Unable to access a windows 7 Workstation via RDP
Hi,
I have a windows 7 Pro SP1 workstation that I’m unable to access from any other machine via RDP...
This is a domain environment.
The machine in question is 100% up to date. (WSUS)
It's running an up-to-date anti-virus solution and has been scanned. (Panda cloud) (No firewall)
This is on a local network, no router involved.
Can ping the machine, can see network shares.
Checked that it's listening on the correct port.
Necessary services are running and are starting correctly.
Configured RDP correctly and tried different configurations (with and without NLA and adding/removing users)
This machine seems to be able to RDP into other machines, it just wont accept any sessions.
Assigning the necessary exclusions in firewall - no effect
Firewall is disabled by GPO and I have stopped the service - no effect.
Deleted the computer certificate - no effect.
uninstalled the RDP 8 update - no effect
Tried using both the IP and hostname - no difference
I'm completely out of ideas, no other machine I tested with is having this issue and all the domain machines are running same AV and same GPO's are applied.
Re-installation is not an option.
Below is the error - very unhelpful.
Kind Regards,
Stephen
Hi Hinte,
Here are the results:
Here is the netstat result - can't see 3389 anywhere:
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 1060
RpcSs
[svchost.exe]
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 0.0.0.0:623 0.0.0.0:0 LISTENING 4124
[LMS.exe]
TCP 0.0.0.0:16992 0.0.0.0:0 LISTENING 4124
[LMS.exe]
TCP 0.0.0.0:18226 0.0.0.0:0 LISTENING 2476
[WAHost.exe]
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 532
[wininit.exe]
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 1140
eventlog
[svchost.exe]
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 1292
Schedule
[svchost.exe]
TCP 0.0.0.0:49185 0.0.0.0:0 LISTENING 624
[lsass.exe]
TCP 0.0.0.0:49187 0.0.0.0:0 LISTENING 600
[services.exe]
TCP 0.0.0.0:49192 0.0.0.0:0 LISTENING 3268
PolicyAgent
[svchost.exe]
TCP 127.0.0.1:5939 0.0.0.0:0 LISTENING 2360
[TeamViewer_Service.exe]
TCP 127.0.0.1:5939 127.0.0.1:49206 ESTABLISHED 2360
[TeamViewer_Service.exe]
TCP 127.0.0.1:5939 127.0.0.1:49234 ESTABLISHED 2360
[TeamViewer_Service.exe]
TCP 127.0.0.1:49204 127.0.0.1:49205 ESTABLISHED 3856
[TeamViewer_Desktop.exe]
TCP 127.0.0.1:49205 127.0.0.1:49204 ESTABLISHED 3856
[TeamViewer_Desktop.exe]
TCP 127.0.0.1:49206 127.0.0.1:5939 ESTABLISHED 3856
[TeamViewer_Desktop.exe]
TCP 127.0.0.1:49232 127.0.0.1:49233 ESTABLISHED 2660
[TeamViewer.exe]
TCP 127.0.0.1:49233 127.0.0.1:49232 ESTABLISHED 2660
[TeamViewer.exe]
TCP 127.0.0.1:49234 127.0.0.1:5939 ESTABLISHED 2660
[TeamViewer.exe]
TCP 127.0.0.1:49241 0.0.0.0:0 LISTENING 4552
[UNS.exe]
TCP 192.168.100.22:139 0.0.0.0:0 LISTENING 4
Can not obtain ownership information
TCP 192.168.100.22:49201 92.51.156.72:443 ESTABLISHED 2360
[TeamViewer_Service.exe]
TCP 192.168.100.22:49203 197.85.190.46:443 ESTABLISHED 2360
[TeamViewer_Service.exe]
TCP 192.168.100.22:49211 192.168.100.5:445 ESTABLISHED 4
Can not obtain ownership information
TCP 192.168.100.22:49231 192.168.100.5:49159 ESTABLISHED 1732
[spoolsv.exe]
TCP [::]:135 [::]:0 LISTENING
1060
RpcSs
[svchost.exe]
TCP [::]:445 [::]:0 LISTENING
4
Can not obtain ownership information
TCP [::]:623 [::]:0 LISTENING
4124
[LMS.exe]
TCP [::]:16992 [::]:0 LISTENING
4124
[LMS.exe]
TCP [::]:49152 [::]:0 LISTENING
532
[wininit.exe]
TCP [::]:49153 [::]:0 LISTENING
1140
eventlog
[svchost.exe]
TCP [::]:49154 [::]:0 LISTENING
1292
Schedule
[svchost.exe]
TCP [::]:49185 [::]:0 LISTENING
624
[lsass.exe]
TCP [::]:49187 [::]:0 LISTENING
600
[services.exe]
TCP [::]:49192 [::]:0 LISTENING
3268
PolicyAgent
[svchost.exe]
TCP [::1]:49179 [::]:0 LISTENING 2008
[jhi_service.exe]
TCP [::1]:49237 [::1]:49239 ESTABLISHED 4124
[LMS.exe]
TCP [::1]:49239 [::1]:49237 ESTABLISHED 4124
[LMS.exe]
UDP 0.0.0.0:123 *:*
1256
W32Time
[svchost.exe]
UDP 0.0.0.0:500 *:*
1292
IKEEXT
[svchost.exe]
UDP 0.0.0.0:4500 *:*
1292
IKEEXT
[svchost.exe]
UDP 0.0.0.0:5355 *:*
1540
Dnscache
[svchost.exe]
UDP 0.0.0.0:21226 *:*
2476
[WAHost.exe]
UDP 127.0.0.1:50083 *:*
1400
gpsvc
[svchost.exe]
UDP 127.0.0.1:55096 *:*
624
[lsass.exe]
UDP 127.0.0.1:60632 *:*
1540
NlaSvc
[svchost.exe]
UDP 127.0.0.1:64416 *:*
4416
[IntelSmallBusinessAdvantage.exe]
UDP 192.168.100.22:137 *:*
4
Can not obtain ownership information
UDP 192.168.100.22:138 *:*
4
Can not obtain ownership information
UDP [::]:123 *:*
1256
W32Time
[svchost.exe]
UDP [::]:500 *:*
1292
IKEEXT
[svchost.exe]
UDP [::]:4500 *:*
1292
IKEEXT
[svchost.exe]
UDP [::]:5355 *:*
1540
Dnscache
[svchost.exe]
UDP [fe80::3447:c85a:1d2d:4ff9%11]:546 *:*
1140
Dhcp
[svchost.exe]
Similar Messages
-
Accessing Pooled Virtual Desktops via RDP Client vs RDWeb
Hello,
We have a Windows 2012 R2 Pooled Virtual Desktop PoC set up and can be accessed via RDWeb. We need to be able to access the pooled desktops via the RDP client. How can you specify the name of your Pooled Desktop Collection in the RDP client
vs connecting directly to an individual desktop?Hi,
To connect to the virtual desktop collection:
1. Open Internet Explorer (or other browsers).
2. In the Internet Explorer address bar, type the address of your RD Web Access server and then press Enter. For example, https://rdwa1.contoso.com/RDWeb.
