SunBlade 100 to Cisco PIX Security Appliance
I have a problem connecting a SunBlade 100 workstation with Cisco Routers, and the PIX Security Appliance at the Console ports of both a Cisco router and the Cisco PIX Security Appliance. This should be out of the serial port of the SunBlade 100 workstation..
I have tried to use the UNIX command tip hardwire. No luck connecting to the console port. I also tried to use the UNIX cu command again no response from the console port. I tried connecting a modem temporarily to the SunBlade 100 workstation and was successful in echoing a phone number to a modem. However, I need to use a direct connection from the SunBlade 100 workstation.
Currently, Windows 2000 workstations are used with
Hyperterminal to connect to routers and the PIX Security Appliance. I have 24 SunBlade workstations in my classroom and need to use them to connect to the console port on Cisco routers, and the PIX Security Appliance. I would appreciate any help anyone might be able to give on this subject.
Hello Namit and Rahul,
Here are few questions that came in directly during your live webcast hence posting them here so that users can benifit:
1) How is ASA CX different from other UTM solutions ?
2) How is dynamic application inspection of CX better than other inspection engines ?
3) What features or functionalities on the CX are available by default ?
4) what are the different ways we can run or install CX on the ASA platform ?
5) What VPN features are supported with multi context ASA in the 9.x release ?
6) What are the IPv6 Enhancements in the ASA version 9.x ?
Request you to please provide your responses to them individually.
Thanks.
Similar Messages
-
With Namit Agarwal and Rahul Govindan
Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features) with experts Namit Agarwal and Rahul Govindan.
This is a continuation of the live webcast.
Cisco ASA CX (Context-Aware) is a next generation firewall service that serves as an extension to the Cisco Adaptive Security Appliance (ASA) firewall platform. In addition to the proven stateful inspection firewall capabilities, it provides us with next-generation capabilities and a host of additional network-based security controls for end-to-end network intelligence and streamlined security operations.
Namit Agarwal is a customer support engineer at the Cisco Technical Assistance Center in Bangalore, India. He has more than four years of experience in the security domain. His areas of expertise include ASA firewalls, IPS, and ASA content-aware security (ASA CX). He has been involved in various escalation requests from around the world. He holds CCIE certification (number 33795) in security.
Rahul Govindan has been an engineer with the Security Technical Assistance Center team in Bangalore for more than three years. He works on security technologies such as VPN; Cisco ASA firewalls; and authentication, authorization, and accounting. His particular expertise is in Secure Sockets Layer VPN and IP security VPN technologies. He holds CCIE certification (number 29948) in security.
Remember to use the rating system to let Namit and Govindan know if you have received an adequate response.
Because of the volume expected during this event, Namit and Govindan might not be able to answer every question. Remember that you can continue the conversation in the Security community, subcommunity VPN shortly after the event. This event lasts through November 1, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.
Webcast related links:
Slides from the live webcast
Video Recording of the live webcast
Introduction to Cisco Adaptive Security Appliance (ASA) version 9.x (Context Aware Security and VPN Features): FAQ from live webcastHello Namit and Rahul,
Here are few questions that came in directly during your live webcast hence posting them here so that users can benifit:
1) How is ASA CX different from other UTM solutions ?
2) How is dynamic application inspection of CX better than other inspection engines ?
3) What features or functionalities on the CX are available by default ?
4) what are the different ways we can run or install CX on the ASA platform ?
5) What VPN features are supported with multi context ASA in the 9.x release ?
6) What are the IPv6 Enhancements in the ASA version 9.x ?
Request you to please provide your responses to them individually.
Thanks. -
Cisco Email Security Appliance (ESA) - Reporting
In previous versions on ESA you could export data and reports in CSV formats using an API. Is that still available?
>From the following document :
IRONPORT ASYNCOS 6.4 REPORTING API FOR IRONPORT APPLIANCES
REPORTING API OVERVIEW
The Reporting API feature allows you to download the same data collected by the Email Security Monitor component of the IronPort Email Security appliance or Security Management appliance in a comma separated value (CSV) format. This format allows users to integrate the IronPort appliance's data gathering capabilities into other IT and business reporting systems.
DOWNLOADING REPORTING DATA
You can retrieve the data used to build the charts and graphs in the Email Security Monitor feature via HTTP. This is useful if you plan to perform further analysis on the data via other tools. The data is available in standard comma separated value (CSV) format. The easiest way to get the HTTP query you will need is to configure one of the Email Security Monitor pages to display the type of data you want. You can then simply click the Export... link to initiate the download process.It went away, there's a new one (RESTful) in 9.0/9.1
http://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa9-0/ESA_API_1-0_Getting_Started_Guide.pdf -
Clearing tcp sessions on the cisco acs secure appliance
Hello,
is there a possibility to view the number of tcp-session which are active on an acs secure appliance?
Due to these hangups we have no connection to the appliance through web or console. So we are also interested in clearing the tcp-session instead of rebooting the appliance.
Could somebody help us.
thnx
Torsten WaibelWhat is the acs software ver ?
-
BUG #CSCur27131 - Evaluation of CVE-2014-3566 on Cisco Email Security Appliance
I have raised a support case with TAC to try and get more information on the preferred config as well as what Ciphers then become available. Points raised in the support case are as follows:
Current config based from existing artilce pre-POODLE > MEDIUM:HIGH:-SSLv2:-aNULL:@STRENGTH
Should the new config be > MEDIUM:HIGH:-SSLv2:-SSLv3:-aNULL:@STRENGTH
Use of strength meaning that the Ciphers are ordered and presented strongest to weakest as negotiation should occur at the first mutually accepted cipher.
What are the TLSv1 Ciphers used by Ironport (verify under sslconfig CLI appears only to list SSL ciphers)
Finally, does the Ironport support or plan to support in the future TLSv1.1 and TLSv1.2 ciphers?
Response from TAC so far is the same as the referenced article - https://tools.cisco.com/bugsearch/bug/CSCur27131 which doesn't address all my points
PaulNegating SSLv2 and SSLv3 in the cipher suite has no effect as long as only enabled TLSv1 is enabled.
And reordering ciphers by strength won't bring anything since the client's ciphers order will always be preferred.
Also, MD5 should be disabled as it's widely considered too weak for the job.
My recommendation would be to use the following suite > HIGH:MEDIUM:!aNULL:!MD5 -
Cisco Web Security Appliance Slowness issue
Hello,
I have a slowness issue on an Existing WSA-S170-K9 appliance , when issuing the command Rate/proxystat it displays unresponsive sometimes screenshot attached.
software version is 8.5, i was suspecting that this issue is related to access policies applied on end users ; so i created a test policy to bypass all checks and disable all malware/antivirus checks on users flows however, the same issue is still there.
Appreciate any assisstance,
Thanks,
Muayad Jallad,Does this happen every time you run the rate command and at the beginning of the command's output rows?
You may want to look at your proxylogs to see what activity is occurring while the proxy is unresponsive. -
Cisco Adaptive Security Appliance Software Version 8.2(4)
Dear All
I was configure IPSEC vpn on ASA5540 and i have problem with port blocked. I am unable to block server ports to remote users. See below configuration. I need to configure vpn filter list can any one help me to configure vpn filter list.
access-list portal extended permit ip host 10.1.xx.33 192.168.20.0 255.255.255.0
access-list portal extended permit ip host 10.1.xx.34 192.168.20.0 255.255.255.0
access-list portal extended permit ip host 10.1.yy.33 192.168.20.0 255.255.255.0
access-list portal extended permit ip host 10.1.yy.34 192.168.20.0 255.255.255.0
group-policy portal internal
group-policy portal attributes
dns-server value 10.1.10.33 10.1.10.34
split-tunnel-policy tunnelspecified
split-tunnel-network-list value portal
default-domain value abc.com
split-dns value abc.com
address-pools value vpnpool
tunnel-group portal type remote-access
tunnel-group portal general-attributes
address-pool vpnpool
authentication-server-group ACS
default-group-policy portal
tunnel-group portal ipsec-attributes
pre-shared-key *&******
I need to block this access-list and open only port 53 dns
access-list portal extended permit ip host 10.1.yy.33 192.168.20.0 255.255.255.0
access-list portal extended permit ip host 10.1.yy.34 192.168.20.0 255.255.255.0
I write this access-list but it will not work and its open all ports.
access-list portal extended permit udp 10.1.yyy.33 eq 53 192.168.20.0 255.255.255.0, but this access-list will not work and its open all ports like remote desktop, ftp, icmp, etc.
any body can help me plz.
anybody can help me how to used vpn filter list to block port or protocol based.Hi,
You can have the split tunnel ACL named as portal and configured as below:
access-list portal extended permit ip host 10.1.xx.33 192.168.20.0 255.255.255.0
access-list portal extended permit ip host 10.1.xx.34 192.168.20.0 255.255.255.0
access-list portal extended permit ip host 10.1.yy.33 192.168.20.0 255.255.255.0
access-list portal extended permit ip host 10.1.yy.34 192.168.20.0 255.255.255.0
You can configure a vpn-filter ACL like below:
access-list VPNF extended permit udp 10.1.yyy.33 eq 53 192.168.20.0 255.255.255.0
and then apply this VPNF access-list under the group-policy "portal" using the command vpn-filter value VPNF. Let me know if this helps.
