Cannot access server internally
Hi, I have a EA6500, I run a server from home on 192.168.1.101 static ip. I set forfoward the public ip to 192.168.0.101.
I am able to access the my website from an external network (from iphone with at&t network, but all my Macs from my LAN cannot access it unless I use the local ip of 192.168.1.101. I never had this issue with the old WRT45G.
I read a post with the exact same question
http://community.linksys.com/t5/Wired-Routers/Accessing-Internal-Web-Servers-External-OK-Internal-No...
But the post is no use to me because it doesn't really have a clear solution to the question.
I wonder if someone can help me with a more constructive solution?
TIA.
After more research, I found the answer from another post:
http://community.linksys.com/t5/Wireless-Routers/EA6500-NAT-Redirection-Bug/td-p/583820/highlight/fa...
look for poster sflick1's solution, it really works.
Similar Messages
-
Hi there
My client has a laptop which won’t load the desktop when disconnected from the network. When you log on (while disconnected) you get the error
“Windows cannot access \\server\users\name\desktop”
Works as expected while connected to the network.
The server is a Windows Small Business Server 2003 with active directory etc. and roaming profiles turned on. This issue does not occur on other workstations/laptops.
When I check the Users folder on the local system drive there is not a desktop folder. I assume this is the issue although I’m not sure how you would force windows to create one or why one hasn’t been created?
This is a brand new laptop so my initial reaction was to reset the laptop to factory state and then add the laptop back in to the domain. After this process the issue was still present!
I guess the only thing I should mention is that this was shipped as a Home Premium laptop and was then upgraded to Professional using an upgrade key.
I have checked Control Panel, System & Security, System, Advanced, User Profiles and the account shows as Local with Roaming Profiles greyed out.
Any ideas?
Martyn Fewtrell
[email protected]
Martyn Fewtrell TNC (IT Solutions) Ltd Email: [email protected] Web: http://www.tncit.co.ukHi,
I am just writing to check the status of this thread. Was the information provided in previous
reply helpful to you? Do you have any further questions or concerns? Please feel free to let us know.
Regards,
Alex Zhao
TechNet Subscriber Support
If you are
TechNet Subscription user and have any feedback on our support quality, please send your feedback
here.
Alex Zhao
TechNet Community Support -
I have a Macbook OSX.10.8.3 It will not load Facebook, says Safari cannot access server; and second, suddenly 2 days ago I cannot use the internet without being attacked by random sites. Each time I click on a site, or choose an option, I want another site opens up. e.g. just now doing this Shards of War and Adcash just opened when I went between two pages here.
It sounds like you may have run out of free disk space & OSX corrupted something.
Tough without the Install disc, but some things to try...
Does it boot to Single User Mode, CMD+s keys at bootup, if so try...
/sbin/fsck -fy
Repeat until it shows no errors fixed.
(Space between fsck AND -fy important).
Resolve startup issues and perform disk maintenance with Disk Utility and fsck...
http://docs.info.apple.com/article.html?artnum=106214 -
Cannot access either internal drive on a PowerMac G5
I am booting from an external drive.
The startup disk and other internal disk volumes are not accessible.
If I click on a disk icon in Finder:
“The folder “PMG5” could not be opened because
you do not have sufficient access privileges.”
I don't get the choice in Sys Pref | Startup disk,
yet I get the choice in bootup with <opt> key held down, and if I select it
I get "usr/sbn/mDNSResponder - no such file or directory"
in the verbose Startup.
Also, a few months ago I got stuck with 2 DNS server entries that could not be deleted:
85.255.116.174 and
85.255.112.76.
So, I am wondering if anyone else came across this situation / problem,
and if they got a solution to my problem!
Thanks,
Patrick in Puna BeachYou have garbaged drives. For the startup disk do this:
How to Perform an Archive and Install
An Archive and Install will NOT erase your hard drive, but you must have sufficient free space for a second OS X installation which could be from 3-9 GBs depending upon the version of OS X and selected installation options. The free space requirement is over and above normal free space requirements which should be at least 6-10 GBs. Read all the linked references carefully before proceeding.
