Can connect to server but...
Strange issue has come up all of a sudden. I can connect to my G5 at work with my G3 using connect to server in the finder but if I try to copy or upload anything I get a finder hang and have to restart. Never had an issue with this before and if I boot back to OS9.2.2 it works just fine. Running Panther 10.3.9 on a rev2 B&W G3-500. I also tried using a variety of FTP apps and none of them will even connect. The strange part is I have no problem going in the other direction that is connecting to the G3 from the G5. Any ideas?
Thanks in advance.
Solved - turned off Data Roaming in Settings > Network
Similar Messages
-
Can connect to router but can't access internet on some devices
Hello everyone,
I'm fairly good with comptuers / networking but this issue has me baffled. Help would be greatly appreciated.
I have a linksys router (WRK54G) and have 2 desktops and 2 laptops connected to it wirelessly at the moment. I bought 3 smart phones (AT&T Tilts) and a new laptop recently. I don't use encryption but I do have MAC address filtering enabled.
The issue is that 1 of the smart phones can connect to the network and the internet, but the other 2 phones and the laptop can connect to the network but not the internet.
I did add their MAC addresses to the "allow" list ofcourse, which is why they're able to connect to the internet. DHCP is enabled, and these devices get an IP address. I can see them as connected when i log in to my router as well through one of my other computers (I see the MAC address and the IP assigned to those devices) so I know they're properly connected to the network. However, when i try to pull up a website (using either its ip or its domain name), the devices try to open up the page but eventually give me a "The page cannot be displayed or downloaded because the connection was lost" on the pocket PCs, and a generic "page cannot be found" on the laptop. I don't see these requests in the outgoing log table of the router either... I'm supposed to see them as when i use one of my desktops, I can see which site was accessed by which IP.
So basically, the requests from 2 smart phones and 1 laptop aren't even getting to the router apparently. What could be wrong? These devices can access the internet on other routers elsewhere at my workplace or at wi-fi spots.. just not at home, which is a major inconvenience. Why would the router be stopping some devices from connecting to the internet and allowing others? I know it's not a setting in the devices as it can access the internet through other wi-fi spots elsewhere..
Help will be truly appreciated.Hi, I'm just getting up to speed on wireless but here's some info. Don't have a clue for your phones tho.
If you can connect to your network and talk to each other but can't connect to the internet, then it's an "Authorization" problem. I'ts not a Router "hardware" problem because your other equipment can connect to the internet (modem). It's not a Wireless card "hardware" problem on your laptop because you can connect to your network (router).
You say the Router sees the laptop/phones IP#'s but, do you see the IP#'s ON the computer/phones that can't get online? The Router sees them but do they see the Router?
The computers can talk to each other because your using the "Switched hub"(and wireless) part of the Router. I't doesnt do any translating, it just tells computer 1 that computer 2 want's to talk to it.
Is the Shared Key enabled on one and not the others?(Router menu)
If you can connect at work but not at home then again it's an Authorization problem. You have the right password, setup, etc, for work but not at home. "Hotspots" have no encryption so any one can connect. Do you have the home Router set up as WEP and and Work as WPA? Does your other laptop connect at work also? Do you have a mixed B,G,N band system at home. The Router has to be set at the band your using or have it set for mixed. If it's set for "G" only then any items that have B"or"N" won't be able to talk to it. If i go to a wireless motel thats next to a truck stop and a wireless Cafe, i can "SEE" a good half dozen "networks". I can even connect to a few of them, but, i can't get online because i don't have the password, etc..
Well one more kinda, sorta, possibility, did you lower the "Maximum number of DHCP Users" count to 4 (Router menu) and forget to raise it to 8 or what ever you have now? If you only had 3 computers on, then the Router would only hand out one more IP# so the other phones and laptop wouldn't get any more. It's defaulted to like, 20+ or so, so probably unlikely.
The First phone seems to be the magic bullet. My only suggestion would be to double check the settings and compare everything. You have got to be close.
I hope this get's you nearer,, -
I just bought a new pc and for our internet connection we have an airport express. My laptop can connect to it but my airport utility won't recognize it. Even though it does connect to the internet about every 15 minutes the internet shuts off. What should I do?
If you've not yet tried, unpower the AppleTV for a minute or so and restart - this occasionally corrects issues.
If not and the software update seems to have caused an issue, go to the Settings menu and choose to Restore it (this will erase all settings) to reapply current firmware.
