IP or DHCP address issue with VPN

Similar Messages

• Internet DHCP/DNS issues with WRT1900ac

  I've had a WRT1900ac now for about 2 weeks and the problems seem to be escalating.  Need help.  And yes, I've already read dozens of threads about these issues and nothing seems to be working.
  Most of the problems seem to be centered around this DHCP/DNS issue that so many have been reporting.
  First, the symptoms:
  Galaxy S4 phones when connected via wifi have some apps that don't update (facebook and google play)
  Some computers (both Win 7) will connect to the network just fine, both wired and wireless - but won't be able to get to the internet
  I've spent the last 2-3 days of my life reading forums and trying all sorts of things to get this to work properly (like my old router) and I'm still stuck.  Some things I've tried:
  Firmware is up-to-date (latest version: 1.1.8.164461)
  Manually assigned static DNS in router config settings (connectivity -> local network) to various combinations including the router address, 8.8.8.8, 8.8.4.4, 75.75.75.75, 75.75.76.76 (I have comcast), OpenDNS addresses, etc.  I read that the router address is not needed, so I stopped including it.
  I manually assigned IPs and DNS on the Galaxy S4 phones and that seemed to work... but also seems unnecessary.
  I've reserved DHCP addresses on the computers in question, that didn't seem to work, I also manually set DNS on one of the comupters (can't on the other... long story/not my computer) and that worked for a while and then stopped working.
  The only way to get one of the computers on the internet now is to turn on the guest network (even though the computer is hard wired to the router), connect, and then the wired network works.  No clue why this is, but my guess is that it needs the guest network for DNS, then it fails back over to the wired network.  Once that happens, I can actually turn off the wifi on the computer and everything works great... until I reboot.  Key point: I can't change any settings on that box other than entering in SSID/passphrase info for the wireless connection.  I can connect to the regular (non-Guest) wifi just fine - I just can't ever get to the internet.
  I've tried massaging DHCP settings on the router until I'm blue in the face - Static DNS, reserving DHCP addresses, hell I even put one of the computers in the DMZ to see if that would work and it still can't connect to the internet (it's worth noting that with my old router, Linksys WRT310N, the setup was literally plug-and-play - no hassle with any of this).
  I've tried countless router reboots, factory resets, turning off my modem and router for 2+ minutes, and nothing is working.
  I even read somewhere that if you modify your DHCP settings at all that the WRT1900ac stops doing DNS properly and breaks, so I even tried several "hard" factory resets and used all the default DHCP/DNS settings.  And it worked... for a few hours.
  Seriously, I'm at my wit's end.  I'm out a lot of money on this thing and it's been one headache after another.  Please help.

  I think for most people its a bad idea to hold out that hope, lol. It seems like a great piece of hardware but if you really need a router and don't want to have to 'play' with it, its probably not a good choice. I have an EA6900 that I am very happy with but it has the same restrictions as far as DNS and I really hate the idea that I am forced to use the smartwifi portal. I would really like for them to give me a choice of the old gui or the new one and let ME decide. Lots of routers to choose from out there now and new ones seem to be coming out all the time so do some reading and see if something suits you better. Good luck!

• AAA issues with VPN and IPCP?

