Pix 501 user logging report

I am running a pix 501 ver 6.1 with tacacs 3.0 server runninfg on a NT box.
I have all the user authenticated via tacacs going inbound and outbound
and have setup accounting as well.
I would like to find a EASY way to compile a report to find out what the users
are accessing both application and source and destination ip address.
If i check reports option through tacacs it only shows me what time the
user is validated and the application type not the source or dest address.
If i setup syslog server and setup logging console debug it shows me the source and destination and user sent to the syslog server.
Is their any way to manipulate this syslog report or is their another feature
within tacacs.
thanks

You might look at www.opensystems.com. They are a Cisco partner that developed a reporting program called Private I. They have an eval available to take a look at.

Similar Messages

  • Trouble with PIX 501 user limit?

    I have installed a Cisco PIX 501 at a client's site, and now a couple of weeks later we are having an issue where some computers cannot access the Internet. The PCs can ping the internal interface of the firewall, and can resolve hostnames. But about three of them cannot ping public IP addresses. I thought the arp cache might be corrupted on the switch, so we restarted that to no good effect.
    I suspect that the client has somehow run up against the 10-user limit for their PIX 501 license.
    The site has eight PCs and a server, so it doesn't seem like they should be going over the 10-user limit.
    I'm not much of an expert when it comes to the PIX, so I wonder if someone can tell me how to determine whether this is the case, and maybe give me some tips on how to resolve the issue?
    Thanks very much for any advice you can offer.
    Best regards,
    Zac

    Any chance you can help me make sense of this? Does it really look like we have exceeded the number of allowed connections by over 3400?
    pixfirewall# show local-host
    Interface inside: 10 active, 10 maximum active, 3493 denied
    local host: <192.168.1.2>,
    TCP connection count/limit = 12/unlimited
    TCP embryonic count = 2
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
    AAA:
    Xlate(s):
    PAT Global 67.115.121.230(38600) Local 192.168.1.2(3553)
    PAT Global 67.115.121.230(51033) Local 192.168.1.2(3215)
    PAT Global 67.115.121.230(51037) Local 192.168.1.2(3230)
    PAT Global 67.115.121.230(51050) Local 192.168.1.2(3271)
    PAT Global 67.115.121.230(55215) Local 192.168.1.2(4084)
    PAT Global 67.115.121.230(55228) Local 192.168.1.2(4136)
    PAT Global 67.115.121.230(55231) Local 192.168.1.2(4139)
    etc, etc.

  • Daily Logging Report

    Oracle Apps 11i
    Database : 9i
    can i get users logging report to a specific responsibility / apps on daily basis
    i have this query can anyone correct if i am wrong or is there any other way -
    select b.user_id,user_name, a.description,first_connect, last_connect,r.RESPONSIBILITY_name
    from fnd_user a, icx_sessions b, fnd_responsibility_vl r
    where a.user_id = b.user_id
    and r.RESPONSIBILITY_ID = b.RESPONSIBILITY_ID
    ------and a.user_name like '%abc%'
    and r.RESPONSIBILITY_name like '%In%Lo%Pur%'
    and b.last_connect >= sysdate
    order by first_connect
    Regards,

    Hi,
    You can run "Signon Audit Users", "Signon Audit Responsibilities" concurrent programs to get these details.
    If you want to get the same from the backend, please refer to:
    Note: 295206.1 - How to Count Total Number of Users Connected to ORACLE Application
    https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=295206.1
    USERS CONNECTED
    Re: USERS CONNECTED
    Number of users logged in last two months
    Number of users logged in last two months
    Regards,
    Hussein

  • PIX 501 VPN users can log in but no remotedesktop

    Login accepted by PIX but users cannot see the network nor remote desktop to their PC.
    Using PDM 2.0 novice admin.
    and ideas?

    can they ping the private IP's of their PC?
    -brad
    www.ccbootcamp.com

  • How to show all user logged in/loggout in Report

    How to display All User Logged in time & Logout Time?
    Hi..
    I want to display All user in Portlet a report that show us all user that logged in the portal,
    their username,
    their time logged in,
    their time logged out..
    where can i find these information?
    do Portal have already something like this?
    Plz advise..Thanks.

    Thanks Sharmila for answering my question..
    Similar question i want to ask..
    I look at the table, and view it's data...
    Mmm..some i don't recognize...
    Actually, i just want to grep
    1)The UserId of the user who logged in the portal
    2)The time he logged in the portal
    3)the time he log out the portal
    That's all..
    How can i do that?..
    I plan to create one table to store the data, and plan to grab the data by jsp....
    What are the table/function/api that can i use and how?
    Plz advise.
    Thanks

  • Report to get total number of users logged in after a certain date

    Hi,
    Is there any report available in SIM which can give us the record of the users who logged into it after a certain date.
    I tried to use Historical User Changes Report but in this report there is an mandotory aatribute 'object Type' which filters the search based on its value. For example if we will give 'a' in the object type then the search result will contain only those users whouse accountID contain the character 'a'.
    But my requirement is to fetch all the logged in users after a certain date. Is there any other report available for the same.
    Thanks.

