Anyconnect VPN - Expired certificate causing Java error

Hello,
Since April 4th 2015 Java has been blocking the process of installing AnyConnect via web-deployment (see attached screenshot). It indicates there is an expired certificate with these details:
Issuer CN=VeriSign Class 3 Code Signing 2010 CA,
OU=Terms of use at https://www.verisign.com/rpa (c)10,
OU=VeriSign Trust Network,
O="VeriSign, Inc.",
C=US
Validity [From: Wed Jan 02 19:00:00 EST 2013,
To: Sat Apr 04 19:59:59 EDT 2015] <-----------------------------
Subject CN="Cisco Systems, Inc.", <-----------------------------
OU=Digital ID Class 3 - Microsoft Software Validation v2,
O="Cisco Systems, Inc.",
L=Boxborough,
ST=Massachusetts,
C=US
This certificate is not seen when entering 'show crypto ca cert' on the ASA -- it is NOT our certificate, as it is issued to "Cisco Systems, Inc", and it has clearly expired.
We are running the ASA software 9.1.6 and this behavior happens (at least) with the three latest versions of Java.
Is anyone else having this issue? Is there anything that can be done (server-side) to resolve this?
Thanks in advance...

I think it is possible to use same digital certificate. You can specify whether you want users to authenticate using AAA with a username and password or using a digital certificate (or both). When you configure certificate-only authentication, users can connect with digital certificate and are not required to provide a user ID and password.

Similar Messages

  • Upgrade to patchset 3 10.1.2.3 from 10.1.2.0.2 causes Java errors

    Hi all,
    I upgraded our app server and then did the frmwebutil change as per the document, but now if i try and open any form, the form does not open, the system crashes and my java console contains the following error. Anyone any ideas?
    Exception in thread "AWT-EventQueue-3" java.lang.NoSuchMethodError: oracle.forms.handler.IHandler.getApplet()Ljava/applet/Applet;
         at oracle.reports.utility.FrmReportsInteg.init(FrmReportsInteg.java:221)
         at oracle.forms.handler.UICommon.instantiate(Unknown Source)
         at oracle.forms.handler.UICommon.onCreate(Unknown Source)
         at oracle.forms.handler.JavaContainer.onCreate(Unknown Source)
         at oracle.forms.engine.Runform.onCreateHandler(Unknown Source)
         at oracle.forms.engine.Runform.processMessage(Unknown Source)
         at oracle.forms.engine.Runform.processSet(Unknown Source)
         at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
         at oracle.forms.engine.Runform.onMessage(Unknown Source)
         at oracle.forms.engine.Runform.processEventEnd(Unknown Source)
         at oracle.ewt.lwAWT.LWComponent.redispatchEvent(Unknown Source)
         at oracle.ewt.lwAWT.LWComponent.processEvent(Unknown Source)
         at java.awt.Component.dispatchEventImpl(Unknown Source)
         at java.awt.Container.dispatchEventImpl(Unknown Source)
         at java.awt.Component.dispatchEvent(Unknown Source)
         at java.awt.KeyboardFocusManager.redispatchEvent(Unknown Source)
         at java.awt.DefaultKeyboardFocusManager.dispatchKeyEvent(Unknown Source)
         at java.awt.DefaultKeyboardFocusManager.preDispatchKeyEvent(Unknown Source)
         at java.awt.DefaultKeyboardFocusManager.typeAheadAssertions(Unknown Source)
         at java.awt.DefaultKeyboardFocusManager.dispatchEvent(Unknown Source)
         at java.awt.Component.dispatchEventImpl(Unknown Source)
         at java.awt.Container.dispatchEventImpl(Unknown Source)
         at java.awt.Component.dispatchEvent(Unknown Source)
         at java.awt.EventQueue.dispatchEvent(Unknown Source)
         at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
         at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
         at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
         at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
         at java.awt.EventDispatchThread.run(Unknown Source)By the way this is the same in both 1.5 and 1.6 JREs
    I double checked and the forms/java frmwebutil is the one that was in the patch directory so should be right??
    Any ideas?
    Edited by: ngac on Jul 16, 2009 2:36 PM