  Hi,
       I have been struggling to find a solution as to why my L2TP tunnel comes up, but, no ip through IPCP is working.  I have a few third party VPN providers that I can connect to with no problem.  My config is solid as far as the Virtual-PPP interface is concerned.  So, as far as the AAA is concerned, here are a few commands that I have used:
  aaa new-model
  aaa authentication login local_auth local
  aaa authentication ppp default none
  So, here is the revelant debugs:
  008940: *Jan  7 15:08:05.543 MDT: Vp1 LCP: Timeout: State Listen
  008941: *Jan  7 15:08:05.543 MDT: AAA/AUTHOR (00000007): Method list id=0 not configured. Skip author
  008942: *Jan  7 15:08:05.543 MDT: Vp1 PPP: Authorization NOT required
  008943: *Jan  7 15:08:05.543 MDT: Vp1 PPP: No remote authentication for call-out
  008944: *Jan  7 15:08:05.543 MDT: Vp1 AAA/AUTHOR/LCP: Authorization succeeds trivially
  008945: *Jan  7 15:08:05.543 MDT: Vp1 LCP: O CONFREQ [Listen] id 142 len 10
  008946: *Jan  7 15:08:05.543 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
  Cisco3825#
  008947: *Jan  7 15:08:07.559 MDT: Vp1 LCP: Timeout: State REQsent
  008948: *Jan  7 15:08:07.559 MDT: Vp1 LCP: O CONFREQ [REQsent] id 143 len 10
  008949: *Jan  7 15:08:07.559 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
  Cisco3825#
  008950: *Jan  7 15:08:09.575 MDT: Vp1 LCP: Timeout: State REQsent
  008951: *Jan  7 15:08:09.575 MDT: Vp1 LCP: O CONFREQ [REQsent] id 144 len 10
  008952: *Jan  7 15:08:09.575 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
  Cisco3825#
  008953: *Jan  7 15:08:11.591 MDT: Vp1 LCP: Timeout: State REQsent
  008954: *Jan  7 15:08:11.591 MDT: Vp1 LCP: O CONFREQ [REQsent] id 145 len 10
  008955: *Jan  7 15:08:11.591 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
  Cisco3825#
  008956: *Jan  7 15:08:13.607 MDT: Vp1 LCP: Timeout: State REQsent
  008957: *Jan  7 15:08:13.607 MDT: Vp1 LCP: O CONFREQ [REQsent] id 146 len 10
  008958: *Jan  7 15:08:13.607 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
  008959: *Jan  7 15:08:13.691 MDT: Vp1 LCP: I CONFREQ [REQsent] id 0 len 8
  008960: *Jan  7 15:08:13.691 MDT: Vp1 LCP:    AuthProto PAP (0x0304C023)
  008961: *Jan  7 15:08:13.691 MDT: Vp1 LCP: O CONFACK [REQsent] id 0 len 8
  008962: *Jan  7 15:08:13.691 MDT: Vp1 LCP:    AuthProto PAP (0x0304C023)
  008963: *Jan  7 15:08:13.691 MDT: Vp1 LCP: State is Open
  008964: *Jan  7 15:08:13.691 MDT: Vp1 PPP: Phase is AUTHENTICATING, by the peer
  Cisco3825#
  008965: *Jan  7 15:08:13.691 MDT: AAA/AUTHEN/PPP (00000007): Pick method list 'default'
  008966: *Jan  7 15:08:13.691 MDT: Vp1 LCP: I CONFREJ [Open] id 146 len 10
  008967: *Jan  7 15:08:13.691 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
  008968: *Jan  7 15:08:13.691 MDT: Vp1 LCP: O CONFREQ [ACKsent] id 147 len 4
  008969: *Jan  7 15:08:13.775 MDT: Vp1 LCP: I CONFACK [ACKsent] id 147 len 4
  008970: *Jan  7 15:08:13.775 MDT: Vp1 LCP: State is Open
  008971: *Jan  7 15:08:13.775 MDT: AAA/AUTHEN/PPP (00000007): Pick method list 'default'
  Cisco3825#
  008972: *Jan  7 15:08:23.783 MDT: Vp1 AUTH: Timeout 1
  Cisco3825#
  008973: *Jan  7 15:08:33.799 MDT: Vp1 AUTH: Timeout 2
  Cisco3825#
  008974: *Jan  7 15:08:43.815 MDT: Vp1 AUTH: Timeout 3
  Cisco3825#
