Encryption - Router

Similar Messages

• Can getvpn encrypt routing information in routing protocol?

  Hello everyone,
  We'er thinking of deploying a getvpn on a military network over a carrier vendor VPLS cloud. My concern is that can the route updates, hello packets, etc in EIGRP be encrypted so that the carrier can not see our network information? Thanks

  GETVPN is a policy based VPN, it will encrypt whatever you need it to encrypt. Whether that's desirable, that's another thing.
  As usual you can refer to GETVPN DIG
  http://www.cisco.com/c/dam/en/us/products/collateral/security/group-encrypted-transport-vpn/GETVPN_DIG_version_1_0_External.pdf
  Section 3.5.4 should be informative.

• Encrypted router help, please

  I wanted to secure my Linksys wireless router. Went through the setup procedures and all appeared fine. But my iBook won't access it, even after entering the password. I didn't try my pc on it, I just disabled the password for now till I can get it figured out.
  I used to not have neighbors but now I do and I want to make sure they don't access my home network.
  LinkSys - BEFW11S4 ver.2

  you could try this, it will keep the average computer user off your internet connection.
  log into the linksys and turn off the "broadcast SSID" option
  also turn off the encryption for now
  now on your mac click on the air port radar icon in the menu bar
  you should not see your network any more
  click on other and type in the name of your network (change it to something besides linksys if you have not already on your linksys router)
  now you should be connected, and your linksys WIFI signal will not show up on any ones computer that searches for wireless networks.
  you can go a step further in preferences/network and set this location up as a default so whenever you are in range of your home network you will automatically connect to it, no typing passwords or any of that nonsense.
  warning: no one will be able to log onto you network now unless they know the SSID which will keep people from poaching your internet connection but your not on an encrypted network so if you live next door to a hacker they may be able to intercept your wireless transmissions if they are so inclined. so you can turn encryption on to avoid this and enter the password into your keychain. you will get a pop up window and you will have to press ok to connect to your network.
  hope this helps

• Linksys WRT54G router--Why doesn't it work with my Macbook?

  I have a perfectly functional Apple MacBook (Unibody, late 2008) running Leopard 10.5.6. I have used it to connect to public Wi-Fi but it is unable to connect to my home Linksys WRT54G router. I called Apple Tech Support, and they suggested that I change the wireless channel and/or temporarily remove the WPA encryption. I did both, the computer still could not connect. In System Preferences on the MacBook, it tells me that "AirPort does not have an IP address and cannot connect to the internet." The tech support guy tried to help, but in the end basically told me that the router just plain might not be compatible with Apple products. (My iPod Touch cannot connect either.)
  I can buy a new router, but this one works perfectly for the rest of the computers in the house (PCs) and they're expensive--and there's no guarantee that those will work either.
  So: Does anyone know any solutions short of buying a new router that would make my Linksys compatible with my Macbook AND our home PCs? Or, failing that, a good, WPA-encrypted router that WILL work with both?
  I have a Snow Leopard disk (I just received the computer on Thursday). Would upgrading to Snow Leopard be of any help? I'm planning on doing it anyway one of these days.
  Many thanks in advance,
  Sola Gratia

  You are in the wrong forum but I'll try and help anyway. That model of Linksys router has a long history of not getting along with Apple products. That is not to say it will never work, but it does require that you download and install the latest firmware for the exact model of router that you have. There are multiple sub-models of that router so make sure that you get the right one.
  Once you have done the firmware update, restart your router and try it again. WPA-psk should work but for troubleshooting purposes, turn off encryption and see if you can get your MacBook and touch working. You might want to use WPA2-psk instead of WPA.
  I would hold off on Snow Leopard until you get WiFi working. Nothing like changing to too many things at one time to really mess things up.

• PC to cable port of AExpress, AE wireless to internet router - possible?

  After I finally got with the help of this forum my "standard" encrypted connection from itunes to my stereo via an AE working, I'd like to do following:
  * Internet connected router
  * One PC with itunes (attached to router), feeding music to the AE
  * AE (wireless, of course connected to router) as sort of a relay station for other wireless PCs, but, more interesting, cable bound via it's ethernet port (for a non-wireless computer).
  Have tried to do the setup without thinking of the ehternet port, but now my router can't find the AE (resp. the AE can't find the (encrypted) router).

