EA4500 Unable to Access Devices Remotely
I hope someone can help. I just switched to the EA4500 Router and I'm now unable to remotely access my camera devices. I have done the port forward. I can access the cameras from my local LAN both when using the local 10. ..and external 99 .. Addresses. When I go off the local connection - Access does not work. Slingbox did its auto configuration and I can access it. I just cant get to camera devices (Panosonic, Foscam, etc.).
What could be wrong? Please help. Thanks
rparker4u2 wrote:
One is fixed, two others are dynamic. The ports are forwarded to the assigned ports of the devices (8050, 5080, and 8005) It works from an external IP 99. address with ports specified http://99.xx.xx.xx: 8050 and it gets redirected when I'm on the local LAN. It fails when I access from my cell phone or another internet provider. Thanks
Just make sure to assign a fix IP address to the cameras. You can use the DHCP reservation feature of the router to assign these cameras a specific IP. This is working with the old router? Right?
Similar Messages
-
I have the CS3 version of Dreamweaver and am unable to access my remote files.
I have the CS3 version of Dreamweaver and cannot access my remote files. The message says "cannot make contact with host". I contacted GoDaddy (host) but they cannot help me. They said to contact you.
SharonpackerI have Dreamweaver CS3 and have no trouble using it to access remote files. This is not a Dreamweaver CS3 issue.
Is your password correct.
Is your username is correct
Are you in the correct "root" directory for your website?
Is the server expecting SFTP (unlikely)?
Have you checked the Server Compatibility button and tried unchecking and checking FTP optimization and alternative FTP move method?
Has your hosting provider suddenly changed to IP v 6 (unlikely)?
Have you changed your firewall?
These are things to check out in Dreamweaver in the Remote Info panel in your Advanced Site Definition. -
Cannot seem to access device remotely
Hope someone could help
I have a temperature sensor device connected to my router and want to be able to monitor it remotely over IP.
It works fine on the LAN side but I cannot access anything on the WANT side.
I set up the port forwarding table but it seems I am not even seeing the router ??
I running Internet cable through time warner as the ISP with a WRT160N router..It has to be a simple setting or something I anm missing>
Any ideas?
MikeOpen the setup page of the router. Click on Administration tab and disable UPnP. Save the settings.
Go to Setup tab and change the MTU size to 1365. Save the settings.
Go to Security tab and uncheck the box ' Filter Anonymous Internet request'. Save the settings.
Power cycle the router and try to access the device on the Internet.
Make sure that firmware on your router is updated. -
Unable to access device memory
Hello there,
I'm having trouble trying to access the device memory.
It's half full, but I haven't any files! I've tried a factory reset and a security wipe, but it still says that I've used up half the memory.
When I try and update my phones software, it tells me to "consider deleting or moving files". But there aren't any left to move!
I can't seem to access to device memory to see what these files are, when I check my memory usage it just says that there's 2.07gb of system files.I have also re-installed the Windows XP. still nothing.
If you have restored the hard drive to its original factory-new condition using the Toshiba recovery discs, then that means you have a hardware malfunction.
You can purchase a card reader that plugs into a USB port.
-Jerry -
WRT1900AC: Unable to Access Router Remotely
This may be a simple one, but I'm scratching my head over it.
I just picked up a 1900 for my personal use at home. I did a basic auto config (nothing fancy, just Plain Jane).
As a part of the config process, I associated the router to a Smart Access account that is different than the one that my Church's routers are assigned to.
For some unknown reason, I cannot access the router using the Smart app unless I am accessing the Internet through the 1900. If I access the Internet through my Verizon FiOS router, the Smart app tells me that my wireless router is offline.
I defaulted the 1900 and started from scratch using my desktop...again...associating the unit to the account. Again, no luck.
I established a session with my smartphone and tried again with my tablet. Still no luck.
Just to make sure that there was no outage, I tried to access the Church routers....and was able to do so without any problems.
Is there an option that I am overlooking? I don't recall running into this situation when setting up the 6500s and 6900s.
I FEATURE 00
Solved!
Go to Solution.Is the WRT1900AC router connected to the Verizon FiOS router? If yes, it is possible that the WRT1900AC is configured as an AP behind the FiOS router. This usually happens if routers are connected to another router or gateway (router/modem). More prone if the WRT1900AC was configured via auto-config since this type of networks are not the usual modem to router connection. If this is your setup, reset the WRT1900AC router again and manually configure the settings.
