Trying to create VPN between a Fortigate and Pix

Similar Messages

• VPN between cisco WRVS4400N and EdgeMarc

  Hi Experts
  Please help me.
  Is it possible to create VPN between cisco WRVS4400N and EdgeMarc appliance.
  Regards,
  Ejaz

  Hi Ejaz
  I don't expect any cisco folks that answer this community to be expert on EdgeMarc, but i may be wrong..
  We employ a open standard IPSec implementation.
  Here is the open source document that relates to the RV220W.
  http://www.cisco.com/en/US/docs/routers/csbr/rv220w/open_source/OSD_RV220W_78-19892-02.pdf
  The question  could have  been,  have you asked EsgeMarc if they wiork with open standard based IPSec implemations on our routers. 
  I would prefer you look at the RV220W if possible, which is a relatively young product.
  I am guessing since you can source a product from Disti, try one and see if it works.
  The beauty of buying from a Cisco Disti Partner, is they they have a  returns policy. Check out that policy, if you wish and  keep the packaging and try out your application.
  Answered a question with someone trying to form a IPSec link to a OEM firewall/ IPSec gateway ..it worked. so give your application a try
  regards Dave.

• How can i create link between ipad(xcode) and webserver?

  Hi, I'm a new to iPad development and i need help,
  i'm not good with english but i try to explain my question:
  how can i create link between ipad(xcode) and webserver?
  (the webserver ".NET" with driver odbc is connected with DB Oracle)
  so, how can my ipad application access to the Oracle DB?
  Create a webservice (.NET) to be place between iPad and DB, is this correct?
  how can i do it?
  which are libraries to include in the xcode's framework?
  thx

  I think the following URL will be your best answer:
  http://stackoverflow.com/questions/3510468/connecting-iphone-to-an-odbc-database

• After upgrading to YOSEMITE, I tried to use Airdrop between my iMac and iPhone 6 Plus but they don't recognize each other. It also didn't recognize my iPad. I need help

  After upgrading to YOSEMITE, I tried to use Airdrop between my iMac and iPhone 6 Plus but they don't recognize each other. It also didn't recognize my iPad.
  Please help!

  After upgrading to YOSEMITE, I tried to use Airdrop between my iMac and iPhone 6 Plus but they don't recognize each other. It also didn't recognize my iPad.
  Please help!

• I am trying to create a new itunes account and on the terms and conditions page the Agree button is permanently grey even when i have ticked the check box any ideas

  On my Macbook Pro running Lion - trying to create a new ITunes account and the Agree button on the Terms and condition page will not come active even after checking the box any ideas

  There isn't a way - at least not that I have found.  I'm having an issue with this as well - seems like a shoddy sort of business practice.  I refuse to enter my credit card number to download a FREE app.  I'm encouraging the user community that has a problem with this to please post your opinion as well.  I know this is a use community, but I have to think that Apple will take notice when an issue gets a lot of attention.  Apple needs to hear your voice.

• I tried to install windows 7 in my macbook pro late 2011 but i tried to create partions after it installed and it turn to dynamic disks and ican't access mac or win 7 what should I do i cant format it because i dont have a backup

  I tried to install windows 7 in my macbook pro late 2011 but i tried to create partions after it installed and it turn to dynamic disks and i can't access mac or win 7 what should I do i cant format it because i dont have a backup

  It's not that you can't format it because you have no backup, it's because you'll lose everything when you do. Lesson learned. Always have a backup.

• Using export slide show from iphoto, I am trying to create a DVD of photos and vid clips in large format. The vid clips do not work using burn software. Any idea?

  Using export slide show from iphoto, I am trying to create a DVD of photos and vid clips in large format. The vid clips do not work using burn software. Any idea?

  Have used large format, but using the 'burn' software, I am not getting seamless video quality on DVD even though I am burning at 2* speed. Any ideas? Do I need better software? Or is there a problem with the SuperDrive?