  Well, in the faqs I found the answer to my question in part:
  Yes, it is possible, one sets up the station as a remote station and thus it works for wired clients as well.
  But now the question is - how??? That is not clearly answered in the faq that I found.
  I am using the AirPort Admin utility under windows.
  Any tips/comments on the steps to use with this program?

• Photosmart C4580 on encrypted university network: change static IP to DHCP

  My HP Photosmart C4580 All-in-One works beautifully as a wireless printer on small networks such as my home network that goes through one WEP encrypted router.  However, neither myself nor the HP support person I spoke with over the phone can get my printer to connect to my HP dv5-1235dx PC (Vista operating system) through my college's wireless network.  The network is encrypted (I do not know if it is WEP, WPA, or something else), and does have several visible SSIDs from where my printer is because there are several routers in the building, adding to the complexity of the issue.
  The crux of the problem is:  I called the school's IT support and they said that I need to change the printer from a static IP to a DHCP but they do not provide support for wireless printers and therefore cannot do this for me. HP support was unable to help me do this when I called them.
  Is there a way I can do this if I do not have administrative privileges on the network and obviously did not set up the network?  I am not sure whether or not I am allowed to access the router I am closest to to do things such as cycle the power to it.
  Thank you!

  I think you are out of luck without admin access to the network.
  Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
  I am employed by HP

• Custom routing agent based on sender's security group and subject

  I made a custom routing agent that routes mails contains the word [encrypt] in the subject and sent from domain test.com
  The part of the code is
  if (e.MailItem.FromAddress.DomainPart.Contains("test.com")
                  && e.MailItem.Message.Subject.Contains("[encrypt]"))
  now what i need is to route mails based on the membership of a certain security group like "securemail" not the whole domain. ie if the sender is a member in security group (securemail) and the subject contains the word [encrypt] route the mail
  Thanks

  Thanks for your answer Glen
  The following  code is on exchange 2010 but i need it to check for a security group membership if possible
  using System;
  using System.Collections.Generic;
  using System.Linq;
  using System.Text;
  using Microsoft.Exchange.Data.Transport;
  using Microsoft.Exchange.Data.Transport.Email;
  using Microsoft.Exchange.Data.Transport.Smtp;
  using Microsoft.Exchange.Data.Transport.Routing;
  using Microsoft.Exchange.Data.Common;
  namespace RoutingAgentOverride
      public class SampleRoutingAgentFactory : RoutingAgentFactory
          public override RoutingAgent CreateAgent(SmtpServer server)
              RoutingAgent myAgent = new ownRoutingAgent();
              return myAgent;
  public class ownRoutingAgent : RoutingAgent
      public ownRoutingAgent()
          //subscribe to different events
          base.OnResolvedMessage += new ResolvedMessageEventHandler(ownRoutingAgent_OnResolvedMessage);
      void ownRoutingAgent_OnResolvedMessage(ResolvedMessageEventSource source, QueuedMessageEventArgs e)
          try
              // For testing purposes we do not only check the sender address but the subject line as well
              // If the subject contains the substring "REDIR" then the default routing is overwritten.
              // Instead of hard-coding the sender you could also perform an LDAP-query, read the information
              // from a text file, etc.
              if (e.MailItem.FromAddress.DomainPart.Contains("contoso.com")
                  && e.MailItem.Message.Subject.Contains("[encrypt]"))
                  // Here we set the address space we want to use for the next hop. Note that this doesn't change the recipient address.
                  // Setting the routing domain to "nexthopdomain.com" only means that the routing engine chooses a suitable connector
                  // for nexthopdomain.com instead of using the recpient's domain.
                  RoutingDomain myRoutingOverride = new RoutingDomain("nexthopdomain.com");
                  foreach (EnvelopeRecipient recp in e.MailItem.Recipients)
                      recp.SetRoutingOverride(myRoutingOverride);
          catch // (Exception except)

