Issues with VPN on 10.3 Server

I have no problems using the VPN with 10.4 Server. I manage several of these, and the VPN works fine.
However, with 10.3 Server it doesn't seem to work. I have two 10.3.9 servers at different offices, and with each I can connect to the VPN, I get an IP address, but I cannot access any resources through the VPN. Does anyone have any ideas about this?

Thanks for your reply.
I'm using PPTP. I've got it set up the same way as with 10.4 server.
The servers are behind NAT routers, with TCP port 1723 forwarded to them.
In each case the private IP subnet on the server is different from the one I'm connecting from.
I'm connecting just fine to the VPN, but once I'm connected I can't connect to anything on the network.
One thing I see in the system log when I try to make a connection is this: "Protocol-Reject for unsupported protocol."
What do you think?

Similar Messages

  • Strange issue with VPN

    Hello,  I have a strange issue with a VPN we have on our ASA 5520.  We have 2 subnets my side of the VPN that can get to 27 subnets on the other side of the VPN.  However the last remote subnet which I will call 28 I find only 1 of my 2 subnets can get too.  When I reset the tunnel I find that my subnet cannot bring the IPSec tunnel up but the othe side of the tunnel can.  When I view my VPN tunnel Rx always has a value but Tx is always zero, which suggests the traffic isnt even getting there, but this subnet is all the same rules as the other subnets that work.  Any debug commands or tracing you can suggest? I've had others look at the issue and the cant see an issue.  Thanks

    Looks like you have a OD server setup for user authentication so you need to run this
    vpnaddkeyagentuser /LDAPv3/127.0.0.1
    that will add the correct record to OD and it will authenticate.
    Peter

  • Issues with CWLMS 3.2 Install Server 2008

    Hi,
    I am trying to install CWLMS 3.2 on Server 2008 SP2 - I have installed succesfully but when i try and login it asks for username and password which i fill out correctly and then just hangs and does nothing, it seems to be an issue with port 443 or redirection.
    Please help
    Thanks
    Rich

    Sounds like CSCtb17186 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtb17186
    that Joe mentioned in https://supportforums.cisco.com/message/676256#676256

  • Performance issues with class loader on Windows server

    We are observing some performance issues in our application. We are Using weblogic 11g with Java6 on a windows 2003 server
    The thread dumps indicate many threads are waiting in queue for the native file methods:
    "[ACTIVE] ExecuteThread: '106' for queue: 'weblogic.kernel.Default (self-tuning)'" RUNNABLE
         java.io.WinNTFileSystem.getBooleanAttributes(Native Method)
         java.io.File.exists(Unknown Source)
         weblogic.utils.classloaders.ClasspathClassFinder.getFileSource(ClasspathClassFinder.java:398)
         weblogic.utils.classloaders.ClasspathClassFinder.getSourcesInternal(ClasspathClassFinder.java:347)
         weblogic.utils.classloaders.ClasspathClassFinder.getSource(ClasspathClassFinder.java:316)
         weblogic.application.io.ManifestFinder.getSource(ManifestFinder.java:75)
         weblogic.utils.classloaders.MultiClassFinder.getSource(MultiClassFinder.java:67)
         weblogic.application.utils.CompositeWebAppFinder.getSource(CompositeWebAppFinder.java:71)
         weblogic.utils.classloaders.MultiClassFinder.getSource(MultiClassFinder.java:67)
         weblogic.utils.classloaders.MultiClassFinder.getSource(MultiClassFinder.java:67)
         weblogic.utils.classloaders.CodeGenClassFinder.getSource(CodeGenClassFinder.java:33)
         weblogic.utils.classloaders.GenericClassLoader.findResource(GenericClassLoader.java:210)
         weblogic.utils.classloaders.GenericClassLoader.getResourceInternal(GenericClassLoader.java:160)
         weblogic.utils.classloaders.GenericClassLoader.getResource(GenericClassLoader.java:182)
         java.lang.ClassLoader.getResourceAsStream(Unknown Source)
         javax.xml.parsers.SecuritySupport$4.run(Unknown Source)
         java.security.AccessController.doPrivileged(Native Method)
         javax.xml.parsers.SecuritySupport.getResourceAsStream(Unknown Source)
         javax.xml.parsers.FactoryFinder.findJarServiceProvider(Unknown Source)
         javax.xml.parsers.FactoryFinder.find(Unknown Source)
         javax.xml.parsers.DocumentBuilderFactory.newInstance(Unknown Source)
         org.ajax4jsf.context.ResponseWriterContentHandler.<init>(ResponseWriterContentHandler.java:48)
         org.ajax4jsf.context.ViewResources$HeadResponseWriter.<init>(ViewResources.java:259)
         org.ajax4jsf.context.ViewResources.processHeadResources(ViewResources.java:445)
         org.ajax4jsf.application.AjaxViewHandler.renderView(AjaxViewHandler.java:193)
         org.apache.myfaces.lifecycle.RenderResponseExecutor.execute(RenderResponseExecutor.java:41)
         org.apache.myfaces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:140)
    On googling this seems to be an issue with java file handling on windows servers and I couldn't find a solution yet. Any recommendation or pointer is appreciated

    Hi shubhu,
    I just analyzed your partial Thread Dump data, the problem is that the ajax4jsf framework ResponseWriterContentHandler triggers internally a new instance of the DocumentBuilderFactory; every time; triggering heavy IO contention because of Class loader / JAR file search operations.
    Too many of these IO operations under heavy load will create excessive contention and severe performance degradation; regardless of the OS you are running your JVM on.
    Please review the link below and see if this is related to your problem.. This is a known issue in JBOSS JIRA when using RichFaces / ajaxJSF.
    https://issues.jboss.org/browse/JBPAPP-6166
    Regards,
    P-H
    http://javaeesupportpatterns.blogspot.com/

