Remote Site FTP log-in & password won't stick.

Similar Messages

• VPN password won't stick

  I enter my VPN password in the Network settings but the password won't stick. I keep getting a dialog box that asks me to re-enter it. This just started to happen. How to fix?
  Thanks in advance,
  Ken

  Hello,
  Is there more than one entry for that account in Keychain Access?
  I mean there should be 2, one for incoming & one for outgoing.
  The Password rejection can confuse people since it's a catch all meaning...
  This Password, Username, Authentication method... is not recognized on this Port to this Server, or a server end problem.
  If using a browser to login via WebMail works it's not Name or Password, but one of the other ones.
  The receiving email ports are:
  IMAP is port 143
  IMAP-SSL is port 993
  POP is port 110
  POP-SSL is port 995
  Outgoing ports are...
  SMTP and SMTP-SSL is on ports 25, 587 and 465. Port 587 has to be SSL, and port 465 is enforced TLS-wrapped and is generally used by Outlook users.
  Is it gMail maybe?
  Gmail send but not receive...
  Here are two steps that have come in handy in related situations
  1) login to gmail on your computer or device via a web browser
  2) once logged in successfully, go to this URL to unlock:
  https://www.google.com/accounts/DisplayUnlockCaptch

• ICloud password won't stick on new airport extreme

  Folks,
  This worked fine until upgrading Mac to Yosemite, which i would imagine has no real bearing on the matter at hand...
  After upgrading to Yosemite, the 'back to my mac' password(iCloud id) will not stick - as soon as i update settings on new airport extreme, password is gone and 'can not connect to iCloud' is back... i have a new airport express that remains logged in. I have rebooted, removed and re-added, no luck - any ideas?
  thanks!

  Thanks Benny!
  I don’t have the problem - I’m just perusing the board trying to learn something new from other people’s problems & answers like yours, that were fixed with a call are useful to see.

• Mail password won't stick

  Hiya,
  Every time I log onto my server to collect Mail, the warning triangle appears next to "Inbox".
  I have to log onto webmail, reset password each time, then it works.
  (However, it seems to send any mail fine though)
  Is it some problem with Mail preferences?
  Thanks

  Carey,
  A couple of things first you make it very difficult to help you when you don't tell us anything about your system. Please complete your Profile by clicking Your Stuff in the upper right of this page then select Preferences and then fill in the pertinent infomation.
  You can also start by using Apple's Mail Setup, Troubleshooting etc.. article.

• Won't remember my auto log in password for SKY...have to manually insert password every time. all other sites are OK..

  whenever I use SKY for my email [ many time a day] - ([email protected]) Firefox won't remember my password (it's in settings - show passwords - so I know its there..) So every time I have to enter it manually - it's becoming a bit of a pain....
  All other sites I access using passwords (YouTube / eBay ect) ALL auito log in properly - I've tried deleting from the saved password list and adding again but it still won't auto log in..what's up...???

  Try this if you met the same problem
  Syndrome:
  The wireless network name appeared on the System Preference>Network>Airport>Advanced>Preferred Networks List, but every time when start computer or wake up, a popup window said "None preferred network is available" and ask me to select a new net work, if I select the same network, the password is there. The system keychain can remember the password but System preference cannot remember the Preferred/Joined wireless network.
  Reason:
  Fix to this problem that strangely centred on the specific location of the “System Preferences.app”, if other than the standard location of the root of the “Applications” folder.
  If you have moved the System Preferences application (not alias, actual app) to any other location for any reason, your newly joined preferred network will NOT be properly remembered and will NEVER be properly rejoined.
  Solution:
  1) Move “System Preferences.app” back to “Applications\”.
  2) Delete all instances of “Preferred Networks” in “Network Preferences”.
  3) Delete all “Airport network password” instances in “Keychain Access”.
  4) Restart your Mac.
  5) Add/Join applicable preferred network using the Airport pulldown menu or in Network Preferences (as if for the first time). Use “Advanced” in “Network Preferences” to confirm the existence of your preferred network and the correct settings. Use “Keychain Access” to confirm the existence of the applicable “Airport network password” instance and the correct settings.
  6) Restart your Mac. The OS should now find your preferred network and join it on its own. Good Luck!
  NOTE: Simply moving back System Preferences will NOT suffice. Deleting and re-adding/joining the preferred network is a must after the app has been moved.

• Cisco ASA 5505 IPSec tunnel won't establish until remote site attempts to connect