• HT1222 ipad apps 1 I lost all after I installed new windows and I tried to connect it between your computer and iPad, what's the solution? (Please Inbox : Bambangtjio@yahoo.o.id) Thanks

  ipad apps 1 I lost all after I installed new windows and I tried to connect it between your computer and iPad, what's the solution? (Please Inbox : [email protected]) Thanks

  Hi,
  Sounds like it isn't to serious. the Bluetooth connection had an error and that is that generated
  the Problem report.
  When the Blackberry started to use Bluetooth the "gold standard" was using Microsoft's
  "native" windows drivers. Now, every major PC company has there own version
  Thus the problem report.
  There is  rather involved and lengthy procedure to check and install the correct Bluetooth drivers
  in the Dell, but I really don't think you want to take that on.( Nod you head and say H*LL YES)
  Here is what I propose;
  The problem report needs to be resolved or it wont go away. Read the manual, call Dell,
  try apologizing to it and that you'll never never do it again, what ever it takes!
  Make the best investment you can make for your Blackberry, buy a media card.
  All the memory in the BB is dynamic, this facilitates the functions of the phone.
  By storing media in that memory, you effect are wasting X amount for file storage.
  Store all media and files on the media card, and you will have a smooth running device.
  They run about $25.00usd, they are easy to install, and they also make moving your
  media a snap. You will need the USB adapter that came with it, but you can get that at
  your local carrier store.
  So if you agree with this I need some info.
  On the Blackberry go to the options icon,click then scroll up to ABOUT.
  I need your software version number, it's listed in this format: 4.x.x.xxx.
  Send it back to me and I can tell you what size card you can get.
  Let me know your thoughts!
  Thanks,
  Bifocals
  Click Accept as Solution for posts that have solved your issue(s)!
  Be sure to click Like! for those who have helped you.
  Install BlackBerry Protect it's a free application designed to help find your lost BlackBerry smartphone, and keep the information on it secure.

• How to create dblink between oracle 10G and mysql

  I want to create dblink between oracle 10G and mysql
  I create it in ECC6.0 using DBCO transaction tcode,which database type can choose?Microsoft sql server?Because there have no mysql item.
  I choosed MSS  so that I can test it, but it failed,there is an error that 'ORA-12569:TNS:packet checksun failure'.
  I configured the oracle tnsnames.ora file like this:
       CW.WORLD =
             (DESCRIPTION =
                  (ADDRESS_LIST =
                        (ADDRESS =
                                (COMMUNITY = SAP,WORLD)
                                (PROTOCOL = TCP)
                                (HOST = XX.XX.XX.XX)
                                (PORT = XXXX)
                 (CONNECT_DATA =
                      (SID = XXX )
                 (HS = ok )
  When I tnsping CW,it will fail,like this " TNS-12569:TNS:packet checksum failure"
  How can I do.

  I want to know if this possible?

• When I am trying to create an organization in HRMS, and clicking on Type field, it is showing me "Frm-41830: List of values contains no entries". Please suggest me what is the solution

  When I am trying to create an organization in HRMS, and clicking on Type field, it is showing me "Frm-41830: List of values contains no entries". Please suggest me what is the solution

  Hi,
  Type is one part of Org creation....
  Optionally, select an organization type in the Type field.
  Organization types do not classify your organization, you use them for reporting purposes only. The type may identify the function an organization performs, such as Administration or Service, or the level of each organization in your enterprise, such as Division, Department or Cost Center. You create the organization types you require by entering values for the Lookup Type ORG_TYPE.
  Regards:
  Shahzad M. Saleem (mark this answer as helpful if it helps u)

• Problem with VPN by ASA 5505 and PIX 501

  Hi
  I have this scenario: Firewall ASA 5505, Firewall Pix 501 (with CatOS 6.3(5) ).
  I have configured this appliance for Easy VPN (server is ASA) and PIX, and remote Access with Cisco client vpn (for internal lan ASA).
  When i configure the ASA i have this problem, when i configure nat for easy vpn.
  This is my nat configuration:
  nat (inside) 0 access-list 100
  nat (inside) 1 192.168.1.0 255.255.255.0
  nat (inside) 1 0.0.0.0 0.0.0.0
  nat (inside) 0 0.0.0.0 0.0.0.0 outside
  when i put this command:
  nat (inside) 0 access-list no-nat
  this command is necessary for configuration of easy vpn, but the previous nat:
  nat (inside) 0 access-list 100
  is replace with the latest command.