  • Issue with one of the Managed server while enabling SSL.__ Issue Resovled

    Weblogic version:wls 8.1sp6
    SSL: internal
    Environment:
    1 AdminServer and 2 Managed servers. Admin and M1 are on same host. M2 is on different host. We have enabled SSL on M1 & M2 only. Configuration of M1 & M2 are identical. After restarting the servers M1 has no issue with SSL but M2 throws javax.net.ssl.SSLKeyException as shown below,
    <Aug 4, 2008 12:29:01 PM BST> <Notice> <WebLogicServer> <BEA-000360> <Server started in RUNNING mode>
    <Aug 4, 2008 12:29:02 PM BST> <Info> <WebLogicServer> <BEA-000213> <Adding address: 10.96.201.249 to licensed client list>
    <Aug 4, 2008 12:29:09 PM BST> <Notice> <Security> <BEA-090171> <Loading the identity certificate stored under the alias wpy-euq02 from the JKS keystore file /home/lonwpyq/ssl_cert/WPY_PAYROLLSOLUTIONSKeystore.jks.>
    <Aug 4, 2008 12:29:09 PM BST> <Notice> <Security> <BEA-090170> <Loading the private key stored under the alias wpy-euq02 from the JKS keystore file /home/lonwpyq/ssl_cert/WPY_PAYROLLSOLUTIONSKeystore.jks.>
    <Aug 4, 2008 12:29:09 PM BST> <Warning> <Security> <BEA-090773> <The certificate chain received from lonlxwebhost99.lehman.com - 10.71.129.99 contained a V3 certificate which key usage constraints forbid its key use by the key agreement algorithm.>
    <Aug 4, 2008 12:29:09 PM BST> <Warning> <Security> <BEA-090773> <The certificate chain received from lonlxwebhost99.lehman.com - 10.71.129.99 contained a V3 certificate which key usage constraints forbid its key use by the key agreement algorithm.>
    <Aug 4, 2008 12:29:09 PM BST> <Warning> <Security> <BEA-090773> <The certificate chain received from lonlxwebhost99.lehman.com - 10.71.129.99 contained a V3 certificate which key usage constraints forbid its key use by the key agreement algorithm.>
    <Aug 4, 2008 12:29:09 PM BST> <Error> <Cluster> <BEA-000141> <TCP/IP socket failure occurred while fetching statedump over HTTP from -6401422690190304510S:lonlxwebhost99:[16544,16544,16042,16042,16544,16042,-1,0,0]:etg:lonwpyq_16543_1.
    javax.net.ssl.SSLKeyException: [Security:090773]The certificate chain received from lonlxwebhost99.lehman.com - 10.71.129.99 contained a V3 certificate which key usage constraints forbid its key use by the key agreement algorithm.
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
    at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
    at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
    at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
    at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
    at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
    at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
    at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
    at com.certicom.tls.record.WriteHandler.write(Unknown Source)
    at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:66)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:124)
    at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
    at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:122)
    at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:322)
    at weblogic.cluster.HTTPExecuteRequest.connect(HTTPExecuteRequest.java:73)
    at weblogic.cluster.HTTPExecuteRequest.execute(HTTPExecuteRequest.java:121)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)>
    Please let me know where I am going wrong. Thnx in advance
    Message was edited by:
    Shashi_sr

    Solution given by BEA Engineer:
    <Warning> <Security> <BEA-090773> <The certificate chain received from lonlxwebhost99.lehman.com - 10.71.129.99 contained a V3 certificate which key usage constraints forbid its key use by the key agreement algorithm.>
    The reason for this was
    The CA Certificate was missing a required bit (according to RFC 3280).
    keyEncipherment bit is not in the KeyUsage and KeyUsage is marked as critical.
    As per RFC:
    The keyEncipherment bit is asserted when the subject public key is
    used for key transport. For example, when an RSA key is to be
    used for key management, then this bit is set.
    According to RFC3280, when the key will be used to encrypt other keys that are send over the wire ("key transport") the keyEncipherment bit of the KeyUsage extension must be set. If the KeyUsage extension is critical, the SSL certificate validation will check that the key can be used in the key agreement. That is, that the key can be used to encrypt the symmetric public key.
    Your KeyUsage only contains the following bits:
    [4]: ObjectId: 2.5.29.15 Criticality=true KeyUsage [
    DigitalSignature
    Key_CertSign
    Crl_Sign
    Since it is marked Critical, it MUST have the keyEncipherment bit.
    Otherwise, it should not be marked as Critical.
    So the three solutions that should work are
    1) Remove keyUsage
    2) Don't mark keyUsage as critical
    3) If keyUsage is critical, make sure keyEncipherment bit is set.

  • Issue with multiple application installation and server share

    Hi,
    SCCM 2007 SP2 R3 ICP2
    All servers W2K8R2
    I am having an issue with software installs.  When using a variable for multiple applciation installs, I get access errors when the applications go to install.  It appears to be a multiple connection issue, but I can't figure out why.
    I am using server shares for my DPs.  The proper permissions are set.  The servers (DP) are W2K8R2.  I think it has to do with the way R2 handles the conenctions.  I want to know if this is a known issue or if anyone has come accross
    it.
    I am going to post in the software distribution forum as well, but thought this would be a config question.