    Try Today's Activity Report...
    In the Actions select login
    In the Report Timeline there's calendar to select the date

  • User change log report in Console

    Dear Experts,
    We have one audit requirement. We need u2018change logu2019 for useru2019s role modification.
    I checked in console logs. I found the log for delete user & modify user. In case of delete user it is giving details which are the users had been deleted. But in case of role modify in user, it is not giving which are the users had been modified or which newly role had been assign.
    We need change log report from MDM console.
    Regards,
    Gaurang

    Hi Gaurang,
    <repositoryAdmin><role action="modify" id="2"><functionRight>
    <function>16777216</function><access>1</access>
    </functionRight></role></repositoryAdmin>
    In this case the role with ID 2 has been modified. The authorization with ID 16777216 (see function ID map below) has been set to 1 (Execute).
    Below this section there is one table with function ID and Description.
    Here in case of change in functions Tab
    <access>X</access> will tell u if the function is set to Execute or None:
    Legends:
    Execute:1
    None:0
    and which function u will get from <function>16777216</function>
    For decoding the function id there is a table given in section 4.2
    and if there is any change in the table and fields tab:
    then log will be as follows:
    <repositoryAdmin><role action="modify" id="5"><objectRight> <object>1</object><type>0</type><access>2</access>
    </objectRight></role></repositoryAdmin>
    where access will tell u if its Read Write(3) or Read Only(2)
    Which table u will get from <object>ID</object>
    Now this role ID and Table ID is the Index values which u can get using API.
    Try to write an api which will extract the Table ID ,Field ID and Role ID information in an Excel this u can use as reference the decode the Log.
    Regards,
    Neethu Joy

  • Report the computers has more than 3 users logged in for greater than 10 hours in a week

    I am looking for a report that gives, list of computers that has/had more than 3 users logged into computer for 10 hours in past one week.
    Help.
    Regards,
    Saravanan R
    saravanan rajappa

    I think, i have found the answer self..
    SELECT X.ResourceID
    ,X.TopConsoleUser0
    ,X.SecurityLogStartDate0
    ,X.TotalConsoleTime0
    ,X.TotalConsoleUsers0
    ,X.TotalSecurityLogTime0
    ,Y.Name0
    FROM
    [CM_CAS].[dbo].[v_GS_SYSTEM_CONSOLE_USAGE_MAXGROUP] X,
    [CM_CAS].[dbo].[v_GS_COMPUTER_SYSTEM] Y
    WHERE
     X.ResourceID=Y.ResourceID
     AND
     X.TotalConsoleUsers0>=3
     AND
     X.TotalConsoleTime0>=600
     AND
     X.TotalSecurityLogTime0>=3840
    Is the data coming out of this query right?
    saravanan rajappa

  • User logged on report and Scheduling of same

    Dear Experts
    I hv to code a report showing how many users logged on at different sites. This report should also display the network status.
    There may be network connectivity at site, but SAP might not be running. This info also supposed to be in report.
    I hv to schedule this report. The report should be mailed automatically at specified time.
    Can any one guide.
    if any one document related to this, pls share.
    Regards,
    Jaspal

    Thanks for the reply Yannick.
    We have install/configure WebCenter analytics and activity graph.
    Wehave added Login Metrics in our Group Space and we are getting default login count for specific time frame but when we define a filter under User Property of any property like city, department name, phone title etc after refreshing data it is giving error like
    WCS#2011.03.31.12.47.31 : Irresolvable error(s) occurred. You may want to contact Administrator with the error reference.
    Please help how to solve this.

  • Hide or show column from a report region based on user logged in

    Hi,
    I have this criteria, where I need to display a column on a report page but depends on the users logged in ( APP_User).
    On the field(column page) there is the Conditional Display option
    Conditional Display
    Condition Type: I choose the option where "item value in Expression 1 = expression 1
    *Expression 1*
    App_USER
    *Expression 2*
    I need to add 4 user names here that they allowed to view that column
    My question is how to list the names in expression 2 field, it worked when I added one name, but when I listed 4 names separated by comma, it didn't work.
    I appreciate any help or any solutions from you.
    Thank you.
    Sofia

    If you use "Text in Expression 1 is contained in the Value of Expression 2" then you can provide a comma-separated list. The only thing to watch out for is if you have a user "Bob" and a user "Bob Smith" then you will get a match on "Bob Smith" for the user "Bob"

  • How to Keep all the Portal report menu's are "open" when the user logs on?

    Hi
    I have a question about the BI Portalu2019s configuration.  Does anyone know how to keep the Web Portal (i-vew) report menu's are "open" when the user logs on?
    Thanks.
    For example:
    Web Report Panel
    Report  Folder A 
                  i-view  a1
                  i-view  a2
                  i-view  a3
                  i-view  a4
                  i-view  a5
                  i-view  a6
    Report  Folder B 
                  i-view  b1
                  i-view  b2
                  i-view  b3
                  i-view  b4
                  i-view  b5
                  i-view  b6

    Hi,
    Thank you very much.  The problem is the Folder didn't 'open when the user logs on.  Yes, the iview can be openned.  Does anyone know how to set the default Open for the Folder.  My question is about the folder in BI portal.  Yes, the ivew we can set the defaul Open but we have Folder in the portal and our user wants to be able to see the report lists when they log on to the Portal.
    For example:
    Our Current situation
        Navigation Panel
       .>Act vs Plan report Folder_
       .>Year to Day report Folder_
    Hope To Be (When user logs on the BI Portal)
       Navigation Panel
        .>Act vs. Plan report Folder
            (i-view) Report A
            (i-view) Report B
            (i-view) Report C
            (i-view) Report D
            (i-view) Report E
    .>Year to Day report Folder
           (i-view)  Budget by Cost Element report
           (i-view)  Actual by Cost Center report
           (i-view)  Income statement report
           (i-view)  Balance Sheet report

  • Limit report data to user logged in (AD Authentication)

    How can I limit the number of rows that display on a report depending on the user logged in?  I want the user to see only their own data, not the whole report, based on the the user id.  We use active directory authentication to Business Objects Enterprise.

