IPhone OS 3.0 - internet tethering and Cisco VPN Client
Hello,
The latest OS for the iPhone allows users to tether their iPhone to a Mac/PC so that the user can browse the internet through the carriers mobile 3G network.
I can confirm that internet tethering works on my Macbook Pro, but the following error is displayed when i load the CiscoVPN Client (version 4.9.01 (0100))
"Error 51: Unable to communicate with the VPN subsystem.
Please make sure that you have at least one network interface that is cuurently active and has an ip address and start this application again."
Does this mean that the Cisco VPN client cannot see the internet connection supplied by the iPhone even though i can browse the internet while this error is being displayed??
Regards,
Eddie S
Same problem here and I'm wondering the same. I also noticed that the same error comes also when my ethernet connection and iPhone tethering are active at the same time. Then there really should be a connection.
Despite that, I have the same problem and using bluetooth tethering doesn't solve this. Still the same error even though Internet connection works otherwise fine.
Any suggestions? Have Cisco tested this?
I'm using MacBook Pro 13" OS X 10.5.8, iPhone 3GS 3.0.1 with official finnish carrier Sonera, Cisco Systems VPN Client 4.9.01 (0100)
Similar Messages
-
Since upgrading to Lion, I can no longer use VPN because my RSA securid token and CIsco VPN Client won't load. Any suggestioins out there?
.
-
Mac Lion and Cisco VPN client problems
I just installed Lion 10.7 on my iMac and can no longer use the downloaded Cisco VPN client to connect to Microsoft Remote Desktop and access the PC in my company's office. When I try to launch the VPN client I get Error 51. I used to be able to enter a command in the Terminal as a workaround to use the VPN client when that happened, but that no longer works. I have tried booting into 32-bit mode; doesn't work. I tried to use the Cisco client built into Lion using settings provided by my company. When I try to connect I get the following message: "The negotiation with the VPN server failed. Verify the server address and try reconnecting."
I have searched the web looking for a solution. My company's tech department is stumped; the Apple Geniuses haven't been able to help. Does anyone have any ideas how I can use either the downloaded Cisco VPN client or the client built into Lion?
Sent from Cisco Technical Support iPad AppHere is the link which you can use to configure the inbuilt VPN client in MAC Lion.
http://glazenbakje.wordpress.com/2011/07/28/how-to-create-a-cisco-vpn-connection-in-apple-mac-os-x-lion/
Make sure you configure the attributes correctly.
Secondly the inbuilt VPN client code of Lion is made in collaboration with Cisco so there will not be any issues of compatibility.
Cheers,
Rohan -
Back To My Mac and Cisco VPN client
I've used back to my mac for a while and love it. Recently I've had to start using the Cisco VPN client and every time I use it it says "Because Back to My Mac is turned on, your VPN connection cannot be established with the server. Would you like to turn off Back to My Mac?". Is there any way to run them both without having to keep starting and stopping back to my mac?
I too have this issue.
Every time I have to connect via VPN, I have to disable my Back to My Mac.
Kinda *****.
Any solution? -
AFP Freeze and Cisco VPN Client w/ new Macbook Pro
I have an Intel Core Duo Macbook Pro with all software updates installed and running Cisco VPN client v4.9.01 (0030). If I try to connect to one of my clients via VPN and then connect to one of the server shares, afp basically freezes. I have added a snip of the log below. BUT - I take the same laptop onsite and try to connect to the same server, it works like a champ. I have tried the VPN connection from multiple source points (ie, different ISPs and routers/firewalls) and wired and wireless and all result in the same. I am frustrated and running out of options. Note that the same problem occurred with the previous Cisco VPN client and I thought the newer version would fix it - id didn't. Any help would be much appreciated.
