SRP526W to forward or provide VPN access for clients

Similar Messages

• Can VI server automatically close access for clients' VIs, if one of clients is already connected?

  Can VI server automatically close access for clients' VIs, if one of clients is already connected? and when first client closed reference, open access for other clients' VIs? I mean like when you use web publishing tools. If one user already uses front panel.. other just can wait until first one will finish.

  Please stick to one thread.  Here is the original.

• How to provide View access for all the projects to an employee?

  We’ve a requirement to provide view access to certain employees to all the projects. They are supposed to have only view access to the project information (HTML Interface). We don’t want to assign these employees to the projects.
  In this regard we created a menu that gives users only view access to project information. We assigned the employee/user the profile option “PA: Cross Project User View” and set the value to “Yes”. However the user is only able to view Project Overview information. The moment I assign the user to a project (non scheduled member), the user is able to view all project information.
  We’ve tried bouncing the apache post assignment of the profile option to the user, but no luck. Is there something else required to be done? Why is the profile option not working? Please advice.
  Note: We don’t want to give the user Project Authority as it by default gives the user rights to modify information in the project.
  Any other suggestions to achieve the said functionality is most welcome.

  For 10.1.4, there are two ways to reference a document :
  1. Path URLs which takes the form :
  http://<host>:<port>/portal/page/<dad>[lang-<language>][ver-<version>]/<page_group_name>/<page_path>/<item_name>
  More info : http://download.oracle.com/docs/cd/B14099_19/portal.1014/b13809/apdxurls.htm#BEIBFDBH
  2. Durable URLs which take the form :
  http://<host>:<port>/portal/page/<dad>[lang-<language>][ver-<version>]/<item_guid>
  The advantage of durable URLs is that they will not change even when the object name changes. The durable URL is available in the properties sheet of the item.
  More info :
  http://download.oracle.com/docs/cd/B14099_19/portal.1014/b13809/pageinfo.htm#BABDGHIB

• Internet access for clients

  GuysNeed some assistance on providing internet access at a branch site for clients. Any thoughts and suggestions welcome and appreciatedWe have a number of branch offices connected over ISP managed MPLS network, any-2-any. I am looking at implementing some kind of internet access at the branch offices, either wired or wireless. We manage all the L1 and L2 connectivity at the sites, and the L3 side at our hub offices, of which we have 2, mainly for internet traffic etc, which isnt provided by our MPLS ISPCurrently all internet traffic for all sites goes to our data centre and is routed out through our firewall. Routing isnt an issue here, its more the best way to set this up securely.My initial thoughts were to set aside a whole bunch of ports on a seperate PVLAN that would connect the clients to the network (I am not conerned about the clients talking to each other, as long as they cant reach the local vlans). But the problem may lie at the firewall end, as I will need to specify specific hosts for port 80, 443 traffic only. Would a seperate DHCP scope, of say a /28, allowing 16 hosts only be an idea? Then I wouldnt have to mess around with firewall changes for different hosts all the timeThanks

  Hi,
  How are things going?
  I agree with Darshana. You could connect to Internet by using a router. Router can be configured to enable all users in a network to share a single connection to the Internet. Routing and Remote Access of windows server provides built-in
  routing services that can be used to connect an organization to the Internet through a routed connection to an ISP.
  You can also configure a windows server as a NAT server in your network. A network address translator is an IP router that can translate IP addresses and TCP or UDP port numbers of packets as they are being forwarded. NAT translates private
  IP addresses to external, public IP addresses. Then the computers of LAN can access Internet.
  Best Regards,
  Tina
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected]

• How to provide internet access for a site collection in SharePoint Foundation 2010

  Hi all,
  I am working on SharePoint Foundation 2010. I have to make a site collection available on internet.
  Only one site collection is to be brought on internet rest of the site collections should not be accessible from outside.
  How do I achieve this. Any help is greatly appreciated.
  Thanks in advance.

