Cisco/IPsec VPN built-in service of 10.6.1 does not work!

Hello,
I have been using for a while in Leopard (10.5) the Cisco VPN client delivered by Cisco company until I upgrade to Snow Leopard (10.6.1) which comes with a native built-in Cisco VPN client and I gave it a try in order to replace my dedicated Cisco app.
I set up the Cisco VPN service in System Preferences > Network with the same settings than those used in the Cisco client but the connection fails when it is launched from the 10.6 network VPN service... while it works perfect when launched from the Cisco app itself.
I need to activate a VPN connection in order to connect from home to my enterprise server and I have to respect the VPN settings the network administrator of my enterprise put in place.
Those are very common:
1. Host name
2. Group name + Group password
3. Domain name\Userid + User password
4. RSA pass code (random code provided by a specific RSA keyfob)
5. Transport is IPsec over UDP
According to my testings, I would say that:
1. The connection to the host is OK.
2. The validation of the group name + group psw is OK.
3. The validation of the userid + user psw is OK.
4. The RSA pass code is rejected.
According to my enterprise network engineer's investigations, the possible reasons of the connection failure could be:
1. the UDP protocol is not (well) supported by the client service.
2. and/or the extended authentification phase (aka "Xauth") is not working as it should.
As far as I can see in other VPN clients, there is usually an option to select whether the transport is run over TCP or over UDP. Unfortunately, I have not been able to find such option in 10.6.
In my opinion, it could be either a bug or an (undesired) limitation of the Apple VPN service. In both cases, it requires a quick fix from Apple as, for time being, this issue prevents me and many of us connecting to our enterprise servers when we are far from its local network.

Thank you for your answers which confirm the limitation of the Apple VPN solution to the TCP transport only.
I have to say that I do not understand such a decision from Apple since the UDP protocol is very common in the enterprise world.
I will thus have to rely on the Cisco app itself. Is the version 4.9.01 (0080) the correct one for SL as well?
Thank you!

Similar Messages

I am trying to open a service request and the site does not work.

I am trying to open a service request and the site does not work with ANY browser. I get the page https://getsupport.apple.com/GetParts.action which says "Send in for service. We just need a little more information." The continue button does not work. I've seen this problem before trying to file support requests. It's as if Apple simply does not want you to create requests.

I just went through several screens and had no problems. Try clearing your browser's cache and/or history.

I would like a refund now. I bought this service this morning and it does not work as advertised. Reliable is not what I would use to describe this product. Cancel my subscription/refund my money and send me an email to the address I used when I signed up

I would like a refund now. I bought this service this morning and it does not work as advertised. Reliable is not what I would use to describe this product. Cancel my subscription/refund my money and send me an email to the address I used when I signed up.

Hi,
I just checked your account.
Your Adobe Export pdf service has been cancelled & refunded.
Regards,
Florence

Web Service Call with Basic Authentication does not work

If I try to use Basic Authentication in my Web Service Client with the automatically created methods
setUsername(inUserName)
setPassword(inPassword)
setAddress(inAddress)
the application does not make a call. Did I forget something?
Is it possible to use "Test Method" with Basic Authentication?
Thank you.

Thank you for your answer.
But: I already read this article. And it doesn't help me.
I use the following code:
            getMyServiceClient1().setUsername(inUserName);
            getMyServiceClient1().setPassword(inPassword);With this code I always get a java.lang.NullPointerException.
The methods setUsername and setPassword are definded as follows:
public void setUsername(String inUserName) {
        myStub._setProperty(Stub.USERNAME_PROPERTY, inUserName);
public void setPassword(String inPassword) {
        myStub._setProperty(Stub.PASSWORD_PROPERTY, inPassword);
}But if I look at the methods which are generated automatically by Sun Java Studio Creator I cannot find _setProperty.
I also found this thread in your forum:
http://swforum.sun.com/jive/thread.jspa?forumID=123&threadID=54773

Remote update service on sony ericsson G502 does not work

I have a Sony Ericsson G502. The phone has a problem which causes it to restart when I am on a call. Sometimes it just restarts on its own. I searched on the net and found that other people have also seen the same issue and I believe a software upgrade will fix the problem.
I dont have the usb cable of the phone so I cannot do the upgrade using the 'Update Service' software from the pc. I tried doing a 'remote update service' from the phone in Menu-->Update Service-->Search for Update, but it just says that your phone is running the latest software. The current software version on my phone is 1203-8254 R1FA031 080512. Is this the latest software available? I have bought the phone 2 years back (but used it sparingly), and I am not convinced that there is no update to this software.
Please suggest a way I can upgrade this phone? I like the phone, but this restart problem makes the phone very unreliable for everyday use. Kindly help.

