Individual Programs using VPN / Which VPN Software
Hi All,
I have two questions.
First of all I would like to know which is the best solution to connect to VPN. I've been using the build in VPN client of MacOS for over 5 Months but with so many alternative programs popping up, I wonder whether there is (it at all) a better alternative available?
My second question is related to how VPN works in MacOS. I would like to set up individual programs to (dynamically - if avaliable) use the VPN whereby others simply keep using the non VPN connection.
How can I make this work?
Thanks in advance,
Franz
Uninstall Virus Barrier.
How to:
uninstall virusbarrier
You can run EtreCheck to find out about other apps installed.
EtreCheck: https://discussions.apple.com/docs/DOC-6173
Similar Messages
-
Connect to server using VPN and router, then 3rd party software hangs
I connect to my employer server using *Apani Contivity VPN* software to get email, accessing the internet with FireFox and any of the following devices *NetGear RP614v3, Linksys BEFSR41* routers, as well as a *Belkin F5D5131-5* switch. I can connect to the internet and log onto the company server. Then I spuraticly, but persistently, have *software hangs when I try to open the software or execute a save when using: Text Edit, MS Entourage, Quark, Adobe Photoshop and Bridge*. I use one of 2 Macs in a company of PCs and the other Mac user does not have these problems. Help.
Hi, and a warm welcome to the forums!
Done these two lately?
Using Disk Utility in Mac OS X 10.4.3 or later to verify or repair disks...
http://docs.info.apple.com/article.html?artnum=302672
About Disk Utility's Repair Disk Permissions feature...
http://docs.info.apple.com/article.html?artnum=25751
Reboot needed if many Permissions are fixed, and possibly reapply latest Combo Update also. -
Using other VPN software to connect to FON or Open...
Presumably it's possible to use other VPN software other than the BT-supplied Cisco VPN to connect to wireless hotspots - are there any FAQs or Howtos on how to do this?
Gordonbp wrote:
Presumably it's possible to use other VPN software other than the BT-supplied Cisco VPN to connect to wireless hotspots - are there any FAQs or Howtos on how to do this?
I installed sipdroid on my new Desire Z. It works like a charm: a kind person called Ewan produced an instruction for doing it, but Murphy's Law dictates I binned it only yesterday If no-one picks up on this and posts a link to the original instruction I'll try reconstructing it.
John -
I use VPN to link a server machine in the OAF(JDeveloper 10).
But I run the HelloWorldPG.xml, +there are no IE page to pop to display.
And then throw a error message (connection timed out) in the consoles.
In the meantime, I have set "Specify Host Name" to VPN IP in the Embedded OC4J Server Perferences.
What's the reason, and how to solute it, Ths.
Edited by: Sumury on May 27, 2013 2:33 PMHi,
Sometimes the connection is very slow over VPN and hence connection times our before the Page is launched. Following are some of the options which could be explored:
* If the myclass file is already there, system would not recompile all the data and go directly to OC4J server initialization. At times this is enough.
* If step 1 is not enough, you can try logging into a system where the VPN is fast (through remote login) and then run the program there.
* This option is to find another instance in your local network and deploy the finalzied code in the final environment.
Regards
Sumit -
Vpn software for connecting mac from windows
Is there VPN software availbale which I can use in windows system to connect to a mac system?
Is this for a corporate environment? I would check with your work's I.T. Dept. and find out what they are using as their VPN Server application; my employer uses Checkpoint and in the case of Checkpoint, I know that they made a free Tiger-compatible VPN client for users in addition to a Windows-compatible client that works with their enterprise-class VPN server product; I would imagine that most VPN server vendors would at least have a complementing Windows-compatible client product.
I know that Equinux makes a "third-party" VPN client called VPN Tracker for Mac platforms, that purportedly interoperates with a great number of VPN server products and fills the void where the server houses have not bothered to support Mac clients -- from prior experience I know for a fact that it worked great with one flavor of Checkpoint server, but I don't know if they make a Windows version or not. Check out equinux.com for more info on that product. -
Cannot connect using VPN client
Hi, I have a problem configuring my CISCO ASA 5515-x for VPN client. I succesfully configure AnyConnect and SSL VPN but when client using VPN Client software, they cannot establish the VPN connection. This is my configuration and attached is the error occured when connecting to the firewall. Can anyone help me solve this problem?
