SNMP and VPN HW Client 3002.

Similar Messages

• Managing VPN HW Client 3002.

  Hello.
  I'm using LMS 2.6, with RME 4.0.6, to manage Cisco VPN HW client.
  I'm receiving the attacked result from sync archive job.
  Any idea?
  Many thanks.
  Regards.
  Andrea

  Hi Andrea,
       The VPN3002 is suppported in RME 4.0.6 (LMS 2.6) - http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_resource_manager_essentials/4.0.5/device_support/table/RME405.html#wp231589
      For Config Fethc however, the only supported protocol for the VPN3002 is HTTPS - http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_resource_manager_essentials/4.0.5/device_support/table/RME405CM.html#SecurityandVPN
      You'll need to do the following 3 things in order to get this to work :
  1. Add HTTPS credentials to DCR for your VPN3002 (Common Services -> Device and Credentials -> Device Management then Edit Credentials)
  2. Add HTTPS to the list of Transport Protocols to be used by Config Archive (RME -> Administration -> Config Mgmt -> Transport Settings then Add HTTPS to the 'Selected Protocol Order List'
  3. Enable HTTPS on the VPN3002 Concentrator http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/4_7/config/tunnel.htm#wp1309633
  Regards
  Derek Clothier

• LMS 4.0.1 unable to collect VPN hw client configuration.

  Hello.
  I'm using LMS 4.0.1 and VPN hw client 3002 with software 4.7.2.L.
  I'm not able to collect the first configuration and sync jobs end with these errors...
  *** Device Details for vpn-balbi ***
  Protocol ==> HTTPS
  Selected Protocols with order ==> SSH,HTTPS,Telnet,TFTP
  Execution Result:
  RUNNING
  CM0057 PRIMARY RUNNING Config fetch SUCCESS, archival failed for  vpn-balbi Cause: CM0210 Unable to generate processed config Action: Verify that  archive exists for device.
  Any ideas?
  Thanks.
  Regards.
  Andrea

  I have seen some issues with VPN device with ciscoworks. We have one of the old Bug for this as well # CSCsa35538.
  I would suggest to check a couple of things mentioned below:
  > Please check there are no specila characters '<,''>' in the configuration file.
  > Non UTF-8 characters are NOT visable through the WEB-Interface and hence i would again recommend to change the Port Forwarding Name to something normal like " application test", if there is some special characters as well, from Base groups-->web vpn.
  Then retry the configuration fetch.
  -Thanks

• VPN -- different behavior between Mac and Windows XP clients.

  Hi,
  Background:
  I have a Mini server serving L2TP IPSEC vpn with both Mac and Windows (all XP, so far) clients.
  The mini sits behind a Netopia router/firewall/NAT box that port forwards L2TP traffic to the mini.
  The mini has a public but unrouted address (unrouted in the public Internet, that is.) The same Netopia serves as the router for outgoing public connections. DNS is served by other servers.
  The VPN clients are distributed addresses from the unrouted public address space.
  Client <-> NAT <-> Public Cloud <-> NAT <-> Private (with public addresses) <-> Mini (VPN)
  Mac clients work happily, accessing internal and external hosts.
  The XP clients have a registry value set to allow NAT traversal:
  under HKEYLOCALMACHINE\SYSTEM\CurrentControlSet\Services\IPSec, AssumeUDPEncapsulationContextOnSendRule is set to 2 to allow dual Nat traversal.
  The XP clients happily access internal hosts, but hang accessing some, but not all external hosts.
  For example, most Google services are quickly displayed, whereas www.comcast.net or www.llbean.net hang. It appears to be more frequent accessing third-party hosts while processing the initial page. Some Google web services, e.g. some Google Map plugins do eventually hang.
  An XP host internal to the network configured with the above registry key set to 0 (No NAT traversal)
  exhibits the same behavior when using a VPN connection
  Public Cloud <-> NAT <-> Private (with public addresses) <-> Mini (VPN) <-> Pvt. <-> Client
  Same host without VPN works fine.
  Clearing the XP checkbox that routes all traffic to the remote (VPN) router makes external hosts work
  as you would expect.
  So my questions are:
  a) What's XP doing?
  b) Can it be fixed? (besides routing public traffic away from the VPN.)
  Thanks Jonathan
  p.s. MrHoffman, I almost asked this in the HP Forum as well, till I noticed you were here. (Assuming you are Hoff.)