  008975: *Jan  7 15:08:53.831 MDT: Vp1 AUTH: Timeout 4
  Cisco3825#
  008976: *Jan  7 15:09:03.847 MDT: Vp1 AUTH: Timeout 5
  Cisco3825#
  008977: *Jan  7 15:09:07.356 MDT: Vp1 PPP: Outbound ip packet dropped
  Cisco3825#
  008978: *Jan  7 15:09:13.864 MDT: Vp1 AUTH: Timeout 6
  Cisco3825#
  008979: *Jan  7 15:09:17.356 MDT: Vp1 PPP: Outbound ip packet dropped
  Cisco3825#
  008980: *Jan  7 15:09:23.880 MDT: Vp1 AUTH: Timeout 7
  Cisco3825#
  008981: *Jan  7 15:09:27.356 MDT: Vp1 PPP: Outbound ip packet dropped
  Cisco3825#
  008982: *Jan  7 15:09:33.896 MDT: Vp1 AUTH: Timeout 8
  Cisco3825#
  008983: *Jan  7 15:09:37.356 MDT: Vp1 PPP: Outbound ip packet dropped
  Cisco3825#
  008984: *Jan  7 15:09:43.912 MDT: Vp1 AUTH: Timeout 9
  Cisco3825#
  008985: *Jan  7 15:09:47.356 MDT: Vp1 PPP: Outbound ip packet dropped
  Cisco3825#
  008986: *Jan  7 15:09:53.928 MDT: Vp1 AUTH: Timeout 10
  Cisco3825#
  008987: *Jan  7 15:09:57.356 MDT: Vp1 PPP: Outbound ip packet dropped
  Cisco3825#
  008988: *Jan  7 15:10:03.944 MDT: Vp1 AUTH: Timeout 11
  008989: *Jan  7 15:10:03.944 MDT: Vp1 PPP: Sending Acct Event[Down] id[7]
  008990: *Jan  7 15:10:03.944 MDT: AAA/ACCT/EVENT/(00000007): NET DOWN
  008991: *Jan  7 15:10:03.944 MDT: AAA/ACCT/NET(00000007): Method list not found
  008992: *Jan  7 15:10:03.944 MDT: AAA/ACCT(00000007): del node, session 4
  008993: *Jan  7 15:10:03.944 MDT: AAA/ACCT/NET(00000007): free_rec, count 0
  008994: *Jan  7 15:10:03.944 MDT: AAA/ACCT/NET(00000007) reccnt 0, csr FALSE, osr 0
  008995: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Update Vp1
  008996: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Vp1 [pre-sess] (rx/tx) base 2114/15028 pre 15468/32490 call 15468/32490
  008997: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Vp1 [pre-sess] (rx/tx) adjusted, pre 13354/17462 call 0/0
  008998: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Update Vp1
  008999: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Vp1 [sess] (rx/tx) base 2114/15028
  Cisco3825# pre 15468/32490 call 15468/32490
  009000: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Vp1 [sess] (rx/tx) adjusted, pre 13354/17462 call 0/0
  009001: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Deregister Vp1
  009002: *Jan  7 15:10:03.944 MDT: Vp1 PPP: Phase is TERMINATING
  009003: *Jan  7 15:10:03.944 MDT: Vp1 LCP: O TERMREQ [Open] id 148 len 4
  009004: *Jan  7 15:10:03.944 MDT: AAA/ACCT/EVENT/(00000007): CALL STOP
  009005: *Jan  7 15:10:03.944 MDT: AAA/ACCT(00000007) reccnt 0, osr 0
  009006: *Jan  7 15:10:04.028 MDT: Vp1 LCP: I TERMACK [TERMsent] id 148 len 4
  009007: *Jan  7 15:10:04.028 MDT: Vp1 LCP: State is Closed
  009008: *Jan  7 15:10:04.028 MDT: Vp1 PPP: Phase is DOWN
  009009: *Jan  7 15:10:04.028 MDT: Vp1 PPP: Phase is ESTABLISHING, Passive Open
  009010: *Jan  7 15:10:04.028 MDT: Vp1 LCP: State is Listen
  Cisco3825#
  009011: *Jan  7 15:10:06.024 MDT: Vp1 LCP: Timeout: State Listen
  009012: *Jan  7 15:10:06.024 MDT: AAA/BIND(00000009): Bind i/f Virtual-PPP1
  009013: *Jan  7 15:10:06.024 MDT: AAA/ACCT/HC(00000009): Register Vp1 100Mbit/s, poll every 5m 0s
  009014: *Jan  7 15:10:06.024 MDT: AAA/ACCT/HC(00000009): Update Vp1
  009015: *Jan  7 15:10:06.024 MDT: AAA/ACCT/HC(00000009): Vp1 [init-sess] (rx/tx) base 15474/32498 pre 15474/32498 call 15474/32498
