Anyconnect and any HIPS

Similar Messages

• IKEv2 AnyConnect and Pool allocation via RADIUS

  I am configured a CSR1000V (03.09.00a.S.153-2.S) for AnyConnect with IKEv2. I am storing username and IKEv2 authorization policy on the RADIUS server. Clients are dropped into their own iVRFs through RADIUS attributes passed back to the NAS.
  e.g. in FreeRadius (2.1.12), the following is defined (home is the 'group') in username@group format.
  home                    Cleartext-Password := "cisco"
                               Cisco-AVPair += "ip:interface-config=vrf forwarding CUST-A",
                               Cisco-AVPair += "ip:interface-config=ip unnumbered loopback100",
                                Framed-Pool = "CUST-A-POOL"
  matt@home               Cleartext-Password := "test123"
  Group and user authorization information is then merged and cloned onto the virtual template:
  crypto ikev2 name-mangler EXTRACT-GROUP
  eap suffix delimiter @
  crypto ikev2 profile FlexVPN-IKEv2-Profile-1
  match fvrf IPSEC-FVRF
  match identity remote key-id FlexAnyConnect
  identity local dn
  authentication remote eap query-identity
  authentication local rsa-sig
  pki trustpoint cacert.org
  dpd 60 2 on-demand
  aaa authentication eap FlexVPN-AuthC-List1
  aaa authorization group eap list FlexVPN-AuthZ-List-1 name-mangler EXTRACT-GROUP
  aaa authorization user eap cached
  virtual-template 1
  interface Virtual-Template1 type tunnel
  no ip address
  tunnel mode ipsec ipv4
  tunnel vrf IPSEC-FVRF
  tunnel protection ipsec profile FlexVPN-IPsec-Profile-1
  However, it appears that the RADIUS attribute specifying the pool is ignored; I can see the RADIUS attribute (IETF 88) passed back to the NAS in the RADIUS debugs:
  *Aug 16 21:36:39.384 BST: RADIUS:  Framed-IP-Pool      [88]  13  "CUST-A-POOL"
  However, the crypto debugs state that an IP address cannot be assigned:
  *Aug 16 21:36:39.435 BST: IKEv2:Failed to allocate IP addr
  <snip>
  Payload contents:
  AUTH NOTIFY(INTERNAL_ADDRESS_FAILURE)
  If the Framed-Pool is removed and a Framed-IP-Address defined instead for the user, then the address is assigned. The CUST-A-POOL is defined locally on the NAS. Is there anything I am missing? Can any more detailed debugs be generated?
  Cheers,
  Matt

  Marcin,
  Thank you for your response; sending "ipsec:addr-pool" does work. I did a bug scrape, but didn't find this (if I try to view it in the new Bug Tool, I get "Insufficient Permissions to View Bug"), but it was possible to paste the Bug ID into the old Bug Toolkit to get the detail.
  As an aside, I also found that "include-local-lan" doesn't appear to work with IKEv2 AnyConnect and isn't likely to be fixed; according to CSCud65859, the workaround is to use split-tunneling ("ipsec:route-set=prefix prefix/len").
  Cheers,
  Matt

• AnyConnect and Pre-Shared Keys

  Hello,
  I am extremely new to AnyConnect and VPN, so I have a few questions for you guys. I am trying to configure an AnyConnect Client on Android to connect to my ASA 5505 via IPSEC. It's configured with (I believe) IKEv1 with pre-shared key and group identifier. I think IKEv2 is certificate based only, and I am not using certificates at this time. I can't seem to find any settings in the app to configure it this way... Can the AnyConnect client connect to this type of connection? If so, what may I be missing? I can configure the default VPN client built into Android and it works fine, but I am being told to use the AnyConnect client. If you need more info, let me know, I'm not sure what to put on here to give the info needed to help. Thanks!

  Believe I found my answer:
  Cisco AnyConnect VPN
  Q. I see that the Cisco AnyConnect Secure Mobility Client supports IPsec. Will Cisco AnyConnect Secure Mobility Client work with Cisco VPN 3000 Series concentrators?
  A. No. Cisco VPN 3000 Series concentrators support IPsec/IKEv1. Cisco AnyConnect Secure Mobility Client Version 3.0 and greater supports IPsec/IKEv2 connectivity but not IPsec/IKEv1.
  From http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5743/ps5699/ps10884/qa_c67-712937_ns1049_Networking_Solutions_Q_and_A.html
  If there is a workaround or something, please let me know. If not, oh well!

