Conecting to MS Access via a network

Hi folks,
I'm trying to get my program to access a database via a network and I'm testing (perhaps unwisely) with MS Access. The first step was using:
    driver="sun.jdbc.odbc.JdbcOdbcDriver";
    connectString="jdbc:odbc:Test";
    Class.forName( driver );
    con = DriverManager.getConnection( connectString, "", "" );and setting this up using User DSN/System DSN in the OBDC manager on win2000.
This works fine and I can establish a connection. My next step was to add my computer name or IP address with the thought when it work I can change either one to another computer. These efforst have been so far to no avail. I keep getting the error message:
java.sql.SQLException: [Microsoft][ODBC Driver Manager] Data source name not found and no default driver specifiedSome of the variations I've tried so far are:
    connectString="jdbc:odbc://1.1.1.92/Test";
    connectString="jdbc:odbc://127.0.0.1/Test";
    connectString="jdbc:odbc://computername/Test";
    connectString="jdbc:odbc://1.1.1.92/Test1"; with Test1 defined as a file DSN in the OBDC Manager
The only "minor" success was
    connectString="jdbc:odbc://computername.proxyservername/Pete"; Pete defined as a file DSN in the OBDC Manager again
This produced the error "java.sql.SQLException: [Microsoft][ODBC Driver Manager] Data source name too long" which doesn't help me either.
Has anyone managed this before and tell me how or give me some tips?
Thanks a lot in advance,
Pete
PS. After searching the forums I've also tried:
    con = DriverManager.getConnection("jdbc:odbc:Driver={MicroSoft Access Driver (*.mdb)};DBQ=D:test.mdb", "", "" );This works.
    con = DriverManager.getConnection("jdbc:odbc:Driver={MicroSoft Access Driver (*.mdb)};DBQ=//compname.proxyname/D:\\test.mdb", "", "" );Doesn't work :-(

Has anyone managed this before and tell me how or give me some tips?To connect to MS Access using the ODBC driver via the jdbc-odbc bridge, you have two choices: use a DSN or use a DSN-less connection string.
The MS Access driver only uses the file system for accessing the file. There is no way at all for you to specify a remote computer using the driver. None.
As mentioned you can map a drive to your computer and use that. That however requires that every client have that drive mapped. That is seldom a workable solution. And it is unusable on the internet.
The DSN-less connection string must be exactly correct or it will not work. The usual problem is that there are extra spaces or not enough.
See here for an example of DSN-less http://forum.java.sun.com/thread.jsp?forum=48&thread=259008
See here for an explaination of ODBC in general and how to access MS Access remotely http://forum.java.sun.com/thread.jsp?forum=48&thread=211735&start=2

Similar Messages

Access via a network to an external hard disk ?

Hello,
My wife can access with her PC (vi$ta) my Mac's Public folder through our router but she can not see my external hard disk, an alias does not help.
So each time I have to move files from my external HD to the Mac.
The inverse solution, me dropping files on her PC is "not possible", we can not, I have to work too
What should I do to give her a access to all the external HD or to some specific folders on the external HD ?
To connect to my mac she has to login, I would like to keep this for security reasons.
Thanks a lot.

You can add a share point - for Tiger, a handy utility to use is SharePoints (Leopard has this feature built-in via the Sharing preferences).

No internet access via guest network

I have setup up a guest wifi network on time capsule. Guests can connect to the network but the network does not allow them to access the internet?

That would be the issue.
The simplest fix would be to use the wireless on the Netgear for "guests".
Next option would be to ask your provider if they can supply you with a simple modem.....not a modem/router or gateway type of device.
After that.....not recommended.....you could try a different setting on the Time Capsule which would produce an error called Double NAT on the network....that may or may not allow things to work and create other problems as well.

Cannot access webserver across network

Hi all,
a little background then on to the problem
small group running 4 work stations and one server. Server used to run apache 2 under OS X 4.7 but we have upgraded to OS X Server tiger 10.4.8
Prior to upgrading the webserver, we could mount the webserver machine on our desktops (apple+K then browse or enter the server's LAN IP) to add files, make changes to static pages etc to the web root directory...nice and easy
But since upgrading to OS X Server, we cannot mount or even see the server machine on the network. We can mount our workstations from the server via apple+k but that is a bit pointless unless we each keep a drive mounted on the server and drop changes into the mounted drives then walk over to the server to move the files around on the actual server machine (which negates the benefits of having a network!
So my question is....can anyone tell me how can we mount our server machine on to individual workstations we can make changes to web pages and directories.
I know some may say FTP but I really dont want to go that way as access via the network (apple+k) was a much quicker and easier method.
thanks,
Tristan

Have you verified that the file sharing service on the server is actually running?
From your description it sounds like the server isn't running, and therefore you're not going to get to mount its volumes.
I haven't heard of problems with services getting turned off as part of an OS upgrade, but anything's possible.
From your description I'm guessing you're using AFP, so check Server Admin to ensure that AFP is running. You might also need to check Workgroup Manager to ensure that the correct set of directories are being shared.

Access via Proxy Server to App Store

Hello,
Is it possible to have access via our network and internet proxy by using the Cisco VN Client (Port 8080)?
Has anyone done that before?
Surfing in the internet works. When accessing the App Sore, the user / password has been requested again.
After entering it, I do not get access.
Any idea - why?
Thanks and regards,
Patrick

Are you performing any filtering? Not only are components loading from *.apple.com but also streamhost.com (particularly the top app lists etc)

TS2972 I assume my Apple TV should allow me to view all events,albums and slideshows but It only allows four events to display on my TV. I'm using a Optus mini Wi Fi for my home network. Could this be the reason for limited access via my iMac computer? Ch

I assume my Apple TV should allow me to view all events, albums and slideshows in my iPhotos app but it only allows four events and four albums to display on my television. I'm using a Optus mini Wi Fi for my home network. Could this be the reason for limited access via my iMac computer?
Chris

No, I have not chosen photos to share as I assumed that the Apple TV would access all photos and music that are stored on my iMac.
Thanks for your advice. I will check it out.
Chris

Network camera access via airport extreme ie: i need to assign a port and a

please help me i have a cabin in the mountains that is off the grid... and i use solar power... i have my internet access via wifi and an antenna... it goes to a d-link router in my electric room then from there via a cat 5 cable to a apple airport extreme base station... and i would like to plug the camera into the base station via a cat 5 cable....
i am trying to set up a network camera to via a airport extreme base station.... the tech support on the camera end (airlink 101 skyIP cam500 model aicn500) said to enable port 80 and to assign a IP address (which i have)... apple support has been unable to help me after almost 1 hour with tech support.... here is what the camera tech support page suggests....
You will now need to forward the Second HTTP Port through your router to the IP address of the camera. If you have an AirLink101 router, we have instructions in our knowledge base for port forwarding. If you have a router from another company, you will need to contact them for instructions on port forwarding.
When accessing the camera from a remote location you will need to open a browser and type in the internet IP address of your network (not the ip address of the camera) and the port into a web browser. The address and port will need to be typed in like this:
http://x.x.x.x:port
x.x.x.x = Internet IP address
port = Second HTTP Port
Here is an example of what it would look like: http://123.123.123.123:81
can anyone please help me?

i can not thank you enough for taking the time time to help me!!! i really appreciate it.... i have done the set up with the d link router and am now trying to access the camera from the web.... but i am having trouble logging in and finding it? i am not sure what ip address to enter into my web browser? i think that i need to add the ip addresss folllowed by a forward slash and then the port # 80.... but what ip address should i add? in the device info part of the d link router i have found a number of ip address's... but none of them seem to work? what am i doing wrong? or not doing? my apple base station is set up in the bridge mode with a password to protect it...
thanks again...
josh

Out of the blue, my ITouch is unable to access my wireless network ONLY when my PC has been turned on (PC is connected via Ethernet cable, and has no wireless capability as far as I know). What gives? It works fine when the PC is off.