: Saved
ASA Version 9.1(1)
hostname ciscoasa
domain-name g
ip local pool vpn_client 192.168.2.200-192.168.2.254 mask 255.255.255.0
ip local pool vpn_250 192.168.3.1-192.168.3.254 mask 255.255.255.0
interface GigabitEthernet0/0
nameif DIGI
security-level 0
ip address 210.48.*.* 255.255.255.0
interface GigabitEthernet0/1
nameif LAN
security-level 0
ip address 192.168.2.5 255.255.255.0
interface GigabitEthernet0/2
nameif Pone
security-level 0
ip address dhcp setroute
interface GigabitEthernet0/3
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
interface Management0/0
management-only
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
ftp mode passive
clock timezone MYT 8
dns domain-lookup DIGI
dns server-group DefaultDNS
name-server 8.8.8.8
domain-name g
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network NETWORK_OBJ_113.20.*.*_24
subnet 113.20.*.* 255.255.255.0
object network NETWORK_OBJ_210.48.*.*_24
subnet 210.48.*.* 255.255.255.0
object network CsHiew
host 192.168.2.9
object network ERPServer
host 192.168.2.2
object network Giap
host 192.168.2.126
object network Jennifer
host 192.168.2.31
object network KCTan
host 192.168.2.130
object network KCTan-NB
host 192.168.2.77
object network MailServer
host 192.168.2.6
object network YHKhoo
host 192.168.2.172
object network Aslina
host 192.168.2.59
object network Law
host 192.168.2.38
object network Nurul
host 192.168.2.127
object network Laylee
host 192.168.2.17
object network Ms_Pan
host 192.168.2.188
object network Peck_Ling
host 192.168.2.248
object network Pok_Leng
host 192.168.2.36
object network UBS
host 192.168.2.21
object network Ainie
host 192.168.2.11
object network Angie
host 192.168.2.116
object network Carol
host 192.168.2.106
object network ChunKit
host 192.168.2.72
object network KKPoong
host 192.168.2.121
object network Ben
host 192.168.2.147
object network Eva
host 192.168.2.37
object network Jacklyn
host 192.168.2.135
object network Siew_Peng
host 192.168.2.149
object network Suki
host 192.168.2.61
object network Yeow
host 192.168.2.50
object network Danny
host 192.168.2.40
object network Frankie
host 192.168.2.101
object network Jamal
host 192.168.2.114
object network OcLim
host 192.168.2.177
object network Charles
host 192.168.2.210
object network Ho
host 192.168.2.81
object network YLChow
host 192.168.2.68
object network Low
host 192.168.2.58
object network Sfgan
host 192.168.2.15
object network Joey
host 192.168.2.75
object network Rizal
host 192.168.2.79
object network 190
host 192.168.2.190
object network 191
host 192.168.2.191
object network 192
host 192.168.2.192
object network 193
host 192.168.2.193
object network 194
host 192.168.2.194
object network 199
host 192.168.2.199
object network 201
host 192.168.2.201
object network 203
host 192.168.2.203
object network 204
host 192.168.2.204
object network 205
host 192.168.2.205
object network CNC214
host 192.168.2.214
object network Liyana
host 192.168.2.16
object network Aipin
host 192.168.2.22
object network Annie
host 192.168.2.140
object network Ikah
host 192.168.2.54
object network Sue
host 192.168.2.113
object network Zaidah
host 192.168.2.32
object network CKWong
host 192.168.2.33
object network KhooSC
host 192.168.2.47
object network Neexon-PC
host 192.168.2.179
object network Neexon_NB
host 192.168.2.102
object network kc
host 192.168.2.130
object network P1
subnet 192.168.2.0 255.255.255.0
object network NETWORK_OBJ_192.168.2.0_24
subnet 192.168.2.0 255.255.255.0
object network NETWORK_OBJ_192.168.2.192_26
subnet 192.168.2.192 255.255.255.192
object network NETWORK_OBJ_192.168.10.192_26
subnet 192.168.10.192 255.255.255.192
object network VPN
subnet 192.68.3.0 255.255.255.0
object network NETWORK_OBJ_192.168.3.0_24
subnet 192.168.3.0 255.255.255.0
object-group network HPTM_DIGI
network-object object CsHiew
network-object object ERPServer
network-object object Giap
network-object object Jennifer
network-object object KCTan
network-object object KCTan-NB
network-object object MailServer
network-object object YHKhoo
object-group network Inventory
network-object object Aslina
network-object object Law
network-object object Nurul
object-group network Account
network-object object Laylee
network-object object Ms_Pan
network-object object Peck_Ling
network-object object Pok_Leng
network-object object UBS
object-group network HR
network-object object Ainie
network-object object Angie
object-group network Heeroz
network-object object Carol
network-object object ChunKit
network-object object KKPoong
object-group network Sales
network-object object Ben
network-object object Eva
network-object object Jacklyn
network-object object Siew_Peng
network-object object Suki
network-object object Yeow