Cascading LAN to WAN:
1. Check and take note of the IP address of the ISP modem/router (FiOS router).
2. Connect a computer to the secondary router (desktop or laptop to one of the Ethernet ports of the second router). In your case, the Linksys WRT1900AC router is the secondary router.
3. Access the setup (Linksys Smart WiFi) page of the Linksys router. Steps: http://kb.linksys.com/Linksys/ukp.aspx?pid=80&app=vw&vw=1&login=1&json=1&docid=bd520bcb07a6474596169...
4. Under Wireless, configure the wireless settings of the Linksys router and click on Apply button to save the changes. Steps: http://kb.linksys.com/Linksys/ukp.aspx?vw=1&docid=8ce9e83bd3784001aee72da7f1ef48e8_Changing_the_basi...
5. Under Connectivity, click on Local Network tab > Router Details. Depends on what IP Address your modem/router (FiOS router) is using, make sure that the WRT1900AC router's IP is not on the same range and click on Apply button to save the changes. Example: FiOS router is 192.168.1.1, change WRT1900AC router to 192.168.2.1. Make sure the third octet is not the same.
6. Connect the ISP modem to the Internet port of the WRT1900AC router.
7. Power cycle your network. Unplug and re-plug the modem/router and router.
8. Connect your wireless devices to the Linksys router and check for internet access. -
Trouble accessing devices remotely.
I have a Linksys E1200 router.
My problem is I have installed a camera system that allows remote viewing.
I cannot access the system through the E1200 I am not very knowledgeable in net working.
What do I need to do to access the DVR from a remote computer?You have to enable a port number for the camera to be viewable over the internet or remotely. The first thing that you have to check though is the internet connection type that the router is getting from your internet provider. You would need a public ip address from your ISP in order for this setup to work. If you are already on a Cable internet service then it is okay because they usually have public ip addresses. If you are on DSL internet connection, make sure that your modem is set to full bridge. If that is all set then you can proceed to the next step of enabling port range forwarding on the router's setup screen for the dvr or the camera. Contact tech support for your DVR system to obtain the correct port number that will be opened on the router. And with that, the DVR should be assigned with a specific ip address so that say if you are on a remote location you can access the camera this way: http://publicwaniportnumberofcamera. You can refer to the links below for further instructions.
Setting up port range forwarding on Linksys wireless-N routers and gateways
Setting up single Port Forwarding on a Linksys wireless-N router -
Still unable to access devices. I'm on Lion 10.7.5
For no reason that I can think of, I no longer show any device except flash drive. No card slot, no card reader for photos. PLus it seems a usb port no longer fumctions. Do I need to take to apple dealer?
You managed to place an item in the toolbar that has since been trashed. The solution is simple. Right click (or control click) on the toolbar and select Customize Toolbar... Now you can drag the question mark off the toolbar and release the mouse button. It will poof (disappear).
-
Unable to access internal networks over Remote acces VPN
Hi,
I have set up a Remote access VPN from Home to Cisco ASA 5512-X.
I am able to connect successfully and even getting a valid IP address from VPN pool 172.21.3.1-. However I am unable to access any of the internal resources.
Internal Network: 172.20.0.0 255.255.0.0
Please if someone can help identifying the issue.
