OSX can't connect, but Parallels XP guest can connect to VPN on home net

Similar Messages

• Can't see folders/files but connected to VPN

  I'm trying to connect to my office VPN. Unfortunately, I'm the only person in the office who uses a Mac and our remotely-based IT guy doesn't have a lot of Max experience, so I haven't been able to get much assistance recently.
  After a lot of trying, I finally was able to connect to the VPN tonight. However, now that I'm connected, I don't see any folders/drivers/whatever in my finder. It's as if I'm not even connect. I did search around and see that apparently Macs need a little boost to find and populate those items in the Finder by going to "Connect to Server" in Finder. However, even that doesn't work.
  I've tried "Connect to Server" using the IP address I used to connect to the VPN with –– didn't work. Error comes back as "Check the server name of IP address, and then try again."
  I've also tried connecting via another IP address my IT guy gave me –– that didn't work either. Same error message.
  I have a username and password to access the shared drive on our network. Is there some place I can enter that in the command line or something? Any help? This is so frsutrating. I feel like I've wasted 2 complete nights (hours at a time) trying to get this to work so I can actually do work from home...
  FYI, I'm connected over Cisco VPN IPSec using the Mac OSX internal VPN client.

  Hi
  I have the same issue, I have a Vodafone branded Huawei HG556a with an external drive connected. I have found that it isn't possible to connect via Finder and that SMB doesn't work either. The only way I could connect to it was via FTP using Cyberduck (or Filezilla), but no use as I can't add my media files from the drive to iTunes, so unfortunately disappointing. I'm still looking, but here's the document I was referred too from another forum.
  broadband.vodafone.ie/download/files/storage_mac.pdf
  Although not an answer to your question, hopefully this will give you an idea why you are getting the password and username errors when you know they are correct. In the end when I entered the FTP details into Cyberduck I was able to connect.
  I know this doesn't help solve the problem (as I'm still looking too), but at leas you know why (ish).
  Cheers
  Topes

