Help with IPSEC? Can you apply crypto map to SVI?

Similar Messages

• I need help with website can you please

  Need help
  Message was edited by: Liam Dilley - Phone number in here is a bad idea

  Hi,
  I removed your phone number as you will just get cold called
  BC support does not call you for help and people here can help you here. Just saying "need help" is not much use though, we need to know what kind of help you need.

• HT1212 ipod touch has been disabled and says connect to itunes can't get any help with it can you please help

  My son has an IPOD touch 16gb he changed the password and then forward the sequence of numbers as a result its disabled and says connect to ITunes

  See my response to your other post

• Can you give me some reasons about why I need to buy an iPod touch 5.Although I have the iPhone ,iPod nano, iPad ,MacBook pro,I think the iPod touch 5 is so attractive that I can't help buying it at once.If I have it,what I can do with it,can you tell me?

  can you give me some reasons about why I need to buy an iPod touch 5.Although I have the iPhone ,iPod nano, iPad ,MacBook pro,I think the iPod touch 5 is so attractive that I can't help buying it at once.If I have it,what I can do with it,can you tell me?

  All I can say is that I REALLY like my Touch 4th gen because I have all sorts of capabilities in a small form: e-mail, web browsing, news, weather, books, magazines, etc. etc.  Plus lots and lots of apps out there, including so many free ones.  I use the Cloud a lot so it's great to have everything sync'd to my MacBookPro (e-mail, Evernote, Pocket, etc.)
  It would be easier, though, to do some of this, especially magazines, on the iPad mini, but, again, I love the small size of the Touch. 
  As for the 5th gen instead of the 4th, the fifth has Siri and the 3D feature in maps, which are great.  And I'm sure it's a lot faster in iOS 6 than the 4th gen.  And cool colors! 
  Don't know if this helps . . .

• Can I enter crypto map command on an ethernet interface(LAN)

  Hi Friends,
  I am establishing VPN tunnel through Internet. I have the public address configured on Ethernet interface of router connecting the LAN. Can I bind the crypto map command to this inside interface and establish the VPN connectivity from this interface. Please help me providing the knowledge.

  your crypto map must be bound to outside interface.
  but you can chose which ip to use
  http://www.cisco.com/en/US/docs/ios/mwpdsn/command/reference/mwp_02.html#wp1014299
  [Pls RATE if HELPS]

• Rejecting IPSec tunnel: no matching crypto map entry for remote proxy

  Hi!
  I have already search for this but didn't get an exact answer I'm looking for so I try asking it again (if there is the same question).
  I'm in process of migrating some VPN tunnels with  from a Cisco router to an ASA, everything will keep the same but just the peering IP address. However, some of the tunnel was being torn down since it request for a proxy doesn't match the one configured on our side. And the remote peer said there is no such issue on the previous platform, but now they need to reset the tunnel from time to time.
  Apr 18 2013 07:29:10 asa002 : %ASA-3-713061: Group = 192.168.1.226, IP = 192.168.1.226, Rejecting IPSec tunnel: no matching crypto map entry for remote proxy 192.168.1.226/255.255.255.255/0/0 local proxy 10.10.9.81/255.255.255.255/0/0 on interface outside
  Apr 18 2013 07:29:10 asa002 : %ASA-3-713902: Group = 192.168.1.226, IP = 192.168.1.226, QM FSM error (P2 struct &0x745e9150, mess id 0x8d7ad777)!
  Apr 18 2013 07:29:10 asa002 : %ASA-3-713902: Group = 192.168.1.226, IP = 192.168.1.226, Removing peer from correlator table failed, no match!
  The remote peer said they did not change the proxy id on their side so it is possibly the old platform will just not setting up the SA without torn down the tunnel while the ASA on the new platform will torn down if there is any mismatch.
  Anyway I have requested the remote side to remove those unmatched entried to avoid the tunnel being torn down, but if there any configuration that is related to this issue? i.e. Just bring up the SA with matched addresses and ignore others, instead of torn down the tunnel.
  Thanks!!
  //Cody

  Are you trying to send traffic destined towards the internet from 172.16.0.0/20 via this ASA as well? why? are you inspecting those traffic before being sent out to the internet?
  If so, this end also needs to be configured with "any" as well --> crypto ACL needs to mirror image.
  access-list outside_1_cryptomap extended permit ip any 172.16.0.0 255.255.240.0
  Then you also need NAT on the outside interface, otherwise, traffic from 172.16.0.0/20 is not PATed to a public IP, and won't be able to reach the internet:
  nat (outside) 1 172.16.0.0 255.255.240.0

• Rejecting IPSec tunnel: no matching crypto map entry for remote proxy on interface outside.