  009016: *Jan  7 15:10:06.024 MDT: AAA/ACCT/HC(00000009): Vp1 [init-sess] (rx/tx) adjusted, pre 0/0 call 0/0
  009017: *Jan  7 15:10:06.024 MDT: AAA/ACCT/EVENT/(00000009): CALL START
  009018: *Jan  7 15:10:06.024 MDT: Getting session id for NET(00000009) : db=6902396C
  009019: *Jan  7 15:10:06.024 MDT: AAA/ACCT(00000000): add node, session 6
  009020: *Jan  7 15:10:06.024 MDT: AAA/ACCT/NET(00000009): add, count 1
  009021: *Jan  7 15:10:06.024 MDT: Getting session id for NONE(00000009) : db=6902396C
  009022: *Jan  7 15:10:06.024 MDT: AAA/AUTHOR (0000
  Cisco3825#0009): Method list id=0 not configured. Skip author
  009023: *Jan  7 15:10:06.024 MDT: Vp1 PPP: Authorization NOT required
  009024: *Jan  7 15:10:06.024 MDT: Vp1 PPP: No remote authentication for call-out
  009025: *Jan  7 15:10:06.024 MDT: Vp1 AAA/AUTHOR/LCP: Authorization succeeds trivially
  009026: *Jan  7 15:10:06.024 MDT: Vp1 LCP: O CONFREQ [Listen] id 149 len 10
  009027: *Jan  7 15:10:06.024 MDT: Vp1 LCP:    MagicNumber 0x1A23E698 (0x05061A23E698)
  009028: *Jan  7 15:10:06.108 MDT: Vp1 LCP: I CONFREJ [REQsent] id 149 len 10
  009029: *Jan  7 15:10:06.108 MDT: Vp1 LCP:    MagicNumber 0x1A23E698 (0x05061A23E698)
  009030: *Jan  7 15:10:06.108 MDT: Vp1 LCP: O CONFREQ [REQsent] id 150 len 4
  009031: *Jan  7 15:10:06.192 MDT: Vp1 LCP: I CONFACK [REQsent] id 150 len 4
  Cisco3825#
  009032: *Jan  7 15:10:07.356 MDT: Vp1 PPP: Outbound ip packet dropped
  009033: *Jan  7 15:10:08.104 MDT: Vp1 LCP: Timeout: State ACKrcvd
  009034: *Jan  7 15:10:08.104 MDT: Vp1 LCP: O CONFREQ [ACKrcvd] id 151 len 4
  009035: *Jan  7 15:10:08.188 MDT: Vp1 LCP: I CONFACK [REQsent] id 151 len 4
  Cisco3825#
  009036: *Jan  7 15:10:10.120 MDT: Vp1 LCP: Timeout: State ACKrcvd
  009037: *Jan  7 15:10:10.120 MDT: Vp1 LCP: O CONFREQ [ACKrcvd] id 152 len 4
  009038: *Jan  7 15:10:10.204 MDT: Vp1 LCP: I CONFACK [REQsent] id 152 len 4
  Cisco3825#show
  009039: *Jan  7 15:10:12.136 MDT: Vp1 LCP: Timeout: State ACKrcvd
  009040: *Jan  7 15:10:12.136 MDT: Vp1 LCP: O CONFREQ [ACKrcvd] id 153 len 4
  009041: *Jan  7 15:10:12.216 MDT: Vp1 LCP: I CONFACK [REQsent] id 153 len 4
  Cisco3825#show l2tp
  009042: *Jan  7 15:10:14.152 MDT: Vp1 LCP: Timeout: State ACKrcvd
  009043: *Jan  7 15:10:14.152 MDT: Vp1 LCP: O CONFREQ [ACKrcvd] id 154 len 4
  009044: *Jan  7 15:10:14.232 MDT: Vp1 LCP: I CONFACK [REQsent] id 154 len 4
  Cisco3825#show l2tp
  L2TP Tunnel and Session Information Total tunnels 1 sessions 1
  LocTunID   RemTunID   Remote Name   State  Remote Address  Sessn L2TP Class/
                                                             Count VPDN Group
  37822      1          xxxxxxxxxxxx est    xxx.xxx.xxx.xxx  1     l2tp_default_cl
  LocID      RemID      TunID      Username, Intf/      State  Last Chg Uniq ID
                                   Vcid, Circuit
  124        1          37822      1, Vp1               est    00:02:03 1
  Here are a couple things I noticed:
  009001: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Deregister Vp1
  008990: *Jan  7 15:10:03.944 MDT: AAA/ACCT/EVENT/(00000007): NET DOWN
  I don't have this issue with other providers.  I don't have the whole radius / tacacs things setup as it's not necessary for our needs.
  Ideas?
  Thanks for the help.
  Jason