object-group network Production
network-object object Danny
network-object object Frankie
network-object object Jamal
network-object object OcLim
object-group network Engineering
network-object object Charles
network-object object Ho
network-object object YLChow
network-object object Joey
network-object object Rizal
object-group network Purchasing
network-object object Low
network-object object Sfgan
object-group network Wireless
network-object object 190
network-object object 191
network-object object 192
network-object object 193
network-object object 194
network-object object 199
network-object object 201
network-object object 203
network-object object 204
network-object object 205
object-group network IT
network-object object CNC214
network-object object Liyana
object-group network Skype
network-object object Aipin
network-object object Annie
network-object object Ikah
network-object object Sue
network-object object Zaidah
object-group network HPTM-P1
network-object object CKWong
network-object object KhooSC
network-object object Neexon-PC
network-object object Neexon_NB
object-group service DM_INLINE_SERVICE_1
service-object tcp-udp destination eq www
service-object tcp destination eq https
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service DM_INLINE_SERVICE_2
service-object tcp-udp destination eq www
service-object tcp destination eq https
access-list DIGI_access_in extended permit ip any any
access-list DIGI_access_in extended permit icmp any any echo
access-list LAN_access_in extended deny object-group DM_INLINE_SERVICE_2 object-group Skype any
access-list LAN_access_in extended deny object-group DM_INLINE_SERVICE_1 object 205 any
access-list LAN_access_in extended permit ip any any
access-list DIGI_cryptomap extended permit ip object VPN 113.20.*.* 255.255.255.0
access-list Pq_access_in extended permit ip any any
access-list splittun-vpngroup1 extended permit ip 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.0
access-list nonat extended permit ip 192.168.2.0 255.255.255.0 192.168.3.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
logging recipient-address aaa@***.com level errors
mtu DIGI 1500
mtu LAN 1500
mtu Pone 1500
mtu management 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-711(1).bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (DIGI,LAN) source static any interface
nat (Pone,LAN) source static any interface
nat (DIGI,DIGI) source static NETWORK_OBJ_210.48.*.*_24 NETWORK_OBJ_210.48.*.*_24 destination static NETWORK_OBJ_113.20.*.*_24 NETWORK_OBJ_113.20.*.*_24 no-proxy-arp route-lookup
nat (LAN,DIGI) source static NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.168.2.0_24 destination static NETWORK_OBJ_192.168.2.192_26 NETWORK_OBJ_192.168.2.192_26 no-proxy-arp route-lookup
nat (LAN,DIGI) source static NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.168.2.0_24 destination static NETWORK_OBJ_192.168.10.192_26 NETWORK_OBJ_192.168.10.192_26 no-proxy-arp route-lookup
nat (LAN,any) source static any any destination static VPN VPN
nat (LAN,DIGI) source static any any destination static NETWORK_OBJ_192.168.3.0_24 NETWORK_OBJ_192.168.3.0_24 no-proxy-arp route-lookup
nat (LAN,DIGI) source static NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.168.2.0_24 destination static NETWORK_OBJ_192.168.3.0_24 NETWORK_OBJ_192.168.3.0_24 no-proxy-arp route-lookup
object network VPN
nat (any,DIGI) dynamic interface
nat (LAN,Pone) after-auto source dynamic any interface dns
nat (LAN,DIGI) after-auto source dynamic any interface dns
access-group DIGI_access_in in interface DIGI
access-group LAN_access_in in interface LAN
access-group Pq_access_in in interface Pone
route Pone 0.0.0.0 0.0.0.0 10.1.*.* 2
route DIGI 0.0.0.0 0.0.0.0 210.48..*.* 3
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
http server enable
http 192.168.1.0 255.255.255.0 management
http 192.168.2.0 255.255.255.0 LAN
http 0.0.0.0 0.0.0.0 DIGI
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto dynamic-map DIGI_access_in 20 set ikev1 transform-set ESP-3DES-SHA
crypto map DIGI_map 65535 ipsec-isakmp dynamic DIGI_access_in
crypto map DIGI_map interface DIGI
crypto ca trustpoint ASDM_TrustPoint0
enrollment self
fqdn sslvpn.cisco.com
subject-name CN=sslvpn.cisco.com
keypair hpmtkeypair
crl configure
crypto ca trustpool policy
crypto ca certificate chain ASDM_TrustPoint0
certificate ed15c051
308201ef 30820158 a0030201 020204ed 15c05130 0d06092a 864886f7 0d010105
0500303c 31193017 06035504 03131073 736c7670 6e2e6369 73636f2e 636f6d31
1f301d06 092a8648 86f70d01 09021610 73736c76 706e2e63 6973636f 2e636f6d
301e170d 31333036 32313038 30343438 5a170d32 33303631 39303830 3434385a
303c3119 30170603 55040313 1073736c 76706e2e 63697363 6f2e636f 6d311f30