  Hi soccerdude21490-
  +Is this possible?+
  Theoretically yes. However, it would be up to the school to allow you access through their network.
  The first step would be to contact the school's IT department and ask them if they will allow such a connection, and if so, could they please provide you with the settings (ip address etc.).
  Luck-
  -DP

• Vista 64 bit and vpn client

  I have received the bad news of one of my users had purchased a new machine w/o consulting me! :^(
  It's Vista Home Prem. 64 bit. Having been able to avoid the vista thing, I have not done any installs to this point. Does the VPN Vista client work on the 64 bit OS?
  Thanks in advance

  Any other alternatives?
  Originally Posted by Mysterious
  shesser wrote:
  > I have received the bad news of one of my users had purchased a new
  > machine w/o consulting me! :^(
  > It's Vista Home Prem. 64 bit. Having been able to avoid the vista
  > thing, I have not done any installs to this point. Does the VPN Vista
  > client work on the 64 bit OS?
  >
  > Thanks in advance
  >
  >
  no

• VPN gate client- "Network cable unplugged"

  i have vpn gate client installed for a game that i wish to play. to do so i need to be able to use vpn gate client. it doesn't let me connect to any server but that's not why i'm here.
  the problem i believe is the issue is that it states that the VPN Client under network connections tells me that the network cable is unplgged. and when i trouble shoot it it states that i need to plug in my ethernet cable.
  i use a msi gaming 7 motherboard and it comes with it's own killer ethernet gigabyte controller. or "Killer e2200 Gigabit Ethernet Controller"
  this controller is in use so could it be that the vpn gate isn't working because killer e2200 is running as well? i'm confused because when i used this software on my laptop it worked perfectly fine.
  any suggestions as to how i could possible fix this issue or enable the vpn client adapter? thanks!

  I have a related problem with the e2200 NIC on a Z97 Gaming 3 motherboard:  I cannot make an IPSEC VPN connection with this NIC.  If I use an add-on NIC, I can connect just fine, as I can from dozens of other computers with a variety of NIC makes and models.

• Screen Sharing and VPN functionality with ARD

  Can somebody with ARD tell me if the following setup is going to work? There's no demo version so I can't tell if it's going to be worth 300 dollars.
  I have a number of local machines in a network and a couple external machines in other parts of the state that VPN in to the network. I want to be able to have a local machine that can screen share w/ voice reliably with these guys.
  "Reliably" being the key. iChat screen sharing and VNC alternatives do not work reliably at all. They crash, they are slow, they sometimes disconnect video and keep the audio. Or some days they work perfectly, but that's few and far between. Zero-conf services like MacHelpMate work just fine, but I'm reluctant to pay 600 a year for something like this.
  Is ARD going to be able to be able to fix this problem for me, or am I really just going to end up with more of the same issues?

  ARD uses VNC for observation and control, so if you're having problems with iChat screen sharing and with VNC clients, I would not expect that ARD would be any better. My suspicion is that your network and/or VPN are cutting things off, since most people have found iChat sharing and VNC to be pretty reliable, but without being able to perform reliability tests on your network to VPN clients, I can't say for sure.