Below is the running config:-
Result of the command: "sh run"
: Saved
ASA Version 9.1(1)
hostname ASA
domain-name M8fl.com
enable password Aoz9GlxLLvkWrTUy encrypted
passwd Gc1jA6zbgOsj63RW encrypted
names
ip local pool vpnclients 172.21.3.1-172.21.3.20 mask 255.255.0.0
ip local pool test 172.21.3.21-172.21.3.40 mask 255.255.255.0
interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 172.20.254.250 255.255.0.0
interface GigabitEthernet0/2
description vodafone 100mb internet 195.11.180.40_29
speed 100
duplex full
nameif outside1
security-level 1
ip address 195.11.180.42 255.255.255.248
interface GigabitEthernet0/3
description Voice
nameif Voice
security-level 80
ip address 192.168.2.1 255.255.255.252
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
interface Management0/0
management-only
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
boot system disk0:/asa911-smp-k8.bin
ftp mode passive
clock timezone GMT 0
dns domain-lookup inside
dns domain-lookup outside1
dns domain-lookup management
dns server-group DefaultDNS
name-server 10.0.0.4
name-server 172.20.0.100
domain-name M8fl.com
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network VLAN1
subnet 172.20.0.0 255.255.0.0
object network NETWORK_OBJ_172.20.3.0_27
subnet 172.21.3.0 255.255.255.224
object network Voice_Net
subnet 172.21.20.0 255.255.255.0
object network PBX_Internal
host 192.168.2.2
description PBX Internal
object network Voice_External
host 195.11.180.43
description For PBX
object network Raith_Remote_Network
subnet 192.168.20.0 255.255.255.0
description Raith Remote Network
object network NETWORK_OBJ_172.21.3.0_27
subnet 172.21.3.0 255.255.255.224
object network NETWORK_OBJ_172.21.3.0_26
subnet 172.21.3.0 255.255.255.192
object-group network azure-networks
network-object 10.0.0.0 255.0.0.0
object-group network onprem-networks
network-object 172.20.0.0 255.255.0.0
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service test_PPTP
service-object ip
service-object tcp destination eq pptp
access-list azure-vpn-acl extended permit ip object-group onprem-networks object-group azure-networks
access-list outside_access_in extended permit ip object-group azure-networks object-group onprem-networks
access-list outside_access_in extended permit icmp any any
access-list outside_access_in extended permit ip any any
access-list inside_access_in extended permit ip any any log disable
access-list inside_access_in_1 extended permit ip object-group onprem-networks object-group azure-networks
access-list inside_access_in_1 extended permit ip any object Voice_Net log debugging
access-list inside_access_in_1 extended permit ip any any
access-list outside_access_in_1 extended permit ip object-group azure-networks object-group onprem-networks
access-list outside_access_in_1 extended permit icmp any any
access-list outside_access_in_1 extended permit ip any any inactive
access-list Voice_access_in extended permit ip any any log debugging
access-list outside_cryptomap extended permit ip object-group onprem-networks object Raith_Remote_Network
pager lines 24
logging enable
logging buffer-size 40000
logging buffered notifications
logging asdm debugging
mtu outside 1500
mtu inside 1500
mtu outside1 1500
mtu Voice 1500
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-66114.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside1) source static onprem-networks onprem-networks destination static azure-networks azure-networks
nat (inside,outside1) source dynamic VLAN1 interface
nat (inside,Voice) source static VLAN1 VLAN1 destination static Voice_Net Voice_Net no-proxy-arp route-lookup
nat (Voice,outside1) source static PBX_Internal Voice_External
nat (inside,outside) source static onprem-networks onprem-networks destination static Raith_Remote_Network Raith_Remote_Network no-proxy-arp route-lookup
nat (inside,outside1) source static any any destination static NETWORK_OBJ_172.21.3.0_27 NETWORK_OBJ_172.21.3.0_27 no-proxy-arp route-lookup
nat (inside,outside1) source static any any destination static NETWORK_OBJ_172.21.3.0_26 NETWORK_OBJ_172.21.3.0_26 no-proxy-arp route-lookup
access-group outside_access_in in interface outside
access-group inside_access_in_1 in interface inside
access-group outside_access_in_1 in interface outside1
access-group Voice_access_in in interface Voice
route outside1 0.0.0.0 0.0.0.0 195.11.180.41 10
route inside 172.21.20.0 255.255.255.0 172.20.20.253 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
http server enable 444
http 192.168.1.0 255.255.255.0 management
http 172.20.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
sysopt connection tcpmss 1350
sysopt noproxyarp outside
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set azure-ipsec-proposal-set esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA mode transport
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec security-association lifetime seconds 3600
