Can connect to internet, but can't find other computers in my network.
I have two macs that connect to the internet via an Airport Express unit (which is setup to connect to the internet using DHCP and share a single IP address using DHCP/NAT). My problem is that the macs cannot seem to find each other in the network.
How do I setup the network so that I can share the internet connection between both macs and at the same time connect from the one mac to the other? Is that even possible with an Airport Express unit?
I have two more Airport Express units. Can I configure one of those to act as the local network bridge (or whatever the technical term for that is)
I really just want to get all my macs to talk to each other, but I cannot for the life of me figure out how All help would be greatly appreciated!
Never mind... I'm stupid... File Sharing was off... d'oh! It all works now
Similar Messages
-
Can connect to Internet but can't open any web pages
Hi there helpers, I was on my iMac this morning and everything was fine. I could open any browsers and it could load pages very fast, but after I downloaded and tried to install Xquartz ( recommended by apple) I went on my browser again any tried to open Facebook but it didn't work all it said on the browser was NO DATA RECEIVED. I thought it was only Facebook so I tried google but it wasn't, it was all of the websites. So I'm not sure if I've accidentally downloaded a virus or malware. By the way I use google chrome to do the things above but I did do it again in safari. Thanks
Make a New Location, Using network locations in Mac OS X ...
http://support.apple.com/kb/HT2712
10.7 & 10.8…
System Preferences>Network, top of window>Locations>Edit Locations, little plus icon, give it a name.
10.5.x/10.6.x/10.7.x instructions...
System Preferences>Network, click on the little gear at the bottom next to the + & - icons, (unlock lock first if locked), choose Set Service Order.
The interface that connects to the Internet should be dragged to the top of the list.
10.4 instructions...
Is that Interface dragged to the top of Network>Show:>Network Port Configurations.
If using Wifi/Airport...
Instead of joining your Network from the list, click the WiFi icon at the top, and click join other network. Fill in everything as needed.
For 10.5/10.6/10.7/10.8, System Preferences>Network, unlock the lock if need be, highlight the Interface you use to connect to Internet, click on the advanced button, click on the DNS tab, click on the little plus icon, then add these numbers...
208.67.222.222
208.67.220.220
Click OK. -
Only Chrome can connect to internet, but the rest cannot. I have wifi or lan connect to router.
All my connection to the internet had been stopped after I setup my new bought imac, and transferred data from my previous mac book.
The connect test showed I have no connection to the internet. But the interest is, I can connect to internet with Google Chrome, but in a quite slow connection speed.
Check several times with the router and switches, DNS, wifi, lan settings etc.
Give up after hours of trying.At the same time, another mac book using the same router can connect to the internet. Even my iphone can also using wifi to connect to the internet.
Chrome in the imac can, but Safari and the internet test cannot. -
Can connect to router but can't access internet on some devices
Hello everyone,
I'm fairly good with comptuers / networking but this issue has me baffled. Help would be greatly appreciated.
I have a linksys router (WRK54G) and have 2 desktops and 2 laptops connected to it wirelessly at the moment. I bought 3 smart phones (AT&T Tilts) and a new laptop recently. I don't use encryption but I do have MAC address filtering enabled.
The issue is that 1 of the smart phones can connect to the network and the internet, but the other 2 phones and the laptop can connect to the network but not the internet.
I did add their MAC addresses to the "allow" list ofcourse, which is why they're able to connect to the internet. DHCP is enabled, and these devices get an IP address. I can see them as connected when i log in to my router as well through one of my other computers (I see the MAC address and the IP assigned to those devices) so I know they're properly connected to the network. However, when i try to pull up a website (using either its ip or its domain name), the devices try to open up the page but eventually give me a "The page cannot be displayed or downloaded because the connection was lost" on the pocket PCs, and a generic "page cannot be found" on the laptop. I don't see these requests in the outgoing log table of the router either... I'm supposed to see them as when i use one of my desktops, I can see which site was accessed by which IP.
So basically, the requests from 2 smart phones and 1 laptop aren't even getting to the router apparently. What could be wrong? These devices can access the internet on other routers elsewhere at my workplace or at wi-fi spots.. just not at home, which is a major inconvenience. Why would the router be stopping some devices from connecting to the internet and allowing others? I know it's not a setting in the devices as it can access the internet through other wi-fi spots elsewhere..
