Portal connectivity issue through VPN

Dear Experts,
I have an issue in getting connected to Portal through VPN.
I have maintained hosfile entries in the system also but still i am unable to connect to portal.
when i ping from the same system it is getting pinged.
out of doubt i checked whether i am able to connect to SAP R/3 i am able to connect through VPN.
note: i am able to ping the portal server but unable to connect through browser.
Did i miss something? please help me to resolve this issues.
Regards,
Siva

Hi,
What is the error or page you are getting when you are trying to connect the portal. Might be some firewall restriction.
Thanks,
Mahe

Similar Messages

  • Activation failure - Requesting I need to activate Photoshop CS5.1 despite having done this previously & used Photoshop. Adobe can't connect to internet to activate, yet program is allowed through Firewall and not having connectivity issues through Browse

    Hi,
    I currently have Photoshop CS5.1 on Windows 7 (64 bit) and it's now requesting I need to re-activate it, despite having already done this with a serial number when I installed it and even used the program numerous times.
    I get a screen saying "Product activation is required" but every time I try to activate it, it says there was a connection issue and asks me to connect to the internet.
    I've checked my firewall settings and Adobe is allowed through. No connection issues using my Browser, Skype etc.
    Anyone got any solutions?
    Thanks,
    Westy

    Sign in, activation, or connection errors | CS5.5 and later

  • Time Capsule connection issues - only VPN use will connect

    After hours of troubleshooting with Comcast and Apple trying to establish internet connection, I accidentally discovered that I could get on when connected to company's VPN. Why would this happen? I don't have VPN on my Mac and don't want to set it up on my iPhone. I need to get on the internet without it. Apple has been helpful on the phone, but they are just as stumped as I am -- we've tried everything! Help!
    I'm running 10.5.2 on Mac, and use XP on my PC's. The cable modem is an Arris through Comcast. I never had problems with my old wireless router (Netgear).

    Wired or wireless didn't matter, it was baffling.
    I did get it resolved, however. Evidently Comcast's DNS address wasn't working properly. The Apple rep was able to provide a public DNS address (not affiliated with Comcast) that did the trick. The VPN thing was what tipped him off.
    Works fine from the Mac, but my PC's give me constant warnings since they are set up with all of my company's security settings. I can live with it though! Just happy to finally get some work done!

  • TNS Listener Connecting issue through ISA 2006

    We have Oracle 8i installed on?a Win XP Professional workstation, and pretty much as it comes - we haven't?changed many config. parms.
    We have a basic ISA 2006 firewall, and when the Oracle machine is not behind it we can contact it without ay problems. However, when we put the machine behind the firewall we can 'tnsping' it, but cannot contact it with SQL*Plus
    I have 1521 Port Opened in my ISA 2006 Firewall
    i set USE_SHARED_SOCKET = TRUE under Windows registry on Oracle Server, Firewall & on the Client.
    My tnsnames.ora is somewhat like this...
    L.world =
    (DESCRIPTION =
    (ADDRESS_LIST =
    (ADDRESS =
    (COMMUNITY = oracle.world)
    (PROTOCOL = TCP)
    (Host = 127.0.0.1)
    (Port = 1521)
    (CONNECT_DATA = (SID = ORCL)
    (SERVER = DEDICATED)
    M.world =
    (DESCRIPTION =
    (ADDRESS_LIST =
    (ADDRESS =
    (COMMUNITY = oracle.world)
    (PROTOCOL = TCP)
    (Host = 213.XXX.XXX.XXX)
    (Port = 1521)
    (ADDRESS =
    (COMMUNITY = oracle.world)
    (PROTOCOL = TCP)
    (Host = 213.XXX.XXX.XXX)
    (Port = 1526)
    (CONNECT_DATA = (SID = ORCL)
    (SERVER = DEDICATED)
    I've run a trace on SQL*Net and the problem seems to be as follows:
    1. The client contacts the server using its external IP address.
    2. Oracle responds with a packet which contains the?INTERNAL IP address of the machine. (i.e. the machines IP address on our local intranet)
    3. The client attempts to contact Oracle using the Oracle machine's internal intranet IP address.?Of course this fails because only the external address is valid outside the firewall.
    4. SQL*Plus responds TNS-12535: TNS:operation timed out???
    Can anyone suggest ....
    what to be done now

    I just went through something similar. Have you tried the setting to make request appear to come from the ISA server rather than the original client in the configuration rule? I'm not sure how you examined the packet, so I can't say my situation was exactly the same, but it sounds very similar and that solved it for me.

