Split tunnel works... but only for one IP

Hi All,
Dealing with a really frustrating problem. Our setup, roughly, is as follows:
- We have a remote access VPN that users connect to with any connect; in turn, they are assigned a local LAN address: 10.1.11.192-10.1.11.200
- We have a site-to-site VPN that connects to Amazon AWS to access 10.0.249.0 and other subnets, and now certain hosts on the Amazon *public* network (e.g, 54.1.2.3). This is done via a split tunnel.
What we're seeing is this:
- Users connect to the VPN and are assigned one of the addresses above. Let's use 10.1.11.192 for this example.
- They can then access anything in the 10.0.249.0 subnet (via the split tunnel) just fine. This goes across both ASA devices.
- They can then access anything in the public Amazon network (via the split tunnel) just fine. This should only use the remote access ASA.
So, it seemed like everything was working. When connected to the VPN, Amazon hosts in both 10.x.x.x networks and public IPs that I had specifically tunneled (we plan to transition these to a VPC soon) were accessible, and access happened via the remote access VPN IP (i.e, when connecting to 54.1.2.3, it showed the user being logged in from the Cisco's gateway's IP address, as opposed to the local client IP).
Now, here's where things got weird: *public* tunneled hosts at Amazon only works with the first address in the pool, 10.1.11.192. No other addresses work. 10.0.249.x is always available, regardless of assigned IP. 54.x.y.z is only available with .192.
I've used the same computer with different assigned IPs (10.1.11.193-10.1.11.200), and none work. I've connected using different computers.. they work if assigned .192, but not any other addresses. Other users report the same issue.
TCP handshaking is failing
I'll use our IRC server (and sometimes ssh server) for testing. I can see my client laptop with a SYN_SENT on that specific connection. I can see the IRC server with a SYN_RECV, and the ASA shows a SYN timeout after 30 seconds. Thus, it looks as though packets from the IRC server can't make their way back through the ASA to my client laptop.
I suspect this has something to do with dynamic vs. static NAT, etc., but I've fiddled with every setting I can, and coming up blank.
I'm also baffled as to why .192 works, but no other addresses do.
I've attached our configuration, minus keys and passwords and certain IPs/hostnames. It's a little bit ugly because it has some poor attempts at fixing this, things I'll probably remove after it works, but.. Could it have anything to do with TCP sequence randomization?
Thank you in advance for any help.