Help will be truly appreciated.Hi, I'm just getting up to speed on wireless but here's some info. Don't have a clue for your phones tho.
If you can connect to your network and talk to each other but can't connect to the internet, then it's an "Authorization" problem. I'ts not a Router "hardware" problem because your other equipment can connect to the internet (modem). It's not a Wireless card "hardware" problem on your laptop because you can connect to your network (router).
You say the Router sees the laptop/phones IP#'s but, do you see the IP#'s ON the computer/phones that can't get online? The Router sees them but do they see the Router?
The computers can talk to each other because your using the "Switched hub"(and wireless) part of the Router. I't doesnt do any translating, it just tells computer 1 that computer 2 want's to talk to it.
Is the Shared Key enabled on one and not the others?(Router menu)
If you can connect at work but not at home then again it's an Authorization problem. You have the right password, setup, etc, for work but not at home. "Hotspots" have no encryption so any one can connect. Do you have the home Router set up as WEP and and Work as WPA? Does your other laptop connect at work also? Do you have a mixed B,G,N band system at home. The Router has to be set at the band your using or have it set for mixed. If it's set for "G" only then any items that have B"or"N" won't be able to talk to it. If i go to a wireless motel thats next to a truck stop and a wireless Cafe, i can "SEE" a good half dozen "networks". I can even connect to a few of them, but, i can't get online because i don't have the password, etc..
Well one more kinda, sorta, possibility, did you lower the "Maximum number of DHCP Users" count to 4 (Router menu) and forget to raise it to 8 or what ever you have now? If you only had 3 computers on, then the Router would only hand out one more IP# so the other phones and laptop wouldn't get any more. It's defaulted to like, 20+ or so, so probably unlikely.
The First phone seems to be the magic bullet. My only suggestion would be to double check the settings and compare everything. You have got to be close.
I hope this get's you nearer,, -
Can connect via VPN, but can't access AFP server on same Xserve
Hi:
I've set up our XServe with MacOS X Server 10.5.2 to do AFP and VPN (L2TP only; PPTP is disabled). The XServe is a standalone server, not connected to any other direstory server.
I can connect to the XServe's AFP server from my Mac over our wired and wireless network. The AFP server shows up in the sidebar of Finder windows. So far, so good.
I am able to successfully connect to our network via the VPN with Mac OS X 10.5.2 client (on two different machines) using L2TP through our network's firewall (on a Netopia T1 router; UDF ports 500 and 4500 and IP Protocol 50 and 51 are open) using a shared secret.
But I cannot connect to the XServe itself to use Server Admin or AFP (using afp://server.company.com or afp://xxx.xxx.xxx.xxx via the Go > Connect to Server command).
The error I get while connecting to the 10.5.2 AFP server is Some data in apf://server.mycompany.com could not be read or written (Error Code -36 ). I saw this error associated with a SMB problem in 10.4.x, but SMB is not running.
Other iChat users in my office also do not automatically show up in the Bonjour list when I connect to the network. Other computers on our network do not appear in the sidebar of a Finder window. (I'm told these are to be expected, as Bonjour isn't supported (in the "local area Bonjour" over a WAN link - it's purely a multicast feature on the network in the office, and won't be routed across the VPN link. True?)
Now, here's the odd part. There is a second server (v10.4.11) on our network running AFP. I can connect to it (using afp://server.company.com via the Go > Connect to Server command) and mount its various sharepoints via the VPN.
The only thing I see in the VPN log that seems amiss is this (but I have no idea what it means):
Tue Mar 11 23:09:27 2008 : Unsupported protocol 0x8057 received
--Both the 10.5.2 and the 10.4.11 servers have DNS properly configured (though our ISP; we're not running our own DNS).
--Both servers and the client have public IP addresses and have the same subnet mask. Network Utility confirms this while connected to the VPN.
--NAT is not running. The ISP is responding with public IPs for the servers.
--The firewall for the 10.5.2 server is not running (but will be once I get this all working).
--The IP address range for the VPN server doesn't overlap our DHCP pool (which also currently uses public IP addresses).
--Any user can access any service.
--No network routing definitions have been set up.
--In essence, I've followed the steps on Pages 141-142 of the Network Services Admin Guide.