• WRE54G v1 will not configure

  After trying all sorts of thing to get my 54G v1 RE configured, I came to this site. After going thru alot of ??'s, I found that I had tried them all except pushing the RESET and AUTO CONFIG at the same time, so tried that. It not only RESET the normal settings, it also CHANGED the MAC address. The orig MAC was 00-12-17-7b-be-f7, now it's 00-90-4c-60-04-00, how is this possible? I have tried to configure this v1 RE with the v1 software and I have never gotten past the SEARCH for a RE, it has never found it. I already have a v2 in use, (I'm trying to chain them) and if I use the v2 software, I can get all the way thru to the CONGRATS screen. Even tho' I get thru the set-up and the lights work like they should, I can not get past the v1 RE. I have tried to configure it to the router and also to the v2 RE, both come out the same. I have tried to configure to an unencrypted router, same results. I have also tried to go thru the web based set-up, but as I have never been able to ping the v1 RE, I can not use the web based. I have tried to leave the IP/SUBNET/GATEWAY address's in the default (reset) #'s and also trying #'s to correlate with my other RE and router, no difference. I think that covers everything, anybody have ideas? I wasn't confused until the MAC address got changed, now I don't know what to think. THANKS FOR YOUR TIME.

  OK, I'm not sure if I missed understood previous instructions or what, but I now have this REv1 working. I tried doing what I do for my REv2 but over the wireless card and couldn't get the REv1 working correctly. I tried configuring it to the encrypted router that I'm on and also to the REv2 that I am using. I tried configuring it to a different router that wasn't encrypted, but still couldn't get on-line. I WAS able to get thru the set-up Wizard only once after doing a "factory" reset, and that with my v2 software. If I used the v1 software or tried to configure the REv1 with the v2 software without re-setting, the software NEVER found a WRE54G to configure. When I was able to get thru a config, the lights would work correctly, a blinking blue light for activity and a red for no signal, etc, but was never able to get anywhere. I was NEVER able to get to the web-based set-up page even trying the /backdoor.asp, it would never ping and the arp -a log would be all wrong, (the router MAC was all 0's). Since I had always figured it should be configured into/with the other RE and router, I kept trying to go that route. Well this is what I finally did to get the REv1 working. I set-up the equipment like this; router---->REv2------>me------->REv1 I left my wireless card's IP/SUBNET/Gateway etc address's as they are for normal use thru the REv2/router. *I did a "factory" reset on the REv1 *I started the v2 software and did the normal steps, *confirmed my wireless connection/address, ( NORMAL configuration) *entered my WEP 128bit password *when the REv1 was found, clicked yes *entered (admin) on the PASSWORD screen here is where things are different from a normal configuration *I set the IP address for the REv1 from 192.168.1.240 to 1 number less then the IP address of the REv2, (in my case it was 192.168.5.97). *I then set the GATEWAY from 192.168.1.1 to the REv2 IP address (192.168.5.98). I'm not positive on this order but, *When the screen came up that asked for the MAC address of the AP, (v1 only), I entered the MAC for the REv2. (this screen didn't always come up, but I entered that address every time). *finished running the set-up Wizard. I wasn't too hopeful after all the tries that I had done, but to my surprise, I was finally able to get on-line, ping the REv1, get to the web-based page and have the REv1 show up in the arp -a log. I had never tried to change the GATEWAY address to anything but the router's IP address and even tried leaving it at 192.168.1.1, but then it struck me that if I give the REv1 the MAC address for the REv2, I should set the GATEWAY to the REv2 IP address. So, I believe the main problem I had was the setting of the GATEWAY in the REv1 set-up. Even tho' I tried the auto-config to a "open" router, I just was not able to get "inside"/thru the REv1 until I set the GATEWAY to the REv2's IP address. this is my final set-up/use router------>REv2------>REv1------>me I still don't know why configuring it to a unencrypted router either with the AUTO CONFIG, the set-up WIZARD or why I couldn't access it through the web based even after running the v2 software Wizard with the "open" router, all I know is that what I did above worked, not only once, but twice (I did a Firmware update after the first and had to do it for a second time). Maybe this will help others kenya61

