Remote access to iPhoto acts wonky...

Hello,
I have tried to access iPhoto via Apple's Remote Desktop and via VNC. The application
starts ok but I cannot get anything more than the thumbnails to show.
If I double click a thumbnail with the default editor I get a black screen. If I set
the editor to Preview I get a blank screen but the thumbnail shows in the side
panel.
Is there a way to use iPhoto via remote access?
Thanks
Jerry

Ok,
I hooked the mini up to the TV and double clicking an image shows the
image in edit mode...
Something strange is going on since if I access my mac book pro via
vnc the edit mode works.
The mini has integrated graphics, the mbp has a dedicated graphics card.
Can't think of any reason for the mac mini to fail to display the images...
Any suggestions?
Jerry

Similar Messages

  • Remote access VPN on ASA5520 Ping Issues.

    Hi I hope someone might be able to help me. I have setup a remote access VPN on an ASA 5520. The VPN client connects ok, accepts my username and password and then I am in. I get an allocated IP address of 172.16.1.1 from the local pool. The problem is that I cannot then ping the inside LAN which is 192.168.1.1. I've got isakmp nat traversal set to default which is 20. I've been looking at this all day and I think I've gone crossed eyed, a fresh pair of eyes are definitley required, so any help would be gratefully received. My config is
    Saved
    ASA Version 7.0(8)
    hostname Hospira-firewall
    enable password 2KFQnbNIdI.2KYOU encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    dns-guard
    interface GigabitEthernet0/0
    speed 100
    duplex full
    nameif outside
    security-level 0
    ip address 213.212.66.52 255.255.255.248
    interface GigabitEthernet0/1
    speed 100
    duplex full
    nameif inside
    security-level 100
    ip address 192.168.1.1 255.255.255.0
    interface GigabitEthernet0/2
    shutdown    
    no nameif
    no security-level
    no ip address
    interface GigabitEthernet0/3
    shutdown
    no nameif
    no security-level
    no ip address
    interface Management0/0
    shutdown
    no nameif
    no security-level
    no ip address
    ftp mode passive
    same-security-traffic permit intra-interface
    access-list NONAT extended permit ip 192.168.1.0 255.255.255.0 172.16.1.0 255.255.255.0
    access-list Split standard permit 192.168.1.0 255.255.255.0
    pager lines 24
    mtu outside 1500
    mtu inside 1500
    ip local pool mypool 172.16.1.1-172.16.1.253 mask 255.255.255.0
    no failover
    asdm image disk0:/asdm-508.bin
    no asdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 0 access-list NONAT
    nat (inside) 1 192.168.1.0 255.255.255.0
    route outside 0.0.0.0 0.0.0.0 213.212.66.49 1
    route outside 172.16.1.0 255.255.255.0 213.212.66.49 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
    timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
    timeout uauth 0:05:00 absolute
    group-policy hospira internal
    group-policy hospira attributes
    vpn-simultaneous-logins 400
    split-tunnel-policy tunnelspecified
    split-tunnel-network-list value Split
    webvpn
    username user password 08S9WUsiSMr3RauN encrypted
    http 0.0.0.0 0.0.0.0 outside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec transform-set hospira esp-3des esp-md5-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto dynamic-map dmap 1 set transform-set hospira
    crypto dynamic-map dmap 1 set security-association lifetime seconds 28800
    crypto dynamic-map dmap 1 set security-association lifetime kilobytes 4608000
    crypto dynamic-map dmap 1 set reverse-route
    crypto map mymap 1 ipsec-isakmp dynamic dmap
    crypto map mymap 2 match address NONAT
    crypto map mymap 2 set security-association lifetime seconds 28800
    crypto map mymap 2 set security-association lifetime kilobytes 4608000
    crypto map mymap interface outside
    isakmp identity address
    isakmp enable outside
    isakmp policy 1 authentication pre-share
    isakmp policy 1 encryption 3des
    isakmp policy 1 hash sha
    isakmp policy 1 group 2
    isakmp policy 1 lifetime 86400
    isakmp policy 65535 authentication pre-share
    isakmp policy 65535 encryption 3des
    isakmp policy 65535 hash sha
    isakmp policy 65535 group 2
    isakmp policy 65535 lifetime 86400
    isakmp nat-traversal  20
    tunnel-group DefaultRAGroup ipsec-attributes
    pre-shared-key *
    tunnel-group hospira type ipsec-ra
    tunnel-group hospira general-attributes
    address-pool mypool
    default-group-policy hospira
    tunnel-group hospira ipsec-attributes
    pre-shared-key *
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    class-map inspection_default
    match default-inspection-traffic
    policy-map global_policy
    class inspection_default
      inspect dns maximum-length 512
      inspect ftp
      inspect h323 h225
    inspect h323 ras
      inspect netbios
      inspect rsh
      inspect rtsp
      inspect skinny
      inspect esmtp
      inspect sqlnet
      inspect sunrpc
      inspect tftp
      inspect sip
      inspect xdmcp
      inspect icmp
      inspect icmp error
    service-policy global_policy global
    Cryptochecksum:98f85c39a5cbffe66b0f6585d5083c7c
    : end
    Many thanks

    Hi Richard ,
    - we don't need access-list with RA connection , we have the dynamic map that acts as a template , so your crypto config :
    crypto map mymap 1 ipsec-isakmp dynamic dmap
    crypto map mymap 2 match address NONAT
    crypto map mymap 2 set security-association lifetime seconds 28800
    crypto map mymap 2 set security-association lifetime kilobytes 4608000
    crypto map mymap interface outside
    map with seq 1 is being binded to the dynamic map , now map 2 you are using the nonat access list as the encryption trigger for this map , so this should not be there as it encrypt traffic from the inside subnet to the pool .
    please remove the second entry, then test if not working please provide a capture from the inside interface .
    HTH
    Mohammad.