  • Server 2012 R2 RRAS NAT VPN connectivity issues

    Hello all,
    I'm having trouble making IKEv2 connections to my VPN server from the Internet after changing my home lab network infrastructure to use Server 2012 R2 RRAS NAT routing. Despite all of the appearances of a proper configuration, it appears that NAT-T is not
    working properly.
    Let me preface my questions/issues with some critical infrastructure disclosures/explanations to help troubleshoot this issue:
    1. This is a home lab environment with no impact to corporate production systems in any way. All information garnered from help in this session is understood to be as-is.
    2. The entire environment is on Server 2012 R2 Hyper-V. I’ve configured trunking on all of the layer 2 (Cisco Catalyst switch) etherchannels, and I’ve configured trunking on the Hyper-V vSwitches. I have no issue with internal routing or NAT or with attaching
    to VPN from an internal VLAN, which indicates that routing (Layer 3) is not at issue here since everything goes where it should.
    3. The NAT server and the VPN server are two separate Windows Server 2012 R2 Std. Hyper-V VMs. The NAT server has 1 NAT uplink to/from my ISP and 5 router interfaces (NICs with no gateways specified). I have a static IP, so it’s not an IP changing anywhere.
    I have all of the port forwarding on the public NAT interface configured properly. Email, web, and application access work fine from out-to-in. The VPN server has 2 NICs: one on a VPN VLAN and the other on an internal VLAN.
    4. I ran Netmon from my corporate office and saw that IKEv2 traffic to my host over UDP 500 was successful (I got a response back), but the connection to UDP 4500 was attempted 3 times and then fails. Since UDP 4500 is the NAT-T port, I’m thinking this is
    where the fault is occurring. I also ran Netmon from the NAT router itself and found that traffic was flowing from the Internet to the VPN server up the stack to Layer 3.
    5. As a test, I turned off Windows firewall on both the VPN server and the NAT server. This made no difference, so firewall is not at play here.
    6. My certificates are configured properly with my external VPN address and appropriate SANs pointing to the public IP address. These same certificates worked without issue prior to the migration to Server 2012 R2 RRAS as my NAT router.
    The actual error I'm receiving is Error 809 which indicates a problem with the connectivity to the VPN server, presumably through the NAT router. Prior to the change to virtual routing, I was using a Linksys E3000 with L2TP/PPTP passthrough enabled and had
    no issues connecting to my VPN server remotely.
    Some questions I have specifically regarding Server 2012 R2 RRAS and NAT:
    1. Is NAT-T "turned on" by default? Are there any settings required through netsh or elsewhere that I might have overlooked to enable NAT Traversal?
    2. How can I test if NAT-T is working outside of VPN testing?
    3. Is it Microsoft's recommendation/requirement that VPN and NAT be collocated on the same server? I noticed in the NAT forwarding rules that the pre-defined L2TP forwarder says "L2TP on this server." Does that indicate that L2TP can't pass beyond
    that server? What are the security implications for running VPN from the router?
    Any help would be appreciated. I've been troubleshooting this issue for 2 weeks and cannot seem to find any documentation or help on this issue. I'm hoping if others have similar issues, this post will help point them in the right direction. I have netmon
    captures to assist with troubleshooting if it comes to that. I'm certain this is NAT-T at this point, but I just can't prove it beyond a shadow of a doubt, and I have customers who have asked about using Microsoft RRAS for routing. I can't, in good conscience,
    recommend it if NAT-T is problematic since most companies want some sort of VPN solution for their environment.
    Respectfully yours,
    Ron Arestia

    Hi Ron,
    Please try to create and configure the AssumeUDPEncapsulationContextOnSendRule registry value.
    For detailed information, please refer to the link below:
    http://support.microsoft.com/kb/926179
    Best Regards.
    Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • IPad2, Verizon 3G, VPN Connectivity Issues

    Greetings all. I am the systems administrator for my corporation and have seen an issue that I wish to present to the community for discussion.
    For those enterprise users that have an iPad2 with Verizons 3G, are you experiencing connectivity issues while trying to connect to your VPNs from the 3G network? If so, have you found any work around to allow connectivity or does it work fine for you?
    Here's a summary of my issues:
    We have a VPN server built on Debian Linux that has been in operation for over four years. It handles remote VPN connections from Windows, Linux,  Android, OS X, iOS, and from many different devices including multiple flavors of Apple products (iMacs, Minis, MacBooks, iPads, etc.). To date, it has performed flawlessly with assorted devices connecting to it through broadband and assorted 3G networks.
    Recently I purchased an iPad2 with Verizon 3G. I was able to set up the VPN connection using PPTP and connect using a Wi-Fi connection. When I turned off the Wi-Fi and attempted the same connection via Verizon 3G, it fails. I then took an associates iPad1 using AT&T 3G, set up the same connection, and was able to connect. I don't have access to an iPad2 on AT&T 3G so, I can't speak for that.
    Here's the logs from the VPN server while connecting from my iPad2:
    Wi-Fi
    Jul 27 05:20:43 localhost pppd[31694]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
    Jul 27 05:20:43 localhost pppd[31694]: pptpd-logwtmp: $Version$
    Jul 27 05:20:43 localhost pppd[31694]: pppd 2.4.4 started by root, uid 0
    Jul 27 05:20:43 localhost pppd[31694]: Using interface ppp2
    Jul 27 05:20:43 localhost pppd[31694]: Connect: ppp2 <--> /dev/pts/4
    Jul 27 05:20:46 localhost pppd[31694]: Unsupported protocol 'IPv6 Control Protocol' (0x8057) received
    Jul 27 05:20:46 localhost pppd[31694]: found interface eth1 for proxy arp
    Jul 27 05:20:46 localhost pppd[31694]: local  IP address 192.168.1.69
    Jul 27 05:20:46 localhost pppd[31694]: remote IP address 192.168.1.82
    Jul 27 05:20:46 localhost pppd[31694]: pptpd-logwtmp.so ip-up ppp2 scott XXX.XXX.XXX.XXX (removed external IP for security reasons)
    Quick connect, able to utilize VPN connection normally. No issues.
    Verizon 3G
    Jul 27 05:20:29 localhost pppd[31682]: Plugin /usr/lib/pptpd/pptpd-logwtmp.so loaded.
    Jul 27 05:20:29 localhost pppd[31682]: pptpd-logwtmp: $Version$
    Jul 27 05:20:29 localhost pppd[31682]: pppd 2.4.4 started by root, uid 0
    Jul 27 05:20:29 localhost pppd[31682]: Using interface ppp2
    Jul 27 05:20:29 localhost pppd[31682]: Connect: ppp2 <--> /dev/pts/4
    Jul 27 05:20:32 localhost pppd[31682]: peer refused to authenticate: terminating link
    Jul 27 05:20:33 localhost pppd[31682]: Connection terminated.
    Jul 27 05:20:33 localhost pppd[31682]: Exit.
    As you can see, the peer refuses to authenticate causing the link to be terminated while attempting to connect using Verizons network. This is with the same VPN connection settings on the iPad2 that just worked with WiFi connection from the same device.
    Here's what I can verify with regards to 3G networks:
    Older (<4) iPhones and iPad1 using AT&T can connect
    Windows and OS X based laptops using Sprint 3G can connect
    Android based smart phones using Sprint 3G can connect
    I have not called Verizon or Apple Support yet but, that's next when I have the time. My initial conclusion is that there is something with Verizons 3G services that is causing the issue. It may be that Verizon is using some sort of data compression process that is problematic with VPN transmission. While the log shows an unsupported IPv6 protocol when connecting via Wi-Fi, it still negotiates a successful connection and I don't think that's the root cause for the disconnect. Thoughts?