  I have a site to site IPSec tunnel setup and operational but periodically the remote site goes down, because of a somewhat reliable internet connection. The only way to get the tunnel to re-establish is to go to the remote site and simply issue a ping from a workstation on the remote network. We were having this same issue with a Cisco PIX 506E but decided to upgrade the hardware and see if that resolve the issue. It ran for well over a year and our assumtions was that the issue was resolved. I was looking in the direction of the security-association lifetime but if we power cycle the unit, I would expect that it would kill the SA but even after power cycling, the VPN does not come up automatically.
  Any assistance would be appreciated.
  ASA Version 8.2(1)
  hostname KRPS-FW
  domain-name lottonline.org
  enable password uniQue
  passwd uniQue
  names
  interface Vlan1
  nameif inside
  security-level 100
  ip address 10.20.30.1 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  ip address xxx.xxx.xxx.xxx 255.255.255.248
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  description Inside Network on VLAN1
  interface Ethernet0/2
  shutdown
  interface Ethernet0/3
  shutdown
  interface Ethernet0/4
  shutdown
  interface Ethernet0/5
  shutdown
  interface Ethernet0/6
  shutdown
  interface Ethernet0/7
  description Inside Network on VLAN1
  ftp mode passive
  dns server-group DefaultDNS
  domain-name lottonline.org
  access-list NONAT extended permit ip 10.20.30.0 255.255.255.0 10.20.20.0 255.255.255.0
  access-list NONAT extended permit ip 10.20.30.0 255.255.255.0 192.168.0.0 255.255.255.0
  access-list NONAT extended permit ip 10.20.30.0 255.255.255.0 192.168.15.0 255.255.255.0
  access-list KWPS-BITP extended permit ip 10.20.30.0 255.255.255.0 10.20.20.0 255.255.255.0
  access-list KWPS-BITP extended permit ip 10.20.30.0 255.255.255.0 192.168.0.0 255.255.255.0
  access-list KWPS-BITP extended permit ip 10.20.30.0 255.255.255.0 192.168.15.0 255.255.255.0
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list NONAT
  nat (inside) 1 0.0.0.0 0.0.0.0
  access-group OUTSIDE_ACCESS_IN in interface outside
  route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 10.20.30.0 255.255.255.0 inside
  http 10.20.20.0 255.255.255.0 inside
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map DYNMAP 65535 set transform-set ESP-AES-256-SHA
  crypto map VPNMAP 1 match address KWPS-BITP
  crypto map VPNMAP 1 set peer xxx.xxx.xxx.001
  crypto map VPNMAP 1 set transform-set ESP-AES-256-SHA
  crypto map VPNMAP 65535 ipsec-isakmp dynamic DYNMAP
  crypto map VPNMAP interface outside
  crypto isakmp enable outside
  crypto isakmp policy 5
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  crypto isakmp policy 65535
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  ssh timeout 5
  console timeout 0
  management-access inside
  tunnel-group xxx.xxx.xxx.001 type ipsec-l2l
  tunnel-group xxx.xxx.xxx.001 ipsec-attributes
  pre-shared-key somekey

  Hi there,
  I had same issue with PIX 506E and it was not even a circuit issue and I got ride of it and problem got fixed with PIX515E
  I don't know, the device is too old to stay alive.
  thanks

• Unable to FTP to remote site

  After upgrading to the Quantum router, I can not FTP to my site using a script that has been working fine for over 10yr.  Here's what happens:
  ftp> open {edited for privacy}
  connected to {edited for privacy}
  Connection refused by remote host
  ftp>
  I've tried with Filzilla and a Mac terminal.  Normally, the remote host asks for a username and then for the PW.  For some reason, the connection is refused.  I've been on the phone to my hosting company for 2wk tomorrow with no success.  
  Does anyone have any suggestions as to what might be wrong.  Upgrading to the Quantum router and the issue occurred at about the same time, but I can't be sure one caused the other.
  Solved!
  Go to Solution.

  Have you tried adjusting the firewall setting in the router?   It may have different settings than your old router.
  I was able to connect to that server through my Quantum router.  I've got the firewall set to "typical."
  ftp> open {edited for privacy}
  Connected to {edited for privacy}.
  220 (vsFTPd 2.3.4)
  User ({edited for privacy}none)):
  331 Please specify the password.
  Password:
  503 Login with USER first.
  Login failed.
  ftp>
  Good Luck.
  If a forum member gives an answer you like, give them the Kudos they deserve. If a member gives you the answer to your question, mark the answer as Accepted Solution so others can see the solution to the problem.

• FTP login and password are not saved on some sites

  On some of my sites the FTP login and password are not saved
  (even though the "saved" box is checked). Dreamweaver 8.0 on XP
  SP2. I can export the site information and then import the same
  file exported and there still will be no login or password placed
  in the login or password window. I opened the exported .ste files
  in notepad and found the login correct and the password incorrect.
  I uninstalled Dreamveaver and reinstalled still same
  problem.

  Ok, I just spent about 3 hours on this. Here's the latest
  that I've found. I had looked at the knowledgebase and my registry
  matched what was suggested. As this has been an ongoing issue for
  me, I thought it was still an issue. Apparently 8.02 did have some
  improvements.
  I can only guess that many of the 36 sites I have in the Site
  Manager lost info before the .02 update.. or I hope so.
  I did however discover that there is still what could be
  considered a minor bug. I went in to Manage Sites and selected edit
  for all of my sites, fixing the ones that had lost their user/pass
  info. I'm not positive, but I think only the last edited site kept
  it's data.
  I discovered after many checks on all the sites, over and
  over and over, that it appears that they are now holding the data,
  but, if I add the user/pass, I must not only click the OK button to
  close that particular site, but I must also click the 'Done' button
  before only that one will be saved.
  So, I thought I was fixing logins when in fact I was only
  fixing one at a time.. Completely closing 'Manage Site' seemed to
  hold one new set of login data each time. Seems that it shouldn't
  be this way.
  But I must say, I am rejoicing at the moment, as I actually
  have all my sites set up with FTP info and I am now looking forward
  to hopefully adding more and maybe they'll actually be available
  for the next editing session.

• Logging in to remote site, reset safari does not clear the user login info?

  I'm logging in to a remote site with a 2 step login.  Authentication then citrix.  User info is not cleared in the authentication portion when I reset safari.  Must be stored somewhere else.  Where should I look?

  Launch the Keychain Access application and search for the server name.

• Remote Site Password Not Saved

  Dreamweaver 8.0.2 does not save the username and password to
  my remote site even though I have checked the box to do so. Once I
  set the username and P/W, it remembers for that session only, but
  fogets it when I restart the application.
  Any fixes?