3. Click Continue to this website (not recommended).
4. In the Domain\user name box, type the user name.
6. In the Password box, type the password for the use, and then click Sign in.
7. Click the name of your Collection, and then click Connect.
Test Lab Guide: Managed Pooled Virtual Desktop Collections
http://technet.microsoft.com/en-us/library/hh831663.aspx
Test Lab Guide: Unmanaged Pooled Virtual Desktop Collections
http://technet.microsoft.com/en-us/library/hh831618.aspx
Thanks.
Jeremy Wu
TechNet Community Support -
Unable to access the windows side of my split hard drive...
I've split my hard drive so that I could run CAD(windows based). How do I access that hard drive? When I start my computer it automatically goes to the apple side of things and there is no option to access the windows side. Please help!!
Hi Aonelisa,
Welcome to the Support Communities!
The article below may be able to help you with this.
Click on the link to see more details and screenshots.
Mac Basics: Using Windows on your Mac via Boot Camp
http://support.apple.com/kb/ht1461
Boot Camp Assistant creates a partition just for Windows without erasing your existing OS X volume.
After installation, you can switch between Windows and OS X by holding the Option (Alt) key at start up. Or, use the Startup Disk control panel in Windows (installed with Boot Camp support software) or the OS X Startup Disk preference pane to set the default operating system to use each time the computer starts up.
OS X Mountain Lion: Change your startup disk
http://support.apple.com/kb/PH10603
Cheers,
- Judy -
How to access the client PCs via RDP FROM Windows Server 2003
Hopefully this is not an ignorant question, but every thread I've read focuses on client PCs not being able to access the terminal server. I have the opposite problem. I am working remotely and have full access to the servers (some of which are virtuals).
I need to be able to connect to the various workstations, but I cannot. Is this just a setting I have misconfigured? Is there any software I can deploy to these PCs that will allow me to log in and update their workstations?
Any help is sincerely appreciated.
- JeffHi Jeff,
Thank you for your posting in Windows Server Forum.
You can able to take RDP for client system from server. But keep in mind that; client system can only allow 1 RDP session at a time for administrator purpose. For that you need to have permission for taking rdp session.
Also you need to verify that “Remote Desktop Service” service is running and also need to verify the below thread as per snap.
In addition, if you want to manage all the server and client system, then you can use Remote Desktop Connection Manager to manage all the client and server remotely.
Hope it helps!
Thanks.
Dharmesh Solanki -
Console connection to Windows Console via RDP
RDP 5.2 has the option of connecting to the console of a Windows Terminal Server. Is this also possible from SGD?
There is no option for the console connection for /opt/tarantella/bin/bin/ttatsc
SGD version is 4.2
Thanks in adavance,
Remold KrolIn the article you posted (http://support.microsoft.com/kb/278845/ )
I can read:
MORE INFORMATION
In Windows Server 2003, when you use Terminal Services, you can connect to the console session (session 0), and at the same time, open a shadow session to it (as long as you connect from a session other than the console). With this added functionality, you can log on to a Windows Server 2003-based server that is running Terminal Services remotely and interact with session 0 as if you were sitting at the physical console of the computer. This session can also be shadowed so that the remote user and the local user at the physical console can see and interact with the same session.
if I connect via the command mstsc -v:servername /F -console as you describe, in task manager I see my connection with id 0... -
Unable to access gateway and DNS via VPN (L2TP) with Snow Leopard Server
Summary:
After rebooting my VPN server, i am able to establish a VPN (L2TP) connection from outside my private network. I am able to connect (ping, SSH, …) the gateway only until the first client disconnects. Then i can perfectly access all the other computers of the private network, but i cannot access the private IP address of the gateway.
Additionally, during my first VPN connection, my DNS server, which is on the same server, is not working properly with VPN. I can access it with the public IP address of my gateway. I can access it from inside my private network. A port scan indicates me that the port 53 is open, but a dig returns me a timeout.
Configuration:
Cluster of 19 Xserve3.1 - Snow Leopard Server 10.6.2
Private network 192.168.1.0/255.255.255.0 -> domain name: cluster
-> 1 controller, which act as a gateway for the cluster private network, with the following services activated:
DHCP, DNS, firewall (allowing all incoming traffic for each groups for test purposes), NAT, VPN, OpenDirectory, web, software update, AFP, NFS and Xgrid controller.
en0: fixed public IP address -> controller.example.com
en1: 192.168.1.254 -> controller.cluster
-> 18 agents with AFP and Xgrid agent activated:
en1: 192.168.1.x -> nodex.cluster with x between 1 and 18
VPN (L2TP) server distributes IP addresses between 192.168.1.201 and 192.168.1.210 (-> vpn1.cluster to vpn10.cluster). Client informations contain the private network DNS server informations (192.168.1.254, search domain: cluster).
_*Detailed problem description:*_
After rebooting the Xserve, my VPN server works fine except for the DNS. My client receives the correct informations:
Configure IPv4: Using PPP
IPv4 address: 192.168.1.201
Subnet Mask:
Router: 192.168.1.254
DNS: 192.168.1.254
Search domain: cluster
From my VPN client, i can ping all the Xserve of my cluster (192.168.1.1 to 18 and 192.168.1.254). If i have a look in Server Admin > Settings > Network, i have three interfaces listed: en0, en1 and ppp0 of family IPv4 with address 192.168.1.254 and DNS name controller.cluster.
The DNS server returns me timeouts when i try to do a dig from my VPN client even if i am able to access it directly from a computer inside or outside my private network.
After i disconnect, i can see in Server Admin that the IP address of my ppp0 interface has switch to my public IP address.