• Difference between sy-datum and any given date

  Dear Friends;
  I have one query  regarding DATE  I wanna calculate the difference between
  SY-DATUM and ANY GIVEN DATE . Is there any function or code available that take one parameter as sy-datum and another parameter as any given date and give result as no. of days between them
  Regards;
  Parag

  DATA: DATEDIFF TYPE P.
  CALL FUNCTION 'SD_DATETIME_DIFFERENCE'
    EXPORTING
      date1                 = '20071122'
      time1                 = '000001'
      date2                 = '20070905'
      time2                 = '000001'
  IMPORTING
     DATEDIFF               = DATEDIFF
  EXCEPTIONS
     INVALID_DATETIME       = 1
     OTHERS                 = 2.
  Greetings,
  Blag.

• Function to get differenece between sy-datum and any date entered in days

  Dear Friends;
                  I have to find out the days difference between sy-datum and any valid date that come from table . Is there any function available in SAP that will give me
  the difference in  no. of  days between sy-datum and any date that come from table??
                 please help me out.
  Regards;
  Parag

  Just subtract the dates from each other and you will get the number of days. I have used it and it works prefect
  try this:
  DATA: date1 like sy-datum,
  date2 like sy-datum.
  data I type i.
  date1 = '20070301'.
  date2 = '20070228'.
  i = date1 - date2.
  write: / date1, date2, i.
  date1 = sy-datum.
  date2 = sy-datum - 30.
  i = date1 - date2.
  write: / date1, date2, i.
  SD_DATETIME_DIFFERENCE

• If Firefox is set as the default browser, and any application attempts to open a new window, this fails and I get the error "Firefox is already running..."

  Here is what I am running:
  Microsoft Windows 7, Service Pack 1, Fully updated to 4/10/2012
  Fresh Install of Firefox 11. No add-ons enabled as a result of troubleshooting.
  I am a user with administrator rights
  UAS is disabled.
  To begin, this has been going on Since Firefox 10 or so. A few months now.
  I am able to open Firefox. My add-ons worked (ABP, Flashblock, ABP Element Hiding Helper, IETAB2, Downthemall, Greasemonkey, 4chan extension) had no problems. Firefox is set and has been set for the last two years as my default web browser.
  However Since approximately Firefox 10 or so, maybe before that, If I have a Firefox session open, and any other application attempts to open a session in a new window, I get the Firefox is already running, but not responding error."
  I attempted to follow troubleshooting advice already posted (look for parent.lock files left behind [none present], multiple sessionstore.js files [none present], create a new user profile, attempted to clear out the "read-only" permission in windows 7, however as soon as it is cleared, the read only permission returns.)
  As a last resort, I deleted the Firefox folder, the %APPDATA%/Mozilla directory in its entirety, then utilized CCleaner to remove any and all references to Firefox in the windows registry, then did a full re-install, no extensions installed right now.
  I checked preferences and have the option "open new windows in a new tab" checked off. The problem persists regardless if this option is checked on or off. This problem persists in or out of safe mode, even with the brand new install.
  Test Cases:
  All cases:
  Firefox is selected as the default browser for windows 7
  Case 1: Open a firefox session. Utilize any other program that attempts to open a link to their website in a new browser window or new browser session. Experience "Firefox is already running" error
  Case 2: Open a firefox session. Right click on Firefox on the task bar. Select "open in new window". Experience "Firefox is already running" error
  Case 3: Open a firefox session. Select the Firefox Menu > New tab > New Window. A new window will actually open.
  This is the only method of opening a new window in the same browser session or profile that actually works on my system. Attempting to open a browser session from the task bar "open new window dialog" or opening a new window while a current window/session is running will not open firefox in a new window or a new tab in the current session. The "Firefox is already running, but is not responding" error will occur every time.

  Cor-el's suggestion resolved my problem. Apparently the MOZ_NO_REMOTE variable was set to 1 on my system variables. I never made it, and really have no idea how it got there, but deleting this variable and restarting firefox has resolved the issue. Thanks Cor-el!
  Marking case: Solved
  Solution: Verify the MOZ_NO_REMOTE variable is NOT set to 1. This can be achieved by simply deleting this variable.

• IPhone turns off often, turns back on only after reset, tried all troubleshooting and still nothing. Does anyone know what could be causing this and any ideas on how to fix it?

  My iPhone 4s shuts down at least once a day, usually after I used it or when I'm not using it at all. It will not turn back on unless I reset it (by pressing home/power buttons) and when it turns back on, it runs like nothing happened. I have tried everything I can think of, update iPhone software, iTunes software, troubleshoot on Apple's Support page and reading other user's issues but I haven't seen anything similar. I erased and restore factory settings several times, made different backup attempts and even restored from recovery mode with iTunes. Everything goes great, no error message or anything unusual, until phone is off again, very frustrating. It doesn't seem to have a pattern to it, it happened when no apps were running as well as when a few apps were. The only thing I can think of is I haven't seen this happening when charger cable is plugged it. I don't really care about apps and content on the phone, but my contacts and voicemails are the only reason why I absolutely have to restore from backup, even after setting up a new phone, from iTunes. Other than that phone is brand new, battery is also great, nothing wrong with it (apparently).
  I would like to know if somebody knows what this could be, and any ideas on how to fix it. Thank you.