1. Be sure to use Disk Utility first to repair the disk before performing the Archive and Install.
Repairing the Hard Drive and Permissions
Boot from your OS X Installer disc. After the installer loads select your language and click on the Continue button. When the menu bar appears select Disk Utility from the Installer menu (Utilities menu for Tiger, Leopard or Snow Leopard.) After DU loads select your hard drive entry (mfgr.'s ID and drive size) from the the left side list. In the DU status area you will see an entry for the S.M.A.R.T. status of the hard drive. If it does not say "Verified" then the hard drive is failing or failed. (SMART status is not reported on external Firewire or USB drives.) If the drive is "Verified" then select your OS X volume from the list on the left (sub-entry below the drive entry,) click on the First Aid tab, then click on the Repair Disk button. If DU reports any errors that have been fixed, then re-run Repair Disk until no errors are reported. If no errors are reported click on the Repair Permissions button. Wait until the operation completes, then quit DU and return to the installer. Now restart normally.
If DU reports errors it cannot fix, then you will need Disk Warrior and/or Tech Tool Pro to repair the drive. If you don't have either of them or if neither of them can fix the drive, then you will need to reformat the drive and reinstall OS X.
2. Do not proceed with an Archive and Install if DU reports errors it cannot fix. In that case use Disk Warrior and/or TechTool Pro to repair the hard drive. If neither can repair the drive, then you will have to erase the drive and reinstall from scratch.
3. Boot from your OS X Installer disc. After the installer loads select your language and click on the Continue button. When you reach the screen to select a destination drive click once on the destination drive then click on the Option button. Select the Archive and Install option. You have an option to preserve users and network preferences. Only select this option if you are sure you have no corrupted files in your user accounts. Otherwise leave this option unchecked. Click on the OK button and continue with the OS X Installation.
4. Upon completion of the Archive and Install you will have a Previous System Folder in the root directory. You should retain the PSF until you are sure you do not need to manually transfer any items from the PSF to your newly installed system.
5. After moving any items you want to keep from the PSF you should delete it. You can back it up if you prefer, but you must delete it from the hard drive.
6. You can now download a Combo Updater directly from Apple's download site to update your new system to the desired version as well as install any security or other updates. You can also do this using Software Update.
Once you have a working startup disk you can see about repairing the other hard drive using Disk Utility.
Message was edited by: Kappy -
Branch Cannot access Server in HQ
Hello,
I want to acces the HQ server from branch which is natted on ASA firewall, On Branch when i do a nslookup for the server it gives me the real ip of the server which is not accessible from branch becz it is Natted, I want to access the server by the name url how can i do that??
http://abc.cisco.com/workspace ------it doesnt works
BUT
http:// <Natted IP>/workspace-------------> it works fine
How can i access the server by name ???Hello,
Very good Docment dear,
Please find the attached.
There is trust relationship between the 2 domain as seen in the attachment.
I want to access from user PC to filenet server application through the URL. http://filenet.abc.com/workplace, when i enter from user PC in the browser the login page of the application shld come as per the URL http://filenet.abc.com:2080/Workplace/ContainerLogin.jsp
but unfortunately i get the authentication window for the domain abc after entering the username and password i get the below message.I hope the below error is due to trust relationship between the 2 domains.
"your browser configuration is correct but you have not logged into a supported Microsoft Windows Domain
please login to the application using the normal login page"
After the above error when again i open a new tab in the browser and try to open a link by adding the contents http://filenet.abc.com:2080/Workplace/ContainerLogin.jsp
it opens properly, actually i want to know where the things are missing to open in 1st attempt.
the domain on the ASA is abc.com
DNS server ip add on the firewall are for both the domain
filenet is static natted to IP which is accessible from branch.
Thanks -
TS3694 My mail keeps saying it cannot access server but my iPad is connected to the internet
My mail app on ipad 2 keeps saying it cannot connect to the server but my iPad is connecting to the Internet.