    Hi! I'm waking up this dead thread but I've got a *very* similar problem!
    I've got a SCCM 2007 SP2 R3 installation on Win2008.  All clients are in the same ConfigMgr-site. Multiple package deploy in the same site-boundary as the CM-server works excellent. (We've got  three DPs in the same site-boundary as the
    CM-server itself.)
    Now, we have a new site-boundary with it's own Protected DP where multiple package deploy fails
    but the same packages, being run from the task-sequnce works! So then the client can download, install and run the packages from the proteced DP just fine. All "single" packages install fine before the "Multiple Appliaction"-step.
    I've tripple checked that we're running the same packages when we're installing Multiple Packages as we do in the Task-Sequence. And
    the same Task-sequence with the Multiple Package installation step
    works fine in our site-boundary where the ConfigMgr-server is installed.
    Here's the log from a client trying to access and install one of three packages through the the Install Multiple Packages task-sequence step.
    <![LOG[Policy SMS10000-CEN000BD-25FE0E9B downloaded successfully]LOG]!><time="16:01:20.905+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="dsutils.cpp:597"><br/><![LOG[SMS PackageID = CEN000BD]LOG]!><time="16:01:20.905+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="dsutils.cpp:247"><br/><![LOG[Source version = 2]LOG]!><time="16:01:20.905+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="dsutils.cpp:296"><br/><![LOG[SMS Program Name = RESTORE]LOG]!><time="16:01:20.905+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="dsutils.cpp:317"><br/><![LOG[::CompressBuffer(65536,-1)]LOG]!><time="16:01:20.905+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="ccmzlib.cpp:695"><br/><![LOG[Compression (zlib) succeeded: original size 26608, compressed size 3254.]LOG]!><time="16:01:20.905+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="ccmzlib.cpp:484"><br/><![LOG[Policy for CEN000BD:"RESTORE" successfully stored in environment]LOG]!><time="16:01:20.905+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="dsutils.cpp:331"><br/><![LOG[Downloaded policies successfully]LOG]!><time="16:01:20.905+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="dsutils.cpp:725"><br/><![LOG[Installing pkg 'CEN000BD', program 'BACKUP']LOG]!><time="16:01:20.921+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="dsinstaller.cpp:290"><br/><![LOG[Resolving content for SMS Package CEN000BD]LOG]!><time="16:01:20.921+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="dsutils.cpp:768"><br/><![LOG[Getting local network information.]LOG]!><time="16:01:20.921+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="resolvesource.cpp:1846"><br/><![LOG[GetAdaptersAddressess entry point is supported.]LOG]!><time="16:01:20.921+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="ccmiputil.cpp:118"><br/><![LOG[DhcpGetOriginalSubnetMask entry point is supported.]LOG]!><time="16:01:20.937+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="ccmiputil.cpp:181"><br/><![LOG[Adapter {B3FC51BA-75F3-4C93-98D3-72ECE4B7A6A2} is DHCP enabled. Checking quarantine status.]LOG]!><time="16:01:21.124+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="ccmiputil.cpp:509"><br/><![LOG[Adapter {B3FC51BA-75F3-4C93-98D3-72ECE4B7A6A2} has 1 IPv4 address(es).]LOG]!><time="16:01:21.124+-60" date="12-12-2011" component="InstallSoftware" context="" type="2" thread="3040" file="ccmiputil.cpp:540"><br/><![LOG[Executing content location request for CEN000BD:2 as GUID:87F78866-5FCB-43FE-A2F7-07DA7F6863DF]LOG]!><time="16:01:21.124+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="resolvesource.cpp:1852"><br/><![LOG[Initializing CLibSMSMessageHeader with authenticator]LOG]!><time="16:01:21.295+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="libsmsmessaging.cpp:1103"><br/><![LOG[Sending RequestContentLocations]LOG]!><time="16:01:21.295+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="libsmsmessaging.cpp:3367"><br/><![LOG[Messaging Auth Using V4 Mode]LOG]!><time="16:01:21.295+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="libsmsmessaging.cpp:1400"><br/><![LOG[Formatted header:]LOG]!><time="16:01:21.295+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="libsmsmessaging.cpp:1500"><br/><![LOG[<Msg SchemaVersion="1.1" ReplyCompression="zlib"><ID/><SourceID>GUID:87F78866-5FCB-43FE-A2F7-07DA7F6863DF</SourceID><SourceHost/><TargetAddress>mp:[http]MP_LocationManager</TargetAddress><ReplyTo>direct:OSD</ReplyTo><Priority>3</Priority><Timeout>3600</Timeout><SentTime>2011-12-12T15:01:21Z</SentTime><Protocol>http</Protocol><Body Type="ByteRange" Offset="0" Length="618"/><Hooks><Hook2 Name="clientauth"><Property Name="Token"><![CDATA[CCMClientID: BBA60FFE-10D3-42AA-88BF-CBAC68CA4BB4<br/>CCMClientIDSignature: 3F5C9150307B32713AB75C2BD3431AFCB0816854881F6450868D120ABA7FC4424EF3407E6BD2531E32EBF4A89D92440D3BD9E68078A8BB5B899905A765C4AC28B1D837A0D58EB02C55048B1BA97BF0319B02276D87846F4748C2FBAA887C8921989CB07E15BD6685BFC84792B1C9E91EE140DA03BA01FBBF7F6EF824F5FFAF15<br/>CCMClientTimestamp: 2011-12-12T22:02:17Z<br/>CCMClientTimestampSignature: 4E28E6E6EEF71EB4A6FDE54155100F67610556C0E5F81DF82B6AB03608C1745485D65AB09F195D384903AB60DD9993118FCECCC3C9E85F5A9C0CB6E949A5F8DF305B7A5E64E0D98973AF12E034E468B6E7CC03FE23DC3DEB686CBA63FADD895F61D7034504C018F6F20561F40B47BC20509423C2385032A3AA6866F266409F1E]]></Property></Hook2></Hooks><Payload Type="inline"/><TargetHost/><TargetEndpoint>MP_LocationManager</TargetEndpoint><ReplyMode>Sync</ReplyMode><CorrelationID/></Msg><br/>]LOG]!><time="16:01:21.295+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="libsmsmessaging.cpp:1501"><br/><![LOG[CLibSMSMessageWinHttpTransport::Send: URL: STOSCCM02.INTERNT.SVT.SE:443  CCM_POST /ccm_system_AltAuth/request]LOG]!><time="16:01:21.295+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="libsmsmessaging.cpp:7446"><br/><![LOG[In SSL, but with no client cert]LOG]!><time="16:01:21.295+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="libsmsmessaging.cpp:7596"><br/><![LOG[In SSL, but with no media cert]LOG]!><time="16:01:21.295+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="libsmsmessaging.cpp:7602"><br/><![LOG[The request has succeeded. 200 OK]LOG]!><time="16:01:21.342+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="libsmsmessaging.cpp:7734"><br/><![LOG[Decompressing reply body.]LOG]!><time="16:01:21.342+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="libsmsmessaging.cpp:2395"><br/><![LOG[::DecompressBuffer(65536)]LOG]!><time="16:01:21.342+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="ccmzlib.cpp:735"><br/><![LOG[Filtering Content Locations.]LOG]!><time="16:01:21.342+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="resolvesource.cpp:1883"><![LOG[Decompression (zlib) succeeded: original size 522, uncompressed size 2128.]LOG]!><time="16:01:21.342+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="ccmzlib.cpp:646"><![LOG[ Adding \\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD\ to Local DP list.]LOG]!><time="16:01:21.342+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="resolvesource.cpp:1938">
    <br/><br/><![LOG[Found 0 DPs in subnet, 1 DPs in local site, 0 DPs in remote location and 0 Multicast DPs]LOG]!><time="16:01:21.389+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="resolvesource.cpp:1974">
    <![LOG[Shuffling HTTP local DP list.]LOG]!><time="16:01:21.389+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="resolvesource.cpp:2012">
    <![LOG[Shuffling Local DP list.]LOG]!><time="16:01:21.389+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="resolvesource.cpp:2087">
    <![LOG[Attempting to connect to \\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD\]LOG]!><time="16:01:21.389+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="resolvesource.cpp:2151">
    <![LOG[Deleting any existing network connections to "\\vaxcmdp01.domain.com\*".]LOG]!><time="16:01:21.389+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:407">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:01:21.389+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:01:34.974+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:01:37.985+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:01:42.711+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:01:45.721+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:01:50.400+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:01:53.411+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:01:58.090+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:02:01.100+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:02:05.780+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:02:08.790+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:02:13.469+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:02:16.480+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:02:21.174+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:02:24.185+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:02:28.911+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:02:31.921+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:02:36.600+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[Attempting to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD".]LOG]!><time="16:02:39.611+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:501">
    <![LOG[Retrying download...]LOG]!><time="16:02:44.290+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="tsconnection.cpp:508">
    <![LOG[dwErr, HRESULT=800704c3 (e:\nts_sms_fre\sms\framework\tscore\tsconnection.cpp,517)]LOG]!><time="16:02:47.300+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="tsconnection.cpp:517">
    <![LOG[Failed to connect to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000BD" (1219)]LOG]!><time="16:02:47.300+-60" date="12-12-2011" component="InstallSoftware" context="" type="3" thread="3040" file="tsconnection.cpp:517">
    <![LOG[!slistSMBPaths.empty(), HRESULT=80040103 (e:\nts_sms_fre\sms\framework\tscore\resolvesource.cpp,2163)]LOG]!><time="16:02:47.300+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="resolvesource.cpp:2163">
    <![LOG[TS::Utility::GetContentLocations( pszPackageId, L"", lSourceVersion, m_sSiteCode, m_sManagementPoint, &m_oHttpTransport, sClientID, TRUE, sNetworkAccessAccount, sNetworkAccessPassword, TRUE, TRUE, slistSMBPaths, slistHttpPaths ), HRESULT=80040103 (e:\nts_sms_fre\sms\client\osdeployment\installsoftware\dsutils.cpp,843)]LOG]!><time="16:02:47.300+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="3040" file="dsutils.cpp:843">
    <![LOG[Content location request for CEN000BD:2 failed, hr=0x80040103]LOG]!><time="16:02:47.300+-60" date="12-12-2011" component="InstallSoftware" context="" type="3" thread="3040" file="dsutils.cpp:843">
    While installing a single package from the same DP (VAXCMDP01) looks like this:
    ![LOG[PackageID = 'CEN000D1']LOG]!><time="15:29:13.401+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="main.cpp:332">
    <![LOG[BaseVar = '', ContinueOnError='']LOG]!><time="15:29:13.401+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="main.cpp:333">
    <![LOG[SwdAction = '0002']LOG]!><time="15:29:13.401+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="main.cpp:334">
    <![LOG[GetExecRequestMgrInterface successful]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="2768" file="installsoftware.cpp:218">
    <![LOG[Retrieving value from TSEnv for '_SMSTSPolicyCEN000D1_Install']LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="2768" file="installsoftware.cpp:85">
    <![LOG[::DecompressBuffer(65536)]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="2768" file="ccmzlib.cpp:735">
    <![LOG[Decompression (zlib) succeeded: original size 2844, uncompressed size 22640.]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="2768" file="ccmzlib.cpp:646">
    <![LOG[ADV_AdvertisementID=CEN20022]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="installsoftware.cpp:1119">
    <![LOG[PKG_PSF_ContainsSourceFiles=TRUE]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="installsoftware.cpp:1138">
    <![LOG[::DecompressBuffer(65536)]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="2768" file="ccmzlib.cpp:735">
    <![LOG[Decompression (zlib) succeeded: original size 12, uncompressed size 4.]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="2768" file="ccmzlib.cpp:646">
    <![LOG[SoftDist paused cookie = 16271]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="installsoftware.cpp:181">
    <![LOG[Found the location for the package _SMSTSCEN000D1. The location is on \\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000D1\]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="resolvesource.cpp:3146">
    <![LOG[nPos != CCM::Utility::String::npos, HRESULT=80004005 (e:\nts_sms_fre\sms\framework\tscore\resolvesource.cpp,253)]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="0" thread="2768" file="resolvesource.cpp:253">
    <![LOG[Creating a connection to \\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000D1\ with default account]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="resolvesource.cpp:2243">
    <![LOG[Connection request for "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000D1"]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="tsconnection.cpp:208">
    <![LOG[No credentials available for connecting to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000D1". See whether the share has already been connected.]LOG]!><time="15:29:13.417+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="tsconnection.cpp:233">
    <![LOG[Connecting to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000D1"]LOG]!><time="15:29:13.510+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="tsconnection.cpp:268">
    <![LOG[Successfully connected to "\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000D1"]LOG]!><time="15:29:13.588+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="tsconnection.cpp:287">
    <![LOG[SMS PkgID 'CEN000D1' resolved to location '\\vaxcmdp01.domain.com\SMS_DP$\SMSPKG\CEN000D1\']LOG]!><time="15:29:13.635+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="2768" file="installsoftware.cpp:145">
     Notice that it never checks for DPs in the same way as the multiple package install:
    <![LOG[Found 0 DPs in subnet, 1 DPs in local site, 0 DPs in remote location and 0 Multicast DPs]LOG]!><time="16:01:21.389+-60" date="12-12-2011" component="InstallSoftware" context="" type="1" thread="3040" file="resolvesource.cpp:1974">
    I know that the TS checks package dependencies before executing the TS. That's not possible with Multiple packages since they are variable dependant. I think this is somehow related although it doesn't explain why my client can't authenticate properly.
    The Network Access Account is a member of Domain Users and Domain Users have Read Access on the share and on the folder of the VAXCMDP01 DP - which should be identically configured to our other DPs closest to our ConfigMgr Server.
    Any ideas?
    Kind regards,
    Mathias

