Remotely Accessing my Apple Network

Similar Messages

• Remote access without Apple Remote Desktop

  I want to remotely access an i-Mac, at work (which is on a network) from home using a Mac Pro (ISP - Comcast). I was able to use my Mac Pro to access a PC on this same network using a Windows remote access program which was downloaded/free. I've now switched to an i-Mac at work.
  I would rather not spend $300 to accomplish this. Is there another way using either free or less expensive software to access my workplace i-Mac?
  I do have a copy of Parallels Desktop 4.0 for Mac if I need to run Windows programs on either the Mac Pro or i-Mac.

  Dave, Thanks for the information. We'll give it a try. We have a IT guy here at work, as needed. However, he's not familiar with Macs and uses exclusively PCs. He may not be as much help as I would like in solving this problem. If "Push comes to shove," I could probably remotely log onto a PC which isn't in my workspace . . . one of the "community" ones. That would solve the issue with the scheduling software, at least. (Which is, of course, PC based.)
  That would leave my personal Word and Excel files on my i-Mac for the screen sharing feature of Mac OS X 10.6.

• Remotely accessing the office network connected to E1000

  Hello;
  I'm the IT Manager for a Small Non-Profit Organization(Helping build homes, giving education, health care for the poor).
  All computers are connected to a network through a Linksys E1000 Wifi Router and I would like to access all computers
  remotely especially when I'm on my site visits or when I'm not in the office. Is there a way for me to join the network even
  if I'm outside the office.
  Thanks for the Help and more power to those sharing their knowledge.

  The easiest program to use is LogMeIn.
  See  https://secure.logmein.com/

• Remote Access on Home Network

  I have two Macs running 10.5.3. One is a MacBook Pro, the other is a Power Mac G4 tower upgraded w/ a dual-1.6ghz processor. When the G4 was running Tiger, I had no problem accessing it from the MacBook Pro. I could share the G4 screen and manage its contents remotely from the MacBook Pro Finder.
  I just installed Leopard on the G4 using "Erase and Install," and now it does not appear in the sidebar of the laptop Finder windows at all. Also, I can only share the screen of the laptop from the G4. I have been able to access the G4 by using "Connect to Server," but it used to be much easier, and I can't figure out why it isn't still.
  In the "Sharing" System Preference on each machine, I've checked File Sharing, Printer Sharing, Remote Login, Remote Management (which covers Screen Sharing) and Remote Apple Events. The wireless hub is an Airport Extreme base station (the gigabit-ethernet model).
  Is there some Library file I need to get rid of? I'm stumped.

  plre72> I have tried to download and install SymSMB
  plre72> but it fails each time I try to download a Trial license.
  SymSMB product line is discontinued a few years ago and you should be able see a message about this during attempt to download Trial licence. In the same message you can see that new software products are available at www.telexy.com
  If you will go on that site, you may find SymNAS and SymSync software or you may have a look at SymNC software collection.
  Its great that you have managed to setup FTP client, but keep in mind that SMB Client and Server type software can provide more convenient and natural access to file structures.

• Configure Time Capsule for remote access

  I have a second generation 2TB Time Capsule, operating on Bridge Mode, connected to an Arris Touchstone Telephony Gateway TG862. I want to configure Back to My Mac to be able to access the Time Capsule remotely.
  I've followed the basic steps and get this message from the settings in the iCloud Pane in System Preferences: Setup router for better performance. And this details: Contact your ISP for a different server address.
  I've tried Google and OpenDNS, and also disabling the Firewall in the Arris router, and still can't access the Time Capsule remotely.
  I also tried disabling NAT and seeing it up as Bridged in the router, and disabling Wireless as well, trying to configure the Time Capsule to serve NAT and DHCP to no avail.
  Any steps I'm missing or a whole different approach I should take to be able to access my Time Capsule remotely?
  Thank you in advance for any help.