Out of the blue, my ITouch is unable to access my wireless network ONLY when my PC is on (the PC is connected via Ethernet cable, and has no wireless capabilities that I know of). What gives? When the PC is turned off, everything is totally fine. I\m stumped.

Does the iOS device connect to other networks?
Does the iOS device see the network?
Any error messages?
Do other devices now connect?
Did the iOS device connect before?
Try the following to rule out a software problem:
- Reset the iOS device. Nothing will be lost
Reset iOS device: Hold down the On/Off button and the Home button at the same time for at
least ten seconds, until the Apple logo appears.
- Power off and then back on your router
.- Reset network settings: Settings>General>Reset>Reset Network Settings
- iOS: Troubleshooting Wi-Fi networks and connections
- Wi-Fi: Unable to connect to an 802.11n Wi-Fi network
I suspect a problem with your router. Try changing the security. First use no security as a test.
- iOS: Recommended settings for Wi-Fi routers and access points
- Restore from backup. See:
iOS: How to back up
- Restore to factory settings/new iOS device.
If still problem and it does not connect to any networks make an appointment at the Genius Bar of an Apple store since it appears you have a hardware problem.
Apple Retail Store - Genius Bar

External drive access via network

I have two computers connected via wired network
When i first upgraded to leopard, i could access external hard drives connected to one computer from the other computer, now the drives do not appear, even though i have specified them as shared folders.
any ideas?

ctsurg—
having the same problem. apple seems to be clueless as to why this 10.5.1 has a problem accessing external drives that are networked via hub by a rj-45 connector. i manage a small outfit an have another mac that runs 10.4.11 the networked external storage drive shows up fine. when i've tried to connect to the external from 10.5.1 no such luck. what is interesting is that 10.5.1 may connect or may not depending on the day. when it does connect it's buggy. it may show up 2 or 3 hours later under the shared option in the left column or the shared column will not show up at all. my next step is to return to 10.4.11.

ASA 5505 VPN no access to inside network

Trying to set up ipsec/l2tp vpn to provide full access to internal network for remote users with only Windows built-in vpn client.
The vpn client can connect successfully, but can't see anything on the inside network.
The ASA is not the gateway for hosts on the internal network
name x.y.z.129 isp-gateway
name 172.16.1.0 vpn-address-pool
name 10.11.10.0 inside-network
name x.y.z.128 outside-network
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
access-list vpn extended permit ip inside-network 255.255.254.0 vpn-address-pool 255.255.255.0
access-list outside_access_in extended permit ip any any
global (outside) 1 interface
nat (outside) 1 vpn-address-pool 255.255.255.0
nat (inside) 0 access-list vpn
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 isp-gateway 1
ciscoasa# show route
Gateway of last resort is cic-gateway to network 0.0.0.0
C    outside-network 255.255.255.128 is directly connected, outside
S    172.16.1.5 255.255.255.255 [1/0] via isp-gateway, outside
C    inside-network 255.255.254.0 is directly connected, inside
S*   0.0.0.0 0.0.0.0 [1/0] via isp-gateway, outside

Do you configure split tunnel or no split tunnel policy?
Also when you are connected and try to access internal network, can you pls share the output of :
show cry isa sa
show cry ipsec sa