Find my phone feature
About
http://support.apple.com/kb/PH2580
Overview
http://support.apple.com/kb/PH2696
Set up
http://support.apple.com/kb/PH2697
Removal
http://support.apple.com/kb/PH2702
Troubleshooting
http://support.apple.com/kb/TS4006
Locate on a map
http://support.apple.com/kb/PH2698 -
Cannot access server in HQ through proxy server
Hi Experts,
We have a TMG 2010 installed and clients are accessing Internet through it.
And now there is an access problem to the destinatined server in HQ in another country, and it was fine to reach the destinated server before the servere changed its IP.
When trying to accesss the destinated server with new IP, the TMG log and report shows the connection status with
12030: The connection with the server was terminated abnoramlly.
While there is another guest segment that allows Internet access without proxy server, and they are able to access the server with no problem at all.
When I captured packets using Wireshark from the pc and found that the connection was actually from the pc to proxy server with the following result:
from PC to Proxy server
CONNECT xxx.xxx.com:443 HTTP/1.0
from Proxy server to PC
HTTP/1.1 502 Proxy Error (The connection with the server was terminated abnormally) (text/html)
Would there be a configuration problem inside TMG?
When i include the domain in https inspection exemption list, is that means client would be able to reach ther destination without being inspected?
Then how about the incoming connection? Is there any rules which will restrict HTTPS inbound?
Apart from above problem, clients also not able access some of https website such as banking with CA's, and no problem using guest segment (not through proxy server).
Thanks in advance
BenHi,
>>And now there is an access problem to the destinatined server in HQ in another country, and it was fine to reach the destinated server before the servere changed its IP.
Have you tried to re-create the rule to access the destinatined server after it changed the IP?
>>When i include the domain in https inspection exemption list, is that means client would be able to reach ther destination without being inspected?
When a site is added to the HTTPS inspection exclusion list, Forefront TMG does not check the site’s certificate for expiration or revocation. However, name mismatch and trust are always checked, unless the “No Validation” mark is set.
Reference:Troubleshooting HTTPS inspection
Best Regards,
Joyce
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
CAnnot Access server based user files
Hi
I have several IMacs running 10.5.6 connected to an Xserver.
Until recently we synced the users home folders, but they have become too large. There fore we plan to store the large files that were being synched locally. To do this I have switched off syncing, however when the user goes to the home folder it is the local /users folder and not the networked one setup in WGM. Is there a way to point the home icon to the networked folder?this adds several steps to the process
-
Cannot access web server internally with ea6200
I have the same problem as found in these posts:
http://community.linksys.com/t5/Wireless-Routers/Cannot-access-server-internally/m-p/743969/highligh...
http://community.linksys.com/t5/Wired-Routers/Accessing-Internal-Web-Servers-External-OK-Internal-No...
http://community.linksys.com/t5/Wireless-Routers/EA6500-NAT-Redirection-Bug/td-p/583820/highlight/fa...
Basically, I can't access my local http http server. Like the other posters, this is a new router and I've never had this problem before. I know very little about networking, but I am a developer and need my server to be accessible on my LAN.
The only things I’ve done since setting up the router are:
Setup the wifi security
Enable the media prioritization as a user suggested in the last link I posted.
Forward ports 80 and 8080 – I did this knowing that it made no sense because I only care about local access, but since nothing else with this stupid router makes any sense, I figured, “what the hell!”
I really appreciate any help I can get. I’m thinking about just ordering a new router and sending this PoS back to newegg.Hi jerred121, I've done a bit of a research about this feature. There is what we call DNS Rebinding Attacks, certain actions will not work from behind the router, this is for your own protection. I know it worked before with older routers.
If you need to access your server locally, you can use the private IP of that device rather than the public IP. -
Cisco ASA 5505 L2TP VPN cannot access internal network
Hi,
I'm trying to configure Cisco L2TP VPN to my office. After successful connection I cannot access to internal network.
Can you jhelp me to find out the issue?