  • AAA issues with VPN and IPCP?

    Hi,
         I have been struggling to find a solution as to why my L2TP tunnel comes up, but, no ip through IPCP is working.  I have a few third party VPN providers that I can connect to with no problem.  My config is solid as far as the Virtual-PPP interface is concerned.  So, as far as the AAA is concerned, here are a few commands that I have used:
    aaa new-model
    aaa authentication login local_auth local
    aaa authentication ppp default none
    So, here is the revelant debugs:
    008940: *Jan  7 15:08:05.543 MDT: Vp1 LCP: Timeout: State Listen
    008941: *Jan  7 15:08:05.543 MDT: AAA/AUTHOR (00000007): Method list id=0 not configured. Skip author
    008942: *Jan  7 15:08:05.543 MDT: Vp1 PPP: Authorization NOT required
    008943: *Jan  7 15:08:05.543 MDT: Vp1 PPP: No remote authentication for call-out
    008944: *Jan  7 15:08:05.543 MDT: Vp1 AAA/AUTHOR/LCP: Authorization succeeds trivially
    008945: *Jan  7 15:08:05.543 MDT: Vp1 LCP: O CONFREQ [Listen] id 142 len 10
    008946: *Jan  7 15:08:05.543 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
    Cisco3825#
    008947: *Jan  7 15:08:07.559 MDT: Vp1 LCP: Timeout: State REQsent
    008948: *Jan  7 15:08:07.559 MDT: Vp1 LCP: O CONFREQ [REQsent] id 143 len 10
    008949: *Jan  7 15:08:07.559 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
    Cisco3825#
    008950: *Jan  7 15:08:09.575 MDT: Vp1 LCP: Timeout: State REQsent
    008951: *Jan  7 15:08:09.575 MDT: Vp1 LCP: O CONFREQ [REQsent] id 144 len 10
    008952: *Jan  7 15:08:09.575 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
    Cisco3825#
    008953: *Jan  7 15:08:11.591 MDT: Vp1 LCP: Timeout: State REQsent
    008954: *Jan  7 15:08:11.591 MDT: Vp1 LCP: O CONFREQ [REQsent] id 145 len 10
    008955: *Jan  7 15:08:11.591 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
    Cisco3825#
    008956: *Jan  7 15:08:13.607 MDT: Vp1 LCP: Timeout: State REQsent
    008957: *Jan  7 15:08:13.607 MDT: Vp1 LCP: O CONFREQ [REQsent] id 146 len 10
    008958: *Jan  7 15:08:13.607 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
    008959: *Jan  7 15:08:13.691 MDT: Vp1 LCP: I CONFREQ [REQsent] id 0 len 8
    008960: *Jan  7 15:08:13.691 MDT: Vp1 LCP:    AuthProto PAP (0x0304C023)
    008961: *Jan  7 15:08:13.691 MDT: Vp1 LCP: O CONFACK [REQsent] id 0 len 8
    008962: *Jan  7 15:08:13.691 MDT: Vp1 LCP:    AuthProto PAP (0x0304C023)
    008963: *Jan  7 15:08:13.691 MDT: Vp1 LCP: State is Open
    008964: *Jan  7 15:08:13.691 MDT: Vp1 PPP: Phase is AUTHENTICATING, by the peer
    Cisco3825#
    008965: *Jan  7 15:08:13.691 MDT: AAA/AUTHEN/PPP (00000007): Pick method list 'default'
    008966: *Jan  7 15:08:13.691 MDT: Vp1 LCP: I CONFREJ [Open] id 146 len 10
    008967: *Jan  7 15:08:13.691 MDT: Vp1 LCP:    MagicNumber 0x1A220FED (0x05061A220FED)
    008968: *Jan  7 15:08:13.691 MDT: Vp1 LCP: O CONFREQ [ACKsent] id 147 len 4
    008969: *Jan  7 15:08:13.775 MDT: Vp1 LCP: I CONFACK [ACKsent] id 147 len 4
    008970: *Jan  7 15:08:13.775 MDT: Vp1 LCP: State is Open
    008971: *Jan  7 15:08:13.775 MDT: AAA/AUTHEN/PPP (00000007): Pick method list 'default'
    Cisco3825#
    008972: *Jan  7 15:08:23.783 MDT: Vp1 AUTH: Timeout 1
    Cisco3825#
    008973: *Jan  7 15:08:33.799 MDT: Vp1 AUTH: Timeout 2
    Cisco3825#
    008974: *Jan  7 15:08:43.815 MDT: Vp1 AUTH: Timeout 3
    Cisco3825#
    008975: *Jan  7 15:08:53.831 MDT: Vp1 AUTH: Timeout 4
    Cisco3825#
    008976: *Jan  7 15:09:03.847 MDT: Vp1 AUTH: Timeout 5
    Cisco3825#
    008977: *Jan  7 15:09:07.356 MDT: Vp1 PPP: Outbound ip packet dropped
    Cisco3825#
    008978: *Jan  7 15:09:13.864 MDT: Vp1 AUTH: Timeout 6
    Cisco3825#
    008979: *Jan  7 15:09:17.356 MDT: Vp1 PPP: Outbound ip packet dropped
    Cisco3825#
    008980: *Jan  7 15:09:23.880 MDT: Vp1 AUTH: Timeout 7
    Cisco3825#
    008981: *Jan  7 15:09:27.356 MDT: Vp1 PPP: Outbound ip packet dropped
    Cisco3825#
    008982: *Jan  7 15:09:33.896 MDT: Vp1 AUTH: Timeout 8
    Cisco3825#
    008983: *Jan  7 15:09:37.356 MDT: Vp1 PPP: Outbound ip packet dropped
    Cisco3825#
    008984: *Jan  7 15:09:43.912 MDT: Vp1 AUTH: Timeout 9
    Cisco3825#
    008985: *Jan  7 15:09:47.356 MDT: Vp1 PPP: Outbound ip packet dropped
    Cisco3825#
    008986: *Jan  7 15:09:53.928 MDT: Vp1 AUTH: Timeout 10
    Cisco3825#
    008987: *Jan  7 15:09:57.356 MDT: Vp1 PPP: Outbound ip packet dropped
    Cisco3825#
    008988: *Jan  7 15:10:03.944 MDT: Vp1 AUTH: Timeout 11
    008989: *Jan  7 15:10:03.944 MDT: Vp1 PPP: Sending Acct Event[Down] id[7]
    008990: *Jan  7 15:10:03.944 MDT: AAA/ACCT/EVENT/(00000007): NET DOWN
    008991: *Jan  7 15:10:03.944 MDT: AAA/ACCT/NET(00000007): Method list not found
    008992: *Jan  7 15:10:03.944 MDT: AAA/ACCT(00000007): del node, session 4
    008993: *Jan  7 15:10:03.944 MDT: AAA/ACCT/NET(00000007): free_rec, count 0
    008994: *Jan  7 15:10:03.944 MDT: AAA/ACCT/NET(00000007) reccnt 0, csr FALSE, osr 0
    008995: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Update Vp1