  Hi,
  To resolve your issue as soon as possible, please post your question on the Forefront TMG forum:
  http://social.technet.microsoft.com/Forums/en-US/home?forum=Forefrontedgegeneral
  Steven Lee
  TechNet Community Support

• DHCP Renew Issue with Road Runner

  I have had Road Runner for 6 weeks, the first four weeks everything was running smoothly. However, for the last two weeks the connection has been sporadic and I am constantly losing my connection.
  My computer is connected directly to the modem with an ethernet cable; there is no router, there are no other computers. I'm simply trying to stay online with my little computer.
  My network settings are for built-in ethernet, using DHCP, with the addresses provided by my ISP (Road Runner) and I've added two DNS server addresses for Road Runner (because several other discussions, posts, etc. recommended using those to help stay connected). I've tried turning my IPv6 off, I've tried manually configuring my DHCP connection, I've scoured the internet for help. All to no avail. Most topics deal with networking with PC's or airports and I have neither attached to this computer. I've created new locations to try and "erase" any default settings and I've kicked the modem a few times (accidentally I assure you ).
  From what I can tell, (keep in mind I sell trees and know nothing about this) the DHCP lease does not renew when it's supposed to. I am disconnected every half hour or so, or I have to press "renew" to be able to stay online (highly annoying).
  When I first subscribed to Road Runner the connection was fine and I was able to stay online indefinitely. Two weeks ago that changed, even though I did nothing (intentionally) to change network settings. This means I downloaded nothing that would affect my network configuration, I didn't poke around in network configurations, I did not change any settings. I've spoken with their online "tech" support four times. I've spoken to three people on the phone and I've had a tech come out to replace my modem and ethernet cable. When the problem persisted I contacted them again and was told the problem was with Apple <gasp>.
  I believe I need help in finding a way to have my mac recognize changes in DHCP and to renew the lease automatically, for all I know it could be that the moon isn't aligned with Saturn <shrug>...preferably in vernacular I can understand. Thank you in advance for any help!
  Lori