  You will have to learn how to port forward in your Arris Gateway..
  Arris Touchstone Telephony Gateway TG862
  The easiest way is to simply google it.
  http://forums.comcast.com/t5/Home-Networking-Router-WiFi/Port-forwarding-in-Arri s-TG852G-CT/td-p/954929
  It certainly appears to be problematic.. which is not surprising... If you really need remote access I would request a pure modem from your ISP (Comcast??) or simply replace it with one in the list. You will need to turn off any inbuilt firewall in the router and use DMZ perhaps to the TC.
  There is a few posts on youtube which also might help you. eg
  https://www.youtube.com/watch?v=_8tKBHvCz_0
  But I am on ADSL so my setup is too unlike yours to really tell you much.
  If you want to test something.. let me recommend you load Teamviewer onto a computer in your LAN.. set the computer up to never sleep and then try and reach it using Teamviewer from WAN connection.. if that works.. let me recommend you stick to something of this type. Unless you are prepared to change modems with your ISP I doubt you will solve it.
  If teamviewer fails nothing is going to work.. you need to at least turn off the firewalls in both the computer and the router..
  If you don't want to leave a computer running 24/7 to accept incoming requests.. then use WD MyCloud or similar type NAS.. which are far better designed for remote access than Apple routers.. or use a cloud storage and keep files you might want there.

• How do I remotely access a friend's Windows XP desktop using my ibook?

  I hope I am posting this question in the right forum/thread:
  I am not quite a newbie on the Mac, however when it comes to issues such as remote access, virtual private networks, etc., I am pretty much lost. I've even poured over the posts here to see if they answer any of my questions, but confusion is setting in, so I thought I'd just put my question out there to see if anyone can give me a simple answer:
  I have a friend who keeps having trouble with anything and everything to do with her Windows XP computer, from passwords to router/modem configurations. When she calls, I need to stop everything I'm doing and drive to her house to try to resolve her issue. It would save me (and her) a lot of energy and heartache if I could merely remotely access her computer (she has windows xp home edition) to help her out.
  What is the best way to remotely access her PC from my MAC?
  Thanks in advance for your help!
  ibook G4   Mac OS X (10.4.10)  

  Microsoft provides a Remote Desktop Client for Mac OS X. Check it out here - http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/ misc/rdcupdate103.xml&secid=80&ssid=10&flgnosysreq=True
  For actual connection, I have not tried this, but if you get her public IP, you should be able to connect to her PC.
  Macbook   Mac OS X (10.4.10)  

• 2012 R2 Remote Access: how to fix remote disconnected clients

  We have RA on 2012 R2 running for well over a year now and we love it, however, this issue is one that I desperately need to resolve. We have recently added a second and third office thus is now more important then ever to get a handle on this. We built
  and tested a new PC here at our corporate HQ. This PC was fully functional as an RA Client (Win7Ux64). The PC was boxed up and shipped to our remote office. Do to weather, shipping out of the country and construction at our new office it was seriously
  delayed in being connect to the remote office network. Almost a month delay. This PC cannot now connect to the RA service. I am assuming that it's credentials have timed out. NOTE: in that same office (and network) I have two other PC's that are
  connected to RA and have no issues.
  What steps can I take to get this PC connected to my RA service, without having it shipped all the way back to our corp. HQ?

  Hi,
  I guess the PC has lots its trust with the domain as you say.
  You may find you can use this
  http://technet.microsoft.com/en-us/library/offline-domain-join-djoin-step-by-step(v=WS.10).aspx
  But I've not tested in this type of scenario so not sure if it will help. Worth a go maybe?
  Otherwise do you have any other remote access to your network so your client can talk back to a DC?
  Thanks
  Regards,
  Denis Cooper
  MCITP EA - MCT
  Help keep the forums tidy, if this has helped please mark it as an answer
  Blog: http://www.windows-support.co.uk 
  Twitter:   LinkedIn:

• Does Apple TV support Dish Network Remote Access ?

  My husband has an Ipad Mini - we have a vacation cabin and like to watch our Dish Network Anywhere on our HD TV there.  Up till now we used my husbands old laptop which was hooked up to the TV - but now he has an Ipad Mini. 
  Can anyone tell me if we bought Apple TV could we then stream (airplay) our Dish Remote access to our TV ?

  Several months ago, before Dish updated the Dish Anywhere app, you could push video/audio from an iPhone or iPad to Apple TV (Air Play) provided you were in "Mirroring" mode. Not ideal because if using an iPad your 16:9 "big screen" displays a 4:3 image (wide format content shows black borders on all four sides). Updates by Dish seem to have solved the aspect problem - you don't have to be in Mirroring mode. BUT, if the Dish Anywhere app is set to SQ mode, only audio makes it to Apple TV. If you change to Dish's HQ mode, video and audio are displayed. The issue here is that my link to the Hopper is DSL and HQ streams stop and start every few seconds. Mirroring mode does not fix the problem. Dish has had a few reports on this issue, but has no resolution.

• How can I remotely access my computer from a different location on Apple Remote Desktop?