Regards,
Prapanch -
Cisco PIX-515e reset to factory defaults *Expert Advice Only Please*
Hi,
I have a cisco PIX-515e which i have connected to a emulator through the console port, and im having trouble erasing data from it.
I can get into 'pixfirewall' mode and 'monitor' mode but thats as far as i get. i have tried 'write erase' and 'configure factory-default' in both modes to no success.
When i last posted this i had alot of replies mentioning ROMMON mode but i want to stress the PIX 515e does not have ROMMON mode it has MONITOR mode however the commands are not the same as ROMMON commands.
Any help would be much appreciated.
thanks,8 MB RAM
PCI Device Table.
Bus Dev Func VendID DevID Class Irq
00 00 00 8086 7192 Host Bridge
00 07 00 8086 7110 ISA Bridge
00 07 01 8086 7111 IDE Controller
00 07 02 8086 7112 Serial Bus 9
00 07 03 8086 7113 PCI Bridge
00 0D 00 8086 1209 Ethernet 11
00 0E 00 8086 1209 Ethernet 10
00 11 00 14E4 5823 Co-Processor 11
00 13 00 8086 B154 PCI-to-PCI Bridge
01 04 00 8086 1229 Ethernet 11
01 05 00 8086 1229 Ethernet 10
01 06 00 8086 1229 Ethernet 9
01 07 00 8086 1229 Ethernet 5
Cisco Secure PIX Firewall BIOS (4.2) #0: Mon Dec 31 08:34:35 PST 2001
Platform PIX-515E
System Flash=E28F128J3 @ 0xfff00000
Use BREAK or ESC to interrupt flash boot.
Use SPACE to begin flash boot immediately.
Reading 123392 bytes of image from flash.
PIX Flash Load Helper
Initializing flashfs...
flashfs[0]: 8 files, 3 directories
flashfs[0]: 0 orphaned files, 0 orphaned directories
flashfs[0]: Total bytes: 16128000
flashfs[0]: Bytes used: 13963264
flashfs[0]: Bytes available: 2164736
flashfs[0]: Initialization complete.
Booting first image in flash
Launching image flash:/pix722.bin
128MB RAM
Total NICs found: 6
mcwa i82559 Ethernet at irq 10 MAC: 0016.9da2.5907
mcwa i82559 Ethernet at irq 11 MAC: 0016.9da2.5908
mcwa i82559 Ethernet at irq 11 MAC: 000d.8810.d91c
mcwa i82559 Ethernet at irq 10 MAC: 000d.8810.d91d
mcwa i82559 Ethernet at irq 9 MAC: 000d.8810.d91e
BIOS Flash=am29f400b @ 0xd8000 MAC: 000d.8810.d91f
Initializing flashfs...
flashfs[7]: 8 files, 3 directories
flashfs[7]: 0 orphaned files, 0 orphaned directories
flashfs[7]: Total bytes: 16128000
flashfs[7]: Bytes used: 13963264
flashfs[7]: Bytes available: 2164736
flashfs[7]: flashfs fsck took 15 seconds.
flashfs[7]: Initialization complete.
Licensed features for this platform:
Maximum Physical Interfaces : 6
Maximum VLANs : 25
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Cut-through Proxy : Enabled
Guards : Enabled
URL Filtering : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : Unlimited
This platform has an Unrestricted (UR) license.
Encryption hardware device : VAC+ (Crypto5823 revision 0x1)
| |
||| |||
.|| ||. .|| ||.
.:||| | |||:..:||| | |||:.
C i s c o S y s t e m s
Cisco PIX Security Appliance Software Version 7.2(2)
****************************** Warning *******************************
This product contains cryptographic features and is
subject to United States and local country laws
governing, import, export, transfer, and use.
Delivery of Cisco cryptographic products does not
imply third-party authority to import, export,
distribute, or use encryption. Importers, exporters,
distributors and users are responsible for compliance
with U.S. and local country laws. By using this
product you agree to comply with applicable laws and
regulations. If you are unable to comply with U.S.
and local laws, return the enclosed items immediately.
A summary of U.S. laws governing Cisco cryptographic
products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by
sending email to [email protected].
******************************* Warning *******************************
Copyright (c) 1996-2006 by Cisco Systems, Inc.
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cryptochecksum (unchanged): 43dccc97 2fb4bfec 15a33bef dad78b7e
Type help or '?' for a list of available commands.
pixfirewall>
I am unable to get onto enable mode because i do not no the password? any idea of a way round, i need to get into that enable mode. -
Cisco PIX 515E multiple ISP support in a VPN scenario
Iam currently running a cisco 7.2 ios in a Cisco PIX 515E appliance. I have terminated two ISP links in the two ports, and I also have a inside network (LAN). I want to establish 2 Site-Site VPN tunnels using each one of these ISP links respectively (Site 1 in ISP link 1 && Site 2 in ISP link 2).
Is this possible to achieve??Hello,
This should work. Route the remote endpoint for site 1 out link 1 (using a static route) and for site 2 out link 2 (using a static route) and that should do it.
Return traffic should work, assuming both ISPs aren't advertising the networks your interfaces are on via BGP (ie, you don't want return traffic from site one coming down the link to site 2 because that ISP is advertising that AS as well.)
--Jason -
Cisco Web Security Virtual Appliance Demo license?
Is there a demo license available to test Cisco Web Security Virtual Appliance?
Regards.Thank you so much Kasper! You are an angel fallen from heaven!
Just 1 question, when I am ready to get the License appears the next information, do you know if the number 1 in the Qty column means 1 demo for just 1 user? Or do you know if I can get 1 demo for many users?
Regards!
NA
SKU Name
Qty
Ordered
Available
Quantity Added
-->License Start Date:
License End Date:
1
WSA-WSP-45D
1-->
1
-->1
03/13/2014
04/27/2014 -
Problems with Cisco AnyConnect Secure Mobility Client 3.1
Since I upgraded to Cisco AnyConnect Secure Mobility Client 3.1, I am unable to start my VPN.
The service does not start correctly anymore. I tried reinstabut no help.
Could anyone help me please?
Here my logs.
Thank you very much.
Date : 07/23/2013
Time : 08:49:37
Type : Error
Source : acvpninstall
Description : Function: FileMoveFiles
File: ..\Common\Utility\NativeSysFileCopy.cpp
Line: 388
Invoked Function: ::FindFirstFile
Return Code: 3 (0x00000003)
Description: The system cannot find the path specified.
Date : 07/23/2013
Time : 08:49:37
Type : Error
Source : acvpninstall
Description : Function: wWinMain
File: .\InstallHelper.cpp
Line: 354
Invoked Function: FileMoveFiles
Return Code: -33554423 (0xFE000009)
Description: GLOBAL_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:49:37
Type : Error
Source : acvpninstall
Description : Function: FileMoveFiles
File: ..\Common\Utility\NativeSysFileCopy.cpp
Line: 388
Invoked Function: ::FindFirstFile
Return Code: 3 (0x00000003)
Description: The system cannot find the path specified.
Date : 07/23/2013
Time : 08:49:37
Type : Error
Source : acvpninstall
Description : Function: wWinMain
File: .\InstallHelper.cpp
Line: 354
Invoked Function: FileMoveFiles
Return Code: -33554423 (0xFE000009)
Description: GLOBAL_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:49:37
Type : Error
Source : acvpninstall
Description : Function: FileMoveFiles
File: ..\Common\Utility\NativeSysFileCopy.cpp
Line: 388
Invoked Function: ::FindFirstFile
Return Code: 3 (0x00000003)
Description: The system cannot find the path specified.
