Cuantos Clientes VPN soporta el cisco rv042g?

Similar Messages

• Cisco 2504 WLC client VPN Access

  Hi,
  I was reading couple of posts related to Cisco WLC + Client VPN passthrough .. and got  a query.
  https://supportforums.cisco.com/thread/2183687
  https://supportforums.cisco.com/thread/2219356
  The second link says that "Remote Acces VPN connections through the WLC work out of the box". Is this True? No need to configure Layer 3 VPN-Pass though for the SSID?
  They are using WPA2+PSK as Layer 2 Security. Here WPA2-PSK + VPN Passthrough is the right combination for WLAN Layer2 + Layer 3 Security?
  Thanks,
  Jagan

  It works out of the box... you don't need to configure any passthrough.. just connect to the ssid and VPN away.
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"

• Connection issues of Historical Reports Client over a non-Cisco VPN/third party VPN

  When trying to run the Cisco Unified CCX Historical Reports Client over a non-Cisco VPN, the user receives an error.
  The major failure is the connection problem between Historical Reports Client and Cisco Unified CCX Server.
  Error :
  An error occurred while communicating with web server.
  All available connections to database server are in use by other client machines. Please try again later and check the log file for error 5054.
  This works fine when connected to through Cisco VPN .
  Is the third party VPN/ customer's web based VPN blocking the connection between UCCX  server and HRC machine ??
  Thanks !!!
  Shridhar Reddy

  Hi Sridhar,
  Also please try accessing the database port 1504 from your client box.
  Reference:
  http://www.cisco.com/en/US/docs/voice_ip_comm/cust_contact/contact_center/crs/express_8_5/configuration/guide/uccx851pug.pdf
  Hope it helps.
  Anand
  Pls rate helpful posts !!

• Limitation on Client VPN for RV220W?

  Is there a limitation on using the Client VPN to connect to the RV220W from the same location (site)?
  Here’s what happened: One of our RV220W’s went down and we UPS’d it back to Cisco for replacement; so that was the end of our site-to-site connection. I ran to Staples and brought a $200 Netgear R6300v2 Smart WiFi Router, thinking it would be a nice "backup" router should a Cisco router go down in the future again, and also at the $200 price poing and being the "newest" model out, it would have what I need. What I didn’t know is the Netgear R6300v2 is a "consumer" router with no VPN capabilities, so it can not establish a site-to-site VPN connection. So, I figure a cool work around was to have each workstation connect to the other RV220W at the other location. But...I’m finding out that when one workstation is connected, no other workstation can connect: it times out during verification. When I disconnect the workstation that is connected, then another workstation can connect through the Client VPN.
  Does this one-at-a-time connection only happen ‘cause we’re all at the same location, trying to connect from the same WAN IP address, in essence the same site?
  If so, what would happen if two or more employees wanted to use the Client VPN from the same Starbuck’s location? Would they NOT be allowed to connect at the same time? The first one would connect, and the second one would not connect?

  Hi Waverly,
  As I understand it, the QuickVPN routers can only accept a single connection at a time from the same remote WAN IP. You *may be able to make another connection by using port 60443 on the second client.
  You can also use PPTP and/or SSL VPN on the RV220W. Clearly the best option is a site to site tunnel for multiple users. The RV180(W) might be a better choice for a backup router as it has nearly all of the capabilities of the RV220W at less cost.
  - Marty