1d06092a 864886f7 0d010902 16107373 6c76706e 2e636973 636f2e63 6f6d3081
9f300d06 092a8648 86f70d01 01010500 03818d00 30818902 818100a9 7715ca9e
4d63204e 66e6517b 9a560be8 188603cc 90bb39a7 c61ef0d8 cd74bf19 8ec33146
5176547f f43615a2 b8917a03 3a5a9dd6 e087a78a 74bf3a8e 6d7cfad2 0678253d
b03a677a 52e9ebc0 8e044353 e9fe2055 3cafafa3 3ec74ef9 45eaf8d6 8e554879
db9bf2fb ebcdb5c3 011bf61f 8c139ed1 a00d300a 8fe4784f 173c7702 03010001
300d0609 2a864886 f70d0101 05050003 81810046 d32b20a6 a1efb0b5 29c7ed00
11c0ce87 c58228c9 aae96197 eb275f9a f9da57a1 fc895faf 09a24c0c af43772b
2818ec29 0a56eb33 c0e56696 dd1fa3bb 151ee0e4 18d27366 92177a31 b2f7842b
4f5145b9 942fbc49 c785f925 3a909c17 2593efcc 2e410b5c d3026fe1 f48d93c1
744333e2 c377e5d3 62eebb63 abca4109 d57bb0
quit
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable DIGI client-services port 443
crypto ikev2 remote-access trustpoint ASDM_TrustPoint0
crypto ikev1 enable DIGI
crypto ikev1 policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
track 1 rtr 123 reachability
telnet 192.168.1.0 255.255.255.0 management
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 DIGI
ssh timeout 5
console timeout 0
vpn-sessiondb max-other-vpn-limit 250
vpn-sessiondb max-anyconnect-premium-or-essentials-limit 2
vpn load-balancing
interface lbpublic DIGI
interface lbprivate DIGI
dhcp-client client-id interface Pone
dhcpd address 192.168.2.10-192.168.2.150 LAN
dhcpd dns 210.48.*.* 210.48.*.* interface LAN
dhcpd enable LAN
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection basic-threat
threat-detection statistics
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ssl trust-point ASDM_TrustPoint0 DIGI
webvpn
enable DIGI
anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
anyconnect profiles anyhpmt_client_profile disk0:/anyhpmt_client_profile.xml
anyconnect enable
tunnel-group-list enable
tunnel-group-preference group-url
group-policy sslpolicy internal
group-policy sslpolicy attributes
vpn-tunnel-protocol ssl-clientless
webvpn
url-list none
group-policy GroupPolicy_anyhpmt internal
group-policy GroupPolicy_anyhpmt attributes
wins-server none
dns-server value 8.8.8.8
vpn-tunnel-protocol ikev2 ssl-client ssl-clientless
default-domain value g
webvpn
anyconnect profiles value anyhpmt_client_profile type user
group-policy vpngroup1 internal
group-policy vpngroup1 attributes
dns-server value 8.8.8.8
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value splittun-vpngroup1
default-domain value g
address-pools value vpn_250
group-policy newvpn internal
group-policy newvpn attributes
dns-server value 8.8.8.8
vpn-tunnel-protocol ikev1 l2tp-ipsec
default-domain value g
username cshiew password KK1oQOhoxfwWvya4 encrypted
username cshiew attributes
webvpn
anyconnect keep-installer installed
anyconnect ask none default anyconnect
username newuser password GJrqM3H2KqQZv/MI encrypted privilege 1
tunnel-group vpngroup1 type remote-access
tunnel-group vpngroup1 general-attributes
address-pool vpn_250
default-group-policy vpngroup1
tunnel-group vpngroup1 webvpn-attributes
group-alias vpngroup1 enable
tunnel-group vpngroup1 ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group sslhpmt type remote-access
tunnel-group sslhpmt general-attributes
default-group-policy sslpolicy
tunnel-group sslhpmt webvpn-attributes
group-alias sslhpmt enable
tunnel-group anyhpmt type remote-access
tunnel-group anyhpmt general-attributes
address-pool vpn_client
default-group-policy GroupPolicy_anyhpmt
tunnel-group anyhpmt webvpn-attributes
group-alias anyhpmt enable
tunnel-group-map default-group vpngroup1
class-map global-class
match any
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
class global-class
cxsc fail-open
class class-default
user-statistics accounting
policy-map global-policy
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
hpm topN enable
Cryptochecksum:7a5ee8ff016e63420802423269da864b
: endHi,
Safwan Hashan napisano:i dont know which output you referring but this is output from the VPN client.
We need more information.
I expect debug output from the ASA.
To enable debugging and syslog messages, perform the following CLI steps:
1.
ASA#configure terminal
ASA(config)# debug crypto ikev1 127
ASA(config)# debug crypto ipsec 127
Enable debuging messages for IKEv1 and IPSec.
2.
ASA(config)# logging monitor debug
Sets syslog messages to be sent to Telnet or SSH sessions.
Note: You can alternately use the logging buffer debug command to send log messages to a buffer, and then view them later using the show logging command.
3.
ASA(config)# terminal monitor
Sends the syslog messages to a Telnet or SSH session.
4.
ASA(config)# logging on
Enables syslog message generation.
NOTE: This you have enabled.
