Making Application deployment working for VPN connection

Hi Guys,
Am trying to deploy application to users machines which are connected to VPN.
I dont have any idea, is that any https connection my SCCM will support. If it is failing, what all the series of steps i need to follow to enable deployment via VPN connection.
Please suggest.

If clients are connected through VPN, they will work exactly as any other client you have on your LAN.
Just make sure that you also specify a boundary for you VPN clients, like you do with you LAN clients.
Ronni Pedersen | Microsoft MVP - ConfigMgr | Blogs:
www.ronnipedersen.com/ and www.SCUG.dk/ | Twitter
@ronnipedersen

Similar Messages

  • Entering Correct info for VPN connection

    please suggest the correct configuration for entering information in order for my laptop to connect via VPN to my newly installed Leopard Server software. On my laptop, I have entered the following info on the System Preferences> network tab...
    Configuration: Default
    Server Address: 76.173.xx.xxx (my public IP address - do I need anything else?)
    Account name: XXXXXX (same as the account name in Server)
    under Authentication Settings, my password is fine and my shared secret is the same as on the Server.
    Am I entering in everything correctly? i am most concerned as to how the server address is supposed to be written. thanks!!

    Hi
    If Appletalk is enabled server side and you simply enter the IP address afp is assumed as the protocol to be used. If you prefer the extra effort involved in typing afp:// followed by the IP address you can use that as well. If you want to use the smb service rather than afp simply type smb://followed by the IP address. The same thing applies to ftp services. The Finder supports reads only for ftp services.
    If you are using VPN services you simply type in the private IP (LAN-side) address of the server rather than the public IP (WAN-side) address. Once a VPN connection has been established, the remote client behaves as if it is on the same LAN.
    You can make a connection using the Public WAN address if you enable port forwarding to a single LAN IP address for services you are interested in. For example if you wanted to access your server remotely using afp you configure your router to forward requests for port 548 to the internal IP address of your server. You can use this method for as many services you like as well as how many your router supports. Most commercially available routers support 10-20. Depending on the router you may have to configure an appropriate firewall rule as well. When faced with that it makes more sense to use a single VPN connection.
    I may be in danger of teaching granny to suck eggs but for what its worth for VPN connections to work successfully the remote client’s private IP address has to be different from the host site. For example if the remote site is on 192.168.1.x/24 as is the server then you won’t establish a connection. As far as the remote site is concerned its already connected to that network, why look elsewhere? 192.168.1.x/24 to 192.168.2.x/24 or 10.10.10.x/24 to 192.168.0.x/24 should result in successful VPN connections.
    For a list or IP addresses reserved for private use:
    http://www.iana.org/faqs/abuse-faq.htm#SpecialUseAddresses
    Hope this helps, Tony

  • Zone Base Forewall for VPN connections does not work after IOS upgrade

    Hi all,
    We use cisco router 2911 as corporate gateway - there is Zone Based Firewall implemented - I upgraded IOS to last version (15.2(2)T1) - originaly version 15.1(4)M1 - to solve issue with Anyconnect connections (bug CSCtx38806) but I found that after upgrade the VPN users are not able to communicate with sources in other zones.
    More specific
    WebVPN use this virtual template interface
    interface Virtual-Template100
    description Template for SSLVPN
    ip unnumbered GigabitEthernet0/1.100
    zone-member security INSIDE
    There are other zones VOICE, LAB, ...
    In the policy any connection is allowed (used inspection of icmp, tcp and udp) from INSIDE zone to VOICE or LAB zone
    After VPN connection I am able to reach resources in INSIDE zone (which is the most important), but not in other zones. Before upgrade it worked.
    Once I changed zone in Virtual-Template interface to VOICE, I was able to reach sources in VOICE zone but not in any other. I searched more and found the stateful firewall is not working for connections from VPN as ping is blocked by policy on returning way - it means by policy VOICE->INSIDE, once I allowed communication from "destination" zone to INSIDE zone - the connections started to work, but of cause it is not something I want to setup.
    Does anybody has the same experiance?
    Regards
    Pavel

    It seems to me I should add one importatant note - if client is connected directly in INSIDE zone, he can reach resources in other zones without any issue - so the problem is only when the client is connected by VPN - not in ZBF policy setup.
    Pavel