Date : 07/23/2013
Time : 08:49:37
Type : Error
Source : acvpninstall
Description : Function: wWinMain
File: .\InstallHelper.cpp
Line: 354
Invoked Function: FileMoveFiles
Return Code: -33554423 (0xFE000009)
Description: GLOBAL_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:49:40
Type : Information
Source : acvpnva
Description : Function: CInstaller::PerformAction
File: .\VACon.cpp
Line: 522
Successfully installed service acsock
Date : 07/23/2013
Time : 08:49:40
Type : Warning
Source : acvpninstall
Description : Function: XmlLocalACPolMgr::GenerateLocalPolicy
File: .\Xml\XmlLocalACPolMgr.cpp
Line: 415
Local Security Policy file already exists and therefore will not be generated
Date : 07/23/2013
Time : 08:49:40
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent starting, version 3.1.04059
Date : 07/23/2013
Time : 08:49:40
Type : Error
Source : acvpnagent
Description : Function: CBencodeStream::LoadStream
File: ..\..\PhoneHome\Bencode.cpp
Line: 126
Unable to open file for reading
Date : 07/23/2013
Time : 08:49:40
Type : Error
Source : acvpnagent
Description : Function: CBencodeDictionary::CBencodeDictionary
File: ..\..\PhoneHome\Bencode.cpp
Line: 1422
Bencode dictionary internalize failed
Date : 07/23/2013
Time : 08:49:40
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CPhoneHomeVpn
File: .\PhoneHomeVpn.cpp
Line: 187
Failed to create Bencode dictionary
Date : 07/23/2013
Time : 08:49:40
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CreateSingletonInstance
File: .\PhoneHomeVpn.cpp
Line: 82
Invoked Function: CPhoneHomeVpn
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:49:40
Type : Warning
Source : acvpnagent
Description : Function: CMainThread::CMainThread
File: .\MainThread.cpp
Line: 1017
Invoked Function: CPhoneHomeVpn::CreateSingletonInstance
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:49:40
Type : Warning
Source : acvpnagent
Description : Function: PluginLoader::QuickCreatePlugin
File: c:\temp\build\thehoff\ElGreco_MR40.391570230547\ElGreco_MR4\vpn\Common\Utility/PluginLoader.h
Line: 195
Invoked Function: PluginLoader::CreateInstance
Return Code: -29360116 (0xFE40000C)
Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE
com.cisco.anyconnect.leaf
Date : 07/23/2013
Time : 08:49:41
Type : Information
Source : acvpnagent
Description : Function: MsgCatalog::initMsgCatalog
File: .\i18n\MsgCatalog.cpp
Line: 246
Current locale: fr-LU
Date : 07/23/2013
Time : 08:49:41
Type : Information
Source : acvpnagent
Description : Function: ProfileMgr::loadProfiles
File: .\ProfileMgr.cpp
Line: 100
No profile is available.
Date : 07/23/2013
Time : 08:49:41
Type : Information
Source : acvpnagent
Description : Current Preference Settings:
ServiceDisable: false
CertificateStoreOverride: false
CertificateStore: All
ShowPreConnectMessage: false
AutoConnectOnStart: false
MinimizeOnConnect: true
LocalLanAccess: false
AutoReconnect: true
AutoReconnectBehavior: DisconnectOnSuspend
UseStartBeforeLogon: false
AutoUpdate: true
RSASecurIDIntegration: Automatic
WindowsLogonEnforcement: SingleLocalLogon
WindowsVPNEstablishment: LocalUsersOnly
ProxySettings: Native
AllowLocalProxyConnections: true
PPPExclusion: Disable
PPPExclusionServerIP:
AutomaticVPNPolicy: false
TrustedNetworkPolicy: Disconnect
UntrustedNetworkPolicy: Connect
TrustedDNSDomains:
TrustedDNSServers:
AlwaysOn: false
ConnectFailurePolicy: Closed
AllowCaptivePortalRemediation: false
CaptivePortalRemediationTimeout: 5
ApplyLastVPNLocalResourceRules: false
AllowVPNDisconnect: true
EnableScripting: false
TerminateScriptOnNextEvent: false
EnablePostSBLOnConnectScript: true
AutomaticCertSelection: true
RetainVpnOnLogoff: false
UserEnforcement: SameUserOnly
EnableAutomaticServerSelection: false
AutoServerSelectionImprovement: 20
AutoServerSelectionSuspendTime: 4
AuthenticationTimeout: 12
SafeWordSofTokenIntegration: false
AllowIPsecOverSSL: false
ClearSmartcardPin: true
IPProtocolSupport: IPv4,IPv6
AllowManualHostInput: true
BlockUntrustedServers: true
PublicProxyServerAddress:
Date : 07/23/2013
Time : 08:49:41
Type : Error
Source : acvpnagent
Description : Function: CSocketSupport::ipv6EnabledOnVA
File: .\IPC\SocketSupport_win.cpp
Line: 284
Invoked Function: CSocketSupport::ipv6EnabledOnVA
Return Code: 2 (0x00000002)
Description: cannot open VPNVA Enum registry key (VA driver not installed?)
Date : 07/23/2013
Time : 08:49:41
Type : Error
Source : acvpnagent
Description : Function: CSocketSupport::ipv6EnabledOnVA
File: .\IPC\SocketSupport_win.cpp
Line: 284
Invoked Function: CSocketSupport::ipv6EnabledOnVA
Return Code: 2 (0x00000002)
Description: cannot open VPNVA Enum registry key (VA driver not installed?)
Date : 07/23/2013
Time : 08:49:41
Type : Information
Source : acvpnagent
Description : Function: CCvcConfig::readConfigParamFromFile
File: .\vpnconfig.cpp
Line: 5824
The specified configuration file for MUS service does not exist
Date : 07/23/2013
Time : 08:49:41
Type : Information
Source : acvpnagent
Description : Function: CThread::createThread
File: .\Utility\Thread.cpp
Line: 238
The thread (0x00001F84) has been successfully created.
Date : 07/23/2013
Time : 08:49:41
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent started, version 3.1.04059
Date : 07/23/2013
Time : 08:49:41
Type : Information
Source : acvpnagent
Description : Function: CInterfaceRouteMonitorCommon::logInterfaces
File: .\Routing\InterfaceRouteMonitorCommon.cpp
Line: 477
IP Address Interface List:
FE80:0:0:0:DDA0:24CA:FE35:4D19
148.110.133.126
FE80:0:0:0:19A3:961F:C11C:3724
192.168.164.1
FE80:0:0:0:80B3:F3CD:CA44:952E
169.254.149.46
Date : 07/23/2013
Time : 08:49:45
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent starting, version 3.1.04059
Date : 07/23/2013
Time : 08:49:45
Type : Error
Source : acvpnagent
Description : Function: CBencodeStream::LoadStream
File: ..\..\PhoneHome\Bencode.cpp
Line: 126
Unable to open file for reading
Date : 07/23/2013
Time : 08:49:45
Type : Error
Source : acvpnagent
Description : Function: CBencodeDictionary::CBencodeDictionary
File: ..\..\PhoneHome\Bencode.cpp
Line: 1422
Bencode dictionary internalize failed
Date : 07/23/2013
Time : 08:49:45
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CPhoneHomeVpn
File: .\PhoneHomeVpn.cpp
Line: 187
Failed to create Bencode dictionary
Date : 07/23/2013
Time : 08:49:45
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CreateSingletonInstance
File: .\PhoneHomeVpn.cpp
Line: 82
Invoked Function: CPhoneHomeVpn
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:49:45
Type : Warning
Source : acvpnagent
Description : Function: CMainThread::CMainThread
File: .\MainThread.cpp
Line: 1017
Invoked Function: CPhoneHomeVpn::CreateSingletonInstance
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:49:45
Type : Warning
Source : acvpnagent
Description : Function: PluginLoader::QuickCreatePlugin
File: c:\temp\build\thehoff\ElGreco_MR40.391570230547\ElGreco_MR4\vpn\Common\Utility/PluginLoader.h
Line: 195
Invoked Function: PluginLoader::CreateInstance
Return Code: -29360116 (0xFE40000C)
Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE
com.cisco.anyconnect.leaf
Date : 07/23/2013
Time : 08:49:45
Type : Information
Source : acvpnagent
Description : Function: MsgCatalog::initMsgCatalog
File: .\i18n\MsgCatalog.cpp
Line: 246
Current locale: fr-LU
Date : 07/23/2013
Time : 08:49:45
Type : Information
Source : acvpnagent
Description : Function: ProfileMgr::loadProfiles
File: .\ProfileMgr.cpp
Line: 100
No profile is available.