  I downloaded Apple Remote Desktop and am trying to access our computer at our church that is in the auditorium and work on slides for ProPresenter from my office which is on a different network. The Mac Pro, which is in the auditorium, is connected to a Netgear wireless router. I would also want to be able to have access to observe and control the screen on the Mac Pro whether I am in my office or at my house. I have tried everything from going to portforward.com, followed those instructions, did port forwarding, used ipchicken.com to get my external IP and made sure that the Mac Pro had a static internal IP address and made sure the computer had access for remote management. Any help to resolve this issue would be greatly appreciated! Works fine when it is on the same wireless network, but I need access being on a different wireless network. Thanks!

  Hi austinmac14,
  So the steps listed bellow assume some things. They assume that the Airport Extreme Router your configuring is connected directly to the internet connection. And that the Airport Extreme is the only router between your computers and the internet.
  That means we're talking about say a DSL modem plugged directly into the Airport Extreme, or a cable modem. in ether case, this assumes that said modem, is not acting as an internet router.
  If your modem has multiple ethernet ports on it, or has a little antenna sticking out of it, then your modem is probable also a router, and these steps listed bellow will probable not work.
  Also these steps are so one person, can connect to one computer at your work.
  Open Airport Utility:
  go to the dock
  Click on the finder
  go to the menu bar
  Click on the "Go" menu
  Chose "Utilities" from the "Go" Menu
  double Click on "AirPort Utility"
  Access the Base Station:
  Double Click on your Airport Extreme BaseStation that is your internet connection router.
  a new window should pop up with your Airport Base Station as the Window Name
  Configure Static Address for the computer you want to connect to via ARD:
  Click on the internet Icon from the toolbar
  Click on the "DHCP" tab
  For "DHCP Reservations:"  Click on the "+" button
  For the "Description" put "ARD"
  For "Reserve Address by:"  set "DHCP Client ID"
  Click the "Continue" button
  For "DHCP Client ID:" set "ARD"
  write down the number in "IPv4" address field
  Click the "Done" Button
  Configure routing to ARD computer:
  Click on the "Advanced" icon from the tool bar.
  Click on the "Port Mapping" tab
  Click on the "+" button
  for "Service:" Chose "Apple Remote Desktop"
  for "Private IP Address:" copy the exact IP address you wrote down in step "3. 8)"
  Click the "Continue" button
  Click the "Done" button
  Click the "+" button
  For the pulldown menu "Service:" Chose "Remote Apple Events"
  for "Private IP Address:" copy the exact IP address you wrote down in step "3. 8."
  Click the "Continue" button
  Click the "Done" button
  Click the "+" button
  For the pulldown menu "Service:" Chose "Remote Login - SSH"
  for "Private IP Address:" copy the exact IP address you wrote down in step "3. 8."
  Click the "Continue" button
  Click the "Done" button
  Click the "Update" button.
  wait for the Airport Extreme to update, and for your computer to reconnect to the airport extreme. (make sure you can load and browse websites.)
  Configure the ARD computer to use the correct IP address:
  Go to the computer you want to be able to remotely connect to
  On that computer, Go to the menu bar
  Chose the "Apple" menu bar
  Chose "System Preferences…"
  Click on the "Show All" button
  Click on the "Network" icon
  For the active network connection, (the connection on the left side with the green dot), click on it
  Clock on the "Advanced…" button
  Click on the "TCP/IP" tab
  for the "DHCP Cient ID: field put "ARD".
  Click the "OK" button
  Click the "Apply" buttonNOTE: Under "Status" you should see "(connection name) is connected to (airport base station name) and has the IP address (IP address)." the "(IP address)" address displayed should match the IP address you wrote down in step "3. 8."
  Find out what your public internet IP address is.
  On the computer you wish to connect to over the internet, gotohttp://whatismyipaddress.com/
  when the web page loads, you should see "IP Information:" fallow by a number like 192.168.0.1, write down what ever number it is.
  At this point you should be able to connect to the computer remotely
  connect to the internet from another location.
  open Apple Remote Desktop
  go to the file menu
  chose connect to computer using ip address
  set the address to the address to the IP address you wrote down for step 6. 2.
  use the same password as you used to connect to the computer at work using ARD.
  So here the catch. If your router gets reset... well then your going to have to configure it again. Also all the same rules you have to connect to the computer at work, also apply to connecting to the computer from over the local network. That means your computer need to be on or sleeping. And if it's sleeping it need to be configure to wake for network access.
  Also some network connections change.  When it comes to internet connections, some connections are static IP, while other connections are DHCP. If your connection is static... great! if it's DHCP, your address may change. If it dose.. well then your ability to connect will break. And then you'd have to do step 6 & 7 again.
  Of corse there are ways around this. But that's kind of another conversation.
  Some internet locations may block your ability to connect to your computer at work. This is very common at schools, and companies. Basically any place that tries to control your ability to browse the internet, may block remote access to computers; because a remote computer would completely by pass their web filter.
  ALSO there is an easier option. As far as setup. There are programs designed to make remotely accessing your mac as easy as possible. For instance there is LogMeIn or Slack. With both of these programs, it's simple. make sure your computer is always on. Then install the software. Create an account with the service. And then you can connect to the computer almost any where by going to their website.
  This option requires no router configuration. It handles DHCP. It's designed to work in as many locations as possible.