  • Trying to set a delay in an Applescript for VPN connection

    I need to be able to set some routes upon opening a particular VPN connection so I did some searching and found a really simple Applescript that does the job. Problem is it tries to set the routes before the VPN actually connects so the routes don't go in.
    I added in a 10 second delay which does the trick, but I'm thinking there has to be a way to do this that waits until the VPN actually connects before continuing - so if it takes 5 seconds or 10 or whatever, it waits.
    The other thing I'm doing that I think is bad is I'm sending a route delete command before sending the add command. Why? Because if I don't and for some reason the route is partially in the table, it doesn't give an error and ends up not routing. Again, probably a better way to do this.
    Here is my current script"
    -- Connect Work VPN
    tell application "System Events"
    tell current location of network preferences
    set VPNservice to service "Work" -- name of the VPN service
    if exists VPNservice then connect VPNservice
    end tell
    end tell
    delay 10
    set gateway to "x.x.x.x" -- omitted here for security
    do shell script "route delete 192.168.25.0/24 " & gateway with administrator privileges
    do shell script "route delete 192.168.20.0/24 " & gateway with administrator privileges
    do shell script "route add 192.168.25.0/24 " & gateway with administrator privileges
    do shell script "route add 192.168.20.0/24 " & gateway with administrator privileges
    Any suggestions??
    Thanks.

    you might want to try asking in the Applescript forum under OS X technologies.
    I don't have any VPN connections so can't test anything but applescript dictionary for system events indicates that configuration property of a service has a boolean property "connected". so just run a loop with, say, 1 second delay until this porperty becomes true. presumably it would be something along the lines
    <pre style="
    font-family: Monaco, 'Courier New', Courier, monospace;
    font-size: 10px;
    margin: 0px;
    padding: 5px;
    border: 1px solid #000000;
    width: 720px;
    color: #000000;
    background-color: #ADD8E6;
    overflow: auto;"
    title="this text can be pasted into the Script Editor">
    tell application "System Events"
    tell current location of network preferences
    set VPNservice to service "Work" -- name of the VPN service
    if exists VPNservice then connect VPNservice
    repeat until (connected of current configuration of VPNservice)
    delay 1
    end repeat
    end tell
    end tell
    set gateway to "x.x.x.x" -- omitted here for security
    do shell script "route delete 192.168.25.0/24 " & gateway with administrator privileges
    do shell script "route delete 192.168.20.0/24 " & gateway with administrator privileges
    do shell script "route add 192.168.25.0/24 " & gateway with administrator privileges
    do shell script "route add 192.168.20.0/24 " & gateway with administrator privileges</pre>

  • Unable to set manual IP address for VPN connection

    Recently a VPN connection with a client stopped working. They changed phone companies and changed some of the IP addresses.
    After alerting them I could no longer log in, I received the new server address which I can log in with it,
    BUT my computer is assigned a dynamic address that is already in use on their network. This causes my computer to *not* be connected to their network, even though I am inside their firewall; therefore I cannot adjust the database files I need to.
    I have tried to set the VPN (PPTP) connection TCP/IP address IPv4 manually, using the static address they just gave me. But each time I connect, [I believe] their router assigns me an address that is already in use.
    They do not use IPv6.
    Can anyone give me direction on how to make the manual IP address *stick*?
    The tech person at the site keeps telling me it is a problem with my "Mac, because with Windows.... blah, blah, blah".
    I am pretty sure this is not the case and in fact I was the one who let her know I was receiving a duplicate address.
    Your VPN expertise is really appreciated.
    Thanks in advance,
    Michele

    Hi,
    Please make sure the Ad hoc connection IP adress is at the same range with your local connection. In addition, how about recreate the ad hoc connection for test, please have a try.
    If problem persists, please use Network troubleshooter in Action Center to fix this problem for test.
    Roger Lu
    TechNet Community Support

