Single Sign On (SSO) Internet Access via ASA
Good Afternoon,
I'm looking for a way for users to authenticate through the ASA to determine whether or not they are granted access to the Internet. I would like to provide two separate Active Directory groups, for example, GRP-NO-INTERNET and GRP-INTERNET. When a user accesses the Internet I would like the firewall to obtain a SSO credential and query AD to see if they have access or not and respond accordingly.
I'm currently working with TAC to investigate the possibility of using DAP but was curious if others have successfully tested this or what other options may be available. The end result would be to eliminate the credentials prompt by the firewall and have the authentication done in the background (somehow) without user interaction.
Thanks in advance to anyone's suggestions.
-Mike
Actually, it should be possible starting ASA 8.4.2. You will have to configure an AD Agent on Windows. Please see the following link
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/access_idfw.html
Please rate if it helps. Kind regards
Similar Messages
-
CRM single sign on (SSO) to R/3 system via ITS 6.20
Hi all
I try to configue CRM2007 single sign on (SSO) to R/3 system via ITS 6.20.
my configuraion process
1. on CRM2007
-profile : login/accept_sso2_ticket = 1
login/create_sso2_ticket = 2
- t-code : strustsso2 --> export system PSE
2. on R/3 system
- profile : login/accept_sso2_ticket = 1
login/create_sso2_ticket = 0
- t-code : strust --> import certification --> add certification list --> save
- t-code : oss2 --> execute with crm rfcdestination --> all green.
3. ITS
~appserver r/3.domain
~client
~clientcert 1
~cookies 1
~exiturl
~hostsecure itshost.domain
~hostunsecure itshost.domain
~language
~login
~logingroup
~messageserver
~multiinstanceservices 1
~password
~portsecure 443
~portunsecure 80
~routestring
~runtimemode pm
~systemname R/3 SID
~systemnumber R/3 system no
~theme 99
~timeout 600
~urlimage /sap/its/graphics
~urlmime /sap/its/mimes
~usertimeout 240
~xgateway sapdiag
~xgateways sapdiag,sapxgwfc,sapxginet,sapextauth
~mysapcomgetsso2cookie
~mysapcomusesso2cookie 1
~mysapcomssonoits 1
for SSO check, execute web ui and then log on web ui
I go to the Interation center and then go to the ERP information.
but ITS log on screen appear.
crm user and r/3 user is same.
how can I do ??You use Server Port 3600, message server.
It means, while creating a system you used wrong template and picked "SAP system using dedicated application server".
You should use "SAP system with load balancing", since message server is doing load balancing.
Once you selected correct template you will see "Message Server" instead of App and GW servers.
Make sure to fill in
Group - Logon group to use. If not defined in R3, use SPACE
Message Server - ansapdev01
SAP Client = 150
SAP System ID <SID> = DEV
Server Port 3600
System Type = SAP R/3
It should work.
Regards,
Slava -
Can Captivate pull a user's login information from a Single Sign On (SSO) page?
Looking to start pushing out quizzes and trainings via Captivate. We currently do not have a LMS, so I started testing using Acrobat.com. We have a Single Sign On (SSO) page that passes our users credenitals on to all the sites and apps. Is there a way for Captivate to get those credentials, when submitting quiz results? Do they have to submit their quiz answers via an Acrobat sign in? Can Captivate auto submit answers or does the end user have to hit the Submit/Submit All button?
Hi there,
There is no native feature for getting SSO information in Captivate course.
If you don't have an LMS, and if you would like to use Acrobat.com reporting, then learner will have to click on the post results button, and enter their Adobe.com or Acrobat.com credentials, then hit submit. (Learners must have an Account on Acrobat.com or Adobe.com to submit the results.)
If the course will be accessed within the organization's network, then you can also use Internal server reporting, that works exactly same except learners do not need an account on Adobe.com
They will have to enter their Name and E-mail address to niquely identify them while fetching result reports.
Thanks. -
Single Sign-On (SSO) in Web Server 7.0u5
Hello,
I am in the process of trying to configure single sign-on (SSO) between several apps in the same SJWS 7.0u5 virtual server, and I'm not having much luck. This appears to be very similar to the problem reported in another thread (http://forums.sun.com/thread.jspa?forumID=759&threadID=5281564) that applied to 7.0u2.
I found one interesting detail that the previous post did not mention, however, and I think it is key to resolving this issue.