• Avast 2015

  Looks like avast! has just released avast! 2015 .   They are continuing to use the year for the "version" number (rather than calling it "avast 10" [although internally, it's 10.0.2206]).
  I have NOT yet tested this product... we'll see when I get around to it.   Even though this is an "official" release [i.e., no longer in beta], I would suggest people wait a few weeks, until this new product is fully tested (unless you're intentionally "playing with it" on a non-essential "test box", just to see what happens).
  Here is the list of major changes/improvements (copied/pasted from https://forum.avast.com/index.php?topic=157515.0 )
  • HTTPS scanning
  Ability to detect and decrypt TLS/SSL protected traffic in the Web-content filtering component. This feature will protect you against viruses coming through HTTPs traffic as well as adding compatibility for SPDY+HTTPS/ HTTP 2.0 traffic. You can tune/disable this feature in the settings section.
  • AVAST NG (Next Generation technology)
  A hardware based virtualization solution capable of running each Windows process in standalone safe virtualized environment (VM) and fully integrated to your desktop. Each process is executed in its own instance of VM, which means totally isolated from your other applications. This feature is now powering the Avast DeepScreen, resulting in better detection. Avast NG requires HaredWare virtualization enabled.
  • SecureDNS (this feature is active in the paid versions only)
  A new provider which guards against unprotected DNS/DNS hijack on a router/client (including unsecured networks, public ones, etc.).
  • Home Network Security
  Scan your home network for vulnerabilities (wifi status, connected devices, router settings, factory passwords, etc.). It helps to discover potential problems not isolated on the particular device only, but in the entire network of devices you use or connect to the Internet from.
  • Smart Scan
  Integrated all on demand scans into one (Antivirus, Software updates, Home Network, GrimeFighter). One scan, different results and recommendations.
  • GrimeFighter Free
  GrimeFighter will offer free cleaning of junk files and tuning of system settings. These tasks are performed by our Zilch and Torque minions. Other minion functions remain as paid-for features.
  • New Support System
  Easy contact for paid users to submit a ticket with all info included automatically. Improved knowledge base for free users. Help is completely online and is more up to date.
  • General bugfixing
  This covers a lot of stability & performance changes in all components (but the main focus was traditionally on the network & engine components).
  It should be possible to install this version on top of your existing avast! installation (all settings should be preserved). Or you can use in-product updater.
  But to play it absolutely safe, you should BACKUP your existing settings before installing the new version, so that you'll be able to IMPORT them if needed/desired.

  I've finally decided to give avast 2015 a chance, on my secondary (WinXP) system.
  First, I backed-up all my customized settings by opening the Avast User Interface / Settings / General / Settings Backup / Back up settings.
  I downloaded Avast 2015 build 2208 from MajorGeeks... I felt more comfortable using their download, than going through Avast itself... which redirects you to CNet [which has a bad reputation for "questionable" installers including extra PUPs] :-(
  I then went offline, to run the installer... I didn't want to be online, as I'm not sure how protected I'd be during the installation process.
  I made sure to DE-select the two Google/Chrome pre-checked options, and go for a CUSTOM installation.
  I DE-selected Secure Line (which, to the best of my understanding, is a PAID service), and Grime Fighter (which I believe is just a bunch of garbage I don't want on my system).   Since this was an XP system, Avast recognized that:  it automatically removed mention/choice of the Avast "Gadget", as well as NG, the "Next-Generation" which requires hardware virtualization that's not part of my ancient XP system.   I  allowed the new Home Network Security... I'm curious to see what, if anything, that will find.
  I noted the EULA, and continued with the installation.   An Avast icon appeared on my desktop... and a reboot was required to complete Avast's installation.
  I opened avast's User Interface, to RESTORE the customized settings I had previously backed-up.   (I did NOT take time to investigate... it's possible they might have been properly transferred/imported... I just didn't want to risk things).   I rebooted the system to make sure these would be fully acknowledged.
  Looking at the tabs on the left, the STATUS tab (from 2014) has been renamed as OVERVIEW (in 2015).   Several other tabs/functions on the left --- as well as under SETTINGS --- were renamed/combined.  
  Observation:   The Overview screen contains a "mysterious" new karma link toward the upper-right.   According to a poster in the avast forum:   "This is new in Avast 2015, you collect Karma [rewards] points [and badges] by using features of Avast, [like] installing Mobile security on your Android devices, posting on the forum, &etc.   It's planned that you can get 'swag' with these points, like free licenses maybe, or other stuff". 
  I checked out most of the SETTINGS to make sure they were as I wished... including importing all the customized settings from the previous version.   My registration was successfully carried-over as well.
  At this point, I allowed the system back online, updated the definitions, and performed a FULL system SCAN.   Surprisingly, this took only 10 1/3 minutes (including [an optional] scan for PUPs):  17.4 Gig of data, consisting of 77,510 files in 4523 directories.   [As expected, no problems were found.]
  I then tried the new HOME NETWORK SECURITY scan.   This scanned my Network and Router... very quickly (about half a minute), and pronounced everything secure:   Wireless secure (=encrypted), Router configured correctly, and my devices are NOT visible from the Internet
  By the way, a SMART SCAN (available from the SCAN tab) is a simple way to have avast run all the types of installed scans:   a virus scan, a software-updater scan, AND a home network scan [and Grime Fighter, if that module was installed]; which again showed no problems.
  Internet access is working, in IE, FF, PaleMoon & OutLook Express, including access to secure httpS:// sites.
  All-in-all, a good experience so far (with the exception of the "karma" nonsense).
  Finally, stress again that I have NOT tested avast's NG (Next Generation) hardware virtualization technology, since this feature is not available on XP.   This component seems to be one of the more problematic added to the new 2015 version, so anyone installing/testing it is still on their own.   I intend to wait a while longer before installing avast 2015 on my primary Win7 system.