  To identify addresses on one interface that are translated to mapped addresses on another interface, use the nat command in global configuration mode. This command configures dynamic NAT or PAT, where an address is translated to one of a pool of mapped addresses. To remove the nat command, use the no form of this command.
  For regular dynamic NAT:
  nat (real_ifc) nat_id real_ip [mask [dns] [outside] [udp udp_max_conns] [norandomseq]]
  no nat (real_ifc) nat_id real_ip [mask [dns] [outside] [udp udp_max_conns] [norandomseq]]
  For policy dynamic NAT and NAT exemption:
  nat (real_ifc) nat_id access-list access_list_name [dns] [outside] [udp udp_max_conns] [norandomseq]
  no nat (real_ifc) nat_id access-list access_list_name [dns] [outside] [udp udp_max_conns] [norandomseq]

• Site to Site VPN between ASA 5505 and Juniper SSG140 no traffic

  interface Ethernet0/0
   switchport access vlan 2
  interface Ethernet0/1
   switchport access vlan 3
  interface Ethernet0/2
   switchport trunk allowed vlan 20-21,24,28,212-214,227,232-236,254-256
   switchport mode trunk
  interface Ethernet0/3
   switchport trunk allowed vlan 20-21,24,28,212-214,227,232-236,254-256
   switchport mode trunk
  interface Ethernet0/4
   switchport trunk allowed vlan 20-21,24,28,212-214,227,232-236,254-256
   switchport mode trunk
  interface Ethernet0/5
   switchport trunk allowed vlan 20-21,24,28,212-214,227,232-236,254-256
   switchport mode trunk
  interface Ethernet0/6
   switchport trunk allowed vlan 20-21,24,28,212-214,227,232-236,254-256
   switchport mode trunk
  interface Ethernet0/7
   switchport access vlan 250
  interface Vlan2
   nameif outside
   security-level 0
   ip address 81.XXX.XXX.XXX 255.255.255.252
  interface Vlan3
   nameif OUTSIDE_BACK
   security-level 0
   ip address 41.XXX.XXX.XXX 255.255.255.248
  interface Vlan20
   nameif XXX
   security-level 80
   ip address 10.143.0.1 255.255.255.0 standby 10.143.0.2
  interface Vlan21
   nameif XXX
   security-level 90
   ip address 10.143.1.1 255.255.255.0 standby 10.143.1.2
  interface Vlan24
   nameif XXX
   security-level 80
   ip address 10.143.4.1 255.255.255.0 standby 10.143.4.2
  interface Vlan28
   nameif XXX
   security-level 80
   ip address 10.143.8.1 255.255.255.0 standby 10.143.8.2
  interface Vlan212
   nameif SELF
   security-level 80
   ip address 10.143.12.1 255.255.255.0 standby 10.143.12.2
  interface Vlan213
   nameif XXX
   security-level 80
   ip address 10.143.13.1 255.255.255.0 standby 10.143.13.2
  interface Vlan214
   nameif BIOFR
   security-level 80
   ip address 10.143.14.1 255.255.255.0 standby 10.143.14.2
  interface Vlan232
   nameif MNGT
   security-level 80
   ip address 10.143.32.1 255.255.255.0 standby 10.143.32.2
  interface Vlan233
   nameif XXX
   security-level 80
   ip address 10.143.33.1 255.255.255.0 standby 10.143.33.2
  interface Vlan234
   nameif XXX
   security-level 80
   ip address 10.143.34.1 255.255.255.0 standby 10.143.34.2
  interface Vlan235
   nameif XX