Hi Jouni! Thank you so much for your quick reply. Mine was delayed because I've continued to fight the ASA this afternoon! Apologies for my verbosity, always found it better to include too much info than too little!
To clarify, ideally, a VPN client that connects to this ASA (10.1.11.5) should have three possible destinations:
- The internet at large - this should not go through the ASA, but should go through the client's own gateway, bypassing this VPN entirely. This works.
- My servers in an Amazon VPC (10.0.249.x and some others) - this should come in to this ASA (10.1.11.5), which in turn is already successfully routed to another ASA (10.1.11.4 in the config). This works, too.
- My servers at Amazon AWS that are on the public internet (example below: 107.22.xxx.yyy). This should only involve the one ASA in question (10.1.11.5). This is where I'm running into issues.
The split tunnel, thus, includes the networks 10.0.249.x and specific public AWS hosts like 107.22.xxx.yyy, etc. I want 10.0.249.x to go to Amazon via the other ASA 10.1.11.4 (again, this works) and I want 107.22.xxx.yyy, etc. to go to Amazon via *this* ASA (10.1.11.5). Basically, it's this last part that's causing problems: it works only one in very, very narrow situation: when the client is assigned the address 10.1.11.192. If a user logs in and is assigned any other address, they won't be able to access the "public" AWS servers.
I began by taking your advice and moving the IP assignment to an entirely different subnet: 10.1.12.100-10.1.12.200. I then spent a decent chunk of the afternoon adjusting NAT rules (and removing ACLs, per your suggestion). The only brief success I had was when I had about a bajillion NAT rules, and somehow I made it on to the IRC server! Oddly, my connection used the ASA's address itself, rather than the ASA gateway's address. Unfortunately, I stopped being able to reach 10.0.249.x at the time :/ I tried to adjust further, but cannot restore/recall what the NAT rules were.
I'm miffed because 10.1.11.192 works, and *nothing* else does. There is nothing special about this address in the config - I've tried everything I can to figure out why this one address is different. I've also looked in places that *shouldn't* matter because this bypasses the VPC entirely (AWS security groups, AWS iptables rules, VPC options, etc.)
Again, the behavior of 10.1.11.193-200 is a partial TCP handshake: the local computer sees SYN_SENT, and the remote server has SYN_RECV, but no connection is ultimately established. This is why I think it could be a NAT issue, but I'm obviously a bit lost here Here's a sample connection attempt, with DNS traffic removed:
2013-10-17 18:29:09.100 [DEBUG] Message from Host: 10.1.11.5 - Message - %ASA-6-302013: Built inbound TCP connection 43606 for outside:10.1.11.193/56626 (10.1.11.193/56626)(LOCAL\justinsTestMac) to outside:107.22.xxx.yyy/6667 (107.22.xxx.yyy/6667) (justinsTestMac) (pid:25912)2013-10-17 18:29:39.129 [DEBUG] Message from Host: 10.1.11.5 - Message - %ASA-6-302014: Teardown TCP connection 43606 for outside:10.1.11.193/56626(LOCAL\justinsTestMac) to outside:107.22.xxx.yyy/6667 duration 0:00:30 bytes 0 SYN Timeout (justinsTestMac) (pid:25912)2013-10-17 18:29:45.293 [DEBUG] Message from Host: 10.1.11.5 - Message - %ASA-6-302013: Built inbound TCP connection 43612 for outside:10.1.11.193/56626 (10.1.11.193/56626)(LOCAL\justinsTestMac) to outside:107.22.xxx.yyy/6667 (107.22.xxx.yyy/6667) (justinsTestMac) (pid:25912)102 (justinsTestMac) (pid:25912)2013-10-17 18:30:15.322 [DEBUG] Message from Host: 10.1.11.5 - Message - %ASA-6-302014: Teardown TCP connection 43612 for outside:10.1.11.193/56626(LOCAL\justinsTestMac) to outside:107.22.xxx.yyy/6667 duration 0:00:30 bytes 0 SYN Timeout (justinsTestMac) (pid:25912)2013-10-17 18:30:17.976 [DEBUG] Message from Host: 10.1.11.5 - Message - %ASA-6-302013: Built inbound TCP connection 43617 for outside:10.1.11.193/56626 (10.1.11.193/56626)(LOCAL\justinsTestMac) to outside:107.22.xxx.yyy/6667 (107.22.xxx.yyy/6667) (justinsTestMac) (pid:25912)2013-10-17 18:30:48.400 [DEBUG] Message from Host: 10.1.11.5 - Message - %ASA-6-302014: Teardown TCP connection 43617 for outside:10.1.11.193/56626(LOCAL\justinsTestMac) to outside:107.22.xxx.yyy/6667 duration 0:00:30 bytes 0 SYN Timeout (justinsTestMac) (pid:25912)
Thanks for any insight you have!

Similar Messages

  • Imessage is not working, but only for one particular contact.

    I cannot send/recive imessages from one particular contact, messages are sent as SMS. All other contacts are fine with imessaging, so why just this particular one? Please help??!!

    If you can send imessage to other users execpt for this one particular person.  Then the issue would be with him/her and not your phone.  That person will have to figure out whats going on.

  • Student account for Adobe CC - downloaded and worked but only for TRIAL - now asks for license - how do I access the programs? I was given a redemption code (apparently redeemed already). How do I get the licensing code?

    Student account for Adobe CC - downloaded and worked but only for TRIAL - now asks for license - how do I access the programs? I was given a redemption code (apparently redeemed already). How do I get the licensing code?