Date : 07/23/2013
Time : 08:49:45
Type : Information
Source : acvpnagent
Description : Current Preference Settings:
ServiceDisable: false
CertificateStoreOverride: false
CertificateStore: All
ShowPreConnectMessage: false
AutoConnectOnStart: false
MinimizeOnConnect: true
LocalLanAccess: false
AutoReconnect: true
AutoReconnectBehavior: DisconnectOnSuspend
UseStartBeforeLogon: false
AutoUpdate: true
RSASecurIDIntegration: Automatic
WindowsLogonEnforcement: SingleLocalLogon
WindowsVPNEstablishment: LocalUsersOnly
ProxySettings: Native
AllowLocalProxyConnections: true
PPPExclusion: Disable
PPPExclusionServerIP:
AutomaticVPNPolicy: false
TrustedNetworkPolicy: Disconnect
UntrustedNetworkPolicy: Connect
TrustedDNSDomains:
TrustedDNSServers:
AlwaysOn: false
ConnectFailurePolicy: Closed
AllowCaptivePortalRemediation: false
CaptivePortalRemediationTimeout: 5
ApplyLastVPNLocalResourceRules: false
AllowVPNDisconnect: true
EnableScripting: false
TerminateScriptOnNextEvent: false
EnablePostSBLOnConnectScript: true
AutomaticCertSelection: true
RetainVpnOnLogoff: false
UserEnforcement: SameUserOnly
EnableAutomaticServerSelection: false
AutoServerSelectionImprovement: 20
AutoServerSelectionSuspendTime: 4
AuthenticationTimeout: 12
SafeWordSofTokenIntegration: false
AllowIPsecOverSSL: false
ClearSmartcardPin: true
IPProtocolSupport: IPv4,IPv6
AllowManualHostInput: true
BlockUntrustedServers: true
PublicProxyServerAddress:
Date : 07/23/2013
Time : 08:49:45
Type : Error
Source : acvpnagent
Description : Function: CSocketSupport::ipv6EnabledOnVA
File: .\IPC\SocketSupport_win.cpp
Line: 284
Invoked Function: CSocketSupport::ipv6EnabledOnVA
Return Code: 2 (0x00000002)
Description: cannot open VPNVA Enum registry key (VA driver not installed?)
Date : 07/23/2013
Time : 08:49:45
Type : Error
Source : acvpnagent
Description : Function: CSocketSupport::ipv6EnabledOnVA
File: .\IPC\SocketSupport_win.cpp
Line: 284
Invoked Function: CSocketSupport::ipv6EnabledOnVA
Return Code: 2 (0x00000002)
Description: cannot open VPNVA Enum registry key (VA driver not installed?)
Date : 07/23/2013
Time : 08:49:45
Type : Information
Source : acvpnagent
Description : Function: CCvcConfig::readConfigParamFromFile
File: .\vpnconfig.cpp
Line: 5824
The specified configuration file for MUS service does not exist
Date : 07/23/2013
Time : 08:49:45
Type : Information
Source : acvpnagent
Description : Function: CThread::createThread
File: .\Utility\Thread.cpp
Line: 238
The thread (0x00001F20) has been successfully created.
Date : 07/23/2013
Time : 08:49:45
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent started, version 3.1.04059
Date : 07/23/2013
Time : 08:49:45
Type : Information
Source : acvpnagent
Description : Function: CInterfaceRouteMonitorCommon::logInterfaces
File: .\Routing\InterfaceRouteMonitorCommon.cpp
Line: 477
IP Address Interface List:
FE80:0:0:0:DDA0:24CA:FE35:4D19
148.110.133.126
FE80:0:0:0:19A3:961F:C11C:3724
192.168.164.1
FE80:0:0:0:80B3:F3CD:CA44:952E
169.254.149.46
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 31
Attributes for C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\ are 0x2010
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 56
Obtaining ACLs for directory C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 31
Attributes for C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\CustomerExperienceFeedback are 0x2010
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 56
Obtaining ACLs for directory C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\CustomerExperienceFeedback\
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 31
Attributes for C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Help are 0x2010
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 56
Obtaining ACLs for directory C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Help\
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 31
Attributes for C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\l10n are 0x2010
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 56
Obtaining ACLs for directory C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\l10n\
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 31
Attributes for C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile are 0x2010
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 56
Obtaining ACLs for directory C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 31
Attributes for C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Script are 0x2010
Date : 07/23/2013
Time : 08:49:48
Type : Information
Source : acvpninstall
Description : Function: SetInheritACLsFromParent
File: .\ACLManager.cpp
Line: 56
Obtaining ACLs for directory C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Script\
Date : 07/23/2013
Time : 08:49:49
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent starting, version 3.1.04059
Date : 07/23/2013
Time : 08:49:50
Type : Error
Source : acvpnagent
Description : Function: CBencodeStream::LoadStream
File: ..\..\PhoneHome\Bencode.cpp
Line: 126
Unable to open file for reading
Date : 07/23/2013
Time : 08:49:50
Type : Error
Source : acvpnagent
Description : Function: CBencodeDictionary::CBencodeDictionary
File: ..\..\PhoneHome\Bencode.cpp
Line: 1422
Bencode dictionary internalize failed
Date : 07/23/2013
Time : 08:49:50
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CPhoneHomeVpn
File: .\PhoneHomeVpn.cpp
Line: 187
Failed to create Bencode dictionary
Date : 07/23/2013
Time : 08:49:50
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CreateSingletonInstance
File: .\PhoneHomeVpn.cpp
Line: 82
Invoked Function: CPhoneHomeVpn
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:49:50
Type : Warning
Source : acvpnagent
Description : Function: CMainThread::CMainThread
File: .\MainThread.cpp
Line: 1017
Invoked Function: CPhoneHomeVpn::CreateSingletonInstance
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:49:50
Type : Warning
Source : acvpnagent
Description : Function: PluginLoader::QuickCreatePlugin
File: c:\temp\build\thehoff\ElGreco_MR40.391570230547\ElGreco_MR4\vpn\Common\Utility/PluginLoader.h
Line: 195
Invoked Function: PluginLoader::CreateInstance
Return Code: -29360116 (0xFE40000C)
Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE
com.cisco.anyconnect.leaf
Date : 07/23/2013
Time : 08:49:50
Type : Information
Source : acvpnagent
Description : Function: MsgCatalog::initMsgCatalog
File: .\i18n\MsgCatalog.cpp
Line: 246
Current locale: fr-LU
Date : 07/23/2013
Time : 08:49:50
Type : Information
Source : acvpnagent
Description : Function: ProfileMgr::loadProfiles
File: .\ProfileMgr.cpp
Line: 100
No profile is available.
Date : 07/23/2013
Time : 08:49:50
Type : Information
Source : acvpnagent
Description : Current Preference Settings:
ServiceDisable: false
CertificateStoreOverride: false
CertificateStore: All
ShowPreConnectMessage: false
AutoConnectOnStart: false
MinimizeOnConnect: true
LocalLanAccess: false
AutoReconnect: true
AutoReconnectBehavior: DisconnectOnSuspend
UseStartBeforeLogon: false
AutoUpdate: true
RSASecurIDIntegration: Automatic
WindowsLogonEnforcement: SingleLocalLogon
WindowsVPNEstablishment: LocalUsersOnly
ProxySettings: Native
AllowLocalProxyConnections: true
PPPExclusion: Disable
PPPExclusionServerIP:
AutomaticVPNPolicy: false
TrustedNetworkPolicy: Disconnect
UntrustedNetworkPolicy: Connect
TrustedDNSDomains:
TrustedDNSServers:
AlwaysOn: false
ConnectFailurePolicy: Closed
AllowCaptivePortalRemediation: false
CaptivePortalRemediationTimeout: 5
ApplyLastVPNLocalResourceRules: false
AllowVPNDisconnect: true
EnableScripting: false
TerminateScriptOnNextEvent: false
EnablePostSBLOnConnectScript: true
AutomaticCertSelection: true
RetainVpnOnLogoff: false
UserEnforcement: SameUserOnly
EnableAutomaticServerSelection: false
AutoServerSelectionImprovement: 20
AutoServerSelectionSuspendTime: 4
AuthenticationTimeout: 12
SafeWordSofTokenIntegration: false
AllowIPsecOverSSL: false
ClearSmartcardPin: true
IPProtocolSupport: IPv4,IPv6
AllowManualHostInput: true
BlockUntrustedServers: true
PublicProxyServerAddress:
Date : 07/23/2013
Time : 08:49:50
Type : Information
Source : acvpnagent
Description : Function: CCvcConfig::readConfigParamFromFile
File: .\vpnconfig.cpp
Line: 5824
The specified configuration file for MUS service does not exist
Date : 07/23/2013
Time : 08:49:50
Type : Information
Source : acvpnagent
Description : Function: CThread::createThread
File: .\Utility\Thread.cpp
Line: 238
The thread (0x000016C0) has been successfully created.