  Hi Lori,
  You're not really in the right forum for your problem (this area is for Apple-server) but I'll give it a go...
  First, short explanation on DHCP. This process is pretty straightforward for the client's function so I'm suspicious of the "blame the mac" conclusion from Road Runner (although does not exclude possibility). When the mac starts up, it issues a 'Discovery' broadcast, looking for a DHCP server. The server responds with an 'Offer' of an IP address. The client then responds with a 'Request' to the server for the same IP address and the server then sends an 'Acknowledgement' that it may use this address, along with other information including the 'Lease Time' - how long the client may continue to use that info.
  The lease time is important. After 50% of this time has gone, the client will attempt to renew it from the same server by issuing another Request and awaiting another Acknowledgement. Should there be no Acknowledgement, the client will continue to issue Requests up until the expiry of the original lease time at which point it will drop all the info which it received from the server and then issue another Offer broadcast, looking for a new server (which may or may not be available).
  So, first thing, lets see what lease time you are getting from Road Runner and see if this corresponds with the 30 minutes you seem to get from a session...
  Ensure you have a cable connection to your router, restart computer. In Applications-> Utilities, start up Terminal. Enter the following line, ending with normal 'return' key (new line)...
  ipconfig getpacket en0
  That's a zero at the end.
  Look for the line similar to this, "lease_time (uint32): 0x1bd8", and post back the string of chars you get at the end of your line (corresponding to the "0x1bd8" part). Quit the Terminal utility.
  Can you also confirm what computer model you use, and the system version?
  -david
      Server 10.4.8

• Strange issue with VPN

  Hello,  I have a strange issue with a VPN we have on our ASA 5520.  We have 2 subnets my side of the VPN that can get to 27 subnets on the other side of the VPN.  However the last remote subnet which I will call 28 I find only 1 of my 2 subnets can get too.  When I reset the tunnel I find that my subnet cannot bring the IPSec tunnel up but the othe side of the tunnel can.  When I view my VPN tunnel Rx always has a value but Tx is always zero, which suggests the traffic isnt even getting there, but this subnet is all the same rules as the other subnets that work.  Any debug commands or tracing you can suggest? I've had others look at the issue and the cant see an issue.  Thanks

  Looks like you have a OD server setup for user authentication so you need to run this
  vpnaddkeyagentuser /LDAPv3/127.0.0.1
  that will add the correct record to OD and it will authenticate.
  Peter

• Issue with VPN compatibility between 2811 and 2911

       hello
  I would like to ask anyone have had any issues with setting up a VPN tunnel between 2811 and 2911?
  The IPSec VPN is established but for some reason I cannot ping the LAN side to the other LAN side of the other end of the VPN Router?
  Any experience would be much appreciated
  Thanks           

  IPSec VPN can be with no problem set up between any cisco routers (and not nesesserely cisco),  so there are should be no issues in your case.
  If you say that tunnel is established successfully, then problem most probably related to routing issues between sites or incorrect crypto-acl configured. Check if hosts on both sites have correct routing information on how to get to subnets on the other site.
  To make more accurate assumptions it would help if you provide config on both sites and describe your topology.

• Issues with vpn connection thru ATT DSL

  Hi I hope someone can help me out...
  At work we use Cysco VPN Client Verstion 4.8.02.0010
  Everyone (about 18 people) can connect to it from their homes. For some reason I am the only member who can not connect.
  I am tryihg to connect Via ATT DSL and Cysco VPN Client shows that I am connected, however,
  I have no access to any of the networks from work.
  I have tried connecting using Cox Cable from a friend's home and it connects just fine.
  I have read many threads online that indicate that this is a common occurance with ATT DSL users but I have not found
  the fix.
  I am using modem/router type 2701 HG-B
  Any feedback will be greatly appreciated.
  Thank you,

  Make sure the encrytpion and parameters such as VPN group are negtotiated properly between the client and the server. Refer http://cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml for most commonly occuring VPN issues . Contact ATT for configuring their servers.

• Having an issue with vpn load balancing certificate on the vip

                     Hi all,
  I am setting up vpn load balancing in a lab. I have two asa's running 8.6. I created a ucc cert from our internal CA  that has the vip as the CN in the cert and the two ASA's themselves as subject alternative names. I used open ssl to create the request. In each asa I am using encryption between the ASA's to encrypt the psk's. Since this is a lab and I do not have the DNS servers at my disposal I've added the hostnames and addresses of each ASA to the config in the ASA's. The problem I have is that when I connect to the vip I get a cert error saying the cert doesn't match the name on the site. See below:
  "The security certificate presented by this website was issued for a different website's address."
  I have a hostfile on my lab pc connected directly to the outside of the ASA that can resolve the name of the vip but when I browse to the vip I get the cert error. If I click proceed anyway the asa redirects me and the page opens without error on one of the two ASA's.
  Does any one know what the CN of the cert should be for vpn load balancing. I thought the CN would be the vip but sometinhg is not right.
  Any help is appreciated.
  Thanks.