    Ask whom/wherever you got the redemption code from for one that has not already been used.

  • Calendar - when I want to edit a monthly recurring event but only for one month I am no longer given the box to update only that date.

    Calenndar - when I want to edit a monthly recurring event but only for one month I am no longer given the box to update only that date month.  How do I do this with the new operating system?

    Adding to Alan's answer:
    One of the problems that comes with these tricks for variable-rate acquisition is being able to match up sample data with the time that it was sampled. 
    If you weren't using either of E-series board's counters, there is a nifty solution to this!  You'll be using 1 of the counters to generate the variable-rate sampling clock.  You can then use the 2nd counter to perform a buffered period measurement on the output of the 1st counter.  This gives you a hw-timed measurement of every sampling interval.  You would need to keep track of a cumulative sum of these periods to generate a hw-accurate timestamp value for each sample.
    Note:  the very first buffered period measurement is the time from starting the 2nd counter until the first active edge from the 1st.  For your app, you should ignore it.
    -Kevin P.

  • Hi - I created a form in Adobe Livecycle and have a button on it to send the form via email.  t worked, but only for those with PC.  I could not get it to work with Apple Yosemite even with reader installed .  is there a way i can make it work for apple /

    Hi - I created a form in Adobe Livecycle and have a button on it to send the form via email. It worked, but only for those with PC. However,  I could not get it to work with Apple loaded with Yosemite even with reader installed .  Is there a way i can make it work for apple / Mac? It worked fine on a mac using Mountain Lion and reader
    Thanks

    LiveCycle = XFA forms.
    afaik - These cannot be used in Apple OSs.
    Be well...

  • Hi - I created a form in Adobe Livecycle and have a button on it to send the form via email.  the button did not work and i looked online and saw where you could change it to a regular button and enter the email for it to go.  it worked, but only for thos

    Hi - I created a form in Adobe Livecycle and have a button on it to send the form via email.  the button did not work and i looked online and saw where you could change it to a regular button and enter the email for it to go.  it worked, but only for those with adobe pro.  i could not get it to work with reader.  is there a way i can make it work for reader?

    Noted.
    The LiveCycle user to user forum is across town at:
    Adobe LiveCycle 
    Be well...

  • I want to install an app but only for one user on my imac with Lion

    I have 2 users on my mac. I would like to install some apps (iwork) but only for one user and not the other user. How can I do this?

    Setup of iWork in your wife's account should only occur the once.
    Updates can be performed through your account and are usually performed via Software Update.
    Messages should not be popping up in your wife's account if all the iWork updates have been performed.
    Go to Software Update and download and install all the iWork updates.
    Unless you keep OSX up-to-date, messages will continue to come up when your wife logs into her account.

