If the option is selected microsofts "Remote desktop connection for mac" works just fine. However without selecting the option it is not taking advantage of the tunnel but tries to connect as if the tunnel would not exist.
  Now the question is how do I get program to use the vpn tunnel without checking the above option?
  Thanks for any hints and pointers.

  Then can her computer be authorized to both accounts?
  Absolutely. You can authorize any given computer to up to five iTunes Store accounts.
  If purchases are made on her account, to a computer authorized to my account, can I put those songs on my iPod?
  If you connect your iPod to her computer, yes. Tracks download only to the computer from which they're purchased, regardless of which iTunes Store account is used for the purchase. Or you could copy the tracks from her computer to yours and then authorize your computer to her iTunes Store account. But that's sort of defeating the original purpose, it would seem to me.
  is it better to buy music through Amazon downloads and/or actually purchasing CDs to avoid the security features iTunes puts on its music?
  That's certainly an option. If it's an entire album I want, I buy CDs. That way I can import them at the quality I want and to whichever of my systems I want. Amazon or one of the other download stores that offer tracks as MP3 are also an option, though for me download stores are best when you just want a couple of tracks off a given CD.