I've been using the SSO feature of WS7 since day one, and up to this point is has worked flawlessly. However, I am in the process of adding a new webapp that differs from the prior webapps in one significant way: it uses form-based login, and all the previous webapps used basic authentication.
Using the "Live HTTP Headers" Firefox add-on I captured the cookie exchanges between the client and server, and this is what I see:
1. Logging in to any of the apps that use basic authentication results in both the JSESSIONID for the current webapp and the JSESSIONIDSSO for the entire server to be returned in the response.
2. If I then go to a secured URI in the new (form login) webapp the JSESSIONIDSSO cookie is sent, but I still land on the login page.
3. When completing the login form and submitting it, no JSESSIONIDSSO is returned.
In both types of apps, my web.xml includes the appropriate configuration. FORM authentication: <login-config>
<auth-method>FORM</auth-method>
<realm-name>ldap</realm-name>
<form-login-config>
<form-login-page>/login.jsf</form-login-page>
<form-error-page>/error.jsf</form-error-page>
</form-login-config>
</login-config>...and BASIC authentication: <login-config>
<auth-method>BASIC</auth-method>
<realm-name>ldap</realm-name>
</login-config>From this, it appears as though the SSO functionality is not working when using FORM authentication, only when using BASIC authentication.
The web apps developer's guide specifically says that SSO works for all webapps in the same virtual server with the same realm-name, which is certainly the case for me. It doesn't say that SSO is not supported in FORM-authenticated webapps, but that would appear to be the case.
Or is this a bug?
Or am I simply doing something obviously wrong?
Thanks!
BillIn addition, I set the logging level to "fine", and I see these entries for the FORM authentication:
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Process request for '/testSso/'
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Checking for SSO cookie
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: SSO cookie is not present
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Security checking request GET /testSso/
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Matched constraint 'SecurityConstraint[secureURIs]' against GET /index.jsp
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Matched constraint 'SecurityConstraint[secureURIs]' against GET /index.jsp
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Calling hasUserDataPermission()
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: User data constraint has no restrictions
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Calling authenticate()
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Restore request from session '19FFE2F63CF4E8756C19B60AC6F7A65E'
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Authenticated 'testUser' with type 'FORM'
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Registering sso id '2698AFCE8889EF9877778386855517BC' for user 'testUser in realm ldap' with auth type 'FORM'
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Associate sso id 2698AFCE8889EF9877778386855517BC with session StandardSession[19FFE2F63CF4E8756C19B60AC6F7A65E]
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Proceed to restored request
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Calling accessControl()
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Checking roles testUser
[06/Sep/2009:22:52:57] fine (20013): for host 127.0.1.1 trying to GET /testSso/index.jsp while trying to GET /testSso/, service-j2ee reports: Successfully passed all security constraintsThat seems to indicate that an SSO ID is created and a cookie should be sent with the response, but as show in the Live HTTP Headers output, that is not the case.
The log entries for the BASIC authentication are as follows:
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Process request for '/ppc/'
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Checking for SSO cookie
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Security checking request GET /ppc/
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Matched constraint 'SecurityConstraint[ppc]' against GET /index.jsp
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Matched constraint 'SecurityConstraint[ppc]' against GET /index.jsp
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Calling hasUserDataPermission()
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: User data constraint has no restrictions
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Calling authenticate()
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Logging in user [testUser] into realm: ldap using JAAS module: ldapRealm
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Password login succeeded for : testUser
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Authenticated 'testUser' with type 'BASIC'
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Registering sso id 'A58B93F0A00C619AF18F53C2F7C00D16' for user 'testUser in realm ldap' with auth type 'BASIC'
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Associate sso id A58B93F0A00C619AF18F53C2F7C00D16 with session StandardSession[EF2E1F7E8B3FB7E3FDD4607E4A62D99E]
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Calling accessControl()
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Checking roles testUser
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: No role found: administrator
[06/Sep/2009:22:57:29] fine (20013): for host 127.0.1.1 trying to GET /ppc/index.jsp while trying to GET /ppc/, service-j2ee reports: Successfully passed all security constraintsIn this case, you can see that the SSO ID that is generated matches the value set in the response.
Bill -
WCI single sign on(SSO) configurations with Oracle Access Manager(OAM)
I have to integrate the oracle access manager with the WCI(ALUI) for the SSO implementation.What are the configurations required to implement SSO with oracle access manager in WCI/ALUI
Any answer to the last question on..?