  • How can I remotely access my computer from a different location on Apple Remote Desktop?

    I downloaded Apple Remote Desktop and am trying to access our computer at our church that is in the auditorium and work on slides for ProPresenter from my office which is on a different network. The Mac Pro, which is in the auditorium, is connected to a Netgear wireless router. I would also want to be able to have access to observe and control the screen on the Mac Pro whether I am in my office or at my house. I have tried everything from going to portforward.com, followed those instructions, did port forwarding, used ipchicken.com to get my external IP and made sure that the Mac Pro had a static internal IP address and made sure the computer had access for remote management. Any help to resolve this issue would be greatly appreciated! Works fine when it is on the same wireless network, but I need access being on a different wireless network. Thanks!

    Hi austinmac14,
    So the steps listed bellow assume some things. They assume that the Airport Extreme Router your configuring is connected directly to the internet connection. And that the Airport Extreme is the only router between your computers and the internet.
    That means we're talking about say a DSL modem plugged directly into the Airport Extreme, or a cable modem. in ether case, this assumes that said modem, is not acting as an internet router.
    If your modem has multiple ethernet ports on it, or has a little antenna sticking out of it, then your modem is probable also a router, and these steps listed bellow will probable not work.
    Also these steps are so one person, can connect to one computer at your work.
    Open Airport Utility:
    go to the dock
    Click on the finder
    go to the menu bar
    Click on the "Go" menu
    Chose "Utilities" from the "Go" Menu
    double Click on "AirPort Utility"
    Access the Base Station:
    Double Click on your Airport Extreme BaseStation that is your internet connection router.
    a new window should pop up with your Airport Base Station as the Window Name
    Configure Static Address for the computer you want to connect to via ARD:
    Click on the internet Icon from the toolbar
    Click on the "DHCP" tab
    For "DHCP Reservations:"  Click on the "+" button
    For the "Description" put "ARD"
    For "Reserve Address by:"  set "DHCP Client ID"
    Click the "Continue" button
    For "DHCP Client ID:" set "ARD"
    write down the number in "IPv4" address field
    Click the "Done" Button
    Configure routing to ARD computer:
    Click on the "Advanced" icon from the tool bar.
    Click on the "Port Mapping" tab
    Click on the "+" button
    for "Service:" Chose "Apple Remote Desktop"
    for "Private IP Address:" copy the exact IP address you wrote down in step "3. 8)"
    Click the "Continue" button
    Click the "Done" button
    Click the "+" button
    For the pulldown menu "Service:" Chose "Remote Apple Events"
    for "Private IP Address:" copy the exact IP address you wrote down in step "3. 8."
    Click the "Continue" button
    Click the "Done" button
    Click the "+" button
    For the pulldown menu "Service:" Chose "Remote Login - SSH"
    for "Private IP Address:" copy the exact IP address you wrote down in step "3. 8."
    Click the "Continue" button
    Click the "Done" button
    Click the "Update" button.
    wait for the Airport Extreme to update, and for your computer to reconnect to the airport extreme. (make sure you can load and browse websites.)
    Configure the ARD computer to use the correct IP address:
    Go to the computer you want to be able to remotely connect to
    On that computer, Go to the menu bar
    Chose the "Apple" menu bar
    Chose "System Preferences…"
    Click on the "Show All" button
    Click on the "Network" icon
    For the active network connection, (the connection on the left side with the green dot), click on it
    Clock on the "Advanced…" button
    Click on the "TCP/IP" tab
    for the "DHCP Cient ID: field put "ARD".
    Click the "OK" button
    Click the "Apply" buttonNOTE: Under "Status" you should see "(connection name) is connected to (airport base station name) and has the IP address (IP address)." the "(IP address)" address displayed should match the IP address you wrote down in step "3. 8."
    Find out what your public internet IP address is.
    On the computer you wish to connect to over the internet, gotohttp://whatismyipaddress.com/
    when the web page loads, you should see "IP Information:" fallow by a number like 192.168.0.1, write down what ever number it is.
    At this point you should be able to connect to the computer remotely
    connect to the internet from another location.
    open Apple Remote Desktop
    go to the file menu
    chose connect to computer using ip address
    set the address to the address to the IP address you wrote down for step 6. 2.
    use the same password as you used to connect to the computer at work using ARD.
    So here the catch. If your router gets reset... well then your going to have to configure it again. Also all the same rules you have to connect to the computer at work, also apply to connecting to the computer from over the local network. That means your computer need to be on or sleeping. And if it's sleeping it need to be configure to wake for network access.
    Also some network connections change.  When it comes to internet connections, some connections are static IP, while other connections are DHCP. If your connection is static... great! if it's DHCP, your address may change. If it dose.. well then your ability to connect will break. And then you'd have to do step 6 & 7 again.
    Of corse there are ways around this. But that's kind of another conversation.
    Some internet locations may block your ability to connect to your computer at work. This is very common at schools, and companies. Basically any place that tries to control your ability to browse the internet, may block remote access to computers; because a remote computer would completely by pass their web filter.
    ALSO there is an easier option. As far as setup. There are programs designed to make remotely accessing your mac as easy as possible. For instance there is LogMeIn or Slack. With both of these programs, it's simple. make sure your computer is always on. Then install the software. Create an account with the service. And then you can connect to the computer almost any where by going to their website.
    This option requires no router configuration. It handles DHCP. It's designed to work in as many locations as possible.