Date : 07/23/2013
Time : 08:49:50
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent started, version 3.1.04059
Date : 07/23/2013
Time : 08:49:50
Type : Information
Source : acvpnagent
Description : Function: CInterfaceRouteMonitorCommon::logInterfaces
File: .\Routing\InterfaceRouteMonitorCommon.cpp
Line: 477
IP Address Interface List:
FE80:0:0:0:DDA0:24CA:FE35:4D19
148.110.133.126
FE80:0:0:0:19A3:961F:C11C:3724
192.168.164.1
FE80:0:0:0:80B3:F3CD:CA44:952E
169.254.149.46
Date : 07/23/2013
Time : 08:50:10
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent starting, version 3.1.04059
Date : 07/23/2013
Time : 08:50:11
Type : Error
Source : acvpnagent
Description : Function: CBencodeStream::LoadStream
File: ..\..\PhoneHome\Bencode.cpp
Line: 126
Unable to open file for reading
Date : 07/23/2013
Time : 08:50:11
Type : Error
Source : acvpnagent
Description : Function: CBencodeDictionary::CBencodeDictionary
File: ..\..\PhoneHome\Bencode.cpp
Line: 1422
Bencode dictionary internalize failed
Date : 07/23/2013
Time : 08:50:11
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CPhoneHomeVpn
File: .\PhoneHomeVpn.cpp
Line: 187
Failed to create Bencode dictionary
Date : 07/23/2013
Time : 08:50:11
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CreateSingletonInstance
File: .\PhoneHomeVpn.cpp
Line: 82
Invoked Function: CPhoneHomeVpn
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:50:11
Type : Warning
Source : acvpnagent
Description : Function: CMainThread::CMainThread
File: .\MainThread.cpp
Line: 1017
Invoked Function: CPhoneHomeVpn::CreateSingletonInstance
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:50:11
Type : Warning
Source : acvpnagent
Description : Function: PluginLoader::QuickCreatePlugin
File: c:\temp\build\thehoff\ElGreco_MR40.391570230547\ElGreco_MR4\vpn\Common\Utility/PluginLoader.h
Line: 195
Invoked Function: PluginLoader::CreateInstance
Return Code: -29360116 (0xFE40000C)
Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE
com.cisco.anyconnect.leaf
Date : 07/23/2013
Time : 08:50:11
Type : Information
Source : acvpnagent
Description : Function: MsgCatalog::initMsgCatalog
File: .\i18n\MsgCatalog.cpp
Line: 246
Current locale: fr-LU
Date : 07/23/2013
Time : 08:50:11
Type : Information
Source : acvpnagent
Description : Function: ProfileMgr::loadProfiles
File: .\ProfileMgr.cpp
Line: 100
No profile is available.
Date : 07/23/2013
Time : 08:50:11
Type : Information
Source : acvpnagent
Description : Current Preference Settings:
ServiceDisable: false
CertificateStoreOverride: false
CertificateStore: All
ShowPreConnectMessage: false
AutoConnectOnStart: false
MinimizeOnConnect: true
LocalLanAccess: false
AutoReconnect: true
AutoReconnectBehavior: DisconnectOnSuspend
UseStartBeforeLogon: false
AutoUpdate: true
RSASecurIDIntegration: Automatic
WindowsLogonEnforcement: SingleLocalLogon
WindowsVPNEstablishment: LocalUsersOnly
ProxySettings: Native
AllowLocalProxyConnections: true
PPPExclusion: Disable
PPPExclusionServerIP:
AutomaticVPNPolicy: false
TrustedNetworkPolicy: Disconnect
UntrustedNetworkPolicy: Connect
TrustedDNSDomains:
TrustedDNSServers:
AlwaysOn: false
ConnectFailurePolicy: Closed
AllowCaptivePortalRemediation: false
CaptivePortalRemediationTimeout: 5
ApplyLastVPNLocalResourceRules: false
AllowVPNDisconnect: true
EnableScripting: false
TerminateScriptOnNextEvent: false
EnablePostSBLOnConnectScript: true
AutomaticCertSelection: true
RetainVpnOnLogoff: false
UserEnforcement: SameUserOnly
EnableAutomaticServerSelection: false
AutoServerSelectionImprovement: 20
AutoServerSelectionSuspendTime: 4
AuthenticationTimeout: 12
SafeWordSofTokenIntegration: false
AllowIPsecOverSSL: false
ClearSmartcardPin: true
IPProtocolSupport: IPv4,IPv6
AllowManualHostInput: true
BlockUntrustedServers: true
PublicProxyServerAddress:
Date : 07/23/2013
Time : 08:50:11
Type : Information
Source : acvpnagent
Description : Function: CCvcConfig::readConfigParamFromFile
File: .\vpnconfig.cpp
Line: 5824
The specified configuration file for MUS service does not exist
Date : 07/23/2013
Time : 08:50:11
Type : Information
Source : acvpnagent
Description : Function: CThread::createThread
File: .\Utility\Thread.cpp
Line: 238
The thread (0x00001F34) has been successfully created.
Date : 07/23/2013
Time : 08:50:11
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent started, version 3.1.04059
Date : 07/23/2013
Time : 08:50:11
Type : Information
Source : acvpnagent
Description : Function: CInterfaceRouteMonitorCommon::logInterfaces
File: .\Routing\InterfaceRouteMonitorCommon.cpp
Line: 477
IP Address Interface List:
FE80:0:0:0:DDA0:24CA:FE35:4D19
148.110.133.126
FE80:0:0:0:19A3:961F:C11C:3724
192.168.164.1
FE80:0:0:0:80B3:F3CD:CA44:952E
169.254.149.46
Date : 07/23/2013
Time : 08:50:19
Type : Information
Source : acvpnui
Description : Cisco AnyConnect Secure Mobility Client GUI started, version 3.1.04059
Date : 07/23/2013
Time : 08:50:20
Type : Information
Source : acvpnui
Description : Initializing vpnapi version 3.1.04059 ().
Date : 07/23/2013
Time : 08:50:21
Type : Information
Source : acvpnui
Description : Function: MsgCatalog::initMsgCatalog
File: .\i18n\MsgCatalog.cpp
Line: 246
Current locale: fr-LU
Date : 07/23/2013
Time : 08:50:21
Type : Information
Source : acvpnui
Description : Function: ProfileMgr::loadProfiles
File: .\ProfileMgr.cpp
Line: 100
No profile is available.