Your best bet is to get a USB cable and update the software with SEUS on your PC.If, as the remote update service tells you, you already have the latest software, you can only re-install the software via PC anyway.Alternatively, you can perform a master reset on the phone and see if that fixes the problem.Hope this helps.

Cisco IPSec VPN Client and sending a specific Radius A-V value to ACS 5.2

This setup is to try routing Cisco VPN to either RSA or Entrust from Cisco ACS 5.2, depending on some parameter in incoming AUTH request from Cisco IPSec VPN Client 5.x. Tried playing with pcf files and user names/identity stores, none seems working

Hi Tony,
to the best of my knowledge this is currently not possible, but will be once this enhancement is implemented:
CSCsw31922 Radius upstream VSAs (Tunnel Group,Client type) for VPN policy decisions
You may want to try and ask in the AAA forum if there is anything you can do on ACS...
hth
Herbert

Cisco IPSEC VPN not working after upgrade to Mavericks

I have been using the Cisco IPSEC VPN for almost 2 years with no issues. When I upgraded to Mavericks this week it stopped working. When i tell it to connect it prompts for password and attempts to connect for about 30 seconds then comes back with the following message...
VPN Connection
The negotiation with the VPN server failed. Verify the server address and try reconnecting.
The address, group, shared secret, user and password are correct. Any help would be greatly appreiated.

Hry, I'm not sure if this fixes the Cisco IPSec issue, but I can vouch for it fixing the L2TP issue that occurs after tha mavericks upgrade!
I’ve got L2TP VPN working in Mavericks 10.9 and Server App 3.0.0 / 3.0.1.
It really is quite a simple fix.
Obviously, the standard caveats apply: This is a temporary, unsupported, workaround, and only a suggested idea at that. Again, this workaround is NOT supported by Apple.
Proceed with this workaround on your own equipment at your own risk. And remember the golden rule: Always backup your data!
OK so here goes… copy and paste the following into termini ONE LINE AT A TIME!
cd /tmp
curl -sO http://c5mart.co/mavericks-vpn-fix/racoon.tar.gz
tar -xzvf racoon.tar.gz
rm racoon.tar.gz
sudo chown root:wheel racoon
sudo chmod 555 racoon
if [ ! -f /usr/sbin/racoon.mavericks ]; then sudo mv /usr/sbin/racoon /usr/sbin/racoon.mavericks; fi;
sudo mv racoon /usr/sbin/racoon
sudo killall racoon
This works fine for me and I'm running a OSX Server for my entire office.
…et voilà!

Profile for Cisco IPsec VPN does not set shared secret correctly

Hi,
We have a shared secret configuration for a Cisco IPsec (connecting to an ASA). I can correctly configure a profile for the Cisco IPsec VPN and deliver it to the device. However, the VPN connection fails due to an invalid shared secret. If I then go into the VPN settings on the device itself and manually retype the shared secret, it works fine.
I have noticed this when generating the mobileconfig profile both from Apple's iPhone Configuration Utility and also when using the MobileIron management platform to generate and push profiles.
Has anyone else seen this problem? I'm really confident that I'm typing the shared secret correctly in the iPCU generated profile as I've tried it many times. It also has happened across every flavor of iOS 3.x and 4.x (including the 4.2 betas).
thanks

Hi,
Thanks for the reply but it is a bit of a strange one. What makes you think the shared secret we are using - which you don't know - is more than 32 characters long. I can promise you it isn't. There's a bug in the way mobileconfig files are storing the encrypted shared secret values. I've now seen it on a third party mobile device management platform too.

Configurate cisco ipsec vpn client at asa 5505 version 8.4

Hi dear. I want to configurate cisco ipsec vpn client at asa 5505. At my asa the software version is 8.4.
please provide me a link or some material to config ipsec vpn client at asa 5505 version 8.4
thank you.

are you looking for vpn client .pcf file or the configuration on ASA (ASDM) ?
what version of vpn client ?