tia,
Bill
Oct 27 16:05:01 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: doing reconnect on /Volumes/ADVSERV
Oct 27 16:05:01 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: connect to the server /Volumes/ADVSERV
Oct 27 16:05:01 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: Opening session /Volumes/ADVSERV
Oct 27 16:05:01 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: Logging in with uam 10 /Volumes/ADVSERV
Oct 27 16:05:01 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: Restoring session /Volumes/ADVSERV
Oct 27 16:05:01 my-computer KernelEventAgent[59]: tid 00000000 received VQ_NOTRESP event (1)
Oct 27 16:06:02 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: doing reconnect on /Volumes/ADVSERV
Oct 27 16:06:02 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: connect to the server /Volumes/ADVSERV
Oct 27 16:06:02 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: Opening session /Volumes/ADVSERV
Oct 27 16:06:02 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: Logging in with uam 10 /Volumes/ADVSERV
Oct 27 16:06:03 my-computer kernel[0]: AFP_VFS afpfs_Reconnect: Restoring session /Volumes/ADVSERV
Oct 27 16:06:03 my-computer KernelEventAgent[59]: tid 00000000 received VQ_NOTRESP event (1)Hi Bill,
Do you have any comparison data on services that DO work? I don't connect remotely to any Apple services so can't vouch for AFP always working, but have no issues with RDP services for Windows servers. Running 4.9.00 (0050). I have however just quickly VPN'd to a client and successfully opened an AFP share and browsed around over VPN - didn't even hesitate in establishing the connection.
When you mention taking the machine onsite i am assuming that you directly access the AFP shares and not via VPN, hence confirming that the VPN software is potentially the issue?
Are you running IPSEC over UDP or TCP? My transport is over UDP.
Good luck,
Justin -
Windows Vista RTM (Build 6000) and Cisco VPN Client 5.8.01.0590
I've sucessfully installed the above client and can access one of my VPN connections on TCP/10000 but I am unable to access any of my UDP enabled profiles.
Anyone have any ideas??In the VPN client click on Under transport tab see if the IPsec over UDP is enabled.For more information refer URL
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805734ae.shtml#vpnclient -
No Internet access after cisco vpn client connection
Hi Experts,
Kindly check below config.the problem is vpn is connected but no internet access
on computer after connecting vpn
ASA Version 8.0(2)
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
names
interface Ethernet0/0
nameif outside
security-level 0
ip address 192.168.10.10 255.255.255.0
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.14.12 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
shutdown
no nameif
no security-level
no ip address
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list dubai_splitTunnelAcl standard permit 192.168.14.0 255.255.255.0
access-list INSIDE_nat0_outbound extended permit ip any 192.168.14.240 255.255.2
55.240
pager lines 24
mtu inside 1500
mtu outside 1500
ip local pool testpool 192.168.14.240-192.168.14.250
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list INSIDE_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 192.168.10.12 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.14.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set setFirstSet esp-3des esp-md5-hmac
crypto dynamic-map dyn1 1 set transform-set setFirstSet
crypto dynamic-map dyn1 1 set reverse-route
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface outside
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
username testuser password IqY6lTColo8VIF24 encrypted
username khans password X5bLOVudYKsK1JS/ encrypted privilege 15
tunnel-group mphone type remote-access
tunnel-group mphone general-attributes
address-pool testpool
tunnel-group mphone ipsec-attributes
pre-shared-key *
prompt hostname context
Cryptochecksum:059363cdf78583da4e3324e8dfcefbf0
: end
ciscoasa#Hi Harish,
Please check the o/ps below and route print in attached file
Latest ASA Config
ASA Version 8.0(2)
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
names
interface Ethernet0/0
nameif outside
security-level 0
ip address 192.168.10.10 255.255.255.0
interface Ethernet0/1
nameif inside
security-level 100
ip address 192.168.14.12 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
shutdown
no nameif
no security-level
no ip address
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
access-list dubai_splitTunnelAcl standard permit 192.168.14.0 255.255.255.0
access-list INSIDE_nat0_outbound extended permit ip any 192.168.14.0 255.255.255
.0
pager lines 24
mtu outside 1500
mtu inside 1500
ip local pool testpool 192.168.15.240-192.168.15.250
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
route outside 0.0.0.0 0.0.0.0 192.168.10.12 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.14.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set setFirstSet esp-3des esp-md5-hmac
crypto dynamic-map dyn1 1 set transform-set setFirstSet
crypto dynamic-map dyn1 1 set reverse-route
crypto map mymap 1 ipsec-isakmp dynamic dyn1
crypto map mymap interface outside
crypto isakmp enable outside
crypto isakmp policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
crypto isakmp policy 65535
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