   security-level 80
   ip address 10.143.35.1 255.255.255.0 standby 10.143.35.2
  interface Vlan236
   nameif XXX
   security-level 80
   ip address 10.143.36.1 255.255.255.0 standby 10.143.36.2
  interface Vlan250
  description LAN Failover Interface
  interface Vlan254
   nameif TEST
   security-level 80
   ip address 10.143.254.1 255.255.255.0 standby 10.143.254.2
  interface Vlan255
   nameif XXX
   security-level 100
   ip address 10.143.255.1 255.255.255.0 standby 10.143.255.2
  object network obj_any
   subnet 0.0.0.0 0.0.0.0
  object network XXX
   subnet 10.143.14.0 255.255.255.0
  object network XXX
   subnet 10.143.35.0 255.255.255.0
  object network XXX
   subnet 10.143.1.0 255.255.255.0
  object network MGMT
   subnet 10.143.32.0 255.255.255.0
  object network XXX
   subnet 10.143.36.0 255.255.255.0
  object network XXX
   subnet 10.143.4.0 255.255.252.0
  object network XXX
   subnet 10.143.33.0 255.255.255.0
  object network ACCT
   subnet 10.143.34.0 255.255.255.0
  object network XXX
   subnet 10.143.0.0 255.255.255.0
  object network XXX
   subnet 10.143.8.0 255.255.255.0
  object network XXX
   subnet 10.143.12.0 255.255.255.0
  object network XXX
   subnet 10.143.37.0 255.255.255.0
  object network TEST
   subnet 10.143.254.0 255.255.255.0
  object network XXX
   subnet 10.143.255.0 255.255.255.0
  object network NETWORK_OBJ_10.143.0.0_16
   subnet 10.143.0.0 255.255.0.0
  object network NETWORK_OBJ_10.91.0.0_16
   subnet 10.91.0.0 255.255.0.0
  object-group network vpn-local-network
   network-object 10.143.14.0 255.255.255.0
   network-object 10.143.35.0 255.255.255.0
   network-object 10.143.1.0 255.255.255.0
   network-object 10.143.32.0 255.255.255.0
   network-object 10.143.36.0 255.255.255.0
   network-object 10.143.4.0 255.255.255.0
   network-object 10.143.33.0 255.255.255.0
   network-object 10.143.34.0 255.255.255.0
  object-group network vpn-remote-network
   network-object 10.112.0.0 255.255.0.0
  access-list ACL_VPN extended permit ip 10.143.0.0 255.255.0.0 10.112.0.0 255.255.0.0
  access-list ACL_INSIDE_NONAT extended permit ip 10.143.0.0 255.255.0.0 10.112.0.0 255.255.0.0
  access-list PING extended permit icmp any any
  access-list PING extended permit icmp any any object-group ALLOW_PING
  pager lines 24
  logging asdm informational
  mtu outside 1500
  failover
  failover lan unit primary
  failover lan interface FAILOVER Vlan250
  failover interface ip FAILOVER 10.143.250.1 255.255.255.0 standby 10.143.250.2
  no monitor-interface outside
  no monitor-interface OUTSIDE_BACK
  icmp unreachable rate-limit 1 burst-size 1
  asdm image disk0:/asdm-721.bin
  no asdm history enable
  arp timeout 14400
  no arp permit-nonconnected
  nat (XXX,outside) source dynamic XXX interface
  nat (XXX,outside) source dynamic XXX interface
  nat (XXX,outside) source dynamic XXX interface
  nat (XXX,outside) source dynamic XXX interface
  nat (XXX,outside) source dynamic XXX interface
  nat (XXX,outside) source dynamic XXX interface
