ASA 5505 remote vpn - not receiving packets from ASA
I am having problem configuring remote vpn between ASA5505 and Cisco VPN client v5. I can successfully establish connection between ASA and Vpn client and receive IP address from ASA. VPN client statistics windows shows that packets are send and encrypted but none of the packets is Received/Decrypted. Any ideas on what I have missed?
Thanks in advance for any help,M
crypto isakmp nat-traversal
Please rate helpful posts.
Similar Messages
-
Asa 5505 Remote VPN Can't access with my local network
Hello Guys ,, i have a problem with my asa 5505 Remote VPN Connection with local network access , the VPn is working fine and connected , but the problem is i can't reach my inside network connection of 192.168.30.x , here is my configuration , please can you help me
ASA Version 8.2(1)
interface Vlan1
nameif inside
security-level 100
ip address 192.168.30.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 155.155.155.10 255.255.255.0
interface Vlan5
no nameif
no security-level
no ip address
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
access-list inside_nat0_outbound extended permit ip any 192.168.100.0 255.255.255.240
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool vpn-Pool 192.168.100.1-192.168.100.10 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy mull internal
group-policy mull attributes
vpn-tunnel-protocol IPSec
username xxx password eKJj9owsQwAIk6Cw encrypted privilege 0
vpn-group-policy Mull
tunnel-group mull type remote-access
tunnel-group mull general-attributes
address-pool vpn-Pool
default-group-policy mull
tunnel-group mull ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
service-policy global_policy global
prompt hostname contextHey Jennifer i did every thing you mention it , but still i can't reach my inside network (LOCAL network) iam using Shrew Soft VPN Access Manager for my vpn connection
here is my cry ipsec sa
interface: outside
Crypto map tag: SYSTEM_DEFAULT_CRYPTO_MAP, seq num: 65535, local addr: 155.155.155.1
local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
remote ident (addr/mask/prot/port): (192.168.100.1/255.255.255.255/0/0)
current_peer:155.155.155.1, username: Thomas
dynamic allocated peer ip: 192.168.100.1
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0
#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
#send errors: 0, #recv errors: 0
local crypto endpt.: 155.155.155.1/4500, remote crypto endpt.: 155.155.155.20/4500
path mtu 1500, ipsec overhead 82, media mtu 1500
current outbound spi: 73FFAB96
inbound esp sas:
spi: 0x1B5FFBF1 (459275249)
transform: esp-aes esp-sha-hmac no compression
in use settings ={RA, Tunnel, NAT-T-Encaps, }
slot: 0, conn_id: 12288, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (sec): 2894
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
outbound esp sas:
spi: 0x73FFAB96 (1946135446)
transform: esp-aes esp-sha-hmac no compression
in use settings ={RA, Tunnel, NAT-T-Encaps, }
slot: 0, conn_id: 12288, crypto-map: SYSTEM_DEFAULT_CRYPTO_MAP
sa timing: remaining key lifetime (sec): 2873
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001 -
Not receiving email from one domain
Hi,
I am running Exchange 2003 on Windows Server 2003 SP2 and suddenly starting having the problem of not receiving mail from one domain. All other domains seem to be fine, although seem slower to receive mail than normal. The sender of the domain in question does not receive any NDR or bounce back error messages, so they are none the wiser the mail has come through. I have checked the junk/spam, I don't have any filters which could be blocking the domain.
Any ideas??
Thanks
Hi,
Please enable the protocol log on SMTP virtual server to check whether the remote domain has attempted to connect to your exchange server to send email to you.
If the remote domain has attempted to connect to your exchange server, please check whether the message is received by the SMTP server. If the message has been received, please use the message tracking log or queue viewer to check whether the message stuck on the server.
If the message is rejected, you can use protocol log to gather further information.
If the remote domain does not attempt to connect to your exchange server, I think you need to work with the remote domain admin regarding the issue as other domains are able to send email to you with no problem.
Mike -
Hi,
I am using cluster with osb_server1 and osb_server2. While starting the servers, I am facing below error on Managed Server(osb_server2) but only warning on Managed Server(osb_server1).