  • [solved[X superlaggy after hd went out of space, but only for one user

    So the netbook (eeepc 1101ha) went out of diskspace while running and froze. I freed up some space and restarted X, but it failed so I rebooted. Same story then. It either loads and becomes super slow or doesn't load at all. I use dwm wm which to my knowledge doesn't save to config files that might have been corrupted during the moment with no diskspace. Other wms have same problems too, but only for that user.
    Here are some lines from /var/log/Xorg.0.log/
    [ 3068.496] (**) Power Button: always reports core events
    [ 3068.496] (**) Power Button: Device: "/dev/input/event4"
    [ 3068.507] (II) Power Button: Found keys
    [ 3068.507] (II) Power Button: Configuring as keyboard
    [ 3068.507] (II) XINPUT: Adding extended input device "Power Button" (type: KEYBOARD)
    [ 3068.507] (**) Option "xkb_rules" "evdev"
    [ 3068.507] (**) Option "xkb_model" "evdev"
    [ 3068.507] (**) Option "xkb_layout" "us"
    [ 3068.683] (II) config/udev: Adding input device Lid Switch (/dev/input/event2)
    [ 3068.683] (II) No input driver/identifier specified (ignoring)
    [ 3068.684] (II) config/udev: Adding input device Sleep Button (/dev/input/event3)
    [ 3068.684] (**) Sleep Button: Applying InputClass "evdev keyboard catchall"
    [ 3068.684] (**) Sleep Button: always reports core events
    [ 3068.684] (**) Sleep Button: Device: "/dev/input/event3"
    [ 3068.697] (II) Sleep Button: Found keys
    [ 3068.697] (II) Sleep Button: Configuring as keyboard
    [ 3068.697] (II) XINPUT: Adding extended input device "Sleep Button" (type: KEYBOARD)
    [ 3068.697] (**) Option "xkb_rules" "evdev"
    [ 3068.697] (**) Option "xkb_model" "evdev"
    [ 3068.697] (**) Option "xkb_layout" "us"
    [ 3068.700] (II) config/udev: Adding input device HDA Digital PCBeep (/dev/input/event8)
    [ 3068.700] (II) No input driver/identifier specified (ignoring)
    [ 3068.709] (II) config/udev: Adding input device USB2.0 UVC 1.3M WebCam (/dev/input/event7)
    [ 3068.709] (**) USB2.0 UVC 1.3M WebCam: Applying InputClass "evdev keyboard catchall"
    [ 3068.709] (**) USB2.0 UVC 1.3M WebCam: always reports core events
    [ 3068.709] (**) USB2.0 UVC 1.3M WebCam: Device: "/dev/input/event7"
    [ 3068.730] (II) USB2.0 UVC 1.3M WebCam: Found keys
    [ 3068.730] (II) USB2.0 UVC 1.3M WebCam: Configuring as keyboard
    [ 3068.730] (II) XINPUT: Adding extended input device "USB2.0 UVC 1.3M WebCam" (type: KEYBOARD)
    [ 3068.730] (**) Option "xkb_rules" "evdev"
    [ 3068.730] (**) Option "xkb_model" "evdev"
    [ 3068.731] (**) Option "xkb_layout" "us"
    [ 3068.742] (II) config/udev: Adding input device Eee PC WMI hotkeys (/dev/input/event5)
    [ 3068.742] (**) Eee PC WMI hotkeys: Applying InputClass "evdev keyboard catchall"
    [ 3068.742] (**) Eee PC WMI hotkeys: always reports core events
    [ 3068.742] (**) Eee PC WMI hotkeys: Device: "/dev/input/event5"
    [ 3068.750] (II) Eee PC WMI hotkeys: Found keys
    [ 3068.750] (II) Eee PC WMI hotkeys: Configuring as keyboard
    [ 3068.750] (II) XINPUT: Adding extended input device "Eee PC WMI hotkeys" (type: KEYBOARD)
    [ 3068.750] (**) Option "xkb_rules" "evdev"
    [ 3068.751] (**) Option "xkb_model" "evdev"
    [ 3068.751] (**) Option "xkb_layout" "us"
    [ 3068.752] (II) config/udev: Adding input device AT Translated Set 2 keyboard (/dev/input/event0)
    [ 3068.753] (**) AT Translated Set 2 keyboard: Applying InputClass "evdev keyboard catchall"