  • Traffic only allowed one-way for VPN connected computers

    Hello,
    I currently have an ASA 5505.  I have set it up as a remote access SSL VPN. My computers can connect to the VPN just fine.  They just can't access the internal LAN (192.168.250.0).  They can't ping the inside interface of the ASA, or any of the machines.  It seems like all traffic is blocked for them.  The strange thing is that when someone is connected to the VPN, I can ping that VPN-connect machine from the ASA and other machines inside the LAN.  It seems the traffic only allows one way.  I have messed with ACL's with no avail.  Any suggestions please?
    DHCP Pool: 192.168.250.20-50 --> For LAN
    VPN Pool: 192.168.250.100 and 192.168.250.101
    Outside interface grabs DHCP from modem
    Inside interface: 192.168.1.1
    Current Running Config:
    : Saved
    ASA Version 8.2(5)
    hostname HardmanASA
    enable password ###### encrypted
    passwd ####### encrypted
    names
    interface Ethernet0/0
    switchport access vlan 20
    interface Ethernet0/1
    switchport access vlan 10
    interface Ethernet0/2
    switchport access vlan 10
    interface Ethernet0/3
    shutdown
    interface Ethernet0/4
    shutdown
    interface Ethernet0/5
    shutdown    
    interface Ethernet0/6
    shutdown
    interface Ethernet0/7
    switchport access vlan 10
    interface Vlan1
    no nameif
    no security-level
    no ip address
    interface Vlan10
    nameif inside
    security-level 100
    ip address 192.168.250.1 255.255.255.0
    interface Vlan20
    nameif outside
    security-level 0
    ip address dhcp setroute
    ftp mode passive
    dns domain-lookup inside
    dns domain-lookup outside
    pager lines 24
    mtu inside 1500
    mtu outside 1500
    ip local pool VPN_Pool 192.168.250.100-192.168.250.101 mask 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    global (outside) 10 interface
    nat (inside) 10 192.168.250.0 255.255.255.0
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    aaa authentication ssh console LOCAL
    http server enable
    http 192.168.250.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    telnet timeout 5
    ssh 192.168.250.0 255.255.255.0 inside
    ssh timeout 5
    ssh version 2
    console timeout 0
    dhcpd dns 8.8.8.8
    dhcpd address 192.168.250.20-192.168.250.50 inside
    dhcpd enable inside
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    enable outside
    svc image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
    svc image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2
    svc image disk0:/anyconnect-linux-2.5.2014-k9.pkg 3
    svc enable
    tunnel-group-list enable
    group-policy DfltGrpPolicy attributes
    dns-server value 8.8.8.8
    vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
    tunnel-group AnyConnect type remote-access
    tunnel-group AnyConnect general-attributes
    address-pool VPN_Pool
    tunnel-group AnyConnect webvpn-attributes
    group-alias AnyConnect enable
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map global_policy
    class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect ip-options
      inspect netbios
      inspect rsh
      inspect rtsp
      inspect skinny 
      inspect esmtp
      inspect sqlnet
      inspect sunrpc
      inspect tftp
      inspect sip 
      inspect xdmcp
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    call-home
    profile CiscoTAC-1
      no active
      destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
      destination address email [email protected]
      destination transport-method http
      subscribe-to-alert-group diagnostic
      subscribe-to-alert-group environment
      subscribe-to-alert-group inventory periodic monthly
      subscribe-to-alert-group configuration periodic monthly
      subscribe-to-alert-group telemetry periodic daily
    Cryptochecksum:30fadff4b400e42e73e17167828e046f
    : end

    Hello,
    I seem to be having the same kind of issue although I cannot ping from either end.
    Ive set up a l2tp/ipsec vpn which I am able to connect to and get ip from my ip pool (radius authentication is working).
    I tried running:
    access-list NAT_0 permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
    nat (inside) 0 access-list NAT_0
    but i get an error msg saying that the syntax of the nat command is deprecated. Im running ASA version 8.4.
    Ive fiddled around abit to find the correct syntax but have been unsuccessfull so far.
    Any help would be much appreciated
    This is a part of my config:
    object network obj_any
    subnet 0.0.0.0 0.0.0.0
    object network AD1
    host 192.168.1.31
    description AD/RADIUS
    object network NETWORK_OBJ_192.168.1.0_24
    subnet 192.168.1.0 255.255.255.0
    object network vpn_hosts
    subnet 192.168.2.0 255.255.255.0
    access-list AD_splitTunnelAcl standard permit 192.168.1.0 255.255.255.0
    access-list split-acl standard permit 192.168.1.0 255.255.255.0
    access-list inside_nat0_outbound extended permit ip any 192.168.1.0 255.255.255.0
    access-list inside_0_outbound extended permit ip object NETWORK_OBJ_192.168.1.0_24 object vpn_hosts
    ip local pool POOL2 192.168.2.2-192.168.2.10 mask 255.255.255.0
    nat (inside,outside) source static any any destination static NETWORK_OBJ_192.168.1.0_25 NETWORK_OBJ_192.168.1.0_25 no-proxy-arp route-lookup
    nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static NETWORK_OBJ_192.168.1.0_25 NETWORK_OBJ_192.168.1.0_25 no-proxy-arp route-lookup
    nat (inside,outside) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static vpn_hosts vpn_hosts
    object network obj_any
    nat (inside,outside) dynamic interface
    access-group outside_access_in in interface outside
    route outside 0.0.0.0 0.0.0.0 ########## 1
    no vpn-addr-assign aaa
    no vpn-addr-assign dhcp

  • CAS SSO not working for VPN Group

    Hello,
    I am trying to get SSO working for a CAS/CAM in a inband virtual gateway for VPN users coming in off a ASA5520. There are two VPN groups each with its own group policy and tunnel group. One group uses a Windows IAS Radius Server and the other a token based RADIUS RSA device.
    Users use the AnyConnect client to connect to the ASA where they are dumped into a vlan. SSO works for the group that uses the Winodws radius server. On the CAS the Cisco VPN Auth server has the Unauthenticated Group as the default group, and then I use mapping rules (Framed_IP_Address) to get the different vpn groups into the right roles. This works for the one group, but since SSO is not working on the second group the CAS never gets the chance to assign them into the correct role.
    The only thing I got is this from the ASA:
    AAA Marking RADIUS server billybob in aaa-server group cas_accounting as ACTIVE
    AAA Marking RADIUS server billybob in aaa-server group cas_accounting as FAILED
    I am so close but cant call this done yet....