Cisco 1841 as PPTP client Does not work

Dear All,
I have Cisco 1841 router running the below roles
1) SSL VPN Server
2) PPTP Server
3) Site to Site Connection with Sonicwall router
I want the router to be configured a pptp client to internet vpn server (so that i will get a fixed public ip )
Once i get this ip address i want to use this connection to accept in coming connection and forward ports to internal host,
I went through below
http://www.mreji.eu/content/cisco-router-pptp-client
https://supportforums.cisco.com/thread/2167562
But it does not work as i do not have the option for the below 2 commands in vpdn-group 2 section.(Please see section in blue)
protocol pptp
rotary-group 4
Please Advise and Help
Regards
Hasan Reza
My Current Config is as below
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.06.09 17:55:23 =~=~=~=~=~=~=~=~=~=~=~=
exit
Gateway#show run |
Building configuration...
Current configuration : 25109 bytes
! Last configuration change at 13:33:57 UTC Sun Jun 9 2013 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname Gateway
boot-start-marker
boot system flash c1841-advsecurityk9-mz.151-2.T1.bin
boot-end-marker
logging buffered 4096
no logging console
enable secret 5 $1$SciF$TlX1tR5qaG9ZE7pdZHcRJ/
no aaa new-model
dot11 syslog
ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 10.236.5.1 10.236.5.20
ip dhcp excluded-address 10.236.5.21 10.236.5.50
ip dhcp excluded-address 172.21.51.2 172.21.51.50
ip dhcp pool ContosoPool
   network 10.236.5.0 255.255.255.0
   default-router 10.236.5.254
   dns-server 213.42.20.20 195.229.241.222
ip dhcp pool DMZ
   network 172.21.51.0 255.255.255.0
   dns-server 172.21.51.10
   default-router 172.21.51.1
   domain-name contoso.local
ip cef
ip domain name contoso.local
ip name-server 213.42.20.20
ip name-server 195.229.241.22
ip name-server 195.229.241.222
ip ddns update method dyndns
HTTP
add http://xxxxxx:[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove http://xxxxxx:yyyyy@@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
interval maximum 0 1 0 0
multilink bundle-name authenticated
vpdn enable
vpdn-group 2
request-dialin
protocol l2tp
initiate-to ip 173.195.0.42
vpdn-group RAS-VPN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
l2tp tunnel timeout no-session 15
crypto pki token default removal timeout 0
crypto pki trustpoint TP.StartSSL.CA
enrollment terminal pem
revocation-check none
crypto pki trustpoint TP.StartSSL-vpn
enrollment terminal pem
usage ssl-server
serial-number none
fqdn ssl.spktelecom.com
ip-address none
revocation-check crl
rsakeypair RSA.StartSSL-vpn
crypto pki trustpoint TP-self-signed-1981248591
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1981248591
revocation-check none
rsakeypair TP-self-signed-1981248591
crypto pki trustpoint VMWare
enrollment terminal
revocation-check crl
crypto pki trustpoint OWA
enrollment terminal pem
revocation-check crl
crypto pki certificate chain TP.StartSSL.CA
certificate ca 01
(removed the certificate info for clarity)
   quit
crypto pki certificate chain TP.StartSSL-vpn
certificate 0936E1
    (removed the certificate info for clarity)9
   quit
certificate ca 18
(removed the certificate info for clarity)
   quit
crypto pki certificate chain TP-self-signed-1981248591
certificate self-signed 01
    (removed the certificate info for clarity)
   quit
crypto pki certificate chain VMWare
certificate ca 008EDCE6DBCE6B
    (removed the certificate info for clarity)
   quit
crypto pki certificate chain OWA
   (removed the certificate info for clarity)
license udi pid CISCO1841 sn FCZ122191TW
archive
log config
hidekeys
username admin privilege 15 password 7 1304131F02023B7B7977
username ali password 7 06070328
redundancy
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
lifetime 84000
crypto isakmp key admin_123 address 0.0.0.0 0.0.0.0