Alternatively try to do so via iTunes:
If you see the "Connect to iTunes" screen on your Apple TV - Apple Support -
Can connect to appstore but not can't download songs or music albums
can connect to appstore but not can't download songs or music albums in mp3.
Sorry, but music tracks and other media contact are not available in Israel via an iTunes Store at this time. None of us here can say when Apple will be able to obtain the necessary licenses and feel it worthwhile to set up an iTunes Store for your country.
Regards. -
I have a problem to connect with FaceTime. I am using OS X 10.9.1 on a Mac PowerBook which is 4 weeks old. I can connect on iPhone but not from my computer. Does anyone have a similar problem???
The warranty entitles you to complimentary phone support for the first 90 days of ownership.
-
I can connect to 3G, but cannot send messages or call with my iphone 4.
I can connect to 3G, but cannot send messages or call with my iphone 4.
SMS and calls are carrier features. Check with your carrier
-
ı couldt manage to download iOS 5.1 Software Update . system trying to connect to server but download don't start , what would be reason?
download with itunes, or with one of your devices, and re-try, most causes it the update server it self.
-
My ipod touch can connect to wifi but it doesn't connect to the internet..
my ipod touch can connect to wifi but it doesn't connect to the internet..how will i fix it??? help?thanks.
- Reset the iPod. Nothing is lost.
Reset iPod touch: Hold down the On/Off button and the Home button at the same time for at
least ten seconds, until the Apple logo appears.
- Power off and then back on your router.
- Go to Settings>General>Reset>Reset Network Settings.
- iOS: Troubleshooting Wi-Fi networks and connections
- iOS: Recommended settings for Wi-Fi routers and access points -
Only Chrome can connect to internet, but the rest cannot. I have wifi or lan connect to router.
All my connection to the internet had been stopped after I setup my new bought imac, and transferred data from my previous mac book.
The connect test showed I have no connection to the internet. But the interest is, I can connect to internet with Google Chrome, but in a quite slow connection speed.
Check several times with the router and switches, DNS, wifi, lan settings etc.
Give up after hours of trying.At the same time, another mac book using the same router can connect to the internet. Even my iphone can also using wifi to connect to the internet.
Chrome in the imac can, but Safari and the internet test cannot. -
Question
I am trying to update Firefox per its suggestion, but haven't been able to connect to server. Keeps saying "connecting to server", but no connection after an hour of trying.Try running the combo update.
10.9.5 Combo Update -
Can connect via VPN, but can't access AFP server on same Xserve
Hi:
I've set up our XServe with MacOS X Server 10.5.2 to do AFP and VPN (L2TP only; PPTP is disabled). The XServe is a standalone server, not connected to any other direstory server.
I can connect to the XServe's AFP server from my Mac over our wired and wireless network. The AFP server shows up in the sidebar of Finder windows. So far, so good.
I am able to successfully connect to our network via the VPN with Mac OS X 10.5.2 client (on two different machines) using L2TP through our network's firewall (on a Netopia T1 router; UDF ports 500 and 4500 and IP Protocol 50 and 51 are open) using a shared secret.
But I cannot connect to the XServe itself to use Server Admin or AFP (using afp://server.company.com or afp://xxx.xxx.xxx.xxx via the Go > Connect to Server command).
The error I get while connecting to the 10.5.2 AFP server is Some data in apf://server.mycompany.com could not be read or written (Error Code -36 ). I saw this error associated with a SMB problem in 10.4.x, but SMB is not running.
Other iChat users in my office also do not automatically show up in the Bonjour list when I connect to the network. Other computers on our network do not appear in the sidebar of a Finder window. (I'm told these are to be expected, as Bonjour isn't supported (in the "local area Bonjour" over a WAN link - it's purely a multicast feature on the network in the office, and won't be routed across the VPN link. True?)
Now, here's the odd part. There is a second server (v10.4.11) on our network running AFP. I can connect to it (using afp://server.company.com via the Go > Connect to Server command) and mount its various sharepoints via the VPN.
The only thing I see in the VPN log that seems amiss is this (but I have no idea what it means):
Tue Mar 11 23:09:27 2008 : Unsupported protocol 0x8057 received
--Both the 10.5.2 and the 10.4.11 servers have DNS properly configured (though our ISP; we're not running our own DNS).
--Both servers and the client have public IP addresses and have the same subnet mask. Network Utility confirms this while connected to the VPN.
--NAT is not running. The ISP is responding with public IPs for the servers.
--The firewall for the 10.5.2 server is not running (but will be once I get this all working).