VPN Access to an IP that can be accessed via EIGRP

I have a question. I have a VPN that sits on the external interface using the IP of 10.5.79.X/20. I have a production network connected to a corporate network using MPLS and EIGRP to share the routes. The production network can access the corporate network, but the the VPN users can't. I need to be able to access anything on that network which is mainly a 172.18.0.0 summarized by EIGRP network. I had this working before, but can't get it working again about my Firewall dumped on me.
ASA Version 8.4(2)
hostname hp-asa-5510-DR
enable password 1qF1n5PuI7A.2DV. encrypted
passwd 1qF1n5PuI7A.2DV. encrypted
names
dns-guard
interface Ethernet0/0
speed 100
duplex full
nameif external
security-level 0
ip address *142.189.26 255.255.255.252
interface Ethernet0/1
nameif internal
security-level 100
ip address 10.5.64.6 255.255.240.0
interface Ethernet0/1.1
vlan 2
nameif Guest
security-level 90
ip address 192.168.3.1 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
boot system disk0:/asa842-k8.bin
boot system disk0:/asa821-k8.bin
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
dns domain-lookup external
dns domain-lookup internal
dns server-group DefaultDNS
name-server 208.67.222.222
dns server-group Guest
name-server 10.5.64.197
name-server 8.8.8.8
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj-10.5.65.239
host 10.5.65.239
object network obj-10.5.65.253
host 10.5.65.253
object network obj-10.5.65.42
host 10.5.65.42
object network obj-10.5.65.219
host 10.5.65.219
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network Cegedim
subnet 10.5.250.0 255.255.255.248
description dendrite site to site VPN
object network dfb
subnet 10.5.0.0 255.255.0.0
object network lausanne
subnet 192.168.250.0 255.255.255.0
description Lausanne
object network dfbgroup
subnet 10.5.0.0 255.255.0.0
object network DPT
subnet 10.5.16.0 255.255.240.0
object network hpbexch
host 10.5.64.198
object network hpbmsvpn
host 10.5.64.196
object network kacehost
host 10.5.65.189
object network hpbsentry
host 10.5.64.194
object network hpbMDM
host 10.5.64.195
object network hperoom
host 10.5.65.211
description healthpoint eroom server
object network spintranet
host 10.5.65.185
description sharepoint intranet
object network spsales
host 10.5.65.194
description sharepoint sales
object network spteams
host 10.5.65.183
description sharepoint teams
object network Guest
subnet 192.168.3.0 255.255.255.0
object network Crystal
host 10.5.65.203
object network ERPLN
host 10.5.65.234
object network ERPLNDB
host 10.5.65.237
object service dpt
service tcp source range 1 65000 destination range 1 65000
description dpt ports
object network Documentum
host 10.5.17.216
object network DPTDocumentum
host 10.5.17.216
description Documentum
object network EzDocs
host 10.5.17.235
description EzDocs
object network Aerosol
subnet 10.5.32.0 255.255.240.0
object network Brooks
subnet 10.5.128.0 255.255.240.0
object network DPTScience
subnet 10.5.48.0 255.255.240.0
object network LakeWood
subnet 10.5.80.0 255.255.240.0
object network Plant
subnet 10.5.0.0 255.255.240.0
object network warehouse
subnet 10.5.240.0 255.255.240.0
object network NotesApps
host 10.5.65.235
object network DPTNotes
host 10.5.17.246
object network DNSServer
host 10.5.64.197
object network GuestNetwork
subnet 192.168.3.0 255.255.255.0
object network KACE
host 10.5.65.189
object network mdm2
host 10.5.64.195
object network guesterooms
host 10.5.65.211
object network DNSServer2
host 10.5.64.199
object network asa_LAN
host 10.5.64.6
object network guestspsales
host 10.5.65.194
object network JohnsonControlServer
host 10.5.65.33
description JC Server
object network guestexchange
host 10.5.64.198
description Guest Exchange
object network guestmobile2
host 10.5.64.194
object network DPTDocB
host 10.5.17.215
object-group service EDI tcp
port-object eq 50080
port-object eq 6080
port-object eq www
object-group service Exchange tcp
port-object eq 587
port-object eq www
port-object eq https
port-object eq smtp
object-group service Lotus-Sametime tcp
port-object eq 1503
port-object eq 1516
port-object eq 1533
port-object eq 8081
port-object range 8082 8084
port-object range 9092 9094
port-object eq www
port-object eq https
port-object eq lotusnotes
port-object eq rtsp
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service VPN-MS tcp-udp
port-object eq 1701
port-object eq 1723
port-object eq 4500
port-object eq 500
object-group network Verizon-Servers
network-object 216.82.240.0 255.255.240.0
network-object 85.158.136.0 255.255.248.0
network-object 193.109.254.0 255.255.254.0
network-object 194.106.220.0 255.255.254.0
network-object 195.245.230.0 255.255.254.0
network-object 62.231.131.0 255.255.255.0
network-object 64.124.170.128 255.255.255.240
network-object 212.125.74.44 255.255.255.255
network-object 195.216.16.211 255.255.255.255
object-group network FDA_SecureEmail
network-object host 150.148.2.65
network-object host 150.148.2.66
object-group network Web-Server-Stuff
network-object host 204.71.89.34
network-object host 204.71.89.35
network-object host 204.71.89.33
network-object host 66.240.207.149
network-object host 68.168.88.169
network-object host 50.112.164.102
object-group service DFB-eRoom tcp
port-object eq www
port-object eq https
object-group network EDI-Customers
network-object host 129.33.204.13
network-object host 143.112.144.25
network-object host 160.109.101.195
network-object host 198.89.160.113
network-object host 199.230.128.125
network-object host 199.230.128.85
network-object host 205.233.244.208
network-object host 198.89.170.134
network-object host 198.89.170.135
network-object host 199.230.128.54
object-group service MDM tcp
description MobileIron ports
port-object eq 9997
port-object eq 9998
port-object eq https
object-group network OpenDNS
description OpenDNS Servers
network-object host 208.67.220.220
network-object host 208.67.222.222
network-object host 8.8.8.8
network-object host 68.113.206.10
object-group network healthpoint
network-object 10.5.64.0 255.255.240.0
object-group network vpnpool
network-object 10.5.79.0 255.255.255.0
object-group network dfb_group
network-object object dfbgroup
object-group network lausanne_group
network-object 192.168.250.0 255.255.255.0
object-group network DPTNetwork
network-object object DPT
network-object object Aerosol
network-object object Brooks
network-object object LakeWood
network-object object Plant
object-group network DM_INLINE_NETWORK_1
network-object object Cegedim
network-object object lausanne
group-object DPTNetwork
network-object object DPTNotes
object-group service DFB-Allow tcp
port-object eq 1025
port-object eq 1119
port-object eq 1120
port-object range 1222 1225
port-object eq 1433
port-object eq 1503
port-object eq 1516
port-object eq 1533
port-object range 16384 16403
port-object eq 1755
port-object eq 1919
port-object eq 1935
port-object range 2195 2196
port-object eq 3050
port-object eq 3080
port-object eq 3101
port-object eq 3244
port-object eq 3264
port-object eq 3306
port-object eq 3389
port-object eq 3724
port-object eq 4000
port-object eq 402
port-object range 4080 4081
port-object eq 4085
port-object eq 50080
port-object eq 5085
port-object range 5220 5223
port-object eq 5297
port-object eq 5298
port-object eq 5353
port-object eq 5550
port-object eq 5678
port-object eq 58570
port-object eq 5900
port-object eq 6080
port-object eq 6112
port-object eq 6114
port-object eq 6900
port-object eq 7800
port-object eq 8010
port-object eq 8080
port-object eq 8084
port-object eq 81
port-object eq 9081
port-object eq 9090
port-object eq 9997
port-object eq aol
