Remotely Accessing my Apple Network
Hi
I have an Apple Network using Time Capsule. I travel frequently and would like to access my network from various locations to access the USB drive attached to my Time Capsule.
Would someone smarter than me on this please give me some step by step guidance. Both machines are Macs (iMac and MacBook Air) running 10.5.6.
Thanks
Herbert
The easy. Apple's MobileMe subscription and use "Back-to-My-Mac".
More work, but less secure. Configure your home router to forward port 548 to your Time Capsule. Or configure the router to forward 548 to your iMac.
More secure, have the ssh port 22 forwarded to your iMac, then create ssh tunnels for port 548 along with a tunnel for VNC port 5900.
ssh -L 22548:localhost:548 -L 22590:localhost:5900 [email protected]
afp://localhost:22548 # use in Finder -> Go -> Connect to Server
vnc://localhost:22590 # use in Finder -> Go -> Connect to Server
The port forwarding approaches should also include getting a free dynamic DNS name from a service such as <http://no-ip.com> or <http://dyndns.org>, which will make it easy to find your home Mac on the web.
NOTE: "Back-to-My-Mac" should be the easiest and give you the most accessability.
Similar Messages
-
Remote access without Apple Remote Desktop
I want to remotely access an i-Mac, at work (which is on a network) from home using a Mac Pro (ISP - Comcast). I was able to use my Mac Pro to access a PC on this same network using a Windows remote access program which was downloaded/free. I've now switched to an i-Mac at work.
I would rather not spend $300 to accomplish this. Is there another way using either free or less expensive software to access my workplace i-Mac?
I do have a copy of Parallels Desktop 4.0 for Mac if I need to run Windows programs on either the Mac Pro or i-Mac.Dave, Thanks for the information. We'll give it a try. We have a IT guy here at work, as needed. However, he's not familiar with Macs and uses exclusively PCs. He may not be as much help as I would like in solving this problem. If "Push comes to shove," I could probably remotely log onto a PC which isn't in my workspace . . . one of the "community" ones. That would solve the issue with the scheduling software, at least. (Which is, of course, PC based.)
That would leave my personal Word and Excel files on my i-Mac for the screen sharing feature of Mac OS X 10.6. -
Remotely accessing the office network connected to E1000
Hello;
I'm the IT Manager for a Small Non-Profit Organization(Helping build homes, giving education, health care for the poor).
All computers are connected to a network through a Linksys E1000 Wifi Router and I would like to access all computers
remotely especially when I'm on my site visits or when I'm not in the office. Is there a way for me to join the network even
if I'm outside the office.
Thanks for the Help and more power to those sharing their knowledge.The easiest program to use is LogMeIn.
See https://secure.logmein.com/ -
I have two Macs running 10.5.3. One is a MacBook Pro, the other is a Power Mac G4 tower upgraded w/ a dual-1.6ghz processor. When the G4 was running Tiger, I had no problem accessing it from the MacBook Pro. I could share the G4 screen and manage its contents remotely from the MacBook Pro Finder.
I just installed Leopard on the G4 using "Erase and Install," and now it does not appear in the sidebar of the laptop Finder windows at all. Also, I can only share the screen of the laptop from the G4. I have been able to access the G4 by using "Connect to Server," but it used to be much easier, and I can't figure out why it isn't still.
In the "Sharing" System Preference on each machine, I've checked File Sharing, Printer Sharing, Remote Login, Remote Management (which covers Screen Sharing) and Remote Apple Events. The wireless hub is an Airport Extreme base station (the gigabit-ethernet model).
Is there some Library file I need to get rid of? I'm stumped.plre72> I have tried to download and install SymSMB
plre72> but it fails each time I try to download a Trial license.
SymSMB product line is discontinued a few years ago and you should be able see a message about this during attempt to download Trial licence. In the same message you can see that new software products are available at www.telexy.com
If you will go on that site, you may find SymNAS and SymSync software or you may have a look at SymNC software collection.
Its great that you have managed to setup FTP client, but keep in mind that SMB Client and Server type software can provide more convenient and natural access to file structures. -
Configure Time Capsule for remote access
I have a second generation 2TB Time Capsule, operating on Bridge Mode, connected to an Arris Touchstone Telephony Gateway TG862. I want to configure Back to My Mac to be able to access the Time Capsule remotely.
I've followed the basic steps and get this message from the settings in the iCloud Pane in System Preferences: Setup router for better performance. And this details: Contact your ISP for a different server address.