--The IP address range for the VPN server doesn't overlap our DHCP pool (which also currently uses public IP addresses).
--Any user can access any service.
--No network routing definitions have been set up.
--In essence, I've followed the steps on Pages 141-142 of the Network Services Admin Guide.
One other note: After I connect, the Network Preferences > VPN > Advanced > TCP/IP window shows the IP address for the client just fine (assigned from the VPN pool), but lists the router as having the IP address of the XServe (rather than the router on the network). Is that normal?
I'm hoping I don't need to have the XServe run DNS as an internal LAN DNS server.... And I'm not sure why I would have to if I can already successfully connect to the 10.4.11 AFP server .
What simple step am I missing?
TIA,
mm"I am able to successfully connect to our network via the VPN with Mac OS X 10.5.2 client (on two different machines) using L2TP through our network's firewall (on a Netopia T1 router; UDF ports 500 and 4500 and IP Protocol 50 and 51 are open) using a shared secret."
I suspect you mean UDP ports and you might need UDP port 1701 open too.
You only need IP protocol 50 (ESP), protocol 51 (AH) isn't used. And ESP is only used when client and server isn't behind NAT (when NAT is used only the UDP ports are used).
"Unsupported protocol 0x8057 received"
This is usually seen when you can't get GRE through but since you don't use PPTP I can't be sure why this is registered in the logs. Sometimes when connecting using PPTP you have to disconnect and then reconnect for everything to work - you might try this for L2TP too.
But if you already can reach services on any LAN nodes through the VPN I wouldn't bother with it.
As you have a firewall in front of the server you need a second alias IP on the server that you can use to get at the services running on the server through the VPN. The firewall blocks all ports protocols not opened - that's why you can't use the server main IP even if the VPN is up.
The netmask is used by all nodes to determine how big your subnet is: what part of the IP number is the network number and what range the node number is in => really: should traffic be directed to a node on the same LAN or sent directly to the gw/router for forwarding.
What you can't do is connect from a NATed network to another NATed network that both are using the same network number. (That's why people should stay away from using the "default" 192.168.0.0/24 and 192.168.1.0/24 networks for VPN server LANs).
Try your settings at http://www.jodies.de/ipcalc to see what I mean.
"...lists the router as having the IP address of the XServe (rather than the router on the network). Is that normal?"
Yes. The VPN server is the VPN gw/router.
"The firewall for the 10.5.2 server is not running (but will be once I get this all working)."
If you already have a firewall in front of your servers that is a bit redundant.
"--No network routing definitions have been set up."
"I'm hoping I don't need to have the XServe run DNS as an internal LAN DNS server"
You need routing definitions if you want to setup a split tunnel VPN or all traffic is routed through the VPN when connected. The VPN becomes the default gw.
Without ipforwarding ON in the server you can only reach nodes on the server LAN - not Internet.
DNS is needed for your servers forward and reverse names/IPs for advanced services but doesn't need to run in any of your own servers.
If you decide to do a split tunnel VPN config (adding public and private routing definitions) a reachable DNS IP for VPN clients (in VPN config on server) is needed for VPN clients or they can't use names to find anything. To reach this DNS IP if public/not on your server LAN, you need your server to forward IP DNS lookups and have a routing definition for it.
A split tunnel VPN only send traffic for your server LAN through the VPN and all other traffic directly to the local gw/router (Internet). -
Software Update can't find server, but internet connection is good
The Software Update function does not work - "Can't connect to Update Server", and Safari will not load any pages - "CAn't connect to server...". However, Network Diagnostics says that I am connected to the internet, as does Firefox - it loads pages just fine! All other computers in our home network, including my G5 Tower, are performing and access the internet just fine.
Also, for the past 24 hours, whenever I try to reply to an e-mail, or create a new one, mail suddenly crashed. It is very reliable in this way; there are no exceptions! The the newest update/change to my configuration was the update of the 10.4.4 system stuff from Apple, followed a few days later by an update for the 15 in G4 Powerbook battery management.
G4 Powerbook Mac OS X (10.4.4)I have had this problem ever since upgrading from Panther 10.3.9 to Tiger back in December. It doesn't matter, 10.4 from the DVD, or 10.4.4 upgrade, the problem is the same: Any Apple-based programs don't recognize the connection.
1) Safari says can't connect to any server.
2) Software Update says there's no internet connection.
3) iTunes won't get CD title information from CCDB because it doesn't recognize an internet connection.