  Issue resolved. Switched the order of the trustpoints on the outside and vpn load balance.

• IP Address Issue with eth0 and xenbr0

  Hi All
  Last sunday I bought new machine with AMD 6 core processor and 16gb RAM. I installed Vmserver 2.2.1 successfully but I am not able to access the vmserver from other machines.
  Network card detected and shows status up and running.
  One thing I observed that the assigned IP address for management NIC is getting assigned to xenbr0, this might be the issue.
  I tried assigning ip address back to eth0 but as soon as I restart the server it will go back default to xenbr0 means IP address is getting assigned to xenbr0 instead of eth0.
  Any suggetions here highly appreciated I struck with this issue.
  Let me know if you have any suggestion to make it work so that I can access vm server from other machines.
  how to make the default ip address to be assigned after reboot and what would be the ip address for xendr0 ?
  Regards
  Anandkumar S.M.

  Hi,
  actually the IP address is bound to the bridge (not to eth0).
  This works as designed.
  Even if you setup the network manually you assign the IP to the bridge - not to eth0.
  Maybe the underground manual for OVM can give you more information:
  http://itnewscast.com/underground-oracle-vm-manual
  Regards
  Sebastian

• Issues with VPN on 10.3 Server

  I have no problems using the VPN with 10.4 Server. I manage several of these, and the VPN works fine.
  However, with 10.3 Server it doesn't seem to work. I have two 10.3.9 servers at different offices, and with each I can connect to the VPN, I get an IP address, but I cannot access any resources through the VPN. Does anyone have any ideas about this?

  Thanks for your reply.
  I'm using PPTP. I've got it set up the same way as with 10.4 server.
  The servers are behind NAT routers, with TCP port 1723 forwarded to them.
  In each case the private IP subnet on the server is different from the one I'm connecting from.
  I'm connecting just fine to the VPN, but once I'm connected I can't connect to anything on the network.
  One thing I see in the system log when I try to make a connection is this: "Protocol-Reject for unsupported protocol."
  What do you think?

• GUI issues with VPN server / remote settings - SR520 UC540

  Kinda new to the CCA world, but not new to the game. So far I am finding the limitations a bit frustrating, but here's the main issue at the moment:
  Attempting to set up a simple network with a UC540 at HQ, with an SR520 at a SOHO site. I can get the remote VPN working fine, also get a VPN to the SR520 for remote administration working. Actually had everything working fine, saved the config and rebooted to test prior to shipping it to out.
  However, when I go back to look at the settings, trouble starts.The remote VPN settings don't show - the CCA tells me changes have been made in the CLI (not). The display for the VPN Server also seems buggy as it will not always display the settings for the VPN itself or the networks listed under split tunnels.Changes to either VPN setup appear to bork the other.
  As this is going to a site far, far away I need to be very sure that the VPN setup is solid, at least for remote access. I have a sneaking suspicion that some of the settings are shared and changes to one setup affect the other, but after going from everything working > save > reload > not working, I can't see what is wrong.
  Short version - need SOHO to communicate with HQ over site-to-site VPN, with remote access from 3d location to CCA.
  Any hints?

  Hi,
  To resolve your issue as soon as possible, please post your question on the Forefront TMG forum:
  http://social.technet.microsoft.com/Forums/en-US/home?forum=Forefrontedgegeneral
  Steven Lee
  TechNet Community Support

• NImDNSResponder and NILXIDiscovery cause issues with VPN & system

  The two windows processes nimDNSResponder.exe and niLxiDiscovery.exe are installed after installing LabView 8.6.  They run automatically in the background, but have negative effects on system performance.  DNSResponder corrupts the routing table, thus rendering Juniper VPN inoperative.  If that process is stopped niLxiDiscovery begins to consume computing resources (>80% of processor time).  If both processes are stopped, the PC & VPN seem to run normally.  I uninstalled and reinstalled LV 8.6, and have the same results - apparently it wasn't a corruption at install.  Can you direct me to the parts of LV that I must un-install to eliminate the issues associated with these processes?
  Thank you,
  ...jerry

  Related Post
  Spex
  National Instruments
  To the pessimist, the glass is half empty; to the optimist, the glass is half full; to the engineer, the glass is twice as big as it needs to be...