• ASA v9.0.1 and ASDM v7.0.1 released

  Looks like v9 is now out...
  http://www.cisco.com/en/US/docs/security/asa/asa90/release/notes/asarn90.pdf
  Regards Simon
  http://www.linksysinfo.org       

  Thanks for spreading out the good news Simon.
  People interested in these two releases can find them here.
  ASA 9.0.1 and ASDM 7.0.1
  Important points to consider before an upgrade to 9.0:
  ASA and ASDM Compatibility
  ASA OS
  ASDM
  ASA Model:
  ASA 5505
  ASA 5510, 5520, 5540
  ASA 5550
  ASA 5580
  ASA 5512-X, 5515-X,   5525-X, 5545-X, 5555-X
  ASA 5585-X
  ASASM
  ASA 1000V
  ASA 9.0(1)
  ASDM 7.0(1).
  YES
  YES
  YES
  YES
  YES
  YES
  YES
  No
  Limitations and Restrictions
  •Clientless SSL VPN with a self-signed certificate on the ASA—When the ASA uses a self-signed certificate or an untrusted certificate, Firefox 4 and later and Safari are unable to add security exceptions when browsing using an IPv6 address HTTPS URL (FQDN URL is OK): the "Confirm Security Exception" button is disabled. See: https://bugzilla.mozilla.org/show_bug.cgi?id=633001. This caveat affects all SSL connections originating from Firefox or Safari to the ASA (including clientless SSL VPN connections, and ASDM connections). To avoid this caveat, configure a proper certificate for the ASA that is issued by a trusted certificate authority. For Internet Explorer 9 and later, use compatibility mode.
  •Citrix Mobile Receiver and accessing Virtual Desktop Infrastructure (VDI):
  –CSD is not supported.
  –HTTP redirect is not supported.
  –Using Citrix Receiver mobile clients to access web interface of Citrix servers is not supported.
  –Certificate or smart card authentication is not supported as a means of auto sign-on.
  –You must install XML service and configure on XenApp and XenDesktop servers.
  –Make sure the ports 443, 1494, 2598, and 80 are open on any intermediate firewalls between the ASA and the XenApp/XenDesktop server.
  –The password-expire-in-days notification on tunnel group that is used by VDI is not supported.
  •When configuring for IKEv2, for security reasons you should use groups 21, 20, 19, 24, 14, and 5. We do not recommend Diffie Hellman Group1 or Group2. For example, use
  crypto ikev2 policy 10
  group 21 20 19 24 14 5
  As always make sure you are familiar with the upgrade procedure Upgrading the Software.
  Important Notes
  •Downgrading issues—Upgrading to Version 9.0 includes ACL migration (see the "ACL Migration in Version 9.0" section). Therefore, you cannot downgrade from 9.0 with a migrated configuration. Be sure to make a backup copy of your configuration before you upgrade so you can downgrade using the old configuration if required.
  •Per-session PAT disabled when upgrading— Starting in Version 9.0, by default, all TCP PAT traffic and all UDP DNS traffic use per-session PAT (see the xlate per-session command in the command reference). If you upgrade to Version 9.0 from an earlier release, to maintain the existing functionality of multi-session PAT, the per-session PAT feature is disabled during configuration migration. The ASA adds the following deny rules:
  xlate per-session deny tcp any4 any4
  xlate per-session deny tcp any4 any6
  xlate per-session deny tcp any6 any4
  xlate per-session deny tcp any6 any6
  xlate per-session deny udp any4 any4 eq domain
  xlate per-session deny udp any4 any6 eq domain
  xlate per-session deny udp any6 any4 eq domain
  xlate per-session deny udp any6 any6 eq domain
  To enable per-session PAT after you upgrade, enter:
  clear configure xlate
  The above deny rules are cleared so that only the default permit rules are still in place, thus enabling per-session PAT.
  •No Payload Encryption for export—You can purchase some models with No Payload Encryption. For export to some countries, payload encryption cannot be enabled on the Cisco ASA 5500 series. The ASA software senses a No Payload Encryption model, and disables the following features:
  –Unified Communications
  –VPN
  You can still install the Strong Encryption (3DES/AES) license for use with management connections and encrypted route messages for OSPFv3. For example, you can use ASDM HTTPS/SSL, SSHv2, Telnet and SNMPv3. You can also download the dynamic database for the Botnet Traffic Filer (which uses SSL) and redirect traffic to Cloud Web Security.
  More information at:
  Release Notes for the Cisco ASA Series, 9.0(x)
  HTH.
  Portu.
  Please rate any helpful posts