    Hi There,
    Would you tell us your oracle application server environment?
    We have it running in a windows 2003 server.
    Please tell how you apply oracleAS 1og patchset 3? no step by step, just briefly where and what you start apply to the end.
    We had a fully operational Application server and seperate database set up using app server 10.1.2.0.2.
    Downloaded patchset 10.1.2.3 from metalink. Patched using universal installer. grabbed the frmwebutil from within the patch and replaced the existing frmwebutil.jar within the Java folder.
    What version of webutil configured?
    Within the frmwebutil it says webutil2.2 but acording to the java console it says
    RegisterWebUtil - Loading WebUtil Version 10.1.2.3
    Any changes on webtuil jar files after applied patchset 3?
    no
    We have another JAR that we load into the system with PJC's and the link (all picked up direct from Oracle, we do no programming of java ourselves) and it appers this is the problematic area. If i miss out this JAR the system loads successfully.
    But when i investigated furthur and reiewed the error above it mentions FRMReportsInteg which was something we got to allow us to do web show document, so surely this must work within 10.1.2.3???
    Thanks

  • Security update 3.6.14 causes Java Error Cache warning when uploading to a distance learning site (Blackboard). How do I uninstall the update?

    Sorry, I can't give you a screen shot of the error windows that pop up when I'm having this trouble. Only the text pastes.

    https://bugzilla.mozilla.org/show_bug.cgi?id=629030

  • Post causes java error in otn server

    On or about August 21 this year I posted a message on the OA Framework forum with a title like "Network Adapter could not establish the connection". I included parts of a jsp. Apparently this causes the OTN server to choke.
    I subsequently posted the message again without the jsp, renaming the title "Again: Network ..."
    If you do a search of OA Framework forum for "Network Adapter" you will see the server fail.
    Please remove this message, so I can search!
    Thanks,
    Bob N

    Dear Vincent
    Its already set the Parameter rdisp/j2ee_start = 0. last week we are upgrade the kernel from 173 to 221. after that this problem was started.
    Regards
    Sriram

  • AnyConnect Secure Mobility Client v3.1.04066 "The VPN client driver encountered an error"

    Hello, I am a software engineer and have been trying to connect to my client's VPN using the AnyConnect Secure Mobility Client (version 3.1.04066) and keep receiving the error "The VPN client driver encountered an error. Please try again or restart your system."
    I am on a Windows 7 system with an intel i7-2670QM cpu. My computer model is an HP Pavilion dv7.
    I have tried uninstalling the software, re-installing it. I've tried restarting my system multiple times through the process. I've checked the registry and made sure the name was setup correctly. I have checked and made sure that the correct services are not enabled. I have also tried what was suggested on the support page and checked the integrity of catroot2 as well as renaming it and regenerating the folder. None of these have been able to fix my problem.
    For information, this is the message history when I try to connect:
    [12/8/2014 8:55:49 AM] Ready to connect.
    [12/8/2014 9:27:19 AM] Contacting vpn.[hostaddressremoved].com.
    [12/8/2014 9:27:22 AM] Please enter your username and password.
    [12/8/2014 9:27:29 AM] User credentials entered.
    [12/8/2014 9:27:30 AM] Please respond to banner.
    [12/8/2014 9:27:31 AM] User accepted banner.
    [12/8/2014 9:27:31 AM] Establishing VPN session...
    [12/8/2014 9:27:32 AM] Checking for profile updates...
    [12/8/2014 9:27:32 AM] Checking for product updates...
    [12/8/2014 9:27:32 AM] Checking for customization updates...
    [12/8/2014 9:27:32 AM] Performing any required updates...
    [12/8/2014 9:27:32 AM] Establishing VPN session...
    [12/8/2014 9:27:32 AM] Establishing VPN - Initiating connection...
    [12/8/2014 9:27:33 AM] Establishing VPN - Examining system...
    [12/8/2014 9:27:33 AM] Establishing VPN - Activating VPN adapter...
    [12/8/2014 9:27:33 AM] Establishing VPN - Attempting to repair VPN adapter...
    [12/8/2014 9:27:33 AM] Disconnect in progress, please wait...
    [12/8/2014 9:28:22 AM] Connection attempt has failed.
    [12/8/2014 9:28:24 AM] Ready to connect.
    I have tried every kind of search I can think of to find any other solutions to try, and I cannot find anything else. Does anyone have any other recommendations of what to try in order to be able to connect to my client?
    -TheJayDude