    Hi Alexander,
    I am running in to the exact same issue (although not with Linux).  Did you ever find a fix for this?  I have some support tickets open with my VAR's, but found your post and thought I would check.  If I find anything I will post.
    Thanks
    Stu

  • Tiger VPN (PPTP) connection issues

    Hello everyone.
    I'm having major issues trying to connect to office VPN from home; hoping someone can point me in the right direction. (And my profound apologies in advance for the long post -- just trying make sure to include enough detail to debug whatever might be happening)
    At the office we have a 3Com OfficeConnect VPN Firewall sitting in front of a Microsoft 2003 Exchange server. (3Com product page for this VPN box is http://www.3com.com/products/en_US/detail.jsp?tab=features&sku=3CR870-95&pathtyp e=purchase). Home connection is a Linksys WRT54GL wireless router in front of a broadband cable modem. PPTP pass-through is enabled in the router config.
    At home I have a WinXP-SP2 laptop and my G4 Powerbook (OS 10.4.7) sitting side-by-side. From the XP laptop, I can get into the VPN using XP's built-in client without any problems. The DNS lookup and authentication steps take about 2-3 seconds combined. Once the connection is established, both external sites (cnn.com) and internal sites (intranet.companyname.local) load in a browser window without any appreciable delay. I can also access Windows shared drives on the internal network without problems, including large (10's of MB or more) file copies to/from the XP laptop's HD.
    On the Powerbook, using Tiger's built-in VPN client, I can connect OK (though the authentication step takes a bit longer, about 4-5 seconds), but after that, almost nothing works. I can ping the internal DNS server, but after a few pings with reasonable delays (~15 millisecond range), the round-trip times suddenly jump to handfuls of seconds. In the browser, trying to load an internal webpage (http://intranet.companyname.local) times out before anything shows up on screen. In Finder, using Go>Connect to Server... very slowly establishes the connection (~10-15 seconds or longer), and sometimes opens a Finder window... but then invariably times out. I have never once had the connection remain stable enough to transfer so much as a single file from the shared volume onto the Powerbook's Desktop before it times out and disconnects.
    On the XP machine, relevant(?) VPN config settings are:
    require secured password
    require data encryption (disconnect if none)
    PPTP VPN
    LCP extensions enabled
    software compression enabled
    multi-link negotiation for single link connections DISABLED
    server type = PPP
    transports = TCP/IP
    authentication = MS CHAP
    encryption = MPPE 128
    compression = none
    PPP multilink framing = off
    and, once the VPN connection is established, parameters are (from "ipcofig /all"):
    Windows IP Configuration
    Host Name . . . . . . . . . . . . : (companyname)-hj2
    Primary Dns Suffix . . . . . . . : (companyname).local
    Node Type . . . . . . . . . . . . : Unknown
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    DNS Suffix Search List. . . . . . : (companyname).local
    Ethernet adapter Wireless Network Connection:
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Intel(R) PRO/Wireless 2915ABG Network Connection
    Physical Address. . . . . . . . . : XX-XX-XX-XX-XX-XX
    Dhcp Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    IP Address. . . . . . . . . . . . : 192.168.1.104
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.1
    DNS Servers . . . . . . . . . . . : 192.168.1.1
    PPP adapter (ConnectionName):
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
    Physical Address. . . . . . . . . : XX-XX-XX-XX-XX-XX
    Dhcp Enabled. . . . . . . . . . . : No
    IP Address. . . . . . . . . . . . : 172.16.0.70
    Subnet Mask . . . . . . . . . . . : 255.255.255.255
    Default Gateway . . . . . . . . . : 172.16.0.70
    DNS Servers . . . . . . . . . . . : 172.16.0.11
    finally, results of "ping -n 10 (InternalServer)":
    Pinging (InternalServer).(companyname).local [172.16.0.5] with 32 bytes of data:
    Reply from 172.16.0.5: bytes=32 time=4ms TTL=128
    Reply from 172.16.0.5: bytes=32 time=10ms TTL=128
    Reply from 172.16.0.5: bytes=32 time=10ms TTL=128
    Ping statistics for 172.16.0.5:
    Packets: Sent = 10, Received = 10, Lost = 0 (0% loss),
    Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 10ms, Average = 9ms
    On the Powerbook, I have a VPN (PPTP) connection set up with "Send all traffic over VPN connection" unchecked. In the Network panel of System Preferences, I have tried manually adding (and removing) "local, (companyname).local" in the Search Domains line, and manually adding (and removing) the IPs of our internal DNS servers (172.16.0.5, 172.16.0.11) under the TCP/IP tab. Proxies are turned off in all cases.
    With those settings, the relevant(?) parts of running "ifconfig" from a Terminal window after starting the VPN are as follows:
    lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    inet6 ::1 prefixlen 128
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
    inet 127.0.0.1 netmask 0xff000000
    en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    inet6 fe80::XXX:XXXX:XXXX:XXXX%en1 prefixlen 64 scopeid 0x5
    inet 192.168.1.100 netmask 0xffffff00 broadcast 192.168.1.255
    ether XX:XX:XX:XX:XX:XX
    media: autoselect status: active
    supported media: autoselect
    fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 4078
    lladdr XX:XX:XX:XX:XX:XX:XX:XX
    media: autoselect <full-duplex> status: inactive
    supported media: autoselect <full-duplex>
    ppp0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1444
    inet 172.16.0.69 --> 172.16.0.11 netmask 0xffff0000
    The associated connection log from Internet Connect is:
    Tue Jul 18 08:50:57 2006 : PPTP connecting to server 'vpn.(companyname).com' (XXX.XXX.XXX.XXX)...
    Tue Jul 18 08:50:57 2006 : PPTP connection established.
    Tue Jul 18 08:50:58 2006 : using link 0
    Tue Jul 18 08:50:58 2006 : Using interface ppp0
    Tue Jul 18 08:50:58 2006 : Connect: ppp0 <--> socket[34:17]
    Tue Jul 18 08:50:58 2006 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xb851f701> <pcomp> <accomp>]
    Tue Jul 18 08:50:58 2006 : rcvd [LCP ConfReq id=0x1 <mru 1492> <auth chap MS> <magic 0x80697000>]
    Tue Jul 18 08:50:58 2006 : lcp_reqci: returning CONFACK.
    Tue Jul 18 08:50:58 2006 : sent [LCP ConfAck id=0x1 <mru 1492> <auth chap MS> <magic 0x80697000>]
    Tue Jul 18 08:50:58 2006 : rcvd [LCP ConfRej id=0x1 <asyncmap 0x0> <pcomp> <accomp>]
    Tue Jul 18 08:50:58 2006 : sent [LCP ConfReq id=0x2 <magic 0xb851f701>]
    Tue Jul 18 08:50:58 2006 : rcvd [LCP ConfAck id=0x2 <magic 0xb851f701>]
    Tue Jul 18 08:50:58 2006 : sent [LCP EchoReq id=0x0 magic=0xb851f701]
    Tue Jul 18 08:50:58 2006 : rcvd [CHAP Challenge id=0x1 <4f0656add65818c2>, name = "Guest"]
    Tue Jul 18 08:50:58 2006 : sent [CHAP Response id=0x1 <0000000000000000000000000000000000000000000000004c86e5ccf08b95431034ef14706021 d358dc21b96a59157301>, name = "(UserName)"]
    Tue Jul 18 08:50:58 2006 : rcvd [LCP EchoRep id=0x0 magic=0x80697000]
    Tue Jul 18 08:50:58 2006 : rcvd [CHAP Success id=0x1 "Authentication succeeded, welcome!"]
    Tue Jul 18 08:50:58 2006 : CHAP authentication succeeded: Authentication succeeded, welcome!
    Tue Jul 18 08:50:58 2006 : Disabling 40-bit MPPE; MS-CHAP LM not supported
    Tue Jul 18 08:50:58 2006 : sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
    Tue Jul 18 08:50:58 2006 : rcvd [IPCP ConfReq id=0x1 <addr 172.16.0.11> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]
    Tue Jul 18 08:50:58 2006 : sent [IPCP TermAck id=0x1]
    Tue Jul 18 08:50:58 2006 : rcvd [CCP ConfReq id=0x1 <mppe +H +M +S +L -D -C>]
    Tue Jul 18 08:50:58 2006 : sent [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]
    Tue Jul 18 08:50:58 2006 : rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
    Tue Jul 18 08:50:58 2006 : rcvd [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]
    Tue Jul 18 08:50:58 2006 : sent [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]
    Tue Jul 18 08:50:58 2006 : MPPE 128-bit stateless compression enabled
    Tue Jul 18 08:50:58 2006 : sent [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