4) E-mail messages that have images linked to websites just show question marks.
5) Widgets that require an internet connection (weather, etc.) are blank.
I, too, did all the tests with the Apple system and pings and all that, which all showed the internet connection to be fine.
In this condition, I can use Firefox and Netscape browsers (I'm using Firefox to write this), but not Safari, Shiira, or Internet Explorer--those three don't recognize an internet connection.
When I first upgraded to Tiger, Mail would receive messages but wouldn't send them. After going back and forth between Apple Care and Earthlink, finally it got solved by Earthlink having me change all my settings. So now I can send messages, but still can't see linked images.
Now here's an interesting quirk. I have four user logins on my computer. On one of them, Safari's home page has always been our login for our online banking. For some reason, that always connects. I have figured out over the past weeks that if I go to that login first, and log in to my bank's website FIRST, then I can use the Apple programs on my other logins (iTunes, Software Update, Safari, etc.). Go figure.
I've spent hours on the phone with Apple Care with this problem. They claim they've never heard of this issue from anyone else, but I've seen several people post on this discussion board having the same issue. Apple Care still has not been able to resolve this issue, even after many hours on the phone with them. -
Can't sign into Itunes not able to connect to server but I can use internet
Hi , I am a PC babe and I have just entered into the world of the Mac!!!! So forgive my ignorance but I am trying to log on to my itunes store on my mac and it keeps telling me it can't find server and i am not connected to the internet. But i am!!!! help does anyone know what I am doing wrong? this also happens when I try to logon to my yahoo mail using the web link on the yahoo home page? Help anyone!!!
I'm having the same problem, and I'm on a Mac. It tells me that my network isn't working, but I'm connected to the internet! I don't understand it. Everything was great until the latest update (4.6). Now, it tells me that my network connection isn't working.
Well, obviously my network connection is working, because I'm typing this message right now!
Is Apple going to officially address this problem or not? It's gone on long enough. -
When I use Safari the computer says can't connect to server but I am connected to internet.
This morning I opened Safari and got this message. Can not connect to server (Google). That's funny I can use the internet and visit any site. Why am I getting this message?
What happens when you click this link, same thing? :
https://www.google.com -
Cisco ASA 5510 - Cisco Client Can Connect To VPN But Can't Ping!
Hi,
I have an ASA 5510 with the configuration below. I have configure the ASA as remote access vpn server with cisco vpn client, my problem now is I can connect but I can't ping.
Config
ciscoasa# sh run
: Saved
ASA Version 8.0(3)
hostname ciscoasa
enable password 5QB4svsHoIHxXpF/ encrypted
names
name xxx.xxx.xxx.xxx SAP_router_IP_on_SAP
name xxx.xxx.xxx.xxx ISA_Server_second_external_IP
name xxx.xxx.xxx.xxx Mail_Server
name xxx.xxx.xxx.xxx IncomingIP
name xxx.xxx.xxx.xxx SAP
name xxx.xxx.xxx.xxx WebServer
name xxx.xxx.xxx.xxx cms_eservices_projects_sharepointold
name 192.168.2.2 isa_server_outside
interface Ethernet0/0
nameif outside
security-level 0
ip address IncomingIP 255.255.255.248
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.2.1 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.253 255.255.255.0
management-only
passwd 123
ftp mode passive
clock timezone EEST 2
clock summer-time EEDT recurring last Sun Mar 3:00 last Sun Oct 4:00
object-group service TCP_8081 tcp
port-object eq 8081
object-group service DM_INLINE_TCP_1 tcp
port-object eq 3389
port-object eq ftp
port-object eq www
port-object eq https
port-object eq smtp
port-object eq pop3
port-object eq 3200
port-object eq 3300
port-object eq 3600
port-object eq 3299
port-object eq 3390
port-object eq 50000
port-object eq 3396
port-object eq 3397
port-object eq 3398
port-object eq imap4
port-object eq 587
port-object eq 993
port-object eq 8000
port-object eq 8443
port-object eq telnet
port-object eq 3901
group-object TCP_8081
port-object eq 1433
port-object eq 3391
port-object eq 3399
port-object eq 8080
port-object eq 3128
port-object eq 3900
port-object eq 3902
port-object eq 7777
port-object eq 3392
port-object eq 3393
port-object eq 3394
port-object eq 3395
port-object eq 92
port-object eq 91
port-object eq 3206
port-object eq 8001
port-object eq 8181
port-object eq 7778
port-object eq 8180
port-object eq 22222