Cleanup CLI
ASA(config)# no debug crypto ikev1
ASA(config)# no debug crypto ipsec
ASA(config)# no logging monitor debug
ASA(config)# no terminal monitor
More information: Sensible Debugging and Logging
I have one suggestion. Change and try.
group-policy vpngroup1 internal
group-policy vpngroup1 attributes
no vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
vpn-tunnel-protocol ikev1
Best regards,
MB
Please rate all helpful posts. Thx -
CISCO VPN software from BT (iPod & Windows)
Hi
Please could anyone advise how to download/set-up the BT VPN software on an iPod Touch. The BT webpage http://www.btopenzone.com/help/security/vpn-software.jsp#os-ios says you must be using a BT FON hotspot (which I've tried) to download. However, this page doesn't display on the iPod (just shows the BT Fon 'log-in' page.
Many thanks
MikeIn order to download the software for Mac OS X, I had to log on to BT FON first, then (whilst holding down the ctrl key) click on the direct link to the software below before choosing Download Linked File from the little context menu that appears.
https://my.btopenzone.com/vpn/apple/mac/BT_Wi-Fi_VPN_Client_V1.dmg
I hope this makes it a little easier for someone else the future. ;-) -
How do I use VPN for file sharing?
Hi folks, hope you can help.
I need to find a method for file sharing between my company's two offices, which are not only in different countries but also use both PCs and Macs. I think setting up a VPN is the way forward.
My file server is a Mac Mini running the standard client version of OS 10.5.4, with a static IP, 217.xxx.xxx.xxx. I need the PCs and Macs to access its resources. It is set up to share its files using FTP, AFP and SMB. It is running the application iVPN Server, which I understand is a GUI that makes the built-in OS X VPN Server function available to the client edition of OS X.
I am currently overseas and can connect to the Mac Mini over VPN. The problem is that I cannot seem to access the Mac Mini's files - I don't know what to do having established the VPN connection. I was half-expecting it to show up in the Finder under Shared or something.
The Mac Mini has a local IP of 10.0.1.20, but the VPN Server is issuing an IP to all clients in the range 192.168.2.200 and beyond. Is this where I'm going wrong?
Should the Mac Mini VPN Server also connect to itself, using VPN, as a client?
I'm really stuck, all help is very much appreciated. Thank you!Thanks for prompt reply Topher..
I am familiar with the Connect to Server window, but I am not sure which IP I should be using. Assuming no VPN connection for the moment, and assuming I'm on a remote network, I can connect to the User's documents folder on the Mac Mini already by typing afp://[username:password]@[static WAN ip]/Documents
However, I need to ensure that SMB shares work (I know they work when I'm on the local network). So I type smb://[username:password]@[static WAN ip]/Documents but this fails to connect to the User's Documents folder.
To make the SMB shares work I think I have to connect using VPN. So I connect to the Mac Mini via VPN, and my laptop is issued a VPN IP of 192.168.2.200. Of course my laptop also has an IP from my local network. Do I need to rearrange my network order in System Preferences?
So I'm now connected via VPN. However to view the Mac Mini's files, surely it also needs to have an IP issued by the VPN Server? But the Mac Mini is the VPN server. So should I go into its System Preferences and set up a VPN connection to itself?
Now back on the laptop and I want to browse User's Documents folder on the Mac Mini using SMB. I go Connect to Server, and I guess I would type smb://[username:password]@[Mac Mini's VPN IP]/Documents
Am I on the right track? Thanks again... -
How do I save changes to a document using VPN, Safari and Excel Mac?
Hi. I'm using VPN to reach documents on a server. I want to make changes to an excel document and save the changes back to the server. I'm using Safari and Excel Mac. When I'm finish making changes I tried to save the document back to the server. The changes was not saved? When I tried it on a PC it works well. Why can't I save the changes? Hope somebody can help me :-) Thanks a lot. Åke from Norway.
I did this after I wrote this. I have looked at the documentation but I can't find what I am looking for. Is there another way to open a file for viewing that has the full capabilities or using the normal program...one that uses something besides AxAcroPDFLib.AxAcroPDF. The sample that did have a view used AxAcroPDFLib.AxAcroPDF so it wasn't helpful. All I need is normal program functionality of adobe standard or profession within the application. The users have a full version installed on their PC.
Thanks again. -
WVRS4400N wireless router - What do i need to configure for VPN software to work?
Hi,
My VPN software can't establish connection ever since i changed to the WVRS4400N router. What do i need to configure inorder to establish a VPN connection to the outside network?
On a side note, i am not sure if i am on the right track but i read a little bit about setting IPSec Pass-Through. If this is the case, do i really need to get all the remote connection information inorder for my VPN software to work? And under Key Management setting, what would my pre-shared key use for (assuming this is a key i generated)?
Better yet, how can i get the vpn software to work with only having access to the internet without going through alot of hassle???