    008996: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Vp1 [pre-sess] (rx/tx) base 2114/15028 pre 15468/32490 call 15468/32490
    008997: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Vp1 [pre-sess] (rx/tx) adjusted, pre 13354/17462 call 0/0
    008998: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Update Vp1
    008999: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Vp1 [sess] (rx/tx) base 2114/15028
    Cisco3825# pre 15468/32490 call 15468/32490
    009000: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Vp1 [sess] (rx/tx) adjusted, pre 13354/17462 call 0/0
    009001: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Deregister Vp1
    009002: *Jan  7 15:10:03.944 MDT: Vp1 PPP: Phase is TERMINATING
    009003: *Jan  7 15:10:03.944 MDT: Vp1 LCP: O TERMREQ [Open] id 148 len 4
    009004: *Jan  7 15:10:03.944 MDT: AAA/ACCT/EVENT/(00000007): CALL STOP
    009005: *Jan  7 15:10:03.944 MDT: AAA/ACCT(00000007) reccnt 0, osr 0
    009006: *Jan  7 15:10:04.028 MDT: Vp1 LCP: I TERMACK [TERMsent] id 148 len 4
    009007: *Jan  7 15:10:04.028 MDT: Vp1 LCP: State is Closed
    009008: *Jan  7 15:10:04.028 MDT: Vp1 PPP: Phase is DOWN
    009009: *Jan  7 15:10:04.028 MDT: Vp1 PPP: Phase is ESTABLISHING, Passive Open
    009010: *Jan  7 15:10:04.028 MDT: Vp1 LCP: State is Listen
    Cisco3825#
    009011: *Jan  7 15:10:06.024 MDT: Vp1 LCP: Timeout: State Listen
    009012: *Jan  7 15:10:06.024 MDT: AAA/BIND(00000009): Bind i/f Virtual-PPP1
    009013: *Jan  7 15:10:06.024 MDT: AAA/ACCT/HC(00000009): Register Vp1 100Mbit/s, poll every 5m 0s
    009014: *Jan  7 15:10:06.024 MDT: AAA/ACCT/HC(00000009): Update Vp1
    009015: *Jan  7 15:10:06.024 MDT: AAA/ACCT/HC(00000009): Vp1 [init-sess] (rx/tx) base 15474/32498 pre 15474/32498 call 15474/32498
    009016: *Jan  7 15:10:06.024 MDT: AAA/ACCT/HC(00000009): Vp1 [init-sess] (rx/tx) adjusted, pre 0/0 call 0/0
    009017: *Jan  7 15:10:06.024 MDT: AAA/ACCT/EVENT/(00000009): CALL START
    009018: *Jan  7 15:10:06.024 MDT: Getting session id for NET(00000009) : db=6902396C
    009019: *Jan  7 15:10:06.024 MDT: AAA/ACCT(00000000): add node, session 6
    009020: *Jan  7 15:10:06.024 MDT: AAA/ACCT/NET(00000009): add, count 1
    009021: *Jan  7 15:10:06.024 MDT: Getting session id for NONE(00000009) : db=6902396C
    009022: *Jan  7 15:10:06.024 MDT: AAA/AUTHOR (0000
    Cisco3825#0009): Method list id=0 not configured. Skip author
    009023: *Jan  7 15:10:06.024 MDT: Vp1 PPP: Authorization NOT required
    009024: *Jan  7 15:10:06.024 MDT: Vp1 PPP: No remote authentication for call-out
    009025: *Jan  7 15:10:06.024 MDT: Vp1 AAA/AUTHOR/LCP: Authorization succeeds trivially
    009026: *Jan  7 15:10:06.024 MDT: Vp1 LCP: O CONFREQ [Listen] id 149 len 10
    009027: *Jan  7 15:10:06.024 MDT: Vp1 LCP:    MagicNumber 0x1A23E698 (0x05061A23E698)
    009028: *Jan  7 15:10:06.108 MDT: Vp1 LCP: I CONFREJ [REQsent] id 149 len 10
    009029: *Jan  7 15:10:06.108 MDT: Vp1 LCP:    MagicNumber 0x1A23E698 (0x05061A23E698)
    009030: *Jan  7 15:10:06.108 MDT: Vp1 LCP: O CONFREQ [REQsent] id 150 len 4
    009031: *Jan  7 15:10:06.192 MDT: Vp1 LCP: I CONFACK [REQsent] id 150 len 4
    Cisco3825#
    009032: *Jan  7 15:10:07.356 MDT: Vp1 PPP: Outbound ip packet dropped
    009033: *Jan  7 15:10:08.104 MDT: Vp1 LCP: Timeout: State ACKrcvd
    009034: *Jan  7 15:10:08.104 MDT: Vp1 LCP: O CONFREQ [ACKrcvd] id 151 len 4
    009035: *Jan  7 15:10:08.188 MDT: Vp1 LCP: I CONFACK [REQsent] id 151 len 4
    Cisco3825#
    009036: *Jan  7 15:10:10.120 MDT: Vp1 LCP: Timeout: State ACKrcvd
    009037: *Jan  7 15:10:10.120 MDT: Vp1 LCP: O CONFREQ [ACKrcvd] id 152 len 4
    009038: *Jan  7 15:10:10.204 MDT: Vp1 LCP: I CONFACK [REQsent] id 152 len 4
    Cisco3825#show
    009039: *Jan  7 15:10:12.136 MDT: Vp1 LCP: Timeout: State ACKrcvd
    009040: *Jan  7 15:10:12.136 MDT: Vp1 LCP: O CONFREQ [ACKrcvd] id 153 len 4
    009041: *Jan  7 15:10:12.216 MDT: Vp1 LCP: I CONFACK [REQsent] id 153 len 4
    Cisco3825#show l2tp
    009042: *Jan  7 15:10:14.152 MDT: Vp1 LCP: Timeout: State ACKrcvd
    009043: *Jan  7 15:10:14.152 MDT: Vp1 LCP: O CONFREQ [ACKrcvd] id 154 len 4
    009044: *Jan  7 15:10:14.232 MDT: Vp1 LCP: I CONFACK [REQsent] id 154 len 4
    Cisco3825#show l2tp
    L2TP Tunnel and Session Information Total tunnels 1 sessions 1
    LocTunID   RemTunID   Remote Name   State  Remote Address  Sessn L2TP Class/
                                                               Count VPDN Group
    37822      1          xxxxxxxxxxxx est    xxx.xxx.xxx.xxx  1     l2tp_default_cl
    LocID      RemID      TunID      Username, Intf/      State  Last Chg Uniq ID
                                     Vcid, Circuit
    124        1          37822      1, Vp1               est    00:02:03 1
    Here are a couple things I noticed:
    009001: *Jan  7 15:10:03.944 MDT: AAA/ACCT/HC(00000007): Deregister Vp1
    008990: *Jan  7 15:10:03.944 MDT: AAA/ACCT/EVENT/(00000007): NET DOWN
    I don't have this issue with other providers.  I don't have the whole radius / tacacs things setup as it's not necessary for our needs.
    Ideas?
    Thanks for the help.
    Jason