  Check the Adobe TechNotes (Knowledgebase) for one about I E 7
  and DW.
  Murray --- ICQ 71997575
  Adobe Community Expert
  (If you *MUST* email me, don't LAUGH when you do so!)
  ==================
  http://www.dreamweavermx-templates.com
  - Template Triage!
  http://www.projectseven.com/go
  - DW FAQs, Tutorials & Resources
  http://www.dwfaq.com - DW FAQs,
  Tutorials & Resources
  http://www.macromedia.com/support/search/
  - Macromedia (MM) Technotes
  ==================
  "hurricane51" <[email protected]> wrote in
  message
  news:ek90v0$k2t$[email protected]..
  > Dreamweaver 8.0.2 does not save the username and
  password to my remote
  > site
  > even though I have checked the box to do so. Once I set
  the username and
  > P/W,
  > it remembers for that session only, but fogets it when I
  restart the
  > application.
  >
  > Any fixes?
  >

• I have been trying to get my daughter's iPod Facetime to work. But when we log on it won't let us. When we put in our ID and password it attempts to verify but fails and when we have create a new account and had confirmation email it still wont verify???

  I have been trying to get my daughter's iPod Facetime to work. But when we log on it won't let us. When we put in our ID and password it attempts to verify but fails and when we have create a new account and had confirmation email back it still wont verify???

  Using FaceTime http://support.apple.com/kb/ht4319
  Troubleshooting FaceTime http://support.apple.com/kb/TS3367
  The Complete Guide to FaceTime: Set-up, Use, and Troubleshooting Problems
  http://tinyurl.com/32drz3d
   Cheers, Tom

• Why am I now getting messages about Safari remembering passwords for sites I log in on?

  Why am I now getting messages about Safari remembering passwords on sites I log in on??  This has not happened in the recent past.  Dale

  Safari 6
  You can disable that feature if you want.
  Safari > Preferences > AutoFill
  AutoFill web forms
  Uncheck the box for "User names and passwords".

• Losing ftp userid and password for all sites

  DW CS5 Version 11 Build 4913 on Snow Leopard 10.6.3. My Dreamweaver was updated yesterday I believe. Today, all my sites lost their ftp userids and passwords. I put information back in and now, once again, the information is missing. I don't know what to make of this. Is the problem related to the update or is it just post hoc ergo sum. I have a slight suspicion that Skype (one release behind) might have something to do with this.
  What would you do?
  Thanks in advance,
  Tom

  I think the  problem may be solved. I cleaned out the Mac keychain of related entries, and updated Skype. Interestingly, the Skype keychain entry  had information for one of the web sites. Hmmm.

• Remote site Passwords not saving

  Well, after finding a topic that was very similar, I
  downloaded the update to 8.0.2 and installed it. But my problem
  still persists. Every time I close DW, and then re-open it, the
  remote site passwords are lost again.
  NOTE: after installing the DW8 update, the software doe not
  indicate anywhere that is is upgraded. "About" still says version
  8.0
  All help will be greatly appreciated.

  If the program doesn't say 8.0.2, then it didn't update. Did
  you run the
  installer or just download the file?
  Nancy Gill
  Adobe Community Expert
  Author: Dreamweaver 8 e-book for the DMX Zone
  Co-Author: Dreamweaver MX: Instant Troubleshooter (August,
  2003)
  Technical Editor: DMX 2004: The Complete Reference, DMX 2004:
  A Beginner''s
  Guide, Mastering Macromedia Contribute
  Technical Reviewer: Dynamic Dreamweaver MX/DMX: Advanced PHP
  Web Development
  "KE6IRJ" <[email protected]> wrote in
  message
  news:ep6jp4$k36$[email protected]..
  > Well, after finding a topic that was very similar, I
  downloaded the update
  > to
  > 8.0.2 and installed it. But my problem still persists.
  Every time I
  > close DW,
  > and then re-open it, the remote site passwords are lost
  again.
  >
  > NOTE: after installing the DW8 update, the software doe
  not indicate
  > anywhere
  > that is is upgraded. "About" still says version 8.0
  >
  > All help will be greatly appreciated.
  >