Then i can always establish a VPN (L2TP) connection, but the client receives the following informations:
Configure IPv4: Using PPP
IPv4 address: 192.168.1.202
Subnet Mask:
Router: (Public IP address of my VPN server)
DNS: 192.168.1.254
Search domain: cluster
From my VPN client, i can access all the other computers of my network (192.168.1.1 to 192.168.1.18) but when i ping my gateway (192.168.1.254), it returns me timeouts.
I have two "lazy" solutions to this problem: 1) Configure VPN and DNS servers on two differents Xserve, 2) Put the public IP address of my gateway as DNS server address, but none of these solutions are acceptable for me…
Any help is welcome!!!I would suggest taking a look at:
server admin:vpn:settings:client information:network route definitions.
as I understand your setup it should be something like
192.168.1.0 255.255.255.0 private.
at least as a start. I just got done troubleshooting a similar issue but via two subnets:
http://discussions.apple.com/thread.jspa?threadID=2292827&tstart=0 -
Unable to Access New Planning Application via Workspace
Hi all
i have installed a new Planning server into the existing platform (there is no hardware load balancing so is seen as a single instance of planning) however i am using the existing workspace and HSS.
I have successfully installed and configured the new Essbase and Planning Products and registered against shared services. The issue i have is that i cannot get the new Planning application to be viewable via workspace. I get Application is invalid.!!.
The original (Existing) Planning on server 1 is set to 'Active Instance' in the product registration and these apps can be viewed by workspace etc.
I have created Planning on Server 2 and have created a new instance, but not set the 'Active instance' in the product registration!!!, i have also registered this as the web host tier on the Server 2 not the Server1.
If i use the direct planning URL's for either Planning Server 1 or Planning Server 2 i see the planning applications that are on each server!!
Can anyone tell me what configuration i have missed out! If it helps the Planning Server 1 has its own Shared Services Project and Planning Server 2 has its own Shared Services project.
I have restarted services on Server2 BUT not Server 1 as i am not allowed an outage until the end of the month!!.Hi,
Did you create a new Planning app in your new environment? Can you access this new app as a test?
You will need to asociated your app with an active instance and datasource.
In the workspace, when you go to Navigate - Applications - Planning, do you see your Planning app or is it not there at all?
Did you check the logs for any errors? Are you sure the user you are logging on to the Workspace as has been provisioned for that planning app?
When you configured BI+ did you make sure you ticked Planning?
Seb
www.taysols.com.au -
Accessing RDS Host servers via RDP that are behind a connection broker
Hello! I've noticed this behavior where I can no longer RDP to the RDS Host I want after it's been added to the connection broker (by server name or IP). The connection broker load balances me to any available rds host rather than the one i
need to get to. Is there a trick to allow direct access to a host for administration?Hi,
Please use the /admin command line switch when you need to administer a specific RDSH that is part of a collection, like this:
mstsc /admin
Thanks.
-TP -
Accessing a Windows computer via ARD
Just downloaded the ARD app and have successfully connected to my wife's MacBook, but I'm having troubles connecting to a Windows XP computer using RealVNC. I'm not sure what user name and password ARD is looking for from the XP computer. When connecting to the XP computer via RealVNC viewer, I'm not asked for a username (It's greyed out) but only a password.
Any insights?
Thanks in advance.
LoboHi
From the mac can you telnet to the PC on port 5900? Instead of paying for the Enterprise Version of RealVNC to install on the mac you could have used the free RDC for Mac:
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=68346e0d-44d3-4065-9 9bb-b664b27ee1f0&displayLang=en
Tony -
Unable to access BIOS Windows XP Professional
Hello everyone,
I installed Windows XP Professional on my MacBook Pro. When I start up from the Windows Partition, it brings me to the startup page of windows xp (where I am supposed to start BIOS) and then to the setup (not the setup with the blue background, I have done that already). After about 1 minute of installing, it tells me "Fatal Error". The date and time are incorrect. I have to go into the BIOS and correct it. The problem is that I don't know how to get access to the BIOS!! Does anyone know how I can get to it?
Thanks,
iloveisrael.One of the few disappointments of my switch to Mac: no BIOS for some really wonderful OS cloning software I own. There is a fascinating tool-project going on for EFI though... http://refit.sourceforge.net/
Further: http://www.intel.com/technology/efi/
http://en.wikipedia.org/wiki/ExtensibleFirmwareInterface
http://www.uefi.org/specs/
(All way over my head, BTW)
Cheers - NAS -
Unable to access local resources or RDP over VPN Connection
Dear Tech People.
I have a Windows 7 computer that I have created a VPN service through Windows on. I am able to connect to the VPN from outside of my network with my Macbook Air. However, I am unable to connect to the computer via RDP, nor can I ping my PC that
I am VPN'd into (192.168.1.252). When I am connected, the IP address that I am assigned, is 192.168.1.150. When I run ipconfig /all, I can see the "RAS < Dial In> Interface for VPN, and it is setup with an ip address of 192.168.1.151
with a /32 subnet mask. There is no default gateway listed, which is why I believe that this is not working. I cannot determine any way to make this change.
Basically, I have a VPN connection that I can do nothing with. I cannot access shared resources, nor can I start a remote desktop session. The pass through is setup for PPTP with my router, which I believe is working, as I couldn't even connect
prior to this. Below is the full results of my ipconfig /all command on my Windows PC:
C:\Users\Zach>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : Serenity
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : att.net
PPP adapter RAS (Dial In) Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : RAS (Dial In) Interface
Physical Address. . . . . . . . . :
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.1.151(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : att.net
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : BC-5F-F4-85-5E-A8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2602:306:ce94:2570:3144:306c:cdae:d615(Pr
eferred)
Temporary IPv6 Address. . . . . . : 2602:306:ce94:2570:bd83:220:80a0:eb1e(Pre
ferred)
Link-local IPv6 Address . . . . . : fe80::3144:306c:cdae:d615%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.252(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Saturday, October 26, 2013 7:27:27 PM
Lease Expires . . . . . . . . . . : Thursday, October 31, 2013 7:28:28 AM
Default Gateway . . . . . . . . . : fe80::22e5:64ff:fe0c:5640%11
192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 247226356
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-2E-8E-B2-BC-5F-F4-85-5E-A8
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter VMware Network Adapter VMnet1:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
1
Physical Address. . . . . . . . . : 00-50-56-C0-00-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d906:32d3:7108:1227%15(Preferred)
Autoconfiguration IPv4 Address. . : 169.254.18.39(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 335564886
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-2E-8E-B2-BC-5F-F4-85-5E-A8
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter VMware Network Adapter VMnet8:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : VMware Virtual Ethernet Adapter for VMnet
8
Physical Address. . . . . . . . . : 00-50-56-C0-00-08
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::fc76:1de8:a7c3:27dd%16(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.135.1(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 352342102
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-2E-8E-B2-BC-5F-F4-85-5E-A8
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{6E06F030-7526-11D2-BAF4-00600815A4BD}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.att.net:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : att.net
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{20B8F51C-F852-41EF-9F9B-1D0107550D1E}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.{8CCEC9EC-0685-4C6A-A87A-CED27B6C93E5}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Any thoughts or help would be greatly appreciated.Hi,
I'm so glad you have solved the issue in this way.