Warning on managed server1(osb_server1)
<Warning> <ALSB Statistics Manager> <BEA-473007> <Aggregator did not receive statistics from [osb_server2] for the aggregation performed for tick 1855320.>
Error on managed server2(osb_server2)
<Nov 24, 2011 11:23:00 AM UTC> <Error> <ALSB Statistics Manager> <BEA-473003> <Aggregation Server Not Available. Failed to get remote aggregator
java.rmi.UnknownHostException: Could not discover URL for server 'osb_server1'
at weblogic.protocol.URLManager.findURL(URLManager.java:145)
at com.bea.alsb.platform.weblogic.topology.WlsRemoteServerImpl.getInitialContext(WlsRemoteServerImpl.java:94)
at com.bea.alsb.platform.weblogic.topology.WlsRemoteServerImpl.lookupJNDI(WlsRemoteServerImpl.java:54)
at com.bea.wli.monitoring.statistics.ALSBStatisticsManager.getRemoteAggregator(ALSBStatisticsManager.java:291)
at com.bea.wli.monitoring.statistics.ALSBStatisticsManager.access$000(ALSBStatisticsManager.java:38)
Truncated. see log file for complete stacktrace
Please provide your solutions here.
ThanksHi,
I am using cluster with osb_server1 and osb_server2. While starting the servers, I am facing below error on Managed Server(osb_server2) but only warning on Managed Server(osb_server1).
Warning on managed server1(osb_server1)
<Warning> <ALSB Statistics Manager> <BEA-473007> <Aggregator did not receive statistics from [osb_server2] for the aggregation performed for tick 1855320.>
Error on managed server2(osb_server2)
<Nov 24, 2011 11:23:00 AM UTC> <Error> <ALSB Statistics Manager> <BEA-473003> <Aggregation Server Not Available. Failed to get remote aggregator
java.rmi.UnknownHostException: Could not discover URL for server 'osb_server1'
at weblogic.protocol.URLManager.findURL(URLManager.java:145)
at com.bea.alsb.platform.weblogic.topology.WlsRemoteServerImpl.getInitialContext(WlsRemoteServerImpl.java:94)
at com.bea.alsb.platform.weblogic.topology.WlsRemoteServerImpl.lookupJNDI(WlsRemoteServerImpl.java:54)
at com.bea.wli.monitoring.statistics.ALSBStatisticsManager.getRemoteAggregator(ALSBStatisticsManager.java:291)
at com.bea.wli.monitoring.statistics.ALSBStatisticsManager.access$000(ALSBStatisticsManager.java:38)
Truncated. see log file for complete stacktrace
Please provide your solutions here.
Thanks -
Hello, icloud receive messages from gilly hicks, but does not receive messages from another personal account... this is happening me since one week and i dont know how to solve this.... error in the mail delivery system says not valid IPv4
SMTP error from remote mail server after RCPT TO:<[email protected]>:
host mx6.me.com.akadns.net [17.158.8.114]: 550 5.7.0 Blocked - see https://support.proofpoint.com/dnsbl-lookup.cgi?ip=184.173.9.56:
[email protected]
i do alse receive from gmail....
please help... what is happening!!!!Just to recap, this is a collection of ports I have collected over time for people who needed this information when setting up the HP ePrint app so that they could view their email from within the app. I am certain other applications also need this information. Although lengthy, I could not find a more comprehensive place to retrieve this information. Feel free to post additional information, faulty information, or other related topics below as this is simply a collection of data and it would be practically impossible to test all of them. Thank you!
Don't forgot to say thanks by giving "Kudos" if I helped solve your problem.
When a solution is found please mark the post that solves your issue.
Every problem has a solution! -
I can send and receive to any non iPhone user. I can send a message as a text to an iPhone user but if I'm not connected to cellular data or wifi I do not receive messages from iPhone contacts. From what I understand these message should automatically send to me as texts instead of iMessages but since the update it's not functioning properly. Please help. I've tried turning iMessage off and I still don't receive the messages until after I reconnect to wifi.
I have the same problem! Before the upgrade, if I wasn't connected to the internet, any messages sent to me from an iphone would convert automatically to a text message. I have payg tarriff, so I turn cell data off, as it costs too much to use it. I have wifi at home and work, but if I'm out and about, I don't receive texts from iphone users until I'm on wifi. I get them ok from non iphone users. There was never any problem until ios7
-
Can not receive emails from third party email accounts
Recently I started working for a small business which has small business server 2011 and exchange 2010 installed. Before I started there were eight user accounts and they all have unlimited email access. I created a few users through sbs AD and also from
exchange console a week ago. Unfortunately none of them can not receive emails from third party accounts. they all can receive internal emails and also can send mails to any email accounts internally and externally.