• VPN Clients cannot access remote site

  Hey there,
  I am pretty new in configuring Cisco devices and now I need some help.
  I have 2 site here:
  site A
  Cisco 891
  external IP: 195.xxx.yyy.zzz
  VPN Gateway for Remote users
  local IP: VLAN10 10.133.10.0 /23
  site B
  Cisco 891
  external IP: 62.xxx.yyy.zzz
  local IP VLAN10 10.133.34.0 /23
  Those two sites are linked together with a Site-to-Site VPN. Accessing files or ressources from one site to the other is working fine while connected to the local LAN.
  I configured VPN connection with Radius auth. VPN clients can connect to Site A, get an IP adress from VPN Pool (172.16.100.2-100) and can access files and servers on site A. But for some reason they cannot access ressources on site B. I already added the site B network to the ACL and when connecting with VPN it shows secured routes to 10.133.10.0 and 10.133.34.0 in the statistics. Same thing for other VPN Tunnels to ERP system.
  What is missing here to make it possible to reach remote sites when connected through VPN? I had a look at the logs but could not find anything important.
  Here is the config of site A
  Building configuration...
  Current configuration : 24257 bytes
  version 15.2
  no service pad
  service tcp-keepalives-in
  service tcp-keepalives-out
  service timestamps debug datetime msec localtime show-timezone
  service timestamps log datetime msec localtime show-timezone
  service password-encryption
  service sequence-numbers
  hostname Englerstrasse
  boot-start-marker
  boot config usbflash0:CVO-BOOT.CFG
  boot-end-marker
  aaa new-model
  aaa group server radius Radius-AD
  server 10.133.10.5 auth-port 1812 acct-port 1813
  aaa authentication login default local
  aaa authentication login ciscocp_vpn_xauth_ml_2 group Radius-AD local
  aaa authorization exec default local
  aaa authorization network ciscocp_vpn_group_ml_2 local
  aaa session-id common
  clock timezone Berlin 1 0
  clock summer-time Berlin date Mar 30 2003 2:00 Oct 26 2003 3:00
  crypto pki trustpoint TP-self-signed-27361994
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-27361994
  revocation-check none
  rsakeypair TP-self-signed-27361994
  crypto pki trustpoint test_trustpoint_config_created_for_sdm
  subject-name [email protected]
  revocation-check crl
  crypto pki certificate chain TP-self-signed-27361994
  certificate self-signed 01
    30820227 30820190 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
    2F312D30 2B060355 04031324 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 32373336 31393934 301E170D 31323038 32373038 30343238
    5A170D32 30303130 31303030 3030305A 302F312D 302B0603 55040313 24494F53
    2D53656C 662D5369 676E6564 2D436572 74696669 63617465 2D323733 36313939
    3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100B709
    64CE1874 BF812A9F 0B761522 892373B9 10F0BB52 6263DCDB F9877AA3 7BD34E53
    BCFDA45C 2A991777 4DDC7E6B 1FCEE36C B6E35679 C4A18771 9C0F871F 38310234
    2D89A4FF 37B616D8 362B3103 A8A319F2 10A72DC7 490A04AC 7955DF68 32EF9615
    9E1A3B31 2A1AB243 B3ED3E35 F4AAD029 CDB1F941 5E794300 5C5EF8AE 5C890203
    010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603 551D2304
    18301680 14D0F5E7 D3A9311D 1675AA8F 38F064FC 4D04465E F5301D06 03551D0E
    04160414 D0F5E7D3 A9311D16 75AA8F38 F064FC4D 04465EF5 300D0609 2A864886
    F70D0101 05050003 818100AB 2CD4363A E5ADBFB0 943A38CB AC820801 117B52CC
    20216093 79D1F777 2B3C0062 4301CF73 094B9CA5 805F585E 04CF3301 9B839DEB
    14A334A2 F5A5316F C65EEF21 0B0DF3B5 F4322440 F28B984B E769876D 6EF94895
    C3D5048A A4E2A180 12DF6652 176942F8 58187D7B D37B1F1A 4DDD7AE9 5189F9AF
    AF3EF676 26AD3F31 D368F5
        quit
  crypto pki certificate chain test_trustpoint_config_created_for_sdm
  no ip source-route
  ip auth-proxy max-login-attempts 5
  ip admission max-login-attempts 5
  no ip bootp server
  no ip domain lookup
  ip domain name yourdomain.com
  ip inspect log drop-pkt
  ip inspect name CCP_MEDIUM appfw CCP_MEDIUM
  ip inspect name CCP_MEDIUM ftp
  ip inspect name CCP_MEDIUM h323
  ip inspect name CCP_MEDIUM sip
  ip inspect name CCP_MEDIUM https
  ip inspect name CCP_MEDIUM icmp
  ip inspect name CCP_MEDIUM netshow
  ip inspect name CCP_MEDIUM rcmd
  ip inspect name CCP_MEDIUM realaudio
  ip inspect name CCP_MEDIUM rtsp
  ip inspect name CCP_MEDIUM sqlnet
  ip inspect name CCP_MEDIUM streamworks
  ip inspect name CCP_MEDIUM tftp
  ip inspect name CCP_MEDIUM udp
  ip inspect name CCP_MEDIUM vdolive
  ip inspect name CCP_MEDIUM imap reset
  ip inspect name CCP_MEDIUM smtp
  ip cef
  no ipv6 cef
  appfw policy-name CCP_MEDIUM
    application im aol
      service default action allow alarm
      service text-chat action allow alarm
      server permit name login.oscar.aol.com
      server permit name toc.oscar.aol.com
      server permit name oam-d09a.blue.aol.com
      audit-trail on
    application im msn
      service default action allow alarm
      service text-chat action allow alarm
      server permit name messenger.hotmail.com
      server permit name gateway.messenger.hotmail.com