  Hello,
  As per my knowledge, you have to create new Web Application for your site to publishing it to internet. Since internet settings can be done at web application so create new one and then backup your existing site and restore in new web app.
  You can refer below thread for licensing:
  http://social.technet.microsoft.com/Forums/sharepoint/en-US/b63b3643-d0c7-45d2-8372-364fda348ed0/sharepoint-foundation-licensing-on-internetfacing-server?forum=sharepointgeneralprevious
  Hemendra:Yesterday is just a memory,Tomorrow we may never see
  Please remember to mark the replies as answers if they help and unmark them if they provide no help

• How to provide URL Access for Items in WWDOC_DOCUMENT$

  Hello Experts,
  I would like to display a URL to the users which will allow them to download the documents / view them
  I am able to do the same using a procedure that downloads the document using wpg_docload.download_file, but I would like to provide the URL as
  http://<Server>:Port/pls/portal/url/XXXXXXXXXXXXX as is the case for uploading the files into pages using the Oracle Page Upload Interface !! Any Hope !! I hope that I am clear
  I am using Portal 9.0.2.6
  Thanks for your quick help !!

  For 10.1.4, there are two ways to reference a document :
  1. Path URLs which takes the form :
  http://<host>:<port>/portal/page/<dad>[lang-<language>][ver-<version>]/<page_group_name>/<page_path>/<item_name>
  More info : http://download.oracle.com/docs/cd/B14099_19/portal.1014/b13809/apdxurls.htm#BEIBFDBH
  2. Durable URLs which take the form :
  http://<host>:<port>/portal/page/<dad>[lang-<language>][ver-<version>]/<item_guid>
  The advantage of durable URLs is that they will not change even when the object name changes. The durable URL is available in the properties sheet of the item.
  More info :
  http://download.oracle.com/docs/cd/B14099_19/portal.1014/b13809/pageinfo.htm#BABDGHIB

• DPS analytics access for client only

  Hello
  My internal clients want to access the DPS analytics, but the thing is I am not confortable to give this password and access to several people and also, afraid some would access the Folio Producer and delete or unpublish/publish some content (change the name of my folio etc). Well you had understood me I don't want them to access to the Folio Producer
  Is ther anyway to create an access to just the analytics or create a parallele account??

  No. The account ID assigned an Application role can view Analytics and Folio Producer but not DPS App Builder.

• Port forwarding for clientless SSL VPN access

  Hello,
  I am currently trying to set up clientless SSL VPN access for some remote sites that our company does business with. Since their machines are not owned by my company, we don't want to install/support a VPN client. Therefore, SSL is a great option.
  However, I'm running into an issue. I'm trying to set up port forwarding for a few remote servers. These remote servers are different and have distinct IP addresses. They are attempting to connect with two different servers here.
  But my issue is that both servers are trying to use the same TCP port. The ASDM is not letting me use two different port forwarding rules for the same TCP port. The rules can exist side-by-side, but they cannot be used at the same time.
  Why? It's not trying to access the same TCP port on a server when it's already in use. Is there anyway I can get around this?
  If this doesn't make sense, please let me know and I'll do my best to explain it better.

  Hi Caleb,
  if you mean clientless webvpn port-forwarding lists, then you should be able to get your requirments. even the same port of the same server can be mapped to different ports bound to the loopback IP.
  CLI:
  ciscoasa(config) webvpn
  ciscoasa(config-webvpn)# port-forward PF 2323 192.168.1.100 23
  ciscoasa(config-webvpn)# port-forward PF 2300 192.168.1.200 23
  then you apply the port-forwarder list under a group-policy
  Hope this helps
  Mashal
  Mashal Alshboul