  Start with this comprehensive troubleshooting article:
  https://discussions.apple.com/docs/DOC-3521
  Look at this one for possible solutions:
  https://discussions.apple.com/docs/DOC-3353
  Ciao.

• ITunes 10.6.3 Mac running 10.7.3 not responding I have deleted iTunes and reinstall iTunes and it keeps happening I also scanned the computer for any trojans and any other possible viruses but the pc is running perfect waft do I do ? Please help me ?

  I need help iTunes 10.6.3 Mac running 10.7.3 not responding I have deleted iTunes and reinstall iTunes and it keeps happening I also scanned the computer for any trojans and any other possible viruses but the pc is running perfect waft do I do ? Please help me ?

  Hey thanks for replying.
  Here's what I did:
  First I tried the Winsock reset in the Command prompt. Nothing changed.
  Next, I tried the instructions on http://http://support.apple.com/kb/TS4123. The only other program that came up on the 'Winsock Providers' tab on the program was 2 Windows Live applications, which I can do without. So I deleted all Windows Live Applications.
  I did the Winsock reset in the Command Prompt again and rebooted my comp.
  Unfortunately, nothing has changed. iTunes keeps freezing at various stages of the sync, then shows the candy cane-striped bar with either the words 'Finishing sync' or 'Cancelling sync', before showing the Apple logo.
  Sometimes, iTunes gets to the syncing stage - "Copying # of ####" - where it will trudge through the first, second and third tracks before flashing "Copying 4 of ####" for a split second and I catch "Cancelling sync" briefly before the Apple logo appears.
  Again, I've repeated the steps I mentioned in my previous post. Does ANYONE know when the new version of iTunes is set to be released?! This one is driving me INSANE, to say the least!!

• No longer able to save to a .PDF using Acrobat 8 Pro and any CS3 program

  I spent several hours on phone with Apple and Adobe today-It seems that Snow Leopard and Anything below Acrobat Pro 9 and InD 4 are no longer compatible for exporting, printing or saving as a .PDF.  Using Acr. Pro 8 and InD CS 3  Anyone find a fix as yet?  I am running Snow Leopard 10.6.1.
  I am a MAC user for less than 2 years.  Do I have to update Adobe Suite every time it upgrades?  Very financially draining, as I am not a Graphic Artist.
  Apple Tech-always wonderful-but unable to help sent me this : http://kb2.adobe.com/cps/509/cpsid_50981.html
  .PDF printer continues to work very well on all programs not ADOBE.
  Right now my only work around is to send my InD file to a friend who had InD CS4 and ask him to save to PDF for me and sent back file!
  Any help is appreciated.
  Thanks
  GB
  PS_Adobe wants me to Pay $39 to speak with a Tech support agent-This is already a documented issue.  Not a "my MAC" issue.  I find this disturbing.

  There is no necessity to upgrade your copy of Creative Suite every two years.
  However, apparently you chose to upgrade your operating system version. Was there any necessity of doing that, especially doing so very quickly after it was released? For better or worse, Apple does not regard ongoing application compatibility as a requirement for their new OS releases. Thus, if you upgrade versions of MacOS, be prepared to (1) upgrade your applications as well and (2) possibly endure a period of time in which the applications don't work under the new OS version until the application vendor can re-jigger their code to deal with the upwards-incompatible OS changes.
  These issues are not confined to Adobe applications, but also affect Microsoft Office and any significantly complex applications that are provided directly by Apple themselves. There is nothing we at Adobe can do about this and we like this situation no more than you do.
  This is not the first time these problems of upward-incompatible OS releases have plagued users and application vendors. It took Apple until 10.5.6 to get some level of stability in the 10.5.x (Leopard) OS release so that it was reasonably usable with most third party applications, drivers, etc.
  I suggest you also vent to St. Steve (the Infallible) of Cupertino!
            - Dov

• I have a MacBookPro6,2 and would like to connect an older Dell flatscreen, model L17BNS. I would welcome any information about the type of cable I need and any settings I might need to change, etc. Thank you for your time.

  I have a MacBookPro6,2 and would like to connect an older Dell flatscreen, model L17BNS. I would welcome any information about the type of cable I need and any settings I might need to change, etc. Thank you for your time! I really appreciate the assistance. Kathy

  According to:
  http://en.community.dell.com/support-forums/desktop/f/3515/p/19351107/19767627.a spx#19767627
  It has DVI ports.  This means you are best to use an adapter that supports DVI.  Note there is no audio that carries over DVI.  What you need is a mini-Displayport to DVI adapter, and the proper DVI cable. Since Dell doesn't have the specs, you'll need to tell us if you have pins or holes, and how many are grouped.