• Connect to VPN but can't ping past inside interface

  Hello,
  I've been working on this issue for a few days with no success. We're setting  up a new Cisco ASA 5515 in our environment and are trying to get a simple IPSec  VPN setup on it for remote access. After some initial problems, we've gotten it  to where the VPN tunnel authenticates the user and connects as it should,  however we cannot ping into our LAN. We are able to ping as far as the  firewall's inside interface. I've tried other types of traffic too and nothing  gets through. I've checked the routes listed on the VPN client while we're  connected and they look correct - the client also shows both sent and received  bytes when we connect using TCP port 10000, but no Received bytes when we  connect using UDP 4500. We are trying to do split tunneling, and that seems to  be setup correctly because I can still surf while the VPN is connected.
  Below is our running config. Please excuse any messyness in the config as  there are a couple of us working on it and we've been trying a whole bunch of  different settings throughout the troubleshooting process. I will also note that  we're using ASDM as our primary method of configuring the unit, so any  suggestions that could be made with that in mind would be most helpful.  Thanks!
  ASA-01# sh run
  : Saved
  ASA Version 8.6(1)2
  hostname ASA-01
  domain-name domain.org
  enable password **** encrypted
  passwd **** encrypted
  names
  interface GigabitEthernet0/0
  speed 100
  duplex full
  nameif inside
  security-level 100
  ip address 10.2.0.1 255.255.0.0
  interface GigabitEthernet0/1
  description Primary WAN Interface
  nameif outside
  security-level 0
  ip address 76.232.211.169 255.255.255.192
  interface GigabitEthernet0/2
  shutdown
  <--- More --->
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/3
  shutdown
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/4
  shutdown
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/5
  shutdown
  no nameif
  no security-level
  no ip address
  interface Management0/0
  speed 100
  <--- More --->
  duplex full
  shutdown
  nameif management
  security-level 100
  ip address 10.4.0.1 255.255.0.0
  ftp mode passive
  clock timezone MST -7
  clock summer-time MDT recurring
  dns domain-lookup inside
  dns server-group DefaultDNS
  name-server 10.2.11.6
  domain-name domain.org
  dns server-group sub
  name-server 10.2.11.121
  name-server 10.2.11.138
  domain-name sub.domain.net
  same-security-traffic permit intra-interface
  object network 76.232.211.132
  host 76.232.211.132
  object network 10.2.11.138
  host 10.2.11.138
  object network 10.2.11.11
  host 10.2.11.11
  <--- More --->
  object service DB91955443
  service tcp destination eq 55443
  object service 113309
  service tcp destination range 3309 8088
  object service 11443
  service tcp destination eq https
  object service 1160001
  service tcp destination range 60001 60008
  object network LAN
  subnet 10.2.0.0 255.255.0.0
  object network WAN_PAT
  host 76.232.211.170
  object network Test
  host 76.232.211.169
  description test
  object network NETWORK_OBJ_10.2.0.0_16
  subnet 10.2.0.0 255.255.0.0
  object network NETWORK_OBJ_10.2.250.0_24
  subnet 10.2.250.0 255.255.255.0
  object network VPN_In
  subnet 10.3.0.0 255.255.0.0
  description VPN User Network
  object-group service 11
  service-object object 113309
  <--- More --->
  service-object object 11443
  service-object object 1160001
  object-group service IPSEC_VPN udp
  port-object eq 4500
  port-object eq isakmp
  access-list outside_access_in extended permit icmp object VPN_In 10.2.0.0 255.255.0.0 traceroute log disable
  access-list outside_access_in extended permit object-group 11 object 76.232.211.132 interface outside
  access-list outside_access_in extended permit object DB91955443 any interface outside
  access-list outside_access_in extended permit udp any object Test object-group IPSEC_VPN inactive
  access-list outside_access_in extended permit icmp any any echo-reply
  access-list outside_access_in extended deny ip any any
  access-list inside_access_in extended permit ip any any log disable
  access-list inside_access_in extended permit icmp any any echo-reply log disable
  access-list inside_access_in extended permit ip object VPN_In 10.2.0.0 255.255.0.0 log disable
  access-list domain_splitTunnelAcl standard permit 10.2.0.0 255.255.0.0
  access-list domain_splitTunnelAcl standard permit 10.3.0.0 255.255.0.0
  access-list vpn_access_in extended permit ip any any
  pager lines 24
  logging enable
  logging asdm informational
  mtu management 1500
  mtu inside 1500
  mtu outside 1500
  ip local pool VPNUsers 10.3.0.1-10.3.0.254 mask 255.255.0.0
  <--- More --->
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit any management
  icmp permit any inside
  icmp permit any outside
  no asdm history enable
  arp timeout 14400
  nat (inside,outside) source dynamic any interface
  nat (inside,outside) source dynamic any WAN_PAT inactive
  nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 113309 113309
  nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 11443 11443
  nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 1160001 1160001
  nat (outside,outside) source static any any destination static interface 10.2.11.138 service DB91955443 DB91955443
  nat (inside,outside) source static NETWORK_OBJ_10.2.0.0_16 NETWORK_OBJ_10.2.0.0_16 destination static NETWORK_OBJ_10.2.250.0_24 NETWORK_OBJ_10.2.250.0_24 no-proxy-arp route-lookup
  access-group inside_access_in in interface inside
  access-group outside_access_in in interface outside
  route outside 0.0.0.0 0.0.0.0 76.232.211.129 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  <--- More --->
  dynamic-access-policy-record DfltAccessPolicy
  aaa-server ActiveDirectory protocol nt
  aaa-server ActiveDirectory (inside) host 10.2.11.121
  nt-auth-domain-controller sub.domain.net
  aaa-server ActiveDirectory (inside) host 10.2.11.138
  nt-auth-domain-controller sub.domain.net
  user-identity default-domain LOCAL
  eou allow none
  http server enable
  http 10.4.0.0 255.255.255.0 management
  http 10.2.0.0 255.255.0.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  no sysopt connection permit-vpn
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  <--- More --->
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec ikev2 ipsec-proposal DES
  protocol esp encryption des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal 3DES
  protocol esp encryption 3des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES
  protocol esp encryption aes
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES192
  protocol esp encryption aes-192
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES256
  protocol esp encryption aes-256
  protocol esp integrity sha-1 md5
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map inside_map interface inside
  crypto ca trustpoint ASDM_TrustPoint0
  enrollment self
  <--- More --->
  subject-name CN=ASA-01
  crl configure
  crypto ca certificate chain ASDM_TrustPoint0
  certificate a6c98751
      308201f1 3082015a a0030201 020204a6 c9875130 0d06092a 864886f7 0d010105
      0500303d 31153013 06035504 03130c43 5248442d 4d432d46 57303131 24302206
      092a8648 86f70d01 09021615 43524844 2d4d432d 46573031 2e637268 642e6f72
      67301e17 0d313330 35303730 32353232 325a170d 32333035 30353032 35323232
      5a303d31 15301306 03550403 130c4352 48442d4d 432d4657 30313124 30220609
      2a864886 f70d0109 02161543 5248442d 4d432d46 5730312e 63726864 2e6f7267
      30819f30 0d06092a 864886f7 0d010101 05000381 8d003081 89028181 00c23d5f
      acbf2b3f 9fe6e3c9 1866c344 07b6ee49 f6f31798 0b87a38b 890f70e2 c28cc1d5
      fd1b4e80 7fa25483 09e79459 6bf92155 c55240b4 93eeb4eb af3f8aec 8906ef48
      140c57bb 5ca4471f 275c1932 7e90976f f0dfe8a3 04a7861f cce7a320 7267df2e
      61f9b6b8 22bb70ac d9cedb73 3cf9747b c2636892 48b35385 a94bfae5 fd020301
      0001300d 06092a86 4886f70d 01010505 00038181 003c7e16 be4aff40 8fe69a31
      acf31808 680e44eb 8ede9094 f9a4a147 0ae18cdc 000dc07f c1da1af4 a2d964ed
      288689ee 95179ad0 90728324 9803248d b9d10641 01897453 fe7fafcd 34dee13a
      92798615 4acb1f27 14fdb346 ab3eb825 04f23791 81d08fa2 b54c6a47 aedd9694
      1c9fbcb4 455fd5ce 420298aa 9333737c 19f0e715 50
    quit
  crypto isakmp identity address
  crypto isakmp nat-traversal 30
  crypto ikev2 policy 1
  <--- More --->
  encryption aes-256
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 10
  encryption aes-192
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 20
  encryption aes
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 30
  encryption 3des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 40
  <--- More --->
  encryption des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 enable outside
  crypto ikev2 remote-access trustpoint ASDM_TrustPoint0
  crypto ikev1 enable inside
  crypto ikev1 enable outside
  crypto ikev1 ipsec-over-tcp port 10000
  crypto ikev1 policy 10
  authentication crack
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 20
  authentication rsa-sig
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 30
  authentication pre-share
  <--- More --->
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 40
  authentication crack
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 50
  authentication rsa-sig
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 60
  authentication pre-share
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 70
  authentication crack
  <--- More --->
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 80
  authentication rsa-sig
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 90
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 100
  authentication crack
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 110
  authentication rsa-sig
  <--- More --->
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 120
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 130
  authentication crack
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 140
  authentication rsa-sig
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 150
  authentication pre-share
  <--- More --->
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 65535
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  management-access inside
  dhcpd dns 10.2.11.121 10.2.11.138
  dhcpd lease 36000
  dhcpd ping_timeout 30
  dhcpd domain sub.domain.net
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ssl trust-point ASDM_TrustPoint0 outside
  webvpn
  <--- More --->
  anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
  anyconnect profiles VPN_client_profile disk0:/VPN_client_profile.xml
  anyconnect enable
  tunnel-group-list enable
  group-policy domain internal
  group-policy domain attributes
  banner value You are attempting to access secured systems at thsi facility. All activity is monitored and recorded. Disconnect now if you are not authorized to access these systems or do not possess valid logon credentials.
  wins-server value 10.2.11.121 10.2.11.138
  dns-server value 10.2.11.121 10.2.11.138
  vpn-idle-timeout none
  vpn-filter value vpn_access_in
  vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value domain_splitTunnelAcl
  default-domain value sub.domain.net
  split-dns value sub.domain.net
  group-policy DfltGrpPolicy attributes
  dns-server value 10.2.11.121 10.2.11.138
  vpn-filter value outside_access_in
  vpn-tunnel-protocol l2tp-ipsec
  default-domain value sub.domain.net
  split-dns value sub.domain.net
  address-pools value VPNUsers
  username **** password **** encrypted privilege 15
  <--- More --->
  username **** password **** encrypted privilege 15
  username **** attributes
  webvpn
    anyconnect keep-installer installed
    anyconnect dtls compression lzs
    anyconnect ssl dtls enable
    anyconnect profiles value VPN_client_profile type user
  tunnel-group DefaultL2LGroup general-attributes
  default-group-policy domain
  tunnel-group DefaultRAGroup general-attributes
  address-pool VPNUsers
  authentication-server-group ActiveDirectory
  default-group-policy domain
  tunnel-group DefaultRAGroup ipsec-attributes
  ikev1 pre-shared-key *****
  ikev1 trust-point ASDM_TrustPoint0
  tunnel-group DefaultWEBVPNGroup general-attributes
  default-group-policy domain
  tunnel-group domain type remote-access
  tunnel-group domain general-attributes
  address-pool (inside) VPNUsers
  address-pool VPNUsers
  authentication-server-group ActiveDirectory LOCAL
  authentication-server-group (inside) ActiveDirectory LOCAL
  <--- More --->
  default-group-policy domain
  dhcp-server link-selection 10.2.11.121
  tunnel-group domain ipsec-attributes
  ikev1 pre-shared-key *****
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect ip-options
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny 
  <--- More --->
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip 
    inspect xdmcp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly 21
    subscribe-to-alert-group configuration periodic monthly 21
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:2578e19418cb5c61eaf15e9e2e5338a0
  : end