      server permit name webmessenger.msn.com
      audit-trail on
    application http
      strict-http action allow alarm
      port-misuse im action reset alarm
      port-misuse p2p action reset alarm
      port-misuse tunneling action allow alarm
    application im yahoo
      service default action allow alarm
      service text-chat action allow alarm
      server permit name scs.msg.yahoo.com
      server permit name scsa.msg.yahoo.com
      server permit name scsb.msg.yahoo.com
      server permit name scsc.msg.yahoo.com
      server permit name scsd.msg.yahoo.com
      server permit name cs16.msg.dcn.yahoo.com
      server permit name cs19.msg.dcn.yahoo.com
      server permit name cs42.msg.dcn.yahoo.com
      server permit name cs53.msg.dcn.yahoo.com
      server permit name cs54.msg.dcn.yahoo.com
      server permit name ads1.vip.scd.yahoo.com
      server permit name radio1.launch.vip.dal.yahoo.com
      server permit name in1.msg.vip.re2.yahoo.com
      server permit name data1.my.vip.sc5.yahoo.com
      server permit name address1.pim.vip.mud.yahoo.com
      server permit name edit.messenger.yahoo.com
      server permit name messenger.yahoo.com
      server permit name http.pager.yahoo.com
      server permit name privacy.yahoo.com
      server permit name csa.yahoo.com
      server permit name csb.yahoo.com
      server permit name csc.yahoo.com
      audit-trail on
  parameter-map type inspect global
  log dropped-packets enable
  multilink bundle-name authenticated
  redundancy
  ip tcp synwait-time 10
  class-map match-any CCP-Transactional-1
  match dscp af21
  match dscp af22
  match dscp af23
  class-map match-any CCP-Voice-1
  match dscp ef
  class-map match-any sdm_p2p_kazaa
  match protocol fasttrack
  match protocol kazaa2
  class-map match-any CCP-Routing-1
  match dscp cs6
  class-map match-any sdm_p2p_edonkey
  match protocol edonkey
  class-map match-any CCP-Signaling-1
  match dscp cs3
  match dscp af31
  class-map match-any sdm_p2p_gnutella
  match protocol gnutella
  class-map match-any CCP-Management-1
  match dscp cs2
  class-map match-any sdm_p2p_bittorrent
  match protocol bittorrent
  policy-map sdm-qos-test-123
  class class-default
  policy-map sdmappfwp2p_CCP_MEDIUM
  class sdm_p2p_edonkey
  class sdm_p2p_gnutella
  class sdm_p2p_kazaa
  class sdm_p2p_bittorrent
  policy-map CCP-QoS-Policy-1
  class sdm_p2p_edonkey
  class sdm_p2p_gnutella
  class sdm_p2p_kazaa
  class sdm_p2p_bittorrent
  class CCP-Voice-1
    priority percent 33
  class CCP-Signaling-1
    bandwidth percent 5
  class CCP-Routing-1
    bandwidth percent 5
  class CCP-Management-1
    bandwidth percent 5
  class CCP-Transactional-1
    bandwidth percent 5
  class class-default
    fair-queue
    random-detect
  crypto ctcp port 10000
  crypto isakmp policy 1
  encr 3des
  authentication pre-share
  group 2
  crypto isakmp key REMOVED address 62.20.xxx.yyy 
  crypto isakmp key REMOVED address 195.243.xxx.yyy
  crypto isakmp key REMOVED address 195.243.xxx.yyy
  crypto isakmp key REMOVED address 83.140.xxx.yyy  
  crypto isakmp client configuration group VPN_local
  key REMOVED
  dns 10.133.10.5 10.133.10.7
  wins 10.133.10.7
  domain domain.de
  pool SDM_POOL_2
  acl 115
  crypto isakmp profile ciscocp-ike-profile-1
     match identity group VPN_local
     client authentication list ciscocp_vpn_xauth_ml_2
     isakmp authorization list ciscocp_vpn_group_ml_2
     client configuration address respond
     virtual-template 1
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-SHA3 esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-SHA4 esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-SHA11 esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-3DES-SHA5 esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-SHA1 esp-des esp-sha-hmac
  crypto ipsec profile CiscoCP_Profile1
  set transform-set ESP-3DES-SHA11
  set isakmp-profile ciscocp-ike-profile-1
  crypto map SDM_CMAP_1 1 ipsec-isakmp
  description Tunnel to62.20.xxx.xxx
  set peer 62.20.xxx.xxx
  set transform-set ESP-3DES-SHA
  match address 105
  crypto map SDM_CMAP_1 2 ipsec-isakmp
  description Tunnel to195.243.xxx.xxx
  set peer 195.243.xxx.xxx
  set transform-set ESP-3DES-SHA4
  match address 107
  crypto map SDM_CMAP_1 3 ipsec-isakmp
  description Tunnel to83.140.xxx.xxx
  set peer 83.140.xxx.xxx
  set transform-set ESP-DES-SHA1
  match address 118
  interface Loopback2
  ip address 192.168.10.1 255.255.254.0
  interface Null0
  no ip unreachables
  interface FastEthernet0
  switchport mode trunk
  no ip address
  spanning-tree portfast
  interface FastEthernet1
  no ip address
  spanning-tree portfast
  interface FastEthernet2
  no ip address
  spanning-tree portfast
  interface FastEthernet3
  no ip address
  spanning-tree portfast
  interface FastEthernet4
  description Internal LAN
  switchport access vlan 10
  switchport trunk native vlan 10
  no ip address
  spanning-tree portfast
  interface FastEthernet5
  no ip address
  spanning-tree portfast
  interface FastEthernet6
  no ip address
  spanning-tree portfast
  interface FastEthernet7
  no ip address