I've tried Google and OpenDNS, and also disabling the Firewall in the Arris router, and still can't access the Time Capsule remotely.
I also tried disabling NAT and seeing it up as Bridged in the router, and disabling Wireless as well, trying to configure the Time Capsule to serve NAT and DHCP to no avail.
Any steps I'm missing or a whole different approach I should take to be able to access my Time Capsule remotely?
Thank you in advance for any help.You will have to learn how to port forward in your Arris Gateway..
Arris Touchstone Telephony Gateway TG862
The easiest way is to simply google it.
http://forums.comcast.com/t5/Home-Networking-Router-WiFi/Port-forwarding-in-Arri s-TG852G-CT/td-p/954929
It certainly appears to be problematic.. which is not surprising... If you really need remote access I would request a pure modem from your ISP (Comcast??) or simply replace it with one in the list. You will need to turn off any inbuilt firewall in the router and use DMZ perhaps to the TC.
There is a few posts on youtube which also might help you. eg
https://www.youtube.com/watch?v=_8tKBHvCz_0
But I am on ADSL so my setup is too unlike yours to really tell you much.
If you want to test something.. let me recommend you load Teamviewer onto a computer in your LAN.. set the computer up to never sleep and then try and reach it using Teamviewer from WAN connection.. if that works.. let me recommend you stick to something of this type. Unless you are prepared to change modems with your ISP I doubt you will solve it.
If teamviewer fails nothing is going to work.. you need to at least turn off the firewalls in both the computer and the router..
If you don't want to leave a computer running 24/7 to accept incoming requests.. then use WD MyCloud or similar type NAS.. which are far better designed for remote access than Apple routers.. or use a cloud storage and keep files you might want there. -
How do I remotely access a friend's Windows XP desktop using my ibook?
I hope I am posting this question in the right forum/thread:
I am not quite a newbie on the Mac, however when it comes to issues such as remote access, virtual private networks, etc., I am pretty much lost. I've even poured over the posts here to see if they answer any of my questions, but confusion is setting in, so I thought I'd just put my question out there to see if anyone can give me a simple answer:
I have a friend who keeps having trouble with anything and everything to do with her Windows XP computer, from passwords to router/modem configurations. When she calls, I need to stop everything I'm doing and drive to her house to try to resolve her issue. It would save me (and her) a lot of energy and heartache if I could merely remotely access her computer (she has windows xp home edition) to help her out.
What is the best way to remotely access her PC from my MAC?
Thanks in advance for your help!
ibook G4 Mac OS X (10.4.10)Microsoft provides a Remote Desktop Client for Mac OS X. Check it out here - http://www.microsoft.com/mac/downloads.aspx?pid=download&location=/mac/download/ misc/rdcupdate103.xml&secid=80&ssid=10&flgnosysreq=True
For actual connection, I have not tried this, but if you get her public IP, you should be able to connect to her PC.
Macbook Mac OS X (10.4.10) -
2012 R2 Remote Access: how to fix remote disconnected clients
We have RA on 2012 R2 running for well over a year now and we love it, however, this issue is one that I desperately need to resolve. We have recently added a second and third office thus is now more important then ever to get a handle on this. We built
and tested a new PC here at our corporate HQ. This PC was fully functional as an RA Client (Win7Ux64). The PC was boxed up and shipped to our remote office. Do to weather, shipping out of the country and construction at our new office it was seriously
delayed in being connect to the remote office network. Almost a month delay. This PC cannot now connect to the RA service. I am assuming that it's credentials have timed out. NOTE: in that same office (and network) I have two other PC's that are
connected to RA and have no issues.
What steps can I take to get this PC connected to my RA service, without having it shipped all the way back to our corp. HQ?Hi,
I guess the PC has lots its trust with the domain as you say.
You may find you can use this
http://technet.microsoft.com/en-us/library/offline-domain-join-djoin-step-by-step(v=WS.10).aspx
But I've not tested in this type of scenario so not sure if it will help. Worth a go maybe?
Otherwise do you have any other remote access to your network so your client can talk back to a DC?
Thanks
Regards,
Denis Cooper
MCITP EA - MCT
Help keep the forums tidy, if this has helped please mark it as an answer
Blog: http://www.windows-support.co.uk
Twitter: LinkedIn: -
Does Apple TV support Dish Network Remote Access ?