    [ 3068.753] (**) AT Translated Set 2 keyboard: always reports core events
    [ 3068.753] (**) AT Translated Set 2 keyboard: Device: "/dev/input/event0"
    [ 3068.773] (II) AT Translated Set 2 keyboard: Found keys
    [ 3068.774] (II) AT Translated Set 2 keyboard: Configuring as keyboard
    [ 3068.774] (II) XINPUT: Adding extended input device "AT Translated Set 2 keyboard" (type: KEYBOARD)
    [ 3068.774] (**) Option "xkb_rules" "evdev"
    [ 3068.774] (**) Option "xkb_model" "evdev"
    [ 3068.774] (**) Option "xkb_layout" "us"
    [ 3068.775] (II) config/udev: Adding input device SynPS/2 Synaptics TouchPad (/dev/input/event6)
    [ 3068.775] (**) SynPS/2 Synaptics TouchPad: Applying InputClass "evdev touchpad catchall"
    [ 3068.775] (**) SynPS/2 Synaptics TouchPad: Applying InputClass "touchpad catchall"
    [ 3068.775] (II) LoadModule: "synaptics"
    [ 3068.776] (II) Loading /usr/lib/xorg/modules/input/synaptics_drv.so
    [ 3068.776] (II) Module synaptics: vendor="X.Org Foundation"
    [ 3068.776] compiled for 1.8.0.902, module version = 1.2.2
    [ 3068.776] Module class: X.Org XInput Driver
    [ 3068.776] ABI class: X.Org XInput driver, version 9.0
    [ 3068.777] (II) Synaptics touchpad driver version 1.2.2
    [ 3068.777] (**) Option "Device" "/dev/input/event6"
    [ 3068.823] (II) SynPS/2 Synaptics TouchPad: x-axis range 1472 - 5472
    [ 3068.824] (II) SynPS/2 Synaptics TouchPad: y-axis range 1408 - 4448
    [ 3068.824] (II) SynPS/2 Synaptics TouchPad: pressure range 0 - 255
    [ 3068.824] (II) SynPS/2 Synaptics TouchPad: finger width range 0 - 0
    [ 3068.824] (II) SynPS/2 Synaptics TouchPad: buttons: left right
    [ 3068.824] (**) Option "TapButton1" "1"
    [ 3068.824] (**) Option "TapButton2" "2"
    [ 3068.824] (**) Option "TapButton3" "3"
    [ 3068.863] (--) SynPS/2 Synaptics TouchPad: touchpad found
    [ 3068.864] (**) SynPS/2 Synaptics TouchPad: always reports core events
    [ 3068.880] (II) XINPUT: Adding extended input device "SynPS/2 Synaptics TouchPad" (type: TOUCHPAD)
    [ 3068.880] (**) SynPS/2 Synaptics TouchPad: (accel) keeping acceleration scheme 1
    [ 3068.880] (**) SynPS/2 Synaptics TouchPad: (accel) acceleration profile 0
    [ 3068.881] (**) SynPS/2 Synaptics TouchPad: (accel) acceleration factor: 2.000
    [ 3068.881] (**) SynPS/2 Synaptics TouchPad: (accel) acceleration threshold: 4
    [ 3068.913] (--) SynPS/2 Synaptics TouchPad: touchpad found
    [ 3068.914] (II) config/udev: Adding input device SynPS/2 Synaptics TouchPad (/dev/input/mouse0)
    [ 3068.914] (**) SynPS/2 Synaptics TouchPad: Applying InputClass "touchpad catchall"
    [ 3068.914] (II) Synaptics touchpad driver version 1.2.2
    [ 3069.383] SynPS/2 Synaptics TouchPad no synaptics event device found
    [ 3069.384] (**) Option "Device" "/dev/input/mouse0"
    [ 3069.397] (**) Option "TapButton1" "1"
    [ 3069.397] (**) Option "TapButton2" "2"
    [ 3069.397] (**) Option "TapButton3" "3"
    [ 3069.417] Query no Synaptics: 6003C8
    [ 3069.417] (--) SynPS/2 Synaptics TouchPad: no supported touchpad found
    [ 3069.418] (EE) SynPS/2 Synaptics TouchPad Unable to query/initialize Synaptics hardware.
    [ 3069.430] (EE) PreInit failed for input device "SynPS/2 Synaptics TouchPad"
    [ 3069.430] (II) UnloadModule: "synaptics"
    [ 3069.431] (II) config/udev: Adding input device PC Speaker (/dev/input/event1)
    [ 3069.431] (II) No input driver/identifier specified (ignoring)
    Any ideas?
    Last edited by idjut (2010-07-13 00:43:04)

    R00KIE wrote:
    I'm not familiar with DWM but I would look inside ~/.local ~/.config and ~/.cache , maybe something is stored there.
    If that doesn't work you may try moving all the hidden stuff to a backup folder and start the X session again.
    Something must be causing that and most probably it's some dot file stashed away inside one of those dot directories (you say new users work just fine so it's not a system problem).
    Apart from this I'm out of ideas, once I had XFCE (I know its not the same) act really strange and the problem was related with some corrupted saved session file, once I deleted it everything was fine again.
    Didn't work! Any other tips, ideas?

  • What would be the reasons for my iMac keyboard to freeze up while online? Several page reloads brings it back but only for one set of typing. If I stop or need to delete it freezes.

    Using Firefox, Safari and Chrome depending on what I am working on or gaming. All recent updates as of 3.19.13
    iMac is fully loaded first quarter 2009 model. I use Office.
    Problem:
    While online typing just stops. This occurs most frequently when I have to change something or delete, it does not matter how many letters or numbers.
    Page reloads sometimes take 2 or 3 times for any effect, then it is only for one straight set of typing. If I have to stop and delete or go back and do something as small as adding a letter it will not type. The is well known muted "dump" sound.
    Is it possible that I was somehow infected with malware? No one else uses the computer and I do not go to any sites I am unfamiliar with or are gambling or ****.
    Help please. I am a writer.

    Take a look at your computer's CPU and RAM usage with Activity Monitor, It some like your system is slowing down not you keyboard.  Take a look at this link, http://support.apple.com/kb/HT1342?viewlocale=en_US&locale=en_US
    Also try to verify/repair your hard drive with disk utility, see this link, http://support.apple.com/kb/HT1782?viewlocale=en_US&locale=en_US

  • My microphone is not working but only for calls

    I had my Iphone working perfectly until I updated to 4.3.1 after that I lost the microphone but only for calls when I use Skype, Video recording and may other features that uses microphone all of them worked. I did restore again to 4.3.1 and make a new fresh installation without recovering my data so now I'm not only without phone features but also need to load all of my data again. This occurs most of the time but about 2 of 10 calls the people can hear me so I think this must be related to baseband update or hadware issue.

    Might try setting the option in System Preferences > Sound > Input tab > check "use ambient noise reduction"
    Regards,
    Captfred

  • My iPhone 4s cannot join a public unsecured network but my iPad and macbook can.  I have reset the network settings twice.  Both times it worked, but only for a few minutes.  What can I do?

    My iphone 4s cannot join a public unsecured network, but my ipad and macbook can with no problems.  I have reset the network settings on the iphone twice.  Both times that fixed the problem but only for a few minutes, then I get the "cannot join network" message again.  Please help!  What can I do?

    Anyone have any ideas or information to help with this?  Any help and consideration is MUCH appreciated.

  • Excel file very slow to save - but only for one user! Why?

    The problem ... 
    I have an excel spreadsheet that I share with my partner, i.e. another user on my Mac.  The file works just fine for me, but is very slow to save when my partner uses it.  Save time for me is about 3 seconds, for my partner about 45 seconds.  The problem only seems to be with this one file, and the slow save time is driving her nuts!  (I'm not able to upload the file as it contains confidential info).
    The file is about 225kB with about 6 worksheets and some macros.  It’s stored in a folder below the standard OSX ‘shared’ folder.  Both users have identical permissions on these folders and this file.
    What have I tried already?  Re-saving the file in a different place, renaming it, re-creating it by copying the contents to a blank file, repairing permissions on my partner’s user account, copying excel .plist files from my user to hers, deleting her .plist file & creating a new one.  None of these have worked.
    System details ...  2.8GHz I5 iMac (late 2010 vintage), 8GB memory, OSX 10.6.8 (Snow Leopard).  Excel for Mac 2011 v14.2.3 (auto updates on & all installed I believe)
    Any suggestions would be gratefully received.

    On the problem Mac...
    Open Console in Utilities & see if there are any clues or repeating messages when this happens.

  • My online number is working, but only for 10 secon...