  spanning-tree portfast
  interface FastEthernet8
  description $FW_OUTSIDE$$ETH-WAN$
  ip address 62.153.xxx.xxx 255.255.255.248
  ip access-group 113 in
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip nat outside
  ip inspect CCP_MEDIUM out
  no ip virtual-reassembly in
  ip verify unicast reverse-path
  duplex auto
  speed auto
  crypto map SDM_CMAP_1
  service-policy input sdmappfwp2p_CCP_MEDIUM
  service-policy output CCP-QoS-Policy-1
  interface Virtual-Template1 type tunnel
  ip unnumbered FastEthernet8
  tunnel mode ipsec ipv4
  tunnel protection ipsec profile CiscoCP_Profile1
  interface GigabitEthernet0
  no ip address
  shutdown
  duplex auto
  speed auto
  interface Vlan1
  no ip address
  interface Vlan10
  description $FW_INSIDE$
  ip address 10.133.10.1 255.255.254.0
  ip access-group 112 in
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  ip flow ingress
  ip nat inside
  ip virtual-reassembly in
  interface Async1
  no ip address
  no ip redirects
  no ip unreachables
  no ip proxy-arp
  encapsulation slip
  ip local pool SDM_POOL_1 192.168.10.101 192.168.10.200
  ip local pool VPN_Pool 192.168.20.2 192.168.20.100
  ip local pool SDM_POOL_2 172.16.100.2 172.16.100.100
  ip http server
  ip http access-class 23
  ip http authentication local
  ip http secure-server
  ip http timeout-policy idle 60 life 86400 requests 10000
  ip forward-protocol nd
  ip nat inside source route-map SDM_RMAP_1 interface FastEthernet8 overload
  ip route 0.0.0.0 0.0.0.0 62.153.xxx.xxx
  ip access-list extended VPN1
  remark VPN_Haberstrasse
  remark CCP_ACL Category=4
  permit ip 10.133.10.0 0.0.1.255 10.133.34.0 0.0.1.255
  ip radius source-interface Vlan10
  access-list 1 remark INSIDE_IF=Vlan1
  access-list 1 remark CCP_ACL Category=2
  access-list 1 permit 10.10.10.0 0.0.0.7
  access-list 23 remark CCP_ACL Category=17
  access-list 23 permit 195.243.xxx.xxx
  access-list 23 permit 10.133.10.0 0.0.1.255
  access-list 23 permit 10.10.10.0 0.0.0.7
  access-list 100 remark CCP_ACL Category=4
  access-list 100 permit ip 10.133.10.0 0.0.1.255 any
  access-list 101 remark CCP_ACL Category=16
  access-list 101 permit udp any eq bootps any eq bootpc
  access-list 101 deny   ip 10.10.10.0 0.0.0.255 any
  access-list 101 permit icmp any any echo-reply
  access-list 101 permit icmp any any time-exceeded
  access-list 101 permit icmp any any unreachable
  access-list 101 deny   ip 10.0.0.0 0.255.255.255 any
  access-list 101 deny   ip 172.16.0.0 0.15.255.255 any
  access-list 101 deny   ip 192.168.0.0 0.0.255.255 any
  access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 101 deny   ip host 255.255.255.255 any
  access-list 101 deny   ip any any
  access-list 102 remark auto generated by CCP firewall configuration
  access-list 102 remark CCP_ACL Category=1
  access-list 102 deny   ip 10.10.10.0 0.0.0.7 any
  access-list 102 permit icmp any host 62.153.xxx.xxx echo-reply
  access-list 102 permit icmp any host 62.153.xxx.xxx time-exceeded
  access-list 102 permit icmp any host 62.153.xxx.xxx unreachable
  access-list 102 deny   ip 10.0.0.0 0.255.255.255 any
  access-list 102 deny   ip 172.16.0.0 0.15.255.255 any
  access-list 102 deny   ip 192.168.0.0 0.0.255.255 any
  access-list 102 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 102 deny   ip host 255.255.255.255 any
  access-list 102 deny   ip host 0.0.0.0 any
  access-list 102 deny   ip any any log
  access-list 103 remark auto generated by CCP firewall configuration
  access-list 103 remark CCP_ACL Category=1
  access-list 103 remark IPSec Rule
  access-list 103 permit ip 10.133.34.0 0.0.1.255 10.133.10.0 0.0.1.255
  access-list 103 remark IPSec Rule
  access-list 103 permit ip 10.133.34.0 0.0.1.255 192.168.10.0 0.0.1.255
  access-list 103 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
  access-list 103 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq isakmp
  access-list 103 permit esp host 195.243.xxx.xxx host 62.153.xxx.xxx
  access-list 103 permit ahp host 195.243.xxx.xxx host 62.153.xxx.xxx
  access-list 103 remark IPSec Rule
  access-list 103 permit ip 10.133.20.0 0.0.0.255 10.133.10.0 0.0.1.255
  access-list 103 remark IPSec Rule
  access-list 103 permit ip 192.168.10.0 0.0.1.255 10.133.10.0 0.0.1.255
  access-list 103 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
  access-list 103 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq isakmp
  access-list 103 permit esp host 62.20.xxx.xxx host 62.153.xxx.xxx
  access-list 103 permit ahp host 62.20.xxx.xxx host 62.153.xxx.xxx
  access-list 103 permit udp any host 62.153.xxx.xxx eq non500-isakmp
  access-list 103 permit udp any host 62.153.xxx.xxx eq isakmp
  access-list 103 permit esp any host 62.153.xxx.xxx
  access-list 103 permit ahp any host 62.153.xxx.xxx
  access-list 103 permit udp host 194.25.0.60 eq domain any
  access-list 103 permit udp host 194.25.0.68 eq domain any
  access-list 103 permit udp host 194.25.0.68 eq domain host 62.153.xxx.xxx
  access-list 103 deny   ip 10.10.10.0 0.0.0.7 any
  access-list 103 permit icmp any host 62.153.xxx.xxx echo-reply