crypto isakmp keepalive 10
crypto ipsec security-association lifetime seconds 28800
crypto ipsec transform-set vpnset esp-3des esp-sha-hmac
crypto ipsec transform-set strongsha esp-3des esp-sha-hmac
crypto dynamic-map mydyn 10
set transform-set strongsha
crypto map Dxb-Auh 1000 ipsec-isakmp dynamic XXXXXXXXXX
interface FastEthernet0/0
description Internal Network (Protected Interface)
ip address 10.236.5.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface FastEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface ATM0/0/0
no ip address
shutdown
no atm ilmi-keepalive
interface BRI0/1/0
no ip address
encapsulation hdlc
shutdown
interface Virtual-Template1
ip unnumbered Dialer1
peer default ip address dhcp-pool ContosoPool
ppp encrypt mppe auto required
ppp authentication ms-chap ms-chap-v2 eap
interface Dialer1
ip ddns update hostname XXXXXXX.dyndns.org
ip ddns update dyndns
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1450
dialer pool 1
ppp pap sent-username vermam password 7 13044E155E0913323B
crypto map Dxb-Auh
interface Dialer2
mtu 1460
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 2
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp authentication ms-chap ms-chap-v2 callin
ppp eap refuse
ppp chap hostname hasanreza
ppp chap password 7 070E2541470726544541
interface Dialer995
no ip address
ip local pool webssl 10.236.6.10 10.236.6.30
ip forward-protocol nd
ip http server
ip http secure-server
ip nat inside source list nat interface Dialer1 overload
ip nat inside source static tcp 10.236.5.12 25 interface Dialer1 25
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 172.21.51.0 255.255.255.0 10.236.5.253
ip access-list extended internal
permit ip any 10.236.5.0 0.0.0.255
ip access-list extended nat
deny   ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
deny   ip 10.236.5.0 0.0.0.255 172.19.19.0 0.0.0.255
permit ip 10.236.5.0 0.0.0.255 any
ip access-list extended nonat
permit ip 10.236.5.0 0.0.0.255 172.19.19.0 0.0.0.255
permit ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
ip access-list extended sslacl
ip access-list extended webvpn
permit tcp any any eq 443
logging esm config
access-list 101 permit ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
control-plane
line con 0
line aux 0
line vty 0 4
exec-timeout 0 0
login local
transport preferred ssh
transport input telnet ssh
line vty 5 15
exec-timeout 0 0
login local
transport preferred ssh
transport input telnet ssh
scheduler allocate 20000 1000
webvpn gateway gateway1
ip interface Dialer1 port 443
ssl encryption rc4-md5
ssl trustpoint TP.StartSSL-vpn
inservice
webvpn install svc flash:/webvpn/anyconnect-win-3.1.00495-k9.pkg sequence 1
webvpn install csd flash:/webvpn/sdesktop.pkg
webvpn context webvpn
ssl authenticate verify all
url-list "Webservers"
   heading "SimpleIT Technologies NBNS Servers"
   url-text "Google" url-value "www.google.com"
   url-text "Mainframe" url-value "10.236.5.2"
   url-text "Mainframe2" url-value "https://10.236.5.2"
nbns-list "ContosoServer"
   nbns-server 10.236.5.10
   nbns-server 10.236.5.11
   nbns-server 10.236.5.12
port-forward "PortForwarding"
   local-port 3389 remote-server "10.236.5.10" remote-port 3389 description "Server-DC01"
policy group policy1
   url-list "Webservers"
   port-forward "PortForwarding"
   nbns-list "ContosoServer"
   functions file-access
   functions file-browse
   functions file-entry
   functions svc-enabled
   svc address-pool "webssl"
   svc default-domain "Contoso.Local"
   svc keep-client-installed
   svc split include 10.236.5.0 255.255.255.0
   svc split include 10.236.6.0 255.255.255.0
   svc split include 172.31.1.0 255.255.255.0
   svc split include 172.21.51.0 255.255.255.0
   svc dns-server primary 172.21.51.10
default-group-policy policy1
gateway gateway1
inservice
end
Gateway#