port-object eq 11001
port-object eq 11002
port-object eq 1555
port-object eq 2223
port-object eq 2224
object-group service RDP tcp
port-object eq 3389
object-group service 3901 tcp
description 3901
port-object eq 3901
object-group service 50000 tcp
description 50000
port-object eq 50000
object-group service Enable_Transparent_Tunneling_UDP udp
port-object eq 4500
access-list inside_access_in remark connection to SAP
access-list inside_access_in extended permit ip 192.168.2.0 255.255.255.0 host SAP_router_IP_on_SAP
access-list inside_access_in remark VPN Outgoing - PPTP
access-list inside_access_in extended permit tcp 192.168.2.0 255.255.255.0 any eq pptp
access-list inside_access_in remark VPN Outgoing - GRE
access-list inside_access_in extended permit gre 192.168.2.0 255.255.255.0 any
access-list inside_access_in remark VPN - GRE
access-list inside_access_in extended permit gre any any
access-list inside_access_in remark VPN Outgoing - IKE Client
access-list inside_access_in extended permit udp 192.168.2.0 255.255.255.0 any eq isakmp
access-list inside_access_in remark VPN Outgoing - IPSecNAT - T
access-list inside_access_in extended permit udp 192.168.2.0 255.255.255.0 any eq 4500
access-list inside_access_in remark DNS Outgoing
access-list inside_access_in extended permit udp any any eq domain
access-list inside_access_in remark DNS Outgoing
access-list inside_access_in extended permit tcp any any eq domain
access-list inside_access_in remark Outoing Ports
access-list inside_access_in extended permit tcp 192.168.2.0 255.255.255.0 any object-group DM_INLINE_TCP_1
access-list inside_access_in extended permit ip 172.16.1.0 255.255.255.0 any
access-list outside_access_in extended permit ip any any
access-list outside_access_in extended permit tcp any any eq pptp
access-list outside_access_in extended permit gre any any
access-list outside_access_in extended permit gre any host Mail_Server
access-list outside_access_in extended permit tcp any host Mail_Server eq pptp
access-list outside_access_in extended permit esp any any
access-list outside_access_in extended permit ah any any
access-list outside_access_in extended permit udp any any eq isakmp
access-list outside_access_in extended permit udp any any object-group Enable_Transparent_Tunneling_UDP
access-list VPN standard permit 192.168.2.0 255.255.255.0
access-list corp_vpn extended permit ip 192.168.2.0 255.255.255.0 172.16.1.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu management 1500
ip local pool POOL 172.16.1.10-172.16.1.20 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-603.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 2 Mail_Server netmask 255.0.0.0
global (outside) 1 interface
global (inside) 2 interface
nat (inside) 0 access-list corp_vpn
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp Mail_Server 8001 ISA_Server_second_external_IP 8001 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 8000 ISA_Server_second_external_IP 8000 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server pptp isa_server_outside pptp netmask 255.255.255.255
static (inside,outside) tcp Mail_Server smtp isa_server_outside smtp netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 587 isa_server_outside 587 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 9444 isa_server_outside 9444 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 9443 isa_server_outside 9443 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 3389 isa_server_outside 3389 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 3390 isa_server_outside 3390 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server 3901 isa_server_outside 3901 netmask 255.255.255.255
static (inside,outside) tcp SAP 50000 isa_server_outside 50000 netmask 255.255.255.255
static (inside,outside) tcp SAP 3200 isa_server_outside 3200 netmask 255.255.255.255
static (inside,outside) tcp SAP 3299 isa_server_outside 3299 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server www isa_server_outside www netmask 255.255.255.255
static (inside,outside) tcp Mail_Server https isa_server_outside https netmask 255.255.255.255
static (inside,outside) tcp Mail_Server pop3 isa_server_outside pop3 netmask 255.255.255.255
static (inside,outside) tcp Mail_Server imap4 isa_server_outside imap4 netmask 255.255.255.255
static (inside,outside) tcp cms_eservices_projects_sharepointold 9999 isa_server_outside 9999 netmask 255.255.255.255
static (inside,outside) 192.168.2.0 access-list corp_vpn
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.2.0 255.255.255.0 inside
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set transet esp-des esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map dynmap 10 set pfs
