RV320 SSL VPN ActiveX and Virtual Passage driver on Windows 7 64-bit

Similar Messages

• ASA 5505 as a SSL VPN Server and Easy VPN Client at the same time?

  Is it possible to configure and operate the ASA 5505 as a SSL VPN server and Easy VPN Client at the same time? We would like to configure a few of these without having to purchase additional ASA 5505 and use a 2 device method (1 SSL VPN Server and 1 Easy VPN Client). Thanks in advance.

  I don't think it is possible. Following links may help you
  http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a008068dabe.html
  http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008071c428.shtml

• Unable to install lan realtek rtl8101 and network controller driver on windows server 2008

  Hi Guys,
  i am trying to install realtek rtl 8101 f amily driver and network controller driver on windows server 2008 but unable to install.
  Hp device Model.:- hp pavilion g4 1303au
  Model no.:- 5c03213jsh
  network controller Device ID: PCI\VEN_168C&DEV_0032&SUBSYS_1785103C&REV_01\4&211965BF&0&0020
  Name: PCI Device
  Device ID: PCI\VEN_10EC&DEV_5209&SUBSYS_3564103C&REV_01\4&34BC5A71&0&0030
  Name: SM Bus Controller
  Device ID: PCI\VEN_1022&DEV_780B&SUBSYS_3564103C&REV_13\3&2411E6FE&0&A0
  thanks,
  Amit Rai

  Hi:
  SMBus controller:
  Here is what I have done...I have zipped up and attached below under Attachments, the raw smbus controller driver files for you to unzip and manually install. 
  Download and unzip the file.
  Go to the device manager and click on the smbus controller needing drivers.  Click on the driver tab.  Click on Update Driver.
  Select the Browse my computer for driver software option and browse to the driver folder that you unzipped.
  Make sure the Include Subfolders box is checked and the driver should install.  Then reboot.
  Ethernet:  Download and install the 1st driver on the list.
  http://www.realtek.com.tw/downloads/downloadsView.aspx?Langid=1&PNid=14&PFid=7&Level=5&Conn=4&DownTy...
  Card reader (PCI dev.):  Download and install the first driver on the list.
  http://www.realtek.com.tw/downloads/downloadsView.aspx?Langid=1&PNid=15&PFid=25&Level=4&Conn=3&DownT...
  Wireless:  You will have to try the Vista driver for the Atheros wireless card...
  http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/psi/swdDetails/?sp4ts.oid=5060882&sp...
  Attachments:
  sp66185.zip ‏7 KB

• EasyVPN on RV320 + SSL-VPN + Mac IPSec

  I just bought a Cisco RV320, and am trying to get it configured for providing VPN connectivity
  Starting with the EasyVPN I have setup a full tunnel using the defaults, and it shows it created to the ip address 192.168.168.0/24 - which makes sense to me as that is the local LAN the device is connected to.
  When I go the "Summary" page, it shows the Virtual IP Range as 172.16.100.100-100.129.
  I've installed the EasyVPN client on my target (Windows) machine, I get a connect, and I am tunnelled through the VPN, I can get out to the internet, but I have no access to the 192.168.168.0/24 network which is the desired local LAN I want to connect to.
  It would appear that I am missing a route from the virtual 172.16.100.0 network to the local LAN.  Any suggestions on how to resolve this?
  As a backup, I tried setting up the SSL-VPN, and while I authenticate and connect, every time I try to launch the VirtualPassage get an error that the "Port is in use", and the adapter fails to install.
  I also have a Mac that I want to use with this device.  The CD came with a client - vpnclient-darwin-4.9.01.0280-universal-k9.dmg - which installs, but gives an error saying it cannot talk to the VPN subsystem.
  Is an EasyVPN an actual IPSec VPN, and will the native Mac Cisco IPSec VPN work as a client?
  My priorities are:
  1.  Get the EasyVPN working in full tunnel mode on my Win-7 x32, and be able to connect to the target 192.168.168.0 network.
  2.  Get the VPN going on my Macbook (running Mavericks)
  3.  Get the SSL VPN working.
  If anyone can help me with this it would be greatly appreciated.
  One last question - the RV320 also allows the creation of a "Group VPN".  What is the difference between it and the EasyVPN?  It looks pretty similar except for the "Remote Client Domain Name" which can't be left empty.  The remote client will be multiple laptops: what would one put for a Domain Name?
  The EasyVPN is just that, but if I want a real IPSec VPN with a "shared secret", and be compatible with the Mac, what is the best way to configure the RV320?
  As an aside, I know the Mac Cisco IPSec client works as I use it to connect to my work VPN which is an enterprise level ASA device.
  Thanks for any help you can give.