  access-list 103 permit icmp any host 62.153.xxx.xxx time-exceeded
  access-list 103 permit icmp any host 62.153.xxx.xxx unreachable
  access-list 103 deny   ip 10.0.0.0 0.255.255.255 any
  access-list 103 deny   ip 172.16.0.0 0.15.255.255 any
  access-list 103 deny   ip 192.168.0.0 0.0.255.255 any
  access-list 103 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 103 deny   ip host 255.255.255.255 any
  access-list 103 deny   ip host 0.0.0.0 any
  access-list 103 deny   ip any any log
  access-list 104 remark CCP_ACL Category=4
  access-list 104 permit ip 10.133.10.0 0.0.1.255 any
  access-list 105 remark CCP_ACL Category=4
  access-list 105 remark IPSec Rule
  access-list 105 permit ip 10.133.10.0 0.0.1.255 10.133.20.0 0.0.0.255
  access-list 106 remark CCP_ACL Category=2
  access-list 106 remark IPSec Rule
  access-list 106 deny   ip 192.168.10.0 0.0.1.255 10.133.34.0 0.0.1.255
  access-list 106 remark IPSec Rule
  access-list 106 deny   ip 192.168.10.0 0.0.1.255 10.60.16.0 0.0.0.255
  access-list 106 remark IPSec Rule
  access-list 106 deny   ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
  access-list 106 remark IPSec Rule
  access-list 106 deny   ip 10.133.10.0 0.0.1.255 10.133.34.0 0.0.1.255
  access-list 106 remark IPSec Rule
  access-list 106 deny   ip 10.133.10.0 0.0.1.255 10.133.20.0 0.0.0.255
  access-list 106 permit ip 10.10.10.0 0.0.0.7 any
  access-list 106 permit ip 10.133.10.0 0.0.1.255 any
  access-list 107 remark CCP_ACL Category=4
  access-list 107 remark IPSec Rule
  access-list 107 permit ip 10.133.10.0 0.0.1.255 10.133.34.0 0.0.1.255
  access-list 107 remark IPSec Rule
  access-list 107 permit ip 192.168.10.0 0.0.1.255 10.133.34.0 0.0.1.255
  access-list 108 remark Auto generated by SDM Management Access feature
  access-list 108 remark CCP_ACL Category=1
  access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq telnet
  access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq 22
  access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq www
  access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq 443
  access-list 108 permit tcp 10.133.10.0 0.0.1.255 host 10.133.10.1 eq cmd
  access-list 108 deny   tcp any host 10.133.10.1 eq telnet
  access-list 108 deny   tcp any host 10.133.10.1 eq 22
  access-list 108 deny   tcp any host 10.133.10.1 eq www
  access-list 108 deny   tcp any host 10.133.10.1 eq 443
  access-list 108 deny   tcp any host 10.133.10.1 eq cmd
  access-list 108 deny   udp any host 10.133.10.1 eq snmp
  access-list 108 permit ip any any
  access-list 109 remark CCP_ACL Category=1
  access-list 109 permit ip 10.133.10.0 0.0.1.255 any
  access-list 109 permit ip 10.10.10.0 0.0.0.7 any
  access-list 109 permit ip 192.168.10.0 0.0.1.255 any
  access-list 110 remark CCP_ACL Category=1
  access-list 110 permit ip host 195.243.xxx.xxx any
  access-list 110 permit ip host 84.44.xxx.xxx any
  access-list 110 permit ip 10.133.10.0 0.0.1.255 any
  access-list 110 permit ip 10.10.10.0 0.0.0.7 any
  access-list 110 permit ip 192.168.10.0 0.0.1.255 any
  access-list 111 remark CCP_ACL Category=4
  access-list 111 permit ip 10.133.10.0 0.0.1.255 any
  access-list 112 remark CCP_ACL Category=1
  access-list 112 permit udp host 10.133.10.5 eq 1812 any
  access-list 112 permit udp host 10.133.10.5 eq 1813 any
  access-list 112 permit udp any host 10.133.10.1 eq non500-isakmp
  access-list 112 permit udp any host 10.133.10.1 eq isakmp
  access-list 112 permit esp any host 10.133.10.1
  access-list 112 permit ahp any host 10.133.10.1
  access-list 112 permit udp host 10.133.10.5 eq 1645 host 10.133.10.1
  access-list 112 permit udp host 10.133.10.5 eq 1646 host 10.133.10.1
  access-list 112 remark auto generated by CCP firewall configuration
  access-list 112 permit udp host 10.133.10.5 eq 1812 host 10.133.10.1
  access-list 112 permit udp host 10.133.10.5 eq 1813 host 10.133.10.1
  access-list 112 permit udp host 10.133.10.7 eq domain any
  access-list 112 permit udp host 10.133.10.5 eq domain any
  access-list 112 deny   ip 62.153.xxx.xxx 0.0.0.7 any
  access-list 112 deny   ip 10.10.10.0 0.0.0.7 any
  access-list 112 deny   ip host 255.255.255.255 any
  access-list 112 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 112 permit ip any any
  access-list 113 remark CCP_ACL Category=1
  access-list 113 remark IPSec Rule
  access-list 113 permit ip 10.133.34.0 0.0.1.255 192.168.10.0 0.0.1.255
  access-list 113 remark IPSec Rule
  access-list 113 permit ip 10.60.16.0 0.0.0.255 192.168.10.0 0.0.1.255
  access-list 113 remark IPSec Rule
  access-list 113 permit ip 10.60.16.0 0.0.0.255 10.133.10.0 0.0.1.255
  access-list 113 permit udp host 83.140.100.4 host 62.153.xxx.xxx eq non500-isakmp
  access-list 113 permit udp host 83.140.100.4 host 62.153.xxx.xxx eq isakmp
  access-list 113 permit esp host 83.140.100.4 host 62.153.xxx.xxx
  access-list 113 permit ahp host 83.140.100.4 host 62.153.xxx.xxx
  access-list 113 permit ip host 195.243.xxx.xxx host 62.153.xxx.xxx
  access-list 113 permit ip host 84.44.xxx.xxx host 62.153.xxx.xxx
  access-list 113 remark auto generated by CCP firewall configuration
