Unable to access wirless network
my parents had a linksys wireless router (model befw11s4)installed into their house a few years ago....needles to say, no one has attempted to connect using the wirless router until i got here. when i did try connecting to the SECURITY-ENABLED WIRLESS NETWORK i did not get a password prompt....instead it ran as if i did and still did not connect me, saying i needed a network key.
You may open the web setup utility page of the router by typing its IP address on your browser's address bar. By default, it is 192.168.1.1. When you're asked for username, you may leave it blank. For password, its "admin". Go to Wireless>then the wireless security subtab(Or if you see a WEP KEY SETTINGS button on it you can see it there). Key1 is your network key there. If you typed that in your network key box, you should be able to go online afterwards. Reset your router on the back if it does not work so you won't be prompted any keys. That'll set your router to default which has no security if you want to...
"The war between heaven and hell depends on the choices we make, and those choices require sacrifice. That's the test"
Similar Messages
-
Ok, I've had this problem for quite a while now
There's this 1 site that I cannot access on my computer it says "Unable to access the network Google Chrome is having trouble accessing the network." However I can access the site on my laptop, I don't see how I can fix the problem!?Bradley750 wrote:
Ok, I've had this problem for quite a while now
There's this 1 site that I cannot access on my computer it says "Unable to access the network Google Chrome is having trouble accessing the network." However I can access the site on my laptop, I don't see how I can fix the problem!?
Hi. Welcome to the forums.
Can you give a little more information, mainly the site you're havging problems with.
Have you tried a different browser ? What OS ?
There are a wide variety of reasons, security products interferring, hosts file problems, browser issues etc.
http://www.andyweb.co.uk/shortcuts
http://www.andyweb.co.uk/pictures -
Unable to access Verizon network!
Unable to access Verizon network! Got pop up window that "you've reached your mobile data usage limit. Mobile data turned off. " I have option to click re-enable button but doing so may result in additional charges. I've check settings, my mobile data box is checked. When I try to open a web page it tells me I'm off line with message "Wi-Fi and mobile data are turned off. The page can be loaded once you connect to a network. Error code: ERR_INTERNET_DISCONNECTED" My wi-fi DOES work, it's the Verizon network that I cannot access. Someone PLEASE HELP.
Check the graph in your Data Usage section; it sounds like you've enabled the Alert About Data Usage feature, have reached that limit, and the phone is now restricting your data usage accordingly. For more info., see:
How do I monitor online data usage on my Samsung Galaxy S5? | Support | SAMSUNG UK -
Unable to access internal networks over Remote acces VPN
Hi,
I have set up a Remote access VPN from Home to Cisco ASA 5512-X.
I am able to connect successfully and even getting a valid IP address from VPN pool 172.21.3.1-. However I am unable to access any of the internal resources.
Internal Network: 172.20.0.0 255.255.0.0
Please if someone can help identifying the issue.