My husband has an Ipad Mini - we have a vacation cabin and like to watch our Dish Network Anywhere on our HD TV there. Up till now we used my husbands old laptop which was hooked up to the TV - but now he has an Ipad Mini.
Can anyone tell me if we bought Apple TV could we then stream (airplay) our Dish Remote access to our TV ?Several months ago, before Dish updated the Dish Anywhere app, you could push video/audio from an iPhone or iPad to Apple TV (Air Play) provided you were in "Mirroring" mode. Not ideal because if using an iPad your 16:9 "big screen" displays a 4:3 image (wide format content shows black borders on all four sides). Updates by Dish seem to have solved the aspect problem - you don't have to be in Mirroring mode. BUT, if the Dish Anywhere app is set to SQ mode, only audio makes it to Apple TV. If you change to Dish's HQ mode, video and audio are displayed. The issue here is that my link to the Hopper is DSL and HQ streams stop and start every few seconds. Mirroring mode does not fix the problem. Dish has had a few reports on this issue, but has no resolution.
-
How can I remotely access my computer from a different location on Apple Remote Desktop?
I downloaded Apple Remote Desktop and am trying to access our computer at our church that is in the auditorium and work on slides for ProPresenter from my office which is on a different network. The Mac Pro, which is in the auditorium, is connected to a Netgear wireless router. I would also want to be able to have access to observe and control the screen on the Mac Pro whether I am in my office or at my house. I have tried everything from going to portforward.com, followed those instructions, did port forwarding, used ipchicken.com to get my external IP and made sure that the Mac Pro had a static internal IP address and made sure the computer had access for remote management. Any help to resolve this issue would be greatly appreciated! Works fine when it is on the same wireless network, but I need access being on a different wireless network. Thanks!
Hi austinmac14,
So the steps listed bellow assume some things. They assume that the Airport Extreme Router your configuring is connected directly to the internet connection. And that the Airport Extreme is the only router between your computers and the internet.
That means we're talking about say a DSL modem plugged directly into the Airport Extreme, or a cable modem. in ether case, this assumes that said modem, is not acting as an internet router.
If your modem has multiple ethernet ports on it, or has a little antenna sticking out of it, then your modem is probable also a router, and these steps listed bellow will probable not work.
Also these steps are so one person, can connect to one computer at your work.
Open Airport Utility:
go to the dock
Click on the finder
go to the menu bar
Click on the "Go" menu
Chose "Utilities" from the "Go" Menu
double Click on "AirPort Utility"
Access the Base Station:
Double Click on your Airport Extreme BaseStation that is your internet connection router.
a new window should pop up with your Airport Base Station as the Window Name
Configure Static Address for the computer you want to connect to via ARD:
Click on the internet Icon from the toolbar
Click on the "DHCP" tab
For "DHCP Reservations:" Click on the "+" button
For the "Description" put "ARD"
For "Reserve Address by:" set "DHCP Client ID"
Click the "Continue" button
For "DHCP Client ID:" set "ARD"
write down the number in "IPv4" address field
Click the "Done" Button
Configure routing to ARD computer:
Click on the "Advanced" icon from the tool bar.
Click on the "Port Mapping" tab
Click on the "+" button
for "Service:" Chose "Apple Remote Desktop"
for "Private IP Address:" copy the exact IP address you wrote down in step "3. 8)"
Click the "Continue" button
Click the "Done" button
Click the "+" button
For the pulldown menu "Service:" Chose "Remote Apple Events"
for "Private IP Address:" copy the exact IP address you wrote down in step "3. 8."
Click the "Continue" button
Click the "Done" button
Click the "+" button
For the pulldown menu "Service:" Chose "Remote Login - SSH"
for "Private IP Address:" copy the exact IP address you wrote down in step "3. 8."
Click the "Continue" button
Click the "Done" button
Click the "Update" button.
wait for the Airport Extreme to update, and for your computer to reconnect to the airport extreme. (make sure you can load and browse websites.)
Configure the ARD computer to use the correct IP address:
Go to the computer you want to be able to remotely connect to
On that computer, Go to the menu bar
Chose the "Apple" menu bar
Chose "System Preferences…"
Click on the "Show All" button
Click on the "Network" icon
For the active network connection, (the connection on the left side with the green dot), click on it
Clock on the "Advanced…" button
Click on the "TCP/IP" tab
for the "DHCP Cient ID: field put "ARD".