crypto ipsec security-association lifetime kilobytes 102400000
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-3DES-SHA
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime seconds 28800
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime kilobytes 4608000
crypto map outside_map interface outside
crypto ca trustpoint ASDM_TrustPoint0
enrollment terminal
subject-name CN=ASA
crl configure
crypto ca trustpool policy
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 28800
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 enable outside1
crypto ikev1 policy 10
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 28800
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet 172.20.0.0 255.255.0.0 inside
telnet timeout 5
ssh 172.20.0.0 255.255.0.0 inside
ssh timeout 5
ssh version 2
console timeout 0
dhcpd address 172.20.2.1-172.20.2.254 inside
dhcpd dns 10.0.0.4 172.20.0.100 interface inside
dhcpd enable inside
dhcpd dns 172.21.20.254 interface Voice
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
tftp-server inside 172.20.2.34 /tftp
webvpn
enable outside1
anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
anyconnect image disk0:/anyconnect-linux-2.5.2014-k9.pkg 2
anyconnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 3
anyconnect enable
tunnel-group-list enable
internal-password enable
group-policy DefaultRAGroup_2 internal
group-policy DefaultRAGroup_2 attributes
dns-server value 10.0.0.4 172.20.0.100
vpn-tunnel-protocol l2tp-ipsec
default-domain value
group-policy DefaultRAGroup_3 internal
group-policy DefaultRAGroup_3 attributes
dns-server value 10.0.0.4 172.20.0.100
vpn-tunnel-protocol ikev1 l2tp-ipsec
default-domain value
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
dns-server value 10.0.0.4 172.20.0.100
vpn-tunnel-protocol l2tp-ipsec
default-domain value
group-policy DefaultRAGroup_1 internal
group-policy DefaultRAGroup_1 attributes
dns-server value 10.0.0.4 172.20.0.100
vpn-tunnel-protocol l2tp-ipsec
default-domain value
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-client ssl-clientless
group-policy RA_VPN internal
group-policy RA_VPN attributes
dns-server value 8.8.8.8 4.2.2.2
vpn-tunnel-protocol ikev1
default-domain value
group-policy "GroupPolicy_Anyconnect _profile" internal
group-policy "GroupPolicy_Anyconnect _profile" attributes
wins-server none
dns-server value 8.8.8.8
vpn-tunnel-protocol ssl-client ssl-clientless
default-domain none
webvpn
file-browsing enable
group-policy GroupPolicy_89.241.208.14 internal
group-policy GroupPolicy_89.241.208.14 attributes
vpn-tunnel-protocol ikev1
username test2 password encrypted privilege 15
username test1 password nt-encrypted privilege 0
username test1 attributes
vpn-group-policy DefaultRAGroup_2
username test password encrypted privilege 15
username test attributes
vpn-group-policy DefaultRAGroup_1
username EdwardM password encrypted privilege 15
username vpntest password encrypted privilege 0
username vpntest attributes
vpn-group-policy RA_VPN
username vpntest3 password nt-encrypted privilege 15
username vpntest3 attributes
service-type remote-access
username rhunton password encrypted privilege 15
username rhunton attributes
service-type admin
username e.melaugh password encrypted privilege 15
username netx password encrypted privilege 15
username netx attributes
service-type remote-access
username colin password encrypted privilege 15
username colin attributes
service-type remote-access
tunnel-group DefaultL2LGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup general-attributes
address-pool vpnclients
default-group-policy DefaultRAGroup_3
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
isakmp keepalive disable
tunnel-group DefaultRAGroup ppp-attributes
no authentication chap
authentication ms-chap-v2
tunnel-group "Anyconnect _profile" type remote-access
tunnel-group "Anyconnect _profile" general-attributes
address-pool vpnclients
default-group-policy "GroupPolicy_Anyconnect _profile"
tunnel-group "Anyconnect _profile" webvpn-attributes
group-alias "Anyconnect _profile" enable
tunnel-group 137.117.215.177 type ipsec-l2l
tunnel-group 137.117.215.177 ipsec-attributes
ikev1 pre-shared-key *****
peer-id-validate nocheck
isakmp keepalive disable
tunnel-group 89.241.208.14 type ipsec-l2l
tunnel-group 89.241.208.14 general-attributes
default-group-policy GroupPolicy_89.241.208.14
tunnel-group 89.241.208.14 ipsec-attributes
ikev1 pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect pptp
policy-map type inspect ipsec-pass-thru Fairhurst
description to allow vpn to fairhurst network
parameters
esp
ah
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:f4185106b309478da7804dc22d2c1a85
: endHi,
You seem to have this nat (inside,outside1) source dynamic VLAN1 interface at line 2 which is causing the identity Nat/ Nat exempt to fail.