• I have a Apple imax only about 9 months old. I need a new printer. I am looking at a Canon MX926 PIXMA. Do I have Airprint or do I need to purchase it? I am a novice with Apple and any assistance would be greatly appreciated.

  I have a Apple imax only about 9 months old. I need a new printer. I am looking at a Canon MX926 PIXMA. Do I have Airprint or do I need to purchase it? I am a novice with Apple and any assistance would be greatly appreciated.

  Welcome to Apple Support Communities
  If your iMac is only 9 months old, it probably comes with OS X Mountain Lion, and it includes AirPrint, so you do not need to purchase anything else apart from the printer (which is compatible with AirPrint).
  Once you have purchased the printer, you need to follow the steps of the manufacturer. To add the printer to OS X, see > http://support.apple.com/kb/HT4670

• How to get the jar file without knowing its name and any class inside it?

  Hello, everybody!
  I would like to know if there's a way to get a reference programatically to the initial jar without knowing its name and any class contained in it. By "initial jar" I mean the jar that was called in the prompt, like this:
  java -jar jarfile.jaror in another way, in a graphical system. To be sincere what I really want is to get a reference to the jar's manifest, but I know if I can get a reference to the jar I can get a reference to its manifest file. Or if you know a way to get the manifest directly, it would also help. So, is there a way to do this?
  Thank you.
  Marcos

  jverd wrote:
  marcos_aps wrote:
  abillconsl wrote:
  Can you be more specific - IOW, can you cite a specific case?Absolutely. I want to access the jar in source code with the java.util.zip.JarFile class, for example.But why? You still haven't provided a use case or explained what you're trying to accomplish. As already pointed out, whatever you're trying to do, this is a brittle solution. If you explain what you're trying to accomplish with this, somebody may be able to suggest a better approach.jverd, I explained for baftos. Anyway, I will try to be more specific. I start my sytem like this, from, say, for example, jar1.jar:
  import br.product.System;
  public static void main(String[] args)
      System.start("NameOfTheSystem");
  }The System class is in util.jar, for example. This jar is used by all systems. I wouldn't like to pass in the name of the system, as above. I would like that the System class could read it from jar1.jar's manifest file. I just would like to have this:
  import br.product.System;
  public static void main(String[] args)
      System.start();
  }It is more elegant and I don't have the name of the system in two places: code and manifest file.
  Marcos

• How to install plugin and exta filter in photoshop cs ? and any special filter for special effects ?

  how to install plugin and exta filter in photoshop cs ? and any special filter for special effects ?
  kindly recommend me any best one and tel me step by step how i will add more plugins n filters

  A Plug_in normally come with an installer or install instructions. Check the documentation for the plug-in you trying to install.  It sounds like you don't know what plug-ins you want to install.  In that case you don't need to install any.  At some point you may read about a plug-in and what it can do and feel you have a need for it.  Then you will have a reason to install a plug-in that is not installed by default.  There may also be a cost involved most worthwhile plug-ins are not free.
  Adobe Optional Plug_ins downloads are Plugins Adobe want to remove from Photoshop  and no longer install by default. Also at some point in time these will no longer install into the current Photoshop for Adobe will remove feature or interfaces the use. For example the CS5 optional plugins will install in Windows CS6 perpetual version 13.0.1.3 but not in Subscription version 13.1.2 or perpetual Mac version 13.0.6 fot its 64bit only and the Mac CS5 optional plug-in for Picture package is only a 32bit plug-in.
  You will need to keep and maintain old versions of Photoshop if Adobe remove features you use in new versions of Photoshop.

• I have AOL as my mail-server and any photo I am trying to attach and send will not open no matter what I try.It say that the format the attachment is not recognised.d.

  I have AOL as my mail-server and any photo that I am trying to attach will not open.The photos are in iPhoto and the message say that the format is not being recognized.AOL delivers the photos but they cant be open.

  Where exactly did you buy the "new iPhone "
  A country might help as well .This is a WW forum
  Are Direct Mobiles an Approved Apple iPhone reseller if not it may well be a fake

• How InDesign comes to know about any changes on document, but not saved. As it shows * on the name of document when it is opened and any changes. And after saving * symbol is get removed from the name of document. How and where indesign@ handles this?

  How InDesign comes to know about any changes on document, but not saved. As it shows * on the name of document when it is opened and any changes.
  And after saving * symbol is get removed from the name of document. How and where indesign@ handles this?

  Are you just asking because you want to know, or do you have a problem you need to solve? I don't know how to write a program, but I think what your are describing is not an unusual thing for a  program to do. The * tells you that changes have been made since the last save, and the program reserves a portion of memory for undo functions. I suppose a coder could tell you how it works, but I don't think it would help an average user to know, but that's just my opinion.