  Hello,
  I've been working on this issue for a few days with no success. We're setting  up a new Cisco ASA 5515 in our environment and are trying to get a simple IPSec  VPN setup on it for remote access. After some initial problems, we've gotten it  to where the VPN tunnel authenticates the user and connects as it should,  however we cannot ping into our LAN. We are able to ping as far as the  firewall's inside interface. I've tried other types of traffic too and nothing  gets through. I've checked the routes listed on the VPN client while we're  connected and they look correct - the client also shows both sent and received  bytes when we connect using TCP port 10000, but no Received bytes when we  connect using UDP 4500. We are trying to do split tunneling, and that seems to  be setup correctly because I can still surf while the VPN is connected.
  Below is our running config. Please excuse any messyness in the config as  there are a couple of us working on it and we've been trying a whole bunch of  different settings throughout the troubleshooting process. I will also note that  we're using ASDM as our primary method of configuring the unit, so any  suggestions that could be made with that in mind would be most helpful.  Thanks!
  ASA-01# sh run
  : Saved
  ASA Version 8.6(1)2
  hostname ASA-01
  domain-name domain.org
  enable password **** encrypted
  passwd **** encrypted
  names
  interface GigabitEthernet0/0
  speed 100
  duplex full
  nameif inside
  security-level 100
  ip address 10.2.0.1 255.255.0.0
  interface GigabitEthernet0/1
  description Primary WAN Interface
  nameif outside
  security-level 0
  ip address 76.232.211.169 255.255.255.192
  interface GigabitEthernet0/2
  shutdown
  <--- More --->
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/3
  shutdown
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/4
  shutdown
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/5
  shutdown
  no nameif
  no security-level
  no ip address
  interface Management0/0
  speed 100
  <--- More --->
  duplex full
  shutdown
  nameif management
  security-level 100
  ip address 10.4.0.1 255.255.0.0
  ftp mode passive
  clock timezone MST -7
  clock summer-time MDT recurring
  dns domain-lookup inside
  dns server-group DefaultDNS
  name-server 10.2.11.6
  domain-name domain.org
  dns server-group sub
  name-server 10.2.11.121
  name-server 10.2.11.138
  domain-name sub.domain.net
  same-security-traffic permit intra-interface
  object network 76.232.211.132
  host 76.232.211.132
  object network 10.2.11.138
  host 10.2.11.138
  object network 10.2.11.11
  host 10.2.11.11
  <--- More --->
  object service DB91955443
  service tcp destination eq 55443
  object service 113309
  service tcp destination range 3309 8088
  object service 11443
  service tcp destination eq https
  object service 1160001
  service tcp destination range 60001 60008
  object network LAN
  subnet 10.2.0.0 255.255.0.0
  object network WAN_PAT
  host 76.232.211.170
  object network Test
  host 76.232.211.169
  description test
  object network NETWORK_OBJ_10.2.0.0_16
  subnet 10.2.0.0 255.255.0.0
  object network NETWORK_OBJ_10.2.250.0_24
  subnet 10.2.250.0 255.255.255.0
  object network VPN_In
  subnet 10.3.0.0 255.255.0.0
  description VPN User Network
  object-group service 11
  service-object object 113309
  <--- More --->
  service-object object 11443
  service-object object 1160001
  object-group service IPSEC_VPN udp
  port-object eq 4500
  port-object eq isakmp
  access-list outside_access_in extended permit icmp object VPN_In 10.2.0.0 255.255.0.0 traceroute log disable
  access-list outside_access_in extended permit object-group 11 object 76.232.211.132 interface outside
  access-list outside_access_in extended permit object DB91955443 any interface outside
  access-list outside_access_in extended permit udp any object Test object-group IPSEC_VPN inactive
  access-list outside_access_in extended permit icmp any any echo-reply
  access-list outside_access_in extended deny ip any any
  access-list inside_access_in extended permit ip any any log disable
  access-list inside_access_in extended permit icmp any any echo-reply log disable
  access-list inside_access_in extended permit ip object VPN_In 10.2.0.0 255.255.0.0 log disable
  access-list domain_splitTunnelAcl standard permit 10.2.0.0 255.255.0.0
  access-list domain_splitTunnelAcl standard permit 10.3.0.0 255.255.0.0
  access-list vpn_access_in extended permit ip any any
  pager lines 24
  logging enable
  logging asdm informational
  mtu management 1500
  mtu inside 1500
  mtu outside 1500
  ip local pool VPNUsers 10.3.0.1-10.3.0.254 mask 255.255.0.0
  <--- More --->
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit any management
  icmp permit any inside
  icmp permit any outside
  no asdm history enable
  arp timeout 14400
  nat (inside,outside) source dynamic any interface
  nat (inside,outside) source dynamic any WAN_PAT inactive
  nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 113309 113309
  nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 11443 11443
  nat (outside,outside) source static 76.232.211.132 76.232.211.132 destination static interface 10.2.11.11 service 1160001 1160001
  nat (outside,outside) source static any any destination static interface 10.2.11.138 service DB91955443 DB91955443
  nat (inside,outside) source static NETWORK_OBJ_10.2.0.0_16 NETWORK_OBJ_10.2.0.0_16 destination static NETWORK_OBJ_10.2.250.0_24 NETWORK_OBJ_10.2.250.0_24 no-proxy-arp route-lookup
  access-group inside_access_in in interface inside
  access-group outside_access_in in interface outside
  route outside 0.0.0.0 0.0.0.0 76.232.211.129 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  <--- More --->
  dynamic-access-policy-record DfltAccessPolicy
  aaa-server ActiveDirectory protocol nt
  aaa-server ActiveDirectory (inside) host 10.2.11.121
  nt-auth-domain-controller sub.domain.net
  aaa-server ActiveDirectory (inside) host 10.2.11.138
  nt-auth-domain-controller sub.domain.net
  user-identity default-domain LOCAL
  eou allow none
  http server enable
  http 10.4.0.0 255.255.255.0 management
  http 10.2.0.0 255.255.0.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  no sysopt connection permit-vpn
  crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  <--- More --->
  crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec ikev2 ipsec-proposal DES
  protocol esp encryption des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal 3DES
  protocol esp encryption 3des
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES
  protocol esp encryption aes
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES192
  protocol esp encryption aes-192
