Secure Login from Internet
Hi, We are looking to make the Portal available to our clients over the internet with a secure login. Is there any way to allow us to allow login in any of the following ways?: What would be required?
1. User Logs in with User Name/Password, but only if they have a Certificate we issued to them or they have on their pc.
2. Allow the Portal to automatically log them in if they have a certificate?
Thanks
Hi,
if I understand you correctly, you want to have a mutual authentication, meaning:
1. You'll have a SSL secured connection to your portal from the Internet
2. The users do have a client certificate that your organization (CA, PKI) has issued.
The EP supports client certificates. You'll have to enable this feature on the portal server.
SAP Help: http://help.sap.com/saphelp_nw70/helpdata/en/b1/07dd3aeedb7445e10000000a114084/frameset.htm
br,
Tobias
Similar Messages
-
Cisco Jabber MRA : Cannot login from internet
Dear all,
I have the following : CUCM 10.5, IM & P 10.5, VCS C 8.2, VCS E 8.2. CUCM, IM & P, VCS C are located in the internal network. VCS E is located in the DMZ. I'm sure that firewall configuration is already opened according to Deployment Guide.
I've checked UC status in VCS C and VCS E, Unified Communications services is active, traversal zone is active.
Does anybody have any idea?
Thanks.I had a look at the jabber logs that were provided and the issue appears to be host name resolution. (atleast in this login attempt)
The client is able to successfully retrieve the collab-edge record for the "telkom.co.id" domain.
DNS query succeeded for '_collab-edge._tls.telkom.co.id.'
The client then tries to send the get_edge_config to the following address:
https://ewedge-4-uc-st.telkom.co.id.telkom.co.id:8443/dGVsa29tLmNvLmlk/get_edge_config
What's odd about this is that the request has the domain listed twice. Due to this the login is failing with a "Could not resolve host" error.
2014-08-19 16:35:47,444 INFO [0x000025a8] [ls\src\http\CurlAnswerEvaluator.cpp(108)] [csf.httpclient] [http::CurlAnswerEvaluator::curlCodeToResult] - curlCode=[6] error message=[Could not resolve host: ewedge-2-uc-st.telkom.co.id.telkom.co.id] result=[UNRESOLVED_HOST_ERROR]
2014-08-19 16:35:47,444 ERROR [0x000025a8] [ls\src\http\BasicHttpClientImpl.cpp(382)] [csf.httpclient] [http::executeImpl] - There was an issue performing the call to curl_easy_perform: UNRESOLVED_HOST_ERROR
These logs suggest that there is an error with the collab-edge response. For some reason it's listed with the domain twice. I would double check your collab-edge SRV to see how you have it formatted.
I hope this helps. -
Best practices for securing communication to internet based SCCM clients ?
What type of SSL certs does the community think should be used to secure traffic from internet based SCCM clients ? should 3rd party SSL certs be used ? When doing an inventory for example of the clients configuration in order to run reports
later how the data be protected during transit ?From a technical perspective, it doesn't matter where the certs come from as there is no difference whatsoever. A cert is a cert is a cert. The certs are *not* what provide the protection, they simply enable the use of SSL to protect the data in transit
and also provide an authentication mechanism.
From a logistics and cost perspective though, there is a huge difference. You may not be aware, but *every* client in IBCM requires its own unique client authentication certificate. This will get very expensive very quickly and is a recurring cost because
certs expire (most commercial cert vendors rarely offer certs valid for more than 3 years). Also, deploying certs from a 3rd party is not a trivial endeavor -- you more less run into chicken and egg issues here. With an internal Microsoft PKI, if designed
properly, there is zero recurring cost and deployment to internal systems is trivial. There is still certainly some cost and overhead involved, but it is dwarfed by that that comes with using with a third party CA for IBCM certs.
Jason | http://blog.configmgrftw.com | @jasonsandys -
User is not able to Login from external supplier, using the WSS (ICH)
Hi Gurus,
The user is not able to login to the server externally from url.