  The short answer is , get rid of the RV320 and get a different router.
  The RV320 VPN is buggy and Cisco apparently couldn't care less since the last firmware was released over 7 month ago.
  I haven't been able to get mine to work consistently and found out that I'm not alone after searching the web for an answer.
  You could give PPTP a try if you are not too concerned about security.
  Good luck.

• SSL VPN Tunnel and Windows 7

  Hi
  I have a SA520W with firmware 2.1.18 and are having huge trouble getting windows 7 clients to connect using the SSL VPN Tunnel in Split mode. I've tested the registered users using an XP machine, and they are able to log in just fine and I can ping servers on the inside of the network. On windows 7, however, the VPN tunnel is created, but no IP trafic flows over the virtual network adapter and I'm not able to ping resources on the inside of the network. For the XP clients, the SSL VPN tunnel works like a charm, but not not 7.
  Are there any consideration to be taken on windows 7 to enable trafic over the SSL VPN virtual network adapter?
  Windows firewall?
  SSL service?

  Hi skcisco11,
  You can alternatively use Cisco VPN Client if your SA520 has firmware version 2.1.18 and above. Here is a document how to set it up:
  http://www.cisco.com/en/US/docs/security/multi_function_security/multi_function_security_appliance/sa_500/technote/note/SA500_vpnclient_appnote.pdf
  Alternatively, please use the following document on how to setup SSL VPN.  If you are using a local database on the SA520 to authenticate users,, then ignore the references to Active Directory.
  http://www.cisco.com/en/US/docs/security/multi_function_security/multi_function_security_appliance/sa_500/technote/note/active_directory.pdf
  Hope this helps,
  Julio

• RV320 SSL VPN web service unable to connect port 56000 56001...

  I have recently installed a RV320 dual WAN small business router in order to use the SSL VPN functionality to allow secure access to our intranet pages which are hosted on a server inside our network. I have the latest firmware installed on the router.
  With the firewall feature of the RV320 disabled - After logging in to the router remotely via the HTTPS interface, I am able to use the web-based services such as SSH and NetworkPls. However, when using the HTTP and HTTPS services I receive a web browser unable to connect error on port 56000, 1, 2, 3 ... This is regardless of whether I enter a URL or IP address on the network behind the router or on the internet.
  Enabling the firewall feature of the RV320 gives a different result - when any IP or URL is entered into the box in the second image below, the router log-in page is loaded instead of the required site. I have pasted an extract from the log at the bottom of this post although it doesn't seem to contain any relevant information. As a separate issue, you will also notice that users connecting to the router brings up [HACK] SynFlooding Attack in error.
  Can anyone explain why this is happening? Alternatively, does anyone have a guide for setting up a IPSec VPN with this router? There seems to be very little literature available for this model.
  Thanks in advance for your help.
  Log extract
  2013-11-02, 11:36:19
  Connection Accepted
  IN=eth1 OUT=eth0 SRC=178.239.83.183 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00  TTL=54 ID=57573 DF PROTO=TCP SPT=54925 DPT=993 WINDOW=5840 RES=0x00 SYN  URGP=0
  2013-11-02, 11:36:19
  [HACK] SynFlooding Attack
  IN=eth1 OUT=eth0 SRC=178.239.83.183 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00  TTL=54 ID=57573 DF PROTO=TCP SPT=54925 DPT=993 WINDOW=5840 RES=0x00 SYN  URGP=0
  2013-11-02, 11:31:53
  Connection Accepted
  IN=eth1 OUT=eth0 SRC=178.239.83.156 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00  TTL=53 ID=50721 DF PROTO=TCP SPT=55634 DPT=993 WINDOW=5840 RES=0x00 SYN  URGP=0
  2013-11-02, 11:31:53
  [HACK] SynFlooding Attack
  IN=eth1 OUT=eth0 SRC=178.239.83.156 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=60 TOS=0x00 PREC=0x00  TTL=53 ID=50721 DF PROTO=TCP SPT=55634 DPT=993 WINDOW=5840 RES=0x00 SYN  URGP=0
  2013-11-02, 11:31:38
  User Log
  User cisco login success from 221.142.25.181
  2013-11-02, 11:31:38
  User Log
  User cisco login success from 221.142.25.181
  2013-11-02, 11:29:49
  Kernel
  kernel: upnp idx=83, ip=192.168.10.220, eport=59725, iport=59725
  2013-11-02, 11:29:49
  Kernel
  kernel: wrong ip[0],not_list[0]
  2013-11-02, 11:29:43
  Connection Accepted
  IN=eth1 OUT=eth0 SRC=176.251.102.32 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=64 TOS=0x00 PREC=0x00  TTL=52 ID=44670 DF PROTO=TCP SPT=49423 DPT=143 WINDOW=65535 RES=0x00 SYN  URGP=0
  2013-11-02, 11:29:43
  [HACK] SynFlooding Attack
  IN=eth1 OUT=eth0 SRC=176.251.102.32 DST=192.168.10.100  DMAC=e0:2f:6d:75:35:7d SMAC=d4:ca:6d:98:3e:55 LEN=64 TOS=0x00 PREC=0x00  TTL=52 ID=44670 DF PROTO=TCP SPT=49423 DPT=143 WINDOW=65535 RES=0x00 SYN  URGP=0
  2013-11-02, 11:29:12
  Kernel
  kernel: upnp idx=83, ip=192.168.10.220, eport=59725, iport=59725
  2013-11-02, 11:29:12
  Kernel
  kernel: wrong ip[0],not_list[0]
  2013-11-02, 11:29:12
  SSL Log
  User ben login success from 221.142.25.181