port-object eq citrix-ica
port-object eq echo
port-object eq ftp
port-object eq ftp-data
port-object eq www
port-object eq https
port-object eq lotusnotes
port-object eq rtsp
port-object eq sip
port-object eq sqlnet
port-object eq ssh
port-object eq 442
object-group network webservers
network-object host 204.71.89.34
network-object host 204.71.89.35
object-group network DM_INLINE_NETWORK_2
network-object object KACE
network-object object guesterooms
network-object object guestspsales
network-object object JohnsonControlServer
network-object object mdm2
object-group network DM_INLINE_NETWORK_3
network-object host 10.5.65.230
network-object host 10.5.65.232
network-object object hpbexch
object-group service DM_INLINE_TCP_1 tcp
port-object eq www
port-object eq https
object-group service kace tcp
port-object eq 52230
port-object eq www
port-object eq https
port-object eq 445
port-object eq netbios-ssn
object-group service DM_INLINE_TCP_0 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_SERVICE_1
service-object ip
service-object tcp destination eq www
service-object tcp destination eq https
object-group service DM_INLINE_TCP_2 tcp
port-object eq www
port-object eq https
object-group network VLAN_Switches
network-object host 192.168.10.10
network-object host 192.168.10.11
network-object host 192.168.10.12
network-object host 192.168.10.13
network-object host 192.168.10.14
network-object host 192.168.10.15
network-object host 192.168.10.16
network-object host 192.168.10.17
network-object host 192.168.10.1
object-group network Crystal_ERP
description Crystal Enterprise and Infor LN
network-object object Crystal
network-object object ERPLN
network-object object ERPLNDB
network-object object NotesApps
object-group service DM_INLINE_SERVICE_2
service-object ip
service-object tcp destination eq www
service-object tcp destination eq https
object-group network GuestDNS
description DNS Servers for Guest
network-object object DNSServer
network-object object DNSServer2
object-group service DM_INLINE_TCP_3 tcp
port-object eq 3389
port-object eq 3390
object-group network DM_INLINE_NETWORK_4
group-object healthpoint
group-object vpnpool
access-list external_access_out extended permit object-group DM_INLINE_SERVICE_1 192.168.3.0 255.255.255.0 any
access-list external_access_out remark Production ACL
access-list external_access_out extended permit tcp any any object-group DFB-Allow
access-list external_access_out extended permit icmp any any
access-list external_access_out extended permit tcp any object-group Web-Server-Stuff
access-list external_access_out remark Site to Site connections
access-list external_access_out extended permit ip any object-group DM_INLINE_NETWORK_1
access-list external_access_out extended permit udp any object-group OpenDNS eq domain
access-list external_access_out extended permit ip object-group DM_INLINE_NETWORK_3 any
access-list split standard permit 10.5.64.0 255.255.240.0
access-list split standard permit 10.5.250.0 255.255.255.248
access-list split standard permit 10.5.128.0 255.255.240.0
access-list split standard permit 10.5.144.0 255.255.240.0
access-list split standard permit 10.5.16.0 255.255.240.0
access-list split standard permit 10.5.32.0 255.255.240.0
access-list split standard permit 10.5.96.0 255.255.240.0
access-list split standard permit 10.5.80.0 255.255.240.0
access-list split standard permit 10.5.48.0 255.255.240.0
access-list split standard permit 10.5.0.0 255.255.240.0
access-list split remark lausanne
access-list split standard permit 192.168.250.0 255.255.255.0
access-list split standard permit 172.18.0.0 255.255.0.0
access-list split remark HP
access-list external_access_in extended permit object-group DM_INLINE_SERVICE_2 any 192.168.3.0 255.255.255.0
access-list external_access_in remark Sharepoint
access-list external_access_in extended permit tcp any object spsales object-group DM_INLINE_TCP_2
access-list external_access_in remark Sharepoint
access-list external_access_in extended permit tcp any object spteams object-group DM_INLINE_TCP_1
access-list external_access_in remark Sharepoint
access-list external_access_in extended permit tcp any object spintranet object-group DM_INLINE_TCP_0
access-list external_access_in remark healthpoint erooms
access-list external_access_in extended permit tcp any object hperoom object-group DFB-eRoom
access-list external_access_in remark MDM2 VSP
access-list external_access_in extended permit tcp any object hpbMDM object-group MDM
access-list external_access_in remark New Sentry
access-list external_access_in extended permit tcp any object hpbsentry eq https
access-list external_access_in remark kace mgmt appliacne
access-list external_access_in extended permit tcp any object kacehost object-group kace
access-list external_access_in remark authentication server
access-list external_access_in extended permit object-group TCPUDP any object hpbmsvpn object-group VPN-MS
access-list external_access_in extended permit gre any object hpbmsvpn
access-list external_access_in remark HPB.NET new forest Exchange
access-list external_access_in extended permit tcp any object hpbexch object-group Exchange
access-list external_access_in remark EDI Inbound
access-list external_access_in extended permit tcp any host 10.5.65.42 object-group EDI
access-list AnyConnect_Client_Local_Print extended deny ip any any
access-list AnyConnect_Client_Local_Print extended permit tcp any any eq lpd
access-list AnyConnect_Client_Local_Print remark IPP: Internet Printing Protocol
access-list AnyConnect_Client_Local_Print extended permit tcp any any eq 631
access-list AnyConnect_Client_Local_Print remark Windows' printing port
access-list AnyConnect_Client_Local_Print extended permit tcp any any eq 9100
access-list AnyConnect_Client_Local_Print remark mDNS: multicast DNS protocol
access-list AnyConnect_Client_Local_Print extended permit udp any host 224.0.0.251 eq 5353
access-list AnyConnect_Client_Local_Print remark LLMNR: Link Local Multicast Name Resolution protocol
access-list AnyConnect_Client_Local_Print extended permit udp any host 224.0.0.252 eq 5355
access-list AnyConnect_Client_Local_Print remark TCP/NetBIOS protocol
access-list AnyConnect_Client_Local_Print extended permit tcp any any eq 137
access-list AnyConnect_Client_Local_Print extended permit udp any any eq netbios-ns
access-list external_cryptomap extended permit ip object-group healthpoint object Cegedim
access-list external_cryptomap_1 extended permit ip object-group dfb_group object-group lausanne_group
access-list external_cryptomap_2 extended permit ip object-group DM_INLINE_NETWORK_4 object-group DPTNetwork
access-list Guest_access_in extended deny tcp 192.168.3.0 255.255.255.0 object-group GuestDNS object-group DM_INLINE_TCP_3 inactive
access-list Guest_access_in extended permit ip 192.168.3.0 255.255.255.0 object-group GuestDNS inactive
access-list Guest_access_in extended permit ip 192.168.3.0 255.255.255.0 object-group DM_INLINE_NETWORK_2
access-list Guest_access_in extended deny ip 192.168.3.0 255.255.255.0 10.5.64.0 255.255.240.0
access-list Guest_access_in extended permit ip 192.168.3.0 255.255.255.0 any
access-list Guest_access_out extended permit ip any any inactive
access-list Guest_access_out extended permit ip any 192.168.3.0 255.255.255.0
no pager
logging enable
logging buffer-size 1045786
logging asdm informational
mtu external 1500
mtu internal 1500
mtu Guest 1500
mtu management 1500
ip local pool HPVPNClients 10.5.79.0-10.5.79.254 mask 255.255.255.0
ip verify reverse-path interface external
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any external
icmp permit any internal