no crypto isakmp nat-traversal
telnet timeout 5
ssh timeout 5
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
service-policy global_policy global
group-policy mphone internal
group-policy mphone attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value dubai_splitTunnelAcl
username testuser password IqY6lTColo8VIF24 encrypted privilege 15
username testuser attributes
vpn-group-policy mphone
username khans password X5bLOVudYKsK1JS/ encrypted privilege 15
username khans attributes
vpn-group-policy mphone
tunnel-group mphone type remote-access
tunnel-group mphone general-attributes
address-pool testpool
tunnel-group mphone ipsec-attributes
pre-shared-key *
prompt hostname context
Cryptochecksum:12308d7ff6c6df3d71181248e8d38ba8
: end
ciscoasa#
Route Print after vpn connection
C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x40003 ...00 24 01 a2 e6 f1 ...... D-Link DFE-520TX PCI Fast Ethernet Adapter -
Packet Scheduler Miniport
0x250004 ...00 05 9a 3c 78 00 ...... Cisco Systems VPN Adapter - Packet Schedule
r Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.10.1 192.168.10.211 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.10.0 255.255.255.0 192.168.10.211 192.168.10.211 20
192.168.10.211 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.10.255 255.255.255.255 192.168.10.211 192.168.10.211 20
192.168.14.0 255.255.255.0 192.168.15.1 192.168.15.240 1
192.168.15.0 255.255.255.0 192.168.15.240 192.168.15.240 20
192.168.15.240 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.15.255 255.255.255.255 192.168.15.240 192.168.15.240 20
213.42.233.97 255.255.255.255 192.168.10.1 192.168.10.211 1
224.0.0.0 240.0.0.0 192.168.10.211 192.168.10.211 20
224.0.0.0 240.0.0.0 192.168.15.240 192.168.15.240 20
255.255.255.255 255.255.255.255 192.168.10.211 192.168.10.211 1
255.255.255.255 255.255.255.255 192.168.15.240 192.168.15.240 1
Default Gateway: 192.168.10.1
===========================================================================
Persistent Routes:
None
C:\>
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : asu
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection 7:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : D-Link DFE-520TX PCI Fast Ethernet A
dapter
Physical Address. . . . . . . . . : 00-24-01-A2-E6-F1
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.10.211
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DNS Servers . . . . . . . . . . . : 213.42.20.20
195.229.241.222
Ethernet adapter Local Area Connection 8:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Cisco Systems VPN Adapter
Physical Address. . . . . . . . . : 00-05-9A-3C-78-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.15.240
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : -
Connecting Cisco VPN client v5 to asa 5505
I am having problem configuring remote vpn between ASA5505 and Cisco VPN client v5. I can successfully establish connection between ASA and Vpn client and receive IP address from ASA. VPN client statistics windows shows that packets are send and encrypted but none of the packets is Received/Decrypted.
Can not ping asa 5505
Any ideas on what I have missed?Your NAT configuration is incomplete, enter the following commands to your configuration:
access-list nonat extended permit ip 192.168.1.0 255.255.255.0 192.168.0.0 255.255.255.0
nat (inside) 0 access-list nonat
This tells the ASA that the traffic destined for the VPN Client should not be NATted and should be sent directly to the client via the VPN Tunnel!
Please rate if the post helps!
Regards,
Michael -
Why doesn't my iPhone 4 have an 'Internet tethering' options? Is it carrier related or iOs related? Please help me find the solution for this. thanx
Personal Hot spot
http://support.apple.com/kb/HT3574
Understanding
http://support.apple.com/kb/HT4517
Trouble Shooting
http://support.apple.com/kb/TS2756 -
Boot camp with Cisco VPN client and smart card
Looking at a Macbook or Macbook Air and the only reason I need to run windows is to be able to access my work network through the Cisco VPN client and my Smartcard then use remote desktop. From my understanding if I run Bootcamp it should work am I correct? Im going to an Apple store tomorrow hopefully they can help too.
Thanksmrbacklash wrote:
Ok with that being said will the MBA 11.6 1.4ghz have the guts to make it run mostly internet based programs over the VPN connection?
I think if you are running apps over the Internet the bottleneck will be the Internet and your VPN bandwidth. Your computer can certainly execute faster than Internet communications.
Besides, Internet or remote applications run on the remote server. All your local computer does is local processing of the data if necessary.
Message was edited by: BobTheFisherman -
Problem with Cisco VPN client and HP elitebook 2530p windows 7 64-bit
Hi there
I have a HP Elitebook 2530p which i upgraded to windows 7 64-bit. I installed the Cisco VPN client application (ver. 5.0.07.0290 and also 64-bit) and the HP connection manager to connect to the internet through a modem Qualcomm gobi 1000 (that is inside the laptop). When I connect to the VPN, it connects (I write the username and password) but there is no traffic inside de virtual adapter for my servers. When I connect to the internet through wire or wireless internet, I connect de VPN client and there is no problem to establish communication to my servers.