This is a night mare for me as new users are having trouble with communicating via mails. I have tried all the methods and now thought of posting this issue on tech net. Please help me on this!!
Thanks a lot!!
SammyChecklist for testing inbound email problems, I am assuming outbound emails works ok.
1. Check Port 25 forwarding on all modems routers/firewalls
2. MX Record is created and pointing to the correct Public IP Address, use MXToolbox.com to verify MX Record and test SMTP flow. Also Verify your public IP has not changed, use whatsmyip.org to check you public IP
3. If using POP Connector Service, make sure POP accounts are created properly
4. If using a 3rd party spam host, make sure they forward email to correct public IP address, use step 2 to verify your public IP. -
Recently started not receiving texts from one person - AT&T user, also HTC One
I recently started not receiving texts from one person. He also has an HTC One (older model) but has AT&T as his provider. We were texting back and forth last Friday morning (11/8) and then he called me and ever since then I have not received a single text he has sent. He is receiving all of mine and we can receive phone calls back and forth, but his text messages are not coming through. We have both tried restarting our phones and I have also tried deleting him as a contact and recreating it however nothing works. I checked to make sure he was not blocked (which I knew wasn't the case since I could receive phone calls from him as well), and even tried turning the "block contact" on and back off. Any solutions would be greatly appreciated. Right now we are using work arounds with google-talk and facebook messenger but it's very frustrated for me to not receive any of the texts that his phone is saying I am receiving.
It had started sporadically over the past few weeks where I would miss a text from him every once in awhile, but now I am receiving nothing. He is the only one that I am having this issue with as I have texted back and forth with multiple others the past few days with no issues.
Thanks in advance for the help!Hi! I'm also having the same problem. I have an iphone 5 & one person (who also has an iphone 5 but has AT&T as a provider). We had been able to send & receive phone calls & texts until mid-November. Now, we can both give & receive phone calls from each other and she receives my texts, however, I DON"T receive hers. In fact, if I'm in a group text message with her, I don't receive any of the texts that include her, even though I can give/receive texts individually from the others in the group message. The other two in the group message CAN receive both her texts & mine. This is so strange - I was left out of a whole thread of text messages & none of us knew it. They thought they were including me (nothing bounced back) & I didn't know I wasn't receiving them. Since her texting works with both of the others, I'm concluding the problem must be with my phone. Do I have an incorrect setting? I'm not sure what could have happened. PLEASE help!
-
Exchange server not receiving emails from gmail
Hi dear.
From 2 days ago our exchange server 2013 not receiving email from gmail account. but we can send from our exchange or outlook to gmail account.
we can receiving email from yahoo, hotmail, aol or other mail server But, just gmail account we can not receive email. plz help us, how can i do.
ThanksHi Beigi,
According to your description, I understand that Exchange cannot received the message from Gmail, however others works well.
Great checklist from Hotaka.
Additional, I want to double confirm whether any other antivirus and protection software in your environment, also the
Anti-Spam
or
Transport rule settings, for example sensitive words, IP block list and attachment filter, so that the message from external trigger constraints and be rejected. Meanwhile, please double check in OWA.
Besides, please use message tracking log to get more details for this issue. It’s more helpful to narrow down the problem, for your reference:
http://technet.microsoft.com/en-us/library/bb124375(v=exchg.150).aspx
Best Regards,
Allen Wang -
iCloud password but I forget why I sent in the mail verification is not received mail from apple icloud
<E-mail Edited by Host>You are not addressing Apple here. We are all just users like yourself. It's not a good idea to post your private email on a public forum.
-
I am not receiving notifications from my BlackBoard app even though it is turned on in the Notification Center. It was working fine until a week ago.
FORCE IPAD INTO RECOVERY MODE
1. Turn off iPad
2. Turn on computer and launch iTune (make sure you have the latest version of iTune)
3. Plug USB cable into computer's USB port
4. Hold Home button down and plug the other end of cable into docking port. Do not release button until you see picture of iTune and plug (very important)
5. Release Home button.
ON COMPUTER
6. iTune has detected iPad in recovery mode. You must restore this iPad before it can be used with iTune.