It is always good to use the packet tracer feature on the ASA to see what exactly is happening.
Try this
nat (inside,outside1) 1 source static VLAN1 VLAN1 destination static NETWORK_OBJ_172.21.3.0_27 NETWORK_OBJ_172.21.3.0_27 no-pr route-lo
Let me know how it goes for you.
Regards,
Nitish Emmanuel -
Using the personal hotspot feature on the iPhone 5, I am able to connect to the internet. We also use Juniper NCP client to access our local system from a remote location. A VPN connection is created, but I am unable to access servers in our network. This same functionality works using my colleagues iPhone 4.
Both phones are running iOS 6.1.3. I tried to reset network settings, but still unable to ping servers in our network. This is a feature that our sales team relies heavily on when out of the office. Hoping someone has some suggestions on what is different between the 2 phones.Hi,
Generally, this issue should be related with something called split tunneling, since you’re using a F5 vpn client, you need to look for something related to split tunneling in the F5 VPN client's documentations.
Here is an example, share it with you as a reference.
http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm_config_10_2_0/apm_config_networkaccess.html
In addition, you can refer to the link below for more solution about this problem.
You Cannot Connect to the Internet After You Connect to a VPN Server
http://support.microsoft.com/kb/317025
NOTE
This
response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you.
Microsoft
does not control these sites and has not tested any software or information found on these sites.
Yolanda Zhu
TechNet Community Support -
VPN connects but unable to access resources on remote network
HI,
I'm able to ping the ASA interface once the VPN is connected but unable to access any of the resources located on the remote network such as shares and computers. The cisco vpn client shows data being sent and recieved when I ping the interface on the ASA but it doesn't recieve any data when I attempt to ping or access other resources on the network.
ASA Version 8.2(5)
hostname HOST_NAME
domain-name default.domain.invalid
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
speed 10
duplex half
interface Ethernet0/4
speed 100
duplex full
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 10.10.8.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 12.x.x.x x.x.x.x
boot system disk0:/asa825-k8.bin
ftp mode passive
dns domain-lookup inside
dns domain-lookup outside
dns server-group DefaultDNS
name-server 10.10.8.2
domain-name default.domain.invalid
same-security-traffic permit intra-interface
object-group service Vipre tcp
port-object range 18082 18082
port-object range 18086 18086
object-group network town
network-object 192.168.0.0 255.255.0.0
access-list outside_20_cryptomap extended permit ip 10.10.8.0 255.255.255.0 192.168.0.0 255.255.252.0
access-list new extended permit ip host 192.168.0.1 any
access-list new extended permit ip any host 192.168.0.1
access-list outside_20_cryptomap_1 extended permit ip 10.10.8.0 255.255.255.0 192.168.0.0 255.255.252.0
access-list townoffice_splitTunnelAcl standard permit 10.10.8.0 255.255.255.0
access-list townremote_splitTunnelAcl standard permit 10.10.8.0 255.255.255.0
access-list outside_access_in extended permit tcp any interface outside object-group Vipre
access-list outside_access_in extended permit tcp any object-group Vipre interface inside object-group Vipre
access-list outside_access_in extended permit tcp any eq 3389 10.10.8.0 255.255.255.0 eq 3389
access-list test extended permit ip host 192.168.0.6 host 10.10.8.155
access-list test extended permit ip host 10.10.8.155 host 192.168.0.6
access-list test extended permit ip host 10.10.8.2 host 192.168.3.116
access-list test extended permit ip host 192.168.3.116 host 10.10.8.2
access-list test extended permit ip host 10.10.8.155 host 192.168.3.116
access-list bypass extended permit ip host 10.10.8.155 host 192.168.3.116
access-list bypass extended permit tcp 192.168.0.0 255.255.0.0 10.10.8.0 255.255.255.0
access-list bypass extended permit tcp 10.10.8.0 255.255.255.0 192.168.0.0 255.255.0.0
pager lines 24
logging enable
logging buffered debugging
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool vpn 10.10.8.125-10.10.8.149 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-522.bin
no asdm history enable
arp timeout 14400
global (inside) 1 interface
global (outside) 1 interface
nat (inside) 1 192.168.0.0 255.255.0.0
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp interface 18082 10.10.8.2 18082 netmask 255.255.255.255
static (inside,outside) tcp interface 18086 10.10.8.2 18086 netmask 255.255.255.255
static (inside,outside) tcp interface 3389 10.10.8.2 3389 netmask 255.255.255.255