  • One username for two tunnel in IPSec remote access vpn + ACS for authentication

    Hi all,
    I want to set up a username which can be used for two different IPSec tunnel (i.e. username USER1 can be used in tunnel TUN1 and TUN2). Can anyone help me how to do this? My current configuration is that I tied the username to tunnel group using group-lock (RADIUS property) so a username can only be used for a particular remote access vpn tunnel (USER1 can only be used for TUN1). I have already tried to enable multiple entry for group lock in ACS (by manipulating the dictionaru setting in ACS), but it seems that authentication still takes the first group and can not take the second group.

    You'd have to create a new AAA server group pointing to servers in the new domain for authentication.
    Then make a new connection profile that uses that AAA server group.
    Your users would have to choose the connection profile (absent some more advanced tricks like issuing them user certificates that can be checked for attributes which map to one profile or another).
    This could also be done with ISE 1.3 which can act as the RADIUS server and join to multiple AD domains on the backend as identity stores. (or even with ISE 1.2 if you use one of the AD directories as an LDAP store vs. native AD).

  • IMac either or has been remotely accessed, has malicious code, is hacked and/or all of the aforementioned or something that I have not yet researched. With my health issues, my Mac keeps me from thinking about the pain and disability I have. Thank you.

    Hello,
    I'm giving it one more chance and then Mac goes into trash. My iMac is either remotely accessed, perhaps malicious code, hacked and/or all of the aforementioned. I am not savvy in these areas. Please read some of the many symptoms and if you can assist me -- I am beyond grateful.  If you want to say it is my fault because I allowed somebody to use my computer or other nonsense please do not waste my time or yours. This is serious and has been going on for a period of time that is longer then I can remember!
    I have a neighbor, lives in my apartment building, 'had' physical access to my iMac.  Shortly after this I started to have problems that beyond any nightmare I have ever heard of - whether it be Windows or Apple!  Please feel free to ask me any question(s) that might help me rid my iMac of this malicious act as the police have been useless -- say they do not have equipment to check my Mac. FBI can't b bothered.
    It is more then clear that a person(s) has access and has messed up the OS, among other terrible things.  He took over my Facebook account months ago, posted as though he was me. He also prevented me from getting back into FB and Yahoo to close those connected accounts.  Went to an Apple store, under protection of their router and removed FB/Yahoo accounts.  The pages that were showing at home turned out to be fake pages controlled by him. (Think they are called "defaced").
    Anytime I did a 7X or zero out clean install -- he was there before I even hooked up the router!!!
    It came to a point that I can no longer even get to the erase/Utility/install from my apartment so I took it to Apple more then once. Besides erase/install, I turned off ALL Sys Preferences that could alert him to Mac. The last time I received a gray Install CD and was told to take it out of the building and do another erase/install.  There is no sense of going through this until I know if/how to get rid of him.
    Also when I first sign on I ALWAYS get a 192.168.100.11.  I do NOT have a router. I then go to System Preferences to Network and click "renew DHCP" several times before I get an IP addy!  I am not savvy in this area but do feel that this is a major clue.
    Passwords have been changed, master password is not something I can access which prevents me updating, etc., etc.
    I will not bombard you with every detail as that would take several pages. I am beyond desperate. Will be happy to provide further details to serious responders only.
    Thank you.
    'REQUIRE ASSISTANCE'
    Heartfelt sympathy to the many family members, friends, people who loved Steve Jobs even though they never met him -- RIP Steve. You are missed.

    If you really believe that your system has been compromised, here's what you do:
    Disconnect your Mac from your cable modem;
    Back up any documents on your system that are important to you;
    Boot your Mac from the system installation disks that came with it (insert the disk, restart your Mac, and hold down the "c" key until you get the "spinning gear" icon);
    Choose a language and click the arrow button to continue;
    From the Utilities menu, choose Disk Utility;
    In Disk Utility, select your computer's hard drive;
    Click the "Erase" tab;
    Click the "Security Options" button and select to have it overwrite all the data on the hard drive;
    Click the "Erase" button and allow it to process;
    Once the "erase process has completed (it will take a while), reinstall Mac OS X.
    Or, if this is too much for you to accomplish on your own, take your system to an Apple Store and have them help you perform these steps. If your system was indeed compromised, this will remove any such hack. You can then set up a new user account for the computer, reinstall your applications (reinstall only from original disks or downloads from the company making the software) and documents, and reconnect to the Internet.
    Note that when you reconnect to the cable modem, you may still get an IP address starting with 198. This is normal with some cable modems and probably not a cause for concern. It will not be an indication that your system is still compromised; that will not be possible if you perform all the above steps.
    Regards.