  After lots of trial and error, I was able to eliminate this problem.  What I wound up doing is defining the XE service again in the listener.ora file:
  SID_LIST_LISTENER =
    (SID_LIST =
      (SID_DESC =
        (SID_NAME = XE)
        (ORACLE_HOME = C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server)
  I know that typically you should not have to do this, especially since I already had defined DEFAULT_SERIVCE_LISTENER = (XE) at the bottom of the listener.ora file.  Explicitly defining the XE service in the listener.ora file allows the listener to find it while the system is running under the Cisco AnyConnect VPN.  The only hiccup I found by doing this is that the XE service is discovered twice by the listener when the system is NOT running under the Cisco AnyConnect VPN.  It still works OK.  The listener just seems to ignore the repeated definition of the XE service (see output below):
  C:\ProgramData\oraclexe\app\oracle\product\11.2.0\server\bin>lsnrctl service
  LSNRCTL for 32-bit Windows: Version 11.2.0.2.0 - Production on 13-JUN-2013 10:03:15
  .......(omitted output).......
  Service "XE" has 2 instance(s).
    Instance "XE", status UNKNOWN, has 1 handler(s) for this service...
      Handler(s):
        "DEDICATED" established:0 refused:0
           LOCAL SERVER
    Instance "xe", status READY, has 1 handler(s) for this service...
      Handler(s):
        "DEDICATED" established:0 refused:0 state:ready
           LOCAL SERVER
  Service "XEXDB" has 1 instance(s).
    Instance "xe", status READY, has 1 handler(s) for this service...
      Handler(s):
        "D000" established:0 refused:0 current:0 max:1022 state:ready
           DISPATCHER <machine: DEV-M-137GF, pid: 5544>
  (ADDRESS=(PROTOCOL=tcp)(HOST=DEV-M-137GF.paychex.com)(PORT=58257))
  The command completed successfully
  If anyone has a cleaner solution for this problem, please let me know.  Otherwise, I am moving forward with what I did.
  Thanks.....Paul

• How do I remove a virtual CD drive in Windows 8?

  One of my friends used my computer to download Sims 3, and now I have a virus. It seems to have created a whole virtual CD drive (J:) on my computer, and I can't delete any of it. The drive won't eject or delete. I followed the instructions in another page
  of the forum under "windows 8 disk management remove basic virtual disk," but it doesn't see (J:). It sees several other drives, just not that one. The virus is on this drive, and Norton isn't seeing it elsewhere, so I can't just delete that either,
  as it's showing the "disk" as read-only. Do you have any suggestions on how to fix this problem?
  Thank you so much!
  PS: I have a screenshot if that would help. The forum won't allow me to post it here.
  PPS: The instructions I followed from the other forum page are: "If you don't want the virtual hard disk any longer, all you have to do is delete it.  You don't give specifics, so I will have to guess. 
  If this is a virtual hard disk used by a VM you tried to create in Hyper-V, first go into Hyper-V and delete the VM.  That just deletes the VM - not the disk.  After deleting the VM, there should be no process using the virtual hard drive, so you
  just have to delete it.
  Another thing you might have done is to create the VHD and mounted it to Windows 8.  In this case, you can't delete it because Windows 8 owns it.  Start computer management (compmgmt.msc).  Go to Disk Managment.  Find the entry for your
  VHD.  Right-click and detach it.  Then you can delete it.
  If it is not one of these things, you are going to have to give a more complete description of your environment and what is preventing you from deleting it.  .:|:.:|:. tim"

  Go to Device Manager, check if the virtual CD drive is available. If yes, disable or uninstall the device.
  Niki Han
  TechNet Community Support

• SSL VPN Full and Split Tunnel Config Question

  I am Beta testing SSLVPN on an IOS router. The question I have is this:
  Is it possiable to have slit and full tunnel configs. It seems that once you create your context and default profile that is all you have either split or full. The books say you can use Radius and assign different profiles but, I would like to give the users a choice (like in the VPN3000 .pcf) of either split or full depending on where they are working from.