dev_icm is giving below warnings:
[Thr 11052] IcmWatchDogThread: watchdog started
[Thr 11309] ** WARNING => HttpPlugInInit: Parameter icm/HTTPS/trust_client_with_issuer or icm/HTTPS/trust_client_with_subject not set => do
not trust any intermediary*
X.509 cert data will be removed from header [http_plg_mt. 720]
[Thr 11309] =================================================
[Thr 11309] = SSL Initialization on IBM RS/6000 with AIX
[Thr 11309] = (700_REL,May 3 2008,mt,ascii-uc,SAP_UC/size_t/void* = 16/64/64)
[Thr 11309] profile param "ssl/ssl_lib" = "/usr/sap/SCA/SYS/exe/run/libsapcrypto.o"
resulting Filename = "/usr/sap/SCA/SYS/exe/run/libsapcrypto.o"
[Thr 11309] = found SAPCRYPTOLIB 5.5.5C pl16 (Jun 10 2004) MT-safe
[Thr 11309] = current UserID: "scaadm", env-var USER="scaadm"
[Thr 11309] = using SECUDIR=/usr/sap/SCA/DVEBMGS41/sec
[Thr 11309] = secudessl_Create_SSL_CTX(): PSE "/usr/sap/SCA/DVEBMGS41/sec/SAPSSLA.pse" not found,
[Thr 11309] = using PSE "/usr/sap/SCA/DVEBMGS41/sec/SAPSSLC.pse" as fallback
[Thr 11309] = Success -- SapCryptoLib SSL ready!
[Thr 11309] =================================================
HTTPS (SSL) settings are as below, i think which means that no ssl certifiacts are required.
icm/HTTPS/verify_client = 0
Kindly help urgently.
regards,
MJthis is SCM system.
SSL CA's are set.
what should be value of the parameters?
icm/HTTPS/trust_ client_with_ issuer or
icm/HTTPS/trust_ client_with_ subject
http and https ssl conections are correctly set.
I think the SAPSSLA. pse" not found, is not the problem as the parameter icm/HTTPS/verify_ client = 0 is set, it means that no ssl certifiacts are required.
problem is coming when the system is being accessed from externally using other secure domain name.
the system is being accessed ok from web urs which is internal, but not external.
for example in strust tcode the domain name is *abc.com, which is running fine when accessing the system internally.
but when the user is accessing this sytem from other secure login from *xyz.com, which is also the same companys domain, then the user not able to login, its showing errir. -
How can I access my home security DVR from the internet?
My Time Capsule (as a router and not a bridge) blocks me from accessing my home security DVR from the internet. I can access it from other computers connected to my LAN but not from the internet. I guess it's a firewall setting issue. I can't add the home security application to the list of firewall allowed incoming connections since it's a Windows app that I cannot install on my Mac. On the other hand, the app is installed on my old PC but I can't access the Mac firwall settings from the PC and add the security app (If that's the problem).
My DVR is connected to a Netgear switch which is connected to the Time Capsule which is connected to a Cisco modem provided by Comcast. I thought one of the modem ports had to be opened by Comcast. That was not the issue. After spending 2 hours on the phone with Comcast going in circles talking to 10 different overseas agents, they concluded the Netgear switch was blocking me from accessing the DVR. I think they are wrong and that it's a Mac firewall problem. HELP!!! Does anyone know what could be the problem and how to solve it?Did you forward the required ports in the TIme Capsule? If not it won't work.. it has nothing to do with firewall unless the DVR is plugged into the Mac. If it is plugged into a switch you need to lock the IP of the DVR and find out what ports are required.. usually just port 80, ie html.. but it could be some others.
Since Apple do not use upnp to open ports.. the TC will have to manually be provided with the ports.. Apple use PMP-NAT that is not used by the rest of the known world.. Just to ensure you stay in the camp. -
Signed By User from security login
I have a table with an calculate string so it is signed By User from security login called "Transcribed by".
I need to know how this works though if I have a second string defined by user login Called "Reviewed By".
Is there a way either through the use of separate screens or tabs to only have the information saved to either of these two when they are displayed?
Is there a way two differnent users could sign the same order and still be tied to thier secure login ID?
My Code for the "Transcribed by" string is followign does this even work?
partial void NurseTranscribing_Compute(ref string result)
result = DataWorkspace.SecurityData.UserRegistrations.Details.Name.ToString();
// Set result to the desired field valueSo the question is if I use code to assign automatically fill in the field will it know what to do if a second person signs the same entity this way. like how Created by and modified by works in VS 2013. I want an Orders screen to sign the entity entry programmatically
then a review screen for the reviewer to sign the same entry programmatically.
Would that simply work if the "Created by" property was only on the orders screen and the "Reviewed by" property was only on the review screen. -
Error message from Internet Explorer v8.0.6
My Muse test site is currently on Business Catalyst. The url is http://wfax-test.businesscatalyst.com — my client says that they get an error message from Internet Explorer version 8.0.6 "MuseJSAssert: error calling selector function: error: a security problem occurred". The good news is that this only appears on the "Schedule" page of the site. Any idea what it could be? My client is afraid for me to put the site online because of this error message.