I have Cisco ASA:
inside network - 192.168.1.0
VPN network - 192.168.168.0
I have router 192.168.1.2 and I cannot ping or get access to this router.
Here is my config:
ASA Version 8.4(3)
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 198.X.X.A 255.255.255.248
ftp mode passive
same-security-traffic permit intra-interface
object network net-all
subnet 0.0.0.0 0.0.0.0
object network vpn_local
subnet 192.168.168.0 255.255.255.0
object network inside_nw
subnet 192.168.1.0 255.255.255.0
access-list outside_access_in extended permit icmp any any echo-reply
access-list outside_access_in extended deny ip any any log
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool sales_addresses 192.168.168.1-192.168.168.254
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
nat (inside,outside) source dynamic net-all interface
nat (inside,outside) source static inside_nw inside_nw destination static vpn_local vpn_local
nat (outside,inside) source static vpn_local vpn_local destination static inside_nw inside_nw route-lookup
object network vpn_local
nat (outside,outside) dynamic interface
object network inside_nw
nat (inside,outside) dynamic interface
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 198.X.X.B 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication enable console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set my-transform-set-ikev1 esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set my-transform-set-ikev1 mode transport
crypto dynamic-map dyno 10 set ikev1 transform-set my-transform-set-ikev1
crypto map vpn 20 ipsec-isakmp dynamic dyno
crypto map vpn interface outside
crypto isakmp nat-traversal 3600
crypto ikev1 enable outside
crypto ikev1 policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 192.168.1.0 255.255.255.0 inside
ssh timeout 30
console timeout 0
management-access inside
dhcpd address 192.168.1.5-192.168.1.132 inside
dhcpd dns 75.75.75.75 76.76.76.76 interface inside
dhcpd enable inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy sales_policy internal
group-policy sales_policy attributes
dns-server value 75.75.75.75 76.76.76.76
vpn-tunnel-protocol l2tp-ipsec
username ----------
username ----------
tunnel-group DefaultRAGroup general-attributes
address-pool sales_addresses
default-group-policy sales_policy
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
authentication ms-chap-v2
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:5d1fc9409c87ecdc1e06f06980de6c13
: end
Thanks for your help.You have to test it with "real" traffic to 192.168.1.2 and if you use ping, you have to add icmp-inspection:
policy-map global_policy
class inspection_default
inspect icmp
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni -
Cannot access internal LAN after VPN connect
I know this is either an ACL or NAT issue that I cannot figure out. The nat-t config in defaulted in the IOS config for the ASA. I actually forgot the command to show the hidden default config lines. Either way, can someone take a look at my config, and let me know what I am doing wrong, again.
Thanks ahead of time.
ASA Version 8.2(2)
hostname ciscousa
enable password
names
interface Vlan1
nameif inside
security-level 100
ip address 1.1.1.2 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 14.14.11.5 255.255.255.0
interface Vlan3
shutdown
no forward interface Vlan2
nameif dmz
security-level 50
ip address dhcp
interface Ethernet0/0
switchport access vlan 2
speed 100
duplex full
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
speed 100
duplex full
ftp mode passive
same-security-traffic permit intra-interface
access-list outside_in extended permit icmp any any
access-list inside_nat0 extended permit ip any 1.1.1.0 255.255.255.0
access-list inside_nat0 extended permit ip any 10.12.27.0 255.255.255.0
access-list split_tunnel standard permit 1.1.1.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu dmz 1500
ip local pool vpnpool 10.12.27.100-10.12.27.120 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0
nat (inside) 1 0.0.0.0 0.0.0.0
access-group outside_in in interface outside
route outside 0.0.0.0 0.0.0.0 14.14.11.6 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 1.1.1.0 255.255.255.0 inside
http 1.1.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map inet-1_dyn_map 20 set transform-set ESP-3DES-SHA
crypto map inet-1_map 65535 ipsec-isakmp dynamic inet-1_dyn_map
crypto map inet-1_map interface outside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd auto_config outside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy vpnipsec internal
group-policy vpnipsec attributes
wins-server value 1.1.1.16
dns-server value 1.1.1.16
split-tunnel-policy tunnelspecified
split-tunnel-network-list value split_tunnel
default-domain value company.com
tunnel-group vpnipsec type remote-access
tunnel-group vpnipsec general-attributes
address-pool vpnpool
default-group-policy vpnipsec
tunnel-group vpnipsec ipsec-attributes
pre-shared-key *****
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512Hello,
I have been trying to get this to work within the last week but to no avail. I changed my config altogether and started from scratch. I have Split Tunnel working well, and I can access the VPN client from the internal LAN. But I still cannot access the internal LAN from the VPN client host. Can anyone take a look at my config and tell me what ACL\Access Group I am missing. I know I am close but I cannot get over the hump.