• Issue with VPN (IPSEC) to Cisco VPN @ work

  Hello,
  I hope someone may be able to help with this, i am using an Iphone 3Gs, and i am having an issue connecting to the VPN at work. I authenticate according to our network personel, but they show this error in the logs
  58182 07/22/2009 15:45:00.630 SEV=5 IKE/141 RPT=1383 166.205.131.76
  Client-reported firewall does not match configured firewall: terminating tunnel.
  Received -- Vendor: (0), Product (0), Caps: 0000. Expected -- Vendor: Cisco Sy
  stems(1), Product: Cisco Integrated Client(0x00000001), Caps: 0002
  Our network guy suggested maybe the iphone is attempting to use a split tunnel, i dont see any settings i can change for this, i pass authenticatin i can see that in their logs as well, but i get kicked off when it tries to negotiate security policies or firewall, and it terminates the tunnel..
  Any suggestions?

  Have you been able to resolve this issue yet? I am just now setting up my office with Iphones and Cisco VPN and I am running into the same exact issue. I dont know of any firewalls on the Iphone, yet my Cisco client shows a mismatch between the Iphone and Cisco. Anu help is greatly appreciated.

• Issue with VPN configuration in Windows 2008 r2 and 2012 Servers.

  Hello ,
  I hope you can help me to fix this issue, it's been 5 days since I a, trying to configure VPN in your 2008 and 2012 Servers. On both platform  (2008 and 2012) I am getting same error while configuring VPN (after role installation). 
  "Unable to load C:\Windows\System32\iprtrmgr.dll". So, I have removed IPv 6 entry from the registry and now able to start server (not sure what configuration it took automatically).  I tried to disable "Routing
  and Remote Access" service and got the same error while enabling "Routing and Remote Access" is running but VPN is still not functioning properly). 
  I am getting following error,
  ================================================
  Errors under the Event viewer (Remote access)
  1) --->>    CoId={DF744409-02D7-4FF4-AD24-504F0C83E1AB}: The user 10.0.0.1\chetan connected from 10.0.0.1 but failed an authentication attempt due to the following reason: The remote connection was denied because the user name and password
  combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server.
  2) ----->>   CoId={DF744409-02D7-4FF4-AD24-504F0C83E1AB}: The user connected to port VPN3-127 has been disconnected because the authentication process did not complete within the required amount of time.
  Errors under the Event viewer (Remote access)
  3) ---->>  Network Policy Server denied access to a user.
  Contact the Network Policy Server administrator for more information.
  ================================================
  I am using (MS-CHAP v2) + EAP (Authentication Method).  Please let me know if you need any additional information. 
  Thank you,

  I Guess this thread is not related to SQL Server .User is facing issue because of network or may be due to OS.I guess I will move this into windows forum.
  Moderators please move to Network forum
  Please mark this reply as the answer or vote as helpful, as appropriate, to make it useful for other readers

• Print issue with vpn access

  I read that print access is only possible via IP address rather than name when connected on vpn. Appreciate if anyone can help me understand why is it so.
  Thanks in advance

  Jan's response made me realize I probably misinterpreted the new question.
  To get internet access on the client, indeed you need to do one of 2 things:
  - as Jan said, configure split-tunnel so the internet traffic does not pass through the tunnel
  OR
  - enable U-turn on the ASA, which includes allowing same-interface traffic and creating a NAT rule for traffic from the VPN pool to the internet
  see e.g.
  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080972e4f.shtml
  https://supportforums.cisco.com/docs/DOC-11640
  Herbert