    Hey Faisel,
    Thanks for the question.
    This is the stange thing. For days Group A (Windows Radius Server) was working and Group B (RSA Radius Server)  would not work. Then for some reason I had to reboot the CAS and BOOM...Group B started working and Group A STOPPED working.
    So on the ASA I now get these:
    AAA Marking RADIUS server cas2-hvn-3515 in aaa-server group cas_accounting2 as ACTIVE
    AAA Marking RADIUS server cas2-hvn-3515 in aaa-server group cas_accounting2 as FAILED
    Where cas_accounting2 is the AAA server group for Group A
    On the ASA I can see that the FW sends a packet to the cas:
    "send pkt cas2-hvn-3515/1813"
    but the FW never gets an answer back from the CAS for Group A whereas with Group B I can see the response from the CAS.
    "rad_vrfy() : response message verified"
    What can I look for in the CAS logs to see where the problem is. I will try and setup a packet capture on the CAS and debug it too.

  • Document library open in client application not working for img,pdf,txt files

    In an office 365 sharepoint site i have enabled open in client applicartion for document library but it is not working for image/txt/pdf files for word and excel files it is working fine. I have even turned on the feature open document in client application
    by default from site collection features also but there is no change.
    Please advice.
    Regards,
    Chaitanya

    Hi Chaitanya,
    The feature is currently designed to be used with HTTPS, and will not work as expected with the HTTP connection available on Office 365 for professionals and
    small businesses sites.
    To take advantage of this update, do the following steps:
    Wait for the update to the SharePoint Online service, which is in progress now.
    Upgrade Adobe Reader to the version 10.1.2 client.
    Add your SharePoint Online root URL/domain to the Trusted Sites security zone in Internet Explorer1 (e.g., 
    https://contoso.sharepoint.com).
    Check the Keep me signed in box when you log in to a SharePoint Online site.
    This
    SharePoint Online update is currently
    being rolled out worldwide along with several other new features.
    Best regards.
    Thanks
    Victoria Xia
    TechNet Community Support

  • Port forwarding not working for VPN

    Hi there,
    I am at a loss as to what I am doing wrong with regards to setting up a VPN. I admit this is all completely new territory for me, and I am learning as I go along, so may have overlooked something very obvious.
    I have openned up the VPN ports on the router (500, 1701, 4500 - UDP; 1723 - TCP), and can confirm from the logs that they are letting traffic in ok.
    So that leaves the server itself - testing using an open port checking tool confirms all ports I have open in the router firewall, and active and accessible on the server, except the VPN ports and service, are indeed open and accessible.
    The VPN service is running, and I have ensured the services are available within the firewall service for 'all', and all services available for the 192.168.1.xxx range.
    I have indicated that the VPN should use the range - 10.0.0.1 to 200
    The DNS and DHCP services on the server are running. At the domain resgitsrar, I have indicated that the subdomain I am using to access the server and its services via the web should point to the static IP I have from the ISP.
    I should mention that if I use the local IP address of the server, I can connect ok, it is only when I use the static IP that I am unable to connect.
    Every other port opens up successfully - FTP (21), Web (80/443), etc - just not the ones for the VPN, so I assume there is some sort of conflict between or within the the VPN/DHCP/DNS services or with the VPN service itself.
    Any advice and potential solutions would be greatly appreciated, as I have spent quite a bit of time trying to figure this one out by myself.
    Thanks in advance, and I hope to hear from folk soon.
    Chris

    OK - here's how my router is configured:
    NAT (Type = Destination) Public IP address to VPN Server IP address (I had a problem when I didn't have the NAT Type set properly)
    I have a separate public IP address reserved for VPN traffic, but that's not necessary if you set up the order of the rules on your router properly. It's just easier to have a separate IP address.
    These are the ports I have open:
    UDP - 500
    UDP - 1701
    TCP - 1723
    TCP - 3283
    UDP - 3283
    UDP - 4500
    TCP - 5900
    TCP - 5988
    I have these ports open to accomodate remoting in via Apple Remote Desktop.
    However, since Mavericks, I can't use ARD anymore. But I can use Back to My Mac and Screen Sharing (go figure!) to get to my server and then from the server I can use ARD within the network.
    Don't know if that helps or not, but it works for me.