Dear All,
I have Cisco 1841 router running the below roles
1) SSL VPN Server
2) PPTP Server
3) Site to Site Connection with Sonicwall router
I want the router to be configured a pptp client to internet vpn server (so that i will get a fixed public ip )
Once i get this ip address i want to use this connection to accept in coming connection and forward ports to internal host,
I went through below
http://www.mreji.eu/content/cisco-router-pptp-client
https://supportforums.cisco.com/thread/2167562
But it does not work as i do not have the option for the below 2 commands in vpdn-group 2 section.(Please see section in blue)
protocol pptp
rotary-group 4
Please Advise and Help
Regards
Hasan Reza
My Current Config is as below
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.06.09 17:55:23 =~=~=~=~=~=~=~=~=~=~=~=
exit
Gateway#show run |
Building configuration...
Current configuration : 25109 bytes
! Last configuration change at 13:33:57 UTC Sun Jun 9 2013 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname Gateway
boot-start-marker
boot system flash c1841-advsecurityk9-mz.151-2.T1.bin
boot-end-marker
logging buffered 4096
no logging console
enable secret 5 $1$SciF$TlX1tR5qaG9ZE7pdZHcRJ/
no aaa new-model
dot11 syslog
ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 10.236.5.1 10.236.5.20
ip dhcp excluded-address 10.236.5.21 10.236.5.50
ip dhcp excluded-address 172.21.51.2 172.21.51.50
ip dhcp pool ContosoPool
   network 10.236.5.0 255.255.255.0
   default-router 10.236.5.254
   dns-server 213.42.20.20 195.229.241.222
ip dhcp pool DMZ
   network 172.21.51.0 255.255.255.0
   dns-server 172.21.51.10
   default-router 172.21.51.1
   domain-name contoso.local
ip cef
ip domain name contoso.local
ip name-server 213.42.20.20
ip name-server 195.229.241.22
ip name-server 195.229.241.222
ip ddns update method dyndns
HTTP
add http://xxxxxx:[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove http://xxxxxx:yyyyy@@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
interval maximum 0 1 0 0
multilink bundle-name authenticated
vpdn enable
vpdn-group 2
request-dialin
protocol l2tp
initiate-to ip 173.195.0.42
vpdn-group RAS-VPN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
l2tp tunnel timeout no-session 15
crypto pki token default removal timeout 0
crypto pki trustpoint TP.StartSSL.CA
enrollment terminal pem
revocation-check none
crypto pki trustpoint TP.StartSSL-vpn
enrollment terminal pem
usage ssl-server
serial-number none
fqdn ssl.spktelecom.com
ip-address none
revocation-check crl
rsakeypair RSA.StartSSL-vpn
crypto pki trustpoint TP-self-signed-1981248591
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1981248591
revocation-check none
rsakeypair TP-self-signed-1981248591
crypto pki trustpoint VMWare
enrollment terminal
revocation-check crl
crypto pki trustpoint OWA
enrollment terminal pem
revocation-check crl
crypto pki certificate chain TP.StartSSL.CA
certificate ca 01
(removed the certificate info for clarity)
   quit
crypto pki certificate chain TP.StartSSL-vpn
certificate 0936E1
    (removed the certificate info for clarity)9
   quit
certificate ca 18
(removed the certificate info for clarity)
   quit
crypto pki certificate chain TP-self-signed-1981248591
certificate self-signed 01
    (removed the certificate info for clarity)
   quit
crypto pki certificate chain VMWare
certificate ca 008EDCE6DBCE6B
    (removed the certificate info for clarity)
   quit
crypto pki certificate chain OWA
   (removed the certificate info for clarity)
license udi pid CISCO1841 sn FCZ122191TW
archive
log config
hidekeys
username admin privilege 15 password 7 1304131F02023B7B7977
username ali password 7 06070328
redundancy
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
lifetime 84000
crypto isakmp key admin_123 address 0.0.0.0 0.0.0.0