One other note: After I connect, the Network Preferences > VPN > Advanced > TCP/IP window shows the IP address for the client just fine (assigned from the VPN pool), but lists the router as having the IP address of the XServe (rather than the router on the network). Is that normal?
I'm hoping I don't need to have the XServe run DNS as an internal LAN DNS server.... And I'm not sure why I would have to if I can already successfully connect to the 10.4.11 AFP server .
What simple step am I missing?
TIA,
mm"I am able to successfully connect to our network via the VPN with Mac OS X 10.5.2 client (on two different machines) using L2TP through our network's firewall (on a Netopia T1 router; UDF ports 500 and 4500 and IP Protocol 50 and 51 are open) using a shared secret."
I suspect you mean UDP ports and you might need UDP port 1701 open too.
You only need IP protocol 50 (ESP), protocol 51 (AH) isn't used. And ESP is only used when client and server isn't behind NAT (when NAT is used only the UDP ports are used).
"Unsupported protocol 0x8057 received"
This is usually seen when you can't get GRE through but since you don't use PPTP I can't be sure why this is registered in the logs. Sometimes when connecting using PPTP you have to disconnect and then reconnect for everything to work - you might try this for L2TP too.
But if you already can reach services on any LAN nodes through the VPN I wouldn't bother with it.
As you have a firewall in front of the server you need a second alias IP on the server that you can use to get at the services running on the server through the VPN. The firewall blocks all ports protocols not opened - that's why you can't use the server main IP even if the VPN is up.
The netmask is used by all nodes to determine how big your subnet is: what part of the IP number is the network number and what range the node number is in => really: should traffic be directed to a node on the same LAN or sent directly to the gw/router for forwarding.
What you can't do is connect from a NATed network to another NATed network that both are using the same network number. (That's why people should stay away from using the "default" 192.168.0.0/24 and 192.168.1.0/24 networks for VPN server LANs).
Try your settings at http://www.jodies.de/ipcalc to see what I mean.
"...lists the router as having the IP address of the XServe (rather than the router on the network). Is that normal?"
Yes. The VPN server is the VPN gw/router.
"The firewall for the 10.5.2 server is not running (but will be once I get this all working)."
If you already have a firewall in front of your servers that is a bit redundant.
"--No network routing definitions have been set up."
"I'm hoping I don't need to have the XServe run DNS as an internal LAN DNS server"
You need routing definitions if you want to setup a split tunnel VPN or all traffic is routed through the VPN when connected. The VPN becomes the default gw.
Without ipforwarding ON in the server you can only reach nodes on the server LAN - not Internet.
DNS is needed for your servers forward and reverse names/IPs for advanced services but doesn't need to run in any of your own servers.
If you decide to do a split tunnel VPN config (adding public and private routing definitions) a reachable DNS IP for VPN clients (in VPN config on server) is needed for VPN clients or they can't use names to find anything. To reach this DNS IP if public/not on your server LAN, you need your server to forward IP DNS lookups and have a routing definition for it.
A split tunnel VPN only send traffic for your server LAN through the VPN and all other traffic directly to the local gw/router (Internet). -
Can connect to internet, but software can't find base station
I bought the Airport express a few months ago to use with my stereo and IBM laptop. It took me a few tries to get it initially installed properly, but eventually did and everything worked great. A month or so ago I noticed that the tab to select "remote speakers" was not on my iTunes as it had been before. All of the settings were correct on my iTunes however so then I went to the AirPort Utility to check out the settings and the program said it could not find the base station. I tried to find the station on AirPort Set-up assistant. This program can find it but not connect to it (on the first page after the menu it shows the base station and when I hit "next" it can't connect to the station). All of this is really odd as I have internet access through this base throughout these problems. Any ideas what might be happening and how to fix it? I have reset the base station to factory settings numerous times, I have unplugged everything and restarted the whole process numerous times, I even left the base station unplugged for a week to let it relax. Still nothing works. I can connect to the internet through the station but can not find the station.
IBM T40 Windows XP ProThanks for your help. I can manually connect to the internet but I can't figure out how to get iTunes to recognize that there are remote speakers as my computer can't recognize my base station. Is there a manual way to do this?
IBM T40 Windows XP Pro -
I'm connected to Internet but can't connect to app store?
I'm connected to the Internet but then can't connects to app store. Why is that?
Did any one set restriction to App Store?