  • Advice needed for VPN connections

    OK to first describe what I'm looking at .We have a bookmobile that goes to 13 different locations within our county. At each stop we are using the service provider's DSL modem to connect to their network, we have two different providers and staff changes the modem at each stop, and a Cisco831 router to make a VPN connection to our PIX. We are using the router to make the VPN connection so that we can have two staff computers use internal network resources i.e. Library database, network drives, e-mail. We tried using Cisco VPN client on the local machine but when we have two clients going on two machines at the same time neither would work. So we let the router make that connection.
    We are going to have two bookmobiles operating and I need to purchase another router to make the connection and I am wondering which router would be a better solution for us.
    So for me the question is
    1) should I keep things as they are and buy a 871 and have staff change modems as needed
    2) Should I get an 877, 878 router and make configuration changes daily as needed. Staff have not been able to do this in past. I've enough to do without this!
    3) Up for any suggestions Maybe SDM with a pretty GUI for staff to use. It seems Cisco's CLI was too much for them.
    Thanks to all for any help
    Systems A

    No Nat-traversal is enabled.
    When we tried multiple VPN connections it was through a DSL modem/router. This is why we went to a Cisco831 router and having it make the secure connection to our PIX.
    Thanks for you help

  • JMS doesn't work with VPN connection on weblogic8.1

              Hi:
              We have used JMS topic on weblogic 7.x and we use both LAN and VPN connection.
              However, when we switch to weblogic 8.1, although it works fine when using
              LAN connection,
              it does not work when using VPN connection. We tried three different machines,
              got the same
              error.
              The error is:
              weblogic.jms.common.JMSException: Error creating connection on the server
              at weblogic.jms.client.JMSConnectionFactory.createConnectionInternal(JMS
              ConnectionFactory.java:160)
              at weblogic.jms.client.JMSConnectionFactory.createTopicConnection(JMSCon
              nectionFactory.java:95)
              at com.dynamex.decs.common.jms.DecsSubscriber.initialize(DecsSubscriber.
              java:59)
              at com.dynamex.decs.client.orderentry.swing.OrderEntry.initRMI(OrderEntr
              y.java:1714)
              at com.dynamex.decs.client.orderentry.swing.OrderEntry.<init>(OrderEntry
              .java:124)
              at com.dynamex.decs.client.orderentry.swing.OrderEntry.main(OrderEntry.j
              ava:3180)
              Caused by: java.rmi.MarshalException: CORBA COMM_FAILURE 1398079697 No; nested
              e
              xception is:
              org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 209 completed:
              No
              at com.sun.corba.se.internal.iiop.ShutdownUtilDelegate.mapSystemExceptio
              n(Unknown Source)
              at javax.rmi.CORBA.Util.mapSystemException(Unknown Source)
              at weblogic.jms.frontend._FEConnectionFactoryRemote_Stub.connectionCreat
              eRequest(_FEConnectionFactoryRemote_Stub.java:106)
              at weblogic.jms.client.JMSConnectionFactory.createConnectionInternal(JMS
              ConnectionFactory.java:139)
              ... 5 more
              Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 209 completed:
              No
              at com.sun.corba.se.internal.iiop.IIOPConnection.purge_calls(Unknown Sou
              rce)
              at com.sun.corba.se.internal.iiop.MessageMediator.handleInput(Unknown
              So
              urce)
              at com.sun.corba.se.internal.iiop.messages.MessageBase.callback(Unknown
              Source)
              at com.sun.corba.se.internal.iiop.MessageMediator.processRequest(Unknown
              Source)
              at com.sun.corba.se.internal.iiop.IIOPConnection.processInput(Unknown
              So
              urce)
              at com.sun.corba.se.internal.iiop.ReaderThread.run(Unknown Source)
              Does anybody have the experience? Can anybody give a hint?
              Thanks,
              Tony
              