    Yes, I am sorry to say that several people have seen the same issue.  It seems like the issue is specific to Yosemite and Anyconnect. My very technical staff and I have tried many things.  The default route is missing and the file /var/run/resolv.conf is also missing which means that both the route and DNS server are messed up.  We re-added the default route manually which allows us to ping the servers and even access them via the IP address
    Run the command below before starting the VPN to get the default route
    netstat -nr | grep default
    Then run the following to re-add the default route.
    route add default xxx.xxx.xxx.xxx
    BUT there is no way that I can find to fix the DNS entry. 
    We tried re-adding the DNS entries in the /var/run/resolv.conf  and then restarting the DNS service
    $ sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist                                                                              
    Password:
    $ sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist 
    BUT THIS DOES NOT WORK!
    If anyone can help us solve the DNS issue, at least we have a work-around for our technical people until Cisco and/or Apple can resolve it.
    Here is a link to the same issue at Cisco.
    https://supportforums.cisco.com/discussion/12334071/cisco-anyconnect-secure-mobi lity-client-os-x-yosemite-vpn-not-working-if-mac

  • ISE 1.2 / WLC 5508 EAP-TLS expired certificate error, but wireless still working

    Hi I have a customer that we've deployed ISE 1.2 and WLC 5508s at.  Customer is using EAP-TLS with and everything appears to setup properly.  Users are able to login to the network and authenticate, however, frequently, I'm getting the following error in ISE authentication logs:
    12516 EAP-TLS failed SSL/TLS handshake because of an expired certificate in the client certificates chain
    OpenSSL messages are:
    SSL alert: code=Ox22D=557 : source=local ; type=fatal : message="X509
    certificate ex pi red"'
    4 727850450.3616:error.140890B2: SS L
    rOYbne s: SSL 3_  G ET _CL IE NT  _CE RT IF ICAT E:no ce rtific ate
    relurned: s3_ srvr.c: 272 0
    I'm not sure if this is cosmetic or if this is something that I should be tracking down.  System isn't in full production yet, but every client seems to be working and there is no expired cert in the chain.  Any ideas what to check?

    Hello Dino,
      thanks very much for your reply.
      The client uses a machine-certificate, the PKI is not a microsoft one, but a third party PKI.   The certificate is fresh and valid, the root-cert is installed and checked to be validated against it for the login.
    Clock is correct too. The same setup works flawlessly in Windows 7 and XP.
    EKU is set on the certificate (1.3.6.1.5.5.7.3.2)
    I suspect the cert-setup itself, but don't get a clue where this might stuck...
    Björn

  • 5800 XM "Expired Certificate" error message

    For people who own a Nokia 5800 XM, the error message of "Expired Certificate" when downloading applications onto the device will be mean you cannot load on new apps, which can be frustrating.
    Firstly you should try to update the firmware on your phone by 1 of 3 ways.
    Using FOTA (Firmware Over The Air). Another thread of mine will explain this in detail. You can find it here.
    Downloading Nokia Software Updater(NSU) and connecting your 5800 to the computer using a data cable.
    Taking the handset to a Nokia Care point if you do not want to try the above 2 options.
    **NOTE: Always be sure to make a back up of your personal details that are held on the phone as updating firmware will most likely delete any data left on the phone.
    If you have used FOTA or NSU to update your firmware, or there is no new update available then doing the following will work and will allow you to install new applications without the expired certificate error message.
    With the phone switched on, press the power button key once.
    Scroll down to and select "Remove E: Memory Card". 
    Select Yes to remove the memory card.
    Press OK and remove memory card from phone.
    Press the Dialler on the main screen.
    Type *#7370#
    Enter security code. Default is 12345 unless it has been changed.
    The phone will reset, wait for this to complete and power back on.
    Select your country and type in the correct time and date.
    Wait for the phone to complete its configurations, you may receive "My Nokia" or tutorial messages.
    Power off phone.
    Insert the memory card.
    Power on the phone.
    Wait for the phone to install any pre-loaded content from the memory card
    Phone is ready to install applications, without "Expired Certificate" error message.
    I have done the above myself and downloaded the PDF reader from the "Download" application from within the handset and it installed with no error after these steps.
    I hope this helps.
    My posts are my opinion and in no way the direct views of Nokia.
    If my posts are helpful, please give me some KUDOS using the green star on the left.

    try to sign your app(s) through Opda site.
    If you want to thank someone, just click on the blue star at the bottom of their post

  • URGENT!! ERROR WITH EXPIRED CERTIFICATE USING JDK 1.4.2.05

    Hi,
    I have created a client/server application with SSL and have found the following problem.
    I have made these two tests:
    1) jdk 1.4.2.03 --> the certificate is expired, I obtain this exception "No trusted certificate found". it's ok
    2) jdk 1.4.2.06 --> the certificate is expired, no error occurs. WHY?????
    Someone can help me?
    Gianna

    The problem is not the expired certificate! I know that it is expired, but I don't understand why using jdk 1.4.2.05 this certificate is not recognize invalid.
    With this jdk the channel is created. Using jdk 1.4.2.03 instead the certificate was recognized expired and the channel is not created between client and server.
    For me the correct behavior has with the old version of the JDK and not the new.
    WHY?????