  nat (XX,outside) source dynamic XXX interface
  nat (XXX,outside) source dynamic XXX interface
  nat (XXX,outside) source dynamic XX interface
  nat(IT,outside) source dynamic IT interface
  nat (TEST,outside) source dynamic TEST interface
  nat ( IT,outside) source dynamic IT interface
  nat (TEST,outside) source static vpn-local-network vpn-local-network destination static vpn-remote-network vpn-remote-network no-proxy-arp route-lookup
  access-group PING in interface outside
  access-group PING in interface OUTSIDE_BACK
  route outside 0.0.0.0 0.0.0.0 81.XXX.XXX.XXX.XXX 1 track 1
  route OUTSIDE_BACK 0.0.0.0 0.0.0.0 41.XXXX
  timeout xlate 3:00:00
  timeout pat-xlate 0:00:30
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  no snmp-server location
  no snmp-server contact
  sysopt connection preserve-vpn-flows
  sla monitor 123
   type echo protocol ipIcmpEcho 41.xxx.xxx.xxx interface outside
   frequency 10
  sla monitor schedule 123 life forever start-time now
  crypto ipsec ikev1 transform-set ESP-3DES-ESP-MD5-HMAC esp-3des esp-md5-hmac
  crypto ipsec security-association pmtu-aging infinite
  crypto map TEST 1 match address ACL_VPN
  crypto map TEST 1 set peer 194.XXX.XXX.XXX
  crypto map TEST 1 set ikev1 transform-set ESP-3DES-ESP-MD5-HMAC
  crypto map TEST 1 set security-association lifetime seconds 86400
  crypto map TEST 1 set security-association lifetime kilobytes 2147483647
  crypto map TEST interface outside
  crypto ca trustpool policy
  no crypto isakmp nat-traversal
  crypto ikev1 enable outside
  crypto ikev1 policy 1
   authentication pre-share
   encryption 3des
   hash md5
   group 2
   lifetime 86400
  track 1 rtr 123 reachability
  telnet timeout 5
  ssh stricthostkeycheck
  ssh 10.143.255.0 255.255.255.0 IT
  ssh timeout 10
  ssh key-exchange group dh-group1-sha1
  console timeout 60
  management-access IT
  dhcpd lease 60000
  dhcpd ping_timeout 20
  dhcpd domain tls.ad
  dhcpd auto_config outside
  dhcpd address 10.143.4.10-10.143.4.200 XXX
  dhcpd dns 10.91.0.34 8.8.8.8 interface XXX
  dhcpd option 3 ip 10.143.4.1 interface XXX
  dhcpd enable XXX
  dhcpd address 10.143.12.10-10.143.12.200 XXX
  dhcpd option 3 ip 10.143.12.1 interface XXX
  dhcpd enable XXX
  dhcpd address 10.143.14.10-10.143.14.200 XXX
  dhcpd option 3 ip 10.143.14.1 interface XXX
  dhcpd enable XXX
  dhcpd address 10.143.32.10-10.143.32.100 MNGT
  dhcpd option 3 ip 10.143.32.1 interface MNGT
  dhcpd enable MNGT
  dhcpd address 10.143.33.10-10.143.33.100 XXX
  dhcpd option 3 ip 10.143.32.1 interface XXX
  dhcpd enable XXX
  dhcpd address 10.143.34.10-10.143.34.100 XXX
  dhcpd option 3 ip 10.143.32.1 interface XXX
  dhcpd enable XXX
  dhcpd address 10.143.36.10-10.143.36.100 XXX
  dhcpd option 3 ip 10.143.32.1 interface XXX
  dhcpd enable XXX
  dhcpd address 10.143.255.10-10.143.255.200 XXX
  dhcpd option 3 ip 10.143.255.1 interface XXX
  dhcpd enable IT
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  ntp authenticate
  ntp server 10.90.0.34