No, better explain my query with 2 scenarios:
Scenario 1:
Usual scenario authentication of a user to a web application without the single web functionality on the acces single manager:
Login screen of the web application ====> Access to the web application home
Scenario 2:
Scenario authentication of a user to a single web application with web functionality on the acces single manager:
Login screen oracle access manager ====> Display login web application ====> Access to the web application home
My query is:
You can configure the functionality of single sign on to access manager with a web application that does not have its login screen of the web application. For example:
Login screen oracle access manager ====> Access to the web application home -
Single Sign On (SSO) Issue
We are running Business Objects Enterprise XI 3.1, SP2 (BOBJ) in a Windows environment and have implemented single sign on for Windows AD. Randomly single sign on does not work for some of our users when either accessing InfoView or when executing a WebI report via an OpenDocument call. These users can log into InfoView using the Windows ID and Password manually. The users also have the u201CEnable Integrated Windows Authenticationu201D option checked in IE.
We have checked the InfoViewApp web.xml and OpenDocument web.xml settings and everything appears to be setup correctly for using sso and vintela (per SAP Note 1251945). Required SPN entries appear to have been made. The maxHttpHeaderSize setting in the Tomcat server.xml is set to 16384. We do tend to make substantial use of Windows AD Groups within our security model.
When the users are unable to login via sso, here is the error stack that appears in the Tomcat stdout.log:
SEVERE: Servlet.service() for servlet action threw exception
java.lang.IllegalStateException
at org.apache.catalina.connector.ResponseFacade.sendError(ResponseFacade.java:418)
at javax.servlet.http.HttpServletResponseWrapper.sendError(HttpServletResponseWrapper.java:117)
at com.businessobjects.sdk.credential.WrappedServletResponse.sendError(WrappedServletResponse.java:30)
at com.wedgetail.idm.sso.AbstractAuthenticator.setUnauthorizedResponse(AbstractAuthenticator.java:1328)
at com.wedgetail.idm.sso.MechChecker.authenticate(MechChecker.java:144)
at com.wedgetail.idm.sso.AbstractAuthenticator.authenticate(AbstractAuthenticator.java:1060)
at com.wedgetail.idm.sso.AbstractAuthenticator.authenticateServiceTicket(AbstractAuthenticator.java:998)
at com.wedgetail.idm.sso.AbstractAuthenticator.checkAuthentication(AbstractAuthenticator.java:953)
at com.wedgetail.idm.sso.AuthFilter.doFilter(AuthFilter.java:122)
at com.businessobjects.sdk.credential.WrappedResponseAuthFilter.doFilter(WrappedResponseAuthFilter.java:66)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Before we go about installing SP3 in an effort to resolve the problem, can anyone look at the above error stack and tell us what might be going on here? Would the above error stack be consistent with an Httpheader getting truncated?
Thanks in advance for your help.
Wendell GiedemanThat error is part of a logging bug and not related to your issue. If SSO is working consistently from infoview then it probably is not a web.xml setting either. The most common problems with opendoc have been related to sessions. Are the users using a new IE window or possibly one that had previous documents open? If it is the session issue then SP3 may help as some work has been done in that area. If you are sure the users are using new IE windows for the opendoc calls then more troubleshooting may be required to identify the problem.
Regards,
Tim -
Load Balance guest Internet access via two different DMZ zones at two sites
Hi Sir,
My customer has the following unified wireless guest access requirement:
- There are 2 internet links and dmz zones at two different locations, Site A and Site B
- Data centre is at Site A
- WiSM is proposed to be installed at the Cat 6500 in Site A
- Lightweight AP are distributed across Site A, Site B and other branches
- Only one anchor WLC is proposed at Site A, DMZ zone to provide guest internet access
My customer would like to load balance the guest via the two internet link at Site A and Site B but with the same SSID across all locations. Can it be done since only one anchor at Site A? How about puttting another anchor WLC at Site B, DMZ zone? But how can i establish two EoIP tunnel to two different anchor WLC from a single WiSM?
Thanks for your help
DelonYou can... but you can't control where the traffic will flow. The wlc will determine which DMZ wlc it will use. The wlc will load balance, but traffic in site A might go to site B. I currently have deployed that senerio in multiple client installations....