    Hi Eileen,
    This may be achieved in either of two ways :
    1. Applying row level restriction to the Universe off which these reports are based of. Please refer to Universe Designer Guide for more information.
    2. By using Publications in XI 3.1. Please refer to Publishing Guide for details.
    Regards,
    Subhodeep

  • Every mavericks user, except 13" late rMBP, do you have "kernel usb keyboard" log report issue on your console, check it out please

    hi everyone, we are the owners of the late 2013 retina macbook pro, with this keyboard and trackpad issue.
    please help us by looking at your console for this log report:
    08/11/13 00:49:01,000 kernel[0]: The USB device Apple Internal Keyboard / Trackpad (Port 5 of Hub at 0x14000000) may have caused a wake by issuing a remote wakeup (2)
    we are really curious whether it is only happening on our 13" rMBP or is it happening on everyone's mac with mavericks.
    especially we would like to know whether this report is also on 2013's mac. MacBook Pro Retina 15" late 2013 Haswell, iMac Haswell, MacBook Air Haswell.
    Thanks for your help, really appreciate all your reports!
    please help us so that we could try track it down whether the issue is hardware or software related.

    Yes, after the EFI update I'm seeing over 4,000 of these error messages.
    12/16/13 1:08:32.000 PM kernel[0]: The USB device Apple Internal Keyboard /Trackpad (Port 5 of Hub at 0x14000000) may have caused a wake by issuing a remote wakeup (2)
    This happens everytime I touch the keyboard or trackpad. I believe this should not be a normal ocurrence performing such a NORMAL and Essential task as using the imbedded peripherals to operate a machine.
    I contacted Apple Support and spoke with a Senior Advisor for troubleshooting. I was instructed to send capture data to apple showing the console errors in their entirety.
    From my impressions speaking with Apple today, this is not a normal error and a exchange might be offered, but I'm afraid that will not remedy the issue. This being a chronic and widespread issue with OSX Mavericks and late rMBP Haswell models.