Thanks!
ASA Version 8.2(2)
names
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.2 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address xxx.xxx.xxx.xxx 255.255.255.0
interface Vlan3
shutdown
no forward interface Vlan2
nameif dmz
security-level 50
ip address dhcp
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
speed 100
duplex full
interface Ethernet0/4
interface Ethernet0/5
switchport access vlan 3
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
access-list outside_in extended permit icmp any any
access-list outside_in_vpn extended permit ip 192.168.3.0 255.255.255.0 any
access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.0.0 192.168.0.0 255.255.0.0
access-list split_tunnel standard permit 192.168.0.0 255.255.0.0
access-list split_tunnel standard permit 192.168.1.0 255.255.255.0
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit ip any any
pager lines 24
logging enable
logging buffered debugging
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu dmz 1500
ip local pool ipvpn 192.168.3.100-192.168.3.200 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
access-group inside_access_in in interface inside
access-group outside_in in interface outside control-plane
access-group outside_in_vpn in interface outside
route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xx 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map internet-1_dyn_map 20 set transform-set ESP-3DES-SHA
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHAESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map internet-1_map 65535 ipsec-isakmp dynamic internet-1_dyn_map
crypto map internet-1_map interface outside
crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map inside_map interface inside
crypto isakmp identity address
crypto isakmp enable inside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
management-access inside
dhcpd auto_config outside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy DfltGrpPolicy attributes
group-policy vpnipsec internal
group-policy vpnipsec attributes
wins-server value 192.168.1.5
dns-server value 192.168.1.5
split-tunnel-policy tunnelall
split-tunnel-network-list value split_tunnel
default-domain value company.com
tunnel-group vpnipsec type remote-access
tunnel-group vpnipsec general-attributes
address-pool ipvpn
default-group-policy vpnipsec
tunnel-group vpnipsec ipsec-attributes
pre-shared-key *
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
prompt hostname context
Cryptochecksum:7e41045c9d7c66ac2c03c3b12ae63908 -
Windows 7 pro client cannot access folders on server 2003 domain server
I added a windows 7 64 bit client to a server 2003 32 bit domain 3 weeks ago and file sharing was working fine until today, 5/4/12. Now, when trying to access shared folders that reside on the server,
I get the following "access denied" message:
[…folder…] is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
The user name could not be found.
Strangely enough...
The windows 7 client
can open shared folders that reside on the XP clients in the domain
All the XP clients in the domain can access the server 2003 folders
All the XP clients and the server 2003 machine can access shared folders and printers on the windows 7 client.
The windows 7 client can ping the server 2003 machine and vice versa
I can “see” the server in my network list, but when I click on it, I get the same “access denied” message listed above.
So... the only problem is that the windows 7 client cannot access folders that reside on the windows server 2003 machine. There must be some sharing setting that got changed
by a recent windows update.
Here is what I have done/verified so far on the windows 7 client:
In advanced sharing settings for Home/Work, Public and Domain profiles:
network discovery is enabled
file and print sharing is enabled
use user accounts and passwords to connect to other computers is selected (I also tried allowing windows to manage homegroup connections instead, but the problem remained.)