  Hi,
  I have read a problem where the VPN between an ISP and ourselves started dropping sessions. I have rebuilt the crypto map and tried to dig deeper into my config and some basic troubleshooting while I await the ISP to respond.
  Any ideas?
  Thanks Steve
  https://supportforums.cisco.com/thread/255085
  http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00807e0aca.shtml#solution10
  5 Jun 13 15:46:25 713904 IP = 209.183.xxx.xxx, Received encrypted packet with no matching SA, dropping
  4 Jun 13 15:46:25 113019 Group = 209.183.xxx.xxx, Username = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, Session disconnected. Session Type: IKE, Duration: 0h:00m:00s, Bytes xmt: 0, Bytes rcv: 0, Reason: crypto map policy not found
  3 Jun 13 15:46:25 713902 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, Removing peer from correlator table failed, no match!
  3 Jun 13 15:46:25 713902 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, QM FSM error (P2 struct &0xda90f540, mess id 0x76c09eb7)!
  3 Jun 13 15:46:25 713061 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, Rejecting IPSec tunnel: no matching crypto map entry for remote proxy 172.16.0.0/255.255.240.0/0/0 local proxy 0.0.0.0/0.0.0.0/0/0 on interface outside
  5 Jun 13 15:46:25 713119 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, PHASE 1 COMPLETED
  6 Jun 13 15:46:25 113009 AAA retrieved default group policy (DfltGrpPolicy) for user = 209.183.xxx.xxx
  6 Jun 13 15:46:25 713172 Group = 209.183.xxx.xxx, IP = 209.183.xxx.xxx, Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end is NOT behind a NAT device

  Are you trying to send traffic destined towards the internet from 172.16.0.0/20 via this ASA as well? why? are you inspecting those traffic before being sent out to the internet?
  If so, this end also needs to be configured with "any" as well --> crypto ACL needs to mirror image.
  access-list outside_1_cryptomap extended permit ip any 172.16.0.0 255.255.240.0
  Then you also need NAT on the outside interface, otherwise, traffic from 172.16.0.0/20 is not PATed to a public IP, and won't be able to reach the internet:
  nat (outside) 1 172.16.0.0 255.255.240.0

• Can you apply the Rotate Spreads Feature?

  Hello,
  Hope someone can help me...
  In Indesign CS5 you can rotate the spreads and this then gives you the arrow icon next to the spread to indicate that it's a rotated view; what i'm trying to do is apply that rotated spread so it's not just the view, it is actually how the document is - is this possible? and if so how??
  (what i'm trying to do is turn the last 100pages (50 spreads) of a 200page book upside down without having to re-layout all the artwork etc)
  Hope someone can help?!
  Thanks!

  Hi,
  Thanks for the info - my plan (for this one) is to order the pages as needed and rotate afterwards in acrobat; it's what i was going to do before i thought, can you apply rotations!? It isn't ideal as there's a slight offset needed for the bleeds and alignment so the hanging points etc will differ in the 2 setions (it won't really be noticeable but I'm one of those fussy designers!) and i was going to use it as a template for some other work I'm doing but it's no problem - just wont change my mind next time. It was more a question of can it be done as I think it'd be useful.
  Thanks for all the advice

• One question I am looking for help with is, when you hit the history button I want my last fifty pages to show up instead of just fifteen. Is it possible to

  one question I am looking for help with is, when you hit the history button I want my last fifty pages to show up instead of just fifteen. Is it possible to change that setting?
  TY

  The History menu can only show that fixed maximum of 15 as that is hard coded.
  Maybe this extension helps:
  *History Submenus Ⅱ: https://addons.mozilla.org/firefox/addon/history-submenus-2/

• Regarding receiving texts as emails:  Can you apply this setting to one individual? I want to continue to receive texts from everyone else except one person!

  Regarding receiving texts as emails:  Can you apply this setting to one individual? I want to continue to receive texts from everyone else except one person!