    Tue Jul 18 08:50:58 2006 : sent [IPV6CP ConfReq id=0x1 <addr fe80::020a:95ff:fea5:564c>]
    Tue Jul 18 08:50:58 2006 : sent [ACSCP] 01 01 00 10 01 06 00 00 00 01 02 06 00 00 00 01
    Tue Jul 18 08:50:58 2006 : rcvd [LCP ProtRej id=0x1 80 57 01 01 00 0e 01 0a 02 0a 95 ff fe a5 56 4c]
    Tue Jul 18 08:50:58 2006 : rcvd [LCP ProtRej id=0x2 82 35 01 01 00 10 01 06 00 00 00 01 02 06 00 00 00 01]
    Tue Jul 18 08:50:58 2006 : rcvd [IPCP ConfRej id=0x1 <ms-dns3 0.0.0.0>]
    Tue Jul 18 08:50:58 2006 : sent [IPCP ConfReq id=0x2 <addr 0.0.0.0> <ms-dns1 0.0.0.0>]
    Tue Jul 18 08:50:58 2006 : rcvd [IPCP ConfNak id=0x2 <addr 172.16.0.69> <ms-dns1 172.16.0.11>]
    Tue Jul 18 08:50:58 2006 : sent [IPCP ConfReq id=0x3 <addr 172.16.0.69> <ms-dns1 172.16.0.11>]
    Tue Jul 18 08:50:58 2006 : rcvd [IPCP ConfAck id=0x3 <addr 172.16.0.69> <ms-dns1 172.16.0.11>]
    Tue Jul 18 08:51:01 2006 : sent [IPCP ConfReq id=0x3 <addr 172.16.0.69> <ms-dns1 172.16.0.11>]
    Tue Jul 18 08:51:01 2006 : rcvd [IPCP ConfAck id=0x3 <addr 172.16.0.69> <ms-dns1 172.16.0.11>]
    Tue Jul 18 08:51:04 2006 : sent [IPCP ConfReq id=0x3 <addr 172.16.0.69> <ms-dns1 172.16.0.11>]
    Tue Jul 18 08:51:04 2006 : rcvd [IPCP ConfAck id=0x3 <addr 172.16.0.69> <ms-dns1 172.16.0.11>]
    Tue Jul 18 08:51:07 2006 : sent [IPCP ConfReq id=0x3 <addr 172.16.0.69> <ms-dns1 172.16.0.11>]
    Tue Jul 18 08:51:07 2006 : rcvd [IPCP ConfAck id=0x3 <addr 172.16.0.69> <ms-dns1 172.16.0.11>]
    Tue Jul 18 08:51:08 2006 : rcvd [IPCP ConfReq id=0x1 <addr 172.16.0.11> <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]
    Tue Jul 18 08:51:08 2006 : ipcp: returning Configure-REJ
    Tue Jul 18 08:51:08 2006 : sent [IPCP ConfRej id=0x1 <ms-dns3 0.0.0.0> <ms-wins 0.0.0.0>]
    Tue Jul 18 08:51:08 2006 : rcvd [IPCP ConfReq id=0x2 <addr 172.16.0.11>]
    Tue Jul 18 08:51:08 2006 : ipcp: returning Configure-ACK
    Tue Jul 18 08:51:08 2006 : sent [IPCP ConfAck id=0x2 <addr 172.16.0.11>]
    Tue Jul 18 08:51:08 2006 : ipcp: up
    Tue Jul 18 08:51:08 2006 : local IP address 172.16.0.69
    Tue Jul 18 08:51:08 2006 : remote IP address 172.16.0.11
    Tue Jul 18 08:51:08 2006 : primary DNS address 172.16.0.11
    The problem is that despite this apparently successful negotiation, the VPN connection doesn't really work. If I type "intranet" into the browser URL bar, it doesn't pick it up as "intranet.companyname.local" and instead treats this as a search query, which it passes to google... which times out. If I type "intranet.companyname.local" into the URL bar instead, it appears to do the DNS lookup correctly... but then times out again.
    Ping times look like this at first:
    PING (InternalServer).(companyname).local (172.16.0.5): 56 data bytes
    64 bytes from 172.16.0.5: icmp_seq=0 ttl=128 time=16.605 ms
    64 bytes from 172.16.0.5: icmp_seq=1 ttl=128 time=15.920 ms
    64 bytes from 172.16.0.5: icmp_seq=2 ttl=128 time=16.154 ms
    ^C
    --- (InternalServer).(companyname).local ping statistics ---
    3 packets transmitted, 3 packets received, 0% packet loss
    round-trip min/avg/max/stddev = 15.920/16.226/16.605/0.284 ms
    ... but then if I try it again two seconds later:
    PING (InternalServer).(companyname).local (172.16.0.5): 56 data bytes
    64 bytes from 172.16.0.5: icmp_seq=0 ttl=128 time=727.144 ms
    64 bytes from 172.16.0.5: icmp_seq=1 ttl=128 time=1727.030 ms
    64 bytes from 172.16.0.5: icmp_seq=2 ttl=128 time=2727.260 ms
    64 bytes from 172.16.0.5: icmp_seq=3 ttl=128 time=3726.747 ms
    64 bytes from 172.16.0.5: icmp_seq=4 ttl=128 time=5723.986 ms
    64 bytes from 172.16.0.5: icmp_seq=5 ttl=128 time=5719.810 ms
    64 bytes from 172.16.0.5: icmp_seq=6 ttl=128 time=6720.334 ms
    64 bytes from 172.16.0.5: icmp_seq=7 ttl=128 time=6719.848 ms
    ^C
    --- (InternalServer).(companyname).local ping statistics ---
    15 packets transmitted, 8 packets received, 46% packet loss
    round-trip min/avg/max/stddev = 727.144/4224.020/6720.334/2176.543 ms
    OK, enough for now. Can anyone spot what I might be doing wrong, and/or suggest something to try to remedy this? If there is any additional logging/debug info that would be useful, please ask and I will track it down.
    Thanks very much in advance!!! /HJ