Below is the running config:-
Result of the command: "sh run"
: Saved
ASA Version 9.1(1)
hostname ASA
domain-name M8fl.com
enable password Aoz9GlxLLvkWrTUy encrypted
passwd Gc1jA6zbgOsj63RW encrypted
names
ip local pool vpnclients 172.21.3.1-172.21.3.20 mask 255.255.0.0
ip local pool test 172.21.3.21-172.21.3.40 mask 255.255.255.0
interface GigabitEthernet0/1
nameif inside
security-level 100
ip address 172.20.254.250 255.255.0.0
interface GigabitEthernet0/2
description vodafone 100mb internet 195.11.180.40_29
speed 100
duplex full
nameif outside1
security-level 1
ip address 195.11.180.42 255.255.255.248
interface GigabitEthernet0/3
description Voice
nameif Voice
security-level 80
ip address 192.168.2.1 255.255.255.252
interface GigabitEthernet0/4
shutdown
no nameif
no security-level
no ip address
interface GigabitEthernet0/5
shutdown
no nameif
no security-level
no ip address
interface Management0/0
management-only
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
boot system disk0:/asa911-smp-k8.bin
ftp mode passive
clock timezone GMT 0
dns domain-lookup inside
dns domain-lookup outside1
dns domain-lookup management
dns server-group DefaultDNS
name-server 10.0.0.4
name-server 172.20.0.100
domain-name M8fl.com
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network VLAN1
subnet 172.20.0.0 255.255.0.0
object network NETWORK_OBJ_172.20.3.0_27
subnet 172.21.3.0 255.255.255.224
object network Voice_Net
subnet 172.21.20.0 255.255.255.0
object network PBX_Internal
host 192.168.2.2
description PBX Internal
object network Voice_External
host 195.11.180.43
description For PBX
object network Raith_Remote_Network
subnet 192.168.20.0 255.255.255.0
description Raith Remote Network
object network NETWORK_OBJ_172.21.3.0_27
subnet 172.21.3.0 255.255.255.224
object network NETWORK_OBJ_172.21.3.0_26
subnet 172.21.3.0 255.255.255.192
object-group network azure-networks
network-object 10.0.0.0 255.0.0.0
object-group network onprem-networks
network-object 172.20.0.0 255.255.0.0
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service test_PPTP
service-object ip
service-object tcp destination eq pptp
access-list azure-vpn-acl extended permit ip object-group onprem-networks object-group azure-networks
access-list outside_access_in extended permit ip object-group azure-networks object-group onprem-networks
access-list outside_access_in extended permit icmp any any
access-list outside_access_in extended permit ip any any
access-list inside_access_in extended permit ip any any log disable
access-list inside_access_in_1 extended permit ip object-group onprem-networks object-group azure-networks
access-list inside_access_in_1 extended permit ip any object Voice_Net log debugging
access-list inside_access_in_1 extended permit ip any any
access-list outside_access_in_1 extended permit ip object-group azure-networks object-group onprem-networks
access-list outside_access_in_1 extended permit icmp any any
access-list outside_access_in_1 extended permit ip any any inactive
access-list Voice_access_in extended permit ip any any log debugging
access-list outside_cryptomap extended permit ip object-group onprem-networks object Raith_Remote_Network
pager lines 24
logging enable
logging buffer-size 40000
logging buffered notifications
logging asdm debugging
mtu outside 1500
mtu inside 1500
mtu outside1 1500
mtu Voice 1500
mtu management 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-66114.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside1) source static onprem-networks onprem-networks destination static azure-networks azure-networks
nat (inside,outside1) source dynamic VLAN1 interface
nat (inside,Voice) source static VLAN1 VLAN1 destination static Voice_Net Voice_Net no-proxy-arp route-lookup
nat (Voice,outside1) source static PBX_Internal Voice_External
nat (inside,outside) source static onprem-networks onprem-networks destination static Raith_Remote_Network Raith_Remote_Network no-proxy-arp route-lookup
nat (inside,outside1) source static any any destination static NETWORK_OBJ_172.21.3.0_27 NETWORK_OBJ_172.21.3.0_27 no-proxy-arp route-lookup
nat (inside,outside1) source static any any destination static NETWORK_OBJ_172.21.3.0_26 NETWORK_OBJ_172.21.3.0_26 no-proxy-arp route-lookup
access-group outside_access_in in interface outside
access-group inside_access_in_1 in interface inside
access-group outside_access_in_1 in interface outside1
access-group Voice_access_in in interface Voice
route outside1 0.0.0.0 0.0.0.0 195.11.180.41 10
route inside 172.21.20.0 255.255.255.0 172.20.20.253 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
http server enable 444
http 192.168.1.0 255.255.255.0 management
http 172.20.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
sysopt connection tcpmss 1350
sysopt noproxyarp outside
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set azure-ipsec-proposal-set esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA mode transport
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec security-association lifetime seconds 3600
crypto ipsec security-association lifetime kilobytes 102400000
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-3DES-SHA
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime seconds 28800
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime kilobytes 4608000
crypto map outside_map interface outside
crypto ca trustpoint ASDM_TrustPoint0
enrollment terminal
subject-name CN=ASA
crl configure
crypto ca trustpool policy
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 28800
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 enable outside1
crypto ikev1 policy 10
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 28800
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet 172.20.0.0 255.255.0.0 inside
telnet timeout 5
ssh 172.20.0.0 255.255.0.0 inside
ssh timeout 5
ssh version 2
console timeout 0
dhcpd address 172.20.2.1-172.20.2.254 inside
dhcpd dns 10.0.0.4 172.20.0.100 interface inside
dhcpd enable inside
dhcpd dns 172.21.20.254 interface Voice
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
tftp-server inside 172.20.2.34 /tftp
webvpn
enable outside1
anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
anyconnect image disk0:/anyconnect-linux-2.5.2014-k9.pkg 2
anyconnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 3
anyconnect enable
tunnel-group-list enable
internal-password enable
group-policy DefaultRAGroup_2 internal
group-policy DefaultRAGroup_2 attributes
dns-server value 10.0.0.4 172.20.0.100
vpn-tunnel-protocol l2tp-ipsec
default-domain value
group-policy DefaultRAGroup_3 internal
group-policy DefaultRAGroup_3 attributes
dns-server value 10.0.0.4 172.20.0.100
vpn-tunnel-protocol ikev1 l2tp-ipsec
default-domain value
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
dns-server value 10.0.0.4 172.20.0.100
vpn-tunnel-protocol l2tp-ipsec
default-domain value
group-policy DefaultRAGroup_1 internal
group-policy DefaultRAGroup_1 attributes
dns-server value 10.0.0.4 172.20.0.100
vpn-tunnel-protocol l2tp-ipsec
default-domain value
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-client ssl-clientless
group-policy RA_VPN internal
group-policy RA_VPN attributes
dns-server value 8.8.8.8 4.2.2.2
vpn-tunnel-protocol ikev1
default-domain value
group-policy "GroupPolicy_Anyconnect _profile" internal
group-policy "GroupPolicy_Anyconnect _profile" attributes
wins-server none
dns-server value 8.8.8.8
vpn-tunnel-protocol ssl-client ssl-clientless
default-domain none
webvpn
file-browsing enable
group-policy GroupPolicy_89.241.208.14 internal
group-policy GroupPolicy_89.241.208.14 attributes
vpn-tunnel-protocol ikev1
username test2 password encrypted privilege 15
username test1 password nt-encrypted privilege 0
username test1 attributes
vpn-group-policy DefaultRAGroup_2
username test password encrypted privilege 15
username test attributes
vpn-group-policy DefaultRAGroup_1
username EdwardM password encrypted privilege 15
username vpntest password encrypted privilege 0
username vpntest attributes
vpn-group-policy RA_VPN
username vpntest3 password nt-encrypted privilege 15
username vpntest3 attributes
service-type remote-access
username rhunton password encrypted privilege 15
username rhunton attributes
service-type admin
username e.melaugh password encrypted privilege 15
username netx password encrypted privilege 15
username netx attributes
service-type remote-access
username colin password encrypted privilege 15
username colin attributes
service-type remote-access
tunnel-group DefaultL2LGroup ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group DefaultRAGroup general-attributes
address-pool vpnclients
default-group-policy DefaultRAGroup_3
tunnel-group DefaultRAGroup ipsec-attributes
ikev1 pre-shared-key *****
isakmp keepalive disable
tunnel-group DefaultRAGroup ppp-attributes
no authentication chap
authentication ms-chap-v2
tunnel-group "Anyconnect _profile" type remote-access
tunnel-group "Anyconnect _profile" general-attributes
address-pool vpnclients
default-group-policy "GroupPolicy_Anyconnect _profile"
tunnel-group "Anyconnect _profile" webvpn-attributes
group-alias "Anyconnect _profile" enable
tunnel-group 137.117.215.177 type ipsec-l2l
tunnel-group 137.117.215.177 ipsec-attributes
ikev1 pre-shared-key *****
peer-id-validate nocheck
isakmp keepalive disable
tunnel-group 89.241.208.14 type ipsec-l2l
tunnel-group 89.241.208.14 general-attributes
default-group-policy GroupPolicy_89.241.208.14
tunnel-group 89.241.208.14 ipsec-attributes
ikev1 pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect pptp
policy-map type inspect ipsec-pass-thru Fairhurst
description to allow vpn to fairhurst network
parameters
esp
ah
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:f4185106b309478da7804dc22d2c1a85
: endHi,
You seem to have this nat (inside,outside1) source dynamic VLAN1 interface at line 2 which is causing the identity Nat/ Nat exempt to fail.
It is always good to use the packet tracer feature on the ASA to see what exactly is happening.
Try this
nat (inside,outside1) 1 source static VLAN1 VLAN1 destination static NETWORK_OBJ_172.21.3.0_27 NETWORK_OBJ_172.21.3.0_27 no-pr route-lo
Let me know how it goes for you.
Regards,
Nitish Emmanuel -
Unable to access mapped network drive, DFS
TL;DR: Unable to map a network drive on one particular computer, except if circumventing DFS.
OK - So I have exhausted all my options in this matter, so all suggestions are welcome.
Keep in mind the file system is DFS.
1. User has been set up the same as our other users in Active Directory.
2. Most network drives are connected via GPO. They are mapped via\\company.local\common\
3. The users' home folder is connected via setting in AD -> Profile -> Home folder ->
Connect X: To \\company.local\homedir\username
4. When the user logs on, all network drives defined in GPO are mapped OK, but the X: which is defined via "Home folder" in AD, is not connected. When trying to map it manually, we get "Access denied".
5. If the user tries the complete path via Explorer: \\company.local\homedir\username - Error 0x80004005 Unspecified error occurs. We have googled this particular code but found nothing that applies to us.
6. If the user tries the complete path to the folder on the actual file server, circumventing DFS, the home folder is mapped OK.
Strange thing is: This only happens on this particular computer. If users logs on to another computer, in the same domain, receiving the same GPO etc. The X: is mapped fine via \\company.local\homedir\username
Also if another user logs on to the problematic computer they also cannot access their X: on \\company.local\homedir\username
So we tried updating the WLAN/LAN drivers to no avail. Might there be any settings on the network adapters that might cause this?
KthxbaiIf other computer has the same policy ("Send NTLMv2 response only. Refuse LM"), it should not be the cause.
I agree that all clients should have the same Group Policy but sometimes the group policy may not be applied correctly on a client which causes issues. Thus you can try a "gpupdate /force" and see if issue persists.
Also you can test to access \\company.local to see if it will success. Try \\rootserver as well if it is different as DFS folder target.
As the issue only occurs on a specific client, maybe we can have a try with re-join domain.
If you have any feedback on our support, please send to [email protected] -
VPN users unable to access internal network - ASA 8.3.1
Hello,
I have a base config of AnyConnect VPN below, however the ASA 8.3.1 code has deprecated some commands and the VPN/NAT/FW rule syntax is quite different. Can someone point out what's missing from the pertinent config below that prevents the VPN Pool from accessing the internal LAN?
The Core LAN router is 1.2.3.1.
ASA Version 8.3(1)
interface Ethernet0/0
nameif inside
security-level 100
ip address 1.2.3.2 255.255.255.0
ip local pool anyconnect-vpn-pool 1.2.9.10-1.2.9.20 mask 255.255.255.0
object network DataVLAN
subnet 1.2.3.0 255.255.255.0
object-group network Internal-Data
network-object object DataVLAN
nat (any,any) after-auto source dynamic Internal-Data Outside_INT
route inside 1.2.0.0 255.255.0.0 1.2.3.1 1
dynamic-access-policy-record DfltAccessPolicy
webvpn
enable outside
svc image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
svc enable
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
address-pools value anyconnect-vpn-pool
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
address-pools value anyconnect-vpn-pool
group-policy vpn-anyconnecct-policy internal
group-policy vpn-anyconnecct-policy attributes
vpn-tunnel-protocol svc webvpn
webvpn
url-list none
svc ask enable
tunnel-group vpn-users type remote-access
tunnel-group vpn-users general-attributes
address-pool anyconnect-vpn-pool
default-group-policy vpn-anyconnecct-policy
tunnel-group anyconnect2 type remote-access
tunnel-group anyconnect2 general-attributes
address-pool anyconnect-vpn-pool
TIA.