crypto isakmp keepalive 10
crypto ipsec security-association lifetime seconds 28800
crypto ipsec transform-set vpnset esp-3des esp-sha-hmac
crypto ipsec transform-set strongsha esp-3des esp-sha-hmac
crypto dynamic-map mydyn 10
set transform-set strongsha
crypto map Dxb-Auh 1000 ipsec-isakmp dynamic XXXXXXXXXX
interface FastEthernet0/0
description Internal Network (Protected Interface)
ip address 10.236.5.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface FastEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface ATM0/0/0
no ip address
shutdown
no atm ilmi-keepalive
interface BRI0/1/0
no ip address
encapsulation hdlc
shutdown
interface Virtual-Template1
ip unnumbered Dialer1
peer default ip address dhcp-pool ContosoPool
ppp encrypt mppe auto required
ppp authentication ms-chap ms-chap-v2 eap
interface Dialer1
ip ddns update hostname XXXXXXX.dyndns.org
ip ddns update dyndns
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1450
dialer pool 1
ppp pap sent-username vermam password 7 13044E155E0913323B
crypto map Dxb-Auh
interface Dialer2
mtu 1460
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 2
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp authentication ms-chap ms-chap-v2 callin
ppp eap refuse
ppp chap hostname hasanreza
ppp chap password 7 070E2541470726544541
interface Dialer995
no ip address
ip local pool webssl 10.236.6.10 10.236.6.30
ip forward-protocol nd
ip http server
ip http secure-server
ip nat inside source list nat interface Dialer1 overload
ip nat inside source static tcp 10.236.5.12 25 interface Dialer1 25
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 172.21.51.0 255.255.255.0 10.236.5.253
ip access-list extended internal
permit ip any 10.236.5.0 0.0.0.255
ip access-list extended nat
deny   ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
deny   ip 10.236.5.0 0.0.0.255 172.19.19.0 0.0.0.255
permit ip 10.236.5.0 0.0.0.255 any
ip access-list extended nonat
permit ip 10.236.5.0 0.0.0.255 172.19.19.0 0.0.0.255
permit ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
ip access-list extended sslacl
ip access-list extended webvpn
permit tcp any any eq 443
logging esm config
access-list 101 permit ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
control-plane
line con 0
line aux 0
line vty 0 4
exec-timeout 0 0
login local
transport preferred ssh
transport input telnet ssh
line vty 5 15
exec-timeout 0 0
login local
transport preferred ssh
transport input telnet ssh
scheduler allocate 20000 1000
webvpn gateway gateway1
ip interface Dialer1 port 443
ssl encryption rc4-md5
ssl trustpoint TP.StartSSL-vpn
inservice
webvpn install svc flash:/webvpn/anyconnect-win-3.1.00495-k9.pkg sequence 1
webvpn install csd flash:/webvpn/sdesktop.pkg
webvpn context webvpn
ssl authenticate verify all
url-list "Webservers"
   heading "SimpleIT Technologies NBNS Servers"
   url-text "Google" url-value "www.google.com"
   url-text "Mainframe" url-value "10.236.5.2"
   url-text "Mainframe2" url-value "https://10.236.5.2"
nbns-list "ContosoServer"
   nbns-server 10.236.5.10
   nbns-server 10.236.5.11
   nbns-server 10.236.5.12
port-forward "PortForwarding"
   local-port 3389 remote-server "10.236.5.10" remote-port 3389 description "Server-DC01"
policy group policy1
   url-list "Webservers"
   port-forward "PortForwarding"
   nbns-list "ContosoServer"
   functions file-access
   functions file-browse
   functions file-entry
   functions svc-enabled
   svc address-pool "webssl"
   svc default-domain "Contoso.Local"
   svc keep-client-installed
   svc split include 10.236.5.0 255.255.255.0
   svc split include 10.236.6.0 255.255.255.0
   svc split include 172.31.1.0 255.255.255.0
   svc split include 172.21.51.0 255.255.255.0
   svc dns-server primary 172.21.51.10
default-group-policy policy1
gateway gateway1
inservice
end
Gateway#