asdm image disk0:/asdm-645.bin
no asdm history enable
arp external *142.189.93 0024.c4c0.4cc0
arp timeout 14400
nat (internal,external) source static dfb dfb destination static vpnpool vpnpool route-lookup
nat (internal,external) source static dfb dfb destination static lausanne lausanne
nat (internal,external) source static healthpoint healthpoint destination static Cegedim Cegedim
nat (external,internal) source static DPTNetwork DPTNetwork destination static Crystal_ERP Crystal_ERP no-proxy-arp
nat (internal,external) source static healthpoint healthpoint destination static DPTDocumentum DPTDocumentum unidirectional
nat (internal,external) source static healthpoint healthpoint destination static DPTDocB DPTDocB unidirectional
nat (internal,external) source static healthpoint healthpoint destination static EzDocs EzDocs unidirectional
nat (internal,external) source static healthpoint healthpoint destination static DPTNotes DPTNotes unidirectional
object network obj-10.5.65.239
nat (internal,external) static *142.189.82
object network obj-10.5.65.253
nat (internal,external) static *142.189.83
object network obj-10.5.65.42
nat (internal,external) static *142.189.84
object network obj-10.5.65.219
nat (internal,external) static *142.189.87
object network obj_any
nat (internal,external) dynamic interface dns
object network hpbexch
nat (internal,external) static *142.189.91
object network hpbmsvpn
nat (internal,external) static *142.189.82
object network kacehost
nat (internal,external) static *142.189.90
object network hpbsentry
nat (internal,external) static *142.189.92
object network hpbMDM
nat (internal,external) static *142.189.93
object network hperoom
nat (internal,external) static *142.189.88
object network spintranet
nat (internal,external) static *142.189.85
object network spsales
nat (internal,external) static *142.189.89
object network spteams
nat (internal,external) static *142.189.94
object network GuestNetwork
nat (Guest,external) dynamic interface
access-group external_access_in in interface external
access-group external_access_out out interface external
access-group Guest_access_in in interface Guest
access-group Guest_access_out out interface Guest
route external 0.0.0.0 0.0.0.0 *142.189.25 1
route external 10.5.16.0 255.255.240.0 *142.189.25 1
route external 10.5.32.0 255.255.240.0 *142.189.25 1
route external 10.5.80.0 255.255.240.0 *142.189.25 1
route external 10.5.128.0 255.255.240.0 *142.189.25 1
route external 10.5.240.0 255.255.240.0 *142.189.25 1
route external 10.5.250.0 255.255.255.248 *142.189.25 1
route internal 172.18.0.0 255.255.255.255 10.5.64.1 1
route external 192.168.250.0 255.255.255.0 *142.189.25 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server VPN-RADAuth protocol radius
aaa-server VPN-RADAuth (internal) host 10.5.65.253
key *****
radius-common-pw *****
aaa-server VPN-RADAuth (internal) host 10.5.65.240
key *****
aaa-server VPN-RADAuthHPB protocol radius
aaa-server VPN-RADAuthHPB (internal) host 10.5.64.196
key *****
radius-common-pw *****
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
http 10.5.0.0 255.255.0.0 internal
http 0.0.0.0 0.0.0.0 external
http 0.0.0.0 0.0.0.0 internal
snmp-server host internal 10.5.65.210 community ***** version 2c
snmp-server location Healthpoint.Vickery
snmp-server contact Jonathan Henry
snmp-server community *****
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map external_map 1 match address external_cryptomap
crypto map external_map 1 set peer 64.126.222.190
crypto map external_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map external_map 2 match address external_cryptomap_1
crypto map external_map 2 set pfs
crypto map external_map 2 set peer 109.164.216.164
crypto map external_map 2 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map external_map 3 match address external_cryptomap_2
crypto map external_map 3 set peer 12.197.232.98
crypto map external_map 3 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map external_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map external_map interface external
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ca trustpoint ASDM_TrustPoint0
keypair ASDM_TrustPoint0
crl configure
crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca 6ecc7aa5a7032009b8cebcf4e952d491
    308205ec 308204d4 a0030201 0202106e cc7aa5a7 032009b8 cebcf4e9 52d49130
    0d06092a 864886f7 0d010105 05003081 ca310b30 09060355 04061302 55533117
    30150603 55040a13 0e566572 69536967 6e2c2049 6e632e31 1f301d06 0355040b
    13165665 72695369 676e2054 72757374 204e6574 776f726b 313a3038 06035504
    0b133128 63292032 30303620 56657269 5369676e 2c20496e 632e202d 20466f72
    20617574 686f7269 7a656420 75736520 6f6e6c79 31453043 06035504 03133c56
    65726953 69676e20 436c6173 73203320 5075626c 69632050 72696d61 72792043
    65727469 66696361 74696f6e 20417574 686f7269 7479202d 20473530 1e170d31
    30303230 38303030 3030305a 170d3230 30323037 32333539 35395a30 81b5310b
    30090603 55040613 02555331 17301506 0355040a 130e5665 72695369 676e2c20
    496e632e 311f301d 06035504 0b131656 65726953 69676e20 54727573 74204e65
    74776f72 6b313b30 39060355 040b1332 5465726d 73206f66 20757365 20617420
    68747470 733a2f2f 7777772e 76657269 7369676e 2e636f6d 2f727061 20286329
    3130312f 302d0603 55040313 26566572 69536967 6e20436c 61737320 33205365
    63757265 20536572 76657220 4341202d 20473330 82012230 0d06092a 864886f7
    0d010101 05000382 010f0030 82010a02 82010100 b187841f c20c45f5 bcab2597
    a7ada23e 9cbaf6c1 39b88bca c2ac56c6 e5bb658e 444f4dce 6fed094a d4af4e10
    9c688b2e 957b899b 13cae234 34c1f35b f3497b62 83488174 d188786c 0253f9bc
    7f432657 5833833b 330a17b0 d04e9124 ad867d64 12dc744a 34a11d0a ea961d0b
    15fca34b 3bce6388 d0f82d0c 948610ca b69a3dca eb379c00 48358629 5078e845
    63cd1941 4ff595ec 7b98d4c4 71b350be 28b38fa0 b9539cf5 ca2c23a9 fd1406e8
    18b49ae8 3c6e81fd e4cd3536 b351d369 ec12ba56 6e6f9b57 c58b14e7 0ec79ced
    4a546ac9 4dc5bf11 b1ae1c67 81cb4455 33997f24 9b3f5345 7f861af3 3cfa6d7f
    81f5b84a d3f58537 1cb5a6d0 09e4187b 384efa0f 02030100 01a38201 df308201
    db303406 082b0601 05050701 01042830 26302406 082b0601 05050730 01861868
    7474703a 2f2f6f63 73702e76 65726973 69676e2e 636f6d30 12060355 1d130101
    ff040830 060101ff 02010030 70060355 1d200469 30673065 060b6086 480186f8
    45010717 03305630 2806082b 06010505 07020116 1c687474 70733a2f 2f777777
    2e766572 69736967 6e2e636f 6d2f6370 73302a06 082b0601 05050702 02301e1a
    1c687474 70733a2f 2f777777 2e766572 69736967 6e2e636f 6d2f7270 61303406
    03551d1f 042d302b 3029a027 a0258623 68747470 3a2f2f63 726c2e76 65726973
    69676e2e 636f6d2f 70636133 2d67352e 63726c30 0e060355 1d0f0101 ff040403
    02010630 6d06082b 06010505 07010c04 61305fa1 5da05b30 59305730 55160969
    6d616765 2f676966 3021301f 30070605 2b0e0302 1a04148f e5d31a86 ac8d8e6b
    c3cf806a d448182c 7b192e30 25162368 7474703a 2f2f6c6f 676f2e76 65726973
    69676e2e 636f6d2f 76736c6f 676f2e67 69663028 0603551d 11042130 1fa41d30
    1b311930 17060355 04031310 56657269 5369676e 4d504b49 2d322d36 301d0603
    551d0e04 1604140d 445c1653 44c1827e 1d20ab25 f40163d8 be79a530 1f060355
    1d230418 30168014 7fd365a7 c2ddecbb f03009f3 4339fa02 af333133 300d0609
    2a864886 f70d0101 05050003 82010100 0c8324ef ddc30cd9 589cfe36 b6eb8a80
    4bd1a3f7 9df3cc53 ef829ea3 a1e697c1 589d756c e01d1b4c fad1c12d 05c0ea6e
    b2227055 d9203340 3307c265 83fa8f43 379bea0e 9a6c70ee f69c803b d937f47a
    6decd018 7d494aca 99c71928 a2bed877 24f78526 866d8705 404167d1 273aeddc
    481d22cd 0b0b8bbc f4b17bfd b499a8e9 762ae11a 2d876e74 d388dd1e 22c6df16