    Problem not entirely solved, but mostly working now. It turns out the issue was with the 3Com OfficeConnect VPN box. It was causing all sorts of headaches and had to be manually power cycled at least once a week, so we ditched it and got a Linux-based Firewall/VPN appliance (http://www.ingate.com/ingate_vpn.php).
    Now I can connect and mount Windows drives via SMB (both the command line and the Finder's "Connect to Server" approach seem to work). Performance still exhibits annoying lags at random times, and occasionally the VPN connection disconnects for no good reason, but at least I can get at my files from home. The other issues -- such as being able to resolve "xxx.yyy.local" addresses in the browser by making sure I hit the internal DNS server before any external ones -- all seem to be network configuration issues on my end.
    In short, my guess is that the 3Com box was causing issues with some low-level timing parameters or other related settings in how the VPN connection was being established. I was just starting to teach myself about ARP tables, NTLMv2 authentication, and the like when we replaced it with the new firewall.
    Hope this helps.
    /Heywood

  • ASA 5505 VPN Connection Issue

    Good morning everyone,
    At my last position I was IT Director whose area of expertise was database and application development. All of the company's networking planning and maintainence I entrusted to my sysadmin, Salvadore. Back in 2004 we began implementing major changes in the network. Salvadore recommended SonicWALL firewalls. He did a fantastic job of securing our valuable server assets. Among the many improvements Salvadore established VPN access to the datacenter assets for mobile employees. What I remember especially well was the ease-of-use: start the VPN Client then RDP to a server or connect with SQL Server, in addition to connecting to all devices on my home network. It was absolutely beautiful!
    Fast forward to today. I have since retired. I do a little bit of daytrading on the side for entertainment. I leased a dedicated server to run an application that runs continuously 24 hours a day, 5 days a week. I contacted Salvadore to do a security audit on the server. As expected the server was under constant assault by bots trying to hack the RDP port. Salvadore recommended a firewall. The datacenter host offered us two choices of Cisco firewalls, one of which we chose: ASA 5505.
    Today I have a secure server which pleases me. The one thing that bothers me however is that I lose access to my home network devices while the VPN Client is connected. Here are the symptoms:
    I cannot send an email with Outlook as I normally do by relaying off of my Internet provider's SMTP server.
    I cannot connect to the TradeStation servers with my TradeStation application using login credentials that are authorized for my home network only.
    I cannot access my Seagate network storage drive.
    This is what I discovered:
    My wireless adapter (which I use from this laptop) identifies itself as "Wireless LAN adapter Wireless Network Connection" in IPCONFIG. IPv4 address is 192.168.0.5. Default Gateway: 192.168.0.1.
    After I connect the VPN Client, IPCONFIG reports a new adapter: "Ethernet adapter Local Area Connection 2". IPv4 address is 10.0.10.4. Default Gateway: 10.0.10.1.
    When I launch Windows Task Manager and click on the Networking tab, I see those two adapters.
    When launch IE and go to bandwidthplace.com to run a test, I see all of the network traffic going over "Ethernet adapter Local Area Connection 2".
    When I disconnect VPN and then rerun the bandwidth test, I see that all of the network traffic now goes over "Wireless LAN adapter Wireless Network Connection".
    This explains all of the symptoms:
    My Internet Provider will only allow me to relay off of their email servers if I am connected to their network.
    TradeStation refuses connection to their network because my credentials do not match my network address.
    There is no Seagate network storage device on the remote server network.
    My questions to the Cisco Support Community are:
    Is this the best I can hope for?
    Must all traffic be routed through the VPN connection?
    Is there any way to route traffic destined for 10.0.*.* through VPN and everything else through the default connection?
    Thank you everyone for your help. I would be happy to provide additional detailed information.

    Hi Brian,
    you can route traffic destined to 10.0.*.* over the VPN and keep normal internet traffic unencrypted over the default connection - this setup is known as VPN Split Tunnelling.
    This doc shows how to setup the access control list and apply this to the tunnel policy.
    Hope this helps
    http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080702999.shtml

  • VPN connection issue - problem accessing individual computers on network

    Hello,
    So far I have set up my XServe for VPN access so I can log into my office mac network from my home mac using the L2TP protocol. The server sits behind a basic router, and the router forwards the following ports direct to the server's IP address (192.168.1.2): ports 500, 4500, 1701 and 548 (AFP).
    The office network uses 192.168.1.x IP range and each computer has a static DHCP map assigned, and each machine also has a unique DNS name to simplify access to them.
    My home mac uses 192.168.0.x range.
    The server has NAT turned off and also the firewall off for the moment, while I test everything.
    The VPN is set to provide the IP range 192.168.1.150 to 192.168.1.174 to remote clients, and in the Client Information settings pane it is set for: DNS servers = 192.168.1.2, network routing definitions = 192.168.1.0, netmask 255.255.255.0 (Private) and 0.0.0.0, netmask 0.0.0.0 (Public).
    I can connect fine over VPN from home using internet connect, I am assigned an IP address with the 192.168.1.150-174 range and can connect through the "Go" menu's "Connect to server..." directly to the server on 192.168.1.2. What I cannot do is use this method to connect to any other computer on the network (for example 192.168.1.5), nor can I use DNS names to reach them.
    In the internet connect app I set the DNS server as 192.168.1.2, is this correct? Also, do I need to open port 53 (DNS) on my router? Is there something else I have overlooked as this is all new to me.
    Thanks for your help.

    OK, sorry my bad. The macs did not have Personal File Sharing enabled, now they have I can link via their individual IP addresses. Doh!
    But I still want use DNS names, can anyone shed any light on that?

  • Connecting to BW system through VPN in Design Studio

    Hi Experts,
    I tried to connect to my client BW system through VPN and used the URL in my Design studio, but when I connect like that the Design Studio is working very slowly and hanging several times,  If I connect to the same system via Lumira it is working fast.
    Can you please suggest me what are the cautions I need to take when I connect to BW system via VPN to make my Design Studio work fast with out hanging several times on my local system.
    Thank you,
    Hari

    Hello Hari
    remember that Design Studio is a live connection and in Lumira you can use a BW offline connection which downloads the data.
    regards
    Ingo Hilgefort, Visual BI

  • We are unable to connect to Integration builder through VPN.