And thanks for your sharing, your solution shared here will provie other people in this forum with a great help!
Regards,
Ada Liu
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Unable to access files on a Windows Server
I just setup multiple iMacs (Mid 2012 model, OS X 10.8.5). When these iMacs access a Windows server (via smb) the first few folders/directories take 5-10 seconds to load depending on bandwidth. By the time I get 3-4 folders in, neither myself nor the other users of these computers are able to view files.
I have no problems viewing any of the files on a Windows PC. I get instant response times.
I also have users saying certain folders are randomly disapearing. I know they aren't being deleted, and I can see the folders on a Windows computer just fine.
Can anyone offer any assistance? Thank you in advance.Performance Tuning the Network Stack
SMB server browsing woefully slow
mac os x slow copy file from Samba Server
Fix slow network file transfers across Mac OSX Lion -
Trouble accessing a remote machine via ARD over a VPN
Hi There,
I'm having trouble accessing a remote Workstation via ARD over a VPN.
The VPN is set up and I can:
- Control our 10.6 server via ARD remotely
- Mount volums from the 10.6 server remotely
- Access another server (we run an accounting server) remotely
But we can't access a Workstation using ARD.
I can connect to the Workstation when in the office so assume it's configured for access - I guess I suspect the issue lies with the Firewall on the 10.6 server and/or the Netgear FSV366G Firewall.
The VPN is setup on the 10.6 server so figure it's something to do with Snow Leopard server?
I'm just not sure how to narrow things down and fix the issue - although I setup the server I'm not super Unix savvy.
Any help or pointers in the right direction would be much appreciated.
Cheers
BenI can't say for certain what is going wrong in your case but I can confirm it is possible to do an ARD connection i.e. Screen Sharing to a remote user connected via a VPN. The way we do this is to get the user to connect to the VPN server (a Mac OS X Server), then on the Mac OS X Server in Server Admin see what IP address they have been allocated by the VPN server, then tell ARD Admin to connect to that IP address.
This works fine for me.
The IP address will be a 'local' to the ARD and VPN machines IP address it would not be the remote public or private IP addresses. -
Unable to access secondary subnet via VPN
I am having a problem with clients accessing a secondary subnet via VPN.
Clients on VPN are given the address on the 192.168.15.0 subnet. Once connected they can access 192.168.16.0 (Production subnet) fine, but are unable to access the 192.168.8.0 secondary subnet. If you are on the 192.168.16.0 subnet in the office you can access 192.168.8.0 subnet fine. The traffic is coming in via an ASA 5510 then traverses a Juniper firewall and a MPLS router to the secondary subnet. I'm not sure if it's a nat issue or not. Any help would be helpful.
Below is the config of the ASA. Thank you in advance
ASA Version 8.2(5)
hostname charlotte
domain-name tg.local
enable password v4DuEgO1ZTlkUiaA encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 192.168.254.0 Peak10 description Peak10
name 192.168.116.0 Charlotte_Phones description Charlotte_Phones
name 192.168.15.0 Charlotte_SSL_VPN_Clients description Charlotte_SSL_VPN_Client s
name 192.168.17.0 Charlotte_Wireless_Data description Charlotte_Wireless_Data
name 192.168.117.0 Charlotte_Wireless_Phones description Charlotte_Wireless_Phon es
name 192.168.5.0 Huntersville description Huntersville
name 192.168.16.1 SRX_Gateway description Juniper_SRX
name 192.168.108.0 Canton_Data description Canton_Data
name 192.168.8.0 Canton_Phones description Canton_Phones
name 192.168.9.0 Canton_Wireless_Data description Canton_Wireless_Data
name 192.168.109.0 Canton_Wireless_Phones description Canton_Wireless_Phones
name 192.168.16.4 TEST_IP description TEST_IP
name 192.168.16.2 CantonGW description Canton GW 192.168.16.2
name 192.168.5.1 HuntersvilleGW
name 10.176.0.0 RS_Cloud description 10.176.0.0/12
name 172.16.8.0 RS_172.16.8.0
name 172.16.48.0 RS_172.16.48.0
name 172.16.52.0 RS_172.16.52.0
name 10.208.0.0 RS_Cloud_New
name 10.178.0.0 RS_10.178.0.0 description Rackspace DEV servers
name 10.178.0.6 RS_10.178.0.6
name 172.16.20.0 RS_172.16.20.0
interface Ethernet0/0
nameif Outside
security-level 0
ip address 70.63.165.219 255.255.255.248
interface Ethernet0/1
nameif Inside
security-level 100
ip address 192.168.16.202 255.255.255.0
interface Ethernet0/2
shutdown
no nameif
no security-level
no ip address
interface Ethernet0/3
shutdown
no nameif
no security-level
no ip address
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
banner login ASA Login - Unauthorized access is prohibited
banner login ASA Login - Unauthorized access is prohibited
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup Outside
dns domain-lookup Inside
dns domain-lookup management
dns server-group DefaultDNS
name-server 192.168.16.122
name-server 8.8.8.8
domain-name tg.local
dns server-group defaultdns
name-server 192.168.16.122
domain-name tg.local
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network DM_INLINE_NETWORK_2
network-object Charlotte_SSL_VPN_Clients 255.255.255.0
network-object 192.168.16.0 255.255.255.0
network-object Canton_Phones 255.255.255.0
object-group network DM_INLINE_NETWORK_3
network-object Charlotte_SSL_VPN_Clients 255.255.255.0
network-object Huntersville 255.255.255.0
object-group network DM_INLINE_NETWORK_4
network-object Charlotte_SSL_VPN_Clients 255.255.255.0
network-object Huntersville 255.255.255.0