    b62b8214 0a945cf2 50ecafce ff62370d ad65d306 4153ed02 14c8b558 28a1ace0
    5becb37f 954afb03 c8ad26db e6667812 4ad99f42 fbe198e6 42839b8f 8f6724e8
    6119b5dd cdb50b26 058ec36e c4c875b8 46cfe218 065ea9ae a8819a47 16de0c28
    6c2527b9 deb78458 c61f381e a4c4cb66
quit
crypto ca certificate chain ASDM_TrustPoint0
certificate 4b54478c1754b7
    30820563 3082044b a0030201 0202074b 54478c17 54b7300d 06092a86 4886f70d
    01010505 003081ca 310b3009 06035504 06130255 53311030 0e060355 04081307
    4172697a 6f6e6131 13301106 03550407 130a5363 6f747473 64616c65 311a3018
    06035504 0a131147 6f446164 64792e63 6f6d2c20 496e632e 31333031 06035504
    0b132a68 7474703a 2f2f6365 72746966 69636174 65732e67 6f646164 64792e63
    6f6d2f72 65706f73 69746f72 79313030 2e060355 04031327 476f2044 61646479
    20536563 75726520 43657274 69666963 6174696f 6e204175 74686f72 69747931
    11300f06 03550405 13083037 39363932 3837301e 170d3131 30313036 31393533
    33395a17 0d313331 31323932 31343730 315a305b 311a3018 06035504 0a13112a
    2e686561 6c746870 6f696e74 2e636f6d 3121301f 06035504 0b131844 6f6d6169
    6e20436f 6e74726f 6c205661 6c696461 74656431 1a301806 03550403 13112a2e
    6865616c 7468706f 696e742e 636f6d30 82012230 0d06092a 864886f7 0d010101
    05000382 010f0030 82010a02 82010100 c6609ef2 c19c47e9 016ce654 d151146e
    5d213545 ca896f4e cbb2624c 5ea6d7f0 7f18a82b e441020b 74d6ebd4 b7ef34c9
    97b80ce0 6eb1c1cc 3b296909 8a0a2ad7 2473fb60 ff0c9320 ec9b3fe3 82a501c4
    3c3855bd e0822ce1 e1d1fb03 4609639f 9359653b 091b6b48 5ce22806 234a55e5
    6f80ebba cfb68a22 6cd1e64e 756f22b5 13a6178d 9ffcfbbb 5ca4b773 50089a8b
    7e966a23 d4711a49 44c101fc a6b68e26 6a8d57f3 2fed1f6f ce6b0535 498c5c97
    bf0577fa 9d9a1e37 4ff3b9f0 913dac74 3f4d26c9 09aac485 ccd5dfb9 7aa226e8
    89075829 eff0cf99 b642e679 5a9dfe74 e5899e30 e07b6bbf a92fab33 cb8d7f65
    1d974861 8b02d78b bc7908a9 e70b1b59 02030100 01a38201 ba308201 b6300f06
    03551d13 0101ff04 05300301 0100301d 0603551d 25041630 1406082b 06010505
    07030106 082b0601 05050703 02300e06 03551d0f 0101ff04 04030205 a0303306
    03551d1f 042c302a 3028a026 a0248622 68747470 3a2f2f63 726c2e67 6f646164
    64792e63 6f6d2f67 6473312d 32382e63 726c304d 0603551d 20044630 44304206
    0b608648 0186fd6d 01071701 30333031 06082b06 01050507 02011625 68747470
    733a2f2f 63657274 732e676f 64616464 792e636f 6d2f7265 706f7369 746f7279
    2f308180 06082b06 01050507 01010474 30723024 06082b06 01050507 30018618
    68747470 3a2f2f6f 6373702e 676f6461 6464792e 636f6d2f 304a0608 2b060105
    05073002 863e6874 74703a2f 2f636572 74696669 63617465 732e676f 64616464
    792e636f 6d2f7265 706f7369 746f7279 2f67645f 696e7465 726d6564 69617465
    2e637274 301f0603 551d2304 18301680 14fdac61 32936c45 d6e2ee85 5f9abae7
    769968cc e7302d06 03551d11 04263024 82112a2e 6865616c 7468706f 696e742e
    636f6d82 0f686561 6c746870 6f696e74 2e636f6d 301d0603 551d0e04 16041475
    346fa066 c4b0cb48 a6aaf4d5 d03124fd 1babaf30 0d06092a 864886f7 0d010105
    05000382 01010080 81fec403 103ecd08 88f17283 68154d3e 92da6355 58c50ea9
    b6d2a2d1 86428614 44b3f27b ae00352d 0339f481 22d2bc3c 1f7a8458 495a337f
    f939fa9d 76c9635c ac1f5452 8ec504ae 6c90dfc2 70e3b620 c34aedb3 12f8facd
    ce45e918 af358576 b6711324 f5d53b62 77c2bb0d 6ff7a26c 1863c7fe eae6ee42
    c1855066 e994db91 af755c47 b257545f ee29c6ab 57104a27 890f7f9c f95898c8
    ed30eda7 9e86ebd4 c6007d3b 640e2312 3875410b 79ddff84 11454b83 7126ebbb
    ce9c916a d5839e2b 095310e0 51e7e0cd d71c4830 ec1177c8 0407c147 afa2a33a
    d058fa1b de4b2771 8af206c6 27e17249 1afbd515 d3f2845d a3699196 a9a7044c
    5738a868 e01e59
quit
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev1 enable external
crypto ikev1 policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 2
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto ikev1 policy 3
authentication pre-share
encryption 3des
hash sha
group 1
lifetime 86400
crypto ikev1 policy 4
authentication pre-share
encryption 3des
hash md5
group 1
lifetime 86400
crypto ikev1 policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet 10.5.0.0 255.255.0.0 internal
telnet 192.168.1.0 255.255.255.0 management
telnet timeout 5
ssh 10.5.0.0 255.255.0.0 internal
ssh timeout 5
console timeout 0
no vpn-addr-assign aaa
no vpn-addr-assign dhcp
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection basic-threat
threat-detection statistics port
threat-detection statistics protocol
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ntp server 10.5.65.242 source internal
ssl trust-point ASDM_TrustPoint0 external
webvpn
enable external
enable internal
anyconnect-essentials
anyconnect image disk0:/anyconnect-win-2.5.0217-k9.pkg 1
anyconnect profiles HP_Basic disk0:/HP_Basic.xml
anyconnect enable
tunnel-group-list enable
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
vpn-tunnel-protocol ikev1 ikev2
group-policy HPVPN internal
group-policy HPVPN attributes
banner value You are now connected to Healthpoint, Ltd.
wins-server none
dns-server value 10.5.64.199 10.5.64.197
dhcp-network-scope none
vpn-idle-timeout none
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
ip-comp disable
ipsec-udp enable
split-tunnel-policy tunnelspecified
split-tunnel-network-list value split
default-domain value hpb.net
split-dns none
split-tunnel-all-dns disable
user-authentication-idle-timeout none
address-pools value HPVPNClients
client-firewall none
client-access-rule none
webvpn
anyconnect keep-installer installed
anyconnect ssl compression none
anyconnect profiles value HP_Basic type user
anyconnect ask enable default anyconnect timeout 5
http-comp none
username bcline password Wpo.Polan03mKRJ9 encrypted privilege 15
username jhenry password wX50UveiwuBH7p7v encrypted privilege 15
username ittemp password zpQoWfp93rOS3NU7 encrypted privilege 5
tunnel-group HPVPN type remote-access
tunnel-group HPVPN general-attributes
address-pool HPVPNClients
authentication-server-group VPN-RADAuth
authentication-server-group (external) VPN-RADAuth
default-group-policy HPVPN
password-management password-expire-in-days 3
tunnel-group HPVPN webvpn-attributes
group-alias HPVPN enable
tunnel-group HPVPN ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 64.126.222.190 type ipsec-l2l
tunnel-group 64.126.222.190 ipsec-attributes
ikev1 pre-shared-key *****
ikev2 remote-authentication pre-shared-key *****
ikev2 local-authentication pre-shared-key *****
tunnel-group 109.164.216.164 type ipsec-l2l
tunnel-group 109.164.216.164 ipsec-attributes
ikev1 pre-shared-key *****
ikev2 remote-authentication pre-shared-key *****
ikev2 local-authentication pre-shared-key *****
tunnel-group 12.197.232.98 type ipsec-l2l
tunnel-group 12.197.232.98 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group HPB type remote-access
tunnel-group HPB general-attributes
address-pool HPVPNClients
authentication-server-group VPN-RADAuthHPB
authentication-server-group (external) VPN-RADAuthHPB
default-group-policy HPVPN
password-management password-expire-in-days 3
tunnel-group HPB webvpn-attributes
group-alias HPB disable
group-alias HPVPN_NEW enable
tunnel-group HPB ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group HPB ppp-attributes
authentication ms-chap-v2
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
no dns-guard
policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
inspect dns
service-policy global_policy global
prompt hostname context
service call-home
call-home reporting anonymous
call-home
contact-email-addr
profile CiscoTAC-1
destination address
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:f3c293700f62ee55af87105015fe4cd0
: end