  • [SOLVED] Cups 2.0 remote access issues

    After CUPS recent upgrade to 2.0 both my cups server and client stopped working. In particular, I cannot even get to the administration pages from remote access.
    I can get to CUPS's  home page, but I get an error as soon as I try to access any other page. The error I get in the browser (firefox) is
    Unable to connect
    Firefox can't establish a connection to the server at ....
    Following wiki instructions, in my cupsd.conf file I have replaced the standard
    Listen localhost:631
    with the ip range for the local network
    Listen 192.168.0.0/24:631
    and I have added
    <Location />
    Order allow,deny
    Allow from @LOCAL
    </Location>
    # Restrict access to the admin pages...
    <Location /admin>
    Order allow,deny
    Allow from @LOCAL
    </Location>
    # Restrict access to configuration files...
    <Location /admin/conf>
    AuthType Basic
    Require user @SYSTEM
    Order allow,deny
    Allow From @LOCAL
    </Location>
    DefaultEncription Never
    Unfortunately, nothing has changed. I still get the same error in the browser and I cannot access the admin pages (or any page other than the home page).
    Help is greatly appreciated.
    Stefano
    Last edited by stefano (2014-11-08 15:27:03)

    clfarron4 wrote:
    Guzzista wrote:
    Same here, I discovered my file sshd.service disappeared on the server. I get the error
    # systemctl start cupsd
    Failed to start cupsd.service: Unit cupsd.service failed to load: No such file or directory.
    Don't know how to solve for now
    Unless it's a custom service file your relying on, the service has been re-named.
    Unfortunately, that's not where my problem lies. I was aware of the renaming issue and had acted accordingly.
    Still looking for solutions.
    S.

  • Was my computer remotely accessed?

    I was on iTunes, and a shared folder thing popped up on the left. It contained a vulgar word and had the lock symbol on it. Shortly after I saw this, my iPhoto randomly opened up and started to browse through pictures. I was NOT touching the keyboard or the trackpad. It scared me, so I immediately hit Command+Q to quit both iPhoto and iTunes. This seemed to solve it, as nothing else happened. I also shut down my Wifi. I then went into Settings to see if any of my sharing options were turned on, and they were not. I wanted to see if the folder thing had gone away in iTunes, so I turned my Wifi back on and went into iTunes. The folder was still there, but nothing happened this time. Was my computer remotely accessed?

    When on a public network, you should activate the built-in firewall in the Security & Privacy preference pane. However, I doubt that this was an intrusion, unless perhaps you have some kind of third-party screen sharing software installed, such as "TeamViewer." Even then, you'd have to launch it and sign in for anything to happen.

  • Can you access your iPhoto on your MAC from a different device?

    My Mac, which is my housing source for all photos from the past 7 years. Is there any way to access my iPhoto and it's contents from a different device WITHOUT using iCloud? I have iCloud, but I don't believe that I ever connected it with my MAC.

    Where is your laptop?  You might be able if you have file sharing setup and remote access enabled on it.  However the laptop whould have to be setup to allow you access remotely.  You can learn more about that by asking in the forum for the system that is running on the laptop.
    OT