Satellite M645-S4050: built in camera does not work correctly

My built in camera does not work correctly.
It does not have any kind of effect on and it captures pictures and videos as if some kind of thermal camera was on.
Also some videos I load up on youtube look like this.
I have been researching for an answer but can't find it, please help me.

All you can do is to test it with latest webcam driver.
Remove preinstalled camera software and install latest version offered on Toshiba download page.
If the same happen again visit nearest Toshiba service and show them how it looks like. Maybe the cam must be exchanged.
In the past I have used several Toshiba laptops with built in cam but I have never saw something lke this.

Simple JAX-WS web service does not work on WS7u6

Hello,
I am trying to deploy a very simple JAX-WS web service on WS7u6, but it is not working. The same service deployed on Tomcat 6.0.16 works fine.
The service I'm trying to deploy is from a tutorial on the Netbeans website: [http://netbeans.org/kb/docs/websvc/jax-ws.html] - it is a simple calculator web service that adds two ints and returns an int.
I follow the tutorial to the letter, but when I attempt to deploy on WS7, it fails as follows:
[10/Dec/2009:21:21:44] info (25757): CORE3276: Installing a new configuration
[10/Dec/2009:21:21:44] info (25757): WEB0118: SSO is enabled in virtual server [dadydude.qisc.com]
[10/Dec/2009:21:21:44] info (25757): WEB0100: Loading web module in virtual server [dadydude.qisc.com] at [/wstest]
[10/Dec/2009:21:21:44] info (25757): WSSERVLET12: JAX-WS context listener initializing
[10/Dec/2009:21:21:44] info (25757): wsdl cannot be found from DD or annotation. Will generate and publish a new WSDL for SEI endpoints.
[10/Dec/2009:21:21:44] failure (25757): WSSERVLET11: failed to parse runtime descriptor: class: org.me.calculator.jaxws.Add could not be found
class: org.me.calculator.jaxws.Add could not be found
     at com.sun.xml.ws.modeler.RuntimeModeler.getClass(RuntimeModeler.java:271)
     at com.sun.xml.ws.modeler.RuntimeModeler.processDocWrappedMethod(RuntimeModeler.java:562)
     at com.sun.xml.ws.modeler.RuntimeModeler.processMethod(RuntimeModeler.java:509)
     at com.sun.xml.ws.modeler.RuntimeModeler.processClass(RuntimeModeler.java:355)
     at com.sun.xml.ws.modeler.RuntimeModeler.buildRuntimeModel(RuntimeModeler.java:251)
     at com.sun.xml.ws.server.RuntimeEndpointInfo.createSEIModel(RuntimeEndpointInfo.java:170)
     at com.sun.xml.ws.server.RuntimeEndpointInfo.init(RuntimeEndpointInfo.java:317)
     at com.sun.xml.ws.transport.http.servlet.WSServletContextListener.createModelAndMetadata(WSServletContextListener.java:200)
     at com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:120)
     at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4456)
     at org.apache.catalina.core.StandardContext.start(StandardContext.java:5113)
     at com.sun.webserver.connector.nsapi.WebModule.start(WebModule.java:235)
     at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1224)
     at org.apache.catalina.core.StandardHost.start(StandardHost.java:924)
     at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1224)
     at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:520)
     at org.apache.catalina.startup.Embedded.start(Embedded.java:917)
     at com.sun.enterprise.web.PwcWebContainer.onStartup(PwcWebContainer.java:70)
     at com.sun.webserver.connector.nsapi.WebContainer.start(WebContainer.java:491)
     at com.sun.webserver.init.J2EERunner.confPostInit(J2EERunner.java:304)
[10/Dec/2009:21:21:44] failure (25757): WebModule[/wstest]PWC1275: Exception sending context initialized event to listener instance of class com.sun.xml.ws.transport.http.servlet.WSServletContextListener
WSSERVLET11: failed to parse runtime descriptor: class: org.me.calculator.jaxws.Add could not be found
     at com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:131)
     at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4456)
     at org.apache.catalina.core.StandardContext.start(StandardContext.java:5113)
     at com.sun.webserver.connector.nsapi.WebModule.start(WebModule.java:235)
     at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1224)
     at org.apache.catalina.core.StandardHost.start(StandardHost.java:924)
     at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1224)
     at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:520)
     at org.apache.catalina.startup.Embedded.start(Embedded.java:917)
     at com.sun.enterprise.web.PwcWebContainer.onStartup(PwcWebContainer.java:70)
     at com.sun.webserver.connector.nsapi.WebContainer.start(WebContainer.java:491)
     at com.sun.webserver.init.J2EERunner.confPostInit(J2EERunner.java:304)
Caused by: class: org.me.calculator.jaxws.Add could not be found
     at com.sun.xml.ws.modeler.RuntimeModeler.getClass(RuntimeModeler.java:271)
     at com.sun.xml.ws.modeler.RuntimeModeler.processDocWrappedMethod(RuntimeModeler.java:562)
     at com.sun.xml.ws.modeler.RuntimeModeler.processMethod(RuntimeModeler.java:509)
     at com.sun.xml.ws.modeler.RuntimeModeler.processClass(RuntimeModeler.java:355)
     at com.sun.xml.ws.modeler.RuntimeModeler.buildRuntimeModel(RuntimeModeler.java:251)
     at com.sun.xml.ws.server.RuntimeEndpointInfo.createSEIModel(RuntimeEndpointInfo.java:170)
     at com.sun.xml.ws.server.RuntimeEndpointInfo.init(RuntimeEndpointInfo.java:317)
     at com.sun.xml.ws.transport.http.servlet.WSServletContextListener.createModelAndMetadata(WSServletContextListener.java:200)
     at com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:120)
     ... 11 more
[10/Dec/2009:21:21:44] failure (25757): PWC1306: Startup of context /wstest failed due to previous errors
[10/Dec/2009:21:21:44] failure (25757): Null component com.sun.web-3:type=JspMonitor,name=jsp,WebModule=//localhost/wstest,J2EEApplication=null,J2EEServer=none
[10/Dec/2009:21:21:44] info (25757): CORE3280: A new configuration was successfully installed
[10/Dec/2009:21:21:44] info (25757): WSSERVLET13: JAX-WS context listener destroyedAm I simply missing something obvious here?
Thanks,
Bill