  • Can't Connect to Pix 501 VPN on Network

    Hi All,
    I have a software VPN client that connects just fine to the PIX 501 VPN, but I cannot ping or telnet to any services on the LAN. Below is my config and results of show cry ipsec sa. I would appreciate any suggestions to fix this.
    It's been a while since I have done this. When I check the DHCP address received from the VPN, the default gateway is missing. IIRC, that is normal. What is strange is that when I ping, Windows does not show any sent packets.
    Thanks,
    --Drichards38
    PIX Version 6.3(3)
    interface ethernet0 auto
    interface ethernet1 100full
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    enable password bgVy005CZTsaMOwR encrypted
    passwd bgVy005CZTsaMOwR encrypted
    hostname cisco
    domain-name xxxxxx.biz
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol ftp 1024-2048
    fixup protocol ftp 49152-65534
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    names
    access-list acl-out permit tcp any interface outside eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq telnet
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 3389
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 60990
    access-list acl_out permit tcp any host aa.bb.cc.dd eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq echo
    access-list acl_out permit tcp any host aa.bb.cc.dd eq ftp
    access-list acl_out permit tcp any host aa.bb.cc.dd eq https
    access-list acl_out permit tcp any interface inside eq www
    access-list acl_out permit tcp any interface inside eq ftp
    access-list acl_out permit tcp any interface inside eq 3389
    access-list acl_out permit tcp any interface inside eq https
    access-list acl_out permit tcp any host aa.bb.cc.dd eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq https
    access-list acl_out permit tcp any host aa.bb.cc.dd eq https
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 3389
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 3389
    access-list acl_out permit tcp any host aa.bb.cc.dd eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq https
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 3389
    access-list acl_out permit tcp any host aa.bb.cc.dd eq ftp
    access-list acl_out permit tcp any host aa.bb.cc.dd eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq https
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 3389
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 902
    access-list acl_out permit tcp any host aa.bb.cc.dd eq ftp
    access-list acl_out permit tcp any host aa.bb.cc.dd eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq ftp
    access-list acl_out permit tcp any host aa.bb.cc.dd eq https
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 3389
    access-list acl_out permit tcp any host aa.bb.cc.dd eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq ftp
    access-list acl_out permit tcp any host aa.bb.cc.dd eq https
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 3389
    access-list acl_out permit tcp any host aa.bb.cc.dd eq www
    access-list acl_out permit tcp any host aa.bb.cc.dd eq https
    access-list acl_out permit tcp any host aa.bb.cc.dd eq ftp
    access-list acl_out permit tcp any host aa.bb.cc.dd eq 3389
    access-list outside_cryptomap_dyn_20 permit ip any 10.0.0.0 255.0.0.0
    access-list split_tunnel_acl permit ip 10.0.0.0 255.0.0.0 any
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    ip address outside aa.bb.cc.dd 255.255.255.240
    ip address inside 192.168.93.1 255.255.255.0
    ip audit info action alarm
    ip audit attack action alarm
    ip local pool low_vpn_pool 10.0.1.205-10.0.1.210
    pdm location 172.16.0.0 255.255.0.0 inside
    pdm logging informational 100
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 192.168.93.0 255.255.255.0 0 0
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.67 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.68 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.69 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.70 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.71 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.72 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.73 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.74 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.75 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.76 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.77 netmask 255.255.255.255 0 0
    static (inside,outside) aa.bb.cc.dd 192.168.93.78 netmask 255.255.255.255 0 0
    access-group acl_out in interface outside
    rip inside default version 1
    route outside 0.0.0.0 0.0.0.0 aa.bb.cc.dd 1
    timeout xlate 0:05:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
    timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server RADIUS protocol radius
    aaa-server LOCAL protocol local
    aaa authorization command LOCAL
    http server enable
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    no snmp-server enable traps
    floodguard enable
    sysopt connection permit-ipsec
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto dynamic-map outside_dyn_map 20 match address outside_cryptomap_dyn_20
    crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-MD5
    crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
    crypto map outside_map client authentication LOCAL
    crypto map outside_map interface outside
    isakmp enable outside
    isakmp nat-traversal 20
    isakmp policy 20 authentication pre-share
    isakmp policy 20 encryption 3des
    isakmp policy 20 hash md5
    isakmp policy 20 group 2
    isakmp policy 20 lifetime 86400
    vpngroup MY_VPN address-pool low_vpn_pool
    vpngroup MY_VPN dns-server 4.2.2.1
    vpngroup MY_VPN default-domain xxxxx.biz
    vpngroup MY_VPN split-tunnel split_tunnel_acl
    vpngroup MY_VPN idle-time 1800
    vpngroup MY_VPN password ********
    telnet 0.0.0.0 255.255.255.255 outside
    telnet 192.168.93.0 255.255.255.0 inside
    telnet timeout 5
    ssh 0.0.0.0 0.0.0.0 outside
    ssh timeout 60
    console timeout 0
    dhcpd address 192.168.93.230-192.168.93.240 inside
    dhcpd dns ff.gg.hh.ii ff.gg.hh.ii
    dhcpd lease 65536
    dhcpd ping_timeout 750
    dhcpd domain xxxxxx.biz
    dhcpd auto_config outside
    dhcpd enable inside
    username xxxx password xxxxxxx encrypted privilege 15
    cisco(config)# show cry ipsec sa
    interface: outside
        Crypto map tag: outside_map, local addr. aa.bb.cc.dd
       local  ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
       remote ident (addr/mask/prot/port): (10.0.1.205/255.255.255.255/0/0)
       current_peer: jj.kk.ll.mm:1265
       dynamic allocated peer ip: 10.0.1.205
         PERMIT, flags={transport_parent,}
        #pkts encaps: 0, #pkts encrypt: 0, #pkts digest 0
        #pkts decaps: 38, #pkts decrypt: 38, #pkts verify 38
        #pkts compressed: 0, #pkts decompressed: 0
        #pkts not compressed: 0, #pkts compr. failed: 0, #pkts decompress failed: 0
        #send errors 0, #recv errors 0
         local crypto endpt.: aa.bb.cc.dd, remote crypto endpt.: 97.93.95.133
         path mtu 1500, ipsec overhead 64, media mtu 1500
         current outbound spi: 3a898e67
         inbound esp sas:
          spi: 0xeeb64931(4004923697)
            transform: esp-3des esp-md5-hmac ,
            in use settings ={Tunnel UDP-Encaps, }
            slot: 0, conn id: 1, crypto map: outside_map
            sa timing: remaining key lifetime (k/sec): (4607993/28610)
            IV size: 8 bytes
            replay detection support: Y
         inbound ah sas:
         inbound pcp sas:
         outbound esp sas:
          spi: 0x3a898e67(982093415)
            transform: esp-3des esp-md5-hmac ,
            in use settings ={Tunnel UDP-Encaps, }
            slot: 0, conn id: 2, crypto map: outside_map
            sa timing: remaining key lifetime (k/sec): (4608000/28574)
            IV size: 8 bytes
            replay detection support: Y
         outbound ah sas:
         outbound pcp sas:

    I just set the logging to high on all areas of the Cisco VPN client. Below is the resulting log. Everything looks ok from here:
    Cisco Systems VPN Client Version 5.0.03.0530
    Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved.
    Client Type(s): Windows, WinNT
    Running on: 5.1.2600 Service Pack 3
    29     09:57:02.887  09/03/12  Sev=Info/4    CM/0x63100002
    Begin connection process
    30     09:57:02.897  09/03/12  Sev=Info/4    CM/0x63100004
    Establish secure connection
    31     09:57:02.897  09/03/12  Sev=Info/4    CM/0x63100024
    Attempt connection with server "a.b.c.d"
    32     09:57:02.907  09/03/12  Sev=Info/6    IKE/0x6300003B
    Attempting to establish a connection with a.b.c.d.
    33     09:57:02.917  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to a.b.c.d
    34     09:57:03.228  09/03/12  Sev=Info/4    IPSEC/0x63700008
    IPSec driver successfully started
    35     09:57:03.228  09/03/12  Sev=Info/4    IPSEC/0x63700014
    Deleted all keys
    36     09:57:03.228  09/03/12  Sev=Info/6    IPSEC/0x6370002C
    Sent 47 packets, 0 were fragmented.
    37     09:57:03.979  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    38     09:57:03.979  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK AG (SA, VID(Xauth), VID(dpd), VID(Unity), VID(?), KE, ID, NON, VID(?), VID(Nat-T), NAT-D, NAT-D, HASH) from a.b.c.d
    39     09:57:04.039  09/03/12  Sev=Info/6    GUI/0x63B00012
    Authentication request attributes is 6h.
    40     09:57:03.979  09/03/12  Sev=Info/5    IKE/0x63000001
    Peer supports XAUTH
    41     09:57:03.979  09/03/12  Sev=Info/5    IKE/0x63000001
    Peer supports DPD
    42     09:57:03.979  09/03/12  Sev=Info/5    IKE/0x63000001
    Peer is a Cisco-Unity compliant peer
    43     09:57:03.979  09/03/12  Sev=Info/5    IKE/0x63000082
    Received IOS Vendor ID with unknown capabilities flag 0x000000A5
    44     09:57:03.979  09/03/12  Sev=Info/5    IKE/0x63000001
    Peer supports NAT-T
    45     09:57:03.999  09/03/12  Sev=Info/6    IKE/0x63000001
    IOS Vendor ID Contruction successful
    46     09:57:03.999  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to a.b.c.d
    47     09:57:03.999  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    48     09:57:03.999  09/03/12  Sev=Info/4    IKE/0x63000083
    IKE Port in use - Local Port =  0x0421, Remote Port = 0x1194
    49     09:57:03.999  09/03/12  Sev=Info/5    IKE/0x63000072
    Automatic NAT Detection Status:
       Remote end is NOT behind a NAT device
       This   end IS behind a NAT device
    50     09:57:03.999  09/03/12  Sev=Info/4    CM/0x6310000E
    Established Phase 1 SA.  1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
    51     09:57:04.029  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    52     09:57:04.029  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_INITIAL_CONTACT) from a.b.c.d
    53     09:57:04.029  09/03/12  Sev=Warning/2    IKE/0xA3000067
    Received Unexpected InitialContact Notify (PLMgrNotify:886)
    54     09:57:04.039  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    55     09:57:04.039  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:STATUS_RESP_LIFETIME) from a.b.c.d
    56     09:57:04.039  09/03/12  Sev=Info/5    IKE/0x63000045
    RESPONDER-LIFETIME notify has value of 86400 seconds
    57     09:57:04.039  09/03/12  Sev=Info/5    IKE/0x63000047
    This SA has already been alive for 2 seconds, setting expiry to 86398 seconds from now
    58     09:57:04.039  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    59     09:57:04.039  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from a.b.c.d
    60     09:57:04.039  09/03/12  Sev=Info/4    CM/0x63100015
    Launch xAuth application
    61     09:57:09.327  09/03/12  Sev=Info/4    CM/0x63100017
    xAuth application returned
    62     09:57:09.327  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to a.b.c.d
    63     09:57:09.367  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    64     09:57:09.367  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from a.b.c.d
    65     09:57:09.367  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to a.b.c.d
    66     09:57:09.367  09/03/12  Sev=Info/4    CM/0x6310000E
    Established Phase 1 SA.  1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system
    67     09:57:09.387  09/03/12  Sev=Info/5    IKE/0x6300005E
    Client sending a firewall request to concentrator
    68     09:57:09.387  09/03/12  Sev=Info/5    IKE/0x6300005D
    Firewall Policy: Product=Cisco Systems Integrated Client Firewall, Capability= (Centralized Protection Policy).
    69     09:57:09.387  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to a.b.c.d
    70     09:57:09.427  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    71     09:57:09.427  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from a.b.c.d
    72     09:57:09.427  09/03/12  Sev=Info/5    IKE/0x63000010
    MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_ADDRESS: , value = 10.0.1.205
    73     09:57:09.427  09/03/12  Sev=Info/5    IKE/0x63000010
    MODE_CFG_REPLY: Attribute = INTERNAL_IPV4_DNS(1): , value = 4.2.2.1
    74     09:57:09.427  09/03/12  Sev=Info/5    IKE/0x6300000E
    MODE_CFG_REPLY: Attribute = MODECFG_UNITY_DEFDOMAIN: , value = xxxx.biz