crypto dynamic-map dynmap 10 set transform-set transet ESP-3DES-SHA
crypto map cryptomap 10 ipsec-isakmp dynamic dynmap
crypto map cryptomap interface outside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
no crypto isakmp nat-traversal
telnet 192.168.2.0 255.255.255.0 inside
telnet 192.168.1.0 255.255.255.0 management
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd dns xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx interface inside
dhcpd domain domain.local interface inside
threat-detection basic-threat
threat-detection statistics host
threat-detection statistics access-list
tftp-server management 192.168.1.123 /
group-policy mypolicy internal
group-policy mypolicy attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value VPN
username vpdn password 123
username vpdn attributes
vpn-group-policy mypolicy
service-type remote-access
tunnel-group mypolicy type remote-access
tunnel-group mypolicy general-attributes
address-pool POOL
default-group-policy mypolicy
tunnel-group mypolicy ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect pptp
service-policy global_policy global
prompt hostname context
Cryptochecksum:b8bb19b6cb05cfa9ee125ad7bc5444ac
: end
Thank you very much.Here is the output:
ciscoasa# packet-tracer input outside icmp 172.16.1.10 8 0 192.168.2.1
Phase: 1
Type: FLOW-LOOKUP
Subtype:
Result: ALLOW
Config:
Additional Information:
Found no matching flow, creating a new flow
Phase: 2
Type: UN-NAT
Subtype: static
Result: ALLOW
Config:
static (inside,outside) 192.168.2.0 access-list corp_vpn
nat-control
match ip inside 192.168.2.0 255.255.255.0 outside 172.16.1.0 255.255.255.0
static translation to 192.168.2.0
translate_hits = 0, untranslate_hits = 139
Additional Information:
NAT divert to egress interface inside
Untranslate 192.168.2.0/0 to 192.168.2.0/0 using netmask 255.255.255.0
Phase: 3
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group outside_access_in in interface outside
access-list outside_access_in extended permit ip any any
Additional Information:
Phase: 4
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 5
Type: CP-PUNT
Subtype:
Result: ALLOW
Config:
Additional Information:
Phase: 6
Type: INSPECT
Subtype: np-inspect
Result: ALLOW
Config:
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect icmp
service-policy global_policy global
Additional Information:
Phase: 7
Type: INSPECT
Subtype: np-inspect
Result: ALLOW
Config:
Additional Information:
Phase: 8
Type: VPN
Subtype: ipsec-tunnel-flow
Result: ALLOW
Config:
Additional Information:
Phase: 9
Type: NAT-EXEMPT
Subtype: rpf-check
Result: ALLOW
Config:
Additional Information:
Phase: 10
Type: NAT
Subtype: rpf-check
Result: ALLOW
Config:
static (inside,outside) 192.168.2.0 access-list corp_vpn
nat-control
match ip inside 192.168.2.0 255.255.255.0 outside 172.16.1.0 255.255.255.0
static translation to 192.168.2.0
translate_hits = 0, untranslate_hits = 140
Additional Information:
Phase: 11
Type: ACCESS-LIST
Subtype:
Result: DROP
Config:
Implicit Rule
Additional Information:
Result:
input-interface: outside
input-status: up
input-line-status: up
output-interface: inside
output-status: up
output-line-status: up
Action: drop
Drop-reason: (acl-drop) Flow is denied by configured rule
Maybe you are looking for
-
I have a Mac mini server edition that I'm using just for media. I got the server because I want as much storage as possible. It is refurbished, and is running Snow Leopard server, I don't need it to be a server, if I purchase Lion, can I just "turn
-
How do I get appointments on iCalendar to not reset time zones overnight?
Appointments (Events) on iCalendar are being reset to a different time zone overnight- on my iPad! My MacBook, iPad, iCloud, Gmail and Work are all setup for MST. When I create an appointment/event on my iPad, iCalendar selects MST correctly. Over
-
Adding lines to the currently active sales order
I need to add lines to the order currenlty being entered by the user based upon various rules that i have created in an addon. I can call the addon and calculate the values I require but I cannot see how to poke a number of libes and quantities back
-
Need help with Error code (-1202) in itunes store
ITunes Store keeps giving me error code 1202 when I try to click links. I'm using itunes 11 also itunes music page shows blank white screen. And the iTunes Match section doesn't show any pictures and looks like a website when it's on HTML format. T
-
Error when load sptial data by using sqlldr
Currently, I have a shapeFile, so I have used shp2sdo tool to convert shapeFile to Oracle Spatial database. But when using sqlldr tool, I get the following errors: ----- Log file content ------ SQL*Loader: Release 10.2.0.1.0 - Production on Sat Mar 2