40 -56 bit encryption is enabled
In “gpedit.msc” Local Policies/Security Settings:
enabled the following policies:
Network access: Allow anonymous SID/name translation
Network access: Let Everyone permissions apply to anonymous users
disabled the following policies:
Network access: Restrict anonymous access to Named Pipes and Shares
Network access: Do not allow anonymous enumeration of SAM accounts
Network access: Do not allow anonymous enumeration of SAM accounts and shares
What am I missing? Are there policies on the server that need to be adjusted?
Please help! My business is crippled if I cannot access server files from this workstation. Thank you in advance.As this thread has been quiet for a while, we assume that the issue has been resolved. At this time, we will mark it as ‘Answered’ as the previous
steps should be helpful for many similar scenarios. <o:p></o:p>
If the issue still persists and you want to return to this question, please reply this post directly so we will be notified to follow it up. You
can also choose to unmark the answer as you wish. <o:p></o:p>
In addition, we’d love to hear your feedback about the solution. By sharing your experience you can help other community members facing similar
problems. <o:p></o:p>
Thanks!<o:p></o:p>
Arnav Sharma | http://arnavsharma.net/ Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
the thread. -
Cannot access internal network after Tiger upgrade
I've just upgraded an eMac (1.25GHz, 768MB) from 10.3.9 to 10.4.6. Although I can get online, access Mail and all applications, I cannot access the internal network at all.
I've updated to 10.4.9, but still no luck. I've restarted, logged in as a different user, logged out and in again, removed the 'com.apple.networkconfig.plist' file from the 'Library/Preferences' folder, but still doesn't work.
I can see all the aliases to the other machines on the network in the sidebar, but clicking on them brings up a message "The alias xxxx could not be opened, because the original alias could not be found.".
Other machines can see this on on the network. File Sharing is turned on.
Any thoughts, I'm tearing my hair out a bit!
Powerbook G4 Mac OS X (10.4.8)no good, is an afpmounter error, i solved it with an
Archive and Install
http://docs.info.apple.com/article.html?artnum=107120-en
maybe someone have a solution..
i think is an error during the update (i had the same from panther to tiger)
with A&I and half-hour, your machine work perfectly. -
Vpn client can access internet but cannot access internal network
I am using PIX 501 to setup a VPN. At first the VPN client cannot access the internet once they logged in via the Cisco system vpn client, so i enable split tunneling. Now the VPN client can access the internet but they can't access the internal network.Due to the limited characters can be posted here, only necessary IOS coding is posted on the next message. Who knows how to solve this problem? Pls Help.....
enable password ********** encrypted
passwd ********** encrypted
hostname Firewall
domain-name aqswdefrgt.com.sg
access-list 100 permit ip 192.168.1.0 255.255.255.0 192.168.50.0 255.255.255.0
access-list nat permit tcp any host 65.165.123.142 eq smtp
access-list nat permit tcp any host 65.165.123.142 eq pop3
access-list nat permit tcp any host 65.165.123.143 eq smtp
access-list nat permit tcp any host 65.165.123.143 eq pop3
access-list nat permit tcp any host 65.165.123.143 eq www
access-list nat permit tcp any host 65.165.123.152 eq smtp
access-list nat permit tcp any host 65.165.123.152 eq pop3
access-list nat permit tcp any host 65.165.123.152 eq www
access-list nat permit tcp any host 65.165.123.143 eq https
access-list nat permit icmp any any
ip address outside 65.165.123.4 255.255.255.240
ip address inside 192.168.1.2 255.255.255.0
ip verify reverse-path interface outside
ip local pool clientpool 192.168.50.1-192.168.50.50
global (outside) 1 interface
nat (inside) 0 access-list 100
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
static (inside,outside) tcp 65.165.123.142 smtp 192.168.1.56 smtp netmask 255.255.2
55.255 0 0
static (inside,outside) tcp 65.165.123.142 pop3 192.168.1.56 pop3 netmask 255.255.2
55.255 0 0
static (inside,outside) tcp 65.165.123.143 smtp 192.168.1.55 smtp netmask 255.255.2
55.255 0 0
static (inside,outside) tcp 65.165.123.143 pop3 192.168.1.55 pop3 netmask 255.255.2
55.255 0 0
static (inside,outside) tcp 65.165.123.143 www 192.168.1.55 www netmask 255.255.255
.255 0 0
static (inside,outside) tcp 65.165.123.152 smtp 192.168.1.76 smtp netmask 255.255.