• Tiger Server firewall issues - forwarding protocol 47 (GRE) for VPN access

  Hi everybody,
  I'm trying to allow VPN access to my Mac Pro running 10.4.10 Server. I've allowed the TCP and UDP ports, but the sticking point is this: the client tries to connect but I get a bunch of these in the firewall log:
  Deny P:47 xxx.xxx.xxx.xxx(address initiating VPN) 10.0.100.222(MacPro local address) in via en0
  After doing some research I figured I needed to allow protocol 47 (GRE) and so tried to add a rule via the "Advanced" tab for firewalls in server manager. I click the + button, select allow, leave the other field, select GRE, and then select from:any and to:any and the in dropdown. When I try to save and activate the rule, however, it complains that there is an error and that all subsequent rules are skipped. I've tried all the possible variations (within my parameters, of course) but it won't work.
  Manually inspecting the /etc/ipfw file shows the rule added but without a specification for the GRE or protocol 47 part. i.e.:
  add 1050 allow from any to any in
  (This looks a little like a server manager bug to me, but I digress)
  So I tried manually editing the file in /etc/ipfilter but no joy.
  Being somewhat new to OSX I am getting flustered. Am I completely misunderstanding something here? While a search on "VPN GRE firewall" turns up about million hits, none seem applicable to my situation. Thanks in advance.

  Try using the "Services" tab, selecting "any" (for example) and configuring the rule there.
  The "Advanced" section will allow you to add rules that don't already exist, but there is already a rule for GRE so that might, possibly have something to do with the error you're getting.

• What is/are the best Remote Access/VPN services for my Mac system?

  2009 Macbook Pro
  2009 Macbook
  2010 iMac
  2 iPad 2s
  2 iPhone 4s
  Computers on Snow Leopard
  iOS 5
  Everything is updated
  I want :
  1.  to have everything working together, with remote access from anywhere on the internet, file sharing, streaming & transfer.
  2.  the security of a VPN connection. 
  I will soon update my existing router w/an Airport Extreme.  What VPN/Remote Access client(s) should I get? Is there one solution for both jobs, or do I need to get more than one service?  I have looked at LogMeIn, Witopia.  Thanks for the help.

  I've been down this road and settled on a much simpler solution...
  VPNs are ok... but the performance is bad, they send TCP packets inside TCP packets... which is a bad thing, some connections completely break down. security is o-k, but openVPN is much better yet more complicated to set up. Also you have to go through all the mess of setting up the server.
  I tried using VPNs for a while, and then instead settled with tunneling specific connections over ssh... it is more secure and elegant, there is no server setup, however it is not seemless.. you have to set up the connections/ports individually each time, this can get messy if you want access to lots of things at once.
  I eventually came accross sshuttle, and this is what i have stuck with because it's just bloody great... it's like a VPN but uses SSH. So you don't have to set up a VPN server... you just need access to an ssh server (i.e your home mac with "remote login" (ssh) enabled, and your router to foward ssh requests to that machine).
  not only do you not have to mess around with server configs, but it also give far better performance, stability, and the security of ssh (i.e whichever cypher you want). This is because unlike VPN, sshuttle pulls the TCP packets apart before sending them over SSH (which is allready using TCP) and then re-assembles them the other side with python. the result is comparably better performance and stability than VPN protocols.
  you can route individual IPs from the servers subnet, or tell it to automatically find and merge all host names / IPs it can find with your current subnet.
  Theory of Operation
  sshuttle is not exactly a VPN, and not exactly port forwarding. It's kind of both, and kind of neither.
  It's like a VPN, since it can forward every port on an entire network, not just ports you specify. Conveniently, it lets you use the "real" IP addresses of each host rather than faking port numbers on localhost.
  On the other hand, the way it works is more like ssh port forwarding than a VPN. Normally, a VPN forwards your data one packet at a time, and doesn't care about individual connections; ie. it's "stateless" with respect to the traffic. sshuttle is the opposite of stateless; it tracks every single connection.
  You could compare sshuttle to something like the old Slirp program, which was a userspace TCP/IP implementation that did something similar. But it operated on a packet-by-packet basis on the client side, reassembling the packets on the server side. That worked okay back in the "real live serial port" days, because serial ports had predictable latency and buffering.
  But you can't safely just forward TCP packets over a TCP session (like ssh), because TCP's performance depends fundamentally on packet loss; it must experience packet loss in order to know when to slow down! At the same time, the outer TCP session (ssh, in this case) is a reliable transport, which means that what you forward through the tunnel never experiences packet loss. The ssh session itself experiences packet loss, of course, but TCP fixes it up and ssh (and thus you) never know the difference. But neither does your inner TCP session, and extremely screwy performance ensues.
  sshuttle assembles the TCP stream locally, multiplexes it statefully over an ssh session, and disassembles it back into packets at the other end. So it never ends up doing TCP-over-TCP. It's just data-over-TCP, which is safe.
  Anyway, you can find it on github here https://github.com/apenwarr/sshuttle
  if you uncomfortable using the command line, someone has also bundled it into an app here: https://github.com/apenwarr/sshuttle/commits/dist/macos
  IMPORTANT, the latest version invokes a bug in one of apple's drivers after a while which causes a kernel panic, (this isn't the same as the bug where you have to reset your network interface like it says in the readme, this WILL cause a kernel panic) stick with version 0.53 untill ether Apple fixes the bug, or sshuttle stops antagonising it. 0.53 works perfectly at the moment. you can ether install git and clone the specific version or download the 0.53 app here instead:
  http://mac.softpedia.com/progDownload/sshuttle-Download-97917.html
  alternatively, if your loging in from linux there aren't any problems with 0.60 because the system would have different dirvers of course.
  One last note... you said you wanted everything to work together, one thing that will not work over VPNs, SSH, and sshuttle is bojour... this is significant because things like AFP shares wont pop up automatically, you will have to specify them ... i.e command+k in finder and type AFP://192.168.0.x or VNC://192.168.0.x etc this is because none of these options support multicasting which bonjour requires. This isn't such a big deal so long as you know what services are available on your machine and how to manually connect to them (like i said above)