7. Select "Restore iPad"...
Note: Data will be lost -
Could not receive classifications from UDDI server. Please change the UDDI.
Hello:
Im trying to connect from CE in Visual Composer to the
UDDI url: http://xi.esworkplace.sap.com:50200/uddi/wsdl/uddi_v3_service.wsdl
but when I try to explore advance search in VC it shows me the following error:
Could not receive classifications from UDDI server. Please change the UDDI server.
Any idea?
Thanks
Regards
Mario GHi,
The one that Mario is saying is not in NWDS its in CE I guess. I too face the same difficulty. I give the following details that I did in my local CE. After saving the setting I tried to clickd service registry I get some list of errors. Kindly help me and Mario in resolving this. Thanks in advance.
Between Mario the URL of the UDDI and classification is changed now... please note the details that I have set.
==================================
Destination Type: WSDL
Destination Name: UDDI_DESTINATION
URL: http://sr.esworkplace.sap.com/uddi/wsdl/uddi_v3_service.wsdl
System: Java
Authentication : HTTP Authentication
User ID/Password (Basic)
User ID: sruser
Password: eswork123
====================================================
Destination Type: WSDL
Destination Name: CLASSIFICATION_DESTINATION
URL: http://sr.esworkplace.sap.com/ClassificationService/CS?wsdl
System: Java
Authentication: HTTP Authentication
User ID/Password (Basic)
User ID: sruser
Password: eswork123
====================================================
Create new destination Create new backend destination HU2
Destination Type: Services Registry
Destination Name: HU2
System: ABAP
System Name: HU2
Hostname: iwdf1030
Installation Number: 0120003411
Client: 800
Authentication: HTTP Authentication
User ID/Password (Basic)
User ID: <your user in HU2>
Password: <your password>nation CLASSIFCATION_DESTINATION
==============================================
Best Regards,
Suresh -
Not receiving emails from other I pads
Not receiving emails from other iPads
Just other iPads or in general?
Have those other iPads send mail that you can access on a PC and see if their mail is going through.
Can you access other mail or just mail from those iPads?
What is the mail provider involved?
More details can help in finding an answer -
I'm not receiving emails from 2 places. I don't have rules set up and both senders have the correct address. The messages aren't in my junk folder either. This is for my.mac account. Anyone know how to fix?
That just sounds like the mail headers. Most people don't know (or care) about them so they're usually hidden.
Check Mail -> Preferences -> Viewing -> Show header detail
I'm guessing it's set to 'All'. Switch it to 'Default' or None as you prefer. -
I am not receiving mail from either of my accounts. It keeps telling me the port is timing out. The internet is working however.
Was the iPod previous synced to another iTunes library/computer?
Was it setup via wifi?
Setup via iTunes when connected to this coputer/iTunes library?
Have you successfully synced from this iTunes library/computer before?
Do the songs play in iTunes?
Do you have the right boxes checked to sync?
iTunes: Syncing media content to iOS devices and iPod
Try syncing using the manual method
Lat, restore from backup. See:
iOS: How to back up
Maybe you are looking for
-
Reg- Role of Supporting Con about CIF
hi to All Sap ppl a Supportng Proj consutant just have to work on scheduling jobs,monitoring and COnsistency check of ECC ,apart from this do also he do CIFing( Transfrng M & T-Data) or basis people do this job. Thnak
-
Default Output Condition Records in SD
How do I maintain default output conditions in SD when I create a new customer? As of now, whenever I create a new customer, I have to create output condition records for quotations, sales order, shipping and invoicing. Thank you, Pravin
-
hi IDE: Netbeans7.1 Server:Weblogic 10.0 JSF:2.1 JPA:toplink essential JPA 1.0 When i`m inserting JPA in my JSF project following error Shown, Any one have Idea abt it? init: deps-module-jar: deps-ear-jar: deps-jar: library-inclusion-in-archive: libr
-
Where is the Disable Read from Cache option ?
I'm running Zenworks for desktops 4 and zenworks for servers 3 and I would like to try out the option Disable Read from Cache, but I'm unable to find it anywhere in the user or OU property pages. Where is it? Thanks! Oliver
-
I have a mac book 10.4.11. how do i upgrade to mountain lion?
Do i have to download operating systems in oder or can i just download mountain lion?