Settings>General>Restrictions -
WRT54GS ... Can connect to Internet but not to my network
I have three desktop computers wired to the router and a laptop that I connect using wireless. One of my computers went to the shop. Now, I can't get it to connect to the network, but I can access the Internet with a browser and with an FTP Client. The other computers still talk to each other fine. I reconfigured the problem desktop but no joy. Note that I cannot access the router at 192.168.1.1 from any computer. I unplugged the router for 30 seconds and replugged it... with no change. What's my next step? Thanks in advance for any help. New info. I can access the router by using Internet Explorer. And There is no light on the front panel indicating that the problem computer is connected ... even though I'm accessing the modem/Internet with it.
Message Edited by KGP on 09-11-2008 11:31 PMLower down the Ethernet Adapter card speed from Auto to 10 Half Duplex ...
Also change the cable or the port in the routers back side ....
See if light is present on one .... -
MacBook can connect to Internet, but not iMac
Using two Airport Expresses as a WDS network. Had to reset network. Now Network is back up. MacBook can see it just fine and connect to the internet. iMac see's it, but can't connect to internet. I also opened up Airport Utility on iMac and it can't see either airport express...
Any idea's?Also, in network preferences, it shows Airport "Not Connected". But I can see my MacBook on the network.
-
I can use the internet but can't connect to itunes store or software update
I recently moved, and now have cable internet (I used to use Airport). Ever since the new connection, I can use the internet through browsers, but when I go to the iTunes store, it can't connect. same with Software update.
Hi linnedw;
May I welcome you to the Apple Discussion Forums.
It sounds like your new connection to the web has some ports blocked. Could you please provide us with more details as to exactly how you are now connecting to the web?
Allan -
PC can connect to internet but not time capsule
We are having no trouble getting onto our internet or accessing the time capsule with our Mac. However, the PC we have can get onto the internet, but is unable to access the time capsule. We need to be able to backup information from both of our computers.
Please help us!Did you install the Airport utility onto windows? If not do so.. it should include bonjour which helps greatly. Make sure it does.
TC and wireless names may prevent access to resources.. are your names Apple style with that wonderful apostrophe.. illegal in the windows world?? Spaces in names also not legal.
Change all names to SMB type.. short .. no spaces.. straight alphanumeric.
Do you have permissions issues.. ??
Have you opened file sharing and turned on the guest account.. read and write access.
Do you have the right workgroup..?
Please put in WORKGROUP.. assuming that is the workgroup.
If you still have issues.. are you using homegroup in windows.. well stop it.
If you still have issues .. are you connecting correctly using proper URL in windows explorer, ie \\TCname or \\TCIPaddress (obviously replacing with actual name or actual IP)
If you still have issues.. ping the TC by name and IP and turn off all firewalls.
Do each in turn.. even step 1 might be enough. -
Can connect to WLAN, but can't access any web site...
I have a Nokia E61 that I have configured to access my wirless home network (Linksys). I use personal WPA security, and my SSID is hidden. I loaded the proper settings into an access point setting and when I go to Web, the phone shows that it connects to my Linksys router, but the web page never loads. I eventually get a time out error. If I connect to the same website using GPRS, it loads without any problem.
Any ideas?Thanks for the reply!
I have looked at my RV082's firewall setup, but don't see anything out of the ordinary. I even disabled the firewall, but it didn't seem to make any difference. What did you have in mind that I should check?
I get the following error on the E61 when I try to access an Internet website: "Web: Connection Time Out". It takes about a minute or two for the E61 to generate that error.
Regarding the RV082's ability to assign devices to the right subnet, I have three other PCs on my network (2x Windows XP, 1x Windows 98SE), and they have always connected the first time and every time with no issue. How would I check which subnet the RV082 is assigning to the phone? On a PC, I usually do an "ipconfig /all" at the command line and see what's assigned. Is there an equivalent command for the E61 that I could enter while I'm connected?
If I remove the RV082 and plug my WAP54G directly into my cable modem, then my E61 can access the Internet. So it's definitely an incompatiblity with the settings in the RV082 and the E61. But before I/we blame the RV082, I have more or less the same problem at my employer's office: I can connect to the office network, but can't access any sites outside the company network. The only difference is the E61's error message: at work I get a "no gateway response" error within a few seconds. It's a company with around 200 employees at that site, and we're certainly not using an RV082 in the office. I have not tried to call Linksys support yet because in fairness to them, they won't know jack s*** about the E61 and how to configure/check the settings.