• Cant ping inside hosts from client vpn. Think its a NAT issue

  Hello all, I am running into what I think is a NAT/nat exclusion issue with an IOS IPSEC VPN. I can connect to the VPN with the cisco IPSEC VPN client, and I am able to authenticate. Once I authenticate, I am not able to reach any of the inside hosts. My relevant config is below. Any help would be greatly appreciated.
  aaa new-model
  aaa authentication login default local
  aaa authentication login userauthen group radius
  aaa authorization exec default local
  aaa authorization network groupauthor local
  crypto isakmp policy 3
  encr 3des
  authentication pre-share
  group 2
  crypto isakmp client configuration group businessVPN
  key xxxxxx
  dns 192.168.10.2
  domain business.local
  pool vpnpool
  acl 108
  crypto isakmp profile VPNclient
  match identity group businessVPN
  client authentication list userauthen
  isakmp authorization list groupauthor
  client configuration address respond
  crypto ipsec transform-set myset esp-3des esp-sha-hmac
  crypto dynamic-map dynmap 10
  set transform-set myset
  set isakmp-profile VPNclient
  reverse-route
  crypto map clientmap 10 ipsec-isakmp dynamic dynmap
  interface Loopback0
  ip address 10.1.10.2 255.255.255.252
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip virtual-reassembly
  interface Null0
  no ip unreachables
  interface FastEthernet0/0
  ip address 111.111.111.138 255.255.255.252
  ip access-group outside_in in
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip nat outside
  ip inspect outbound out
  ip virtual-reassembly
  duplex auto
  speed auto
  crypto map clientmap
  interface Integrated-Service-Engine0/0
  description cue is initialized with default IMAP group
  ip unnumbered Loopback0
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip virtual-reassembly
  service-module ip address 10.1.10.1 255.255.255.252
  service-module ip default-gateway 10.1.10.2
  interface BVI1
  ip address 192.168.10.1 255.255.255.0
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip nat inside
  ip virtual-reassembly
  ip nat inside source static tcp 192.168.10.2 25 interface FastEthernet0/0 25
  ip nat inside source static tcp 192.168.10.2 443 interface FastEthernet0/0 443
  ip nat inside source static tcp 192.168.10.2 3389 interface FastEthernet0/0 3389
  ip nat inside source route-map nat interface FastEthernet0/0 overload
  ip access-list extended nat
  deny ip 192.168.10.0 0.0.0.255 192.168.109.0 0.0.0.255
  deny ip 10.1.1.0 0.0.0.255 192.168.109.0 0.0.0.255
  permit ip 10.1.1.0 0.0.0.255 any
  permit ip 192.168.10.0 0.0.0.255 any
  ip access-list extended nonat
  permit ip 192.168.10.0 0.0.0.255 192.168.109.0 0.0.0.255
  permit ip 10.1.10.0 0.0.0.255 192.168.109.0 0.0.0.255
  permit ip 10.1.1.0 0.0.0.255 192.168.109.0 0.0.0.255
  ip access-list extended outside_in
  permit tcp object-group Yes_SMTP host 111.111.111.138 eq smtp
  permit tcp any any eq 443
  permit tcp 20.20.20.96 0.0.0.31 host 111.111.111.138 eq 3389
  permit tcp 20.20.20.96 0.0.0.31 host 111.111.111.138 eq 22
  permit esp any host 111.111.111.138
  permit udp any host 111.111.111.138 eq isakmp
  permit udp any host 111.111.111.138 eq non500-isakmp
  permit ahp any host 111.111.111.138
  permit gre any host 111.111.111.138
  access-list 108 permit ip 192.168.109.0 0.0.0.255 192.168.10.0 0.0.0.255
  access-list 108 permit ip 192.168.109.0 0.0.0.255 10.1.1.0 0.0.0.255
  access-list 108 permit ip 192.168.109.0 0.0.0.255 10.1.10.0 0.0.0.255
  route-map nat permit 10
  match ip address nat
  bridge 1 route ip

  I believe the acl applied to the client group is backwards. It should permit traffic from the internal network to the clients pool.
  To confirm you can open the Cisco VPN client statistics(after connecting) then go to the route details tab. You should see there the networks that you should be able to reach from the client. Make sure the correct ones are in there.
  Regards,