I tried everything, also change the driver and an earlier version of the HP connection manager application. I also talked to HP and they told me that there was a report with this kind of problem and it was delivered to Cisco. I don’t know where is the problem.
Could anyone help me?
Thanks to all.You can try to update Deterministic Network Enhancer to the below listed release which supports
WWAN Drivers.
http://www.citrix.com/lang/English/lp/lp_1680845.asp.
DNE now supports WWAN devices in Win7. Before downloading the latest version of DNEUpdate from the links below, be sure you have the latest
drivers for your network adapters by downloading them from the vendors websites.
For 64-bit: ftp://files.citrix.com/dneupdate64.msi
Hope that helps. -
IPhone 2.1 now supports Cisco VPN Client to IOS router
Just tested it. The Cisco VPN Client in iPhone 2.1 now connects to my IOS router. Excellent.
I have a Cisco 1812 with 12.4(20)T. I know that 12.4(6)T and some other versions have an issue with the negotiation of IPSec policies which basically means that only the first proposal is considered. If the first proposal matches you have a connection. If it does not match, the connection is refused even though other proposals would be O.K.
The relevant isakmp/ipsec config should be:
crypto isakmp policy 3
encr 3des
authentication pre-share
group 2
crypto isakmp client configuration group myvpn
key mysecretkey
dns 10.0.0.2 10.0.0.3
wins 10.0.0.2
domain mydomain.example.com
pool ippool
acl 150
split-dns mydomain.example.com
netmask 255.255.255.0
crypto isakmp profile ike-myvpn-profile
match identity group myvpn
client authentication list userauthen
isakmp authorization list groupauthor
client configuration address respond
virtual-template 2
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec profile myvpn
set transform-set ESP-3DES-SHA
set isakmp-profile ike-myvpn-profile
interface Virtual-Template2 type tunnel
ip unnumbered FastEthernet1
ip nat inside
ip virtual-reassembly
tunnel mode ipsec ipv4
tunnel protection ipsec profile myvpn
See also http://www.cisco.com/en/US/docs/ios/security/configuration/guide/secipsec_virt_tunnl_ps6441_TSD_Products_Configuration_GuideChapter.html
If you have IOS 12.4(6)T or similar which has the bug I have mentioned you have to use aes instead of 3des for the transform set. The first proposal of the iPhone is aes. Be sure to check the "debug crypto ipsec" and "debug crypto isakmp" output for troubleshooting. -
Hi all,
I wonder if someone can be more helpful than my uni IT department who take a minimum of a week to get you an IP address...
My new uni uses Cisco VPN client for connection to the Wi-Fi network. It all works great apart from one (very annoying problem):-my e-mail accounts in mac mail don't seem to be able to connect via the VPN. I have had both an IMAP and a POP server e-mail account work automatically wherever I connect in the world for over a year now-so its not the way I've set up the accounts.
Is there any way to get mac mail to "see" the VPN connection. If I have to physically plug-in my mac this seems a tad ridiculous when it works in every coffee shop with free wi-fi.
My uni are not helpful as they want people to use either outlook or better still log-on to their e-mail using the web. I don't even want to use their e-mail-what is the point when I move jobs again in a year. What I do currently is use an IMAP account from my last job which I've set to forward to my "e-mail for life" from my undergrad uni. I basically only give out my life e-mail address and this also goes on all my papers.
If I can't access this easily and sort all my mail in all the folders I've created to filter out things like facebook etc. I'm wondering what the point of mac mail is.Yeah, that stuff normally works for me. Unfortunately this is a situation where you have to use an external Cisco VPN client software, whether you like it or not. Its this horrible clunky thing (which at least half works I guess). So its only like normal wi-fi in terms of selecting the network, then you have to open up this application and put in your log-in etc. Most of the settings on this client seem locked, so there isn't much I can do to configure it.
I've just got to my (temporary) accommodation which doesn't have wi-fi or VPN (just ethernet) and my mail is working again-so it must be the VPN. Goodness knows how it works with an iPod touch (interested in getting one but kind of pointless if I spend most of my time at work and it doesn't work...)
Thanks for your suggestions though! -
Cisco VPN Client and Border Manager
Don't know if this is the correct spot, but here goes. We are using BM 3.8sp4 using proxy, and NAT. We have a contractor that needs to access his company network using a Cisco VPN Client Ver 5. They have Enable Transparent Tunneling checked in the client and IPSec over TCP port 1000.