  The below is an example using the ASA - but the principle remains the same:-
  http://www.cisco.com/en/US/customer/products/ps6120/products_configuration_example09186a0080975e83.shtml
  HTH>

• Installing Windows 7 one Mac Pro with SL RAID0, and 1 extra drive 4 windows

  So i have snow leopard installed on a RAID 0. I also have a single remaining hdd that has my old Leopard on it. I want to install windows 7 on that remaining internal hdd but bootcamp won't allow me to run setup because it says it doesn't support RAIDs, even though i'm not trying to install windows on the RAID.
  Can someone please help me out here? Someone on another forum suggested an AHCI, but i have no experience with them. Be Detailed if you could...

  First, try doing what I first suggested, pull your RAID.
  Boot Camp Assistant is more trouble than it is worth, and it isn't needed for what you want to do. Format the drive with Disk Utility to MBR/FAT, or just let Windows DVD do it all.

• Crystal reports connectiong to Salesforce Driver on Windows 64 bit server

  Hi,
  We are in the process of  migrating our Crystal reports reports from BOXIR2 to R3. The R3 server is built on Wondows 2003 64bit server.
  The reports work fine in 32bit windows2003 server on XIR2 environment.
  Refreshing  the crytsal reports in BOXIR3 nfoview  on 64 bit server in  connceting to SFDC databse fails with a error inavalid database argument.
  Refreshing the same report using CR 2008 client fails with an error message below.
  Invalid Argument provided. Details: Java Server startup failure. Please verify the PATH (JDK), CLASSPATH and IORFileLocation properties in the CRConfig.xml file. In addition, please verify you are using JDK 1.5.
  Any help is appreciated.
  Thanks,
  Chinna

  This error usually means there is an issue with the Sales Force driver. Take a look at SAP Note 1197347 (same issue on an older version of Crystal Reports/BOE software).
  Also take a look at SAP Note 1400317 if you installed SP2 on Crystal Reports 2008, another possible cause
  Edited by: Andrew Kuhn on Apr 21, 2010 2:27 PM

• Not able to install HANA client and Studio developer edition on Windows(64 bit)

  Hi,
  I have recently downloaded SAP HANA client and Studio developer edition package for Windows 64.
  ngdbc_rev68
  sap_hana_win64_client_rev80
  sap_hana_win64_studio_rev80
  Bit,but I am not able to install it on my machine.
  It is giving me error:
  Cannot install
    Cannot install Microsoft C/C++ Runtime
      Starting external program C:\Users\spragya\CSC\SAP HANA\Client and Studio\sap_hana_win64_studio_rev80\studio\msdev2010_vcredist_x64.exe
        Command line is: "C:\Users\spragya\CSC\SAP HANA\Client and Studio\sap_hana_win64_studio_rev80\studio\msdev2010_vcredist_x64.exe" /q
        Program terminated with exit code 1603
  Can someone please let me know what is this issue and this can be rectified.
  Screen image of the error attached for reference.

  Hi Pragya,
  Did you check : 1) Administrator Access while installing Microsoft C++ Runtime, 2) enough space on your disk, 3) try uninstalling the MS C++ old version 4) Empty Windows Temp folders
  Also check if the environment variables are set right on your Windows machine.
  Regards
  Avinash Raju

• SSL VPN message "This (client) machine does not have the web access privilege."