• Cisco ASA 5505 VPN help for local lan access.

  Hi all,
  I am very new to Cisco systems. Recently I was tasked to enable local lan access for one of my server. The problem is this. I have this server with 2 interfaces. One interface to my FTP server(192.168.2.3) and the other to the Cisco ASA(192.168.1.1). Whenever I connect the server to Cisco Anyconnect VPN, I am unable to access the FTP server anymore.
  I googled and found out that the problem is because the metric level is 1 for Ciscoanyconnect network interface which causes all traffic to go through the Cisco VPN Interface. Another problem is I can't change the metric of the Cisco VPN Interface as whenever I reconnect to the VPN, the metric resets back to 1 again. I tried to follow some guides to configure split tunnel but my traffic is still going through the VPN connection.
  Anyone can tell me what I am missing here? Sorry I am very new to Cisco systems. Spent about 5 days troubleshooting and I feel I am getting it soon. Anyone can guide me what else I am supposed to do?
  What I did> Configuration>> Remote access VPN>> Network Client Access>> Group Policies>> Advanced>> Split Tunneling>> Uncheck Inherit and select "Exclude Network List below.>> Uncheck Network List and select Manage, Add 192.168.2.0/24 to permit.
  Really appreciate if anyone can tell me what else I can do to ensure my server has access the my FTP Server after connecting to the VPN.
  Thanks all!
  Wen Qi

  Hi,
  Try adding the following configuration
  policy-map global_policy
  class inspection_default
    inspect pptp
  And then try again.
  I'm not 100% would you need to perhaps allow GRE through the firewall even after that. (Protocol 47)
  - Jouni

• Can I setup a rule to auto forward or move messages in Microsoft Outlook Web Access for Firefox?