• Unable to access/lan2lan ping from VPN Fortigate to Cisco ASA 5505

  Problem : Unable to access user A to user B
  User A --- router A (122, fortigate 80c) --- (Site to Site VPN between fortigate & cisco asa) --- router B (93, cisco Asa 5505{in front asa got cisco800[81] before to internet} )  --- User B
  After using wizard to configure the cisco ASA site to site VPN, the site-to-site tunnel is up.
  Ping is unsuccessful from user A to user B
  Ping is successful from user B to user A, data is accessable
  After done the packet tracer from user A to user B,
  Result :
  Flow-lookup
  Action : allow
  Info: Found no matching flow, creating a new flow
  Route-lookup
  Action : allow
  Info : 192.168.5.203 255.255.255.255 identity
  Access-list
  Action : drop
  Config Implicit Rule
  Result - The packet is dropped
  Input Interface : inside
  Output Interface : NP Identify Ifc
  Info: (acl-drop)flow is denied by configured rule
  Below is Cisco ASA 5505's show running-config
  ASA Version 8.2(1)
  hostname Asite
  domain-name ssms1.com
  enable password ZZZZ encrypted
  passwd WWWW encrypted
  names
  name 82 B-firewall description Singapore office firewall
  name 192.168.1.0 B-inside-subnet description Singapore office internal LAN IP
  name 192.168.200.0 A-inside-VLAN12 description A-inside-VLAN12 (fortinet)
  name 192.168.2.0 fw-inside-subnet description A office internal LAN IP
  name 122 A-forti
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.5.203 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address 93 255.255.255.240
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/7
  ftp mode passive
  dns server-group DefaultDNS
  domain-name ssms1.com
  object-group network obj_any
  network-object 0.0.0.0 0.0.0.0
  access-list inside_nat0_outbound extended permit ip any 80 255.255.255.240
  access-list inside_nat0_outbound extended permit ip fw-inside-subnet 255.255.255.0 B-inside-subnet 255.255.255.0
  access-list inside_nat0_outbound extended permit ip 192.168.5.0 255.255.255.0 A-inside-VLAN12 255.255.255.0
  access-list outside_cryptomap extended permit ip fw-inside-subnet 255.255.255.0 B-inside-subnet 255.255.255.0
  access-list Outside_nat-inbound extended permit ip A-inside-VLAN12 255.255.255.0 192.168.5.0 255.255.255.0
  access-list Outside_nat-inbound extended permit ip host A-forti 192.168.5.0 255.255.255.0
  access-list outside_1_cryptomap extended permit ip 192.168.5.0 255.255.255.0 A-inside-VLAN12 255.255.255.0
  pager lines 24
  logging enable
  logging asdm informational
  mtu inside 1500
  mtu outside 1500
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-631.bin
  no asdm history enable
  arp timeout 14400
  global (outside) 101 interface
  nat (inside) 0 access-list inside_nat0_outbound
  nat (inside) 101 0.0.0.0 0.0.0.0
  route outside 0.0.0.0 0.0.0.0 81 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http B-inside-subnet 255.255.255.0 inside
  http fw-inside-subnet 255.255.255.0 inside
  http 0.0.0.0 255.255.255.255 outside
  http 0.0.0.0 0.0.0.0 outside
  http 192.168.5.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto map outside_map 1 match address outside_1_cryptomap
  crypto map outside_map 1 set pfs
  crypto map outside_map 1 set peer A-forti
  crypto map outside_map 1 set transform-set ESP-3DES-SHA
  crypto map outside_map 2 match address outside_cryptomap
  crypto map outside_map 2 set peer B-firewall
  crypto map outside_map 2 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto isakmp policy 20
  authentication pre-share
  encryption aes-192
  hash md5
  group 2
  lifetime 86400
  crypto isakmp policy 30
  authentication pre-share
  encryption aes-256
  hash md5
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  dhcpd auto_config outside
  dhcpd address 192.168.5.10-192.168.5.20 inside
  dhcpd dns 165 165 interface inside
  dhcpd enable inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  group-policy DfltGrpPolicy attributes
  vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
  username admin password XXX encrypted privilege 15
  tunnel-group 122 type ipsec-l2l
  tunnel-group 122 ipsec-attributes
  pre-shared-key *
  class-map inspection_default
  match default-inspection-traffic
  class-map outside-class
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum 512
    message-length maximum client auto
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect icmp
  policy-map outside-policy
  description ok
  class outside-class
    inspect dns
    inspect esmtp
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect icmp
    inspect icmp error
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect sip
    inspect skinny
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect xdmcp
  service-policy global_policy global
  service-policy outside-policy interface outside
  prompt hostname context
  Cryptochecksum: XXX
  : end
  Kindly need your expertise&help to solve the problem

  any1 can help me ?