    75     09:57:09.427  09/03/12  Sev=Info/5    IKE/0x6300000D
    MODE_CFG_REPLY: Attribute = MODECFG_UNITY_SPLIT_INCLUDE (# of split_nets), value = 0x00000001
    76     09:57:09.427  09/03/12  Sev=Info/5    IKE/0x6300000F
    SPLIT_NET #1
        subnet = 10.0.0.0
        mask = 255.0.0.0
        protocol = 0
        src port = 0
        dest port=0
    77     09:57:09.427  09/03/12  Sev=Info/5    IKE/0x6300000D
    MODE_CFG_REPLY: Attribute = MODECFG_UNITY_PFS: , value = 0x00000000
    78     09:57:09.427  09/03/12  Sev=Info/5    IKE/0x6300000D
    MODE_CFG_REPLY: Attribute = Received and using NAT-T port number , value = 0x00001194
    79     09:57:09.427  09/03/12  Sev=Info/4    CM/0x63100019
    Mode Config data received
    80     09:57:09.427  09/03/12  Sev=Info/4    IKE/0x63000056
    Received a key request from Driver: Local IP = 10.0.1.205, GW IP = a.b.c.d, Remote IP = 0.0.0.0
    81     09:57:09.437  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK QM *(HASH, SA, NON, ID, ID) to a.b.c.d
    82     09:57:09.477  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    83     09:57:09.477  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK QM *(HASH, SA, NON, ID, ID, NOTIFY:STATUS_RESP_LIFETIME) from a.b.c.d
    84     09:57:09.477  09/03/12  Sev=Info/5    IKE/0x63000045
    RESPONDER-LIFETIME notify has value of 28800 seconds
    85     09:57:09.477  09/03/12  Sev=Info/5    IKE/0x63000046
    RESPONDER-LIFETIME notify has value of 4608000 kb
    86     09:57:09.477  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK QM *(HASH) to a.b.c.d
    87     09:57:09.477  09/03/12  Sev=Info/5    IKE/0x63000059
    Loading IPsec SA (MsgID=D70550E6 OUTBOUND SPI = 0xB335C6DA INBOUND SPI = 0xE99E1A59)
    88     09:57:09.477  09/03/12  Sev=Info/5    IKE/0x63000025
    Loaded OUTBOUND ESP SPI: 0xB335C6DA
    89     09:57:09.477  09/03/12  Sev=Info/5    IKE/0x63000026
    Loaded INBOUND ESP SPI: 0xE99E1A59
    90     09:57:09.527  09/03/12  Sev=Info/5    CVPND/0x63400013
        Destination           Netmask           Gateway         Interface   Metric
            0.0.0.0           0.0.0.0        172.16.0.1       172.16.0.11       25
          127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1
         172.16.0.0       255.255.0.0       172.16.0.11       172.16.0.11       25
        172.16.0.11   255.255.255.255         127.0.0.1         127.0.0.1       25
    172.16.255.255   255.255.255.255       172.16.0.11       172.16.0.11       25
          224.0.0.0         240.0.0.0       172.16.0.11       172.16.0.11       25
    255.255.255.255   255.255.255.255       172.16.0.11           0.0.0.0        1
    255.255.255.255   255.255.255.255       172.16.0.11       172.16.0.11        1
    91     09:57:10.448  09/03/12  Sev=Info/4    CM/0x63100034
    The Virtual Adapter was enabled:
        IP=10.0.1.205/255.0.0.0
        DNS=4.2.2.1,0.0.0.0
        WINS=0.0.0.0,0.0.0.0
        Domain=xxxx.biz
        Split DNS Names=
    92     09:57:10.458  09/03/12  Sev=Info/5    CVPND/0x63400013
        Destination           Netmask           Gateway         Interface   Metric
            0.0.0.0           0.0.0.0        172.16.0.1       172.16.0.11       25
           10.0.0.0         255.0.0.0        10.0.1.205        10.0.1.205       25
         10.0.1.205   255.255.255.255         127.0.0.1         127.0.0.1       25
    10.255.255.255   255.255.255.255        10.0.1.205        10.0.1.205       25
          127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1
         172.16.0.0       255.255.0.0       172.16.0.11       172.16.0.11       25
        172.16.0.11   255.255.255.255         127.0.0.1         127.0.0.1       25
    172.16.255.255   255.255.255.255       172.16.0.11       172.16.0.11       25
          224.0.0.0         240.0.0.0        10.0.1.205        10.0.1.205       25
          224.0.0.0         240.0.0.0       172.16.0.11       172.16.0.11       25
    255.255.255.255   255.255.255.255        10.0.1.205           0.0.0.0        1
    255.255.255.255   255.255.255.255        10.0.1.205        10.0.1.205        1
    255.255.255.255   255.255.255.255       172.16.0.11       172.16.0.11        1
    93     09:57:10.458  09/03/12  Sev=Info/4    CM/0x63100038
    Successfully saved route changes to file.
    94     09:57:10.458  09/03/12  Sev=Info/5    CVPND/0x63400013
        Destination           Netmask           Gateway         Interface   Metric
            0.0.0.0           0.0.0.0        172.16.0.1       172.16.0.11       25
           10.0.0.0         255.0.0.0        10.0.1.205        10.0.1.205        1
         10.0.1.205   255.255.255.255         127.0.0.1         127.0.0.1       25
    10.255.255.255   255.255.255.255        10.0.1.205        10.0.1.205       25
      a.b.c.d   255.255.255.255        172.16.0.1       172.16.0.11        1
          127.0.0.0         255.0.0.0         127.0.0.1         127.0.0.1        1
         172.16.0.0       255.255.0.0       172.16.0.11       172.16.0.11       25
         172.16.0.1   255.255.255.255       172.16.0.11       172.16.0.11        1
        172.16.0.11   255.255.255.255         127.0.0.1         127.0.0.1       25
    172.16.255.255   255.255.255.255       172.16.0.11       172.16.0.11       25
          224.0.0.0         240.0.0.0        10.0.1.205        10.0.1.205       25
          224.0.0.0         240.0.0.0       172.16.0.11       172.16.0.11       25