Is there something about the DNS settings in the E61 that I'm setting incorrectly? I have them set to Automatic in both IPv4 and IPv6 settings, which is how my PCs are setup at home and what my IT guy at work tells me should be OK.
Thanks in advance for any more advice!
BTW, I'm no big fan of Linkys either, but I've had zero problems with my Linksys products. Also, when I have had to contact Linksys for help with a setup, they have always eventually come through and solved the problem. I've tried contacting Nokia and can't even get a live person that can do anything (the E61 isn't supported by Nokia USA, and the UK phone number they gave me was just a recording). If anything, I'm ready to hurl my E61 through the window right now as I've spent way too many hours trying to get this thing to work.
hk -
Cisco ASA 5510 - Cisco Client Can Connect To VPN But Can't Ping!
Hi,
I have an ASA 5510 with the configuration below. I have configure the ASA as remote access vpn server with cisco vpn client, my problem now is I can connect but I can't ping.
Config
ciscoasa# sh run
: Saved
ASA Version 8.0(3)
hostname ciscoasa
enable password 5QB4svsHoIHxXpF/ encrypted
names
name xxx.xxx.xxx.xxx SAP_router_IP_on_SAP
name xxx.xxx.xxx.xxx ISA_Server_second_external_IP
name xxx.xxx.xxx.xxx Mail_Server
name xxx.xxx.xxx.xxx IncomingIP
name xxx.xxx.xxx.xxx SAP
name xxx.xxx.xxx.xxx WebServer
name xxx.xxx.xxx.xxx cms_eservices_projects_sharepointold
name 192.168.2.2 isa_server_outside
interface Ethernet0/0
nameif outside
security-level 0
ip address IncomingIP 255.255.255.248
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.2.1 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.253 255.255.255.0
management-only
passwd 123
ftp mode passive
clock timezone EEST 2
clock summer-time EEDT recurring last Sun Mar 3:00 last Sun Oct 4:00
object-group service TCP_8081 tcp
port-object eq 8081
object-group service DM_INLINE_TCP_1 tcp
port-object eq 3389
port-object eq ftp
port-object eq www
port-object eq https
port-object eq smtp
port-object eq pop3
port-object eq 3200
port-object eq 3300
port-object eq 3600
port-object eq 3299
port-object eq 3390
port-object eq 50000
port-object eq 3396
port-object eq 3397
port-object eq 3398
port-object eq imap4
port-object eq 587
port-object eq 993
port-object eq 8000
port-object eq 8443
port-object eq telnet
port-object eq 3901
group-object TCP_8081
port-object eq 1433
port-object eq 3391
port-object eq 3399
port-object eq 8080
port-object eq 3128
port-object eq 3900
port-object eq 3902
port-object eq 7777
port-object eq 3392
port-object eq 3393
port-object eq 3394
port-object eq 3395
port-object eq 92
port-object eq 91
port-object eq 3206
port-object eq 8001
port-object eq 8181
port-object eq 7778
port-object eq 8180
port-object eq 22222
port-object eq 11001
port-object eq 11002
port-object eq 1555
port-object eq 2223
port-object eq 2224
object-group service RDP tcp
port-object eq 3389
object-group service 3901 tcp
description 3901
port-object eq 3901
object-group service 50000 tcp
description 50000
port-object eq 50000
object-group service Enable_Transparent_Tunneling_UDP udp
port-object eq 4500
access-list inside_access_in remark connection to SAP
access-list inside_access_in extended permit ip 192.168.2.0 255.255.255.0 host SAP_router_IP_on_SAP
access-list inside_access_in remark VPN Outgoing - PPTP
access-list inside_access_in extended permit tcp 192.168.2.0 255.255.255.0 any eq pptp
access-list inside_access_in remark VPN Outgoing - GRE
access-list inside_access_in extended permit gre 192.168.2.0 255.255.255.0 any
access-list inside_access_in remark VPN - GRE
access-list inside_access_in extended permit gre any any
access-list inside_access_in remark VPN Outgoing - IKE Client
access-list inside_access_in extended permit udp 192.168.2.0 255.255.255.0 any eq isakmp
access-list inside_access_in remark VPN Outgoing - IPSecNAT - T
access-list inside_access_in extended permit udp 192.168.2.0 255.255.255.0 any eq 4500
access-list inside_access_in remark DNS Outgoing
access-list inside_access_in extended permit udp any any eq domain
access-list inside_access_in remark DNS Outgoing
access-list inside_access_in extended permit tcp any any eq domain
access-list inside_access_in remark Outoing Ports
access-list inside_access_in extended permit tcp 192.168.2.0 255.255.255.0 any object-group DM_INLINE_TCP_1
access-list inside_access_in extended permit ip 172.16.1.0 255.255.255.0 any
access-list outside_access_in extended permit ip any any