static (inside,inside) 192.168.0.0 192.168.0.0 netmask 255.255.0.0
static (inside,inside) 10.10.8.0 10.10.8.0 netmask 255.255.255.0
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 12.70.119.65 1
route inside 192.168.0.0 255.255.0.0 10.10.8.250 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
http server enable
http outside
http outside
http inside
http outside
http inside
http outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt noproxyarp inside
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map outside_dyn_map 20 set pfs
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 40 set pfs
crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 60 set pfs
crypto dynamic-map outside_dyn_map 60 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 80 set pfs
crypto dynamic-map outside_dyn_map 80 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 100 set pfs
crypto dynamic-map outside_dyn_map 100 set transform-set ESP-3DES-SHA
crypto map outside_map 20 match address outside_20_cryptomap_1
crypto map outside_map 20 set pfs
crypto map outside_map 20 set peer 69.87.150.118
crypto map outside_map 20 set transform-set ESP-3DES-SHA ESP-3DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 30
telnet 10.10.8.0 255.255.255.0 inside
telnet timeout 5
ssh 63.161.207.0 255.255.255.0 outside
ssh timeout 5
console timeout 0
dhcpd dns 10.8.8.2
dhcpd address 10.10.8.150-10.10.8.200 inside
dhcpd dns 10.10.8.2 interface inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy aaa internal
group-policy aaa attributes
dns-server value 10.10.8.2 4.2.2.2
vpn-tunnel-protocol IPSec
default-domain value domainname
group-policy bbb internal
group-policy bbb attributes
wins-server value 10.10.8.2
dns-server value 10.10.8.2
vpn-tunnel-protocol IPSec l2tp-ipsec
split-tunnel-policy tunnelall
split-tunnel-network-list value townoffice_splitTunnelAcl
default-domain value domainname.local
group-policy townremote internal
group-policy townremote attributes
wins-server value 10.10.8.2
dns-server value 10.10.8.2 4.2.2.2
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value townremote_splitTunnelAcl
default-domain value domainanme
group-policy remote internal
group-policy remote attributes
wins-server value 10.10.8.2
dns-server value 10.10.8.2
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value townremote_splitTunnelAcl
default-domain value dksecurity.local
address-pools value vpn
username xxxx password . encrypted privilege 15
username xxxx attributes
vpn-group-policy dksecurityremote
username xxx password encrypted privilege 15
username xxx attributes
vpn-group-policy dksecurityremote
username xxxx password . encrypted privilege 15
username xxx password encrypted privilege 15
username xxx attributes
vpn-group-policy dksecurityremote
username xxx password encrypted privilege 15
username xxxx attributes
vpn-group-policy dksecurityremote
username xxx password encrypted privilege 15
username xxx attributes
vpn-group-policy dksecurityremote
username xxx password encrypted privilege 15
username xxx attributes
vpn-group-policy dksecurityremote
username xxx password encrypted privilege 15
username xxx password encrypted privilege 15
username xxxx attributes
vpn-group-policy remote
username xxx password encrypted privilege 15
username xxx attributes
vpn-group-policy remote
username xxx password encrypted privilege 15
username xxx attributes
vpn-group-policy remote
username xxxx password encrypted privilege 15
username xxx password encrypted privilege 15
username xxx attributes
vpn-group-policy remote
tunnel-group 69.87.150.118 type ipsec-l2l
tunnel-group 69.87.150.118 ipsec-attributes
pre-shared-key *****
tunnel-group remote type remote-access
tunnel-group remote general-attributes
address-pool vpn
default-group-policy townremote
tunnel-group townremote ipsec-attributes
pre-shared-key *****
isakmp keepalive disable
tunnel-group townremote type remote-access
tunnel-group townremote general-attributes
address-pool vpn
default-group-policy townremote
tunnel-group lansingremote ipsec-attributes
pre-shared-key *****
class-map tcp-bypass
match access-list bypass
class-map test
match access-list new
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
no dns-guard
no protocol-enforcement
no nat-rewrite
policy-map global_policy
class test
class inspection_default
policy-map tcp
class tcp-bypass
set connection random-sequence-number disable
set connection advanced-options tcp-state-bypass
service-policy global_policy global
service-policy tcp interface inside
prompt hostname context
call-home reporting anonymous prompt 2
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:c724d6744097760d94a7dcc79c39568a
: endYou need to change the VPN pool ip subnet to something other than the same ip range used on the inside interface.