• VPN session in cisco ASA reflect a different source public ip

  Hi all,
  I tested and manage to establish vpn on my cisco asa 5520 successfully.
  On my syslog i can see "anyconnect parent session started" upon my vpn establishment and "webvpn session terminated" upon terminating my vpn session
  where the correct public ip used to establish the vpn is reflected. However after the "webvpn session terminated" line, i can see other lines in my syslog, example "Group=vpngroup, username=test, ip = x.x.x.x, session disconnected, session type:anyconnect parent, duration 0h:00m23s, bytes xmt: 0, bytes rcv:0, reason: user requested" where x.x.x.x is not the ip address used to establish my remote access vpn, neither is it the ip related to my vpn infra. I am very sure that the ip x.x.x.x did not establish any vpn to my cisco asa5520. Hence why is it reflected in my cisco asa logs? Pls advise, TIA!

  Hi,
  Think I remember some posting about a similiar issue in the past. Did a couple of google searches and the following BugID was mentioned in the discussion.
  syslog 113019 reports invalid address when VPN client disconnects.
  CSCub72545
  Description
  Symptom:
  Syslog reports an invalid IP Address.
  Conditions:
  This condition occurs when a VPN Client is disconnected.
  Workaround:
  There is no mention of a workaround. Just mention of software versions that should correct the problem
  The link to the actual page/document is the following
  https://tools.cisco.com/bugsearch/bug/CSCub72545
  Perhaps this is the bug you are running into or something similiar.
  - Jouni

• Need Cisco VPNClient for 10.8. Available? Will OS VPN work with Cisco?

  Need to connect to VPN serve using Cisco VPNClient but cannot find client for OS 10.8. Last VPN Client I have only works in 32 bit mode. Anyway to use OS VPN?

  Have you tried setting up a Cisco connection through the VPN network preference panel? You need an account credentials (name and password) as well as either a certiicate or a general password.
  System Preferences - Network - add network port - choose VPN interface - choose Cisco IPSec type, then configure it as needed.
  Matt

• Pix 501 and Client VPN's

  Hi, I've had this 501 for several months now and really stuggled to get the client VPN side working.
  I can get site to site working with no problems using the wizard but the Client VPN never works.
  Latest i've set it up for pptp which I can get the client to connect with no problems but fails to get any traffic from the pix - I can however ping the remote PC from a PC behind the PIX.
  I'm setting these up by the PDM buy i've attached a copy of the config anyway.
  Best,
  Chris