  Hello!
  I am trying to configure the SSL VPN (WebVPN) and I am almost done but when clicking on the URL's I configured in the bookmarks, I get the message "This (client) machine does not have the web access privilege. Please contact your SSLVPN provider for assistance." I looked through the many tutorials and guides in existence and none talks about such error and the fix for it. In fact, if I search the net for this error message I get only one match, in the Cisco website, where is say that "The client computer does not meet the security criteria of having web access functionality through the SSL VPN gateway." and as fix it gave this tip "Check the URL to the gateway or contact the administrator if it persists." So, nothing on the website about what this issue is and how to fix it. I will provide my IOS configuration and hopefully someone will spot the issue. Here it goes:
  version 12.4
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname R1
  boot-start-marker
  boot-end-marker
  logging message-counter syslog
  no logging buffered
  enable secret 5 $1$1LLX$u7aTc8XfNqPZhPVGwEF/J0
  enable password xxxxxxxx
  aaa new-model
  aaa authentication login userAuthen local
  aaa authentication login sdm_vpn_xauth_ml_1 local
  aaa authorization network groupauthor local
  aaa session-id common
  crypto pki trustpoint TP-self-signed-1279712955
  enrollment selfsigned
  subject-name cn=IOS-Self-Signed-Certificate-1279712955
  revocation-check none
  rsakeypair TP-self-signed-1279712955
  crypto pki certificate chain TP-self-signed-1279712955
  certificate self-signed 01
    3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 31323739 37313239 3535301E 170D3130 30333233 31313030
    33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 32373937
    31323935 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100A8EF 34E3E792 36660498 9801F934 E8A41865 3599EA35 B073AC91 D7A53AF4
    A4390D2F CB3DB2DE 936B28F0 A25F3CE1 6F40FD9E E79096F2 F89620E0 B31A7B34
    649BBA22 AE44CB55 9F38BF0C 2F2770CF 8380C167 C17D760C 380E28E4 FF7D6874
    9EFC310A 2AA60835 F1AA384F CD1A0173 19C98192 EBFBD531 24CB9203 EA9E7D54
    B2C30203 010001A3 62306030 0F060355 1D130101 FF040530 030101FF 300D0603
    551D1104 06300482 02523130 1F060355 1D230418 30168014 0D9D62EC DA77EAF3
    11ABF64D 933633F9 2BA362DC 301D0603 551D0E04 1604140D 9D62ECDA 77EAF311
    ABF64D93 3633F92B A362DC30 0D06092A 864886F7 0D010104 05000381 81006853
    48ED4E3E 5721C653 D9A2547C 36E4F0CB A6764B29 9AFFD30A 1B382C8C C6FDAA55
    265BCF6C 51023F5D 4AF6E177 C76C4560 57DE5259 40DE4254 E79B3E13 ABD0A78D
    7E0B623A 0F2D9C01 E72EF37D 5BAB72FF 65A176A1 E3709758 0229A66B 510F9AA2
    495CBB4B 2CD721A7 D6F6EB43 65538BE6 B45550D7 A80A4504 E529D092 73CD
     quit
  dot11 syslog
  ip source-route
  ip dhcp excluded-address 192.168.0.1 192.168.0.10
  ip dhcp pool myPOOL
     network 192.168.0.0 255.255.255.0
     default-router 192.168.0.1
     dns-server 87.216.1.65 87.216.1.66
  ip cef
  ip name-server 87.216.1.65
  ip name-server 87.216.1.66
  ip ddns update method mydyndnsupdate
  HTTP
    add http://username:[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
  interval maximum 1 0 0 0
  no ipv6 cef
  multilink bundle-name authenticated
  vpdn enable
  vpdn-group pppoe
  request-dialin
    protocol pppoe
  username cisco privilege 15 password 0 xxxxxxxx
  crypto isakmp policy 3
  encr 3des
  authentication pre-share
  group 2
  crypto isakmp fragmentation
  crypto isakmp client configuration group vpnclient
  key cisco123
  domain selfip.net
  pool ippool
  acl 110
  crypto ipsec transform-set myset esp-3des esp-md5-hmac
  crypto dynamic-map dynmap 10
  set transform-set myset
  reverse-route
  crypto map clientmap client authentication list userAuthen
  crypto map clientmap isakmp authorization list groupauthor
  crypto map clientmap client configuration address respond
  crypto map clientmap 10 ipsec-isakmp dynamic dynmap
  archive
  log config
    hidekeys
  interface Loopback0
  ip address 10.11.0.1 255.255.255.0
  ip nat inside
  ip virtual-reassembly
  interface Loopback2
  description SSL VPN Website IP address
  ip address 10.10.10.1 255.255.255.0
  interface Loopback1
  description SSL DHCP Pool Gateway Address
  ip address 192.168.250.1 255.255.255.0
  interface FastEthernet0
  description $ES_LAN$
  ip address 192.168.0.1 255.255.255.0
  ip nat inside
  ip virtual-reassembly
  duplex auto
  speed auto
  interface BRI0
  no ip address
  encapsulation hdlc
  shutdown
  interface FastEthernet1
  interface FastEthernet2
  switchport access vlan 2
  interface FastEthernet3
  interface FastEthernet4
  interface FastEthernet5
  interface FastEthernet6
  interface FastEthernet7
  interface FastEthernet8
  interface ATM0
  no ip address
  no atm ilmi-keepalive
  pvc 8/35
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  bundle-enable
  dsl operating-mode auto
  interface Vlan1
  no ip address
  interface Dialer1
  ip ddns update hostname myserver.selfip.net
  ip ddns update mydyndnsupdate host members.dyndns.org
  ip address negotiated
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  ip policy route-map VPN-Client
  dialer pool 1
  ppp chap hostname xxx
  ppp chap password 0 xxxx
  ppp pap sent-username xxx password 0 xxxx
  crypto map clientmap
  ip local pool ippool 192.168.50.100 192.168.50.200
  ip local pool sslvpnpool 192.168.250.2 192.168.250.100
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 Dialer1
  ip http server
  ip http authentication local
  ip http secure-server
  ip nat inside source static tcp 192.168.0.2 21 interface Dialer1 790
  ip nat inside source static tcp 192.168.0.15 21 interface Dialer1 789
  ip nat inside source list 102 interface Dialer1 overload
  ip nat inside source static tcp 10.10.10.1 443 interface Dialer1 443
  ip nat inside source static tcp 10.10.10.1 80 interface Dialer1 80
  access-list 102 deny   ip 192.168.0.0 0.0.0.255 192.168.50.0 0.0.0.255
  access-list 102 permit ip 192.168.0.0 0.0.0.255 any
  access-list 110 permit ip 192.168.0.0 0.0.0.255 192.168.50.0 0.0.0.255
  access-list 144 permit ip 192.168.50.0 0.0.0.255 any
  route-map VPN-Client permit 10
  match ip address 144
  set ip next-hop 10.11.0.2
  control-plane
  banner motd ^C
  ================================================================
                  UNAUTHORISED ACCESS IS PROHIBITED!!!
  =================================================================
  ^C
  line con 0
  line aux 0
  line vty 0 4
  password mypassword
  transport input telnet ssh
  webvpn gateway MyGateway
  ip address 10.10.10.1 port 443 
  http-redirect port 80
  ssl trustpoint TP-self-signed-1279712955
  inservice
  webvpn install svc flash:/webvpn/svc_1.pkg sequence 1
  webvpn install csd flash:/webvpn/sdesktop.pkg
  webvpn context SecureMeContext
  title "My SSL VPN Service"
  secondary-color #C0C0C0
  title-color #808080
  ssl authenticate verify all
  url-list "MyServers"
     heading "My Intranet"
     url-text "Cisco" url-value "http://192.168.0.2"
     url-text "NetGear" url-value "http://192.168.0.3"
  login-message "Welcome to My VPN"
  policy group MyDefaultPolicy
     url-list "MyServers"
     functions svc-enabled
     svc address-pool "sslvpnpool"
     svc keep-client-installed
  default-group-policy MyDefaultPolicy
  aaa authentication list userAuthen
  gateway MyGateway domain testvpn
  max-users 100
  csd enable
  inservice
  end
  Thank you!