Date : 07/23/2013
Time : 08:50:21
Type : Warning
Source : acvpnui
Description : Function: ClientIfcBase::getCurrentState
File: .\ClientIfcBase.cpp
Line: 2058
API service not ready
Date : 07/23/2013
Time : 08:50:21
Type : Information
Source : acvpnui
Description : Current Preference Settings:
ServiceDisable: false
CertificateStoreOverride: false
CertificateStore: All
ShowPreConnectMessage: false
AutoConnectOnStart: false
MinimizeOnConnect: true
LocalLanAccess: false
AutoReconnect: true
AutoReconnectBehavior: DisconnectOnSuspend
UseStartBeforeLogon: false
AutoUpdate: true
RSASecurIDIntegration: Automatic
WindowsLogonEnforcement: SingleLocalLogon
WindowsVPNEstablishment: LocalUsersOnly
ProxySettings: Native
AllowLocalProxyConnections: true
PPPExclusion: Disable
PPPExclusionServerIP:
AutomaticVPNPolicy: false
TrustedNetworkPolicy: Disconnect
UntrustedNetworkPolicy: Connect
TrustedDNSDomains:
TrustedDNSServers:
AlwaysOn: false
ConnectFailurePolicy: Closed
AllowCaptivePortalRemediation: false
CaptivePortalRemediationTimeout: 5
ApplyLastVPNLocalResourceRules: false
AllowVPNDisconnect: true
EnableScripting: false
TerminateScriptOnNextEvent: false
EnablePostSBLOnConnectScript: true
AutomaticCertSelection: true
RetainVpnOnLogoff: false
UserEnforcement: SameUserOnly
EnableAutomaticServerSelection: false
AutoServerSelectionImprovement: 20
AutoServerSelectionSuspendTime: 4
AuthenticationTimeout: 12
SafeWordSofTokenIntegration: false
AllowIPsecOverSSL: false
ClearSmartcardPin: true
IPProtocolSupport: IPv4,IPv6
AllowManualHostInput: true
BlockUntrustedServers: true
PublicProxyServerAddress:
Date : 07/23/2013
Time : 08:50:21
Type : Warning
Source : acvpnui
Description : Function: PluginLoader::QuickCreatePlugin
File: c:\temp\build\thehoff\ElGreco_MR40.391570230547\ElGreco_MR4\vpn\Common\Utility/PluginLoader.h
Line: 195
Invoked Function: PluginLoader::CreateInstance
Return Code: -29360116 (0xFE40000C)
Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE
com.cisco.anyconnect.nam.api
Date : 07/23/2013
Time : 08:50:21
Type : Information
Source : acvpnui
Description : Function: L2Api::attach
File: .\L2Api.cpp
Line: 87
The NAM/L2 Api could not be found or failed to load, skipping.
Date : 07/23/2013
Time : 08:50:21
Type : Warning
Source : acvpnui
Description : Function: PluginLoader::QuickCreatePlugin
File: c:\temp\build\thehoff\ElGreco_MR40.391570230547\ElGreco_MR4\vpn\Common\Utility/PluginLoader.h
Line: 195
Invoked Function: PluginLoader::CreateInstance
Return Code: -29360116 (0xFE40000C)
Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE
com.cisco.anyconnect.websecurity.api
Date : 07/23/2013
Time : 08:50:21
Type : Information
Source : acvpnui
Description : Function: SSApi::attach
File: ..\common\SSApi.cpp
Line: 51
The Web Security API could not be found or failed to load, skipping.
Date : 07/23/2013
Time : 08:50:21
Type : Error
Source : acvpnui
Description : Function: MFDartBox::getDARTInstallDir
File: .\MFDartBox.cpp
Line: 332
Invoked Function: MsiEnumProductsExW
Return Code: 259 (0x00000103)
Description: No more data is available.
Date : 07/23/2013
Time : 08:50:21
Type : Warning
Source : acvpnui
Description : Function: ClientIfcBase::getStats
File: .\ClientIfcBase.cpp
Line: 1723
Called when API service not ready.
Date : 07/23/2013
Time : 08:50:22
Type : Error
Source : acvpnui
Description : Function: CSocketTransport::connectTransport
File: .\IPC\SocketTransport.cpp
Line: 981
Invoked Function: ::WSAConnect
Return Code: 10061 (0x0000274D)
Description: No connection could be made because the target machine actively refused it.
Date : 07/23/2013
Time : 08:50:22
Type : Error
Source : acvpnui
Description : Function: CIpcTransport::connectIpc
File: .\IPC\IPCTransport.cpp
Line: 252
Invoked Function: CSocketTransport::connectTransport
Return Code: -31588340 (0xFE1E000C)
Description: SOCKETTRANSPORT_ERROR_CONNECT
Date : 07/23/2013
Time : 08:50:22
Type : Error
Source : acvpnui
Description : Function: CIpcTransport::terminateIpcConnection
File: .\IPC\IPCTransport.cpp
Line: 404
Invoked Function: CSocketTransport::writeSocketBlocking
Return Code: -31588319 (0xFE1E0021)
Description: SOCKETTRANSPORT_ERROR_NO_SOCKET_HANDLE:The socket transport does not possess a valid socket handle.
Date : 07/23/2013
Time : 08:50:22
Type : Error
Source : acvpnui
Description : Function: ApiIpc::initIpc
File: .\ApiIpc.cpp
Line: 423
Invoked Function: CIpcTransport::connectIpc
Return Code: -31588340 (0xFE1E000C)
Description: SOCKETTRANSPORT_ERROR_CONNECT
Date : 07/23/2013
Time : 08:50:22
Type : Error
Source : acvpnui
Description : Function: ApiIpc::initiateAgentConnection
File: .\ApiIpc.cpp
Line: 336
Invoked Function: ApiIpc::initIpc
Return Code: -31588340 (0xFE1E000C)
Description: SOCKETTRANSPORT_ERROR_CONNECT
Date : 07/23/2013
Time : 08:50:22
Type : Error
Source : acvpnui
Description : Function: ApiIpc::run
File: .\ApiIpc.cpp
Line: 570
Invoked Function: ApiIpc::initiateAgentConnection
Return Code: -31588340 (0xFE1E000C)
Description: SOCKETTRANSPORT_ERROR_CONNECT
Date : 07/23/2013
Time : 08:50:22
Type : Error
Source : acvpnui
Description : Function: ClientIfcBase::attach
File: .\ClientIfcBase.cpp
Line: 606
Client failed to attach.
Date : 07/23/2013
Time : 08:50:25
Type : Error
Source : acvpnui
Description : Function: CMainFrame::OnCreate
File: .\mainfrm.cpp
Line: 342
Invoked Function: The VPN service is not responding or available.
Return Code: -33554423 (0xFE000009)
Description: GLOBAL_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:50:25
Type : Information
Source : acvpnui
Description : Function: ClientIfcBase::detach
File: .\ClientIfcBase.cpp
Line: 438
Shutting down vpnapi
Date : 07/23/2013
Time : 08:50:25
Type : Error
Source : acvpnui
Description : Function: ConnectMgr::activateConnectEvent
File: .\ConnectMgr.cpp
Line: 1352
NULL object. Cannot establish a connection at this time.
Date : 07/23/2013
Time : 08:50:25
Type : Information
Source : acvpnui
Description : Cisco AnyConnect Secure Mobility Client GUI exiting, version 3.1.04059 , return code 0 [0x00000000]
Date : 07/23/2013
Time : 08:51:12
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent starting, version 3.1.04059
Date : 07/23/2013
Time : 08:51:12
Type : Error
Source : acvpnagent
Description : Function: CBencodeStream::LoadStream
File: ..\..\PhoneHome\Bencode.cpp
Line: 126
Unable to open file for reading
Date : 07/23/2013
Time : 08:51:12
Type : Error
Source : acvpnagent
Description : Function: CBencodeDictionary::CBencodeDictionary
File: ..\..\PhoneHome\Bencode.cpp
Line: 1422
Bencode dictionary internalize failed
Date : 07/23/2013
Time : 08:51:12
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CPhoneHomeVpn
File: .\PhoneHomeVpn.cpp
Line: 187
Failed to create Bencode dictionary
Date : 07/23/2013
Time : 08:51:12
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CreateSingletonInstance
File: .\PhoneHomeVpn.cpp
Line: 82
Invoked Function: CPhoneHomeVpn
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:51:12
Type : Warning
Source : acvpnagent
Description : Function: CMainThread::CMainThread
File: .\MainThread.cpp
Line: 1017
Invoked Function: CPhoneHomeVpn::CreateSingletonInstance
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:51:12
Type : Warning
Source : acvpnagent
Description : Function: PluginLoader::QuickCreatePlugin
File: c:\temp\build\thehoff\ElGreco_MR40.391570230547\ElGreco_MR4\vpn\Common\Utility/PluginLoader.h
Line: 195
Invoked Function: PluginLoader::CreateInstance
Return Code: -29360116 (0xFE40000C)
Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE
com.cisco.anyconnect.leaf
Date : 07/23/2013
Time : 08:51:12
Type : Information
Source : acvpnagent
Description : Function: MsgCatalog::initMsgCatalog
File: .\i18n\MsgCatalog.cpp
Line: 246
Current locale: fr-LU
Date : 07/23/2013
Time : 08:51:12
Type : Information
Source : acvpnagent
Description : Function: ProfileMgr::loadProfiles
File: .\ProfileMgr.cpp
Line: 100
No profile is available.