• Win 8 and 8.1 client showing shared printer server as offline

  Hi,
  we have a problem with our print environment (HP and Ricoh printers).
  We have some Windows 8 and 8.1 clients and a Windows Server 2008 R2 printserver.
  Windows 8 and 8.1 is showing the printers as offline. Its seems the problem described here ->
  http://support.microsoft.com/kb/2713128
  We already installed the fix on the server but this didn't resolve the issue.
  Maybe somebody have the same issues and an alternate solution for this?
  Best regards

  Hi,
  Thanks for posting in the forum.
  So far, there's no fix for Windows 8. Since you have tried the hotfix you mentioned without any help, please also try to install this update to see if it could help.
  Update rollup: Fix printing problems in Windows 7 and Windows Server 2008 R2
  http://support.microsoft.com/kb/2647753
  If the issue persists, please try to refer to the following articles to troubleshoot the issue.
  Printer shows as “Offline” in Windows 8 (Workaround)
  http://www.blakepell.com/Blog/?p=611
  How to: Fix a network printer suddenly showing as offline in Windows Vista
  http://blog.rtwilson.com/how-to-fix-a-network-printer-suddenly-showing-as-offline-in-windows-vista/
  As it mentioned in the article above, please try to open the print queue dialog and choose “Properties” from the “Printer” menu that it would connect to the printer and bring it back online.
  Also, maybe disabling SNMP support for network printers will work.
  Here are some similar threads as reference, hope they could help.
  Network printer shows offline on Windows 8
  http://answers.microsoft.com/en-us/windows/forum/windows_8-hardware/network-printer-shows-offline-on-windows-8/7851703b-492c-4e97-8063-f1fc2aa63ec0
  Network printer still connected, but shows as offline
  http://answers.microsoft.com/en-us/windows/forum/windows_xp-hardware/network-printer-still-connected-but-shows-as/90e0dd64-d4a3-41f2-a361-05947988bdee
  Best Regards,
  Andy Qi
  TechNet Subscriber Support
  If you are
  TechNet Subscription user and have any feedback on our support quality, please send your feedback
  here.

• Why does SSL VPN require client for full functionality?So What's the point?

  I was interested in SSL VPN because I thought that I could have the same functionality I have when connecting via Cisco VPN 3000 concentrator (IPSec with AH and ESP enabled), but without the hassle to deploy and maintain client VPN's for thousands of users.
  However, to my disappointment, based on the information below from www.cisco.com (and I believe that it is the case from other vendors, right?) SSL VPN offers limited functionality if deployed clientless. Why is like that?
  Imagine I have a VPN (IPSec) solution functional today. If I deploy SSL VPN (clientless) what lack in functionality should I experience? Why a VPN client is required if SSL VPN can successfully establish the tunnel? I don't get it.
  "...SSL VPNs provide two different types of access: clientless access and full network access. Clientless access requires no specialized VPN software on the user desktop; all VPN traffic is transmitted and delivered through a standard Web browser. Because all applications and network resources are accessed through a browser, only Web-enabled and some client-server applications-such as intranets, applications with Web interfaces, e-mail, calendaring, and file servers-can be accessed using a clientless connection. This limited access is suitable for partners or contractors that should be provided access to a limited set of resources on the network. And because no special-purpose VPN software has to be delivered to the user desktop, provisioning and support concerns are minimized."

  Hi,
  Clientless SSL VPN only able to access application through browser (i.e. HTTP and HTTPS). If you need to acces other application like RDC, you need full SSL client.
  Full SSL Client is deployed automatically depends on how you configure the SSL VPN box (temporary or permanently);
  1. From the SSL VPN box, you can configure it to download and be installed to user PC permanently (500KB+). When the user successfully authenticated by the SSL VNP box, it will download the client and install automatically/permanently without any help from the network administrator. The user need to login on his/her PC with administrator priviledge.
  2. From the SSL VPN box, you can configure it to download and be installed to user PC temporary (500KB+). When the user successfully authenticated by the SSL VPN box, it will download the client and install temporary without any help from the network administrator. The user need to login on his/her PC with administrator priviledge.
  In one of my deployment, I have 1000+ SSL VPN user. I just need to create a 10 page User Manual/Guide complete with troubleshooting on their own. I use the first option which is automatically download and permanently install in their PC. Patching the SSL VPN Full Client need to upload the new client in the SSL VPN box only and it will automatically patch the client in user PC.
  Dandy

• ASA and vpn load balancing

  Hi,
  I am configuring 2 ASA5540 for internet trafic inside to outside ,
  outside to inside (web,smtp) but also vpn load balancing for client to site , site to site and webvpn.
  In the doc I can configure them for internet trafic as Active/Standby or Active/active.
  for vpn : I can use vpn load balancing
  But no information if I want to use the active/passif and vpn load balancing together.
  Any thoughts on which way to go? what is the best thing to do ?
  Regards

  Hi,
  I think that you cannot use an Active/Active configuration for VPN connections as it is stated on Cisco's documentation: "Note: VPN failover is not supported on units that run in multiple context mode as VPN is not supported in multiple context. VPN failover is available only for Active/Standby Failover configurations in single context configurations" available at http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080834058.shtml
  Hope it helps

• Puzzler... Cant access RRAS with VPN connected client

  I have a series of 4 VMs running server 2012 r2;
  dc- my domain and wsus server
  rds- my remote desktop server for remoteapps, RRAS for connecting to VPN
  sql- sql server for database needed for one of the apps published
  av- hosts kaspersky and manages backups
  So, I have a VPN set up through RRAS and am connecting with it and all is well.  I can ping every computer on the network EXCEPT the rds server.  I can ping from the rds server to the vpn client.
  I am trying to use a remote app over the vpn but the remote app is unable to reach the rds server. 
  Does something have to be setup manually to loopback traffic to the rds server when it is coming in on the same server through RRAS?
  Any insight would be appreciated!
  Matt

  Hi,
  According to your description, my understanding is that rds installed RRAS and configured it as VPN server, VPN client successfully ping internal clients, but failed to ping the VPN server.
  Are there 2 NICs on the VPN server? One connects to internal and another connects to external?
  In general, a ping packet is sent by the client from its own IP address to the external IP address of VPN server, it will be unpacked once the VPN server receives it, and the VPN server will dispatch this pack due to the internal IP address. So, if this
  packet is sent to the VPN server, when it unpack the packet and find it is sent to itself, the VPN server should reply to this packet.
  You may try to turn off firewall/anti-virus software temporally, and then check to see if it can successfully ping. Besides, use a monitoring tool(Network Monitor, Wireshark ) to
  capture packets on both client and VPN server, check to see if the packets are sent/answered to the correctly destination.
  Best Regards,
  Eve Wang
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Kindly Is the Linksys E4200 Dual Band Router compatible with DHCP and VPN ?

  Kindly 
  Is the Linksys E4200 Dual Band Router compatible with DHCP and VPN?
  Thanks,

  Linksys/Cisco E4200 are compatible with DHCP. Second, these Wireless-N routers are only capable of enabling the VPN traffic to pass through the device.  You will need a VPN router and software to create the actual network to connect with your VPN client.

• Secured server with SSH and VPN?

  Hi,
  Have an Archbox at home and when I'm traveling I would like to connect to my Archlinux box at home to grab files and such things.
  Using ADSL with a static IP and a D-Link router.
  If I create a portfowarding rule of port 443 to my Archlinux box and user it to connect with SSH and VPN is that secured enought?
  I have family photos and stuff on the server that I don't want to be hacked or spread. Not a high target for hackers but for scriptkiddies!
  So, will a portforwarding rule and a use of SSH daemon and a VPN Server software make me secure all the way, the VPN and SSH is encrypted right?
  Any suggestions of a good VPN application?
  Server daemon for the "archserver" and clients for my laptop with dualboot, vista and archlinux.

  Yeah, SSH or OpenVPN should be perfectly fine.
  However, why port 443? If someone is scanning a large range of IP-addresses for commonly open ports to find active servers, they will most likely scan port 21, 22, 25, 80, 110, 443, etc. as these ports usually run the most interesting services.
  Since it has no impact on the usability, choose a high port, between 10000-65000, which is not commonly used. That way your system will not be identified as active by a simple portscan searching for active servers.
  You don't have to be worried about attacks targeted directly against you, if you don't have anything interesting on your system, a cracker wouldn't spend time on manually breaking into your system. Just mask yourself from worms etc. by using uncommon ports. Using SSH or OpenVPN will handle encryption, which ensures data integrity, even when you're connected to an unencrypted hotspot somewhere in the world on your vacation
  If you setup OpenVPN, you'll also have the possibility of routing all your Internet traffic throught your home system, which can be very handy in terms of surfing and checking mail from unencrypted hotspots around the world.

• Outlook and mac mail client attachements freeze, skype freeze

  Hi all,
  I am working in a company that many users have Macbooks Air and Pro. One specific user with a  a Macbook air that has a clean install of Yosemite (not even a week ) started to have problems with the mac mail client attachements. Every time he tried to insert a file the mail client frozen and had to force quit. After a while i observe the same issue on Outlook mail client. At last after a reboot that he did to see if that gonna solve the problem then Skype started to freeze also and had to quit every time. So now, so far none of the above apps work as expected and the Skype doesn't work at all. It has to be noted here that we did the upgrade from Mavericks to Yosemite to solve the Skype issue that he had also for a couple months now and it wasn't resolved from Skype's support team( never answered). So for now we have again the same problem and and with a fresh install of Yosemite i am started to thinking about hardware issues or even broken drivers, code to Yosemite etc. The laptop has an encrypted SSD using Filevault, SEP, Office and Acrobat Reader nothing else.
  Any thoughts to solve this issue?

  Hi Brody,
  Thank you for your answer, yes i did erase the hard drive and install Yosemite!! After a second call that i made with my client he said that first of all:
  The problems of the Outlook and mac mail client attachements freeze started after he install Cisco VPN Anyconnect (I don't think that this has to do anything with the freezing) so he tried to remove this using Appcleaner. After this not only the Outlook and mac mail client attachements freeze problem was remaining but he saw that skype started to freeze also. No matter how many uninstall and install he made to the Skype, Skype continues to freeze. For the mail freeze i advise him to use the verify/repair disk permissions and so far that one solved. The remaining problem is the Skype Freeze so far. I also tried to remove the Skype following this https://support.skype.com/en/faq/FA12073/how-can-i-completely-uninstall-and-then -reinstall-skype-for-mac-os-x
  so to avoid Appcleaner and still the problem persist even with older versions of Skype. I also create another profile account in Yosemite and Skype seemed to played well there. But i would need to solve in his account so to avoid any file transfer. Do you have any idea why that happened? Is it a file permissions problem? Corrupt/missing files in users profile? This one problem had in the past as i wrote in the previous comment and couldn't work at that time.
  Any thought on that? What could be wrong?
  Thanks

• DP selection for VPN users and VPN boundaries

  Hi
  I have a scenario wherein we have 500 users across UK who will connect via VPN, the client has 350 sites with main 25 locations with minimum users (>20) and rest of the sites have less than 10 users.. may one or 2 or 5.. for no DP are placed. aprt from
  500 all will be on LAN.
  DP is only for sites > 20 users...
  so my concern is how do the users who will be on vpn have to be configured for DP to download the content,
  if a user moves from one location to other location lets say from London to Manchester how will this user on VPN will be able to select the DP if he is configured to select DP in London.?
  Do advise how to configure the DP for VPN user who move from location to location. How will they select the DP.
  we do have the IPrange for VPN users , but how to map it to DP. if I map London DP to a user and then if he is in Manchester the user will all way pull the content across WAN..  how to make the user to auto connect to local DP(Manchester) if on VPN.
  Thanks

  if I map London DP to a user and then if he is in Manchester the user will all way pull the content across WAN..  how to make the user to auto connect to local DP(Manchester) if on VPN.
  You don't map users to DPs and DP communication is dynamic and not persistent in any way. Thus, *every time* that a client requests content it submits its current IP and is given DPs to download the content from based on this IP and the configured boundaries.
  Thus, as long as your "locations" have different IP ranges, there's nothing special to do.
  Jason | http://blog.configmgrftw.com | @jasonsandys