  ntp server 10.91.0.34
  ssl encryption rc4-sha1 aes128-sha1 aes256-sha1 3des-sha1
  group-policy DfltGrpPolicy attributes
   vpn-idle-timeout none
   vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless
  username tlsnimda password OW03yrp6/wvkyg6E encrypted
  tunnel-group 194.XXX.XXX.XXX type ipsec-l2l
  tunnel-group 194.XXX.XXX.XXX ipsec-attributes
   ikev1 pre-shared-key *****
  class-map icmp
   match default-inspection-traffic
  policy-map icmppolicy
   class icmp
    inspect icmp
  service-policy icmppolicy interface outside
  prompt hostname context
  no call-home reporting anonymous
  Cryptochecksum:e820e629c3cbaf67478c065440ac8138
  VPN is up but not passing any traffing
    Crypto map tag: TEST, seq num: 1, local addr: 81.xxx.xxx.xxx
        access-list ACL_VPN extended permit ip 10.143.0.0 255.255.0.0 10.112.0.0 255.255.0.0
        local ident (addr/mask/prot/port): (10.143.0.0/255.255.0.0/0/0)
        remote ident (addr/mask/prot/port): (10.112.0.0/255.255.0.0/0/0)
        current_peer: 194.xxx.xxx.xxx
        #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
        #pkts decaps: 10, #pkts decrypt: 0, #pkts verify: 0
        #pkts compressed: 0, #pkts decompressed: 0
        #pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0
        #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
        #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
        #TFC rcvd: 0, #TFC sent: 0
        #Valid ICMP Errors rcvd: 0, #Invalid ICMP Errors rcvd: 0
        #send errors: 0, #recv errors: 10
        local crypto endpt.: 81.xxx.xxx.xxx/0, remote crypto endpt.: 194.xxx.xxx.xx/0
        path mtu 1500, ipsec overhead 58(36), media mtu 1500
        PMTU time remaining (sec): 0, DF policy: copy-df
        ICMP error validation: disabled, TFC packets: disabled
        current outbound spi: CC4FACB7
        current inbound spi : D8C0AC76
      inbound esp sas:
        spi: 0xD8C0AC76 (3636505718)
           transform: esp-3des esp-md5-hmac no compression
           in use settings ={L2L, Tunnel, IKEv1, }
           slot: 0, conn_id: 9367552, crypto-map: TEST
           sa timing: remaining key lifetime (kB/sec): (1824522239/3507)
           IV size: 8 bytes
           replay detection support: Y
           Anti replay bitmap:
            0x00000000 0x00000001
      outbound esp sas:
        spi: 0xCC4FACB7 (3427773623)
           transform: esp-3des esp-md5-hmac no compression
           in use settings ={L2L, Tunnel, IKEv1, }
           slot: 0, conn_id: 9367552, crypto-map: TEST
           sa timing: remaining key lifetime (kB/sec): (1824522239/3507)
           IV size: 8 bytes
           replay detection support: Y
           Anti replay bitmap:
            0x00000000 0x00000001
  VPN is unstable 
  Connection terminated for peer 194.XXX.XXX.XX.  Reason: Peer Terminate  Remote Proxy 10.112.0.0, Local Proxy 10.143.0.0
  I cannot pass any traffic through the vpn when it's UP, or ping the other side.
  ASA VERSION 9.2