  • Remote Access VPN Clients Cannot Access inside LAN

    I have been asked to set up remote access VPN on an ASA 5505 that I previously had no invlovement with.  I have set it up the VPN using the wizard, they way I normally do, but the clients have no access to anything in the inside subnet, not even the inside interface IP address of the ASA.  Thay can ping each other.  The remote access policy below that I am working on is labeled VPNPHONE, address pool 172.16.20.1-10.  I do not need split tunneling to be enabled.  The active WAN interface is the one labeled outside_cable.
    : Saved
    ASA Version 8.2(1)
    hostname ASA5505
    domain-name default.domain.invalid
    enable password eelnBRz68aYSzHyz encrypted
    passwd eelnBRz68aYSzHyz encrypted
    names
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.100.1 255.255.255.0
    interface Vlan2
    nameif outside
    security-level 0
    pppoe client vpdn group dataDSL
    ip address 76.244.75.57 255.255.255.255 pppoe
    interface Vlan3
    nameif dmz
    security-level 50
    ip address 192.168.9.1 255.255.255.0
    interface Vlan10
    nameif outside_cable
    security-level 0
    ip address 50.84.96.178 255.255.255.240
    interface Ethernet0/0
    switchport access vlan 2
    interface Ethernet0/1
    switchport access vlan 10
    interface Ethernet0/2
    switchport access vlan 3
    interface Ethernet0/3
    interface Ethernet0/4
    interface Ethernet0/5
    interface Ethernet0/6
    interface Ethernet0/7
    ftp mode passive
    clock timezone CST -6
    clock summer-time CDT recurring
    dns server-group DefaultDNS
    domain-name default.domain.invalid
    same-security-traffic permit intra-interface
    object-group service Netbios udp
    port-object eq 139
    port-object eq 445
    port-object eq netbios-ns
    object-group service Netbios_TCP tcp
    port-object eq 445
    port-object eq netbios-ssn
    object-group network DM_INLINE_NETWORK_1
    network-object host 192.168.100.177
    network-object host 192.168.100.249
    object-group service Web_Services tcp
    port-object eq ftp
    port-object eq ftp-data
    port-object eq www
    port-object eq https
    object-group network DM_INLINE_NETWORK_10
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network DM_INLINE_NETWORK_11
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network DM_INLINE_NETWORK_2
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network DM_INLINE_NETWORK_3
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network DM_INLINE_NETWORK_4
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network DM_INLINE_NETWORK_5
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network DM_INLINE_NETWORK_6
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network DM_INLINE_NETWORK_7
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network DM_INLINE_NETWORK_8
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network DM_INLINE_NETWORK_9
    network-object host 192.168.9.10
    network-object host 192.168.9.4
    object-group network VPN
    network-object 192.168.255.0 255.255.255.0
    access-list outside_access_in extended permit icmp any host 76.244.75.61
    access-list outside_access_in extended permit tcp any host 76.244.75.61 eq ftp
    access-list outside_access_in extended permit tcp any host 76.244.75.61 eq ftp-data
    access-list outside_access_in extended permit tcp any host 76.244.75.62 eq www
    access-list outside_access_in extended permit tcp any host 76.244.75.62 eq https
    access-list outside_access_in extended permit tcp any host 76.244.75.59 eq www
    access-list outside_access_in extended permit tcp any host 76.244.75.59 eq https
    access-list outside_access_in extended permit tcp any host 76.244.75.60 eq www
    access-list outside_access_in extended permit tcp any host 76.244.75.60 eq https
    access-list outside_access_in extended permit tcp any host 76.244.75.58 eq www
    access-list outside_access_in extended permit tcp any host 76.244.75.58 eq https
    access-list dmz_access_in remark Quickbooks
    access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_6 host 192.168.100.5 eq 56719
    access-list dmz_access_in remark Quickbooks range
    access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_7 host 192.168.100.5 range 55333 55337
    access-list dmz_access_in extended permit udp object-group DM_INLINE_NETWORK_8 host 192.168.100.5 eq 1434
    access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_9 host 192.168.100.5 eq 49398
    access-list dmz_access_in remark QB
    access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_10 host 192.168.100.5 eq 8019
    access-list dmz_access_in extended permit udp object-group DM_INLINE_NETWORK_2 host 192.168.100.5 eq 2638
    access-list dmz_access_in extended permit udp object-group DM_INLINE_NETWORK_11 host 192.168.100.5 object-group Netbios
    access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_3 host 192.168.100.5 object-group Netbios_TCP
    access-list dmz_access_in extended deny ip host 192.168.9.4 host 192.168.100.5 inactive
    access-list dmz_access_in extended permit udp object-group DM_INLINE_NETWORK_4 any
    access-list dmz_access_in extended permit tcp object-group DM_INLINE_NETWORK_5 any
    access-list dmz_access_in remark Printer
    access-list dmz_access_in extended permit ip 192.168.9.0 255.255.255.0 object-group DM_INLINE_NETWORK_1
    access-list dmz_access_in extended permit tcp 192.168.9.0 255.255.255.0 any object-group Web_Services
    access-list dmz_access_in extended permit udp 192.168.9.0 255.255.255.0 any eq domain
    access-list dmz_access_in extended permit icmp 192.168.9.0 255.255.255.0 192.168.255.0 255.255.255.0 echo-reply
    access-list dmz_access_in extended permit icmp 192.168.9.0 255.255.255.0 192.168.100.0 255.255.255.0 echo-reply log disable
    access-list dmz_access_in remark QB probably does not need any udp
    access-list dmz_access_in extended permit udp host 192.168.9.4 host 192.168.100.5 eq 55333 inactive
    access-list dmz_access_in remark QB included in other rule range
    access-list dmz_access_in extended permit tcp host 192.168.9.4 host 192.168.100.5 eq 55333 inactive
    access-list dmz_access_in remark May be required for Quickbooks
    access-list dmz_access_in extended permit icmp host 192.168.9.4 host 192.168.100.5
    access-list CAD_capture extended permit ip host 192.168.9.4 host 192.168.100.5
    access-list CAD_capture extended permit ip host 192.168.100.5 host 192.168.9.4
    access-list inside_nat0_outbound extended permit ip any 192.168.255.0 255.255.255.0
    access-list inside_nat0_outbound extended permit ip any 192.168.255.0 255.255.255.240
    access-list inside_nat0_outbound extended permit ip any 172.16.10.0 255.255.255.240
    access-list inside_nat0_outbound extended permit ip any 172.16.20.0 255.255.255.240
    access-list cad_supplies_RAVPN_splitTunnelAcl standard permit 192.168.100.0 255.255.255.0
    access-list cad_supplies_RAVPN_splitTunnelAcl standard permit 192.168.9.0 255.255.255.0
    access-list dmz_nat0_outbound extended permit ip any 192.168.255.0 255.255.255.0
    access-list outside_cable_access_in extended permit icmp any host 50.84.96.182
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.182 eq ftp
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.182 eq ftp-data
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.183 eq www