Click the "OK" button
Click the "Apply" buttonNOTE: Under "Status" you should see "(connection name) is connected to (airport base station name) and has the IP address (IP address)." the "(IP address)" address displayed should match the IP address you wrote down in step "3. 8."
Find out what your public internet IP address is.
On the computer you wish to connect to over the internet, gotohttp://whatismyipaddress.com/
when the web page loads, you should see "IP Information:" fallow by a number like 192.168.0.1, write down what ever number it is.
At this point you should be able to connect to the computer remotely
connect to the internet from another location.
open Apple Remote Desktop
go to the file menu
chose connect to computer using ip address
set the address to the address to the IP address you wrote down for step 6. 2.
use the same password as you used to connect to the computer at work using ARD.
So here the catch. If your router gets reset... well then your going to have to configure it again. Also all the same rules you have to connect to the computer at work, also apply to connecting to the computer from over the local network. That means your computer need to be on or sleeping. And if it's sleeping it need to be configure to wake for network access.
Also some network connections change. When it comes to internet connections, some connections are static IP, while other connections are DHCP. If your connection is static... great! if it's DHCP, your address may change. If it dose.. well then your ability to connect will break. And then you'd have to do step 6 & 7 again.
Of corse there are ways around this. But that's kind of another conversation.
Some internet locations may block your ability to connect to your computer at work. This is very common at schools, and companies. Basically any place that tries to control your ability to browse the internet, may block remote access to computers; because a remote computer would completely by pass their web filter.
ALSO there is an easier option. As far as setup. There are programs designed to make remotely accessing your mac as easy as possible. For instance there is LogMeIn or Slack. With both of these programs, it's simple. make sure your computer is always on. Then install the software. Create an account with the service. And then you can connect to the computer almost any where by going to their website.
This option requires no router configuration. It handles DHCP. It's designed to work in as many locations as possible. -
Portal failed to access remote resource due to network failures
Hi,
We have a portlet that allows users to upload files to a SQL Server database and make it available for other users to access. The portlet code is on our remote servers. Everything works fine in dev environment, but certain files fail in pre-prod and prod within the portal, but work fine when the code is executed outside the portal.
I keep getting this error:
Error - Portal failed to access remote resource due to network failures. Try again later or contact your portal administrator.
What could the problem be?
Thank you for your help.
RadIf the Studio service looks good on the remote server where Studio is installed (check that
the service is started and look in the Studio logs for any warnings or errors), you should
also verify the configuration settings in the Studio remote server object. Is it properly
configured and pointing to the correct remote server?
If so, check the portal servers access to the Studio server via the port specified in the remote
server (default is 11935). You can test this by doing a telnet test on the portal server. In a cmd
prompt (Windows) or on the CLI (Unix), type 'telnet [studioserver] 11935', where "<servername> is
the name of your Studio remote server. The screen should just go blank, meaning that there is
something accepting connections on that port on the given server. (We would hope it's the Studio
app and not another service occupying that port.) If you get "Could not open connection to the host"
or some such similar result, check that the network between the portal and the Studio remote server
is open (ie, make sure there isn't any port blocking or a firewall in place that would hinder the
communication between the two servers). -
The VPN will connect.
I can ping and connect to the ASA 5510 on it's LAN interface.
My problem is that I cannot ping or access anything on the LAN past the firewall. What am I doing wrong?
Here is my config.