• Portal failed to access remote resource due to network failures

  Hi,
  We have a portlet that allows users to upload files to a SQL Server database and make it available for other users to access. The portlet code is on our remote servers. Everything works fine in dev environment, but certain files fail in pre-prod and prod within the portal, but work fine when the code is executed outside the portal.
  I keep getting this error:
  Error - Portal failed to access remote resource due to network failures. Try again later or contact your portal administrator.     
  What could the problem be?
  Thank you for your help.
  Rad

  If the Studio service looks good on the remote server where Studio is installed (check that
  the service is started and look in the Studio logs for any warnings or errors), you should
  also verify the configuration settings in the Studio remote server object. Is it properly
  configured and pointing to the correct remote server?
  If so, check the portal servers access to the Studio server via the port specified in the remote
  server (default is 11935). You can test this by doing a telnet test on the portal server. In a cmd
  prompt (Windows) or on the CLI (Unix), type 'telnet [studioserver] 11935', where "<servername> is
  the name of your Studio remote server. The screen should just go blank, meaning that there is
  something accepting connections on that port on the given server. (We would hope it's the Studio
  app and not another service occupying that port.) If you get "Could not open connection to the host"
  or some such similar result, check that the network between the portal and the Studio remote server
  is open (ie, make sure there isn't any port blocking or a firewall in place that would hinder the
  communication between the two servers).

• Remote Access VPN (ipsec) can ping LAN interface of firewall but not clients on the company network.