Thanks ahead for any solutions given...Thank you for responding.
If i am not mistaken, i believe what you are suggesting is setting up a VPN connection to my local area network and use the bundled Quick VPN client software to connect.
I currently have Sentinel VPN software on my laptop and it is configured to have access to my work's network. In most cases, i am able to connect to work without a problem as long as i have internet connection. Apparently, my vpn doesn't work when i am running it behind the WVRS4400N router. This problem didn't occur with my previous router. I believe the WVRS4400N router is blocking the connection by default. What can i do or configure to resolve this? -
Error when opening documents in a collaboration-room using vpn
hello everybody
i have the following problem:
by using vpn (virtual private network) i can access to the portal and enter a collaboration-room, but when i try to open a document in the collaboration-room, i always get the error that the page can not be displaied. users which are in the "portal-network" can open these documents, but users with vpn-access can not.
do you have any idea where the problem could be? thanks for helping.
greetings
flo> hi karin
>
> thank you for your help. when i tried with "your"
> URL, the error doesn't occur but when i then click on
> "Web-Folder", the following message appears:
>
> "The entered address of the Web-Folder is too long.
> Use a shorter address."
That's a bug in Internet Explorer. You may be able solve that by following the instructions at http://support.microsoft.com/?kbid=325355.
> 1. what can i do to shorten the adress?
Use the name of a parent folder, then navigate down.
Best regards, Julian -
I am using VPN, and Firefox is loading the page. Before I reinstall the new version, the VPN was working okay. Whta happened, what I am supposed to do?
I have to use the VPN to acess the site because of the limitatation , and it was working okay. When I do turn off the VPN, then the sites will open, but if I activate the VPN, then site will load for ever, but they won't load.
Please advise me what to do?You might try using the add-on 'NoSquint' which allows numerous zoom options specific to each page you visit & keeps your settings - https://addons.mozilla.org/en-US/firefox/addon/nosquint/
If you want to go back to 3.6x, you will find it here:
http://www.mozilla.com/en-US/firefox/all-older.html
In most cases you can simply "upgrade" (meaning downgrade) directly from the installation. It would be a good idea to save your passwords & bookmarks just to be on the safe side. -
Which antivirus software should i use for my iMac
Hello,
Wondering which antivirus software is recommended by Apple for an iMac?
Thanks,
Lisa C.VIRUSES
No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.
It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download for Tiger from:
http://www.clamxav.com/download.php#tiger
and for Leopard, Snow Leopard and Lion from here:
http://www.clamxav.com/
Note: If you wish to uninstall ClamXav: keep a copy of the disk image from when you downloaded it, or download it again - the uninstaller is included with the application. To uninstall, quit ClamXav Sentry (if you use it) and make sure it's not set to launch at log in. The uninstaller will remove the engine and any schedules you've got set up, then just drag ClamXav.app to the trash.
If you are already using ClamXav: please ensure that you have installed all recent Apple Security Updates and that your version of ClamXav is the latest available.
Do not install Norton Anti-Virus on a Mac as it can seriously damage your operating system. Norton Anti-Virus is not compatible with Apple OS X.
FAKE ANTI-VIRUS SOFTWARE and associated MALWARE
Do not be tricked by 'scareware' that tempts computer users to download fake anti-virus software that may itself be malware.
Fake anti-virus software that infect PCs with malicious code are a growing threat, according to a study by Google. Its analysis of 240m web pages over 13 months showed that fake anti-virus programs accounted for 15% of all malicious software.
Scammers trick people into downloading programs by convincing them that their PC is infected with a virus.
Once installed, the software may steal data or force people to make a payment to register the fake product.
Beware of PDF files from unknown sources. A security firm announced that by its counting, malicious Reader documents made up 80% of all exploits at the end of 2009.:
http://www.computerworld.com/s/article/9157438/in which Rogue_PDFs_account_for_80_of_all_exploits_says_researcher
TROJANS and RE-DIRECTION TO FAKE WEBSITES
The appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.
If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
You can read more about how, for example, the OSX/DNSChanger Trojan works (by falsely suggesting extra codecs are required for Quicktime) here:
http://www.f-secure.com/v-descs/trojan_osx_dnschanger.shtml
SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
http://macscan.securemac.com/
First update the MacScan malware definitions before scanning. You can also contact their support team for any additional support - [email protected]
The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
(Note that a 30 day trial version of MacScan can be downloaded free of charge from:
http://macscan.securemac.com/buy/
and this can perform a complete scan of your entire hard disk. After 30 days free trial the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk. It will detect (and delete if you ask it to) all 'tracker cookies' that switch you to web sites you did not want to go to.)
A white paper was published on the subject of Trojans by SubRosaSoft, available here:
http://www.macforensicslab.com/ProductsAndServices/index.php?main_page=document_ general_info&cPath=11&products_id=174
Also, beware of MacSweeper and MacDefender (also goes under the name of MacProtector, MacGaurd, MacSecurity or MacShield) :
These are malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer in an attempt to obtain payment.