Sent from Cisco Technical Support iPad App -
I upgraded to iOS7 without incident and all has been functioning fine. However, today I am unable to access anything that requires connection. Wifi is strong, and working fine on other devices. Any suggestions?
Hi there,
You mentioned that you have tried a few troubleshooting steps already, but you may want to take a look at the article below, specifically the section titled "If you are unable to access the Internet while connected to a Wi-Fi network"
iOS: Troubleshooting Wi-Fi networks and connections
http://support.apple.com/kb/ts1398
Hope that helps,
Griff W. -
Error accessing device data in netweaver."Unable to read data;can't connect
Hi Friends,
We have implemented MAM in one of our client here in India. Its around 7 months the project been gone live.
From last few weeks we are facing problem accessing Device in Netweaver.
We prepared a patch to be applied to devices but on searching by providing mobile device name ie. eg. MOBILE_000011 it gives an error which says "Unable to read data; cannot connect to middleware".
It searches the device successfully but but doesnt display its device details,components etc.
I checked in MI server for short dumps TSV_TNEW_PAGE_ALLOC_FAILED.
All the measures have been taken to remove this dump. But problem still persist.
Please suggest to identify the problem.
Thanks, Amit Sharmahello frnds....
still expecting your views.... -
I am from India using my iphone4 with Vodafone and firmware version 5.0.1(9A405). I am unable to access 3G from my device as the CELLULAR DATA NETWORK option in the settings is missing. Any methods or options for fixing the same????
I am from India using my iphone4 with Vodafone and firmware version 5.0.1(9A405). I am unable to access 3G from my device as the CELLULAR DATA NETWORK option in the settings is missing. Any methods or options for fixing the same????
-
Unable to access my App world account after I changed my device
I changed my handheld device and have been unable to access my bb app world account ever since. I have tried to change my login details but it says that my email address is linked to another account. I don not know how to go about sorting this problem. I have purchased apps on my old device and now I am unable to access anything. I dont mind apying for it again, but I do not have another email address I can use............. PLEASE HELP!!
Try to create a new profile wit Firefox: http://support.mozilla.org/en-US/kb/Profiles If that works, just back up your data to the new profile.
-
All of a sudden I am unable to access my college email from any of my apple devices (iPhone, iPad, Macbook Pro). I am able to get access from my husband's HP windows laptop and from a Mac at the college. Any ideas?
http://support.apple.com/kb/HT5621
In short, you have a problem we can't solve.
I suggest you contact Apple support and make an appointment to get help. Expect to pay for it.
Maybe you are looking for
-
how to clean up propagation error? 1- Oracle version 9.2.0.1.0 2-I have three instance bd1, bd2, bd3 in different machines 3-The 3 instance can communicate between them via network. 4-I have setup succefully streams environnement bidirectionally betw
-
3D Tools missing Photoshop CS6 Extended
Hi gang I'm having the no 3D Tools problem on my laptop. I have the latest CS6 update installed. I'm thinking it's some video driver or card issue. Any help is much appriciated Toshiba Qosmio Latop Windows 7 Pro 4 Gig memory NVIDA G Force 9400M G
-
BOOTCAMP partition not showing up on Mac OSX after resize
Hello, I have a iMac 27" late 2013 with OSX 10.9.5 and recently I resized my bootcamp partition and reformatted the OSX partition for a clean install. After the formatting, I cannot see or access the Bootcamp partition anymore. I really don't want
-
Multi response for Async/Sync bridge.
Hi everyone! We have a scenario with Async/Sync Bridge. It is JDBC-BAPI-JDBC. So it uses 3 communication channels. Sender/Receiver for JDBC and Receiver for BAPI. Now we need to modify scenario so that it will send BAPI response not only to JDBC but
-
This might have something to do with recent Mac software updates but I can no longer print pics in '08. I get the message "No available themes" "until at least one theme has been installed this feature (printing) is not available" How did this happen