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.183 eq https
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.180 eq www
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.180 eq https
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.181 eq www
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.181 eq https
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.179 eq www
    access-list outside_cable_access_in extended permit tcp any host 50.84.96.179 eq https
    access-list Local_LAN_Access standard permit host 0.0.0.0
    access-list vpnusers_spitTunnelACL extended permit ip 192.168.100.0 255.255.255.0 any
    access-list nonat-in extended permit ip 192.168.100.0 255.255.255.0 172.16.20.0 255.255.255.0
    pager lines 24
    logging enable
    logging buffered informational
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    mtu dmz 1500 
    mtu outside_cable 1500
    ip local pool VPN_IP_range 192.168.255.1-192.168.255.10 mask 255.255.255.0
    ip local pool VPN_Phone 172.16.20.1-172.16.20.10 mask 255.255.255.0
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    nat-control
    global (outside) 10 interface
    global (outside_cable) 10 interface
    nat (inside) 0 access-list nonat-in
    nat (inside) 10 0.0.0.0 0.0.0.0
    nat (dmz) 0 access-list dmz_nat0_outbound
    nat (dmz) 10 0.0.0.0 0.0.0.0
    static (inside,outside) 76.244.75.62 192.168.100.25 netmask 255.255.255.255 dns
    static (dmz,outside) 76.244.75.61 192.168.9.123 netmask 255.255.255.255 dns
    static (dmz,outside) 76.244.75.59 192.168.9.124 netmask 255.255.255.255 dns
    static (dmz,outside) 76.244.75.58 192.168.9.4 netmask 255.255.255.255 dns
    static (inside,dmz) 192.168.100.0 192.168.100.0 netmask 255.255.255.0
    static (dmz,outside) 76.244.75.60 192.168.9.10 netmask 255.255.255.255 dns
    static (inside,outside_cable) 50.84.96.183 192.168.100.25 netmask 255.255.255.255 dns
    static (dmz,outside_cable) 50.84.96.182 192.168.9.123 netmask 255.255.255.255 dns
    static (dmz,outside_cable) 50.84.96.180 192.168.9.124 netmask 255.255.255.255 dns
    static (dmz,outside_cable) 50.84.96.179 192.168.9.4 netmask 255.255.255.255 dns
    static (dmz,outside_cable) 50.84.96.181 192.168.9.10 netmask 255.255.255.255 dns
    access-group outside_access_in in interface outside
    access-group dmz_access_in in interface dmz
    access-group outside_cable_access_in in interface outside_cable
    route outside_cable 0.0.0.0 0.0.0.0 50.84.96.177 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    dynamic-access-policy-record DfltAccessPolicy
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    http 192.168.100.0 255.255.255.0 inside
    http 204.107.173.0 255.255.255.0 outside
    http 204.107.173.0 255.255.255.0 outside_cable
    http 0.0.0.0 0.0.0.0 outside_cable
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac
    crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport
    crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
    crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
    crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
    crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
    crypto map outside_cable_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_cable_map interface outside_cable
    crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map interface outside
    crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map inside_map interface inside
    crypto isakmp enable inside
    crypto isakmp enable outside
    crypto isakmp enable outside_cable
    crypto isakmp policy 10
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    crypto isakmp policy 30
    authentication pre-share
    encryption 3des
    hash md5
    group 2
    lifetime 86400
    telnet 192.168.100.0 255.255.255.0 inside
    telnet timeout 5
    ssh 192.168.100.0 255.255.255.0 inside
    ssh 204.107.173.0 255.255.255.0 outside
    ssh 204.107.173.0 255.255.255.0 outside_cable
    ssh 0.0.0.0 0.0.0.0 outside_cable
    ssh timeout 15
    console timeout 0
    vpdn group dataDSL request dialout pppoe
    vpdn group dataDSL localname [email protected]
    vpdn group dataDSL ppp authentication pap
    vpdn username [email protected] password *********
    dhcpd address 192.168.100.30-192.168.100.99 inside
    dhcpd dns 192.168.100.5 68.94.156.1 interface inside
    threat-detection basic-threat
    threat-detection statistics port
    threat-detection statistics protocol
    threat-detection statistics access-list
    threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
    webvpn
    group-policy DefaultRAGroup internal
    group-policy DefaultRAGroup attributes
    dns-server value 192.168.100.5
    vpn-tunnel-protocol IPSec l2tp-ipsec
    group-policy cad_supplies_RAVPN internal
    group-policy cad_supplies_RAVPN attributes
    vpn-tunnel-protocol IPSec
    split-tunnel-policy tunnelspecified
    split-tunnel-network-list value cad_supplies_RAVPN_splitTunnelAcl
    group-policy VPNPHONE internal
    group-policy VPNPHONE attributes
    dns-server value 192.168.100.5
    vpn-tunnel-protocol IPSec
    split-tunnel-policy excludespecified
    split-tunnel-network-list value Local_LAN_Access
    client-firewall none
    client-access-rule none
    username swinc password BlhBNWfh7XoeHcQC encrypted
    username swinc attributes
    vpn-group-policy cad_supplies_RAVPN
    username meredithp password L3lRjzwb7TnwOyZ1 encrypted
    username meredithp attributes
    vpn-group-policy cad_supplies_RAVPN
    service-type remote-access
    username ipphone1 password LOjpmeIOshVdCSOU encrypted privilege 0
    username ipphone1 attributes
    vpn-group-policy VPNPHONE
    username ipphone2 password LOjpmeIOshVdCSOU encrypted privilege 0
    username ipphone2 attributes
    vpn-group-policy VPNPHONE
    username ipphone3 password LOjpmeIOshVdCSOU encrypted privilege 0
    username ipphone3 attributes
    vpn-group-policy VPNPHONE
    username oethera password WKJxJq7L6wmktFNt encrypted
    username oethera attributes
    vpn-group-policy cad_supplies_RAVPN
    service-type remote-access
    username markh password nqH+bk6vj0fR83ai0SAxkg== nt-encrypted
    username markh attributes
    vpn-group-policy cad_supplies_RAVPN
    tunnel-group DefaultRAGroup general-attributes
    default-group-policy DefaultRAGroup
    tunnel-group DefaultRAGroup ipsec-attributes
    pre-shared-key *
    tunnel-group DefaultRAGroup ppp-attributes
    authentication ms-chap-v2
    tunnel-group cad_supplies_RAVPN type remote-access
    tunnel-group cad_supplies_RAVPN general-attributes
    address-pool VPN_IP_range
    default-group-policy cad_supplies_RAVPN
    tunnel-group cad_supplies_RAVPN ipsec-attributes
    pre-shared-key *
    tunnel-group VPNPHONE type remote-access
    tunnel-group VPNPHONE general-attributes
    address-pool VPN_Phone
    default-group-policy VPNPHONE
    tunnel-group VPNPHONE ipsec-attributes
    pre-shared-key *
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    parameters
      message-length maximum 1500
    policy-map global_policy
    class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect rsh
      inspect rtsp
      inspect sqlnet
      inspect skinny 
      inspect sunrpc
      inspect xdmcp
      inspect sip 
      inspect netbios
      inspect tftp
    service-policy global_policy global
    prompt hostname context
    Cryptochecksum:8b25ecc61861a2baa6d2556a3679cc7c
    : end