Mackeeper is equally worthless and should also be avoided. Again, the developer seeks to obtain payment for an application that does nothing that free utilities do not also offer, and in many cases it will also mess up your system.
You can keep up to date, particularly about malware present in some downloadable pirated software, at the Securemac site:
http://www.securemac.com/
HOW TO AVOID RE-DIRECTION
Adding Open DNS codes to your Network Preferences, should give good results in terms of added security as well as speed-up:
Open System Preferences/Network. Double click on your connection type, or select it in the drop-down menu, and in the box marked 'DNS Servers' add the following two numbers:
208.67.222.222
208.67.220.220
(You can also enter them if you click on Advanced and then DNS)
Sometimes reversing the order of the DNS numbers can be beneficial in cases where there is a long delay before web pages start to load, and then suddenly load at normal speed:
http://support.apple.com/kb/TS2296
There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!
WHAT TO DO IF YOU THINK YOUR MAC HAS BECOME 'INFECTED'
If you think you may have acquired a Trojan, and you know its name, you can also locate it via the Terminal:
http://theappleblog.com/2009/04/24/mac-botnet-how-to-ensure-you-are-not-part-of- the-problem/
Although any content that you download has the possibility of containing malicious software, practising a bit of care will generally keep you free from the consequences of anything like the DNSChanger trojan.
1. Avoid going to suspect and untrusted Web sites, especially p'orn'ography sites.
2. Check out what you are downloading. Mac OS X asks you for you administrator password to install applications for a reason! Only download media and applications from well-known and trusted Web sites. If you think you may have downloaded suspicious files, read the installer packages and make sure they are legit. If you cannot determine if the program you downloaded is infected, do a quick Internet search and see if any other users reported issues after installing a particular program.
3. Use an antivirus program like ClamXav. If you are in the habit of downloading a lot of media and other files, it may be well worth your while to run those files through this AV application.
4. Use Mac OS X's built-in Firewalls and other security features.
5. Peer-to-peer sharing applications and download torrents (such as the now defunct LimeWire) supplying pirated software, movies etc are hotbeds of potential software issues waiting to happen to your Mac. Everything from changing permissions to downloading trojans and other malicious software can be acquired from using these applications. Similar risks apply to using Facebook, Twitter, MySpace, YouTube and similar sites which are prone to malicious hacking: http://news.bbc.co.uk/1/hi/technology/8420233.stm
6. Resist the temptation to download pirated software. They can contain Botnet Trojans. SecureMac offer a simple and free tool for the removal of the iBotNet Trojan available here:
http://macscan.securemac.com/files/iServicesTrojanRemovalTool.dmg
YOUR PRIVACY ON THE INTERNET and the latest risks to look out for:
There is the potential for having your entire email contact list stolen for use for spamming:
http://www.nytimes.com/2009/06/20/technology/internet/20shortcuts.html?_r=1
And if you are using iPhone Apps you are also at risk of losing all privacy:
http://www.engadget.com/2010/10/03/hacker-claims-third-party-iphone-apps-can-tra nsmit-udid-pose-se/
The advent of HTML5 may also be a future threat to internet privacy:
http://www.nytimes.com/2010/10/11/business/media/11privacy.html?_r=1&hp
Security of OS X generally:
http://www.apple.com/macosx/what-is/security.html
http://www.nsa.gov/ia/_files/os/applemac/I731-007R-2007.pdf
Security Configuration for Version 10.5 Leopard:
http://manuals.info.apple.com/en_US/Leopard_Security_Config_2nd_Ed.pdf
NOTE: Apple's Snow Leopard and Lion operating systems silently update the malware protection built into Mac OS X to protect against a backdoor Trojan horse that can allow hackers to gain remote control over your treasured iMac or MacBook: Macs running Snow Leopard or Lion now check for new malware definitions daily, allowing Apple to quickly deploy protection from threats before they have a chance to spread.
Few malicious titles actually exist for Mac OS X, and those that do rely almost entirely upon duping users to install software that pretends to be legitimate.
http://www.sophos.com/blogs/gc/g/2010/06/18/apple-secretly-updates
However, if you are running Lion Server:
Apple's new server operating system -- OS X Lion -- is so inherently insecure that Stamos recommends keeping it off the network altogether and using Macs only as standalone machines connected to IP or Windows networks, not those designed for Macs.