    Hi,
    To resolve your issue as soon as possible, please post your question on the Forefront TMG forum:
    http://social.technet.microsoft.com/Forums/en-US/home?forum=Forefrontedgegeneral
    Steven Lee
    TechNet Community Support

  • Lion Ichat client issues with logging into SL Ichat server

    We run the iChat server on our OD master running 10.6.8. We have about 250 users and it's working great for everyone on Leopard or SL (the majority of our users).
    We just started upgrading people to Lion, as well as getting some new lion machines.  The people who are on Lion Pre-Configured machines seem ok, but the people who we upgrade are having issues with logging into it.  Sometimes it will work just fine, and other times they just can't log in.  They get the ~ symbol by their status and can't connect to the server. 
    The only fix seems to be trashing their prefs AND rebooting, just trashing them or just rebooting don't seem to be enough to fix this. Anyone seen or have a better fix for this? It has happened more than once for the same user.

    Same problem here [https://discussions.apple.com/message/23114338#23114338].
    Were you ever able to troubleshoot or fix this? File a bug report?

  • Issue with Carbon Copy Mail on Server

    Hi there everyone. I am having some issues with the Mail service feature on OS 10.2.8 server. There is a setting that allows you to check it and enter an email address to "copy incoming and outgoing messages to". I have been using this for a while now and as of 6 months ago, after a restart of the server, it stopped working. I try to go in and re enter an email address (because the setting is blank) and it tells me that the email address is either not valid or does not have email enabled.
    Both are not true. The account I use for this is a POP account and it does have mail enabled on that server. I tried creating a different account and using it but I keep having the same results.
    Any ideas as to why this is happening and how I could get it resolved? Anything would be greatly appreciated.
    Thanks.