    Hi,
    You have your "group-policy" set so that you have excluding some networks from being tunneled.
    In this access-list named Local_LAN_Access you specify "0.0.0.0"
    Doesnt this mean you are excluding all networks from being tunneled? In other words no traffic goes to your tunnel.
    This access-list should only contain your local LAN network from where you are connecting with the VPN Client. If you dont need to access anything on your local LAN while having the VPN on, you don't even need this setting on. You could just tunnel all traffic instead of excluding some networks.
    - Jouni

  • Is there a way of remote accessing 'Games and More' on a mobile?

    I am new to the forum, please excuse me if I am in the wrong space!
    Is there a way of remotely accessing/executing Java applications that are residing in the 'Games and More.' folder on a mobile device?
    e.g. Java application is downloaded into 'Games and More' and there is a requirement to execute the program from an ODP (On-Device-Portal). The ODP is external to the 'Games and More' folder but within the same mobile device.
    Many thanks
    Ian

    IVM wrote:
    Is there a way of remotely accessing/executing Java applications that are residing in the 'Games and More.' folder on a mobile device? No.
    db

  • How to set up my elderly parent with Mac so that I can use remote access to help her?

    I want to set my elderly mother up with a new Mac mini so that I can use remote access to show her how use email, browse the internet, share photos.  (She lives in KY, I live in OR)
    She has had an iPhone and an iPad for about 6 months and she can barely use them without becoming frustrated.   I want to be able to see her screen with her and show her how to do things.
    My plan is to set her up with a Mac mini and I'll use my MacBookAir to remote into her system.  I'm buying the mini to configure and then I'll mail it to her.
    My question is whether to try to use Back to My Mac or Teamviewer for remote access
    I have broadband with comcast and she has broadband with Access Cable.  Each have their company modem/routers--neither of us have Airport Express.
    I have my own iCloud account and she has her own.   If I use Back to My Mac, it seems that I would need to set up a separate account on my Mac that would sync to her iCloud account.
    Teamviewer seems easier because I don't have to use a separate account.   Any advice?   Anything that I'm not thinking about?

    As Linc says, you can establish a Screen Sharing session via iMessage and Facetime.  The advantage of these 2 approaches is that once your Mom gets used to using them, she will be more comfortable using them to communicate with you.  I've talked to my Mom via iChat (aka iMessage) more since she learned to use them, then in all the years before that (including when I was a child ).  And just being able to see your Mom via Facetime can be useful when you want to gage how she is doing.
    However, if you are any distance from your Mom, they you want backup methods incase something goes wrong.
    So beside iMessage/Facetime, the next best would be Back-to-My-Mac via iCloud, however, you will want to establish her Mac as using your account so that you have the right to take control remotely.
    An alternative that does not mix up your iCloud acounts would be to use TeamViewer.com (which has an unattended mode so you can do off-hour maintenance when your Mom is not around; or check up on her to find out if she is dating - Turns out if I had been paying attention, I would not have been blind-sided by my Mom getting Married again last Summer - she is in her 80's! ).
    LogMeIn.com, as dwb says, can be used the same was as TeamViewer.com
    Both LogMeIn.com and TeamViewer.com are very good at making it easy to get through the home router and if you are having any problems connecting using other Methods, TeamViewer.com or LogMeIn.com will most likely not have any issues.
    Back-to-My-Mac allows screen sharing and file sharing so you can transfer files as well as control the screen.
    Screen Sharing via Messages allows cooperative file transfer. That is to say, you can try pushing a file to your Mom, but she has to accept each transfer.
    TeamViewer.com has an unattended file transfer mode.
    LogMeIn.com requires the paid version to transfer files.  However, there are other ways to transfer files, such as downloading them from the original source on your Mom's system while using screen sharing, using Dropbox (or similar), emailing them, etc...
    Of course if you are really network savvy, you can roll your own via ssh tunnels, port forwarding routers, getting dynamic DNS names, transferring files via scp, or tunneling AFP file sharing, tunneling your screen sharing sessions.  Lots of fun and excitement playing with terminal commands

  • How do I access my iPhoto files with the Mac version of Lightroom 3?

    I dowloaded Lighthouse 3 to my Macbook Pro and I can not
    access my iPhoto files.

    http://lightroomkillertips.com/2010/video-moving-from-iphoto-to-lightroom-3/

  • Remote Access Question...

    Is there a remote access app with which I can open media on a computer or laptop in the apps that support said media or files on my iPad, email these files as a link, email compatable sizes as an attachment, save compatable types to camera roll, Print, view, play, listen to, and read?