    Hi Tony,
              Given that the thick jar works, I would classify the problem
              as a bug - not a missing feature. The thin jar is contracted
              to be just as capable as the thick jar. My guess is that
              the bug is likely in IIOP but perhaps could be in JMS.
              Contact customer support (this forum is not maintained by
              customer support). Meanwhile, you can post your info
              to the IIOP newsgroup to see if they can help.
              You asked how long it would take to fix? That depends
              on bug priority (set by the customer) and bug complexity,
              but its usually measured in days or weeks (not months).
              You can speed up the process by giving support your
              logs and stack traces, as well as a simple reproducer,
              and telling them you are willing to try out a prototype
              patch. But before going through extra trouble, just give
              them the logs/stack traces, in case it is a known issue
              for which there is already a fix or there is a fix in progress.
              Tom
              tony yang wrote:
              > Tom:
              >
              > Thanks,
              > We actually use t3. However, in terms of weblogic 8.1 doc, t3 transparently
              > uses iopp. So t3 or iopp both fails over VPN connection.
              >
              > After replacing with full weblogic jar as you suggested, it works.
              >
              > However, we really want the thin client because we have huge amount of client
              > deployments.
              >
              > The other developers here also noticed other problems beside JMS problem
              > when using VPN connection and thin client jars.
              >
              > We guess full weblogic.jar uses real t3 instead of iiop.
              >
              > Seems that iiop does not work well over VPN connection.
              >
              > Could you give some estimate of when we can have the new thin client jars
              > to support VPN connection (even not official release)?
              >
              > Tony
              >
              > Tom Barnes <[email protected]> wrote:
              >
              >>Hi Tony,
              >>
              >>At first glance I don't know what is going on, and can only
              >>make some random suggestions. Perhaps try
              >>the t3 protocol (rather than iiop protocol) if you are using iiop
              >>URLs to connect to JMS. If you are using the new 8.1 thin
              >>client jars, try switching back and using full jar instead.
              >>Perhaps try posting to the IIOP newsgroup.
              >>
              >>Tom, BEA
              >>
              >>tony yang wrote:
              >>
              >>
              >>>I also have the log from weblogic server:
              >>>
              >>>weblogic.jms.dispatcher.DispatcherException: Could not register a HeartbeatMoni
              >>>orListener for [weblogic.iiop.IIOPRemoteRef@745152c4] for weblogic.jms.C:dal603
              >>>t05:rcy:-l91
              >>> at weblogic.jms.dispatcher.DispatcherWrapperState.addPeerGoneListener(D
              >>>spatcherWrapperState.java:563)
              >>> at weblogic.jms.dispatcher.DispatcherManager.dispatcherAdd(DispatcherMa
              >>>ager.java:106)
              >>> at weblogic.jms.dispatcher.DispatcherManager.addDispatcherReference(Dis
              >>>atcherManager.java:196)
              >>> at weblogic.jms.frontend.FEConnectionFactory.connectionCreateInternal(F
              >>>ConnectionFactory.java:413)
              >>> at weblogic.jms.frontend.FEConnectionFactory.connectionCreateRequest(FE
              >>>onnectionFactory.java:385)
              >>> at weblogic.jms.frontend.FEConnectionFactory_WLSkel.invoke(Unknown
              >>
              >>Sour
              >>
              >>>e)
              >>> at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:466)
              >>> at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServer
              >>>ef.java:108)
              >>> at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:409)
              >>> at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticat
              >>>dSubject.java:353)
              >>> at weblogic.security.service.SecurityManager.runAs(SecurityManager.java
              >>>144)
              >>>@
              >>>
              >>>
              >>>"tony yang" <[email protected]> wrote:
              >>>
              >>>
              >>>>Hi:
              >>>>
              >>>> We have used JMS topic on weblogic 7.x and we use both LAN and
              >>>>VPN connection.
              >>>> However, when we switch to weblogic 8.1, although it works fine
              >>>>when using
              >>>>LAN connection,
              >>>>it does not work when using VPN connection. We tried three different
              >>>>machines,
              >>>>got the same
              >>>>error.
              >>>> The error is:
              >>>>
              >>>>weblogic.jms.common.JMSException: Error creating connection on the
              >>
              >>server
              >>
              >>>> at weblogic.jms.client.JMSConnectionFactory.createConnectionInternal(JMS
              >>>>ConnectionFactory.java:160)
              >>>> at weblogic.jms.client.JMSConnectionFactory.createTopicConnection(JMSCon
              >>>>nectionFactory.java:95)
              >>>> at com.dynamex.decs.common.jms.DecsSubscriber.initialize(DecsSubscriber.
              >>>>java:59)
              >>>> at com.dynamex.decs.client.orderentry.swing.OrderEntry.initRMI(OrderEntr
              >>>>y.java:1714)
              >>>> at com.dynamex.decs.client.orderentry.swing.OrderEntry.<init>(OrderEntry
              >>>>.java:124)
              >>>> at com.dynamex.decs.client.orderentry.swing.OrderEntry.main(OrderEntry.j
              >>>>ava:3180)
              >>>>Caused by: java.rmi.MarshalException: CORBA COMM_FAILURE 1398079697
              >>
              >>No;
              >>
              >>>>nested
              >>>>e
              >>>>xception is:
              >>>> org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 209 completed:
              >>>>No
              >>>>
              >>>> at com.sun.corba.se.internal.iiop.ShutdownUtilDelegate.mapSystemExceptio
              >>>>n(Unknown Source)
              >>>> at javax.rmi.CORBA.Util.mapSystemException(Unknown Source)
              >>>> at weblogic.jms.frontend._FEConnectionFactoryRemote_Stub.connectionCreat
              >>>>eRequest(_FEConnectionFactoryRemote_Stub.java:106)
              >>>> at weblogic.jms.client.JMSConnectionFactory.createConnectionInternal(JMS
              >>>>ConnectionFactory.java:139)
              >>>> ... 5 more
              >>>>Caused by: org.omg.CORBA.COMM_FAILURE: vmcid: SUN minor code: 209
              >>>>completed:
              >>>>No
              >>>> at com.sun.corba.se.internal.iiop.IIOPConnection.purge_calls(Unknown
              >>>>Sou
              >>>>rce)
              >>>> at com.sun.corba.se.internal.iiop.MessageMediator.handleInput(Unknown
              >>>>So
              >>>>urce)
              >>>> at com.sun.corba.se.internal.iiop.messages.MessageBase.callback(Unknown
              >>>>Source)
              >>>> at com.sun.corba.se.internal.iiop.MessageMediator.processRequest(Unknown
              >>>>Source)
              >>>> at com.sun.corba.se.internal.iiop.IIOPConnection.processInput(Unknown
              >>>>So
              >>>>urce)
              >>>> at com.sun.corba.se.internal.iiop.ReaderThread.run(Unknown Source)
              >>>>
              >>>>
              >>>> Does anybody have the experience? Can anybody give a hint?
              >>>>
              >>>> Thanks,
              >>>>
              >>>>Tony
              >>>
              >>>
              >
              