Result of the command: "show config"
: Saved
: Written by enable_15 at 22:55:02.299 UTC Tue Jan 10 2012
ASA Version 8.2(5)
hostname ********
enable password UbBnTPKwu27ohfYB encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
interface Ethernet0/0
nameif outside
security-level 0
ip address x.x.x.x x.x.x.x
interface Ethernet0/1
nameif inside
security-level 100
ip address 10.0.4.1 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
ftp mode passive
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network BC
network-object 10.0.3.0 255.255.255.0
network-object 10.0.4.0 255.255.255.0
access-list outside_access_in extended permit tcp any any eq ssh
access-list outside_access_in extended permit tcp any any eq 50000
access-list outside_access_in extended permit tcp any any eq 3390
access-list outside_access_in extended permit tcp any any eq 8066
access-list outside_access_in extended permit tcp any any eq 22225
access-list outside_access_in extended permit tcp any any eq 1600
access-list outside_access_in extended permit tcp any any eq 37260
access-list outside_access_in extended permit tcp any any eq 37261
access-list outside_access_in extended permit tcp any any eq 37262
access-list outside_access_in extended permit tcp any any eq 37263
access-list outside_access_in extended permit tcp any any eq 37264
access-list outside_access_in extended permit tcp any any eq 1435
access-list outside_access_in extended permit tcp any any eq 250
access-list outside_access_in extended permit tcp any any eq citrix-ica
access-list outside_access_in extended permit tcp any any eq 8080
access-list outside_access_in extended permit tcp any any eq www
access-list outside_access_in extended permit tcp any any eq 85
access-list outside_access_in extended permit tcp any any eq 8069
access-list outside_access_in extended permit tcp any any eq 3389
access-list outside_access_in extended permit tcp any any eq 23032
access-list outside_access_in extended permit tcp any any eq 32023
access-list outside_access_in extended permit tcp any any eq 3399
access-list outside_access_in extended permit udp any any eq 250
access-list outside_access_in extended permit udp any any eq 5008
access-list outside_access_in extended permit icmp any any
access-list splittunn-ppso extended permit ip 10.0.4.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list splittunn-ppso extended permit ip 10.0.3.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list nonat extended permit ip 10.0.4.0 255.255.255.0 10.10.10.0 255.255.255.0
access-list nonat extended permit ip 10.0.3.0 255.255.255.0 10.10.10.0 255.255.255.0
pager lines 24
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu management 1500
ip local pool vpn-pool 10.10.10.1-10.10.10.254 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
icmp permit any outside
icmp permit any inside
no asdm history enable
arp timeout 14400
nat-control
global (outside) 101 interface
nat (inside) 0 access-list nonat
nat (inside) 101 0.0.0.0 0.0.0.0
static (inside,outside) tcp interface 50000 10.0.4.58 50000 netmask 255.255.255.255
static (inside,outside) tcp interface ssh 10.0.4.7 ssh netmask 255.255.255.255
static (inside,outside) tcp interface 3390 10.0.3.249 3390 netmask 255.255.255.255
static (inside,outside) tcp interface 8066 10.0.3.249 8066 netmask 255.255.255.255
static (inside,outside) tcp interface 22225 10.0.4.58 22225 netmask 255.255.255.255
static (inside,outside) tcp interface 1600 10.0.4.58 1600 netmask 255.255.255.255
static (inside,outside) tcp interface 37260 10.0.4.58 37260 netmask 255.255.255.255
static (inside,outside) tcp interface 37261 10.0.4.58 37261 netmask 255.255.255.255
static (inside,outside) tcp interface 37262 10.0.4.58 37262 netmask 255.255.255.255
static (inside,outside) tcp interface 37263 10.0.4.58 37263 netmask 255.255.255.255
static (inside,outside) tcp interface 37264 10.0.4.58 37264 netmask 255.255.255.255
static (inside,outside) tcp interface 1433 10.0.4.240 1433 netmask 255.255.255.255
static (inside,outside) udp interface 5008 10.0.4.240 5008 netmask 255.255.255.255
static (inside,outside) udp interface 249 10.0.4.240 249 netmask 255.255.255.255
static (inside,outside) tcp interface 250 10.0.4.240 250 netmask 255.255.255.255
static (inside,outside) tcp interface www 10.0.4.15 www netmask 255.255.255.255