  protocol esp integrity sha-1 md5
  crypto ipsec ikev2 ipsec-proposal AES256
  protocol esp encryption aes-256
  protocol esp integrity sha-1 md5
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map inside_map interface inside
  crypto ca trustpoint ASDM_TrustPoint0
  enrollment self
  <--- More --->
  subject-name CN=ASA-01
  crl configure
  crypto ca certificate chain ASDM_TrustPoint0
  certificate a6c98751
      308201f1 3082015a a0030201 020204a6 c9875130 0d06092a 864886f7 0d010105
      0500303d 31153013 06035504 03130c43 5248442d 4d432d46 57303131 24302206
      092a8648 86f70d01 09021615 43524844 2d4d432d 46573031 2e637268 642e6f72
      67301e17 0d313330 35303730 32353232 325a170d 32333035 30353032 35323232
      5a303d31 15301306 03550403 130c4352 48442d4d 432d4657 30313124 30220609
      2a864886 f70d0109 02161543 5248442d 4d432d46 5730312e 63726864 2e6f7267
      30819f30 0d06092a 864886f7 0d010101 05000381 8d003081 89028181 00c23d5f
      acbf2b3f 9fe6e3c9 1866c344 07b6ee49 f6f31798 0b87a38b 890f70e2 c28cc1d5
      fd1b4e80 7fa25483 09e79459 6bf92155 c55240b4 93eeb4eb af3f8aec 8906ef48
      140c57bb 5ca4471f 275c1932 7e90976f f0dfe8a3 04a7861f cce7a320 7267df2e
      61f9b6b8 22bb70ac d9cedb73 3cf9747b c2636892 48b35385 a94bfae5 fd020301
      0001300d 06092a86 4886f70d 01010505 00038181 003c7e16 be4aff40 8fe69a31
      acf31808 680e44eb 8ede9094 f9a4a147 0ae18cdc 000dc07f c1da1af4 a2d964ed
      288689ee 95179ad0 90728324 9803248d b9d10641 01897453 fe7fafcd 34dee13a
      92798615 4acb1f27 14fdb346 ab3eb825 04f23791 81d08fa2 b54c6a47 aedd9694
      1c9fbcb4 455fd5ce 420298aa 9333737c 19f0e715 50
    quit
  crypto isakmp identity address
  crypto isakmp nat-traversal 30
  crypto ikev2 policy 1
  <--- More --->
  encryption aes-256
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 10
  encryption aes-192
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 20
  encryption aes
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 30
  encryption 3des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 policy 40
  <--- More --->
  encryption des
  integrity sha
  group 5 2
  prf sha
  lifetime seconds 86400
  crypto ikev2 enable outside
  crypto ikev2 remote-access trustpoint ASDM_TrustPoint0
  crypto ikev1 enable inside
  crypto ikev1 enable outside
  crypto ikev1 ipsec-over-tcp port 10000
  crypto ikev1 policy 10
  authentication crack
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 20
  authentication rsa-sig
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 30
  authentication pre-share
  <--- More --->
  encryption aes-256
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 40
  authentication crack
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 50
  authentication rsa-sig
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 60
  authentication pre-share
  encryption aes-192
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 70
  authentication crack
  <--- More --->
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 80
  authentication rsa-sig
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 90
  authentication pre-share
  encryption aes
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 100
  authentication crack
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 110
  authentication rsa-sig
  <--- More --->
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 120
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 130
  authentication crack
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 140
  authentication rsa-sig
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 150
  authentication pre-share
  <--- More --->
  encryption des
  hash sha
  group 2
  lifetime 86400
  crypto ikev1 policy 65535
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  management-access inside
  dhcpd dns 10.2.11.121 10.2.11.138
  dhcpd lease 36000
  dhcpd ping_timeout 30
  dhcpd domain sub.domain.net
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ssl trust-point ASDM_TrustPoint0 outside
  webvpn
  <--- More --->
  anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
  anyconnect profiles VPN_client_profile disk0:/VPN_client_profile.xml
  anyconnect enable
  tunnel-group-list enable
  group-policy domain internal
  group-policy domain attributes
  banner value You are attempting to access secured systems at thsi facility. All activity is monitored and recorded. Disconnect now if you are not authorized to access these systems or do not possess valid logon credentials.
  wins-server value 10.2.11.121 10.2.11.138
  dns-server value 10.2.11.121 10.2.11.138
  vpn-idle-timeout none
  vpn-filter value vpn_access_in
  vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value domain_splitTunnelAcl
  default-domain value sub.domain.net
  split-dns value sub.domain.net
  group-policy DfltGrpPolicy attributes
  dns-server value 10.2.11.121 10.2.11.138
  vpn-filter value outside_access_in
  vpn-tunnel-protocol l2tp-ipsec
  default-domain value sub.domain.net
  split-dns value sub.domain.net
  address-pools value VPNUsers
  username **** password **** encrypted privilege 15
  <--- More --->
  username **** password **** encrypted privilege 15
  username **** attributes
  webvpn
    anyconnect keep-installer installed
    anyconnect dtls compression lzs
    anyconnect ssl dtls enable
    anyconnect profiles value VPN_client_profile type user
  tunnel-group DefaultL2LGroup general-attributes
  default-group-policy domain
  tunnel-group DefaultRAGroup general-attributes
  address-pool VPNUsers
  authentication-server-group ActiveDirectory
  default-group-policy domain
  tunnel-group DefaultRAGroup ipsec-attributes
  ikev1 pre-shared-key *****
  ikev1 trust-point ASDM_TrustPoint0
  tunnel-group DefaultWEBVPNGroup general-attributes
  default-group-policy domain
  tunnel-group domain type remote-access
  tunnel-group domain general-attributes
  address-pool (inside) VPNUsers
  address-pool VPNUsers
  authentication-server-group ActiveDirectory LOCAL
  authentication-server-group (inside) ActiveDirectory LOCAL
  <--- More --->
  default-group-policy domain
  dhcp-server link-selection 10.2.11.121
  tunnel-group domain ipsec-attributes
  ikev1 pre-shared-key *****
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect ip-options
    inspect netbios
    inspect rsh
    inspect rtsp
    inspect skinny 
  <--- More --->
    inspect esmtp
    inspect sqlnet
    inspect sunrpc
    inspect tftp
    inspect sip 
    inspect xdmcp
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly 21
    subscribe-to-alert-group configuration periodic monthly 21
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:2578e19418cb5c61eaf15e9e2e5338a0
  : end