object-group network DM_INLINE_NETWORK_10
network-object RS_Cloud 255.240.0.0
network-object 172.16.0.0 255.255.252.0
network-object RS_172.16.8.0 255.255.252.0
network-object RS_172.16.48.0 255.255.252.0
network-object RS_172.16.52.0 255.255.252.0
network-object RS_Cloud_New 255.240.0.0
network-object RS_10.178.0.0 255.255.0.0
network-object RS_172.16.20.0 255.255.252.0
network-object 172.16.0.0 255.255.0.0
network-object Canton_Phones 255.255.255.0
object-group network DM_INLINE_NETWORK_7
network-object RS_Cloud 255.240.0.0
network-object 172.16.0.0 255.255.252.0
network-object RS_172.16.8.0 255.255.252.0
network-object RS_172.16.48.0 255.255.240.0
network-object RS_172.16.52.0 255.255.252.0
network-object RS_Cloud_New 255.240.0.0
network-object RS_10.178.0.0 255.255.0.0
network-object RS_172.16.20.0 255.255.252.0
network-object 172.16.0.0 255.255.0.0
object-group network DM_INLINE_NETWORK_8
network-object Charlotte_SSL_VPN_Clients 255.255.255.0
network-object 192.168.16.0 255.255.255.0
network-object Charlotte_Wireless_Data 255.255.255.0
network-object Canton_Data 255.255.255.0
network-object Canton_Phones 255.255.255.0
object-group network DM_INLINE_NETWORK_9
network-object Charlotte_SSL_VPN_Clients 255.255.255.0
network-object 192.168.16.0 255.255.255.0
network-object Charlotte_Wireless_Data 255.255.255.0
network-object Canton_Data 255.255.255.0
network-object Canton_Phones 255.255.255.0
object-group network DM_INLINE_NETWORK_11
network-object Charlotte_SSL_VPN_Clients 255.255.255.0
network-object 192.168.16.0 255.255.255.0
network-object Charlotte_Wireless_Data 255.255.255.0
object-group network DM_INLINE_NETWORK_12
network-object RS_Cloud 255.240.0.0
network-object 172.16.0.0 255.255.252.0
network-object RS_172.16.8.0 255.255.252.0
network-object RS_172.16.20.0 255.255.252.0
network-object 172.16.0.0 255.255.0.0
object-group network DM_INLINE_NETWORK_13
network-object Charlotte_SSL_VPN_Clients 255.255.255.0
network-object 192.168.16.0 255.255.255.0
network-object Charlotte_Wireless_Data 255.255.255.0
network-object Canton_Phones 255.255.255.0
network-object Canton_Data 255.255.255.0
network-object Canton_Wireless_Data 255.255.255.0
object-group network DM_INLINE_NETWORK_14
network-object RS_Cloud 255.240.0.0
network-object RS_172.16.48.0 255.255.252.0
network-object RS_172.16.52.0 255.255.252.0
network-object RS_Cloud_New 255.240.0.0
network-object RS_10.178.0.0 255.255.0.0
network-object RS_172.16.20.0 255.255.252.0
network-object 172.16.0.0 255.255.0.0
network-object 172.16.0.0 255.255.252.0
object-group network DM_INLINE_NETWORK_5
network-object Charlotte_SSL_VPN_Clients 255.255.255.0
network-object 192.168.16.0 255.255.255.0
network-object Charlotte_Wireless_Data 255.255.255.0
network-object Canton_Phones 255.255.255.0
network-object Canton_Data 255.255.255.0
network-object Canton_Wireless_Data 255.255.255.0
object-group network DM_INLINE_NETWORK_6
network-object RS_Cloud 255.240.0.0
network-object RS_Cloud_New 255.240.0.0
network-object 172.16.0.0 255.255.252.0
network-object RS_172.16.8.0 255.255.252.0
network-object RS_172.16.20.0 255.255.252.0
network-object 172.16.0.0 255.255.0.0
network-object Canton_Phones 255.255.255.0
object-group network tgnc074.tg.local
object-group icmp-type DM_INLINE_ICMP_1
icmp-object echo
icmp-object echo-reply
icmp-object traceroute
icmp-object unreachable
object-group service DM_INLINE_SERVICE_1
service-object ip
service-object tcp eq https
object-group icmp-type DM_INLINE_ICMP_2
icmp-object echo
icmp-object echo-reply
icmp-object traceroute
icmp-object unreachable
object-group service DM_INLINE_SERVICE_2
service-object ip
service-object icmp echo
service-object icmp echo-reply
service-object icmp traceroute
service-object icmp unreachable
object-group service DM_INLINE_SERVICE_3
service-object ip
service-object icmp echo
service-object icmp echo-reply
object-group network DM_INLINE_NETWORK_1
network-object Charlotte_SSL_VPN_Clients 255.255.255.0
object-group service DM_INLINE_SERVICE_4
service-object ip
service-object icmp echo
service-object icmp echo-reply
service-object icmp traceroute
service-object icmp unreachable
object-group service DM_INLINE_SERVICE_5
service-object ip
service-object icmp echo
service-object icmp echo-reply
service-object icmp traceroute
service-object icmp unreachable
object-group network DM_INLINE_NETWORK_15
network-object Canton_Data 255.255.255.0
network-object host CantonGW
object-group service DM_INLINE_SERVICE_6
service-object ip
service-object icmp echo
service-object icmp echo-reply
service-object icmp traceroute
service-object icmp unreachable
object-group service DM_INLINE_SERVICE_7
service-object ip
service-object icmp echo
service-object icmp echo-reply
service-object icmp traceroute
service-object icmp unreachable
access-list Inside_access_in extended permit object-group DM_INLINE_SERVICE_2 Ch arlotte_SSL_VPN_Clients 255.255.255.0 any
access-list Inside_access_in extended permit object-group DM_INLINE_SERVICE_5 ho st SRX_Gateway Charlotte_SSL_VPN_Clients 255.255.255.0
access-list Inside_access_in extended permit object-group DM_INLINE_SERVICE_7 Ch arlotte_SSL_VPN_Clients 255.255.255.0 host SRX_Gateway
access-list Inside_access_in extended permit icmp any any object-group DM_INLINE _ICMP_1
access-list Inside_access_in remark Permit all in Char_ORD_VPN
access-list Inside_access_in extended permit ip object-group DM_INLINE_NETWORK_7 object-group DM_INLINE_NETWORK_8
access-list Inside_access_in remark Permit all out Char_ORD_VPN
access-list Inside_access_in extended permit object-group DM_INLINE_SERVICE_1 ob ject-group DM_INLINE_NETWORK_9 object-group DM_INLINE_NETWORK_10