access-list outside_access_in extended permit tcp any any eq pptp
access-list outside_access_in extended permit gre any any
access-list outside_access_in extended permit gre any host Mail_Server
access-list outside_access_in extended permit tcp any host Mail_Server eq pptp
access-list outside_access_in extended permit esp any any
access-list outside_access_in extended permit ah any any
access-list outside_access_in extended permit udp any any eq isakmp
access-list outside_access_in extended permit udp any any object-group Enable_Transparent_Tunneling_UDP
access-list VPN standard permit 192.168.2.0 255.255.255.0
access-list corp_vpn extended permit ip 192.168.2.0 255.255.255.0 172.16.1.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu management 1500
ip local pool POOL 172.16.1.10-172.16.1.20 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-603.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 2 Mail_Server netmask 255.0.0.0
global (outside) 1 interface
global (inside) 2 interface
nat (inside) 0 access-list corp_vpn
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp Mail_Server 8001 ISA_Server_second_external_IP 8001 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 8000 ISA_Server_second_external_IP 8000 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server pptp isa_server_outside pptp netmask 255.255.255.255
static (inside,outside) tcp Mail_Server smtp isa_server_outside smtp netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 587 isa_server_outside 587 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 9444 isa_server_outside 9444 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 9443 isa_server_outside 9443 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 3389 isa_server_outside 3389 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 3390 isa_server_outside 3390 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 3901 isa_server_outside 3901 netmask 255.255.255.255
static (inside,outside) tcp SAP 50000 isa_server_outside 50000 netmask 255.255.255.255
static (inside,outside) tcp SAP 3200 isa_server_outside 3200 netmask 255.255.255.255
static (inside,outside) tcp SAP 3299 isa_server_outside 3299 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server www isa_server_outside www netmask 255.255.255.255
static (inside,outside) tcp Mail_Server https isa_server_outside https netmask 255.255.255.255
static (inside,outside) tcp Mail_Server pop3 isa_server_outside pop3 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server imap4 isa_server_outside imap4 netmask 255.255.255.255
static (inside,outside) tcp cms_eservices_projects_sharepointold 9999 isa_server_outside 9999 netmask 255.255.255.255
static (inside,outside) 192.168.2.0 access-list corp_vpn
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.2.0 255.255.255.0 inside
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set transet esp-des esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map dynmap 10 set pfs
crypto dynamic-map dynmap 10 set transform-set transet ESP-3DES-SHA
crypto map cryptomap 10 ipsec-isakmp dynamic dynmap
crypto map cryptomap interface outside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
no crypto isakmp nat-traversal
telnet 192.168.2.0 255.255.255.0 inside
telnet 192.168.1.0 255.255.255.0 management
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd dns xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx interface inside
dhcpd domain domain.local interface inside
threat-detection basic-threat
threat-detection statistics host
threat-detection statistics access-list
tftp-server management 192.168.1.123 /
group-policy mypolicy internal
group-policy mypolicy attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value VPN
username vpdn password 123
username vpdn attributes
vpn-group-policy mypolicy
service-type remote-access
tunnel-group mypolicy type remote-access
tunnel-group mypolicy general-attributes
address-pool POOL
default-group-policy mypolicy
tunnel-group mypolicy ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect pptp
service-policy global_policy global
prompt hostname context
Cryptochecksum:b8bb19b6cb05cfa9ee125ad7bc5444ac
: end
Thank you very much.Here is the output:
ciscoasa# packet-tracer input outside icmp 172.16.1.10 8 0 192.168.2.1
Phase: 1
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found no matching flow, creating a new flow
Phase: 2
Type: UN-NAT
Subtype: static
Result: ALLOW
Config:
static (inside,outside) 192.168.2.0 access-list corp_vpn