    If you are wondering if it's a permissions issue, you'll spend less time repairing them than posting here.
    Run DiskUtility and do a repair permissions. This can't resolve any permission issue, but does reset permissions to what the system believes they should be.
    Your issue is more likely a config error, perhaps from a hiccup when ServerAdmin fails.
    I didn't use the mail system of OS X during the 10.2 days... so I can't advise you. Wouldn't even know where to start.
    You'll need someone that knows the 10.2 mail service or you'll need to dig through docs and learn where the config files live.
    You could try something like grep'ing the /etc directory for the email address you entered for bcc. something like:
    sudo grep -r [email protected] /etc
    Jeff

  • Issue with VPN compatibility between 2811 and 2911

         hello
    I would like to ask anyone have had any issues with setting up a VPN tunnel between 2811 and 2911?
    The IPSec VPN is established but for some reason I cannot ping the LAN side to the other LAN side of the other end of the VPN Router?
    Any experience would be much appreciated
    Thanks           

    IPSec VPN can be with no problem set up between any cisco routers (and not nesesserely cisco),  so there are should be no issues in your case.
    If you say that tunnel is established successfully, then problem most probably related to routing issues between sites or incorrect crypto-acl configured. Check if hosts on both sites have correct routing information on how to get to subnets on the other site.
    To make more accurate assumptions it would help if you provide config on both sites and describe your topology.

  • Issue with Settting up SCCM IBCM server

    I am having issues with our SCCM IBCM server.  I have set up a dedicated server just for this purpose, installing MP, DP, componet Server, Site System, and Software Update point. I specified the FQDM with an external IP address, and have applied it
    our external DNS, and I am able to ping it.  However, when I go into Software center to test a deployment, it gets an error stating it is unable to download.  Checking the LocationServices Log I see this (I've obfuscated my FQDN and site code):
    Failed to send management point list Location Request Message to FQDM.local.net LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    LSUpdateInternetManagementPoints: Failed to retrieve internet MPs from MP FQDM.local.net with error 0x87d00231, retaining previous list. LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    There is no AMP for site code 'ABC'. Nulling existing entry in WMI LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    Persisted Default Management Point Locations locally LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    Refreshing the Management Point List for site ABC LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    [CCMHTTP] AsyncCallback(): ----------------------------------------------------------------- LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    [CCMHTTP] AsyncCallback(): WINHTTP_CALLBACK_STATUS_SECURE_FAILURE Encountered LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    [CCMHTTP] : dwStatusInformationLength is 4
    LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    [CCMHTTP] : *lpvStatusInformation is 0x10
    LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    [CCMHTTP] : WINHTTP_CALLBACK_STATUS_FLAG_CERT_CN_INVALID is set
    LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    [CCMHTTP] AsyncCallback(): ----------------------------------------------------------------- LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    Raising event:
    instance of CCM_CcmHttp_Status
    ClientID = "GUID:041EFC3C-D559-45EE-8B0E-528E8BD051DA";
    DateTime = "20141208213715.907000+000";
    HostName = "FQDM.local.net";
    HRESULT = "0x80072f8f";
    ProcessID = 2788;
    StatusCode = 16;
    ThreadID = 1564;
    LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    Failed to send request to /SMS_MP/.sms_aut?MPLIST2&ABC at host FQDM.local.net, error 0x2f8f LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    [CCMHTTP] ERROR: URL=https://FQDM.local.net/SMS_MP/.sms_aut?MPLIST2&ABC, Port=443, Options=31, Code=12175, Text=ERROR_WINHTTP_SECURE_FAILURE LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    Successfully sent location services HTTPS failure message. LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    Executing Task LSSiteRoleCycleTask LocationServices 12/8/2014 4:37:15 PM 3896 (0x0F38)
    Ignoring MP error during post-rotation flush period of 20 seconds. LocationServices 12/8/2014 4:37:15 PM 3896 (0x0F38)
    0 internet MP errors in the last 10 minutes, threshold is 5. LocationServices 12/8/2014 4:37:15 PM 3896 (0x0F38)
    Failed to retrieve MP List for site code 'ABC' LocationServices 12/8/2014 4:37:15 PM 1564 (0x061C)
    MPLIST requests are throttled for 00:03:40 LocationServices 12/8/2014 4:37:15 PM 3892 (0x0F34)
    Unexpected row count (0) retrieved from AD. LocationServices 12/8/2014 4:37:16 PM 1564 (0x061C)
    Not sure what to do at this point.

    That did seem to resolve part of the issue I was having, the issue was when I deployed the certificate for the IBCM I defaulted it to Build from AD, and not Supply at request.  So I duplicated the template on our CA, made the change, and enrolled it
    on our just IBCM server.  I exported it, so I could apply it to the Distribution settings on the Primary server, I also modified the IIS bindings on the IBCM sever to use this new certificate. However, when I try to install a program, it still fails.
     In the LocationServices Log, I am seeing this:
    Executing Task LSMPCommSuccessTask LocationServices 12/10/2014 8:27:50 AM 3952 (0x0F70)
    Reset internet MP error count LocationServices 12/10/2014 8:27:50 AM 3952 (0x0F70)
    Using INF MP FQDN.Domain.com as lookup MP. LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    Attempting to retrieve default management points from lookup MP(s) via HTTPS LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    LSGetManagementPointsForSiteFromManagementPoint: Client is on Internet, skipping Intranet MP list request. LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    Unable to retrieve compatible MP(s) from AD LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    LSGetManagementPointsForSite: Domain joined client is in Internet - INF MP will be used to get other INF MPs. LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    LSUpdateInternetManagementPoints LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    No Location Reply received from FQDN.Domain.com LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    LSUpdateInternetManagementPoints: Failed to retrieve internet MPs from MP FQDN.Domain.com with error 0x80004005, retaining previous list. LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    There is no AMP for site code 'ABC'. Nulling existing entry in WMI LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    Persisted Default Management Point Locations locally LocationServices 12/10/2014 8:29:10 AM 756 (0x02F4)
    Raising event:
    instance of CCM_CcmHttp_Status
    ClientID = "GUID:041EFC3C-D559-45EE-8B0E-528E8BD051DA";
    DateTime = "20141210132911.624000+000";
    HostName = "FQDN.Domain.com";
    HRESULT = "0x00000000";
    ProcessID = 1756;
    StatusCode = 0;
    ThreadID = 1644;
    LocationServices 12/10/2014 8:29:11 AM 1644 (0x066C)
    Raising event:
    instance of CCM_CcmHttp_Status
    ClientID = "GUID:041EFC3C-D559-45EE-8B0E-528E8BD051DA";
    DateTime = "20141210132918.171000+000";
    HostName = "FQDN.Domain.com";
    HRESULT = "0x00000000";
    ProcessID = 1756;
    StatusCode = 0;
    ThreadID = 1644;
    LocationServices 12/10/2014 8:29:18 AM 1644 (0x066C)