access-list Inside_access_in extended permit ip Charlotte_SSL_VPN_Clients 255.25 5.255.0 any
access-list Inside_access_in remark Permit all in Char_ORD_VPN
access-list Inside_access_in remark Permit all out Char_ORD_VPN
access-list Inside_access_in extended permit ip object-group DM_INLINE_NETWORK_9 object-group DM_INLINE_NETWORK_10 log disable
access-list Tunneled_Network_List standard permit 192.168.16.0 255.255.255.0
access-list Tunneled_Network_List standard permit Charlotte_Phones 255.255.255.0
access-list Tunneled_Network_List standard permit Charlotte_Wireless_Data 255.25 5.255.0
access-list Tunneled_Network_List standard permit Charlotte_Wireless_Phones 255. 255.255.0
access-list Tunneled_Network_List standard permit Peak10 255.255.255.0
access-list Tunneled_Network_List standard permit Canton_Data 255.255.255.0
access-list Tunneled_Network_List standard permit Canton_Phones 255.255.255.0
access-list Tunneled_Network_List standard permit Canton_Wireless_Data 255.255.2 55.0
access-list Tunneled_Network_List standard permit Canton_Wireless_Phones 255.255 .255.0
access-list Tunneled_Network_List standard permit Huntersville 255.255.255.0
access-list Tunneled_Network_List standard permit 172.16.0.0 255.255.252.0
access-list Tunneled_Network_List standard permit RS_172.16.8.0 255.255.252.0
access-list Tunneled_Network_List standard permit RS_Cloud 255.240.0.0
access-list Tunneled_Network_List standard permit RS_Cloud_New 255.240.0.0
access-list Tunneled_Network_List standard permit RS_172.16.20.0 255.255.252.0
access-list Tunneled_Network_List standard permit Charlotte_SSL_VPN_Clients 255. 255.255.0
access-list Tunneled_Network_List standard permit 172.16.0.0 255.255.0.0
access-list Inside_nat0_outbound extended permit ip Charlotte_SSL_VPN_Clients 25 5.255.255.0 object-group DM_INLINE_NETWORK_2
access-list Inside_nat0_outbound extended permit ip object-group DM_INLINE_NETWO RK_11 object-group DM_INLINE_NETWORK_12
access-list Inside_nat0_outbound extended permit ip object-group DM_INLINE_NETWO RK_5 object-group DM_INLINE_NETWORK_6
access-list Inside_nat0_outbound extended permit ip object-group DM_INLINE_NETWO RK_1 object-group DM_INLINE_NETWORK_2
access-list Limited_Access extended permit ip Charlotte_SSL_VPN_Clients 255.255. 255.0 host TEST_IP
access-list Limited__VPN_Acccess_List standard permit host 192.168.16.123
access-list Limited__VPN_Acccess_List standard permit Huntersville 255.255.255.0
access-list Limited__VPN_Acccess_List standard permit host 192.168.16.124
access-list Limited__VPN_Acccess_List standard permit 192.168.16.0 255.255.255.0
access-list Limited__VPN_Acccess_List standard permit host 172.16.8.52
access-list Limited__VPN_Acccess_List standard permit Canton_Phones 255.255.255. 0
access-list Limited__VPN_Acccess_List remark ORD-VM-DEV1
access-list Limited__VPN_Acccess_List standard permit host RS_10.178.0.6
access-list Limited__VPN_Acccess_List remark ORD-VM-DEV2
access-list Limited__VPN_Acccess_List standard permit host 10.178.192.103
access-list Limited__VPN_Acccess_List standard permit host 192.168.8.10
access-list Limited__VPN_Acccess_List standard permit RS_172.16.8.0 255.255.252. 0
access-list Limited__VPN_Acccess_List standard permit 172.16.0.0 255.255.0.0
access-list Limited__VPN_Acccess_List standard permit host 10.178.133.26
access-list Limited__VPN_Acccess_List standard permit RS_Cloud_New 255.240.0.0
access-list Limited__VPN_Acccess_List standard permit host CantonGW
access-list Limited__VPN_Acccess_List standard permit host SRX_Gateway
access-list Limited__VPN_Acccess_List standard permit host 192.168.8.1
access-list Limited__VPN_Acccess_List standard permit RS_Cloud 255.240.0.0
access-list Limited__VPN_Acccess_List standard permit any
access-list Limited__VPN_Acccess_List remark TGTFS
access-list Limited__VPN_Acccess_List remark TGDEV
access-list Limited__VPN_Acccess_List remark TGTFS
access-list Limited__VPN_Acccess_List remark TGDEV
access-list Outside_cryptomap extended permit ip 192.168.16.0 255.255.255.0 Huntersville 255.255.255.0
access-list Outside_cryptomap extended permit ip Huntersville 255.255.255.0 Charlotte_SSL_VPN_Clients 255.255.255.0
access-list Huntersville_nat_outbound extended permit ip Charlotte_SSL_VPN_Clients 255.255.255.0 Huntersville 255.255.255.0
access-list Huntersville_nat_outbound extended permit ip Huntersville 255.255.255.0 Charlotte_SSL_VPN_Clients 255.255.255.0
access-list Huntersville_nat_outbound extended permit ip Canton_Phones 255.255.255.0 Charlotte_SSL_VPN_Clients 255.255.255.0
access-list Huntersville_nat_outbound extended permit ip Charlotte_SSL_VPN_Clients 255.255.255.0 Canton_Phones 255.255.255.0
access-list Outside_2_cryptomap extended permit ip object-group DM_INLINE_NETWORK_5 object-group DM_INLINE_NETWORK_6
access-list Outside_cryptomap_1 extended permit ip object-group DM_INLINE_NETWORK_13 object-group DM_INLINE_NETWORK_14
access-list Outside_access_in extended permit icmp any any object-group DM_INLINE_ICMP_2 log disable
access-list Outside_access_in extended permit object-group DM_INLINE_SERVICE_3 any Charlotte_SSL_VPN_Clients 255.255.255.0
access-list Outside_access_in extended permit ip Huntersville 255.255.255.0 any log disable
access-list Outside_access_in extended permit ip Charlotte_SSL_VPN_Clients 255.255.255.0 any log disable
access-list Outside_access_in extended permit object-group DM_INLINE_SERVICE_4 host SRX_Gateway Charlotte_SSL_VPN_Clients 255.255.255.0 inactive
access-list Outside_cryptomap_2 extended permit ip object-group DM_INLINE_NETWORK_5 object-group DM_INLINE_NETWORK_6
access-list Outside_cryptomap_2 extended permit ip 192.168.16.0 255.255.255.0 RS_172.16.20.0 255.255.252.0