OK, I've made significant progress.
As I suspected, JAX-WS was indeed supposed to generate the missing class for me, but while it appears to do so automatically when deploying in Tomcat, it is necessary to hack your build.xml file to add the generated classes to your WAR file for WS7. Reference [http://developers.sun.com/webtier/reference/techart/websvcs_nb.html] for a (rather dated) description of how to deploy a JAX-WS service on WS7 (using Netbeans 5.0!).
Note that as of NB6.7/6.8 much of the manual process is now done automatically by Netbeans, but curiously, not the part that actually causes the web service code to be generated. For that, we have to manually modify the build.xml to include a "-pre-dist" target that invokes the wsgen Ant task.
This is the target I added to build.xml for this sample calculator service:
<target name="-pre-dist">
    <taskdef name="wsgen" classname="com.sun.tools.ws.ant.WsGen">
      <classpath path="${javac.classpath}:${j2ee.platform.classpath}"/>
    </taskdef>
    <wsgen
      debug="true"
      keep="true"
      destdir="build/web/WEB-INF/classes"
      resourcedestdir="build/web/WEB-INF/classes"
      xendorsed="true"
      sei="org.me.calculator.CalculatorWS">
      <classpath>
        <pathelement path="${javac.classpath}:${j2ee.platform.classpath}"/>
        <pathelement location="${java.home}/../lib/tools.jar"/>
        <pathelement location="build/web/WEB-INF/classes"/>
      </classpath>
    </wsgen>
</target>That will allow the project to build and deploy successfully, and I am now able to view my WSDL.
However, at first the service itself was not working. After a bit of casting about, I determined that this was due to the fact that at some point I had added the METRO library to the project rather than simply the JAX-WS 2.2 library. After returning the configuration to just use JAX-WS and doing a clean build and deploy, the simple web service now works!
One thought does emerge from all this, though: if the built in support for Tomcat runs wsgen for me when I deploy an app to that container, perhaps the Sun WS7 team needs to update their Netbeans plugin to do this for us, too. I should probably open a support case on that...
OK, now on to real work. ;-)
Bill

Cisco Aironet FW 15.2 Does not work with Non-Cisco Media Bridges

I have a Cisco Aironet 1142i that was just updated from 12.4(23c)JY to 15.2(4)JA1 (don’t think model matters as the issue seem to be the firmware) and now I cannot get my media bridges (3 different ones) to either connect to the 1142 AP or obtain and pass the DHCP addresses to other device connected to the built in switch. If I reload the 1142 AP firmware to 12.4, than this works fine. I have not seen anything in the release notes that changed how this works or if there is I could not find it.
Does anyone know why this changed and if there is any settings that I need to enabled / disable?
Any help on this would be greatly appreciated

More info to add to this.
AIR-AP1142N-A-K9 Hardware Version of v06 works with firmware 15.2.
AIR-AP1142N-A-K9 Hardware Version v05 does not work with firmware 15.2, but will when downgraded to firmware 12.4.
I'm also having this issue with Cisco Aironet 3602 Fw 15.2(2)JB and 3502 Fw 15.2(2)JB$ that's on a Cisco 2500 WLAN Controller Sw Ver. 7.4.100.0.
Any help on this would be greatly appreciated

HT1688 My Hot Spot does not work after update to 6.0.1. Service is with ATT. Apple says problem is with ATT, ATT says problem is with Apple. Anyone else having this problem?

My Hot Spot does not work after update to 6.0.1. Any suggestions?

Ok, I had the same issue, my phone is unlocked(iphone 5 with 6.1.3). So I went to the apple store and had it replaced. it worked good for a day and started doing the same thing. When the apple tech replaced my phone, he transfered my screen protector to the new one.
so I thought it was my sim card, I put in my sisters sim card from a different carrier and it did the same, so then I was like let me take off the screen protector, and that was it.
so guys, if you have a screen protector on your phone and it's doing "low signal", "No Service", "Searching", "Full bars cycle" then take off the screen protector. so far my phone is working normal.

HT4995 My iPad 2 Location Service works fine but does not work on my home Airport router. How can I fix the problem?

My iPad 2 Location Service works fine but does not work on my home Airport router. How can I fix the problem?

lbryan1987 wrote:
I dont want the button problem solved i need to know how to restore the phone without using that button or going into settings
You don't in the condition it's in. You will either have to get the phone replaced by Apple or pay a 3rd party to repair it.
there seriously should be more than two ways to solve this other wise apple is useless and we will never buy another apple product.
Seriously? It's physically broken!

Cisco/IPsec VPN built-in service of 10.6.1 does not work!

Similar Messages

Maybe you are looking for