    255.255.255.255   255.255.255.255        10.0.1.205           0.0.0.0        1
    255.255.255.255   255.255.255.255        10.0.1.205        10.0.1.205        1
    255.255.255.255   255.255.255.255       172.16.0.11       172.16.0.11        1
    95     09:57:10.458  09/03/12  Sev=Info/6    CM/0x63100036
    The routing table was updated for the Virtual Adapter
    96     09:57:10.508  09/03/12  Sev=Info/4    CM/0x6310001A
    One secure connection established
    97     09:57:10.618  09/03/12  Sev=Info/4    CM/0x6310003B
    Address watch added for 172.16.0.11.  Current hostname: toughone, Current address(es): 10.0.1.205, 172.16.0.11.
    98     09:57:10.638  09/03/12  Sev=Info/4    CM/0x6310003B
    Address watch added for 10.0.1.205.  Current hostname: toughone, Current address(es): 10.0.1.205, 172.16.0.11.
    99     09:57:10.638  09/03/12  Sev=Info/4    IPSEC/0x63700014
    Deleted all keys
    100    09:57:10.638  09/03/12  Sev=Info/4    IPSEC/0x63700010
    Created a new key structure
    101    09:57:10.638  09/03/12  Sev=Info/4    IPSEC/0x6370000F
    Added key with SPI=0xdac635b3 into key list
    102    09:57:10.638  09/03/12  Sev=Info/4    IPSEC/0x63700010
    Created a new key structure
    103    09:57:10.638  09/03/12  Sev=Info/4    IPSEC/0x6370000F
    Added key with SPI=0x591a9ee9 into key list
    104    09:57:10.638  09/03/12  Sev=Info/4    IPSEC/0x6370002F
    Assigned VA private interface addr 10.0.1.205
    105    09:57:10.638  09/03/12  Sev=Info/4    IPSEC/0x63700037
    Configure public interface: 172.16.0.11. SG: a.b.c.d
    106    09:57:10.638  09/03/12  Sev=Info/6    CM/0x63100046
    Set tunnel established flag in registry to 1.
    107    09:57:19.741  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to a.b.c.d
    108    09:57:19.741  09/03/12  Sev=Info/6    IKE/0x6300003D
    Sending DPD request to a.b.c.d, our seq# = 3951445672
    109    09:57:19.772  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    110    09:57:19.772  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from a.b.c.d
    111    09:57:19.772  09/03/12  Sev=Info/5    IKE/0x63000040
    Received DPD ACK from a.b.c.d, seq# received = 3951445672, seq# expected = 3951445672
    112    09:57:30.257  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to a.b.c.d
    113    09:57:30.257  09/03/12  Sev=Info/6    IKE/0x6300003D
    Sending DPD request to a.b.c.d, our seq# = 3951445673
    114    09:57:30.297  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    115    09:57:30.297  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from a.b.c.d
    116    09:57:30.297  09/03/12  Sev=Info/5    IKE/0x63000040
    Received DPD ACK from a.b.c.d, seq# received = 3951445673, seq# expected = 3951445673
    117    09:57:40.772  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to a.b.c.d
    118    09:57:40.772  09/03/12  Sev=Info/6    IKE/0x6300003D
    Sending DPD request to a.b.c.d, our seq# = 3951445674
    119    09:57:40.802  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    120    09:57:40.802  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from a.b.c.d
    121    09:57:40.802  09/03/12  Sev=Info/5    IKE/0x63000040
    Received DPD ACK from a.b.c.d, seq# received = 3951445674, seq# expected = 3951445674
    122    09:57:54.291  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    123    09:58:04.306  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    124    09:58:14.320  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    125    09:58:24.334  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    126    09:58:34.349  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    127    09:58:41.359  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to a.b.c.d
    128    09:58:41.359  09/03/12  Sev=Info/6    IKE/0x6300003D
    Sending DPD request to a.b.c.d, our seq# = 3951445675
    129    09:58:41.389  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    130    09:58:41.389  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from a.b.c.d
    131    09:58:41.389  09/03/12  Sev=Info/5    IKE/0x63000040
    Received DPD ACK from a.b.c.d, seq# received = 3951445675, seq# expected = 3951445675
    132    09:58:54.378  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    133    09:59:04.392  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    134    09:59:14.406  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    135    09:59:24.421  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    136    09:59:34.435  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA
    137    09:59:41.946  09/03/12  Sev=Info/4    IKE/0x63000013
    SENDING >>> ISAKMP OAK INFO *(HASH, NOTIFY:DPD_REQUEST) to a.b.c.d
    138    09:59:41.946  09/03/12  Sev=Info/6    IKE/0x6300003D
    Sending DPD request to a.b.c.d, our seq# = 3951445676
    139    09:59:41.976  09/03/12  Sev=Info/5    IKE/0x6300002F
    Received ISAKMP packet: peer = a.b.c.d
    140    09:59:41.976  09/03/12  Sev=Info/4    IKE/0x63000014
    RECEIVING <<< ISAKMP OAK INFO *(HASH, NOTIFY:DPD_ACK) from a.b.c.d
    141    09:59:41.976  09/03/12  Sev=Info/5    IKE/0x63000040
    Received DPD ACK from a.b.c.d, seq# received = 3951445676, seq# expected = 3951445676
    142    09:59:54.464  09/03/12  Sev=Info/6    IKE/0x63000055
    Sent a keepalive on the IPSec SA