Hi Artby,
In your page, you have a link to "http://[email protected]//[email protected]" (Saturday Afternoon at 3:00). This link is technically a valid link, but I'm not sure it is what you intended. If you where looking to create an email there, you should remove the http:// in front of the link and Muse should properly create an email link. If you were trying to go to a website, I'd recommend you check the URL again to make sure you have it right.
The link is throwing a security error because we have to do some extra processing for some of our links, so we check each of the urls and try to determine if there is extra logic we need. In this case, this link is telling the browser you'd like to "login" to the site qemi.org with the username "apostle". IE 8, by default, will block us from reading information from this type of link in case there is a password, or in case we shouldn't know the username. It is a security measure (thus the error) and should pose no risk.
If you did intend to have that URL, then this won't quite work at the moment in Muse. To work around this, you could pull out this small snippet into a custom HTML element or something, which Muse won't try and process (though you'd need to remove the class "nonblock" from the link if you copy/pasted the Muse export code).
Hope that helps,
Andrew -
I updated my system from Snow Leopard to Lion 7.3.1
Wanted to login from remote computer and then enabled the remote login in Preferences/Sharing, but when trying to login I get the error ssh_exchange_identification also if I try to login from my machine with ssh username@localhost.
I tried all what I could find on internet forums, but nothing changed.
Please help!!
DanielaHi Linc
here is the output of ssh -vvv localhost
OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011
debug1: Reading configuration data /etc/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to localhost [::1] port 22.
debug1: Connection established.
debug3: Not a RSA1 key file /Users/danielamaurizio/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /Users/danielamaurizio/.ssh/id_rsa type 1
debug1: identity file /Users/danielamaurizio/.ssh/id_rsa-cert type -1
debug1: identity file /Users/danielamaurizio/.ssh/id_dsa type -1
debug1: identity file /Users/danielamaurizio/.ssh/id_dsa-cert type -1
ssh_exchange_identification: Connection closed by remote host
[1]+ Done edit sshd_config
The following line comes from /var/log/secure.log
May 23 04:59:46 <danielamaurizio> sshd[2267]: fatal: /var/empty must be owned by root and not group or world-writable.
but I'm not sure if it's want you asked me; the owner of /var/empty is root of group sys.
By the way I had a problem that Lion cancelled the owner root and I had to use System Preferences User and groups to add root again, with the result that now I can use only the comman "su root" and not "sudo anycommand" anymore.
Thanks for halp and cheers
daniela -
I use Windows XP professional, When I use Firefox to go to my Barclay bank statements, they are unreadable as the page with the amounts on is partly covered by the Questions on the right of the page, I also have this problem with the Daily Mail rewards club, If I login to my account from Internet Explorer it works fine for both, this is without making any changes to my setup.
What you are experiencing is 100% related to Malware.
Sometimes a problem with Firefox may be a result of malware installed on your computer, that you may not be aware of.
You can try these free programs to scan for malware, which work with your existing antivirus software:
* [http://www.microsoft.com/security/scanner/default.aspx Microsoft Safety Scanner]
* [http://www.malwarebytes.org/products/malwarebytes_free/ MalwareBytes' Anti-Malware]
* [http://support.kaspersky.com/faq/?qid=208283363 TDSSKiller - AntiRootkit Utility]
* [http://www.surfright.nl/en/hitmanpro/ Hitman Pro]
* [http://www.eset.com/us/online-scanner/ ESET Online Scanner]
[http://windows.microsoft.com/MSE Microsoft Security Essentials] is a good permanent antivirus for Windows 7/Vista/XP if you don't already have one.
Further information can be found in the [[Troubleshoot Firefox issues caused by malware]] article.
Did this fix your problems? Please report back to us! -
Windows Security Prompt in Internet Explorer 10 on Sharepoint Foundation 2013 site
Hi,
I have Sharepoint Foundation 2013 and when I access the site from Internet Explorer 10 I get prompted for windows security, after enter my domain credential I am able to log into the site. When I access the site from Internet Explorer 9 I don't
receive the windows security prompt. Below you will find screenshot. How can I prevent Internet Explorer 10 and later to not prompt for domain credential?
ThanksAdd *.domain.com to the Intranet Zone in IE.
Trevor Seward
Follow or contact me at...