static (inside,outside) tcp interface citrix-ica 10.0.4.15 citrix-ica netmask 255.255.255.255
static (inside,outside) tcp interface 8080 10.0.4.15 8080 netmask 255.255.255.255
static (inside,outside) tcp interface 85 10.0.4.15 85 netmask 255.255.255.255
static (inside,outside) tcp interface 8069 10.0.4.236 8069 netmask 255.255.255.255
static (inside,outside) tcp interface 3399 10.0.4.236 3389 netmask 255.255.255.255
static (inside,outside) tcp interface 23032 10.0.4.244 23032 netmask 255.255.255.255
static (inside,outside) tcp interface 32023 10.0.4.244 32023 netmask 255.255.255.255
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 x.x.x.x 1
route inside 10.0.3.0 255.255.255.0 10.0.4.205 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 0.0.0.0 0.0.0.0 inside
http 0.0.0.0 0.0.0.0 management
http x.x.x.x x.x.x.x outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca 6ecc7aa5a7032009b8cebcf4e952d491
308205ec 308204d4 a0030201 0202106e cc7aa5a7 032009b8 cebcf4e9 52d49130
0d06092a 864886f7 0d010105 05003081 ca310b30 09060355 04061302 55533117
30150603 55040a13 0e566572 69536967 6e2c2049 6e632e31 1f301d06 0355040b
13165665 72695369 676e2054 72757374 204e6574 776f726b 313a3038 06035504
0b133128 63292032 30303620 56657269 5369676e 2c20496e 632e202d 20466f72
20617574 686f7269 7a656420 75736520 6f6e6c79 31453043 06035504 03133c56
65726953 69676e20 436c6173 73203320 5075626c 69632050 72696d61 72792043
65727469 66696361 74696f6e 20417574 686f7269 7479202d 20473530 1e170d31
30303230 38303030 3030305a 170d3230 30323037 32333539 35395a30 81b5310b
30090603 55040613 02555331 17301506 0355040a 130e5665 72695369 676e2c20
496e632e 311f301d 06035504 0b131656 65726953 69676e20 54727573 74204e65
74776f72 6b313b30 39060355 040b1332 5465726d 73206f66 20757365 20617420
68747470 733a2f2f 7777772e 76657269 7369676e 2e636f6d 2f727061 20286329
3130312f 302d0603 55040313 26566572 69536967 6e20436c 61737320 33205365
63757265 20536572 76657220 4341202d 20473330 82012230 0d06092a 864886f7
0d010101 05000382 010f0030 82010a02 82010100 b187841f c20c45f5 bcab2597
a7ada23e 9cbaf6c1 39b88bca c2ac56c6 e5bb658e 444f4dce 6fed094a d4af4e10
9c688b2e 957b899b 13cae234 34c1f35b f3497b62 83488174 d188786c 0253f9bc
7f432657 5833833b 330a17b0 d04e9124 ad867d64 12dc744a 34a11d0a ea961d0b
15fca34b 3bce6388 d0f82d0c 948610ca b69a3dca eb379c00 48358629 5078e845
63cd1941 4ff595ec 7b98d4c4 71b350be 28b38fa0 b9539cf5 ca2c23a9 fd1406e8
18b49ae8 3c6e81fd e4cd3536 b351d369 ec12ba56 6e6f9b57 c58b14e7 0ec79ced
4a546ac9 4dc5bf11 b1ae1c67 81cb4455 33997f24 9b3f5345 7f861af3 3cfa6d7f
81f5b84a d3f58537 1cb5a6d0 09e4187b 384efa0f 02030100 01a38201 df308201
db303406 082b0601 05050701 01042830 26302406 082b0601 05050730 01861868
7474703a 2f2f6f63 73702e76 65726973 69676e2e 636f6d30 12060355 1d130101
ff040830 060101ff 02010030 70060355 1d200469 30673065 060b6086 480186f8
45010717 03305630 2806082b 06010505 07020116 1c687474 70733a2f 2f777777
2e766572 69736967 6e2e636f 6d2f6370 73302a06 082b0601 05050702 02301e1a
1c687474 70733a2f 2f777777 2e766572 69736967 6e2e636f 6d2f7270 61303406
03551d1f 042d302b 3029a027 a0258623 68747470 3a2f2f63 726c2e76 65726973
69676e2e 636f6d2f 70636133 2d67352e 63726c30 0e060355 1d0f0101 ff040403
02010630 6d06082b 06010505 07010c04 61305fa1 5da05b30 59305730 55160969
6d616765 2f676966 3021301f 30070605 2b0e0302 1a04148f e5d31a86 ac8d8e6b
c3cf806a d448182c 7b192e30 25162368 7474703a 2f2f6c6f 676f2e76 65726973
69676e2e 636f6d2f 76736c6f 676f2e67 69663028 0603551d 11042130 1fa41d30
1b311930 17060355 04031310 56657269 5369676e 4d504b49 2d322d36 301d0603
551d0e04 1604140d 445c1653 44c1827e 1d20ab25 f40163d8 be79a530 1f060355
1d230418 30168014 7fd365a7 c2ddecbb f03009f3 4339fa02 af333133 300d0609
2a864886 f70d0101 05050003 82010100 0c8324ef ddc30cd9 589cfe36 b6eb8a80
4bd1a3f7 9df3cc53 ef829ea3 a1e697c1 589d756c e01d1b4c fad1c12d 05c0ea6e
b2227055 d9203340 3307c265 83fa8f43 379bea0e 9a6c70ee f69c803b d937f47a
6decd018 7d494aca 99c71928 a2bed877 24f78526 866d8705 404167d1 273aeddc
481d22cd 0b0b8bbc f4b17bfd b499a8e9 762ae11a 2d876e74 d388dd1e 22c6df16
b62b8214 0a945cf2 50ecafce ff62370d ad65d306 4153ed02 14c8b558 28a1ace0
5becb37f 954afb03 c8ad26db e6667812 4ad99f42 fbe198e6 42839b8f 8f6724e8
6119b5dd cdb50b26 058ec36e c4c875b8 46cfe218 065ea9ae a8819a47 16de0c28