  Hi,
  Please check SAP note:
  2004579 - You cannot create a FR company from a Package
  Thanks & Regards,
  Nagarajan

• I can not map a network drive in window 8.1 via VPN

   Dear sir / madam,
  I face a big problem. My company use VPN Connection. After my company upgrade the window from Window 7 to Window8.1 , we find that we can not reconnect the network drive. please find the details below:
  1. I success to map drive and then logout / switch user.
  2. wait two /three hours
  3. i find the drive  is disconnected.
  4. when I try to reconnect, window can not find again. then I try to use netstat
  C:\Windows\system32>netstat
    TCP    172.28.97.31:58206     test-server:http       TIME_WAIT
  Then, i try to use cmd
  5 it show reconnect successful by net use command. However , I need waste many time  and I can not find the drive in window.
  if I restart window, i can reconnect it quickly and find the drive in window.
  the server is window server 2008 r2 and located at difference site.
  if the server and PC located at same site, it is no problem.
  both the server and PC are joined in same domain.
  it is dell server and Lenovo M82 PC
  please help me to solve the problem
  (window 7 also have this problem. However, i can click the drive and it can reconnect quictly.i cannot do this in window 8.1.......it loop again)
  thanks

  Hi,
  Is there any error message throwed when you reconnect the mapped drive? Can you directly access the UNC path of the mapped drive? What VPN programs do you use? Please check if the VPN client connect correctly.
  You could refer to the thread below to check if the AD account is restricted by VPN.
  Can't access mapped drives through VPN when away from office
  http://social.technet.microsoft.com/Forums/windows/en-US/a0ca41aa-08b8-4e46-a314-ffb7e401bd7a/cant-access-mapped-drives-through-vpn-when-away-from-office?forum=w7itpronetworking
  Best Regards,
  Mandy 
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• I can not map a network drive in window 8.1 under VPN

  Dear sir / madam,
  I face a big problem. My company use VPN Connection. After my company upgrade the window from Window 7 to Window8.1 , we find that we can not reconnect the network drive. please find the details below:
  1. I success to map drive and then logout / switch user.
  2. wait two /three hours
  3. i find the drive  is disconnected.
  4. when I try to reconnect, window can not find again. then I try to use netstat
  C:\Windows\system32>netstat
    TCP    172.28.97.31:58206     test-server:http       TIME_WAIT
  Then, i try to use cmd , net use /delete and then try to reconnect  test-server
  5 it show reconnect successful by net use command. However , I need waste many time  and I can not find the drive in window.
  if I restart window, i can reconnect it quickly and find the drive in window.
  the server are window server 2008 r2 and server 2012, they located at difference site.
  if the server and PC located at same site, it is no problem.
  both the server and PC are joined in same domain.
  it is dell server and Lenovo M82 PC( Intel Lan 82579LM/V Driver)
  please help me to solve the problem
  (window 7 also have this problem. However, i can click the drive and it can reconnect quictly.i cannot do this in window 8.1.......it loop again)
  thanks