  access-list 113 permit udp host 194.25.0.60 eq domain any
  access-list 113 permit udp host 194.25.0.68 eq domain any
  access-list 113 permit udp host 194.25.0.68 eq domain host 62.153.xxx.xxx
  access-list 113 permit udp host 194.25.0.60 eq domain host 62.153.xxx.xxx
  access-list 113 permit udp any host 62.153.xxx.xxx eq non500-isakmp
  access-list 113 permit udp any host 62.153.xxx.xxx eq isakmp
  access-list 113 permit esp any host 62.153.xxx.xxx
  access-list 113 permit ahp any host 62.153.xxx.xxx
  access-list 113 permit ahp host 195.243.xxx.xxx host 62.153.xxx.xxx
  access-list 113 permit esp host 195.243.xxx.xxx host 62.153.xxx.xxx
  access-list 113 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq isakmp
  access-list 113 permit udp host 195.243.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
  access-list 113 remark IPSec Rule
  access-list 113 permit ip 10.133.34.0 0.0.1.255 10.133.10.0 0.0.1.255
  access-list 113 permit ahp host 62.20.xxx.xxx host 62.153.xxx.xxx
  access-list 113 remark IPSec Rule
  access-list 113 permit ip 192.168.10.0 0.0.1.255 10.133.10.0 0.0.1.255
  access-list 113 permit esp host 62.20.xxx.xxx host 62.153.xxx.xxx
  access-list 113 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq isakmp
  access-list 113 permit udp host 62.20.xxx.xxx host 62.153.xxx.xxx eq non500-isakmp
  access-list 113 remark IPSec Rule
  access-list 113 permit ip 10.133.20.0 0.0.0.255 10.133.10.0 0.0.1.255
  access-list 113 remark Pop3
  access-list 113 permit tcp host 82.127.xxx.xxx eq 8080 host 62.153.xxx.xxx
  access-list 113 remark Pop3
  access-list 113 permit tcp any eq pop3 host 62.153.xxx.xxx
  access-list 113 remark SMTP
  access-list 113 permit tcp any eq 465 host 62.153.xxx.xxx
  access-list 113 remark IMAP
  access-list 113 permit tcp any eq 587 host 62.153.xxx.xxx
  access-list 113 deny   ip 10.133.10.0 0.0.1.255 any
  access-list 113 deny   ip 10.10.10.0 0.0.0.7 any
  access-list 113 permit icmp any host 62.153.xxx.xxx echo-reply
  access-list 113 permit icmp any host 62.153.xxx.xxx time-exceeded
  access-list 113 permit icmp any host 62.153.xxx.xxx unreachable
  access-list 113 deny   ip 10.0.0.0 0.255.255.255 any
  access-list 113 deny   ip 172.16.0.0 0.15.255.255 any
  access-list 113 deny   ip 192.168.0.0 0.0.255.255 any
  access-list 113 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 113 deny   ip host 255.255.255.255 any
  access-list 113 deny   ip host 0.0.0.0 any
  access-list 113 deny   ip any any log
  access-list 114 remark auto generated by CCP firewall configuration
  access-list 114 remark CCP_ACL Category=1
  access-list 114 deny   ip 10.133.10.0 0.0.1.255 any
  access-list 114 deny   ip 10.10.10.0 0.0.0.7 any
  access-list 114 permit icmp any any echo-reply
  access-list 114 permit icmp any any time-exceeded
  access-list 114 permit icmp any any unreachable
  access-list 114 deny   ip 10.0.0.0 0.255.255.255 any
  access-list 114 deny   ip 172.16.0.0 0.15.255.255 any
  access-list 114 deny   ip 192.168.0.0 0.0.255.255 any
  access-list 114 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 114 deny   ip host 255.255.255.255 any
  access-list 114 deny   ip host 0.0.0.0 any
  access-list 114 deny   ip any any log
  access-list 115 remark VPN_Sub
  access-list 115 remark CCP_ACL Category=5
  access-list 115 permit ip 10.133.10.0 0.0.1.255 172.16.0.0 0.0.255.255
  access-list 115 permit ip 10.133.34.0 0.0.1.255 172.16.0.0 0.0.255.255
  access-list 115 permit ip 10.133.20.0 0.0.0.255 any
  access-list 116 remark CCP_ACL Category=4
  access-list 116 remark IPSec Rule
  access-list 116 permit ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
  access-list 117 remark CCP_ACL Category=4
  access-list 117 remark IPSec Rule
  access-list 117 permit ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
  access-list 118 remark CCP_ACL Category=4
  access-list 118 remark IPSec Rule
  access-list 118 permit ip 10.133.10.0 0.0.1.255 10.60.16.0 0.0.0.255
  access-list 118 remark IPSec Rule
  access-list 118 permit ip 192.168.10.0 0.0.1.255 10.60.16.0 0.0.0.255
  no cdp run
  route-map SDM_RMAP_1 permit 1
  match ip address 106
  control-plane
  mgcp profile default
  line con 0
  transport output telnet
  line 1
  modem InOut
  speed 115200
  flowcontrol hardware
  line aux 0
  transport output telnet
  line vty 0 4
  session-timeout 45
  access-class 110 in
  transport input telnet ssh
  line vty 5 15
  access-class 109 in
  transport input telnet ssh
  scheduler interval 500
  end

  The crypto ACL for the site to site vpn should also include the vpn client pool, otherwise, traffic from the vpn client does not match the interesting traffic for the site to site vpn.
  On Site A:
  should include "access-list 107 permit ip 172.16.100.0 0.0.0.255 10.133.34.0 0.0.1.255"
  You should also remove the following line as the pool is incorrect:
  access-list 107 permit ip 192.168.10.0 0.0.1.255 10.133.34.0 0.0.1.255
  On Site B:
  should include: permit ip 10.133.34.0 0.0.1.255 172.16.100.0 0.0.0.255"
  NAT exemption on site B should also be configured with deny on the above ACL.