  
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Why can't I update or load new apps on my iPhone and iPad. It does not ask me for my password. I tried to sync from my laptop now I am unable to connect to any sites from internet explorer. When I try to update or load any app it tells me it is corrupt
You need to ask Apple for assistance with getting back into your old ID. To do this, click here and pick a method; if that page doesn't list one for your country or you're unable to resolve this issue through the Account Security team, fill out and submit this form.
(118441) -
Question
Cannot log in to Nationwide internet banking. I get the front page but Login says internet banking is not working. Next screen says it's ok and sends you back to the first screen, which says it isn't. Works throughInternet explorerThat issue can be caused by corrupted cookies.
*https://support.mozilla.org/kb/Cannot+log+in+to+websites
Clear the cache and the cookies from sites that cause problems.
"Clear the Cache":
*Tools > Options > Advanced > Network > Offline Storage (Cache): "Clear Now"
"Remove Cookies" from sites causing problems:
*Tools > Options > Privacy > Cookies: "Show Cookies" -
Asa 5505 vpn from internet native vpn client, tcp discarted 1723
Hello to all,
I'm configuring this asa for to connect home users to my network using the native microsoft vpn clients with windows xp over internet.
This asa have on the outside interface one public intenet ip and in the inside inferface have configured in the the network 192.168.0.x and i want to acces to this network from internet users using native vpn clients.
I tested with one pc connected directly to the outside interface and works well, but when i connect this interface to internet and tried to connect on user to the vpn i can see in the logs this, and can't connect with error 800.
TCP request discarded from "public_ip_client/61648" to outside:publicip_outside_interface/1723"
Can help me please?, Very thanks in advance !
(running configuration)
: Saved
ASA Version 8.4(3)
hostname ciscoasa
enable password *** encrypted
passwd *** encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.0.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address publicinternetaddress 255.255.255.0
ftp mode passive
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network gatewayono
host gatewayofinternetprovideraccess
description salida gateway ono
object service remotointerno
service tcp destination eq 3389
description remoto
object network pb_clienteing_2
host 192.168.0.15
description Pebble cliente ingesta 2
object service remotoexternopebble
service tcp destination eq 5353
description remotoexterno
object network actusmon
host 192.168.0.174
description Actus monitor web
object service Web
service tcp destination eq www
description 80
object network irdeto
host 192.168.0.31
description Irdeto
object network nmx_mc_p
host 192.168.0.60
description NMX Multicanal Principal
object network nmx_mc_r
host 192.168.0.61
description NMX multicanal reserva
object network tarsys
host 192.168.0.10
description Tarsys
object network nmx_teuve
host 192.168.0.30
description nmx cabecera teuve
object network tektronix
host 192.168.0.20
description tektronix vnc
object service vnc
service tcp destination eq 5900
description Acceso vnc
object service exvncnmxmcr
service tcp destination eq 5757
description Acceso vnc externo nmx mc ppal
object service exvncirdeto
service tcp destination eq 6531
description Acceso vnc externo irdeto
object service exvncnmxmcp
service tcp destination eq 5656
object service exvnctektronix
service tcp destination eq 6565
object service exvncnmxteuve
service tcp destination eq 6530
object service ssh
service tcp destination eq ssh
object service sshtedialexterno
service tcp destination eq 5454
object-group service puertosabiertos tcp
description remotedesktop
port-object eq 3389
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group network DM_INLINE_NETWORK_1
network-object object irdeto
network-object object nmx_mc_p
network-object object nmx_mc_r
network-object object nmx_teuve
network-object object tektronix
object-group service vpn udp
port-object eq 1723
object-group service DM_INLINE_TCP_1 tcp
port-object eq https
port-object eq pptp
object-group network DM_INLINE_NETWORK_2
network-object object actusmon
network-object object tarsys
access-list inside_access_in extended permit object remotointerno any any
access-list inside_access_in extended permit object ssh any any
access-list inside_access_in extended permit object-group TCPUDP any any eq www
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit object vnc any any
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit object remotointerno any object pb_clienteing_2
access-list outside_access_in extended permit object-group TCPUDP any object actusmon eq www
access-list outside_access_in remark Acceso tedial ssh
access-list outside_access_in extended permit tcp any object tarsys eq ssh
access-list outside_access_in extended permit object vnc any object-group DM_INLINE_NETWORK_1
access-list outside_access_in extended permit tcp any any object-group DM_INLINE_TCP_1
access-list outside_access_in extended deny icmp any any
access-list corporativa standard permit 192.168.0.0 255.255.255.0
access-list Split-Tunnel-ACL standard permit 192.168.0.0 255.255.255.0
pager lines 24
logging enable
logging monitor debugging
logging asdm debugging
logging debug-trace
mtu inside 1500
mtu outside 1500