  Hi,
  How did you map the network drive? Manually via GUI? Command? GPP? If you're using one of the above solutions, then try other solutions as a alternative way to check the result.
  According to your description, If Windows remains unable to reconnect mapped Network Drive at login, then I would suggest you created a batch file with net use command, use it as an logon script, this provides an alternate way to reconnect drives on
  a re-logon.
  example
  @echo off
  net use * /delete /yes
  net use x: \\server_name\shared_directory_name
  You can find detailed information in the following link
  https://helpdesk.egnyte.com/hc/en-us/articles/201638304-Mapping-a-drive-using-a-net-use-command-and-logon-scripts-for-domain-users
  http://technet.microsoft.com/en-us/library/bb490717.aspx
  NOTE
  This
  response contains a reference to a third party World Wide Web site. Microsoft is providing this information as a convenience to you.
  Microsoft
  does not control these sites and has not tested any software or information found on these sites.
  Yolanda Zhu
  TechNet Community Support

• ASA5520 AnyConnect SSL VPN Connected but unable to ping my inside LAN

  Hi there, please forgive if I have missed any forum protocols as this is my first post.
  I am trying to configure Anyconnect SSL VPN. I am able to connect to the VPN on a laptop, witch is able to download the anyconnect client from the ASA. I am unable to ping any of my IP's that are on the inside of my ASA. Before posting here I have spent many hours on forums and watching videos on anyconnect SSL VPN creation and I am following it to the T but still no ping. Any help would be very much appreciated.
  Inside              192.168.1.254/24
  Outside           dhcp
  VPN Pool        192.168.250.1-50/24
  Inside LAN     192.168.1.0/24
  : Saved
  ASA Version 8.4(4)1
  interface GigabitEthernet0/0
  nameif outside
  security-level 0
  ip address dhcp setroute
  interface GigabitEthernet0/1
  nameif inside
  security-level 99
  ip address 192.168.1.254 255.255.255.0
  interface GigabitEthernet0/2
  shutdown
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/3
  shutdown
  no nameif
  no security-level
  no ip address
  interface Management0/0
  nameif management
  security-level 99
  ip address 192.168.100.1 255.255.255.0
  ftp mode passive
  dns server-group DefaultDNS
  domain-name dock.local
  same-security-traffic permit inter-interface
  object network inside-network-object
  subnet 192.168.1.0 255.255.255.0
  object network management-network-object
  subnet 192.168.100.0 255.255.255.0
  object network NETWORK_OBJ_192.168.250.0_25
  subnet 192.168.250.0 255.255.255.128
  object-group network AllInside-networks
  network-object object inside-network-object
  network-object object management-network-object
  access-list inside_access_in extended permit ip any any
  access-list outside_access_in extended permit icmp any any echo-reply
  access-list split_tunnel standard permit 192.168.1.0 255.255.255.0
  access-list split_tunnel standard permit 192.168.100.0 255.255.255.0
  pager lines 24
  logging enable
  logging asdm informational
  mtu outside 1500
  mtu inside 1500
  mtu management 1500
  ip local pool vpn_pool 192.168.250.1-192.168.250.100 mask 255.255.255.0
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-647.bin
  no asdm history enable
  arp timeout 14400
  nat (inside,outside) source dynamic AllInside-networks interface
  nat (inside,any) source static any any destination static NETWORK_OBJ_192.168.250.0_25 NETWORK_OBJ_192.168.250.0_25 no-proxy-arp route-lookup
  access-group outside_access_in in interface outside
  access-group inside_access_in in interface inside
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  http server enable 4433
  http 192.168.100.0 255.255.255.0 management
  http 192.168.1.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  telnet timeout 5
  ssh 192.168.1.0 255.255.255.0 inside
  ssh 192.168.100.0 255.255.255.0 management
  ssh timeout 5
  ssh key-exchange group dh-group1-sha1
  console timeout 0
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1
  webvpn
  enable outside
  anyconnect image disk0:/anyconnect-win-3.1.03103-k9.pkg 1
  anyconnect enable
  tunnel-group-list enable
  group-policy GroupPolicy_anyconnect internal
  group-policy GroupPolicy_anyconnect attributes
  wins-server none
  dns-server value 8.8.8.8
  vpn-tunnel-protocol ssl-client ssl-clientless
  split-tunnel-policy tunnelall
  split-tunnel-network-list value split_tunnel
  default-domain value dock.local
  username test password JAasdf434ey521ZCT encrypted privilege 15
  tunnel-group anyconnect type remote-access
  tunnel-group anyconnect general-attributes
  address-pool vpn_pool
  default-group-policy GroupPolicy_anyconnect
  tunnel-group anyconnect webvpn-attributes
  group-alias anyconnect enable
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny 
    inspect sunrpc
    inspect xdmcp
    inspect sip 
    inspect netbios
    inspect tftp
    inspect ip-options
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http
  https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email
  [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:24bcba3c4124ab371297d52260135924
  : end :