  • AnyConnect 3.1.01065 error - Failed to install AnyConnect VPN Profile because of file move error. A VPN connection cannot be established.

    I've got a user running:
    AnyConnect 3.1.01065
    on
    Windows 7 64bit.
    Several weeks ago she started encountering the following error:
    -after logging into Windows and launching the AnyConnect client, she enters her username and password and successfully authenticates.
    -the connection is not established and she's presented with the following message: "Failed to install AnyConnect VPN Profile because of file move error. A VPN connection cannot be established."
    After doing some troubleshooting, inlcuding uninstalling/reinstalling the anyconnect client, it seems the culprit is the following file:
    C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\<filename>.xml. When the problem occurs (which is not regularly, sometimes it occurs daily, sometimes just once a week) examining that file indicates it has no security or permissions set. Quitting the AnyConnect software, modifying the file so that the user has full control of it, then relaunching AnyConnect fixes the problem (until it happens again). Uninstalling, and making sure to move C:\ProgramData\Cisco to the trash, then reinstalling did not seem to help.
    The closest match in these forums is the following thread, https://supportforums.cisco.com/message/3760446 - though no clear resolution was given.
    Has anyone else encountered this, and been able to fix it?
    Thanks much.

    Just FYI, it seems at least in this case, purging all the previous system restore points seems to have resolved this issue...

  • Error 1722 Installing Anyconnect VPN (Windows 7)

    Hi,
    i'm trying to install Anyconnect VPN Client (anyconnect-win-2.5.2006-web-deploy-k9) to connect the university wifi, but i always get an error 1722
    There
    is a problem with this Windows Installer package. Ein Programm, das als
    Teil des Setups ausgeführt wird, wurde nicht wie erwartet beendet.
    Contact your support personnel or package vendor.
    I had this error and i couldn't fix it and i reinstalled the Windows 7 (HP Compaq 610). Than i could install the AnyconnectVPN. Today it tried to update, than i get the same error. Now i can't use it and i can't install it.
    There are a lot of people with this problem but there is no information in internet to fix this problem.
    I really need help. I don't want to reinstall the windows. (It's also not a solution).
    There is a  key (Standart) HKEY_LOCAL_MACHINE/SOFTWARE/..../RUNONCE without a value.
    What should i do now?

    Have you uploaded the AnyConnect package to the vpn gateway yet? I would recommend that you uploaded the latest version: AnyConnect version 2.5.2017.
    Firstly you would need to upload the package to the vpn gateway, and you would need to use the following:
    anyconnect-win-2.5.2017-k9.pkg
    Once you have uploaded the package to the vpn gateway, you can download and install the AnyConnect onto your Windows 7 in 2 ways:
    1) From Windows 7, assuming that the vpn gateway has been configured for AnyConnect, then you can browse to the vpn gateway ip address, and the AnyConnect software will be automatically downloaded and installed on the Windows 7 machine.
    2) Alternatively, you can also pre-install the AnyConnect using the following file:
    anyconnect-win-2.5.2017-pre-deploy-k9.msi
    Hope that helps.

  • What could cause "Internal error: java.lang.NullPointerException: can't not add null to SWF frame" when using compc?