  • Cisco PIX 501 to Cisco Concentrator 3005 via Remote Access

    Hello folks,
    I need your help.
    We got a Cisco PIX 501 in one location and this pix is configured for pppoe dial out. The pix connects itself to the internet via pppoe client. ping to an offical ip is running well.
    So what I want to do is to establish a von tunnel between this pix and a cisco 3005 concentrator.
    But I was not successull to establish it.
    Here is the pix config. the acl?s are only for testing and will be replaced if it works.
    PIX Version 6.3(4)
    interface ethernet0 10baset
    interface ethernet1 100full
    nameif ethernet0 outside security0
    nameif ethernet1 inside security100
    enable password xxx
    passwd xxx
    hostname PIX-AU
    domain-name araukraine.ua
    fixup protocol dns maximum-length 512
    fixup protocol ftp 21
    fixup protocol h323 h225 1720
    fixup protocol h323 ras 1718-1719
    fixup protocol http 80
    fixup protocol ils 389
    fixup protocol rsh 514
    fixup protocol rtsp 554
    fixup protocol sip 5060
    fixup protocol sip udp 5060
    fixup protocol skinny 2000
    fixup protocol smtp 25
    fixup protocol sqlnet 1521
    fixup protocol tftp 69
    names
    access-list outside permit ip any any
    access-list inside_access_in permit ip any any
    pager lines 24
    logging on
    logging monitor warnings
    logging buffered warnings
    mtu outside 1456
    mtu inside 1456
    ip address outside pppoe setroute
    ip address inside 192.168.x.x 255.255.255.0
    ip audit info action alarm
    ip audit attack action alarm
    pdm location 192.168.x.x 255.255.255.224 inside
    pdm logging warnings 500
    pdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0 0 0
    access-group outside in interface outside
    access-group inside_access_in in interface inside
    timeout xlate 0:05:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
    timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    aaa-server TACACS+ protocol tacacs+
    aaa-server TACACS+ max-failed-attempts 3
    aaa-server TACACS+ deadtime 10
    aaa-server RADIUS protocol radius
    aaa-server RADIUS max-failed-attempts 3
    aaa-server RADIUS deadtime 10
    aaa-server LOCAL protocol local
    aaa authentication ssh console LOCAL
    http server enable
    http 192.168.x.x 255.255.x.x inside
    no snmp-server location
    no snmp-server contact
    snmp-server community public
    no snmp-server enable traps
    floodguard enable
    telnet 192.168.x.x 255.255.x.x inside
    telnet timeout 5
    ssh 194.39.97.0 255.255.255.0 outside
    ssh timeout 5
    management-access inside
    console timeout 0
    vpdn group pppoe_group request dialout pppoe
    vpdn group pppoe_group localname [email protected]
    vpdn group pppoe_group ppp authentication pap
    vpdn username [email protected] password *********
    encrypted privilege 15
    vpnclient server 212.xx.xx.xx
    vpnclient mode network-extension-mode
    vpnclient vpngroup vpntest password ********
    vpnclient username pixtest password ********
    terminal width 80
    on the concentrator I created a user pixtest, a group vpntest and I?ve created rules for the network e.g. to which server the users behind the pix will be able to access.
    And that?s all.
    I could not send you the output either of the pix or concentrator because I did not get an error or a message that the tunnel will be established.
    What can be wrong ?
    Thanks for the replies

    This sample configuration demonstrates how to form an IPsec tunnel from a PC that runs the Cisco VPN Client (4.x and later) to a Cisco VPN 3000 Concentrator to enable the user to securely access the network inside the VPN Concentrator.
    http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a008026f96c.shtml

Maybe you are looking for

  • 5800 Java Script and Cookie error

    I currently have a 5800.  Recently when browsing the internet I've been getting a message saying that Java Script is not enabled and sometimes I get a message saying cookies are disabled.  I've checked the settings on the phone but both appear to be

  • Weird problem when converting project for 23.976 to 25

    We are doing this on a batch of episodes (Just changing the play speed no interpolation.) But basically when we do the conversion some times between the 3 and 4th minute it copies the first frame of the project and pastes it over a frame in the outpu

  • Would an iMac G5 be able to support dial-up connection?

    I am considering on getting a iMac that was made in 2006, would an iMac work with dial-up connection? You see, I have no internet in my home, and our dial-up connection is USB based. So if I connect the Dial-Up USB Connection to the iMac G5, would it

  • Tips to speed up my imac

    recently I installed more RAM, up from 1GB to 3GB. I frequently work in photoshop, indesign, and other apps at the same time, same project so I'll have other apps open, including internet browsing. i've still noticed i get the pinwheel alot more than

  • New at PSE 7

    I am a total novice and have recently aquired PSE 7.  I am trying to also learn more about photograpy in hopes of having a side gig of a band photographer. Does anyone have any really good tips for someone like me who will be taking alot of on stage