• VPN client connected to VPN but can't ping or access to server

  HI ,
  i need help urgently, had been troubleshooting for a day, but have no ideal what wrong with the config.
  Basically there is 2 set of VPN configured, one is site to site IPSEC VPN and another one is connect via VPN client software coexist in same router.
  This recently we having problem on client can't access or ping to internal server which is 192.168.6.3 from VPN client software.
  VPN client will connect to VPN ip pool as10.20.1.0 to 10.20.1.100
  Software itself shown connected but request time out when ping.
  Below is the config. Some of the command might be extra as when i did some test, but end up didn't work.
  aaa new-model
  aaa authentication login userauthen local
  aaa authorization network adminmap group VPNClient
  aaa authorization network groupauthor local
  aaa authorization network map-singapore local
  crypto isakmp policy 10
  encr 3des
  authentication pre-share
  group 2
  crypto isakmp key emptyspace address 203.142.83.218 no-xauth
  crypto isakmp keepalive 15 periodic
  crypto isakmp client configuration address-pool local ippool
  crypto isakmp client configuration group map-singapore
  key cisco123
  dns 192.168.6.3
  domain cisco.com
  pool ippool
  acl 102
  crypto isakmp profile VPNclient
     match identity address 27.54.43.210 255.255.255.255
     match identity group vpnclient
     client authentication list userauthen
     client configuration address respond
  crypto ipsec security-association idle-time 86400
  crypto ipsec transform-set REMSET esp-3des esp-md5-hmac
  crypto ipsec transform-set DYNSET esp-aes esp-md5-hmac
  crypto ipsec transform-set esp-3des-sha esp-3des esp-sha-hmac
  crypto dynamic-map dynmap 10
  set transform-set DYNSET
  set isakmp-profile VPNclient
  reverse-route
  crypto map VPNMAP client authentication list userauthen
  crypto map VPNMAP isakmp authorization list map-singapore
  crypto map VPNMAP client configuration address respond
  crypto map VPNMAP 10 ipsec-isakmp dynamic dynmap
  crypto map VPNMAP 11 ipsec-isakmp
  description VPN to ASA5520
  set peer 203.142.83.218
  set security-association lifetime kilobytes 14608000
  set security-association lifetime seconds 86400
  set transform-set REMSET
  match address 100
  interface GigabitEthernet0/0
  ip address 27.54.43.210 255.255.255.240
  ip nat outside
  no ip virtual-reassembly
  duplex full
  speed 100
  crypto map VPNMAP
  interface GigabitEthernet0/1
  ip address 192.168.6.1 255.255.255.0
  ip nat inside
  no ip virtual-reassembly
  duplex full
  speed 100
  interface GigabitEthernet0/2
  description $ES_LAN$
  no ip address
  shutdown
  duplex auto
  speed auto
  ip local pool ippool 10.20.1.0 10.20.1.100
  ip forward-protocol nd
  ip pim bidir-enable
  no ip http server
  ip http authentication local
  no ip http secure-server
  ip nat inside source list 1 interface GigabitEthernet0/0 overload
  ip nat inside source list 101 interface GigabitEthernet0/0 overload
  ip nat inside source route-map nonat interface GigabitEthernet0/0 overload
  ip nat inside source static 192.168.6.3 27.54.43.212
  ip route 0.0.0.0 0.0.0.0 27.54.43.209
  ip route 192.168.1.0 255.255.255.0 27.54.43.209
  ip route 192.168.151.0 255.255.255.0 192.168.6.151
  ip route 192.168.208.0 255.255.255.0 27.54.43.209
  ip access-list extended RA_SING
  permit ip 192.168.6.0 0.0.0.255 192.168.1.0 0.0.0.255
  permit ip 192.168.6.0 0.0.0.255 10.0.0.0 0.255.255.255
  permit ip 10.0.0.0 0.255.255.255 192.168.6.0 0.0.0.255
  permit ip 192.168.6.0 0.0.0.255 192.168.208.0 0.0.0.255
  permit ip 10.20.1.1 0.0.0.100 192.168.6.0 0.0.0.255
  permit ip 10.20.1.0 0.0.0.255 10.0.0.0 0.255.255.255
  deny   ip any any log
  access-list 1 remark Local Network
  access-list 1 permit 192.168.6.0 0.0.0.255
  access-list 1 permit 192.168.102.0 0.0.0.255
  access-list 1 permit 192.168.151.0 0.0.0.255
  access-list 2 remark VPNClient-range
  access-list 2 permit 10.0.0.0 0.255.255.255
  access-list 10 permit 192.168.6.0 0.0.0.255
  access-list 10 permit 192.168.102.0 0.0.0.255
  access-list 10 permit 192.168.151.0 0.0.0.255
  access-list 10 permit 10.0.0.0 0.255.255.255
  access-list 100 permit ip 192.168.6.0 0.0.0.255 192.168.1.0 0.0.0.255
  access-list 100 permit ip 192.168.102.0 0.0.0.255 192.168.1.0 0.0.0.255
  access-list 100 permit ip 192.168.6.0 0.0.0.255 192.168.208.0 0.0.0.255
  access-list 100 permit ip host 192.168.6.7 host 192.168.208.48
  access-list 101 deny   ip 192.168.6.0 0.0.0.255 10.0.0.0 0.255.255.255
  access-list 101 permit ip 10.0.0.0 0.255.255.255 any
  access-list 101 permit ip 192.168.6.0 0.0.0.255 any
  access-list 102 permit ip 10.0.0.0 0.255.255.255 any
  access-list 120 deny   ip any any log
  access-list 120 deny   ip 192.168.6.0 0.0.0.255 192.168.1.0 0.0.0.255 log
  access-list 120 deny   ip 192.168.6.0 0.0.0.255 10.0.0.0 0.255.255.255
  access-list 120 deny   ip 192.168.6.0 0.0.0.255 192.168.208.0 0.0.0.255
  no cdp run
  route-map nonat permit 10
  match ip address 120
  control-plane
  alias isakmp-profile sh crypto isakmp sa
  alias exec ipsec sh crypto ipsec sa
  banner motd ^CC^C