  : Saved
  ASA Version 8.4(4)1
  interface GigabitEthernet0/0
  nameif outside
  security-level 0
  ip address dhcp setroute
  interface GigabitEthernet0/1
  nameif inside
  security-level 99
  ip address 192.168.1.254 255.255.255.0
  interface GigabitEthernet0/2
  shutdown
  no nameif
  no security-level
  no ip address
  interface GigabitEthernet0/3
  shutdown
  no nameif
  no security-level
  no ip address
  interface Management0/0
  nameif management
  security-level 99
  ip address 192.168.100.1 255.255.255.0
  ftp mode passive
  dns server-group DefaultDNS
  domain-name dock.local
  same-security-traffic permit inter-interface
  object network inside-network-object
  subnet 192.168.1.0 255.255.255.0
  object network management-network-object
  subnet 192.168.100.0 255.255.255.0
  object network NETWORK_OBJ_192.168.250.0_25
  subnet 192.168.250.0 255.255.255.0
  object-group network AllInside-networks
  network-object object inside-network-object
  network-object object management-network-object
  access-list inside_access_in extended permit ip any any
  access-list outside_access_in extended permit icmp any any echo-reply
  access-list split_tunnel standard permit 192.168.1.0 255.255.255.0
  access-list split_tunnel standard permit 192.168.100.0 255.255.255.0
  pager lines 24
  logging enable
  logging asdm informational
  mtu outside 1500
  mtu inside 1500
  mtu management 1500
  ip local pool Anyconnect-pool 192.168.250.1-192.168.250.100 mask 255.255.255.0
  no failover
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-647.bin
  no asdm history enable
  arp timeout 14400
  nat (inside,outside) source dynamic AllInside-networks interface
  nat (inside,outside) source static inside-network-object inside-network-object destination static NETWORK_OBJ_192.168.250.0_25 NETWORK_OBJ_192.168.250.0_25
  nat (inside,outside) source static management-network-object management-network-object destination static NETWORK_OBJ_192.168.250.0_25 NETWORK_OBJ_192.168.250.0_25
  access-group outside_access_in in interface outside
  access-group inside_access_in in interface inside
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  user-identity default-domain LOCAL
  http server enable
  http 192.168.100.2 255.255.255.255 management
  http 192.168.100.0 255.255.255.0 management
  http 192.168.1.0 255.255.255.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
  telnet timeout 5
  ssh 192.168.1.0 255.255.255.0 inside
  ssh 192.168.100.0 255.255.255.0 management
  ssh timeout 5
  ssh key-exchange group dh-group1-sha1
  console timeout 0
  management-access inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1
  webvpn
  enable outside
  anyconnect image disk0:/anyconnect-win-3.1.03103-k9.pkg 1
  anyconnect enable
  tunnel-group-list enable
  group-policy GroupPolicy_Anyconnect_VPN internal
  group-policy GroupPolicy_Anyconnect_VPN attributes
  wins-server none
  dns-server value 8.8.8.8
  vpn-tunnel-protocol ssl-client
  split-tunnel-policy tunnelall
  split-tunnel-network-list value split_tunnel
  default-domain value dock.local
  username sander password f/J.5nLef/EqyPfy encrypted
  username aveha password JA8X3IiqPvFFsZCT encrypted privilege 15
  tunnel-group Anyconnect_VPN type remote-access
  tunnel-group Anyconnect_VPN general-attributes
  address-pool Anyconnect-pool
  default-group-policy GroupPolicy_Anyconnect_VPN
  tunnel-group Anyconnect_VPN webvpn-attributes
  group-alias Anyconnect_VPN enable
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
    message-length maximum client auto
    message-length maximum 512
  policy-map global_policy
  class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny 
    inspect sunrpc
    inspect xdmcp
    inspect sip 
    inspect netbios
    inspect tftp
    inspect ip-options
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  call-home
  profile CiscoTAC-1
    no active
    destination address http
  https://tools.cisco.com/its/service/oddce/services/DDCEService
    destination address email
  [email protected]
    destination transport-method http
    subscribe-to-alert-group diagnostic
    subscribe-to-alert-group environment
    subscribe-to-alert-group inventory periodic monthly
    subscribe-to-alert-group configuration periodic monthly
    subscribe-to-alert-group telemetry periodic daily
  Cryptochecksum:4636fa566ffc11b0f7858b760d974dee
  : end: