Solution Needed: Using VPN as a Jump off for multiple users to connect outbound to multiple 3rd party VPN

Similar Messages

• TS4550 Are 3rd party VPN apps affected?

  We use the app "Cisco AnyConnect" to establish a VPN connection "on demand".
  Are third party VPN apps also affected by this change?

  According to our Cisco contact, this change affects also 3rd Party VPNs on the iPhone.
  "For customers unhappy with this change, they will need to discuss this with Apple as this is not a Cisco feature and this change is not in our control."

• 3rd party vpn help

  Hi
  tried to setup a netopia dsl router but it was not quite working.
  I put a Netgear firewall behind the netopia and got a little father. I
  got phase 1 up and not phase 2 and I got messages on the BM IKE sceen.
  So much closer.
  A couple quick question AH or ESP?
  I think the mail issue is that the wan side of the netgear is 10.10.1.2
  and I have the netopia mapping a 75.28.120.89 to that. So I think the
  netgear is sending the BM some info that does not match. Not sure how to
  make the netopia let the Netgear take the wan IP over. Would that be
  bridging? When I tried that was not able to access the internet.
  I am guesing I should get a DSL VPN router. The Netopia does IKE but I
  don't believe it lets me do protected networks and that is why I failed
  when I set it up with BM.
  Any thoughts?
  Ike log below.
  Thanks,
  Will
  3-12-2008 5:47:10 pm ***Receive Aggressive Mode message from 75.28.120.89
  3-12-2008 5:47:10 pm
  I-COOKIE=1D1ECC2AE22DD0CA,R-COOKIE=0000000000000000,MsgID=0,1stPL=SA-PAYLOAD,state=-1898738164
  3-12-2008 5:47:10 pm Start IKE-SA 90E33100 -
  Responder,src=68.21.158.113,dst=75.28.120.89,TotSA =1
  3-12-2008 5:47:10 pm AUTH ALG IS 1
  3-12-2008 5:47:10 pm Warn :Proposal mismatch PHASE 1 HASH Algorithm
  mismatch mine : SHA his : MD5 dst : 75.28.120.89 src :
  68.21.158.113 cookies[mine :his] CAF64711DDEB1343 : 1D1ECC2A00000004
  3-12-2008 5:47:10 pm Warn :Proposal mismatch PHASE 1 DH Group mismatch
  mine : 1 his : 2 dst : 75.28.120.89 src : 68.21.158.113
  cookies[mine :his] CAF64711DDEB1343 : 1D1ECC2A00000010
  3-12-2008 5:47:10 pm IKE SA NEGOTIATION: Peer lifetime = 86400 My
  lifetime=3600
  3-12-2008 5:47:10 pm ****DH private exponent size is 1016****
  3-12-2008 5:47:10 pm Local server's interfaces : 10.30.1.2
  3-12-2008 5:47:10 pm Local server's interfaces : 68.21.158.113
  3-12-2008 5:47:10 pm Recieved MM ID payload type 1 protocol 0 portnum 0
  length 8
  3-12-2008 5:47:10 pm *Received MM ID ID_IPV4_ADDR 10.10.1.2
  3-12-2008 5:47:10 pm *Sending MM id payload IPSEC_ID_IPV4_ADDR
  68.21.158.113
  3-12-2008 5:47:10 pm *protocol 0 portnum 0 length 8
  3-12-2008 5:47:10 pm ***Send Aggressive Mode message to 75.28.120.89
  3-12-2008 5:47:10 pm
  I-COOKIE=1D1ECC2AE22DD0CA,R-COOKIE=CAF64711DDEB1343,MsgID=0,1stPL=SA-PAYLOAD,state=-1898738164
  3-12-2008 5:47:13 pm ***Receive Aggressive Mode message from 75.28.120.89
  3-12-2008 5:47:13 pm
  I-COOKIE=1D1ECC2AE22DD0CA,R-COOKIE=CAF64711DDEB1343,MsgID=0,1stPL=HASH-PAYLOAD,state=-1898738052
  3-12-2008 5:47:13 pm IKE : Not an NMAS user use default traffic rule
  3-12-2008 5:47:13 pm Final IKE (phase 1) SA lifetime is 86400 secs
  3-12-2008 5:47:13 pm IKE-SA is created. rekey time = 64800
  encr=5,hash=1,auth=1,lifesec=86400
  3-12-2008 5:47:13 pm dst=75.28.120.89,time=29536
  3-12-2008 5:47:13 pm ***Receive Quick Mode message from 75.28.120.89
  3-12-2008 5:47:13 pm
  I-COOKIE=1D1ECC2AE22DD0CA,R-COOKIE=CAF64711DDEB1343,MsgID=F6E40B94,1stPL=HASH-PAYLOAD,state=-1898738052
  3-12-2008 5:47:13 pm Start IPSEC SA 8ED4B280 - Responder****totSA=1
  3-12-2008 5:47:13 pm AG MODE : Responder Ready to receive encrypted IKE
  packets
  3-12-2008 5:47:13 pm ****DH private exponent size is 1016****
  3-12-2008 5:47:13 pm Received (QM) proxy ID 10.31.1.0 255.255.255.0 -
  10.30.0.0 255.255.0.0
  3-12-2008 5:47:13 pm Warn :Proposal mismatch Quick Mode : ESP -
  transform mismatch mine : esp des his : esp 3des dst : 75.28.120.89
  src : 68.21.158.113 cookies[his :mine] CAF64711DDEB1343 :
  1D1ECC2A90E332D6
  3-12-2008 5:47:13 pm sending notify message type: 14 to 75.28.120.89
  3-12-2008 5:47:13 pm ***Send Unacknowledge Informational message to
  75.28.120.89
  3-12-2008 5:47:13 pm
  I-COOKIE=1D1ECC2AE22DD0CA,R-COOKIE=CAF64711DDEB1343,MsgID=A2B64057,1stPL=HASH-PAYLOAD,state=-1898738052
  3-12-2008 5:47:13 pm Processed SA-PAYLOAD unsuccessful - No proposal
  chosen for quick mode, dst=75.28.120.89.
  3-12-2008 5:47:13 pm Failed to create protoSA - No proposal chosen for
  quick mode 75.28.120.89
  3-12-2008 5:50:25 pm ***Receive Unacknowledge Informational message from
  75.28.120.89
  3-12-2008 5:50:25 pm
  I-COOKIE=1D1ECC2AE22DD0CA,R-COOKIE=CAF64711DDEB1343,MsgID=BD0F9D55,1stPL=HASH-PAYLOAD,state=-1898738052
  3-12-2008 5:50:25 pm recieved isakmp sa delete msg from 75.28.120.89
  cookies are 1D1ECC2AE22DD0CA : CAF64711DDEB1343

  Will K wrote:
  > Hi
  > 3-12-2008 5:47:13 pm Processed SA-PAYLOAD unsuccessful - No proposal
  > chosen for quick mode, dst=75.28.120.89.
  > 3-12-2008 5:47:13 pm Failed to create protoSA - No proposal chosen for
  > quick mode 75.28.120.89
  That means that phaseII, quick mode, does not match on both ends.
  Settings has to be the same on both ends, about encryption.
  There are few good documents about configuring 3rd party vpn with bm.
  The device will change but the settings have to be the same, just use
  one of this docs as example of the settings you need
  Gonzalo

• Would it be possible for time machine to back-up files from 3rd party software such as windows platform using parallel?

  I'm wondering if it would be possible for time machine to back-up files from 3rd party software such as Windows XP using parallel software especially if it is isolated from mac?  Any advise would be greatly aprreciated.

  Short answer - yes Time Machine will backup everything within the Mac OS system.
  Longer answer - Parallels creates a pvm disk image "Parallels Virtual Machine" which Time Machine backs up.
  Due to the changes to the pvm file Time Machine is unable to read the minor changes and will somtimes do a full backup of it each time Time Machine runs and can chew through Back up drive space quite quickly.

• Hiding Links from Infoview (e.g Log off) for some users

  Hi,
  Can we hide links in Infoview (e.g log off) for some users in BO XI R2 ?
  Thanks

  Hi Vaneet,
  No we cannot hide links of infoview  for some users in BO XI R2.
  Thanks,
  Praveen.

• Need help in setting up Group Policy for same user in local system and Terminal server

  Hi All,
  Currently our remote users are using our network using VPN client over internet.
  They are generally at their home computer and doing VPN as they have to work only in one RDP server for application.
  We actually have a OU created for these RDP users and assign then some strict policy like they can not use any other .exe,they can not user any explorer ,they can not even use windows explorer when they are on RDP they just use one exe of their application.
  Now what my management want is they want their home computers in Domain and want them to login via their same credentials they are using for RDP but they don't want them to restrict in their home computers with any strict policy.
  Now my confusion is how can I configure different policies for same users or same OU.
  Can any one guide me please...

  you can achieve this fairly easily with group policy.
  create an OU and put your remote desktop servers in that OU.
  configure both user and computer policies in a group policy and link it to that ou.
  you need to enable loopback mode - you may want it in merge or replace depending on your other policies you have. Probably replace though I would guess. this is set in the computer configuration > admin templates > system / group policy section.
  now remove the policy you have currently setup for your users on the users OU containing the rdp users. If you want you can move these users back to your main users OU.
  when your users login to the RDP server the settings in the user section of the GPO linked to the RDP Servers OU will apply.
  when the user logs in to their own computer the policies from the user OU and computer OU will apply - but not the more restrictive RDP OU.
  hope that makes sense.
  Regards,
  Denis Cooper
  MCITP EA - MCT
  Help keep the forums tidy, if this has helped please mark it as an answer
  My Blog
  LinkedIn:

• What do I need to do to allow multiple users to connect to a Server?

  Hi,
  What do I need to do to allow more than two people to be able to connect to a server via RDP?
  I am using Server 2012 and I need 4 clients to be able to RDP in.
  The clients will only be accessing the Server from our internal network while they are onsite.
  Do I have to setup Licensing and what other steps do I need to do?
  Thanks   

  Hi,
  Thank you for posting in Windows Server Forum.
  Yeah, agree with words of Hari. Normally by default server will allow only 2 remote connection for administrator purpose. So you want 4 users to connect you need RDS CAL to access it. As already suggested you can purchase RDS CAL (Per User or Per Device) according
  to your requirement. 
  After installing RD License server you need to activate it first and then you can install the purchased RDS CAL.
  More information:
  Enabling more Remote Desktop Connections in Windows 2012
  http://social.technet.microsoft.com/Forums/windowsserver/en-US/cf93b596-413b-4390-a452-acb19a4b0b14/enabling-more-remote-desktop-connections-in-windows-2012?forum=winserverTS
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• Using my software to convert videos for another user - how do I sync it ?

  I have been using a software to convert dvd for ITouch with great effect. now I want do do same for a friend - but am worried that when I syn i will loose all that's currently on her iTouch. How can I do this?

  Before someone points out that we cannot discuss of even act like converting a DVD is possible because it is allegedly illegal, you are not asking that. You, by magic we assume, can do this. You are asking whether you will lose what is on her iPod.
  I am not sure you can sync her iPod from your system but if you did you'd want to set it to only sync what you checked and then only check that one movie.
  I wonder... is there a reason yo cannot just move the converted file from your computer to hers and let her import it?
  -fred

• Powershell 4.0 How to use Add-Printer to add printer for all users (machine)

  Is there a way I can use Powershell 4.0 Add-Printer cmdlet to add a printer for all users (machine)?  I tried from an admin account but it only adds a printer for the currently logged on user.
  thanks.

  Adding a printer for all users requires having access to their profiles (and registry hive for user) to save the mapped printer information. Your best bet is to either use Group Policy Preferences or write a user logon script that ones when they log in and
  maps the printer if not already mapped. 
  Group Policy Preferences Example
  I wrote an article a while back that shows how to use a GPO logon script to map a printer. It doesn't use V4, but the process would be the same as far as a GPO goes.
  http://learn-powershell.net/2012/11/15/use-powershell-logon-script-to-update-printer-mappings/
  Boe Prox
  Blog |
  Twitter
  PoshWSUS |
  PoshPAIG | PoshChat |
  PoshEventUI
  PowerShell Deep Dives Book

• Need help in adding a disclaimer page for guest users

  We are trying to add a disclaimer page for public users to accept and continue for our public WLAN. Need to know how to add this page, and if there is a character liimit?

  Go to Security -> Web Auth -> Web Login Page
  Don't forget to enable Web Auth:
  WLAN -> Guest LAN -> Security -> Layer 3 -> Web Policy
  Is this what you are looking for?

• Using SWING to create a GUI for PC to Microcontroller connection...

  Hello,
  I am currently undertaking a project task regarding the connection of a microcontroller (uC) to a host pc. Our main task now is to create a GUI that would display information stored on the uC.
  I was just wondering if SWING will be able to accomodate the following:
  1) The uC will be hooked up either through ETHERNET LAN cable or a USB WIFI adapter. The host pc running Java will have a GUI that would be able to locate this IP address of the uC and connect to it.
  2) We have verified that a telnet connection from a pc to the uC works. We could successfully, get the necessary files needed from the uC.
  3) The contents of the files we want are just a bunch of serial numbers. We have uC run a code and store the output into a file. This file would then be transfered to the host pc.
  4) In the end, we want to send this data wirelessly, instead of using the LAN CABLE.
  My question now is would SWING be a good option in implementing this GUI. I have taken a JAVA course a 2 yeasr ago so I am still familiar with some JAVA basics but I have not delved into the networking aspects of JAVA, which I do know it has.
  I await your kind responses,
  thanks.

  Hi,
  By ?C do you mean ?C/OS-II?
  I don't know much about ?C/OS-II, I believe that you could
  make a program for that processor that would listen for connections
  on some ethernet port. Then your java program need to connect to that port
  and fetch the data.
  At the end of this article is a bit of info about sockets in ?C/OS-II.
  http://www.hardware.dibe.unige.it/Software/DynamicC/DynCUsersManual/14ucos.htm
  As pointed earlier, the GUI isn't your biggest problem.
  kari-matti

• TS4006 How do I remotely unlock an iPad using this app from my iPhone once the user has connected to WiFi?

  How do I remotely unlock an iPad using the Find My Phone app from my iPhone once the iPad is connect to WiFi?

  I'm not sure about the apps, but to prevent theft, you'll also need to disable the power button and the ability to restore the ipad. You might also want to superglue in your Sim card because if they remove that, it wont be tracked unless they connect to WiFi.
  Also, I'm not so sure it is an app on the iPad. I think it is built into the mail, calendar and contacts options if you have a Mobile me account.  http://www.apple.com/ipad/find-my-ipad-setup/

• How to use quota on a desktop folder for all users with File Server Resource Manager.

  Hi there,
  I'd like to know if there is a posibility to use variables in the path with File Server Resource Manager if you want to set the quota.
  The path I'd like to use is d:\home\%username%\desktop.
  Like to hear from you all if there is a solution or workaround for this one :)
  Thanks for your time.
  Ben.
  Ben van der Meer

  That's a question about Automator, so I'd pop that one here
  http://discussions.apple.com/forum.jspa?forumID=1339
  Regards
  TD

• Long delay for add-in saving emails with Cached Exchange Mode off for one user's Exchange account

  Hello,
  Before I start, I have asked questions in the Outlook Developer forum and was referred here as it appears to be an Exchange Server problem that I am experiencing, not related to Outlook or the add-in that I am developing.
  I am an Outlook developer with an Outlook add-in that adds MAPI properties to emails and then calls MailItem.Save to save the changes.
  The add-in uses the Internet Message ID MAPI property for some functionality, so I have to turn turn Cached Exchange Mode off to ensure that my functionality works correctly for the Sent Items folder (otherwise no Message ID property exists).
  This process works fine for 99% of users.
  I have one particular user that has a huge delay (~1 minute) when MailItem.Save is called for items in his account. He is using an Exchange account. If I switch Cached Exchange Mode on there is no longer a delay (as no communication with Exchange Server). The
  user does not have an excessively large Mailbox.
  The problem is not caused by the network or communication path to the server as the problem exists on any computer where other users are ok.
  I'm sure the problem is not caused by my add-in, but likely a problem with the user's Exchange account. Does anyone have any suggestions on how I may be able to resolve the delay and what might be causing it?
  Thanks
  Glen Thomas

  Hello,
  Before I start, I have asked questions in the Outlook Developer forum and was referred here as it appears to be an Exchange Server problem that I am experiencing, not related to Outlook or the add-in that I am developing.
  I am an Outlook developer with an Outlook add-in that adds MAPI properties to emails and then calls MailItem.Save to save the changes.
  The add-in uses the Internet Message ID MAPI property for some functionality, so I have to turn turn Cached Exchange Mode off to ensure that my functionality works correctly for the Sent Items folder (otherwise no Message ID property exists).
  This process works fine for 99% of users.
  I have one particular user that has a huge delay (~1 minute) when MailItem.Save is called for items in his account. He is using an Exchange account. If I switch Cached Exchange Mode on there is no longer a delay (as no communication with Exchange Server). The
  user does not have an excessively large Mailbox.
  The problem is not caused by the network or communication path to the server as the problem exists on any computer where other users are ok.
  I'm sure the problem is not caused by my add-in, but likely a problem with the user's Exchange account. Does anyone have any suggestions on how I may be able to resolve the delay and what might be causing it?
  Thanks
  Glen Thomas

• Need to deny access to file manager for the user

  Hi
  I need to be able to deny access to the file manager, as I dont want my client deleting files. however, for some reason I have to allow him access to this as he needs to be able to upload files through InContext Editor (he needs to link pages to documents that are not on the server so he needs to upload them and to do this, I have to grant him access to file manager).  How can I get around this?  I dont want to have to reupload his site every time he deletes a file....

  Unfortunately it can't be done - access to the file manager allows deleting as well as uploading and at this point that cannot be changed.