access-list Canton_nat_outbound extended permit object-group DM_INLINE_SERVICE_6 Charlotte_SSL_VPN_Clients 255.255.255.0 object-group DM_INLINE_NETWORK_15
access-list splitacl standard permit 192.168.16.0 255.255.255.0
pager lines 24
logging enable
logging console emergencies
logging monitor informational
logging asdm informational
mtu Outside 1500
mtu Inside 1500
mtu management 1500
ip local pool SSL_VPN_Pool 192.168.15.10-192.168.15.254 mask 255.255.255.0
ip local pool New_VPN_Pool 192.168.16.50-192.168.16.200 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
icmp permit any Inside
no asdm history enable
arp timeout 14400
nat (Outside) 0 access-list Huntersville_nat_outbound
nat (Inside) 0 access-list Inside_nat0_outbound
access-group Outside_access_in in interface Outside
access-group Inside_access_in in interface Inside
route Outside 0.0.0.0 0.0.0.0 70.63.165.217 1
route Inside Canton_Phones 255.255.255.0 CantonGW 1
route Inside Canton_Wireless_Data 255.255.255.0 CantonGW 1
route Inside Charlotte_SSL_VPN_Clients 255.255.255.0 SRX_Gateway 1
route Inside Charlotte_Wireless_Data 255.255.255.0 SRX_Gateway 1
route Inside Canton_Data 255.255.255.0 CantonGW 1
route Inside Canton_Wireless_Phones 255.255.255.0 CantonGW 1
route Inside Charlotte_Phones 255.255.255.0 SRX_Gateway 1
route Inside 192.168.116.219 255.255.255.255 CantonGW 1
route Inside Charlotte_Wireless_Phones 255.255.255.0 SRX_Gateway 1
route Inside Peak10 255.255.255.0 SRX_Gateway 1
timeout xlate 3:00:00
timeout conn 8:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
dynamic-access-policy-record TGAD_AccessPolicy
aaa-server TGAD protocol ldap
aaa-server TGAD (Inside) host 192.168.16.122
ldap-base-dn DC=tg,DC=local
ldap-scope subtree
ldap-naming-attribute sAMAccountName
ldap-login-password *****
ldap-login-dn CN=vpn user,CN=Users,DC=tg,DC=local
server-type microsoft
aaa authentication ssh console LOCAL
aaa authentication enable console LOCAL
aaa authentication http console LOCAL
aaa authentication serial console LOCAL
aaa authentication telnet console LOCAL
aaa local authentication attempts max-fail 10
http server enable
http 192.168.1.0 255.255.255.0 management
http 192.168.16.0 255.255.255.0 Inside
http Charlotte_SSL_VPN_Clients 255.255.255.0 Inside
no snmp-server location
no snmp-server contact
snmp-server community *****
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map Outside_map0 1 match address Outside_cryptomap
crypto map Outside_map0 1 set pfs
crypto map Outside_map0 1 set peer 74.218.175.168
crypto map Outside_map0 1 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map Outside_map0 2 match address Outside_cryptomap_2
crypto map Outside_map0 2 set peer 192.237.229.119
crypto map Outside_map0 2 set transform-set ESP-3DES-MD5
crypto map Outside_map0 3 match address Outside_cryptomap_1
crypto map Outside_map0 3 set peer 174.143.192.65
crypto map Outside_map0 3 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map Outside_map0 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map Outside_map0 interface Outside
crypto map Inside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map Inside_map interface Inside
crypto ca trustpoint ASDM_TrustPoint0
enrollment self
subject-name CN=charlotte
crl configure
crypto ca trustpoint ASDM_TrustPoint1
enrollment self
subject-name CN=charlotte
proxy-ldc-issuer
crl configure
crypto ca certificate chain ASDM_TrustPoint1
certificate 48676150
3082024c 308201b5 a0030201 02020448 67615030 0d06092a 864886f7 0d010105
05003038 31123010 06035504 03130963 6861726c 6f747465 31223020 06092a86
4886f70d 01090216 13636861 726c6f74 74652e74 68696e6b 67617465 301e170d
31323039 32353038 31373333 5a170d32 32303932 33303831 3733335a 30383112
30100603 55040313 09636861 726c6f74 74653122 30200609 2a864886 f70d0109
02161363 6861726c 6f747465 2e746869 6e6b6761 74653081 9f300d06 092a8648
86f70d01 01010500 03818d00 30818902 8181008e d3e1ac63 a8a39dab 02170491
2bf104d2 732c7fd7 7065758b 03bb9772 c8ab9faf 0e5e9e93 bfb57eea a849c875
7899d261 8d426c37 9749d3d7 c86ca8e0 1d978069 3d43e7c5 569bb738 37e9bb31
0ebd5065 01eb7a05 87933d2d 786a722e 8eee16e7 3207510b f5e7e704 cbddbda2
a6b9ae45 efaba898 b8c921b6 2b05c0fb 1b0a9b02 03010001 a3633061 300f0603
551d1301 01ff0405 30030101 ff300e06 03551d0f 0101ff04 04030201 86301f06
03551d23 04183016 8014fb93 35da7dd5 15d8e2ad 8e05ccf7 b5c333cc 95ac301d
0603551d 0e041604 14fb9335 da7dd515 d8e2ad8e 05ccf7b5 c333cc95 ac300d06
092a8648 86f70d01 01050500 03818100 6851ae52 5383c6f6 9e3ea714 85b2c5a0
fd720959 a0b91899 806bad7a 08e2208e de22cad0 6692b09a 7152b21e 3bbfce68
cc9f1391 8c460a04 a15e1a9e b18f829d 6d42d9bd ed5346bd 73a402f7 21e0c746
02757fb6 b60405a9 ac3b9070 8c0f2fba d12f157b 85dd0a8b 2e9cf830 90a19412
c7af1667 37b5ed8e c023ea4d 0c434609
quit
crypto isakmp enable Outside
crypto isakmp enable Inside
crypto isakmp policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto isakmp policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto isakmp policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto isakmp policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto isakmp policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto isakmp policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto isakmp policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto isakmp policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto isakmp policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto isakmp policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto isakmp policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto isakmp policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