Date : 07/23/2013
Time : 08:51:12
Type : Information
Source : acvpnagent
Description : Current Preference Settings:
ServiceDisable: false
CertificateStoreOverride: false
CertificateStore: All
ShowPreConnectMessage: false
AutoConnectOnStart: false
MinimizeOnConnect: true
LocalLanAccess: false
AutoReconnect: true
AutoReconnectBehavior: DisconnectOnSuspend
UseStartBeforeLogon: false
AutoUpdate: true
RSASecurIDIntegration: Automatic
WindowsLogonEnforcement: SingleLocalLogon
WindowsVPNEstablishment: LocalUsersOnly
ProxySettings: Native
AllowLocalProxyConnections: true
PPPExclusion: Disable
PPPExclusionServerIP:
AutomaticVPNPolicy: false
TrustedNetworkPolicy: Disconnect
UntrustedNetworkPolicy: Connect
TrustedDNSDomains:
TrustedDNSServers:
AlwaysOn: false
ConnectFailurePolicy: Closed
AllowCaptivePortalRemediation: false
CaptivePortalRemediationTimeout: 5
ApplyLastVPNLocalResourceRules: false
AllowVPNDisconnect: true
EnableScripting: false
TerminateScriptOnNextEvent: false
EnablePostSBLOnConnectScript: true
AutomaticCertSelection: true
RetainVpnOnLogoff: false
UserEnforcement: SameUserOnly
EnableAutomaticServerSelection: false
AutoServerSelectionImprovement: 20
AutoServerSelectionSuspendTime: 4
AuthenticationTimeout: 12
SafeWordSofTokenIntegration: false
AllowIPsecOverSSL: false
ClearSmartcardPin: true
IPProtocolSupport: IPv4,IPv6
AllowManualHostInput: true
BlockUntrustedServers: true
PublicProxyServerAddress:
Date : 07/23/2013
Time : 08:51:12
Type : Information
Source : acvpnagent
Description : Function: CCvcConfig::readConfigParamFromFile
File: .\vpnconfig.cpp
Line: 5824
The specified configuration file for MUS service does not exist
Date : 07/23/2013
Time : 08:51:12
Type : Information
Source : acvpnagent
Description : Function: CThread::createThread
File: .\Utility\Thread.cpp
Line: 238
The thread (0x0000162C) has been successfully created.
Date : 07/23/2013
Time : 08:51:12
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent started, version 3.1.04059
Date : 07/23/2013
Time : 08:51:12
Type : Information
Source : acvpnagent
Description : Function: CInterfaceRouteMonitorCommon::logInterfaces
File: .\Routing\InterfaceRouteMonitorCommon.cpp
Line: 477
IP Address Interface List:
FE80:0:0:0:DDA0:24CA:FE35:4D19
148.110.133.126
FE80:0:0:0:19A3:961F:C11C:3724
192.168.164.1
FE80:0:0:0:80B3:F3CD:CA44:952E
169.254.149.46
Date : 07/23/2013
Time : 08:52:13
Type : Information
Source : acvpnagent
Description : Cisco AnyConnect Secure Mobility Client Agent starting, version 3.1.04059
Date : 07/23/2013
Time : 08:52:13
Type : Error
Source : acvpnagent
Description : Function: CBencodeStream::LoadStream
File: ..\..\PhoneHome\Bencode.cpp
Line: 126
Unable to open file for reading
Date : 07/23/2013
Time : 08:52:13
Type : Error
Source : acvpnagent
Description : Function: CBencodeDictionary::CBencodeDictionary
File: ..\..\PhoneHome\Bencode.cpp
Line: 1422
Bencode dictionary internalize failed
Date : 07/23/2013
Time : 08:52:13
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CPhoneHomeVpn
File: .\PhoneHomeVpn.cpp
Line: 187
Failed to create Bencode dictionary
Date : 07/23/2013
Time : 08:52:13
Type : Error
Source : acvpnagent
Description : Function: CPhoneHomeVpn::CreateSingletonInstance
File: .\PhoneHomeVpn.cpp
Line: 82
Invoked Function: CPhoneHomeVpn
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:52:13
Type : Warning
Source : acvpnagent
Description : Function: CMainThread::CMainThread
File: .\MainThread.cpp
Line: 1017
Invoked Function: CPhoneHomeVpn::CreateSingletonInstance
Return Code: -23396343 (0xFE9B0009)
Description: PHONEHOMEVPN_ERROR_UNEXPECTED
Date : 07/23/2013
Time : 08:52:13
Type : Warning
Source : acvpnagent
Description : Function: PluginLoader::QuickCreatePlugin
File: c:\temp\build\thehoff\ElGreco_MR40.391570230547\ElGreco_MR4\vpn\Common\Utility/PluginLoader.h
Line: 195
Invoked Function: PluginLoader::CreateInstance
Return Code: -29360116 (0xFE40000C)
Description: PLUGINLOADER_ERROR_COULD_NOT_CREATE
com.cisco.anyconnect.leaf
Date : 07/23/2013
Time : 08:52:13
Type : Information
Source : acvpnagent
Description : Function: MsgCatalog::initMsgCatalog
File: .\i18n\MsgCatalog.cpp
Line: 246
Current locale: fr-LU
Date : 07/23/2013
Time : 08:52:13
Type : Information
Source : acvpnagent
Description : Function: ProfileMgr::loadProfiles
File: .\ProfileMgr.cpp
Line: 100
No profile is available.
Date : 07/23/2013
Time : 08:52:13
Type : Information
Source : acvpnagent
Description : Current Preference Settings:
ServiceDisable: false
CertificateStoreOverride: false
CertificateStore: All
ShowPreConnectMessage: false
AutoConnectOnStart: false
MinimizeOnConnect: true
LocalLanAccess: false
AutoReconnect: true
AutoReconnectBehavior: DisconnectOnSuspend
UseStartBeforeLogon: false
AutoUpdate: true
RSASecurIDIntegration: Automatic
WindowsLogonEnforcement: SingleLocalLogon
WindowsVPNEstablishment: LocalUsersOnly
ProxySettings: Native
AllowLocalProxyConnections: true
PPPExclusion: Disable
PPPExclusionServerIP:
AutomaticVPNPolicy: false
TrustedNetworkPolicy: Disconnect
UntrustedNetworkPThere seem to be much more problems with 3.1.04049
Especially with certificate authentication.
I opened some TAC cases.
Try 3.1.04063 that came out at 07-24-13.
TAC said that there are some fixes in it... -
Linksys WRT600N vs CISCO PIX 506E.... Firewall / Routing Performance
Hi:
I am new to the forum and was hoping to tap into some of your expertise. I have a Linksys WRT600N version 1.1 and I recently acquired a CISCO PIX 506E firewall. My question is what should I use as a firewall? Both have SPI etc. Should I:
a) Use the 506E as a firewall and use the 600 as a wireless access point, or
b) Use the 600 as a firewall and wireless access point.
Do both routers have the same firewall routing performance? I want to use the storage feautre on the 600N, but if I do that and use it as a wireless access point the 600 can't get the proper time from the Internet, so my time for newly created folders and files shows they are 10 years old.
Anyway, just thought I would post and find out what some of the experts thought and maybe someone from Linksys or CISCO. I know the 506E is discontinued and was manufactured around 2001 and the 600N is a new model.
(Edited subject to keep threads from stretching. Thanks!)
Message Edited by JOHNDOE_06 on 05-06-2008 10:41 AMThe PIX is a real firewall. The WRT has a firewall which mostly protects the router itself. People prefer to buy a "SPI firewall router" instead of a simple "router" even though the router firewall does nothing or little to protect the LAN. The only firewall configurations on the WRTs you can usually do is on the Access Restrictions tab. But that's usually all. The LAN itself is not protected by the firewall. You would notice this if you had a public IP subnet and ran it through the WRT: the LAN would be fully exposed to the internet. Some routers have a few functions like protection against denial of service attacks or similar. But even then this often filters only the traffic targeted at the router and not the LAN.
The common protection of your LAN you have on the WRT is because you use private IP addresses inside your LAN and the router does NAT. However, NAT is not a security mechanism but a mechanism to solve the problem that you can only have a single public IP address but want to use multiple computers, which is why you have to use private IP addresses. Current NAT implementations usually drop unsolicited incoming traffic because they don't know to which IP address in the LAN to send it to. But the notion of NAT is to deliver and to allow connectivity. This has nothing to do with security or a firewall.