-
Proxy Server and single sign on (SSO)
We are currently running Portal 7. I've enabled single sign on via logon tickets from portal to our backend ECC 6.0 and CRM 5.0 systems and its working fine. For demoing to clients we've employed the Apache webserver for reverse proxy. This reverse proxy server is located in the DMZ, on a domain of its on. I can access the portal fine through the reverse proxy but now the single sign on to our backend ECC and CRM systems doesn't work. I know the issue lies with the difference in the domain.
Has anyone come accross an issue such as this and can lend me some help?Hi,
Domain relaxing will not work in this setting, ref. RFC 2109 http://www.ietf.org/rfc/rfc2109.txt
What you need to do is to create a DNS alias for the portal on domain [something].[company].com. Then create a portal component which returns the MYSAPSSO2 cookie and create an URL iView for it with the DNS alias hostname and add it to the default framework page. In this way, persons logging in will get the MYSAPSSO2 cookie for both domains [sap subdomain].[network domain].local and [network domain].[company].com
Regards
Dagfinn -
IRecuritment: Resume Parsing with Single Sign on (SSO)
Application Version:11.5.9
RDBMS Version:9.2.0.7
Patch Level:IRC.D, HR_PF.G
Problem Description/Question:
Anyone successfully parsed resumes with Single Sign On enabled. We are unable to parse resume with SSO. If I disable the SSO the parsing is working fine. With the SSO enabled resume parsing giving the following error:
javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
Pl. let me know if you have any suggestions/work around to resolve the issue. Client is going to live in 3 weeks. Any help is appreciated.
Thanks,
VHi Rainer,
you can find this setting in your Internet Explorer. Use Tools -> Internet Options -> Advanced. In the section "Security", check "Enable Integrated Windows Authentication (requires restart)" and restart your browser.
If the error still persists Note
934138 might be useful.
Hope this will help out.
Regards,
André -
Wireless Internet access via requires unplugging cable modem -
I have a brand new MacBook Pro with Snow Leopard (10.6.1) and Airport Express (7.4.2). I have high speed Internet via Comcast/cable modem. I spent 30 minutes with the Apple Tech Support folks and was finally able to get wireless internet access. However, after I shutdown and reboot, the only way I can wireless internet is to unplug the internet cable from both the wall plug and cable modem and unplug the modem, both for about two minutes. This isnt what I had in mind when I crossed over from the dark side (PC laptop world) and am having buyer's remorse. Does anyone know how I can fix this problem (i dont want to unplug cables before each session on the internet)?
Mr. Timmons,
Thank you so much for the response. I thought the complete reboot would work, but apparently not. I followed the directions precisely, even waiting a few minutes longer than suggested for each of the steps. My air express is still blinking yellow. I think the issue has something to do with the DHCP and the IP address which are diifferent. The IP address is one series of number (starts with 169), and the LAN IP address is another number (starts with 10). Status on airport express show yellow for internet connection, and yellow for no DSN servers. When I go to the internet tab of airport utility, it shows the iPv4 address starts wutg the 169 number. When I click on the network tab, the DHCP range starts with the 10 number. When I open the Network Options window, the iPv4 DHCP range starts with the 10 number. I am at a loss as to how to get them to match up (with either the 169 number or the 10 number). V/R sjbgtmo -
Conneced to wireless router but no internet access via wireless
I don't recall the physical connections being directly attached to the router. The router in question is a Linksys WRT54G/GL/GS. My initial thought was since we rolled out Voip fairly recently one of our phones might have ganked the IP address, but that is not the case. Each of them have their own IP addresses and I don't see any conflicts. I am also able to ping the router and log into it remotely from my office, which is in a different city. Could it possibly be a firmware issue?
Hi Everyone,
One of my offices' routers is broadcasting but has no internet access. The office does have internet if you hardwire in but outside of that nothing has worked so far in regards to the WiFi. I have power cycled the router and modem to no avail and DHCP is enabled but no one can get online via WiFi. It seemed to just up and decide one morning that it was not going to allow internet access.
This topic first appeared in the Spiceworks Community -
IMac G4 800 mhz internet access via LAN very slow
We have a G4 800mhz running 10.3. Memory is 768K. The only use for this machine is as a music server. It is connected to the internet via LAN; internet access is extremely slow - pages take an incredibly long time to load. Download/Upload speeds are about the same as I see on my Macbook Pro so I don't think it is the connected to the internet. Is there anything one can do to troubleshoot very laggy browser performance?