    Hi,
    We are unable to connect to Integration builder through VPN.
    Below are the errors we get:
    a. In two of the PI 7.0 Systems  we get:
         i. Cannot open connection on host x and port y.
         ii.com.sap.engine.services.rmi_p4.P4IOException: Cannot open connection on host: x and port:y
         iii. java.net.SocketException: Malformed reply from SOCKS server
    b. In the other two PI 7.1 systems we get:
         i. MESSAGE ID: com.sap.aii.ib.core.ejbutil.rb_all.SERVER_NOT_AVAILABLE
         ii. com.sap.engine.services.jndi.persistent.exceptions.NamingException: Exception while trying to get InitialContext. [Root exception is com.sap.engine.interfaces.cross.DestinationException: cannot establish connection with any of the available instances:
    uvw.xyz.abc.net:51504 Reason: com.sap.engine.services.rmi_p4.P4IOException: Cannot open connection to host: x and port:y]
         iii. com.sap.engine.interfaces.cross.DestinationException: cannot establish connection with any of the available instances:
    uvw.xyz.abc.net:51504 Reason: com.sap.engine.services.rmi_p4.P4IOException: Cannot open connection to host: x and port: y
    The hosts and ports are accessible. (Telnets and tracerts work fine for all the systems)
    We are able to access the SLD and Runtime workbench on all the environments. However, Integration Builder tools are not accessible.
    Any clue on what the problem might be?
    Thank you,
    Siva.

    Hi Siva,
    When you execute SXMB_IFR from PI, do you get  Integration Builder page?
    Are you trying to directly access the PI server by the known URLs?
    Also, Following links may be of your use:
    Integration Builder -Configuration is not openning?
    Re: unable to logon to Enterprise Services Builder or Integration Builder
    Regards,
    Nipun

  • Do I need to open ports for my services if I am connecting through VPN

    Hi,
    I work in a small office and we are trying to connect people remotely to our server through VPN.
    Using the Server App I managed to make VPN work and successfully connected to our file share points, so that means file sharing worked without opening ports for afp on my Airport router.
    On the other side I cant connect to other services as iCal and Address Book as I am locally in the office. Does that mean I have to open the ports for those services on the router, if yes then why use VPN in the first place.
    Thanks,

    If I understood you correctly:
    External client -> (server.domain.name) -> Router -> Server: is working
    Internal client -> (server.domain.name) -> Router -> Server: is not working
    Internal client -> (local ip) -> Server: is working
    If yes, you can implement a-la "split zone DNS".
    1. On the external DNS your domain name server.domain.name resolved to the external router IP.
    2. You should add record (and zone) server.domain.name to your OS X Lion Server DNS pointing to local IP
    When you are connected to VPN, system sets DNS server to your Lion server and server.domain.name is resolving to local IP.
    When you are working without VPN, system use external DNS and server.domain.name is resolving to external IP.
    Of course, you should open ports for your services on the router is you want to use them from external network.
    I am using this configuration and it works perfectly.

  • WLC 5508 7.0.98.0 has vpn client connection issues

    Hi
    my guest ssid is set to L2 security none and L3 Web policy and authentication local. clients that need to connect to some vpn server (internet) are reporting disconnection issues with the vpn session but not the wireless network. as soon as they get connected via another wireless internet connection the vpn connection gets stable. that makes me thing is in deed the my wireless network the one causing issues.  is there a know issues with the web authentication WLAN and vpn clients?  no firewall in the middle.
    Exclusionlist.................................... Disabled
    Session Timeout.................................. Infinity
    CHD per WLAN..................................... Enabled
    Webauth DHCP exclusion........................... Disabled
    Interface........................................ xxxxxxxxxxxxxxxx
    WLAN ACL......................................... unconfigured
    DHCP Server...................................... Default
    DHCP Address Assignment Required................. Disabled
    --More or (q)uit current module or <ctrl-z> to abort
    Quality of Service............................... Bronze (background)
    Scan Defer Priority.............................. 4,5,6
    Scan Defer Time.................................. 100 milliseconds
    WMM.............................................. Allowed
    Media Stream Multicast-direct.................... Disabled
    CCX - AironetIe Support.......................... Enabled
    CCX - Gratuitous ProbeResponse (GPR)............. Disabled
    CCX - Diagnostics Channel Capability............. Disabled
    Dot11-Phone Mode (7920).......................... Disabled
    Wired Protocol................................... None
    IPv6 Support..................................... Disabled
    Passive Client Feature........................... Disabled
    Peer-to-Peer Blocking Action..................... Disabled
    Radio Policy..................................... All
    DTIM period for 802.11a radio.................... 1
    DTIM period for 802.11b radio.................... 1
    Radius Servers
       Authentication................................ Disabled
       Accounting.................................... Disabled
       Dynamic Interface............................. Disabled
    Local EAP Authentication......................... Disabled
    Security
       802.11 Authentication:........................ Open System
       Static WEP Keys............................... Disabled
       802.1X........................................ Disabled
       Wi-Fi Protected Access (WPA/WPA2)............. Disabled
       CKIP ......................................... Disabled
       Web Based Authentication...................... Enabled
            ACL............................................. Unconfigured
            Web Authentication server precedence:
            1............................................... local
       Web-Passthrough............................... Disabled
       Conditional Web Redirect...................... Disabled
       Splash-Page Web Redirect...................... Disabled
       Auto Anchor................................... Disabled
       H-REAP Local Switching........................ Disabled
       H-REAP Learn IP Address....................... Enabled
       Client MFP.................................... Optional but inactive (WPA2 not configured)
       Tkip MIC Countermeasure Hold-down Timer....... 60
    Call Snooping.................................... Disabled
    Roamed Call Re-Anchor Policy..................... Disabled
    Band Select...................................... Disabled
    Load Balancing................................... Disabled