  The VPN will connect.
  I can ping and connect to the ASA 5510 on it's LAN interface.
  My problem is that I cannot ping or access anything on the LAN past the firewall. What am I doing wrong?
  Here is my config.
  Result of the command: "show config"
  : Saved
  : Written by enable_15 at 22:55:02.299 UTC Tue Jan 10 2012
  ASA Version 8.2(5)
  hostname ********
  enable password UbBnTPKwu27ohfYB encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Ethernet0/0
  nameif outside
  security-level 0
  ip address x.x.x.x x.x.x.x
  interface Ethernet0/1
  nameif inside
  security-level 100
  ip address 10.0.4.1 255.255.255.0
  interface Ethernet0/2
  shutdown
  no nameif
  no security-level
  no ip address
  interface Ethernet0/3
  shutdown
  no nameif
  no security-level
  no ip address
  interface Management0/0
  nameif management
  security-level 100
  ip address 192.168.1.1 255.255.255.0
  management-only
  ftp mode passive
  same-security-traffic permit inter-interface
  same-security-traffic permit intra-interface
  object-group network BC
  network-object 10.0.3.0 255.255.255.0
  network-object 10.0.4.0 255.255.255.0
  access-list outside_access_in extended permit tcp any any eq ssh
  access-list outside_access_in extended permit tcp any any eq 50000
  access-list outside_access_in extended permit tcp any any eq 3390
  access-list outside_access_in extended permit tcp any any eq 8066
  access-list outside_access_in extended permit tcp any any eq 22225
  access-list outside_access_in extended permit tcp any any eq 1600
  access-list outside_access_in extended permit tcp any any eq 37260
  access-list outside_access_in extended permit tcp any any eq 37261
  access-list outside_access_in extended permit tcp any any eq 37262
  access-list outside_access_in extended permit tcp any any eq 37263
  access-list outside_access_in extended permit tcp any any eq 37264
  access-list outside_access_in extended permit tcp any any eq 1435
  access-list outside_access_in extended permit tcp any any eq 250
  access-list outside_access_in extended permit tcp any any eq citrix-ica
  access-list outside_access_in extended permit tcp any any eq 8080
  access-list outside_access_in extended permit tcp any any eq www
  access-list outside_access_in extended permit tcp any any eq 85
  access-list outside_access_in extended permit tcp any any eq 8069
  access-list outside_access_in extended permit tcp any any eq 3389
  access-list outside_access_in extended permit tcp any any eq 23032
  access-list outside_access_in extended permit tcp any any eq 32023
  access-list outside_access_in extended permit tcp any any eq 3399
  access-list outside_access_in extended permit udp any any eq 250
  access-list outside_access_in extended permit udp any any eq 5008
  access-list outside_access_in extended permit icmp any any
  access-list splittunn-ppso extended permit ip 10.0.4.0 255.255.255.0 10.10.10.0 255.255.255.0
  access-list splittunn-ppso extended permit ip 10.0.3.0 255.255.255.0 10.10.10.0 255.255.255.0
  access-list nonat extended permit ip 10.0.4.0 255.255.255.0 10.10.10.0 255.255.255.0
  access-list nonat extended permit ip 10.0.3.0 255.255.255.0 10.10.10.0 255.255.255.0
  pager lines 24
  logging asdm informational
  mtu outside 1500
  mtu inside 1500
  mtu management 1500
  ip local pool vpn-pool 10.10.10.1-10.10.10.254 mask 255.255.255.0
  icmp unreachable rate-limit 1 burst-size 1
  icmp permit any outside
  icmp permit any inside
  no asdm history enable
  arp timeout 14400
  nat-control
  global (outside) 101 interface
  nat (inside) 0 access-list nonat
  nat (inside) 101 0.0.0.0 0.0.0.0
  static (inside,outside) tcp interface 50000 10.0.4.58 50000 netmask 255.255.255.255
  static (inside,outside) tcp interface ssh 10.0.4.7 ssh netmask 255.255.255.255
  static (inside,outside) tcp interface 3390 10.0.3.249 3390 netmask 255.255.255.255
  static (inside,outside) tcp interface 8066 10.0.3.249 8066 netmask 255.255.255.255
  static (inside,outside) tcp interface 22225 10.0.4.58 22225 netmask 255.255.255.255
  static (inside,outside) tcp interface 1600 10.0.4.58 1600 netmask 255.255.255.255
  static (inside,outside) tcp interface 37260 10.0.4.58 37260 netmask 255.255.255.255
  static (inside,outside) tcp interface 37261 10.0.4.58 37261 netmask 255.255.255.255
  static (inside,outside) tcp interface 37262 10.0.4.58 37262 netmask 255.255.255.255
  static (inside,outside) tcp interface 37263 10.0.4.58 37263 netmask 255.255.255.255
  static (inside,outside) tcp interface 37264 10.0.4.58 37264 netmask 255.255.255.255
  static (inside,outside) tcp interface 1433 10.0.4.240 1433 netmask 255.255.255.255
  static (inside,outside) udp interface 5008 10.0.4.240 5008 netmask 255.255.255.255
  static (inside,outside) udp interface 249 10.0.4.240 249 netmask 255.255.255.255
  static (inside,outside) tcp interface 250 10.0.4.240 250 netmask 255.255.255.255
  static (inside,outside) tcp interface www 10.0.4.15 www netmask 255.255.255.255
  static (inside,outside) tcp interface citrix-ica 10.0.4.15 citrix-ica netmask 255.255.255.255
  static (inside,outside) tcp interface 8080 10.0.4.15 8080 netmask 255.255.255.255
  static (inside,outside) tcp interface 85 10.0.4.15 85 netmask 255.255.255.255
  static (inside,outside) tcp interface 8069 10.0.4.236 8069 netmask 255.255.255.255
  static (inside,outside) tcp interface 3399 10.0.4.236 3389 netmask 255.255.255.255
  static (inside,outside) tcp interface 23032 10.0.4.244 23032 netmask 255.255.255.255
  static (inside,outside) tcp interface 32023 10.0.4.244 32023 netmask 255.255.255.255