ip local pool clientesvpn 192.168.0.100-192.168.0.110 mask 255.255.255.0
ip local pool clientesvpn2 192.168.1.120-192.168.1.130 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
no asdm history enable
arp timeout 14400
nat (outside,inside) source static any interface destination static interface actusmon service Web Web unidirectional
nat (outside,inside) source static any interface destination static interface tarsys service sshtedialexterno ssh unidirectional
nat (outside,inside) source static any interface destination static interface pb_clienteing_2 service remotoexternopebble remotointerno unidirectional
nat (outside,inside) source static any interface destination static interface irdeto service exvncirdeto vnc unidirectional
nat (outside,inside) source static any interface destination static interface nmx_mc_p service exvncnmxmcp vnc unidirectional
nat (outside,inside) source static any interface destination static interface nmx_mc_r service exvncnmxmcr vnc unidirectional
nat (outside,inside) source static any interface destination static interface nmx_teuve service exvncnmxteuve vnc unidirectional
nat (outside,inside) source static any interface destination static interface tektronix service exvnctektronix vnc unidirectional
nat (any,outside) source dynamic DM_INLINE_NETWORK_2 interface
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside per-user-override
route outside 0.0.0.0 0.0.0.0 gatewayinternetprovideracces 1
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
eou allow none
aaa local authentication attempts max-fail 10
http server enable
http 192.168.0.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
no sysopt connection permit-vpn
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set clientewindowsxp esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set clientewindowsxp mode transport
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set L2TP-IKE1-Transform-Set mode transport
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 1 set ikev1 transform-set clientewindowsxp
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 1 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto dynamic-map L2TP-MAP 10 set ikev1 transform-set L2TP-IKE1-Transform-Set
crypto map inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map inside_map interface inside
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map L2TP-VPN-MAP 20 ipsec-isakmp dynamic L2TP-MAP
crypto map L2TP-VPN-MAP interface outside
crypto ca trustpoint _SmartCallHome_ServerCA
crl configure
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside client-services port 443
crypto ikev2 remote-access trustpoint Ingenieria
crypto ikev1 enable inside
crypto ikev1 enable outside
crypto ikev1 policy 5
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet 192.168.0.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd dns 8.8.8.8
dhcpd auto_config outside
dhcpd address 192.168.0.5-192.168.0.36 inside
dhcpd dns 8.8.8.8 8.8.4.4 interface inside
dhcpd auto_config outside interface inside
dhcpd enable inside
no threat-detection basic-threat
no threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ssl trust-point Ingenieria outside
webvpn
tunnel-group-list enable
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
wins-server none
dns-server value 192.168.0.1
vpn-tunnel-protocol l2tp-ipsec
default-domain none
group-policy DfltGrpPolicy attributes
dns-server value 8.8.8.8
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec
group-policy ingenieria internal
group-policy ingenieria attributes
vpn-tunnel-protocol l2tp-ipsec
default-domain none
group-policy L2TP-Policy internal
group-policy L2TP-Policy attributes
dns-server value 8.8.8.8
vpn-tunnel-protocol l2tp-ipsec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value Split-Tunnel-ACL
intercept-dhcp enable
username ingenieria password 4fD/5xY/6BwlkjGqMZbnKw== nt-encrypted privilege 0
username ingenieria attributes
vpn-group-policy ingenieria
username rjuve password SjBNOLNgSkUi5KWk/TUsTQ== nt-encrypted
tunnel-group DefaultRAGroup general-attributes
address-pool clientesvpn
address-pool clientesvpn2
authentication-server-group (outside) LOCAL
authorization-server-group LOCAL
default-group-policy L2TP-Policy
authorization-required
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup ppp-attributes
no authentication chap
authentication ms-chap-v2
class-map inspection_default
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
prompt hostname context
call-home reporting anonymous
Cryptochecksum:59b54f1d10fe829aeb47bafee57ba95e
: end
no asdm history enableYes with this command creates this
policy-map global_policy
class inspection_default
inspect pptp
But don't work. I also tried to add the pptp and gre in the outside access rules but nothing...
I don't understand why if a connect directly to the outside interface with the same outside network works well.
ej: the pc have 89.120.145.14 ip and the outside asa have 89.120.145.140 and if I create one vpn in this pc the outside ip 89.120.145.140 with the correct parameters the asa don't discart 1723 and connect ok but if this ip is not of this range discards 1723... -
More questions on printing from internet
While I was waiting for an answer to my original question (why my printer won't print from the internet) I found the following two preconditions:
- Requires an Internet connection to the printer
- Requires HP Web Services Account Registration
So now I also need to know if I have the above qualifications. How do I find this information?