You have to options:
1. The router that is internal must have a static route to the ASA to reach the VPN networks and must have a distribute static so that other routers that form part of EIGRP know how to route to the VPN networks.
2. You can configure on the ASA "set reverse-route" on the crypto map then configure EIGRP on the ASA and add redistribute static so that routes learned via VPN (considered static routes) can be pushed through EIGRP.

Remote TC access via port forwarding

I have been trying to setup my network for remote TC access via port forwarding. Here's my setup:
Verizon FiOS router (main router, dhcp & nat) -> connected to TC set in bridge mode with a static IP
I can remotely access the TC using Back to my Mac with no problems, and of course locally on the home network via Wifi.
Since the TC has to connect in bridge mode, port forwarding is done on the FiOS router.
If I set a port forwarding rule in the FiOS router TCP,UDP (any) to port 548, it works. However I want to use a specific connection port
so others can't connect unless they know the forwarded port. BTW, I have remote disk sharing set with Use Device Password.
So here's what works:
FiOS Router (TCP any -> 548, UDP any ->548)
What doesn't work:
FiOS router (TCP 8990 -> 548, UDP 8990 -> 548).
Is there any additional setting required for specific port forwarding to work?

You're my hero!
I also have my TC in Bridge Mode to my Verizon FIOS Router. I used to be able to access my TC remotely, but since I upgraded my router (MI424WR GigE), I had forgotten some port forwarding rules I must have established in my old router. Once I re-created these two port forwarding rules (just like yours), I can remote access my TC (with TC password) again.
In addition, I have a static host name aliased to my dynamic IP address through dyndns.org (I have the free version, which I don't think is available anymore, but there are other free providers out there) for easier remote access.
Regarding, Secure Share Disks: with TC password vs a disk password. Is one more secure than the other?
Thanks!

PIX 501 config - access to internal network not working from remote VPN users - everything on the inside is OK