  Don't want to block the person, just have all his texts going directly to my email so that I can maintain a continuous record of his text contacts (rather than remain in text form).
  It appears that I must select an option that makes ALL texts go to email, which I'd prefer not doing.

• Can you apply a pathfinder effect to a mesh object

  can you apply a pathfinder effect to a mesh object

  You can apply it, but it might not make too much sense.

• In cf9 cflayout type=accordion can you apply stylesheet

  in cf9 cflayout type=accordion can you apply stylesheet

  You can use the "style" property to ad CSS style specification that defines layout styles
  Same go for each of the CFLAYOUTAREA.

• For iphone users with att, can you block incoming texts all together? After paying $20 for data i dont want to pay as i go/pay more for texts

  For iphone users with att, can you block incoming texts all together? After paying $20 for data i dont want to pay as i go/pay more for texts

  SMS is exchanged over the same network as calls - no data involved.
  MMS requires data.
  iMessage requires the same as email - internet access via an available wi-fi network or via your carrier's cellular data network.
  You can disable SMS/MMS altogther with your account by requesting this with AT&T. You can turn iMessage off unless your iPhone is connected to an available wi-fi network.

• I want BBM on my ipad, if anyone has it on an ipad mini with wifi, can you please help me?x

  Well, I have been excited by the idea that BBM is available for me on an apple product. So as I pressed install in the App Store, it said I am not compatible to get BBM. If anyone does have it on their ipad mini with wifi ( model number A1432 ) Can you please respond on how I can? Thanks :) x

  While the Instagram App doesn't show when searching for iPad specific Apps, it does show as being compatible with the iPad when searching.
  https://itunes.apple.com/ca/app/instagram/id389801252?mt=8

• Having problems with this, can you help?

  Hello everyone, I'm currently making a j2me game, I'm still a newbie to it tho.
  I'm currently making the splash screen and I've followed a tutorial and intended to make my own, problem now is that there is something wrong with the code and is not working as I thought it would. Can you guys check what's wrong with my code? And please advise me on what's wrong and how do I fix it. Thanks alot. The code is below. The Sscreen.java is the one responsible for making and showing the splash screen while the Main.java is the main midlet and calls Sscreen.java.
  // Sscreen.java
  import java.util.Timer;
  import java.util.TimerTask;
  import javax.microedition.lcdui.*;
  public final class Sscreen extends Canvas
       private Display dis;
       private Displayable nxt;
       private Timer tmer;
       private Image im;
       public Sscreen(Display dis,Displayable nxt,Image im)
            tmer=new Timer();
            this.dis=dis;
            this.nxt=nxt;
            this.im=im;
            dis.setCurrent(this);
       private void dismiss()
            tmer.cancel();
            dis.setCurrent(nxt);
       protected void keyPressed(int keyC)
            dismiss();
       protected void paint(Graphics g)
            g.setColor(0x00000000);
            g.fillRect(0, 0, getWidth(), getHeight());
            g.setColor(0x00000000);
            g.drawImage(im,getWidth()/2,getHeight()/2-5,3);
       protected void showNotify()
            tmer.schedule(new Counter(), 3000);
       private class Counter extends TimerTask
            public void run()
                 dismiss();
  // Main Class
  import javax.microedition.lcdui.*;
  import javax.microedition.midlet.*;
  public class Main extends MIDlet
       private Display dis;
       private Image im;
       private boolean Splash=true;
       public Main(){}
       protected void destroyApp(boolean arg) throws MIDletStateChangeException {
            notifyDestroyed();     
       protected void pauseApp() {     }
       protected void startApp() throws MIDletStateChangeException {
            dis=dis.getDisplay(this);
            if(Splash)
                 Splash=false;
                 try
                      im=Image.createImage("/bg.png");
                      new Sscreen(dis,new Temp(),im);
                 catch(Exception e)
                      System.out.println("Prob 2");
       class Temp extends Form implements CommandListener
            private Command exitCommand = new Command("Exit", Command.EXIT, 1 );
            public Temp()
                 super("Main");
                 addCommand( exitCommand );
       setCommandListener( (CommandListener) Main.this );
            public void commandAction(Command arg0, Displayable arg1) {
                 notifyDestroyed();
  }

  i think problem is here
  *setCommandListener( (CommandListener) Main.this );*instead use
  setCommandListener(this );