• Setting up Telnet

  I am trying to setup Telnet on my Cisco 2900 Series K9.  I have read a bunch of articles to see if what I am doing wrong.  All the articles are pretty much the same thing:
  Router>enable
  Router#configure terminal
  Router(config)#enable secret password
  Router(config)#service password-encryption
  Router(config)#line vty 0 4
  Router(config-line)#password password
  Router(config-line)#login
  I have done this a bunch of times and still receive the error could not open connection to the host on port 23 connect failed.  Here is my show line:
     Tty Line Typ     Tx/Rx    A Modem  Roty AccO AccI  Uses  Noise Overruns  Int
  *     0    0 CTY              -    -      -    -    -     0      0    0/0      -
        1    1 AUX   9600/9600  -    -      -    -    -     0      0    0/0      -
        2    2 TTY   9600/9600  -    -      -    -    -     0      0    0/0      -
      644  644 VTY              -    -      -    -   23     0      0    0/0      -
      645  645 VTY              -    -      -    -   23     0      0    0/0      -
      646  646 VTY              -    -      -    -   23     0      0    0/0      -
      647  647 VTY              -    -      -    -   23     0      0    0/0      -
      648  648 VTY              -    -      -    -   23     0      0    0/0      -
      649  649 VTY              -    -      -    -   23     0      0    0/0      -
      650  650 VTY              -    -      -    -   23     0      0    0/0      -
      651  651 VTY              -    -      -    -   23     0      0    0/0      -
      652  652 VTY              -    -      -    -   23     0      0    0/0      -
      653  653 VTY              -    -      -    -   23     0      0    0/0      -
      654  654 VTY              -    -      -    -   23     0      0    0/0      -
      655  655 VTY              -    -      -    -   23     0      0    0/0      -
      656  656 VTY              -    -      -    -   23     0      0    0/0      -
      657  657 VTY              -    -      -    -   23     0      0    0/0      -
      658  658 VTY              -    -      -    -   23     0      0    0/0      -
      659  659 VTY              -    -      -    -   23     0      0    0/0      -
  Line(s) not in async mode -or- with no hardware support:
  3-643
  Here is my vty 0 4 :
  line vty 0 4
   access-class 23 in
   privilege level 15
   password password
   login local
   transport input telnet
   transport output telnet ssh
  Any ideas whats wrong?  Thanks!

  the first thing that pop out for me is the  access-class 23 in, can you try and remove that and see if it works.
  Secondly on your show line, I do not see the vty lines 0 - 4 at all, it seems they begin from 644 to 659...which is kind of weird for me. If your access-list is not blocking, I would suggest you configure your Vty line as:
  line vty 644 659
  which seems odd but would actually resolve your issue because those are the lines available on your device.
  HTH,
  Manny.