I shall continue to pursue the ansswers but I appreciate any help.
Thanks!
SALLYANNCHi SALLYANNC,
Just to clarify, you are able to print from the computer but not from the internet?
I would try printing from another browser to see if you have the same results.
Try a different browser.
If you are using Google Chrome as a web browser, please do the following steps:
Run the updates for Chrome, to make sure you have the latest version.
Then open the Chrome's browser, go to settings, tools, clear browsing data, clear the cache and site date if listed.
Close and reopen the browser again.
Try printing again.
If you are still having issues, try The Ctrl+Shift+P to see if it will print.
Update the Java on the computer.
Go to start, control panel, Java, click on the Update tab and select Update Now.
I suggest that you to try these steps to resolve this issue if you are using Internet Explorer.
Method 1: Look at the Security settings for Internet Explorer.
1. Open the Internet Explorer. Click on Tools.
2. Click on Internet Options->Under the Security Tab->Security Level Zone->Click on Default Level->Drag the Scroll button and set the Security as Medium level.
Method 2: You can also add the sites from which you are trying to print to the Trusted Zone which will restore the functionality of these sites.
1. Open Internet Explorer and go to Tools-Internet Options-Security.
2. Click the "Security" tab and choose the "Trusted Sites" icon.
3. Then click on the button "Sites". A window will open, where you can add any sites that you wish to be in the Trusted zone.
4. Enter the site of interest in the line provided. Site URLs can be typed in directly or entered by copying and pasting. After entering a site click the "Add" button.
5. The site is now added to the list of trusted sites.
6. Enter the next site and repeat the procedure.
Method 3: Also check the following settings:
1. Open Internet Explorer.
2. Click Tools, and then click Internet Options.
3. Click the Advanced tab.
4. Under Browsing check the option “Enable third party Browser Extensions”.
If you are using Firefox, then take a look at this document. Fix printing problems in Firefox.
What web browser are you using? (Chrome, Firefox, Safari, Internet Explorer)
Are you printing a email or a webpage?
Let me know how you make out.
Thank You.
Please click “Accept as Solution ” if you feel my post solved your issue, it will help others find the solution.
Click the “Kudos Thumbs Up" on the right to say “Thanks” for helping!
Gemini02
I work on behalf of HP -
I want to uninstall Acrobat reader. I got support in the community to access my HD and to send to trash the internet plugs in for PDF viewer, but when I try to download a PDF from internet a black screen appears and preview doesn't open
Back up all data.
Triple-click the line of text below to select it, the copy the selected text to the Clipboard (command-C):
/Library/Internet Plug-ins
In the Finder, select
Go ▹ Go to Folder
from the menu bar, or press the key combination shift-command-G. Paste into the text box that opens (command-V), then press return.
From the folder that opens, remove any items that have the letters “PDF” in the name. You may be prompted for your login password. Then quit and relaunch Safari, and test.
The "Silverlight" web plugin distributed by Microsoft can also interfere with PDF display in Safari, so you may need to remove it as well, if it's present.
If you still have the issue, repeat with this line:
~/Library/Internet Plug-ins
If you don’t like the results of this procedure, restore the items from the backup you made before you started. Relaunch Safari again.
Maybe you are looking for
-
Identification of "older" Nano 3rd gen Ipod
Is there a way to determine if an Ipod is one of the older 3rd Gen units that has not been "updated".
-
Parse errors from server behaviors
I have created an input form for a mysql/php database set up on my testing server with a set of fields in a repeat region. All the fields are properly displayed when I switch to LiveView or browser preview. I am, however, having the following problem
-
ITunes reopens immediately after I quit it?
I'm running the most recent update for Apple that is available, Mavericks. iTunes is 11.2.1. After I've been using my Macbook Air for a little while, iTunes gets weird- it won't let me turn the volume up past like 30%, and when I try to quit it (and
-
Photoshop Elements V7: destoyed CD, made a Download of the registerable Demo and installed, but at first start, when you can enter a serial: programm denies my registered serial (no input failure), What can I do, please? Walter
-
Dynamically create Table partition
Hi all, Anybody having script to add partition to a table using plsql.My requirment is to create partition for every month ( time_id , from time attribute table ) dynamically. Thanks in Advance Ramesh K C R