  Hi Kamal.
  It didnt like the command
  nat (inside) 0 access0list nonat
  I can attach via Cisco VPN Client but the same occurs - I can ping the remote from the network - but not the other way round.
  Config attached. - Best, Chris
  : Written by enable_15 at 02:14:05.990 UTC Mon Feb 12 2007
  PIX Version 6.3(5)
  interface ethernet0 auto
  interface ethernet1 100full
  nameif ethernet0 outside security0
  nameif ethernet1 inside security100
  enable password xxx
  passwd xxx
  hostname pixfirewall
  domain-name ciscopix.com
  fixup protocol dns maximum-length 512
  fixup protocol ftp 21
  fixup protocol h323 h225 1720
  fixup protocol h323 ras 1718-1719
  fixup protocol http 80
  fixup protocol rsh 514
  fixup protocol rtsp 554
  fixup protocol sip 5060
  fixup protocol sip udp 5060
  fixup protocol skinny 2000
  fixup protocol smtp 25
  fixup protocol sqlnet 1521
  fixup protocol tftp 69
  names
  access-list nonat permit ip 192.168.1.0 255.255.255.0 192.168.10.0 255.255.255.0
  access-list outside_cryptomap_dyn_20 permit ip any 10.10.10.0 255.255.255.240
  access-list split permit ip 192.168.1.0 255.255.255.0 any
  pager lines 24
  mtu outside 1500
  mtu inside 1500
  ip address outside 213.x.146.72 255.255.x.0
  ip address inside 192.168.1.1 255.255.255.0
  ip audit info action alarm
  ip audit attack action alarm
  ip local pool vpnpool 10.10.10.1-10.10.10.10
  pdm logging informational 100
  pdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 1 0.0.0.0 0.0.0.0 0 0
  route outside 0.0.0.0 0.0.0.x.249.x.65 1
  timeout xlate 0:05:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
  timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
  timeout sip-disconnect 0:02:00 sip-invite 0:03:00
  timeout uauth 0:05:00 absolute
  aaa-server TACACS+ protocol tacacs+
  aaa-server TACACS+ max-failed-attempts 3
  aaa-server TACACS+ deadtime 10
  aaa-server RADIUS protocol radius
  aaa-server RADIUS max-failed-attempts 3
  aaa-server RADIUS deadtime 10
  aaa-server LOCAL protocol local
  http server enable
  http 192.168.1.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server community public
  no snmp-server enable traps
  floodguard enable
  sysopt connection permit-ipsec
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set myset esp-des esp-md5-hmac
  crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20
  crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-MD5
  crypto dynamic-map cisco 1 set transform-set myset
  crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
  crypto map outside_map client authentication LOCAL
  crypto map dyn-map 20 ipsec-isakmp dynamic cisco
  crypto map dyn-map interface outside
  isakmp enable outside
  isakmp nat-traversal 20
  isakmp policy 10 authentication pre-share
  isakmp policy 10 encryption 3des
  isakmp policy 10 hash md5
  isakmp policy 10 group 1
  isakmp policy 10 lifetime 86400
  isakmp policy 20 authentication pre-share
  isakmp policy 20 encryption 3des
  isakmp policy 20 hash md5
  isakmp policy 20 group 2
  isakmp policy 20 lifetime 86400
  vpngroup vpn address-pool vpnpool
  vpngroup vpn dns-server 192.168.1.1
  vpngroup vpn idle-time 1800
  vpngroup vpn password 634083
  vpngroup VPNclient split-tunnel split
  vpngroup VPNclient idle-time 1800
  vpngroup VPNclient password ******
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  dhcpd address 192.168.1.2-192.168.1.33 inside
  dhcpd dns 89.238.129.211
  dhcpd lease 3600
  dhcpd ping_timeout 750
  dhcpd auto_config outside
  dhcpd enable inside
  username chris password 9DgK/T8KJkq.BhX6 encrypted privilege 15
  terminal width 80
  Cryptochecksum:xxx
  : end

• Client VPN doesn't work until reload; all other services are fine

  We have a 1800 router running 12.4.x that is acting up.  Every week or 2, client vpn connectivity stops working on it (clients receive a ' reason 412; the remote peer is no longer responding' when trying to connect).  All other traffic running through that router continues to work fine (site to site, nat, etc).  If we run a 'clear ip nat translation', then ONE client can reconnect, but any subsequent clients cannot.  So, basically one at a time.  the only 'fix' is a reboot of the router.  any suggestions on where to start troubleshooting?
  thanks!                  

  Matt,
  Did you disable NAT-T on this device?
  http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#solution01
  Thanks,
  Tarik Admani
  *Please rate helpful posts*

• Use client VPN tunnel to traverse LAN-to-LAN tunnel

  I've been troubleshooting a problem and can't get over a hurdle. The ASA is running ASA running 7.2(1)24 code. I'm trying to use a client VPN tunnel to connect to the ASA. The ASA already has a LAN-to-LAN tunnel set up and functioning, and I need the client VPN to access the remote site over the LAN-to-LAN tunnel.
  The internal IP address of the local side is 192.168.0.0/24 and the IP of the remote LAN-to-LAN tunnel is 172.20.1.0/24. The clients are handed out 192.168.200.0/24 IPs. I've attached the relevant configuration for the ASA.
  When the client VPNs into the network, I can access the resources on the ASA's internal network. Users on the ASA's internal network can access resources across the LAN-to-LAN tunnel. Client VPNs cannot access resources over the LAN-to-LAN tunnel. For the latter, there are no hits on the C-TEST access list.
  Thank you for your assistance.

  try adding...
  same-security-traffic permit intra-interface
  http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a00806370f2.html#wp1042114