Thus, if you want to use a real firewall use the PIX. On the PIX you can configure the traffic which is allowed to enter the LAN and which not. It is far superior in this respect to the WRT. However, as it is a older model, I cannot tell how fast the PIX is. You should be able to find the old data sheets of the PIX somewhere on the cisco website. They should mention the possible throughput. I guess it won't be an issue.
To me another point for the PIX are the VPN capabilities which allow you to securely access your LAN while you are on the road.
Of course, you must know how to configure the PIX correctly. It is a complex device and can be configured pretty much for anything you like. This means of course if you do it wrong you may end up with little or no security.
BTW, there are no people from linksys in this forums except the moderators (which may be from lithium). To hear from Linksys you have to contact Linksys support. -
Cisco Wireless Location Appliance
dear
i have WCS with 500 ap License
i need to have Cisco Wireless Location Appliance what lisens i need for 500 ap
please explain to me thatHi Ahmed,
This is the upgrade License SKU for upgrading WCS to WCS Location;
WCS-LOC-UPG-K9
Supports deployment of Cisco WCS on a single server only.
For customers upgrading from their existing Cisco WCS base licenses to equivalent Cisco WCS location licenses running Cisco WCS Software Release 4.1 or later.
Available as Cisco WCS location in increments of 50, 100, or 500 lightweight access points.
Customers currently using this license with Cisco WCS Software Release 4.0 are encouraged to upgrade to Cisco WCS Software Release 4.1, but they are not required to do so.
Order the Correct Cisco WCS SKUs
The process to order Cisco WCS SKUs for WCS-STANDARD-K9, WCS-LOC-UPG-K9, WCS-WLSE-UPG-K9 and WCS-ENT-K9 is presented below. To request help with ordering, please contact Cisco Customer Service: http://www.cisco.com/go/customerservice.
1. Login to the Cisco Ordering Tool.
2. Enter the family SKU of WCS-STANDARD-K9 or WCS-LOC-UPG-K9 or WCS-WLSE-UPG-K9 or WCS-ENT-K9 into "Enter Product" in the Ordering Tool and then press "Enter."
3. The family SKU will display in the ordering area. (Figure 6).
4. Select the "Line" for the family SKU
5. Once you have been taken to the configuration screen, select one of these options from the left side (Figure 7):
For WCS-STANDARD-K9 select one of the sub-SKUs based on the following:
Base: WCS Standard AP Base Option
Location: WCS Standard AP Location Option
For WCS-WLSE-UPG-K9 select one of the sub-SKUs based on the following:
Base: WLSE to WCS AP Base Upgrade Option
Location: WLSE to WCS AP Location Upgrade Option
**For WCS-LOC-UPG-K9 select the sub-SKU:
**WCS AP Location Upgrade Option
For WCS-ENT-K9 select the sub-SKU:
WCS Enterprise AP Location Option
For the WCS-STANDARD-K9 or **WCS-LOC-UPG-K9 SKU families, customers are prompted to order the optional CD (WCS-CD-K9), for a nominal charge, during the ordering process. The WCS-CD-K9 contains one software image of Cisco WCS Software Release 4.1 on a CD for Windows and Linux. This CD is shipped by U.S. mail to the purchaser's address. The optional CD is not available for WCS-WLSE-UPG-K9 because this SKU family already ships in CD format.
6. The right side of the screen will display the licenses available (Figure 7). The price for each SKU is displayed in the Ordering Tool.
7. Each license is orderable in a quantity of one (1) for the quantity blocks specified. To add multiple quantities of license blocks, you must go back to the main screen and order additional family SKUs and then select the sub-SKU option and license quantity block required. Repeat this process as needed, until the correct quantity of license blocks for your sub-SKU have been ordered.
From this good doc;
http://www.cisco.com/en/US/products/ps6305/pro ducts_data_sheet0900aecd804b4646.html
Hope this helps!
Rob -
Cisco 871W eZVPN is unable to connect Cisco PIX vpn server
crypto ipsec client ezvpn TEST
connect auto
group Cisco key cisco123
mode client
peer 172.1.1.1
xauth userid mode interfactive
interface FastEthernet4
ip address 10.1.1.1 255.255.255.0
ip access-group 101 in
ip nat outside
crypto ipsec client ezvpn TEST
Internet Vlan1
ip address 192.168.1.1 255.255.255.0
ip access-group 100 out
ip nat inside
crypto ipsec client ezvpn TEST inside
ip route 0.0.0.0. 0.0.0.0 192.168.1.254
ip nat inside source route-map EzVPN1 interface FastEthernet4 overload
access-list 100 permit ip any any
access-list 101 permit ip any any
access-list 103 permit ip 192.168.1.0 0.0.0.255 any
route-map EzVPN1 permit 1
match ip address 103
These are the following commands I applied in my Router, It is able to connect but unable to access any other servers. The same user name & password I tried with the VPN dialer it works on my Laptop. Anything I am missing on the router configuration. The VPN server is Cisco PIX 515E.
Cisco IOS on 871W is 12.3(8)Y121) Isn't your default route supposed to be pointing towards the external interface?
ip route 0.0.0.0. 0.0.0.0 192.168.1.254 ?
2) Can you change the 'mode client' to 'mode network-extension'. Also the PIX will need 'nem enable'.
Have a look at the following (I'm assuming you already have as your config seems to be similar):
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml
For old 6.x code on PIX, have a look at:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080241a0d.shtml
Regards
Farrukh -
Ask the Expert:Cisco Web Security
With Ryan Wager
Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn about design, configuration and troubleshooting of the Cisco Web Security Solutions including Cisco Ironport WSA and Cisco ScanSafe with Cisco experts Kiran Sirupa and Ryan Wager. Kiran Sirupa is a technical marketing engineer in the product marketing team for the Cisco IronPort Web Security Appliance product line. He also works on documentation, partner ,and system engineering training. Kiran has been working in the Cisco Security Technologies group for more than six years. Ryan Wager is a technical marketing engineer at Cisco in the product management team for the ScanSafe Web Security platform. He is heavily involved with the product's integration with the Cisco Integrated Services Router Generation 2 platform, along with documentation, training, and testing of all new products and features. Before joining the product management team, Wagner spent two years as an implementation engineer helping ScanSafe's largest customers implement the platform into their networks.
Remember to use the rating system to let Kiran and Ryan know if you have received an adequate response.
They might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Security sub-community, discussion forum shortly after the event. This event lasts through October 7, 2011.. Visit this forum often to view responses to your questions and the questions of other community members.Yes, the IronPort WSA will support all the security functions including Anti-Virus, Anti-Malware, Anti-Spyware, Web Reputation when working in conjunction with an existing proxy.
There are two conditions:
1. WSA acts as an upstream proxy - In this case, the authentication will be handled by your existing proxy, but the WSA is the first layer of defense. The WSA will perform a lookup in its web reputation database based on the destination. Also, The WSA can scan the http response with Anti-Virus, Anti-SpyWare and Anti-Malware software. However, since the WSA doesn't have user authentication information, you can only apply global controls for Acceptable Use.
2. WSA has to go through an existing upstream proxy - In this case, the WSA has all the security functionality. In addition, it also handles the authentication. Hence, you can apply role based controls.
You may refer to the following links for more information:
WSA Product Literature: http://www.cisco.com/en/US/products/ps10164/prod_literature.html
Cisco Security Reports: http://www.cisco.com/en/US/prod/vpndevc/annual_security_report.html
Cisco Security Intelligence Operations: http://tools.cisco.com/security/center/home.x
Maybe you are looking for
-
XI 3.1 SR3 on Solaris SPARC - using ccm.sh to add new node ?
Hi, I'm configuring the XI 3.1 SR3 Integration for SAP component on my newly built BOE 3.1 SR3 environment and have a question on the "configuring SAP server side trust" part of the configuration. On page 91 of the Int Kit for SAP guide it states tha
-
Hi, I use jasper report with an XML datasource. I have an image in the xml stream encode as a string with a class name Base64. I want to display the image in my report but I dont know how to do this. Does someone know something about this ? Help, ple
-
Snow Leopard Mail - everything disappeared
My computer crashed and when I restarted it everything was there except my mail system had reverted to the day I got the computer. How do I restore it. I am connected to Time machine but when I restored the mail Application from yesterdays backup I s
-
Why is dreamweaver putting a space after the "b" in <b />?
-
Hi I have for some time tried to load an Applet from within an Applet by means of custom classloader. However when reading various specifications for classloader they state it is not possible for an Applet to do so. Does anyone know otherwise?