You may need to turn to Activity Monitor (or "AM") in Applications > Utilities to see if a runaway background process is eating up processor cycles. If you've not run AM before, on first launch its "Show" window defaults to "My Processes." That will tell only part of the story. Change it to "All Processes"to get the full picture.
Now highlight the "%CPU" column to sort by processor usage. Best to check with no user apps running other than AM. Let AM percolate five to ten seconds to let it finish its first poll. What you are looking for are any processes that are using 15 percent or more of "%CPU" with nothing running other than AM. If you find one, post its name here and we can advise how to deal with it.
However, don't get your expectations too high that a process has gone rogue. Part of it is simply a lack of speed by today's standards. I recently upgraded a friends iMac G4 800 from Panther to Tiger so it could run the latest browsers and it was still terribly slow compared to my PowerBook G4 1Ghz running the same level OS. The iMac 800 has a slow logic board bus (100mHz). -
Win2012R2 VM internet access via WIFI fine but not through a client's Web Proxy Server
Hi
I have a number of VMs running on my win 8.1 laptop. They normally access the internet via the host WIFI in a bridged config. No real issues tho sometimes it takes a reboot to clear out any stale DNS entries.
Now when I go on a client site my internet access on the host laptop is via a web proxy on a LAN connection. If I want this same access running on a standalone "all in" VM , I have a issue since it does not know about the web proxy and it is not
even on the client's LAN . No internet, means no Azure or Office 365.....
So this doesn't make any difference
Is there a way around this .. do I need share a folder/drive or authenticate myself on the Proxy, from the VM.
Anyone had this issue?
Daniel
Freelance consultantHi Daniel,
>>Now when I go on a client site my internet access on the host laptop is via a web proxy on a LAN connection.
"LAN connection" means physical NIC (Realtek PCIe GBE Family Controller) ?
" web proxy " means adding a proxy server IP in IE ?
Bounding the NIC (Realtek PCIe ) to external virtual switch then connect all VMs to that external virtual switch ,still can not access ?
Best Regards
Elton Ji
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Thanks for the help after looking over your sugesstion I did some additional troubleshooting which i should have done in the beginning and heres what i found
Airport express is joined to and existing wireless network and i have internet access....all good
I set up my Airport Extreme as follows:
Connect using :ethernet
Ethernet Wan Port : automatic
Connetion Sharing : Share a public IP address
Tcpip Configue IPv4: Using DHCP
DHCP Begin address: 172.16.22.200
Ending address: 172.16.22.254
Wireless Create a wireless network
Wireless network name Test1
wpa2 security
This is needed due to set ip address of device on this private network did not address NAT
Conneted Express ethernet port to Extreme wan port
All wired devices have internet access and i get a double nat status which ignore
however my wireless device will not connect.... sometimes they will they want
any suggestionsHere are sceeen shots of the Express
-
Hi
After installing a Microsoft critical update late night my PC is still connected to my BT Infinity router but I can't get internet access (I'm able to log into a BT hotspot however). I've tried eveyting I know (rebooting etc) but nothing to seems to work. I've also tried system restore but it won't let me go back. Before I try the refresh option has anyone any other ideas?
CheersThe last crical update from microsoft was for an IE fix so maybe try another browser
If you like a post, or want to say thanks for a helpful answer, please click on the Ratings star on the left-hand side of the post.
If someone answers your question correctly please let other members know by clicking on ’Mark as Accepted Solution’.
Maybe you are looking for
-
for my macbook pro how do I get icloud, i have mobileme in 'system preferences', which is an expired trial? The Macbook Pro is early 2008?
-
Too confusing with setting up different profiles for Personal and Work spaces. This is a business phone, how can we just have it set to one Work space?
-
Using a single data structure in a desktop application
Hello, I am programming an application that needs to constantly access a data structure, for instance to add / edit / update / search data. Several graphical user interfaces need to modify this data structure. I was wondering of easy ways to use the
-
Any issues leaving Airdisk on all the time ?
I'm looking at getting an external hard drive for my Airport extreme. Does leaving a hard disk attached all the time, ie never switching it off cause any problems ? Will the drive not fail eventually ? If I leave the network ( ie leave the house ) do
-
Lightroom 3 crash on import in ui.dll
I've been using the beta and now have a licensed version of Lightroom 3. Suddenly it has decided that it can't import photos from my card and will crash in ui.dll. I've tried multiple times without success. I don't know what changed because I have be