255.255 0 0
static (inside,outside) tcp 65.165.123.152 pop3 192.168.1.76 pop3 netmask 255.255.
255.255 0 0
static (inside,outside) tcp 65.165.123.152 www 192.168.1.76 www netmask 255.255.25
5.255 0 0
static (inside,outside) tcp 65.165.123.143 https 192.168.1.55 https netmask 255.255
.255.255 0 0
access-group nat in interface outside
route outside 0.0.0.0 0.0.0.0 65.165.123.1 1
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
aaa-server plexus protocol radius
aaa-server plexus (inside) host 192.168.1.55 ******** timeout 5
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto dynamic-map cisco 1 set transform-set myset
crypto map dyn-map 20 ipsec-isakmp dynamic cisco
crypto map dyn-map client authentication plexus
crypto map dyn-map interface outside
isakmp enable outside
isakmp key ******** address 0.0.0.0 netmask 0.0.0.0
isakmp policy 20 authentication pre-share
isakmp policy 20 encryption des
isakmp policy 20 hash md5
isakmp policy 20 group 2
isakmp policy 20 lifetime 86400
isakmp policy 40 authentication pre-share
isakmp policy 40 encryption 3des
isakmp policy 40 hash md5
isakmp policy 40 group 2
isakmp policy 40 lifetime 86400
vpngroup vpn3000 address-pool clientpool
vpngroup vpn3000 dns-server 192.168.1.55
vpngroup vpn3000 wins-server 192.168.1.55
vpngroup vpn3000 default-domain aqswdefrgt.com.sg
vpngroup vpn3000 idle-time 1800
vpngroup vpn3000 password ********
telnet 192.168.1.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80 -
Cannot Access EAC/ECP on exchange server 2013 after installation
Hi,
I can not Cannot Access EAC/ECP on exchange server 2013 after installation . Error 404.4 code 0x80070002
Help!
Thanks,Hi Florin
Did you try accessing EAC by using below link
https://<Exchange_2013_CAS_FQDN>/ecp?ExchClientVer=15
Please access EAC via Internal URL: https://<CASServerName>/ecp
Finally ensure that you have logged in as administrator as well as this might be problem as well
Remember to mark as helpful if you find my contribution useful or as an answer if it does answer your question.That will encourage me - and others - to take time out to help you Check out my latest blog posts on http://exchangequery.com
Maybe you are looking for
-
can't sign in to your account. I want to recover the password writes that you need to contact technical support. address they give me questions I fill and again they are asked to fill in. so three times filled. then write we checked everything and ga
-
IPod error message when trying to sync contacts
Hey all, When I try syncing my iPod Touch, it comes up with the error message: "iTunes could not sync contacts to the iPod because the iPod disconnected." When I turn off contact syncing, the sync works just fine, but then all of my contacts remain o
-
SCCM 2012 R2: Build and Capture - Windows 8.1 prompting for network
I have upgraded my SCCM 2012 SP1 (CU2) to SCCM 2012 R2 and I am attempting to Build and Capture Windows 8.1 Enterprise. Everything is perfect except for the OS prompting for a network selection during the process, if I click "next" on that screen the
-
Hi folks, I am working with the MDM ABAP API and there are some errors that do not make any sense to me. Here is a list with the technical information: MDM 5.5 SP 5 (5.5.40.83) SAP NetWeaver 2004s (700) MDM API 555/700 I have set up the Repository in
-
OGMRIP is broken... will not rip any video.
I am firstly not sure if this section is the correct one, if not then i am sorry After changing over from Ubuntu to Arch i still wanted to rip my dvd's into high quality MKV files using the program "ogmrip". After installing all the packages wich it