    using flex sdk 4.6, and air sdk 15.0.0.356
    we get the following error when using compc in our ant build:
    [java] Internal error: java.lang.NullPointerException: can't not add null to SWF frame
    [java] at com.adobe.flash.swf.SWFFrame.addTag(SWFFrame.java:77)
    [java] at com.adobe.flash.compiler.internal.units.requests.SWFTagsRequestResult.addToFrame(SWFTagsR equestResult.java:114)
    [java] at com.adobe.flash.compiler.internal.targets.SWFTarget.addCompilationUnitsAndDependenciesToF rame(SWFTarget.java:398)
    [java] at com.adobe.flash.compiler.internal.targets.SWFTarget$FramesInformation.createFrame(SWFTarg et.java:838)
    [java] at com.adobe.flash.compiler.internal.targets.SWFTarget$FramesInformation.createFrames(SWFTar get.java:875)
    [java] at com.adobe.flash.compiler.internal.targets.SWFTarget.build(SWFTarget.java:243)
    [java] at com.adobe.flash.compiler.internal.targets.SWCTarget.buildLibrarySWF(SWCTarget.java:348)
    [java] at com.adobe.flash.compiler.internal.targets.SWCTarget.build(SWCTarget.java:128)
    [java] at com.adobe.flash.compiler.clients.COMPC.buildArtifact(COMPC.java:144)
    [java] at com.adobe.flash.compiler.clients.MXMLC.compile(MXMLC.java:541)
    [java] at com.adobe.flash.compiler.clients.MXMLC.mainNoExit(MXMLC.java:230)
    [java] at com.adobe.flash.compiler.clients.MXMLC.mainNoExit(MXMLC.java:184)
    [java] at com.adobe.flash.compiler.clients.COMPC.staticMainNoExit(COMPC.java:75)
    [java] at com.adobe.flash.compiler.clients.COMPC.main(COMPC.java:62)
    which seems to be rather vague, and offers no clue as to what caused the problem. so, my question is, what could cause this error?
    these are the compiler options we use in the build file:
    <java jar="${flex.compc.jar}" dir="." fork="true" failonerror="true">
          <jvmarg value="-Xmx512m" />
          <arg line="@{options} ${_compc.libpath} ${_compc.externspath} ${_compc.includespath}" />
          <arg value="+flexlib=${flex.frameworks.dir}" />
          <arg value="-load-config=@{config}" />
          <arg value="-source-path=@{src.dir}" />
          <arg value="-include-sources=@{src.dir}" />
          <arg value="-output=@{dest}" />
          <arg value="-swf-version=@{swf.version}"/>
          <arg value="-debug=${flash.debug}"/>
          <arg value="-advanced-telemetry"/>
    </java>
    assume that the properties resolve to correct values, since all projects (except one) call this task and compile successfully. the error must come from this one project that fails, but we don't know why.
    any ideas?

    You could be running out of memory, try increasing the -Xmx512m value to -Xmx1024m or another value that you prefer

  • Another Expired Certificate Error Thread

    I've searched all over, and apologize in advance if there is already an answer for this.
    I'm using the Symbian Belle OS and am running into the old problem of expired certificate errors when trying to install certain apps. The solution to this was to change the date on the phone so it coincides with that of the application you're trying to install. But that solution is no longer working.
    Does anyone know of a workaround?

    I did every year all the way back to 2000 but no luck
    I also tried sites that will convert the .sis file into one with a valid certificate, but that fails as well. When going down that road it just tells me the certificate is not valid or that the author cannot be verified (instead of expired).

  • Expired certificate error for language packages

    I wish to inform the nokia authority,that the language package(UK english Martin) provided for Message Reader app (symbian belle) is showing 'CERTIFICATE EXPIRED' error ,whenever I tried to install the language pack.
    I request the authority to kindly extend the certificate period more so that all user can use those packages.
    I downloaded the language pack from:
    http://www.nokia.com/global/support/text-to-speech​/
    Handset model : NOKIA 701

    Same problem with US english language packs, expired certificate despite the fact that I just downloaded it from Nokia a few days ago. So please Nokia renew the certificate for the Nokia super 701 Text To Speech Language packs.
    Handset Model: Nokia super 701 FP2

  • Java error during AnyConnect install

    Just installed an ASA 5505 with AnyConnect Essentials.  AnyConnect installation works fine on some windows boxes (All flavors) but have a couple machines with issues. This makes it clearly a computer side issue.  When I try to log into the ASA to download the client with IE 9 the ASA just keeps asking for my logon credentials.  If I I use Firefox my credentials work and I get as far as the "Using Sun java for installation" with instructions to click yes on the java security warning.  The Java Security warning never arrives like on machines that don't have this problem. Firefox just hangs and has to be killed by task maanger. Remove and reinstall of both Java and Firefox fail to correct the problem.  Anyone got AnyConnect clientside recovery tips beyond Java and Browser reinstall?  Clearly I could reimage the system to fix the issue but something less shotgunny would be nice...:)
    A Google search show a few folks using Ubuntu and old PPC Macs seeing the same java error I get on these couple of windows boxen(see below)
    Java console spits forth an error:
    java.lang.ClassFormatError: Incompatible magic value 1013478509 in class file VPNJava/VPNJava
    The setup:
    ASA5505 - New (has RAM upgrade to 512M) currently running 8.2(5)
    Client is w2k3 server IAS RADIUS Authenticated
    AnyConnect client: anyconnect-win-2.5.3055-k9.pkg
    Affected computer: MS Vista SP1 - fully patched
    Java Plug-in 1.6.0_31 (Using JRE version 1.6.0_31-b05)
    Firefox - 10.0.2
    IE - 9 (9.0.8112.16421 update version 9.0.5)
    Incompatible magic value 1013478509 in class file VPNJava/VPNJava