  • IChat/AIM not working on VPN connection.

    hi!
    so, i'm an american studying in scotland this semester. at this university, there is a 'campus net' VPN connection that i had to configure onto my ibook in order to connect to the internet here. all of a sudden, nothing works--aim, ichat, msn...even my last.fm music doesn't scrobble. i was able to figure out how to connect to skype by looking at a friend's configurations but couldn't do the same with anything else. i already went into my firewall and tried to fix that, but i think it's the 'proxy' or something that is set up wrong in these applications. is there anyone out there who could help me out?!
    thanks!

    Just to let you know I'm experiencing the same problem, I'm at Newcastle Uni with a VPN connection. My AIM account works through iChat, but my Jabber one does not. I might be able to help you with your AIM through iChat. In iChat Preferences, go to your AIM account, there should be a tab on the top that says Server settings. In mine, the server is listed as login.oscar.aol.com with port number 5190. Under this, there should be a check box that says Connect using proxy. Ensure this is checked, as well as the check box below that which says Use System Preferences. This way, iChat should use the existing settings that are used by the rest of your system.
    Hope this helps, but I also hope someone else can help with my Jabber problem.

  • Check for VPN Connection Exists

    Hello
    I am working on a windows store app for Enterprise. This app will require internet and VPN connection to get data. I have found a way to check for internet access. However, I am not sure how to check if there is a VPN tunnel available. If VPN is available
    then I can make a call to a WebService and get data. If there is no VPN then the WebService call will fail [after about 10-15 seconds]. I can assume that if the WebService calls fails that means there is no VPN but there must be another way to find this out
    before even calling a Service.
    Please help.
    Thanks
    Bevan

    We're using Microsoft Direct Access rather than a VPN but I think this is worth sharing anyway.
    Rather than calling a web service I'm just using the HttpClient's GetAsync() method to call a small file hosted on an internally hosted web server. This minimises the payload as much as possible which may be important if your users are connected using devices
    with 3G/4G with data limit.
    I'm wrapping the call in a Stopwatch to get a rough idea of the round robin request/response and visualising that for the users so they know how good their connection to the corporate network is. This info is far more useful than the WiFi/Mobile signal bars.
    Stopwatch stopWatch = new Stopwatch();
    stopWatch.Start();
    HttpClient httpClient = new HttpClient();
    HttpResponseMessage response = await httpClient.GetAsync(nslUri);
    response.EnsureSuccessStatusCode(); // -- throw exception if not a success code
    stopWatch.Stop();
    TimeSpan ts = stopWatch.Elapsed;
    This might also be of interest...
    https://msdn.microsoft.com/en-us/library/windows/apps/xaml/windows.networking.vpn.aspx

  • Solution that worked for iPad connection to "n" nework!