One other thing - I had a problem with the key pairing so I rebuilt the rsa 1024 and the unit started working. Unfortunately I reloaded without the config in place and now I cannot get it to work again. Any help will be greatly apprecaited although I did review a dozen other posts of people having similar problems and for some reason there is never any conclusion as to the solution and I am not sure why.
Some other info from the client end:
I just ran the stats on the client and packets are being encrypted BUT none are decrypted.
Also Tunnel received 0 and sent 115119
Encryption is 168-bit 3-DES
Authentication is HMAC-SHA1
also even though the allow LAN is selected in the Cisco VPN client it states the local LAN is disabled in the client stats
also Transparent tunneling is selcted but in the stats it states it is inactive
I am connecting with the Cisco VPN Client Ver 5.0.07.0440
This config works. It is on the internal net 192.168..40.x and all users obtain dhcp and surf the web. It has required ports opened.The problem is that you can connect remotely via the VPN and you receive an IP address from the remote-vpn pool but you cannot see any machines on the internal network. The pix is at 40.2 and you cannot ping the pix and the pix from the remote PC connecting via the VPN and youcannot ping the remote PC from the PIX console when the remote is connected and receives the first IP address in the VPN pool of 192.168.40.25
I need to see the internal network and map network drives. I have another friend that is running the same config and it works but his computer is on a linksys wireless and has an IP of 192.168.1.x and the IP he receives from the VPN pool is 192.168.1.25 so I do not know if the same network is allowing this config to work even if there is an error in the config. In my present case I obtain the ip of 192.168.40.25 from the VPN pool and my connecting pc on 192.168.1.x I really am not sure how the VPN virtual adapter works. I am assuming it routes all traffic from your connecting PC to and from the virtual adapater but I really do not know for sure.
Other people have had similar issues with accessing the internal network from the VPN. One solution was the split-tunnel, another was the natting and another had to do with the encrption where there and an issue with the encrypt and ecrypt which was stopping the communicaton via the VPN.
I still cannot seem to find the issue with this config and any help will be greatly appreciated.
This is the config
interface ethernet0 100full
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password somepassword
hostname hostname
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
object-group network internal_trusted_net
network-object 192.168.40.0 255.255.255.0
object-group icmp-type icmp_outside
icmp-object echo-reply
icmp-object unreachable
icmp-object time-exceeded
icmp-object source-quench
access-list OutToIn permit icmp any xxx.xxx.xxx.0 255.255.255.248 object-group icmp_outside
access-list no_nat_inside permit ip 192.168.40.0 255.255.255.0 192.168.40.0 255.255.255.0
access-list split_tunnel permit ip 192.168.40.0 255.255.255.0 192.168.40.0 255.255.255.0
access-list OutToIn permit ip any any
access-list outbound permit ip any any
(NOTE: I had many more entries in the access list but removed them. Even with the above two allowing everything it does not work)
pager lines 24
mtu outside 1500
mtu inside 1500
ip address outside xxx.xxx.xxx.xxx 255.255.255.248
ip address inside 192.168.40.2 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
ip local pool vpn_client_pool 192.168.40.25-192.168.40.30
pdm history enable
arp timeout 14400
global (outside) 1 interface
I had this statement missing from the previous posted config but even with the nat (inside) 0 access-list no_nat_inside it still does not work.
nat (inside) 0 access-list no_nat_inside
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
access-group acl_outside_in in interface outside
access-group outbound in interface inside
route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
aaa-server LOCAL protocol local
http server enable
http 192.168.40.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community $XXXXXX$
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set 3des_strong esp-3des esp-sha-hmac
crypto dynamic-map clientmap 50 set transform-set 3des_strong
crypto map vpn 50 ipsec-isakmp dynamic clientmap
crypto map vpn client configuration address initiate
crypto map vpn client configuration address respond
crypto map vpn client authentication LOCAL
crypto map vpn interface outside
isakmp enable outside
isakmp identity address
isakmp client configuration address-pool local vpn_client_pool outside
isakmp nat-traversal 20
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
vpngroup remote-vpn split-tunnel split_tunnel
vpngroup remote-vpn idle-time 10800
vpngroup remote-vpn password ANOTHER PASSWORD
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh 192.168.40.0 255.255.255.0 inside
ssh timeout 30
console timeout 60
dhcpd address 192.168.40.100-192.168.40.131 inside
dhcpd dns xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx
dhcpd lease 3600
dhcpd ping_timeout 750
dhcpd enable inside
username AUSER password PASSWORD privilege 15
terminal width 80
****************** End of config
I have been searching docs and other people's postings trying to obtain the info to make this work. It appears pretty much boiler plate but I believe my problem is in the natting. I am using a range in the internal network for the VPN pool and I have tried switching this to other networks but this has not helped. Unfortunately I have been unable to get the PDM to work and I believe this is a PC config thing and I did not want to waste the time on it. I read a post where a person using the PDM interface with the same problem (not being able to access the internal network) was able to go to a section in the VPN wizard and set the Address Exeption Translation. They said they originally set the VPN subnet when they did not have to. Many of the other blogs I read also stated that if the natting is not proper for the VPN pool- that it will not work but I am confused by the examples. They show as I do the complete range for an access-list called no_nat_inside but I believe it should only have the VPN pool IP range and not the entire network since the others do require natting - not sure if my thought process is correct here. Any help will be greatly apprecaited. Also this morning I just tried a boiler plate example from CISCO and it also did not do what I need for it to do. And I also connect a PC to obtain an IP to see if I can see it - no good. The PC can ping the PIX and viceversa but no one can ping the remote PC that connects via the CISCO Remote VPN client even though it receive an address from the vpnpool. Also include LAN is checked off on the client. This was mentioned in anther post.
Thank you once again.

Hi,
PIX501 is a very very old Cisco firewall that has not been sold for a long time to my understanding. It also doesnt support even close to new software levels.
If you wanted to replace the PIX501 the corresponding model nowadays would be ASA5505 which is the smallest Cisco ASA firewall with 8 switch port module. There is already a new ASA5500-X Series (while ASA5505 is of the original ASA 5500 Series) but they have not yet introduced a replacing model for this model nor have they stopped selling this unit. I have a couple of them at home. Though naturally they are more expensive than your usual consumer firewalls.
But if you wanted to replace your PIX firewall then I would probably suggest ASA5505. Naturally you could get some other models too but the cost naturally rises even more. I am not sure at what price these are sold as used.
I used some PIX501 firewalls at the start of my career but have not used them in ages since ASA5505 is pretty much the firewall model we use when we need a firewall/vpn device for a smaller network/branch site.
Here is a PDF of the original ASA5500 Series.
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80285492.pdf
Here is a PDF of the new ASA5500-X Series
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/at_a_glance_c45-701635.pdf
I am afraid that its very hard for me atleast to troubleshoot this especially since I have not seen any outputs yet. Also the very old CLI and lack of GUI (?) make it harder to see what the problem is.
Could you provide the requested outputs?
From the PIX after connection test
show crypto ipsec sa
Screen captures of the VPN Client routing and statistics sections.
- Jouni

Can't connect PC and Mac to print via wireless network

I have the HP Office Jet All-In-One 6500. I've never been able to get both my Mac and PC to print wirelessly.
First, Mac worked fine wirelessly, then had to print via ethernet for PC. Then that quit working for PC. So I uninstalled printer drivers on PC, reinstalled and it works great printing via the network.
However, now my Mac -- my main computer -- wont print. It spends hours "connecting....." MacBook running Leopard OS 10.5.8.
Why can't both computers access this printer over the same wireless network? Absolutely NO settings were changed on my Mac from the time it worked, until now. Only thing I did was get the PC to work.
I've tried turning the printer off and restarting.... didn't help.
I bought this wireless printer so that both computers could use 1 printer.... I don't want to have 2 printers for my little office! Please help HP!

First, please look on the label underneath the router and let us know the exact model and hardware version of the router. Also check which firmware you are running on the router at http://192.168.1.1/ and verify that you are actually running the most current firmware. You can find out which is the newest firmware on the downloads page of the linksys website.
Second, is it possible that you used the Mac before to connect directly to the internet without the router? In that case it could well be possible that the Mac is still doing so, connecting to the internet itself, bypassing the router and thus terminating whatever internet connection the router established before (which the PCs were using).
Third, after being kicked out, please check the following in a command prompt window on the PCs ("Run..." and enter "cmd"). "ping 192.168.1.1" you should still get replies.
Fourth, what is the IP address and gateway address which the Mac gets when getting online?

Accessing my home network through the internet?

Is it possible to access my home network through the internet via my AirPort Express? I would like to have full access to my Mac Mini's hard drive from my MacBook while at work.

Yes. You will need to enable file sharing on your Mac Mini (via Sharing in System Preferences) and then you will need to port forward all your ports (since I don't know exactly what file sharing method you will be using) of your Mac Mini via the AirPort Utility.

Conecting to MS Access via a network

Similar Messages

Maybe you are looking for