6c2527b9 deb78458 c61f381e a4c4cb66
quit
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet x.x.x.x 255.255.255.255 outside
telnet 0.0.0.0 0.0.0.0 inside
telnet 0.0.0.0 0.0.0.0 management
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh 0.0.0.0 0.0.0.0 management
ssh timeout 5
console timeout 0
management-access inside
dhcpd address 192.168.1.2-192.168.1.254 management
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
enable outside
group-policy ppso internal
group-policy ppso attributes
dns-server value 10.0.4.241 10.0.4.14
split-tunnel-policy tunnelspecified
split-tunnel-network-list value splittunn-ppso
default-domain value ppso.local
split-dns value ppso.local
address-pools value vpn-pool
tunnel-group VPN type remote-access
tunnel-group VPN general-attributes
address-pool vpn-pool
default-group-policy VPN
tunnel-group VPN ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp
service-policy global_policy global
prompt hostname context
call-home reporting anonymous
Cryptochecksum:88a9b69fc3d718c3badfa99db2c7ce4fYeah, I figured out where my problem was.
My IP Local Pool range was the problem.
I was using 10.10.10.0 which conflicted with a point-to-point connection where the serial interfaces were numbered and using 10.10.10.1 and 10.10.10.2.
Traffic would leave the firewall, hit the intended host, go back through my core router, then off to the other network.
I changed my ip local pool to a different range (192.168.100.0) and my problem was solved. -
Remote Access VPN - Unable to Access LAN / Inside Network
Hi,
I am facing a problem with Cisco ASA remote access VPN, the remote client is connected to VPN and receiving IP address but the client is not able to ping or telnet any internal network.
I have attached running configuration for your reference. Please let me know I miss any configuartion.
FW : ASA5510
Version : 8.0
Note : Site to Site VPN is working without any issues
Thanks
JamalHi,
Very nice network diagram
Are you saying that originally the VPN Client user is behind the Jeddah ASA?
If this is true wouldnt it be wiser to just use the already existing L2L VPN between these sites?
In real situation I think the VPN Client would only be needed when you are outside either Head Quarter or Jeddah Network. And since you tested it infront of the ASA and it worked there shouldnt be any problem.
Now to the reason why the VPN Client isnt working from behind the Jeddah ASA.
Can you check that the following configuration is found on the Jeddah ASA (Depending on the software level of the ASA the format of the command might change. I'm not 100% sure)
isakmp nat-traversal To enable NAT traversal globally, check that ISAKMP is enabled (you can enable it with the isakmp enable command) in global configuration mode and then use the isakmp nat-traversal command. If you have enabled NAT traversal, you can disable it with the no form of this command.
isakmp nat-traversal natkeepalive
no isakmp nat-traversal natkeepalive
Syntax Description
natkeepalive
Sets the NAT keep alive interval, from 10 to 3600 seconds. The default is 20 seconds.
Defaults
By default, NAT traversal (isakmp nat-traversal) is disabled.
Command Modes
The following table shows the modes in which you can enter the command:
Command Mode
Firewall Mode
Security Context
Routed
Transparent
Single
Multiple
Context
System
Global configuration
Command History
Release
Modification
Preexisting
This command was preexisting.
7.2(1)
This command was deprecated. The crypto isakmp nat-traversal command replaces it.
Usage Guidelines Network Address Translation (NAT), including Port Address Translation (PAT), is used in many networks where IPSec is also used, but there are a number of incompatibilities that prevent IPSec packets from successfully traversing NAT devices. NAT traversal enables ESP packets to pass through one or more NAT devices.
The security appliance supports NAT traversal as described by Version 2 and Version 3 of the IETF "UDP Encapsulation of IPsec Packets" draft, available at http://www.ietf.org/html.charters/ipsec-charter.html, and NAT traversal is supported for both dynamic and static crypto maps.
This command enables NAT-T globally on the security appliance. To disable in a crypto-map entry, use the crypto map set nat-t-disable command.