The Mac Server's networking protocols -- especially DHX User Authentication -- are designed for ease of use, not security. It is trivial, Stamos said, for hackers to set up a Mac user to download a file that will overflow the buffer protecting the heap segment of the server's memory, allowing the file's malicious payload to run uncontrolled in the server's memory and give itself whatever access rights it wants.
http://www.macworld.co.uk/mac/news/index.cfm?newsid=3301796&olo=email -
When i use vpn online movies like youtube still loading after even i closed firefox window
i tested many things to know this things !
totally when i use vpn connection (pptp) youtube movies when they loaded 50% i close firefox window but my firewall still shows me a program, connection or .... that using all of my internet bandwidth
i tested my vpn connection with IE and eveyrthing was ok
then i installed traffic comp program
i just activated vpn and then vpn connection and everything was ok!
it means when i went to youtube and select a trailer when it loaded 20% i closed the firefox and all of my internet bandwidth became free
then i tested it again without traffic comp and again that problem
after i close my firefox window (youtube site) still that movie loading and all of my internet bandwidth using by a firefox
i don't know but i think this is something between firefox and vpn connection
can someone help me ?
== This happened ==
Every time Firefox opened
== activated vpn connectionI have this problem too.
-
3 WRV200 routers to create a 3 node WAN using VPN connections
I have looked through some of the other posts to see if this question had been asked before, and I didnt see anything.
I have 3 WRV200 that I want to install in 3 cities.
I want each router to have its own Internet connection from the local ISP.
I then want each router to connect to the other 2 routers and create a 3 node WAN using VPN connections.
This is what I think I need. I am hoping somone will correct me.
WRV200-CA
192.168.1.0 - CA Local LAN
192.168.1.1 Default Gateway
255.255.255.0 Subnet Mask
192.168.1.10 Static Assigned for Printer
192.168.1.11 Static Assigned for Printer
192.168.1.12 Static Assigned for Printer
192.168.1.13 Static Assigned for Printer
192.168.1.101 - 120 DHCP addresses for workstations
WRV200-NYC
192.168.2.0 - NYC Local LAN
192.168.2.1 Default Gateway
255.255.255.0 Subnet Mask
192.168.2.10 Static Assigned for Printer
192.168.2.11 Static Assigned for Printer
192.168.2.12 Static Assigned for Printer
192.168.2.13 Static Assigned for Printer
192.168.2.101 - 120 DHCP addresses for workstations
WRV200-LI
192.168.3.0 - LI Local LAN
192.168.3.1 Default Gateway
255.255.255.0 Subnet Mask
192.168.3.10 Static Assigned for Printer
192.168.3.11 Static Assigned for Printer
192.168.3.12 Static Assigned for Printer
192.168.3.13 Static Assigned for Printer
192.168.3.101 - 120 DHCP addresses for workstations
I know how to get the public IP address that is assigned to the broadband modem by each of the ISPs.
Do I have to connect to each of the other public IP addresses to create this 3 location WAN?
I dont think this is the best way since the IP address might change since it is assigned by the ISP via DHCP.
Should I create a 192.168.4.0 network with a 255.255.255.248 subnet mask. and give each router its own address within the .4 network? Im not sure where to do this if its different from the local LAN IP addresses listed above.
Do I have to have 2 cable modems at each location in order to create a point to point connection with the other 2 routers?
It seems like I should be able to send 2 seperate VPN signals over the same cable modem in order to connect with the other 2 routers.
If 192.168.x.x is non routable, how is a PC at 192.168.1.101 going to route through to the local cable modem and connect to the cable modem that is in NYC, and then print to the printer located at 192.168.2.11
Ultimately I want to:
1. print to any printer at any of the 3 locations.
2. Remote Desktop into any workstation at any of the 3 locations.
3. Connect to the Internet via a public WiFi hotspot and use my laptop that would have some type of software that would allow me to connect to any of the 3 LANs.
Thank you in advance.Appendix D of the RVS4000 admin guide has an example of configuring a site-to-site VPN tunnel between 2 routers that have dynamic WAN IP addresses. For your scenario, you can configure a site-to-site tunnel between each pair of WRV200 routers.
http://www.cisco.com/en/US/docs/routers/csbr/rvs4000/administration/guide/RVS4000_AG_OL-22605.pdf
Maybe you are looking for
-
How to choose RT System at Run Time
Variations of this question have been asked, but I'm not sure if they've been answered. We use LabVIEW RT to do a variety of behavior tests. We have multiple experimenters using the same hardware, and each has his/her own set of "What I want to do"
-
Hi, I've installed Uplink from aur (uplink package) and it was patched to 1.55. When I run it I don't have any sound at all. I tried to install it manualy, but when I try to run the original version I get a black screen and normal music (I believe I
-
Why is notification center not working for mail?
Im not receiving mail on notification center, why is that happening?
-
Maverick Dictation- or Dragon dictate-Which is better?
I've used Dragon dictate products since 2005 on PC's and then Macs. I want to know any advantages in switching to Maverick Dictation. Please advise.
-
My location in weather disappeared - how do i get it back?
I'm not sure what happened but my current location disappeared from the weather app. How do I get it back and get rid of NY and Cupertino?