  • GUI issues with VPN server / remote settings - SR520 UC540

    Kinda new to the CCA world, but not new to the game. So far I am finding the limitations a bit frustrating, but here's the main issue at the moment:
    Attempting to set up a simple network with a UC540 at HQ, with an SR520 at a SOHO site. I can get the remote VPN working fine, also get a VPN to the SR520 for remote administration working. Actually had everything working fine, saved the config and rebooted to test prior to shipping it to out.
    However, when I go back to look at the settings, trouble starts.The remote VPN settings don't show - the CCA tells me changes have been made in the CLI (not). The display for the VPN Server also seems buggy as it will not always display the settings for the VPN itself or the networks listed under split tunnels.Changes to either VPN setup appear to bork the other.
    As this is going to a site far, far away I need to be very sure that the VPN setup is solid, at least for remote access. I have a sneaking suspicion that some of the settings are shared and changes to one setup affect the other, but after going from everything working > save > reload > not working, I can't see what is wrong.
    Short version - need SOHO to communicate with HQ over site-to-site VPN, with remote access from 3d location to CCA.
    Any hints?

    Hi,
    To resolve your issue as soon as possible, please post your question on the Forefront TMG forum:
    http://social.technet.microsoft.com/Forums/en-US/home?forum=Forefrontedgegeneral
    Steven Lee
    TechNet Community Support

  • Issues with vpn connection thru ATT DSL

    Hi I hope someone can help me out...
    At work we use Cysco VPN Client Verstion 4.8.02.0010
    Everyone (about 18 people) can connect to it from their homes. For some reason I am the only member who can not connect.
    I am tryihg to connect Via ATT DSL and Cysco VPN Client shows that I am connected, however,
    I have no access to any of the networks from work.
    I have tried connecting using Cox Cable from a friend's home and it connects just fine.
    I have read many threads online that indicate that this is a common occurance with ATT DSL users but I have not found
    the fix.
    I am using modem/router type 2701 HG-B
    Any feedback will be greatly appreciated.
    Thank you,

    Make sure the encrytpion and parameters such as VPN group are negtotiated properly between the client and the server. Refer http://cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml for most commonly occuring VPN issues . Contact ATT for configuring their servers.

  • Routing Issue with 2 Nics on Windows Server 2008 R2

    Good Day
    My issue is I needed to set up port forwarding for a web server to communicate with our hotels management server to check availability.
    Initially the server has a single Nic configured in the 172.26.1.0 /24 network  , Its default gateway the Switch vlan interface 172.26.1.1
    We have many vlans for all the systems in the hotel and the server also needs to communicate with 3 other servers on different subnets which it does just fine.
    I now added an additional adsl line with a managed router which has an interface of 192.168.10.1 /24 , My servers second NIC has the IP address 192.168.10.2 with its gateway being the 192.168.10.1
    This 192.168.10.0 network is in a L2 Vlan and the rest of the network does not know it exists. It was working fine then just stopped asfter i added a static route to the server , which i did with RRas... I did this as the server could not communicate with
    just one of the servers..
    If i disable the 172.26.1.0 NIC the port forwarding works but then obviously the rest of the network goes down.. I know its a routing issue but am lost
    please help

    Hello,
    using multiple default gateways is not a good idea.
    See details in http://support.microsoft.com/kb/159168/en-us
    Best regards
    Meinolf Weber
    MVP, MCP, MCTS
    Microsoft MVP - Directory Services
    My Blog: http://blogs.msmvps.com/MWeber
    Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
    Twitter:  

  • Issue with VPN configuration in Windows 2008 r2 and 2012 Servers.

    Hello ,
    I hope you can help me to fix this issue, it's been 5 days since I a, trying to configure VPN in your 2008 and 2012 Servers. On both platform  (2008 and 2012) I am getting same error while configuring VPN (after role installation). 
    "Unable to load C:\Windows\System32\iprtrmgr.dll". So, I have removed IPv 6 entry from the registry and now able to start server (not sure what configuration it took automatically).  I tried to disable "Routing
    and Remote Access" service and got the same error while enabling "Routing and Remote Access" is running but VPN is still not functioning properly). 
    I am getting following error,
    ================================================
    Errors under the Event viewer (Remote access)
    1) --->>    CoId={DF744409-02D7-4FF4-AD24-504F0C83E1AB}: The user 10.0.0.1\chetan connected from 10.0.0.1 but failed an authentication attempt due to the following reason: The remote connection was denied because the user name and password
    combination you provided is not recognized, or the selected authentication protocol is not permitted on the remote access server.
    2) ----->>   CoId={DF744409-02D7-4FF4-AD24-504F0C83E1AB}: The user connected to port VPN3-127 has been disconnected because the authentication process did not complete within the required amount of time.
    Errors under the Event viewer (Remote access)
    3) ---->>  Network Policy Server denied access to a user.
    Contact the Network Policy Server administrator for more information.
    ================================================
    I am using (MS-CHAP v2) + EAP (Authentication Method).  Please let me know if you need any additional information. 
    Thank you,

    I Guess this thread is not related to SQL Server .User is facing issue because of network or may be due to OS.I guess I will move this into windows forum.
    Moderators please move to Network forum
    Please mark this reply as the answer or vote as helpful, as appropriate, to make it useful for other readers

Maybe you are looking for

  • How do i back up my itunes?

    i think im going to un install my itunes then re install it. soo what files should i copy and move and how should i go about it thank you.

  • Switching from sprint droid to iphone4:is there an APP FOR THAT??? lol

    i was wondering how easiest way i can transfer contacts from droid to iphone.. i had a droid thru sprint and upgraded to iphone4.. droid is not activated, iphone is.. which would be better: sync info on droid (its not activated, can i connect to wifi

  • "Unable to check revocation" error while checking CDP from non-domain user account

    Hi! I use 3-tier PKI infrastructure: Stand-alone offline Root CA: RootCA; Stand-alone offline Intermediate subordinate CA: SubCA; Enterprise CA: EntSubCA. In certificate we have three CDP point for CRL check: ldap:///, http:// and file:// I have Wind

  • Revert display driver on Mac Mini

    I made a mistake and installed a display driver on my Mac Mini, now I can't run iMovie because it requires a graphics adapter that supports Quartz Extreme.  How can I revert back to the original driver? Billy

  • How to use the servlet api

    I can't compile servlet code because it doesn't recognize the http... classes. I downloaded the servlet api but don't know what to do with it (unziped it but no installation!) please help