    Thanks Scott,
    We have two controllers and all the APs (50) are associated with the primary Controller,what is the best path to follow for the upgrade.
    we don't have Field recoversy image installed on our controller, do we have to do the FSU upgrade?
    (Cisco Controller) >show sysinfo
    Manufacturer's Name.............................. Cisco Systems Inc.
    Product Name..................................... Cisco Controller
    Product Version.................................. 7.0.98.0
    Bootloader Version............................... 1.0.1
    Field Recovery Image Version..................... N/A
    Firmware Version................................. FPGA 1.3, Env 1.6, USB console                                                        1.27
    Build Type....................................... DATA + WPS
    System Name...................................... Airespace_01
    System Location..................................
    System Contact...................................
    System ObjectID.................................. 1.3.6.1.4.1.9.1.1069
    IP Address....................................... 10.0.0.201
    Last Reset....................................... Power on reset
    System Up Time................................... 9 days 2 hrs 57 mins 21 secs
    System Timezone Location......................... (GMT -6:00) Central Time (US and Canada)
    Current Boot License Level....................... base
    Current Boot License Type........................ Permanent
    Next Boot License Level.......................... base
    Next Boot License Type........................... Permanent
    Configured Country............................... Multiple Countries:US,CN,DE,TW,HK
    Is the below Upgrade Path make sense ?
    1. Upgrade the Primary controller and reboot- wait till all APs associate with primary controller and download the new image
    2. Upgrade the secondary controller and reboot
    3. Failover the APs to secondary controller and test
    Siddhartha

  • Intune Company Portal iOS app - Connection Issue: Unexpected connection issue occured

    Greetings,
    I am in the process of enrolling an iOS device and I have installed the Intune Company Portal App.  When I attempt to sign in, it starts to redirect me "We are taking you to your company sin-in page" then the app says "Connection Issue,
    an unexpected connection issue occurred.
    However if I attempt to enroll via the web site, "manage.microsoft.com" I am redirected to our companies sing-signon portal which is expected. When I login there it attempt to connect what I think is "manage.microsoft.com" but the
    page never loads.
    Earlier I was able to get to our Companies Portal but there was no option to "Install a Profile" onto the device.
    The Intune Service Dashboard is reporting issues so I am wondering if this is part of the cause.  However when I was able to connect I still did not have any options to install a profile onto the device.
    We are utilizing Intune with Configuration Manager 2012 R2.
    Thoughts or comments are greatly appreciated.
    Cheers

    Hi Jörgen,
    Thank you for the response.  I am able to bring up my company portal page now via the iOS browser which looks like the area to install the managed profile, however their is no option on the screen to "Install".
    When I look at my Intune admin portal, the Enterprise Mobility Suite selection boxes are greyed out and it does not appear from the console I have any options to enable this for my user account.  I am thinking this is the reason
    I am not getting any options to install the manage profiles.  We are integrated with SCCM 2012R2, and I have configured the Intune subscription inside of SCCM and have added the site system roles to the server as well.
    I think part of the issue is we recently enrolled in the Enterprise Mobility Suite and we had a trial of Intune which has expired.  I do have the option in the portal to enable "Microsoft Intune" for my account
    but that service is expired and should have been replaced with the Enterprise Mobility Suite but those options are currently greyed out.
    I don't know if this is going to prompt a call to MS Support to see what is going on with our account.
    Thank You

  • Cannot File share or connect to server through VPN.

    I used to connect to my work server through VPN. During September through December of last year, I had no problem connecting to the server, but I could never file share. A few weeks ago I tried connecting again but I can't. The VPN connection is fine, and there's no problem with the server, but I can't connect to it. I'm pretty sure I haven't changed any of my network settings.
    Any Ideas??

    Just thought I would give this a bump. I recently transferred over to a new computer (I did not import/migrate settings, I reentered them. No longer can I VPN into work. Running 10.5.7 I have entered in the correct DNS settings and the domain. No errors, it says I am connected but I cannot contact any servers or file share. Any thoughts?

Maybe you are looking for

  • Credential Mapping not working

    "Please tell where I am wrong in configuring and calling credential mapper???? I wanted to achieve single sign on using in-built Credential mapping feature of weblogic server.It means using weblogic inner capability. I thought of getting connected to

  • SORT ITAB BY VARIABLE_NAME

    hi, i want to sort the int table with variable parameters, like VKBUR, BUDAT, VKORG, MATNR, etc. for that ive created a char variable of 5 length (say CRIT) and assigned value based on selection criteria by the user. Then, im using SORT ITAB BY CRIT.

  • IMac G5 Garbled Screen / Loud Fan / Overheating

    When I try to start up my iMac G5 (pre iSight), I get the usual chime, and when the screen starts up, I get a surprise every time. Completely garbled, sometimes it looks like fog, other times like garbled information, other times like an old, badly t

  • Balance sheet and cost center

    Hi, I need to seek clarification on this. What baffle me is that, in FB01, if enter balance sheet account, cost center field also available. Why need to have cost center for balance sheet account? Can have few business example why need to have cost c

  • I GET A CORPUT MESSAGE ERROR WHEN TRYING TO INSTALL

    When trying to install firefox 4, I get an errror message that I have a corput file. What can I do to install your product?