  I do not think that'll be any problem. Here at work we also use Cisco ADSL 800 Series with vpn between customers' sites without any issues. The ASA should vpn for sure.

• Trying to create guest network on wap321 and sg200-50p using VLAN

  I have a SG200-50P and a WAP321. I am trying to create a guest wireless network using a separate VLAN on the WAP321. I have the production traffic on VLAN 1 and the guest network is on VLAN 100.
  The WAP321 is plugged in to port 7 on the switch. It is configured as follows:
  Trunk Port, 1UP, 100T, Ingress filter enabled
  The DHCP server is on port 22 and is configured as follows:
  Trunk Port, 1UP, 100T, Ingress filter enabled
  The production wireless client is able to work fine on VLAN 1.
  When I try to connect a device using the Guest network, the DHCP request does not appear to ever make it to the DHCP server. If I separate the Production network off of VLAN 1 and change the Untagged VLAN ID to a different VLAN than 1 (Management VLAN ID), the same thing happens to the client when it tries to get an IP address from DHCP.
  What am I missing here?

  I have the VLANs configured on the WAP321. VLAN 1 is the Mgmt and general VLAN and the VLAN is configured for the Guest network. I did a Wireshark trace and for some reason the pakets for VLAN 100 (Guest network) on the WAP321 are not getting to the DHCP server. I see them on the WAP321 using the packet capture, but there is not any response to them. I do not see them coming in at the DHCP server.
  When I connect to the WAP321 using the production SSID I see the same ackets at the AP and also coming in to the DHCP server. That is why I am so confused. I can't figure out why they do not get to the server. I was wondering if I have something configured wrong on the SG200, but this is new territory for me and I do not know what I am missing. I have taken some screen shots of the SG and WAP config screens in case it might help.

• VPN for Mac. Want to create VPN between Mac and Windows XP

  Hey everyone, I'm looking to try and create a VPN for when I'm in college between my Desktop I'll have in my dorm (running Windows XP) and my Macbook Pro (running Mac 10.5). I have a printer and an external hard drive hooked up to my desktop, and I want to make it so that only I can access it through the VPN.
  Is this possible?

  Hi soccerdude21490-
  +Is this possible?+
  Theoretically yes. However, it would be up to the school to allow you access through their network.
  The first step would be to contact the school's IT department and ask them if they will allow such a connection, and if so, could they please provide you with the settings (ip address etc.).
  Luck-
  -DP

• Trying to bring up a VPN between a WRVS4400N and a BEFSX41

  Hi, we replaced an older LinkSys wired router (BEFVP41) by a WRVS4400N. The BEFSX41 used to connect a VPN tunnel with the older wired LinkSys router. We redefined the tunnel on the WRVS4400N but it does not come up. The handshake stops after exchanging the preshared key: Jul 19 13:59:36 - [VPN Log]: "khaled"[4] 70.53.245.45 #70: STATE_MAIN_R2: sent MR2, expecting MI3 Jul 19 13:59:37 - [VPN Log]: "khaled"[4] 70.53.245.45 #70: Main mode peer ID is ID_IPV4_ADDR: '70.53.245.45' Jul 19 13:59:37 - [VPN Log]: "khaled"[4] 70.53.245.45 #70: I did not send a certificate because I do not have one. Jul 19 13:59:37 - [VPN Log]: "khaled"[4] 70.53.245.45 #70: transition from state STATE_MAIN_R2 to state STATE_MAIN_R3 Jul 19 13:59:37 - [VPN Log]: "khaled"[4] 70.53.245.45 #70: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp768} Jul 19 13:59:37 - [VPN Log]: "khaled"[4] 70.53.245.45 #70: cannot respond to IPsec SA request because no connection is known for 10.30.1.0/24===69.159.114.86[S?C]...70.53.245.45[S?C]===10.30.10.0/24 Jul 19 13:59:37 - [VPN Log]: "khaled"[4] 70.53.245.45 #70: sending encrypted notification INVALID_ID_INFORMATION to 70.53.245.45:500 The preshared key is correct on both sides. In the advanced settings for this tunnel on the WRVS4400N we left the selection of local identity to local ip, ignoring the warning about using the name option. We are not using quickvpn. What puzzles us is this "cannot respond to IPsec..." message. The lan 10.30.1.0 is the subnet on the WRVS4400N side while the 10.30.10 lan is the subnet on the BEFSX41. They match the local and remote security groups so what is missing ? Switching back to older router (BEFVP41), the tunnel connects without any changes on the BEFSX41. We are changing the router because of stability problems, the BEFSX41 drops the connexion too frequently. Any compatibility issues ? Some setup we did not provide ? The documentation about the Advanced settings is minimal (nice word for none ) and the knowledge base search did not return anything meaningful. Any suggestions ?

  Hi Broccoli! Are you using FQDN or IP address? What firmware is loaded on your WRVS4400N? I had this problem before with WRVS4400N, I can’t establish VPN connection with other router when I’m using FQDN, according to Linksys tech support, if I’m using FQDN with WRVS4400N, then I also have to use the same model on the other side. I encountered this using 1.00.14 firmware. Have you tried the latest firmware (1.00.15)?