• Problems with Broadcom wireless card after Kernel Upgrade

  After upgrading to version 2.6.39 of the linux kernel, I am having trouble with my Broadcom BCM4312 wireless card. The broadcom-wl driver no longer seems to work, even after reinstalling it from the AUR. The b43 driver seems to be able to connect to unencrypted networks, but can no longer connect to my family's WPA Personal encrypted router. Is anybody else having a similar problem?

  As I understand it my laptop has been fine and it uses broadcom-wl, and I just re-yaourt it each time my kernel version changes using a cable in my router. But I believe there is something called dkms and a version of the driver for it, which (I haven't read fully into it) is something like a separate tree, which can (from what little I've read) eliminate this need to recompile every time, however I literally read this 5 minutes ago, from the AUR page for broadcom-wl and a quick google so I wouldn't be surprised if there is more to it than that.

• IDSM2 and IPSEC-2G setup

  I'd like to have the following setup:
  -Cat6500 with IPSEC2G SPA and IDSM2, using crypto connect to IPSEC-2g internal interface
  -VPNs from remote sites terminate on VLAN number 500
  -Traffic between remote peers gets through 6500 (there is decryption and another encryption)
  -Routing to all remote sites in through the VLAN 500 (there are all routing peers connected to it), it means, that packets coming from one VPN are decrypted on IPSEC, and directed to MSFC VLAN 500. Then, are routed again through VLAN 500 and encrypted on IPSEC 2G.
  The question is: is it possible to use IDSM2 module to analyze the traffic when is after decryption and before another encryption?
  Is it possible in the inline or only promiscous mode?
  Regards,
  Krzysztof

  You can use IDSM2 to analyze the traffic you can try with Promiscous mode

• Can't connect to router through airport (problem with encryption)

  We have a small office network with several computers connected to a wireless router. A while back all the macs using airport suddenly were no longer able to connect to the internet (email still worked fine) while the windows computers on wireless and macs on lan still work fine.
  The router is using WPA personal encryption, and when using this the macs can connect to the wireless network no problems, but then they aren't able to use the internet. as i said though email still works without any problems. We spoke to the tech support at our ISP but macs aren't very common in south africa, so they just suggest we change the encryption from WPA to WEP encryption. I tried both 64 bit and 128 bit but every time i get an error saying: There was an error joining airport network. If I turn off encryption though everything works fine and the macs are able to access the internet without any problems. Anybody have any ideas what might be wrong?

  I am having the same problems since 3 days ago (Imac core 2 duo 20" 2,16). I think it was after the 10.4.10 upgrade.
  I haven't tested if I can connect an open network (without encryption).
  I can't connect to internet using the wifi network... sometimes, i can't even locate the SSID's network.
  Even using windows xp with bootcamp i can't use the network, so it's really strange. This can only be firmware/hardware... cause XP on my mac was able to connect and now it can't too. I tried with other computers (notebook) and i can connect without problems.
  Have you solved this issue ?
  Anyone can help?
  Joao Oliveira

• Problem connecting wirelessly from iMac to NETGEAR router, get invalid password message with WPA and WPA-2 encryption in place but if I remove them, so no security, can connect without a problem. Help!!

  Problem connecting wirelessly from iMac to NETGEAR router, get invalid password message with WPA and WPA-2 encryption in place but if I remove them, so no security, can connect without a problem. Help!!

  Thank you for your suggestion but I have already had a couple of phone sessions with NETGEAR support and they don't see any problems with the router settings etc. They referred me to Apple support, who helped me discover that it is possible to communicate with the router but only if I turn off the encryption/security software, which I don't want to do. The frustrating thing is that I can connect wirelessly from a laptop running Windows 7 and two Anroid smart phones, with WPA-2 in place, without a problem. Do you have any other ideas?