crypto isakmp policy 170
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
no vpn-addr-assign aaa
no vpn-addr-assign dhcp
vpn-addr-assign local reuse-delay 5
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 Outside
ssh 172.221.228.164 255.255.255.255 Outside
ssh Charlotte_SSL_VPN_Clients 255.255.255.0 Inside
ssh 192.168.16.0 255.255.255.0 Inside
ssh timeout 5
console timeout 0
management-access Inside
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection basic-threat
threat-detection statistics access-list
threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 average-rate 200
ssl trust-point ASDM_TrustPoint1 Outside
webvpn
enable Outside
enable Inside
anyconnect-essentials
svc image disk0:/anyconnect-win-2.5.2014-k9.pkg 1 regex "Windows NT"
svc enable
group-policy DfltGrpPolicy attributes
dns-server value 192.168.16.122 8.8.8.8
vpn-idle-timeout none
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
split-tunnel-policy tunnelspecified
split-tunnel-network-list value Limited__VPN_Acccess_List
default-domain value tg.local
split-dns value tg.local
group-policy LimitedAccessGroupPolicy internal
group-policy LimitedAccessGroupPolicy attributes
wins-server none
dns-server value 192.168.16.122 8.8.8.8
vpn-tunnel-protocol svc
split-tunnel-policy tunnelspecified
split-tunnel-network-list value Limited__VPN_Acccess_List
default-domain value thinkgate.local
split-tunnel-all-dns disable
group-policy GroupPolicy2 internal
group-policy GroupPolicy2 attributes
vpn-tunnel-protocol IPSec
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
wins-server none
dns-server value 192.168.16.122 8.8.8.8
vpn-tunnel-protocol svc
default-domain value tg.local
group-policy Site-to-Site_Policy internal
group-policy Site-to-Site_Policy attributes
vpn-tunnel-protocol IPSec l2tp-ipsec
tunnel-group DefaultRAGroup general-attributes
default-group-policy LimitedAccessGroupPolicy
tunnel-group DefaultWEBVPNGroup general-attributes
address-pool SSL_VPN_Pool
tunnel-group LimitedAccessTunnelGroup type remote-access
tunnel-group LimitedAccessTunnelGroup general-attributes
address-pool SSL_VPN_Pool
default-group-policy LimitedAccessGroupPolicy
tunnel-group 208.104.76.178 type ipsec-l2l
tunnel-group 208.104.76.178 ipsec-attributes
pre-shared-key *****
tunnel-group 74.218.175.168 type ipsec-l2l
tunnel-group 74.218.175.168 ipsec-attributes
pre-shared-key *****
tunnel-group TGAD_ConnectionProfile type remote-access
tunnel-group TGAD_ConnectionProfile general-attributes
authentication-server-group TGAD
default-group-policy GroupPolicy1
tunnel-group 174.143.192.65 type ipsec-l2l
tunnel-group 174.143.192.65 general-attributes
default-group-policy GroupPolicy2
tunnel-group 174.143.192.65 ipsec-attributes
pre-shared-key *****
tunnel-group 192.237.229.119 type ipsec-l2l
tunnel-group 192.237.229.119 ipsec-attributes
pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:ef741b4905b43dc36d0f621e06508840
: end
charlotte#What does the packet-tracer say, what does the IPsec associations say (packets encrypted/decrypted)?
This might be faster that going through your hundreds of lines of config. -
Using CUPC7/CUPC8.6 and Jabber for windows...unable to access voicemail.
Setup includes CUCM9.0, Unity Connection 9.0, Presence 9.0....
steps taken to configure(and results acheived)
1-users created locally on CUCM and Enabled for IM and Presence.
2-able to login to clients (CUPS7/8.6 and Jabber) but getting error Voicemail Error. The server has rejected the provided credentials. [1903]
in order to verify there is nothing wrong with the credentials...i checked on unity and i am sure it's the PIN(12345) i need to use .
Can Anyone help me out here...Thanks in advance.It's not looking for your PIN - that is only used over DTMF-based interactions - it's looking for your CUC password. If the mailbox is synced from LDAP and you have LDAP Auth enabled on CUC, then this would be your AD password. If it's synced over AXL, not synced at all, or LDAP synced but without Auth, then there will be an alphanumeric password field on the mailbox under Edit > Change Passwords.
Please remember to rate helpful responses and identify helpful or correct answers.
Maybe you are looking for
-
Window 8.1 system unable to access network shares via VPN connection
Is there something inherent to Windows 8.1 that prevents it from accessing shares on a domain? I know that it cannot join a domain, but does that also mean that it cannot access shares which are on a domain? My problem is that I have several user tha
-
Trying to open PowerView on SharePoint 2013 throws an error
Hello, I am having some serious issues with a vanilla install of SharePoint 2013 in a dev environment. SQL and SharePoint are in different servers. I installed PowerPivot in the SQL Server, then I proceeded to run the PowerPivot configurator in the S
-
IMessage slider always goes to off
I have iPhone 4, iOs 5.1.1 and when I try to switch on iMessgae, it goes back to OFF immediately. I have all restrictions disabled. And I also have another iPhone 4, iOs 5.1.1 which has iMessage enabled with same id. Thanks
-
When I open iCal, it opens as in I can see the options on the top bar (the same bar that has the date, laptop power, wireless signal etc) but the actual calendar doesn't open. I have tried changing views and stuff but just can't get to see my actual
-
Output type not defaulting on PO?
Hi, I am trying to get the NEU Output type (we use this output type used to send the PO to the vendor through email) to default onto the PO. I have maintained all relevent customization, and master data: 1. Output Type NEU defined with external s