  I did not try to ping 4.2.2.2. I just know I can not ping comcasts dns servers. I have updated the firmware on the router and it did not work. The computer was able to access the internet until about a week ago, I don't understand what could have changed that I would now need a static DNS.

• I am running Facetime version 1.0.3 (167) on MacBook Pro OSx 10.6.8 but Facetime fails to other Mac devices. What version of Facetime can I upgrade to in order to rectify this ?.

  I am running Facetime version 1.0.3 (167) on MacBook Pro OSx 10.6.8 but Facetime fails to other Mac devices. What version of Facetime can I upgrade to in order to rectify this ?.

  Unable to make or receive FaceTime calls after April 16, 2014

• I am trying make a flash drive bootable so i can install OSX Mountain lion it BUT it has MBR partition on it how can i remove this partition

  I am trying make a flash drive bootable so i can install OSX Mountain lion it BUT it has MBR partition on it how can i remove this partition
  Regards
  Warren

  Drive Preparation
  1. Open Disk Utility in your Utilities folder.
  2. After DU loads select your hard drive (this is the entry with the mfgr.'s ID and size) from the left side list. Click on the Partition tab in the DU main window.
  3. Under the Volume Scheme heading set the number of partitions from the drop down menu to one. Click on the Options button, set the partition scheme to GUID then click on the OK button. Set the format type to Mac OS Extended (Journaled.) Click on the Partition button and wait until the process has completed.
  4. Select the volume you just created (this is the sub-entry under the drive entry) from the left side list. Click on the Erase tab in the DU main window.
  5. Set the format type to Mac OS Extended (Journaled.) Click on the Security button, check the button for Zero Data and click on OK to return to the Erase window.
  6. Click on the Erase button. The format process can take up to several hours depending upon the drive size.

• Macbook pro late 2008 update to osx mountain lion already but can't open safari

  macbook pro late 2008 update to osx mountain lion already but can't open safari

  Where did you buy this "open box" MacBook Pro?
  Here are the specifics on the upgrade program:
  http://www.apple.com/osx/uptodate/

• I am having trouble with exchange account connection .the vpn connects fine but the exchange account is still showing the yellow light .can anyone help?

  i am having trouble with exchange account connection .the vpn connects fine but the exchange account is still showing the yellow light .can anyone help?