    Thanks Marvin,
         It's more of a politcal thing with the customer to tell them that the Web install works 'sometimes'.  As for the version, v3.x is more than 5 times larger than it's 2.5 counterpart.  (26MB vs. 4.6MB) while you can stuff the 3.0 pkg onto the older 5505s there's not much flash: room for other packages after that. That is why as a rule I don't use 3.0.  Now in this case, it is a newer ASA with the increased RAM and flash but I'm still on the fence as to what the extra 21MB of code buys me when it comes to basic anyconnect essentials connectivity.

  • Mail and SMTP server settings of ASA Certificate Authority for cisco anyconnect VPN

                       Dear All,
    i have the folloing case :
    i am using ASA as Certificate authority for cisco anyconnect VPN users,the authentication happens based on the local database of the ASA,
    i want to issue a new certificate every 72 hours for the users ,and i want to send the one time password via email to each user.
    so what the setting of the mail and smtp server should be ,
    was i understand i should put my smtp server ip address then i have to create the local users again under(Remte VPN VPN--Certificate management--Local certificate authority --Manage user Database) along with their email addresses to send the one time passsword to them via their emails.
    i sent the email manually ,hwo can automate sending the OTP to our VPN users automatically vi their emails?
    Best regards,

    Thanks Jennifer.
    I did manage to configure LDAP attribute map to the specific group policy.
    Nevertheless, I was thinking whether I can have fixed IP address tied to individual user.
    Using legacy Cisco VPN Client, I can do it using IPSEC(IKEv1) Connection profile, where I set Pre-Shared Key and Client Address Pools. Each Client Address Pools has only 1 fix IP address.
    Example: let say my username is LLH.
    Connection Profile for me is : LLH-Connection-Profile, my profile is protected by preshared key.
    Client Address Pool for me is : LLH-pool, and the IP is 172.16.1.11
    Only me know the preshared key and only me can login with my Connection Profile.
    Using AnyConnect, I have problem. User can use any connection profile because I cannot set preshared key for AnyConnect. In that case, I cannot control who can use my Connection Profile and pretend to be me.
    Example:
    AnyConnect Connection Profile for me is : LLH-Connection-Profile, without any password
    Client Address Pool for me is : LLH-pool, IP is 172.16.1.11
    Any body can use LLH-Connection-Profile, login with another user name, let say user-abc which is a valid user in LDAP server. In that case, ASA assign 172.16.1.11 to user-abc and this user-abc can access server which only allow my IP to access.
    I hope above description can paint the scenario clearer.
    Thanks in advance for all the help and comment given.

Maybe you are looking for

  • Possible to change appearance in iCal, particularly the To Do Items?

    Is it possible to change the appearance in iCal? I'm speaking about mostly the background? (I know you can change the "calendar" colors, but I'm looking for something else.) 1. For example, it is extremely difficult, almost impossible for me to deter

  • Illustrator cc crashes on start up win 8 - pantone color manager issues?

    I was at a clients office yesterday,  installed Pantone Color manager on my laptop (I have Adobe Illustrator CC) and on their desktop (They have latest copy of Illustrator, but not cc, it's disc). And imported some pantone swatches into illustrator o

  • How to add a pane from DEEP within System Prefs to the dock

    I frequently use my HP Deskjet scanner, and the way I scan stuff is by doing: System Prefs > Printers & Scanners > [select the printer] > Scan > Open Scanner... Is there a way to essentially record the LAST action, the "Open scanner" mouse-click, and

  • CS3: CC Spotlight color choices

    Hi, I want to place a spotlight to an image. I chose Effects > Perspective > CC Spotlight. I did everything right, except there is no spotlight color choices. There is only white color available. When I try to change the color and clicked the color,

  • Two versions of the sport kit

    I ordered a new sensor on the CompUSA web site today, and noticed that they are selling two different versions. One is (340383) $29.99 and the other is (52575532) $27.99. In looking at the product comparison, the cheaper one is described as working w