Is this a filter exception to let it out or something else I need to set up?Port 1000, or 10000? (10,000 is something I've seen in the past, and
is what I used for the example in my BMgr filtering book. See URL
below).
You would probably need to open two ports up, in FILTCFG, from private
to public interfaces. First, IKE-st (UDP 500). Next, make a custom
stateful one for port 1000 (or whatever), probably UDP.
The last Cisco IPSec VPN client I used through BMgr needed UDP 500 and
UDP 4500 opened, just like the Novell IPSec VPN client. So I was able
to use the definitions supplied by Novell in FILTCFG. In your case,
you will probably have to add at least one custom exception.
Filter debug will tell you what is being filtered, if you know how to
use it. Or get PKTSCAN.NLM from download.novell.com, load it on the
server, and capture packets. Look at them on the server, or use
Wireshark, and you will see what protocol/ports are being sent from the
client IP address.
Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com *** -
Hello,
We have a Cisco ASA 5520 with the VPN PLus License and 8.04 IOS installed, we want to set up vpn access to our users. We can use the cisco VPN client which works on WIndows Platform, but we also have MAC OS 10.7 which works only with Cisco Anyconnect.
I am a little bit lost with all the client and the license, actually we can't setup more than 2 vpn session with an Anyconnect client installed on MAC or Windows. The authentication is by Certificate, the first two connect fine, but the third one don't connect and prompt for a username / password.
I joined a SH VER of my ASA, if anyome can tell me what is wrong on the license or perhaps it's a configuration problem?
Thanks a lot for the answer.
Mathieu.
fw-eps-02# sh ver
Cisco Adaptive Security Appliance Software Version 8.0(4)
Device Manager Version 6.4(1)
Compiled on Thu 07-Aug-08 20:53 by builders
System image file is "disk0:/asa804-k8.bin"
Config file at boot was "startup-config"
fw-eps-02 up 1 hour 36 mins
Hardware: ASA5520, 2048 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05
0: Ext: GigabitEthernet0/0 : address is c84c.75da.9a58, irq 9
1: Ext: GigabitEthernet0/1 : address is c84c.75da.9a59, irq 9
2: Ext: GigabitEthernet0/2 : address is c84c.75da.9a5a, irq 9
3: Ext: GigabitEthernet0/3 : address is c84c.75da.9a5b, irq 9
4: Ext: Management0/0 : address is c84c.75da.9a5c, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 750
WebVPN Peers : 2
AnyConnect for Mobile : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions : 2
This platform has an ASA 5520 VPN Plus license.
Serial Number: JMX1433L0Y3
Running Activation Key: 0x3a17c153 0x8c141630 0xe0f3b5d4 0x86044ccc 0x47193392
Configuration register is 0x40 (will be 0x1 at next reload)
Configuration last modified by mgeffroy at 15:33:11.409 CEST Mon Jan 23 2012
fw-eps-02#why don't you use built-in client in mac osx? it supports certificate authentication also.
another solution would be to buy additional ssl vpn licences: there is a limit of two ssl vpn sessions by default.
Sent from Cisco Technical Support iPad App
Maybe you are looking for
-
Can I use my Nationwide Messaging plan for the iPhone 4?
I currently have a plan called Nationwide Messaging (you get unlimited texting and data for $35 a month, and minutes are 40 cents each) which works well for me since I rarely use my phone to talk. All the iPhone FAQ says is that you need a Nationwid
-
3rd party usb2/firewirePCMCIA card not working properly after 10.4.6 update
Hi, I updated my mac to 10.4.6, after which I can no longer use my generic usb2/firewire PC card to sync my iPod via usb 2.0. My iPod (60gb photo) will still mount, but any app that tries to access the iPod portion of the drive (e.g. iTunes or the iP
-
Itunes store want connect. WHY?
Hello Apple haters, For some reason i can only connect to itunes store sometimes. My internet connection is great so that is not an issue. Messages like we could not complete your request . an unknown error occured (-1200) or (0x80090318). Typing a s
-
Portal self registration - modifying email messages sent from database
Hi, Using Self Registration feature of Portal, we need to modify the text sent to approved users by email. current message: The account that you requested at https://mysite/portal/pls/portal/ has been approved. You may now log on to the portal using
-
Locking table entry in VEKP table...
Hi all, How can i lock a particular table entry of VEKP table using 'ENQUEUE_E_TABLE' function module. Also provide some suggestion for checking locked entry. Regards, Mainak.