• Cisco SSL-VPN / webvpn with Cisco 2901 IOS 15.3.3M

  Dear Community,
  I have a strange issue that I am hoping some of you will be able to assist with.
  I am running an environment with the following specifications
  Cisco ISR G2 2901 with IOS 15.3.3M
  Security Licence enabled
  Data Licence enabled
  VPN Licence enabled
  Cisco ISR G2 2951 with IOS 15.3.3M
  Security Licence enabled
  Data Licence enabled
  SM with ESX server.
  Desktop Environment
  Windows XP SP3
  Internet Explorer 8
  Desktop Environment 2
  Windows 8
  Internet Explorer 10
  I have a ESX server set up with a web page on the 2951. The 2901 unit has a SSL VPN / web vpn service set up on it to allow the Desktop Environments to connect to the 2951 web page. The Desktop Environments are not allowed to directly connect to the 2951 router that is why the SSL-VPN / web vpn is used.
  This system was initially working with IOS 15.2.4M2 however an update of the IOS was required and now the VPN does not fully function correctly.
  PROBLEM: Now the webvpn interface loads with the welcome screen and login. After logging in it has a screen with a link to the webpage on the 2951. When I try open this webpage on the 2951 and the SSL-VPN starts to build I only get half my web page. There seems to be a problem where I only get half a page loading or just a blank page with just HTML headers. I have tried changing the page to just HTML but it still does not display properly. This is with Internet Explorer ( all versions ). With firefox there are no problems but I cannot run this browser as my environment will not allow it.
  If anyone can assit me here it would really make my day.
  Thanks,
  Will

  Can anyone help with this ?

• "Busiest Clients" report template on Cisco Prime & Aironet 1242AG

  Yesterday I was trying to schedule a "Busiest Clients" report on our Cisco Prime physical appliance (PRIME-NCS-APL-K9, v2.1.0.0.87).
  My goal was to monitor the busiest clients on a couple of old Aironet access-points. These APs have been installed in a branch office of our university that rely on 4 Mb/s SHDSL WAN connectivity and, as you might imagine, some saturation occurs when the classrooms are crowded.
  Unfortunately, all the reports were empty ... there was only a "No data matches the specified criteria for the report” warning inside.
  The Client Statistics task (Administration>Background Tasks) was enabled and I was able to run this report selecting a different floor area ... after a few tries I've discovered that this error occurs only when the old Aironet 1242AG APs are involved. If I select a floor area populated with the newer 1142 and 2602 models, the report template works as intended.
  So, is there a way to fill a "Busiest Clients" report with data fetched from our old Aironet 1242AG APs?
  Our WLC is a Cisco Wireless Services Module 2 Controller for Cisco Catalyst 6500 (WS-SVC-WISM2-K9).
  (Sorry ... my English is a bit rusty)

  Hi,
  Kindly try to restart the Dameon manager with the command line of the server
  1> net stop crmdmgtd
  and then start the daemon manager --> net start crmdmgtd (wait for atleast 20-25 minutes before login back to LMS and also see if any file do exist at location CSCOps\Objects\dmgtd\ready folder).
  Get the output of pdshow after waiting for 20 minutes and stdout.log and stderr.log from CSCOpx\MDC\tomcat\logs.
  Many Thanks,
  Gaganjeet

• How to install MX60 and enable client vpn services

  Can anyone show me a link or video that will assist in installing MX60 and enable client VPN services?

  Thanks Brandon. I will explore the Meraki knowledge base link you sent.

• Cuantos usuarios concurrentes soporta SAP B1

  Favor : necesito saber cuantos usuarios concurrentes soporta SAP BO. Tengo entendido que soporta hasta 70 usuarios sin que el sistema tenga problemas en los tiempos de respuesta..
  Espero sus comentarios... Gracias

  Hola
  Una licencia permite conectar 2 veces a SAP B1.
  Pero con relación a performance eso depende de la utilización del sistema:
  - numero de usuarios concurrentes en el sistema
  - cuantidad de documento generados
  - add-ons instalados
  - configuración de hardware del servidor
  - otras aplicaciones instaladas en el equipo.
  El Sizing Guide de SAP B1 trae algunos escenarios y recomendaciones en la introducuion del documento:
  http://service.sap.com/smb/sbo/documentation -> SAP Business One 2005 B  SAP Business One Best-Practice System Setup and Sizing.
  Paulo Calado
  SAP Business One Forums Team