  access-group outside_access_in in interface outside
  route outside 0.0.0.0 0.0.0.0 x.x.x.x 1
  route inside 10.0.3.0 255.255.255.0 10.0.4.205 1
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 0.0.0.0 0.0.0.0 inside
  http 0.0.0.0 0.0.0.0 management
  http x.x.x.x x.x.x.x outside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
  crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
  crypto map outside_map interface outside
  crypto ca trustpoint _SmartCallHome_ServerCA
  crl configure
  crypto ca certificate chain _SmartCallHome_ServerCA
  certificate ca 6ecc7aa5a7032009b8cebcf4e952d491
      308205ec 308204d4 a0030201 0202106e cc7aa5a7 032009b8 cebcf4e9 52d49130
      0d06092a 864886f7 0d010105 05003081 ca310b30 09060355 04061302 55533117
      30150603 55040a13 0e566572 69536967 6e2c2049 6e632e31 1f301d06 0355040b
      13165665 72695369 676e2054 72757374 204e6574 776f726b 313a3038 06035504
      0b133128 63292032 30303620 56657269 5369676e 2c20496e 632e202d 20466f72
      20617574 686f7269 7a656420 75736520 6f6e6c79 31453043 06035504 03133c56
      65726953 69676e20 436c6173 73203320 5075626c 69632050 72696d61 72792043
      65727469 66696361 74696f6e 20417574 686f7269 7479202d 20473530 1e170d31
      30303230 38303030 3030305a 170d3230 30323037 32333539 35395a30 81b5310b
      30090603 55040613 02555331 17301506 0355040a 130e5665 72695369 676e2c20
      496e632e 311f301d 06035504 0b131656 65726953 69676e20 54727573 74204e65
      74776f72 6b313b30 39060355 040b1332 5465726d 73206f66 20757365 20617420
      68747470 733a2f2f 7777772e 76657269 7369676e 2e636f6d 2f727061 20286329
      3130312f 302d0603 55040313 26566572 69536967 6e20436c 61737320 33205365
      63757265 20536572 76657220 4341202d 20473330 82012230 0d06092a 864886f7
      0d010101 05000382 010f0030 82010a02 82010100 b187841f c20c45f5 bcab2597
      a7ada23e 9cbaf6c1 39b88bca c2ac56c6 e5bb658e 444f4dce 6fed094a d4af4e10
      9c688b2e 957b899b 13cae234 34c1f35b f3497b62 83488174 d188786c 0253f9bc
      7f432657 5833833b 330a17b0 d04e9124 ad867d64 12dc744a 34a11d0a ea961d0b
      15fca34b 3bce6388 d0f82d0c 948610ca b69a3dca eb379c00 48358629 5078e845
      63cd1941 4ff595ec 7b98d4c4 71b350be 28b38fa0 b9539cf5 ca2c23a9 fd1406e8
      18b49ae8 3c6e81fd e4cd3536 b351d369 ec12ba56 6e6f9b57 c58b14e7 0ec79ced
      4a546ac9 4dc5bf11 b1ae1c67 81cb4455 33997f24 9b3f5345 7f861af3 3cfa6d7f
      81f5b84a d3f58537 1cb5a6d0 09e4187b 384efa0f 02030100 01a38201 df308201
      db303406 082b0601 05050701 01042830 26302406 082b0601 05050730 01861868
      7474703a 2f2f6f63 73702e76 65726973 69676e2e 636f6d30 12060355 1d130101
      ff040830 060101ff 02010030 70060355 1d200469 30673065 060b6086 480186f8
      45010717 03305630 2806082b 06010505 07020116 1c687474 70733a2f 2f777777
      2e766572 69736967 6e2e636f 6d2f6370 73302a06 082b0601 05050702 02301e1a
      1c687474 70733a2f 2f777777 2e766572 69736967 6e2e636f 6d2f7270 61303406
      03551d1f 042d302b 3029a027 a0258623 68747470 3a2f2f63 726c2e76 65726973
      69676e2e 636f6d2f 70636133 2d67352e 63726c30 0e060355 1d0f0101 ff040403
      02010630 6d06082b 06010505 07010c04 61305fa1 5da05b30 59305730 55160969
      6d616765 2f676966 3021301f 30070605 2b0e0302 1a04148f e5d31a86 ac8d8e6b
      c3cf806a d448182c 7b192e30 25162368 7474703a 2f2f6c6f 676f2e76 65726973
      69676e2e 636f6d2f 76736c6f 676f2e67 69663028 0603551d 11042130 1fa41d30
      1b311930 17060355 04031310 56657269 5369676e 4d504b49 2d322d36 301d0603
      551d0e04 1604140d 445c1653 44c1827e 1d20ab25 f40163d8 be79a530 1f060355
      1d230418 30168014 7fd365a7 c2ddecbb f03009f3 4339fa02 af333133 300d0609
      2a864886 f70d0101 05050003 82010100 0c8324ef ddc30cd9 589cfe36 b6eb8a80
      4bd1a3f7 9df3cc53 ef829ea3 a1e697c1 589d756c e01d1b4c fad1c12d 05c0ea6e
      b2227055 d9203340 3307c265 83fa8f43 379bea0e 9a6c70ee f69c803b d937f47a
      6decd018 7d494aca 99c71928 a2bed877 24f78526 866d8705 404167d1 273aeddc
      481d22cd 0b0b8bbc f4b17bfd b499a8e9 762ae11a 2d876e74 d388dd1e 22c6df16
      b62b8214 0a945cf2 50ecafce ff62370d ad65d306 4153ed02 14c8b558 28a1ace0
      5becb37f 954afb03 c8ad26db e6667812 4ad99f42 fbe198e6 42839b8f 8f6724e8
      6119b5dd cdb50b26 058ec36e c4c875b8 46cfe218 065ea9ae a8819a47 16de0c28
      6c2527b9 deb78458 c61f381e a4c4cb66
    quit
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet x.x.x.x 255.255.255.255 outside
  telnet 0.0.0.0 0.0.0.0 inside
  telnet 0.0.0.0 0.0.0.0 management
  telnet timeout 5
  ssh 0.0.0.0 0.0.0.0 inside
  ssh 0.0.0.0 0.0.0.0 management
  ssh timeout 5
  console timeout 0
  management-access inside
  dhcpd address 192.168.1.2-192.168.1.254 management
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  enable outside
  group-policy ppso internal
  group-policy ppso attributes
  dns-server value 10.0.4.241 10.0.4.14
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value splittunn-ppso
  default-domain value ppso.local
  split-dns value ppso.local
  address-pools value vpn-pool
  tunnel-group VPN type remote-access
  tunnel-group VPN general-attributes
  address-pool vpn-pool
  default-group-policy VPN
  tunnel-group VPN ipsec-attributes
  pre-shared-key *
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny 
    inspect sunrpc
    inspect xdmcp
    inspect sip 
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect icmp
  service-policy global_policy global
  prompt hostname context
  call-home reporting anonymous
  Cryptochecksum:88a9b69fc3d718c3badfa99db2c7ce4f