Examples
The following example, entered in global configuration mode, enables ISAKMP and then enables NAT traversal with an interval of 30 seconds:
hostname(config)# isakmp enable
hostname(config)# isakmp nat-traversal 30
- Jouni -
I have a customer that has a ASA 5510 version 8.3 with IPSEC Client Access that includes some of their networks on the Inside interface. The issue they are having is when their mobile users connect with the vpn client (which is using split tunneling), they can no longer access their web server applications that are running in the DMZ. Without the client connected, they access the web servers via the external public IP. Once they are connected via vpn, their default dns server becomes the internal AD DNS server, which resolves the DNS of the web servers to the private DMZ ip address.
Can a Remote Access VPN client connection be allowed to connect to both the DMZ interface and the Inside Interface? I had always only setup RA VPN clients to connect to networks on the Inside Interface.
I tried adding the DMZ network to the Split Tunnel list, but I could not access anything it while connected to vpn using the private IP addresses.Yes, you should be able to access DMZ subnets as well if they are added to the split tunnel ACL. You could check the NAT exemption configuration for the DMZ and also check if the ASA is forwarding the packet through DMZ interface by configuring captures on the DMZ interface.
Share the configuration if you want help with the NAT exemption part. -
Apple remote and multiple Apple TV's on same network question
I have 1st gen apple TV, Want to add 2nd gen apple tv. I assume I can do that. My real question is when using apple remote, can I control both Apple TVs independently?
Anyone have any knowledge of if this will work or not?Welcome to the Apple Community.
If you are talking about the supplied remote, as Rudegar suggests you can pair each remote with each device so that only that remote will control the device it's paired with.
To pair a remote with a device hold down the menu and FF buttons together for six seconds or until you see a chain icon on screen. However it's not all that common for the TV's to be in different locations where an unpaired remote is unlikely to control both Apple TV's together. If you leave the remotes unpaired you should be able to use either remote with either Apple TV.
Alternatively if you are talking about the remote App for the iPhone, iPad or iPod, each Apple TV will show up as a separate device and you can control any Apple TV on your network from anywhere in your home. -
Remote access and network services problem
I have a Mac Pro with two IP configs:
Ethernet 1: 69.##.##.## /255.255.255.248 [hidden for public forum security]
Ethernet 2: 10.0.0.20/255.255.255.0
My primary needs:
Able to remotely access the Mac via Remote Desktop using the public IP. Local LAN connectivity using 10.##.##.##.
Setup:
I have a 10 public IP address from my ISP and using one of the 10 now. Everything pings OK.
Question:
How can I customize the network service so that I can select the Ethernet 1 or Ethernet 2 port to use? So far it forces me select Ethernet 1 for all of the services selected. I'd like to use FTP & Web Server & Remote Access on the Ethernet 2 (public). The rest is LAN. I notice that Appletalk is only allowable on a single IP.
Quick experiment with the Internet sharing using Ethernet 2 (public) to Ethernet 1 failed to provide the desired forwarding result.
Mac Pro Mac OS X (10.4.9)I think you need to go further into the settings and define FTP etc. to the specific Ethernet. There are also settings Automatic and where you define your connection. I have a 3 inch book that I will look at to see if they address it. I to plan to do something similar, but haven't got there yet.
Michael
Maybe you are looking for
-
I am very new to web development and I'm sure it's a simple problem. I keep receiving an error " Error Executing Database Query. [Macromedia][SequeLink JDBC Driver][ODBC Socket][Microsoft][ODBC Microsoft Access Driver] Syntax error in INSERT INTO sta
-
Infotype to link Personnel Number with Vendor Master Record
Hi All, pls help me what infotype to link Personnel Number with Vendor Master Record in AP module. Customer require when Create Employee then system automatic gernerate Vendor Master. pls help us. Thanks
-
How to get Variable name in output (Report Writer/Painter)
Hello Experts, We have maintained one Repot by using Report Writer, this is the report for Cost center (periodic report), input fields are Fiscal year, Period and Cost Center. In out put system will display the selected cost center balances for indiv
-
Can't open website from iphone
Since updating to 4.0.2 I cannot open my webbased corporate email site. I get a message that Safari cannot open page, server quit responding. I have always been able to open it before and can open it on my home computer. Friend can get site on his an
-
Mi iMac no detecta altavoces externos
Reproduce a partir de los internos. Desde ajustes no me aparecen. He probado cables, reiniciar, conecté los altavoces a la pc y funcionan bien