nat-control
match ip inside 192.168.2.0 255.255.255.0 outside 172.16.1.0 255.255.255.0
static translation to 192.168.2.0
translate_hits = 0, untranslate_hits = 139
Additional Information:
NAT divert to egress interface inside
Untranslate 192.168.2.0/0 to 192.168.2.0/0 using netmask 255.255.255.0
Phase: 3
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group outside_access_in in interface outside
access-list outside_access_in extended permit ip any any
Additional Information:
Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 5
Type: CP-PUNT
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 6
Type: INSPECT
Subtype: np-inspect
Result: ALLOW
Config:
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect icmp
service-policy global_policy global
Additional Information:
Phase: 7
Type: INSPECT
Subtype: np-inspect
Result: ALLOW
Config:
Additional Information:
Phase: 8
Type: VPN
Subtype: ipsec-tunnel-flow
Result: ALLOW
Config:
Additional Information:
Phase: 9
Type: NAT-EXEMPT
Subtype: rpf-check
Result: ALLOW
Config:
Additional Information:
Phase: 10
Type: NAT
Subtype: rpf-check
Result: ALLOW
Config:
static (inside,outside) 192.168.2.0 access-list corp_vpn
nat-control
match ip inside 192.168.2.0 255.255.255.0 outside 172.16.1.0 255.255.255.0
static translation to 192.168.2.0
translate_hits = 0, untranslate_hits = 140
Additional Information:
Phase: 11
Type: ACCESS-LIST
Subtype:
Result: DROP
Config:
Implicit Rule
Additional Information:
Result:
input-interface: outside
input-status: up
input-line-status: up
output-interface: inside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule -
Please help me to connect to app store for ipad4 but can connect to itunes. Thank you.
AlexLee123456 wrote:
Thanks for the help guys... iTunes is up and running (on my PC) however when I plug in the iphone it just doesn't connect to it, so I guess it must be itunes fault, however I have restarted my computer and this hasn't helped either
The iPhone is still stuck in recovery mode?
If the iPhone is not detected you will need to try other USB ports on the PC or try other USB cables. You could also try another PC/ Mac is you have one available to see if the PC is at fault. -
I can connect to iTunes but can't connect to app store!!!!!!
I can connect to the iTunes store on my iPad but when I try to connect to the app store it says "Cannot connect to iTunes store". I have had my iPad for about half a year, and it has work fine since then. The last app I updated I think was minecraft.
Sign out of your account, restart the iPad and then sign in again.
Settings>Store>Apple ID. Tap your ID and sign out. Restart the iPad by holding down on the sleep button until the red slider appears and then slide to shut off. To power up hold the sleep button until the Apple logo appears and let go of the button.
Go back to Settings>Store>Sign in and then try to update again
If that doesnt work - go to Settings>General>Date and Time - set the date ahead by a few months. Try to update again. If you get an error message of any kind - go back and change the date and time to automatic again. Then try again.
Maybe you are looking for
-
Hi, We have a set up where the result is displayed in the form of Gauge. The problem is when we select the month May-10, the gauge is out of shape and displays incorrect representation. Data can be viewed at: !http://i53.tinypic.com/9fwuxi.jpg! [Calc
-
My beloved MacBook Pro (mid 2010) has been the victim of water damage.
My beloved MacBook Pro (mid 2010) has been the victim of some water damage. They cleaned and dried it out at Apple. Now it turns on, the fan runs, the Apple logo screen pops up, and then it shuts down immediately. Is this repairable, aside from th
-
Hello DB2 guru's, we are performing a AIX 4.3 DB2 V7 database extract using R3LOAD. (DBEXPORT.R3S) The database size is 350GB. (with a table of 50GB, and 8x 20GB) The challange is that we only have 3 days to perform the export. This is already the 3t
-
XIF response, change standart response
Hello, Starndar XIF responce has looks like <h6> <?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> <soapenv:Body> <rfc:CRMXIF_PARTNER_SAVE.Response xmlns:rfc="urn:sap-com:document:sap:
-
How Handle ESB business Faults using Error Hospital
Hai Everyone I am trying to configure Error Hospital for both BPEL & ESB faults. I`ve successfully configured it for BPEL and am trying to do that for ESB. I found that Fault Management can`t be done for ESB. Is that true ? If thats true, then I was