  I had a similar problem.  Here is how I resolved the issue.
  1.  Remove Network Connect
  2. Run Terminal and remove /usr/local/juniper and everything within the juniper directory.
  3. Reboot the machine and reinstall Network Connect
  4. Test if you can now connect.
  During removal, you may encounter permission denied error, you will need to change the permission to 777.  For example "sudo chmod 777 nc".

• Ok my iphone 3g touch screen is not responding, i can recieve calls and it can charge and connect to itunes, but i cannot go any further than using the home button or the power button, but the slide feature and touch feature is non existent

  ok my iphone 3g touch screen is not responding, i can recieve calls and it can charge and connect to itunes, but i cannot go any further than using the home button or the power button, it is only the slide feature and touch feature that has become non existent.  Also, i have a f'ew cracks in my screen for a while now and it was running smoothly up until saturday when i sat on it applying large amounts of pressure to the phone screen.  Is there a way i can fix this myself without having to recover my phone to factory settings or wasting 50 bucks to get it fixed??

  Hi Dire Dawa,
  If the screen on your iPhone isn't responding, you may find the following article helpful:
  iOS: Not responding or does not turn on
  http://support.apple.com/kb/ts3281
  Regards,
  - Brenden

• Since upgrading, both our wireless printers are still visible, but OSX will not connect with them.  Both work via connecting from other sources via the same wireless router (airport).  What do I need to do to get my printing/scanning working again?

  Since upgrading, both our wireless printers are still visible, but OSX will not connect with them.  Both work via connecting from other sources via the same wireless router (airport).  What do I need to do to get my printing/scanning working again?

  First thing to try is reset Printing System:
  OS X Mavericks: Reset the printing system
  Next would be reset the router (power off 15 secs then back on). And, 2 minutes later, reset the printers 1 by 1.

• I just bought a MBP OSX 10.7.2 but i can't find the Macintosh HD folder. It's neither on my desktop, or in the general section in finder's preferences. Can you help me please? thanks

  Hi!
  I just bought a MBP OSX 10.7.2 but i can't find the Macintosh HD folder. It's neither on my desktop, or in the general section in finder's preferences. Can you help me please? thanks

  Holy Shhh,
  Thank you so much!, i just realized i kept looking in the system preferencs > general
  What a retard!
  thanks again

• I recently upgraded my Mackbook Pro ma operating system from OSX lion to Maverick, but in the process I can not access my iphoto 9.1.5. How do I access it?

  I recently upgraded my Mackbook Pro ma operating system from OSX lion to Maverick, but in the process I can not access my iphoto 9.1.5. How do I access it?

  Download the Mavericks version from the App Store.
  The iWork apps are free with a new iOS device since 1 SEP 2013. They are free with a new Mac since 1 OCT 2013. They are also free with the upgrade to OS X Mavericks 10.9 if you had the previous version installed when you upgraded.
  iWork and iLife for Mac come free with every new Mac purchase. Existing users running Mavericks can update their apps for free from the Mac App Store℠. iWork and iLife for iOS are available for free from the App Store℠ for any new device running iOS 7, and are also available as free updates for existing users. GarageBand for Mac and iOS are free for all OS X Mavericks and iOS 7 users. Additional GarageBand instruments and sounds are available for a one-time in-app purchase of $4.99 for each platform.

• Untrusted Connection error message on home computer, but can connect fine from work

  I have been connecting to this site for a while without problems (an online gradebook for son's school), but yesterday when I tried to log in from home machine, I got the "This connection is Untrusted" error message. However, I was able to log in without a problem from work today, but having the same problem at home again. Is it an indication that my home connection is somehow compromised? How do I check? Other sites seem to working fine.

  It is usually better to install missing certificates by visiting another website that sends them then by making an exception.<br />
  You can check the certificate chain on the working computer by clicking the Site Identity Button (favicon) on the location bar > More Information > View Certificate > Details and export missing intermediate certificates and import them on the other computer.
  You can remove exceptions on the Servers tab in the Certificate Manager.
  *Tools > Options > Advanced : Encryption: Certificates - View Certificates

• I recently purchased an iMac and found out that I can download OSX LIon for free, but have been unable to redeem on the Canada site.  According to their info Canadian systems should be eligible.  How do I redeem this on the Canadian site

  I recently purchased an iMac and found out that I can download OSX LIon for free, but have been unable to redeem on the Canadian site.  According to their info Canadian systems should be eligible.  How do I redeem this on the Canadian site?

  Please read and follow the instructions at the Lion - Get up to date site. If you continue to have problems you can contact AppleCare (the number is in your owners manual or you can use the AppleCare Contact Info site. 

• I have connected via VPN but can't see lion server .private

  when I am in my local network at home I simply go to finder and click on my server and connect to it. When I VPN form the net into my servers local network I dont see it in my finder? I know I am in the next work being I did a IP Check but am I am missing something how am I to get to the server to get to my files? it is set up as a .private.

  Spoke to an apple rep today. when accessing via VPN go to finder then go to the top menu click GO at the bottom of the drop down will be connect to server simply add the IP address to access.