  Yeah, I figured out where my problem was.
  My IP Local Pool range was the problem.
  I was using 10.10.10.0 which conflicted with a point-to-point connection where the serial interfaces were numbered and using 10.10.10.1 and 10.10.10.2.
  Traffic would leave the firewall, hit the intended host, go back through my core router, then off to the other network.
  I changed my ip local pool to a different range (192.168.100.0) and my problem was solved.

• Remote Access VPN - Unable to Access LAN / Inside Network

  Hi,
  I am facing a problem with Cisco ASA remote access VPN, the remote client is connected to VPN and receiving IP address but the client is not able to ping or telnet any internal network.
  I have attached running configuration for your reference. Please let me know I miss any configuartion.
  FW : ASA5510
  Version : 8.0
  Note : Site to Site VPN is working without any issues
  Thanks
  Jamal

  Hi,
  Very nice network diagram
  Are you saying that originally the VPN Client user is behind the Jeddah ASA?
  If this is true wouldnt it be wiser to just use the already existing L2L VPN between these sites?
  In real situation I think the VPN Client would only be needed when you are outside either Head Quarter or Jeddah Network. And since you tested it infront of the ASA and it worked there shouldnt be any problem.
  Now to the reason why the VPN Client isnt working from behind the Jeddah ASA.
  Can you check that the following configuration is found on the Jeddah ASA (Depending on the software level of the ASA the format of the command might change. I'm not 100% sure)
  isakmp nat-traversal To enable NAT traversal globally, check that ISAKMP is enabled (you can enable it with the isakmp enable command) in global configuration mode and then use the isakmp nat-traversal command. If you have enabled NAT traversal, you can disable it with the no form of this command.
  isakmp nat-traversal natkeepalive
  no isakmp nat-traversal natkeepalive
  Syntax Description
  natkeepalive
  Sets the NAT keep alive interval, from 10 to 3600 seconds. The default is 20 seconds.
  Defaults
  By default, NAT traversal (isakmp nat-traversal) is disabled.
  Command Modes
  The following table shows the modes in which you can enter the command:
  Command Mode
  Firewall Mode
  Security Context
  Routed
  Transparent
  Single
  Multiple
  Context
  System
  Global configuration
  Command History
  Release
  Modification
  Preexisting
  This command was preexisting.
  7.2(1)
  This command was deprecated. The crypto isakmp nat-traversal command replaces it.
  Usage Guidelines Network Address Translation (NAT), including Port Address Translation  (PAT), is used in many networks where IPSec is also used, but there are a  number of incompatibilities that prevent IPSec packets from  successfully traversing NAT devices. NAT traversal enables ESP packets  to pass through one or more NAT devices.
  The security appliance supports NAT traversal as described by Version 2  and Version 3 of the IETF "UDP Encapsulation of IPsec Packets" draft,  available at http://www.ietf.org/html.charters/ipsec-charter.html, and NAT traversal is supported for both dynamic and static crypto maps.
  This command enables NAT-T globally on the security appliance. To disable in a crypto-map entry, use the crypto map set nat-t-disable command.
  Examples
  The following example, entered in global configuration mode, enables  ISAKMP and then enables NAT traversal with an interval of 30 seconds:
  hostname(config)# isakmp enable
  hostname(config)# isakmp nat-traversal 30
  - Jouni