  I am using Firefox 5.0 and Microsoft Office Outlook Web Access for email.
  Is it possible to setup a rule to automatically move messages to a different folder, or to forward message to a different folder?
  Thanks!

  i haven't done it myself, i just pointed you to the article. Try it. If it does not work, you can Restore the Default settings. Save several Screenshots of the Default Settings to your Desktop to help you in case you want to Revert to the Default Settings.
  Adding Screenshots - '''Creating the Screenshots''' (see this part to help you with Saving Screenshots
  https://support.mozilla.com/en-US/kb/Adding%20screenshots
  Check and tell if its working.

• Is it possible to use ICS with a Cisco VPN client to allow pass through access for Domain login for a second machine.

  I have a current machine Windows 7 Pro with a Cisco VPN 3.5v client that currently connects with access to a customers network.
  They shipped a second machine Windows 8.1 Pro without adding local accounts, that is pre-joined to a sub-domain the first system has access to.
  Would it be possible to use the first machine as a ICS or Router to allow the second machine to see or access for log in, without returning to the customer site and plugging in for a log in point?
  Trying to save a 3 to 4 hr trip and lugging a system back for myself and the rest of the team.
  Thanks

  Hi,
  Please refer to this part
  http://windows.microsoft.com/en-hk/windows/using-internet-connection-sharing#1TC=windows-7
  ICS and VPN connections
  If you create a virtual private network (VPN) connection on your  host computer to a corporate network and then enable  ICS on that connection, all Internet traffic is routed to the corporate network and all of the computers on your home network
  can access the corporate network. If you don't enable ICS on the VPN connection, other computers won't have access to the Internet or corporate network while the VPN connection is active on the host computer
  Yolanda Zhu
  TechNet Community Support

• How do I configure my application to provide access for mobile and web brow

  Hi everyone.
  I have one application and I need to provide access for mobiles and desktop browsers, and I don't know how do I configure my application to do this.
  Let me explain:
  In my jDeveloper I have One application and 3 projects:
  -Mobile (here is my mobile application)
  -Model (here is my model)
  -ViewController (here is my Web Browser application)
  In Mobile I have
  JavaEE Web Application name: mobile-Mobile-webapp
  JavaEE Web Context Root: mobile
  ViewController I have
  JavaEE Web Application name: mobile-ViewController-webapp
  JavaEE Web Context Root: myapplication
  When I run some page of ViewController I have this URL "http://localhost:7101/myapplication/index.jspx".
  When I run some page of ViewController I have this URL "http://localhost:7101/mobile/index.jspx".
  My problem is that, I want to have Just one landing URL like that "http://localhost:7101/myapplication/index.jspx" and when I get this URL by Desktop Browser my ViewController is showed, and when i get by Mobile the Mobile project is showed.
  Someone knows how do it?
  Thanks....

  Yes, I can, thanks for response.
  But, don't have some configuration in Oracle for this? I've been thinking do this with java or JavaScript, but I was looking something more beautiful for this.
  Java or JavaScript is the only way?

• VPN between XP client IPSec and IOS for remote access

  Solved.
  http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Virtual%20Private%20Networks&topic=General&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1dd7d54c/0
  Hi,
  I am trying to implement remote access for XP clients using their IPSec built-in feature and my 805 router configured with dynamic crypto map, but it's not working. Apparently the remote client IKE phase1 is successful but it stucks there.
  Does any one face it before.
  The client is behind a adsl router but I am allowing the traffic 500 through it and I am not seeing traffic leaving the cisco router. So it's in the 805.
  Thanks in advance
  David

  If you setup a VPN server on your Mac (server) at home, and configure it to root all traffic via the VPN connection by defining the network 0.0.0.0 as being 'private' this will cause all traffic to go via your home Mac and therefore bypass the hospital filter.
  You can test this by going to the following address when not connected to the VPN and after connecting to the VPN, the public IP address should change to show when connected to the VPN the public IP address becomes your home address.
  See http://www.whatismyip.com (or similar site)
  This approach can also get round 'geo-ip' protection. For example if your abroad on holiday and still want to get access to BBC iPlayer or Hulu.