    You can use email to send files to your iPad. But the best way to transfer photos, music, documents etc. is to use iTunes on your computer. See page 40 of the iPad User's Manual for information on syncing your iPad using iTunes. The manual is here
    http://support.apple.com/manuals/#ipad

  • Remote access to Time Capsule won't work

    Over the past couple of months I've been doing lots of research and planning into replacing my Mac Pro and old MacBook Pro with a new Mac setup.  I was looking for efficiency, productivity and ultimate portability so the Macbook Pro Retina and Time Capsule grabbed my attention.
    I was interested in the MacBook Pro Retina for work (travel) and home leisure use.  Due to having so much music and video iTunes content, I was interested in purchasing a Time Capsule and a secondary external hard drive, placing all my iTunes content on the Time Capsule which I would then back up to the external hard drive when I was at home.  I would then setup Time Capsule to be accessible over the internet so that I could view my media content through iTunes wherever in the world I was (internet speeds permitting of course).  By doing this I could carry only my work files with me on the 512GB SSD Macbook Pro Retina, but could access the Time Capsule media files remotely, either via wi-fi or by tethering my iPhone 5.
    So I purchased a Time Capsule to test my theory.  I followed online guidance on how to achieve such a setup and using my 2008 MacBook Pro (which runs Snow Leopard) and a friends internet connection I got the system to work.  I was able to remotely contact Time Capsule and watch High Def video content via wireless internet and even tethered to my iPhone.  So I went and purchased a Macbook Pro Retina (running Mountain Lion) and set about setting up the system in the same way.  But this is where something's gone wrong.  I can't connect to the Time Capsule over the internet at all.
    The Air Port utility has been updated to version 6 which is lacking the ability to instruct the Time Capsule to "Allow access over WAN".  I thought I'd make sure it still connected via the internet using my old MacBook Pro, which had definitely worked perfectly just a couple weeks earlier, and that won't work either.  I can't find the option to "Allow access over WAN" within Airport Utility 5.6.1 either?  And the simple apple script application that I wrote (following an online guide) to open the remote connection to Time Capsule with the double left click on an icon has stopped working too.
    I don't pretend to be a network engineer and I'm no I.T. expert, though I usually manage to teach myself what I need to know to sort issues like this out, but this has gotten me really stumped!  I tried downloading an old version of Airport Utility to see if that had the "Allow access over WAN" feature (within the 'Disks' > 'File Sharing' area of Airport Utility) but my Mac OS won't allow the old versions to run.
    Perhaps the version of Airport Utility I used on my Macbook Pro a couple of weeks ago didn't have the "Allow access over WAN" check box either and I just didn't notice - which is likely unless Airport Utility updates itself in the background without any prompts etc.  I certainly didn't notice a software update for it any time over the past few days.  Either way, I don't understand how it could have been working a few days back and now it's suddenly not.
    I used this guides to gain remote access to Time Capsule successfully just a couple of weeks ago:
    http://www.youtube.com/watch?v=SIQ7SzA1cK4
    Can anyone shed any light on the issue and point me toward a fix please?  I'd appreciate the help.

    Thanks LaPastenague.  I'm not sure if I have a static IP but I can confirm it hasn't changed in the past month.
    I've pretty much come to the conclusion that what I want to do isn't really possible using Time Capsule.  Like I mentioned, I had remote access working a couple of weeks ago but it seems like apple have updated the firmware or airport software to remove something that was necessary to remotely connect in the same way.  And even if I did get it working I think it would still be so restrictive, requiring a fast wifi or mobile phone tethered connection to view my media files over the internet.
    I got connected via iCloud and B.T.M.M. but the connection was very slow and video wouldn't stream well at all (painful).  It seems that the speed constraints would make it very frustrating each time I simply wanted to look through my vast iTunes music collection or movie library.  Album covers won't appear either.
    Even if it were possible to connect via a static IP I just don't think that the WAN connection would be stable or fast enough to offer an efficint solution(?), so I'll probably have to by an external portable HD and use Time Capsule for Time Machine and Printer Sharing.
    I wish I could stream my iTunes movies and music successfully over the internet, but right now it just doesn't seem possible.

  • Cannot login to Cisco Jabber 10.5.1 over Mobile and Remote Access

    Hi,
    We have deployed sucessfully VCS Expressway-C and VCS Expressway-E with only 1 zone which is "Unified Communication Traversal" and is for Mobile and Remote Access only. VCS-C and VCS-E are communicating and in statuses everything is active and working. Also VCS-C can communicate with CUCM and CUP (both version 10.5).
    Problem is when I deploy Cisco Jabber 10.5.1 on computer outside of LAN and without VPN it start communicating with VCS-E, ask me for accepting certificate (we have certificate only intenally generated on Windows CA) and after that it is trying to connect and after few seconds it will tell me that it can't communicate with server.
    Did any of you had same problem or can you advice how to troubleshoot? In Jabber logs there is only something like "Cannot authenticate" error message, but when I startup VPN I can authenticate without any problems.
    Thanks

    On Expressway-C are your HTTP Allow Lists setup properly?  By default, and auto discovered CUCM and IMP should be listed via IP and Hostname, but if not, you'll need to insert manually.
    Also, you can look at the config file your Expressway-E would be handing out to Jabber via this method.
    From the internet, browse to:
    https://vcse.yourdomain.com:8443/Y29sbGFiLmNvbQ/get_edge_config?service_name=_cisco-uds&service_name=_cuplogin
    Where:
    vcse is your Expressway-E hostname (or CNAME/A record)
    yourdomain.com is your own domain
    The first directory is your Base64 encoded domain name, remove and trailing equal signs (=)
    The XML returned is basically the DNS SRV record information available as if internal for _cisco-uds and _cuplogin
    TFTP DNS SRV is optional if you configured TFTP in IMP for your Legacy Clients.

Maybe you are looking for