• Can you create a Remote Access VPN connection to tunnel DMZ LAN and Inside Networks simultaneously?

  I have a customer that has a ASA 5510 version 8.3 with IPSEC Client Access that includes some of their networks on the Inside interface.   The issue they are having is when their mobile users connect with the vpn client (which is using split tunneling), they can no longer access their web server applications that are running in the DMZ.   Without the client connected, they access the web servers via the external public IP.  Once they are connected via vpn, their default dns server becomes the internal AD DNS server, which resolves the DNS of the web servers to the private DMZ ip address. 
  Can a Remote Access VPN client connection be allowed to connect to both the DMZ interface and the Inside Interface? I had always only setup RA VPN clients to connect to networks on the Inside Interface.  
  I tried adding the DMZ network to the Split Tunnel list, but I could not access anything it while connected to vpn using the private IP addresses.

  Yes, you should be able to access DMZ subnets as well if they are added to the split tunnel ACL. You could check the NAT exemption configuration for the DMZ and also check if the ASA is forwarding the packet through DMZ interface by configuring captures on the DMZ interface. 
  Share the configuration if you want help with the NAT exemption part.

• Apple remote and multiple Apple TV's on same network question

  I have 1st gen apple TV, Want to add 2nd gen apple tv.  I assume I can do that.  My real question is when using apple remote, can I control both Apple TVs independently?
  Anyone have any knowledge of if this will work or not?

  Welcome to the Apple Community.
  If you are talking about the supplied remote, as Rudegar suggests you can pair each remote with each device so that only that remote will control the device it's paired with.
  To pair a remote with a device hold down the menu and FF buttons together for six seconds or until you see a chain icon on screen. However it's not all that common for the TV's to be in different locations where an unpaired remote is unlikely to control both Apple TV's together. If you leave the remotes unpaired you should be able to use either remote with either Apple TV.
  Alternatively if you are talking about the remote App for the iPhone, iPad or iPod, each Apple TV will show up as a separate device and you can control any Apple TV on your network from anywhere in your home.

• Remote access and network services problem

  I have a Mac Pro with two IP configs:
  Ethernet 1: 69.##.##.## /255.255.255.248 [hidden for public forum security]
  Ethernet 2: 10.0.0.20/255.255.255.0
  My primary needs:
  Able to remotely access the Mac via Remote Desktop using the public IP. Local LAN connectivity using 10.##.##.##.
  Setup:
  I have a 10 public IP address from my ISP and using one of the 10 now. Everything pings OK.
  Question:
  How can I customize the network service so that I can select the Ethernet 1 or Ethernet 2 port to use? So far it forces me select Ethernet 1 for all of the services selected. I'd like to use FTP & Web Server & Remote Access on the Ethernet 2 (public). The rest is LAN. I notice that Appletalk is only allowable on a single IP.
  Quick experiment with the Internet sharing using Ethernet 2 (public) to Ethernet 1 failed to provide the desired forwarding result.
  Mac Pro   Mac OS X (10.4.9)  

  I think you need to go further into the settings and define FTP etc. to the specific Ethernet. There are also settings Automatic and where you define your connection. I have a 3 inch book that I will look at to see if they address it. I to plan to do something similar, but haven't got there yet.
  Michael