    So, reading of the many wireless issues with the iPad, specifically connecting to, and maintaining a stable connection to an 802.11'n" network, I decided to do some research. Many solutions here, suggest altering the radio mode to "g" only, as this is what the Ipad seems consistently able to "talk" to.
    After applying the steps below, my iPad now has a completely stable connection to my "n" network. I should mention that I have a dual-band network setup at home, one (b/g) via an older "domed" Airport Extreme Base Station; the other is via an original Time Capsule (circa 2008), which was set to an "802.11n only 5GHz" mode. Using Airport Utility, I could see that in the Wireless tab, the TC "channel" option, was set to "automatic." NOTE: this is BEFORE my modification that solved the issue.
    After reading up on the subject, I learned that the5GHz range of a router can be significantly shorter compared to 2.4GHz; one can move a short distance away from the 5GHz router and your connection will dwindle or drop all together, whereas with a "g" radio mode, in the 2.4GHz mode, the distance allowed, seems far greater. Now, with the channel option of the TC set to "automatic",(under the "wireless" option in Airport Utility setup), it is quite possible that the device is selecting a lower channel, when none is specified. The lower the channel, the lower thepercentage of the transmission rate, which in turn drastically reduces the signal strength, leading to the endless loop of dropped connections, or even worse, the "n" network being invisible to the iPad altogether.
    Here is what I did to produce a totally excellent connection to an 802.11n network, using an Apple Time Capsule (TC). The secret is in forcing the base station to operate ONLY on a higher channel!
    1) Using Airport Utility, use the "manual setup" option to reconfigure the TC. Select the "Airport", then "Wireless" tab.
    2) Select the "Radio Mode" to _802.11n only 5GHz_
    3) Important step! Look at the "Channel" tab - if it is set to "Automatic", this is what needs to change! In the original TC, you will need to hold down the Option key to see the other available channel selections:
    I selected 153, but anything over 149 (including), should produce the desired results. Remember, in the 5GHz range, the higher channel will produce a higher transmission rate.
    4)Still in the Wireless tab, click "wireless options". Make sure that "Use wide channels" is checked.
    5) After the above steps are completed, update your Time Capsule.
    6) Now go to your iPad, open your Settings/Wi-Fi.
    Select your "n" Nework, >configure> select to "Forget this Network".
    Now connect to your "n" network again, you will be prompted for your password, enter it and voila! you should have stable connection "n", without having to resort to the "g" only regression!
    Just for your info, my wireless encryption is set to WPA2 Personal.
    I really hope this works for others as well as it has worked for me. This setup was done over 4 hours ago, and I have experienced consistently excellent range/signal all over my house (4,800 sq ft), through closed doors, on different floors, even the garage!
    Message was edited by: Lauren R
    Message was edited by: Lauren R

    Thanks for the suggestion. I followed them to the letter. I have a time capsule and a base station. I switched the time capsule as you suggested. I got rid of the previous connection on the ipad and connected. At first when it started I had full bars. I walked to the opposite side of the house (2000 sq. ft house) was going strong and it dropped to one bar. If I turn the ipad off for awhile full strength comes back. Unfortunately, in my experience no joy.

  • Best setup for vpn connection

    Hi all, Can anyone tell me the normal way of setting up a vpn connection, here we have a router terminating the internet link, and a cisco pix behind it ?

    you can try a very simple Easy VPN configuration in this document.
    http://www.cisco.com/application/pdf/en/us/guest/products/ps6659/c1650/cdccont_0900aecd80313bdf.pdf
    hope this helps.
    rate this post.

Maybe you are looking for

  • Labels in graphics GFW

    Hello to all. I'm trying to use labels in graphics columns but the text that I want don´t appear in output collumns. For example, if I execute the standard program GFW_PROG_POINT_WITH_LABEL the label for the second collumn is "40", but the code have

  • TS3276 My mail is very slow

    Hello I just gota new Macbook Air 13" now when i send mail it takes about a minute to send, i saw some fixes but none has worked for me any ideas?

  • Support for US Daylight Saving Time changes in 2007

    The Start and Stop dates for Daylight Savings Time in US will change from 2007. From Sun's bug database, it looks like Sun has handled this Daylight Saving Time changes in JDK 1.5.0_06. http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=6317178 Does

  • Do I have 32 bit or 64 bit Windows?

    I'm still trying to download the proper BIOS for the update that the ThinkVantage recommended.  Now it's asking if my Windows on the T400 is 32 bit or 64 bit.  How can I decide?  The "System Properties" dialog box says I have "Windows XP Version 2002

  • Troubleshooting Fax Server Error Code: 0xC0000005

    Hello, On windows 2012 R2, the fax service stops with : Error Code: 0xC0000005 (Is working with same setting on windows sever 2003). Thank you in advance for your help, Cédric