    Hi,
    I purchased an online number today, its all setup and working, but I can't hold the call for longer than 10 seconds.
    It does not seem to be my connection, as a normal skype VIDEO call works perfectly.
    Im on a BT infinity fiber line at 40MB.
    It seems to timeout from the callers end.
    Please can I get some advise or have a technical engineer help resolve the issue?
    cheers,

    if this is a business connection your better off in the business forums

  • ITunes says computer not authorized...but only for one TV show--everything else in iTunes library plays

    I made a purchase of a TV show from iTunes on my iPad. I only have one Apple ID/iTunes account. I synced my iPad to my computer (Win 7, iTunes 10.6.1.7) and the TV show was synced from my iPad to my computer. But when I go to watch the video on my computer, I get the first message below that says I need to authorize this computer - weird because this is the only file in my iTunes library that is prompting this message - anyway, I type in my Apple ID and password and get the second message. I go to play the video and I get the first message again.
    I followed the instructions from http://support.apple.com/kb/TS1389, which did not solve my problem.
    Any thoughts?

    You seem to be mixing up two different things, authorisations and linking an iPod with a library.
    1) iTunes Store authorisations
    If your system crashes or you reinstall your operating system without deauthorising iTunes first, even a single computer can use up your limit of 5 authorisations. You can't deauthorise a "dead" installation on it's own. However once you reach your limit of 5 you have the option to deauthorise them all in one go from your iTunes Store account and start over again. Just note that you can only use this option once a year: About iTunes Music Store Authorisation and Deauthorisation
    2) Syncing an iPod with an iTunes Library
    If an iPod set to update automatically and you connect to a new computer or new library (made after you lost the original one) you'll get a message that it is linked to a different library and asking if you want to link to this one and replace all your songs etc. If you have rebuilt your library and everything that is on the iPod is also in iTunes pressing "Erase and Sync" will reload and relink the iPod to iTunes. If the iPod has content on it that isn't in iTunes press "Cancel".

  • Flash Pop-Ups Showing Blank... but only for one user! OS X

    Hello,
    I am absolutely at my wits end with this one.  Here are my specs
    My Player Version: MAC 10,1,53,64
    Operating System: Mac OS 10.6.3 (Snow Leopard)
    Browsers: Safari 5.0, Firefox, Chrome -- same error on all browsers
    About a month ago, I noticed some strange behavior with Flash on certain sites -- namely that when I hovered over something that would create a flash pop-up (like the graphs in Google Analytics), the box would pop-up, but it would be empty -- no text, just the blank colored box.  Movies played fine, other aspects of Flash played fine, just the pop-ups were broken.  This was cross-browser --- didn't matter if I used Safari, Firefox or Chrome -- same broken pop-ups.  Since then, I've noticed other things that don't work -- like the Adobe Privacy Settings box! The checkboxes are visible in the settings box, but no text!
    As it keeps me from using Google Analytics and other important online apps, this has made me very sad.
    What's strange, though, is that it only seems to affect the main user account on my Mac -- when I try to access these sites with my Guest account, everything works perfectly. Baffling.
    Here is what I've done to try to troubleshoot it:
    Used the Adobe Uninstaller  to Uninstall Flash - no errors
    Repaired permissions
    Installed a fresh copy of Flash Player 10.1 - no errors
    I've done this several times, trying restarts and other refreshes in between -- doesn't fix it
    I went on a hunt for everything named Macromedia and Flash in my Account and trashed it.  Uninstalled Flash CS4. Uninstalled Adobe Air.  Used the Adobe Uninstaller again. Repaired permissions again. Restarted again. Reinstalled Flash Player again.
    No dice.
    I have no idea what to do next. This is driving me crazy. Please, someone, HELP!

    Hi NorwichUK,
    welcome to this fourm
    ... hmm, the iM version before iM5 did make folders instead of "solid files"/packages....
    tell spotlight//apple-f, to list all "iMovie" files... probably, there is somewhere a "hiddin version" iM4 on your disk...?

Maybe you are looking for