MikeHi Rohan,
Are you saying to replace "nat (any,any)" with "nat (inside,outside)"? I was wondering about this because I'd always done "nat (inside,outside)" but a colleague had performed the initial configuration which already contained "nat (any,any)" statement and I was not sure if this was just something new in 8.3.1. I also noticed the "global" command is no longer available.
I will give this a try. Thanks.
-Mike -
Unable to access wifi network previously forgotten - Windows 8
Hi,
one my client forgot wifi network due to unavailibility but after some 6 months i have made the same router available again but the same users laptop is unable to detect this wifi network
it is also not show in netsh wlan show profiles
even tired to uninstall network drivers and manually setup wireless network but still same issue
how can i connect itHi,
Does other account can successfully detecte the wifi? I assume that the wireless connection is not slow and each configuration of the wifi connection are set correctly.
Then I suggest you reset and reconfigure the router, or unplug the router power cord for 30 second,
reconnect power cord,
Perhaps the router remembered something about your Wi-Fi card.
If doesn’t work, please manually connect to the wifi , Control Panel>Network and sharing center>Set up a new connection or network>Manually connect to a wireless network, then type the related configuration, connect.
Regards,
Yolanda
Yolanda
TechNet Community Support -
Unable to access inside network using Split tunnel RA VPN
Hi Everyone,
I configured RA Split tunnel VPN.
Connection works fine.
Inside Interface of ASA has connection to Switch IP 10.1.12.1.
When connected via RA VPN i try https://10.1.12.1 but it does not open up.
Inside Interface of ASA has IP 10.0.0.1
ASA1# $
Session Type: IKEv1 IPsec Detailed
Username : ipsec-user Index : 23
Assigned IP : 10.0.0.51 Public IP : 192.168.98.2
Protocol : IKEv1 IPsec
License : Other VPN
Encryption : IKEv1: (1)AES256 IPsec: (1)AES128
Hashing : IKEv1: (1)SHA1 IPsec: (1)SHA1
Bytes Tx : 2130969 Bytes Rx : 259008
Pkts Tx : 6562 Pkts Rx : 3682
Pkts Tx Drop : 0 Pkts Rx Drop : 0
Group Policy : ipsec-group Tunnel Group : ipsec-group
Login Time : 11:10:41 MST Sun Jan 26 2014
Duration : 0h:40m:30s
Inactivity : 0h:00m:00s
NAC Result : Unknown
VLAN Mapping : N/A VLAN : none
IKEv1 Tunnels: 1
IPsec Tunnels: 1
IKEv1:
Tunnel ID : 23.1
UDP Src Port : 62751 UDP Dst Port : 500
IKE Neg Mode : Aggressive Auth Mode : preSharedKeys
Encryption : AES256 Hashing : SHA1
Rekey Int (T): 86400 Seconds Rekey Left(T): 83975 Seconds
D/H Group : 2
Filter Name :
Client OS : WinNT Client OS Ver: 5.0.07.0440
IPsec:
Tunnel ID : 23.2
Local Addr : 0.0.0.0/0.0.0.0/0/0
Remote Addr : 10.0.0.51/255.255.255.255/0/0
Encryption : AES128 Hashing : SHA1
Encapsulation: Tunnel
Rekey Int (T): 28800 Seconds Rekey Left(T): 26375 Seconds
Idle Time Out: 30 Minutes Idle TO Left : 29 Minutes
Bytes Tx : 2137160 Bytes Rx : 259088
Pkts Tx : 6571 Pkts Rx : 3684
NAC:
Reval Int (T): 0 Seconds Reval Left(T): 0 Seconds
SQ Int (T) : 0 Seconds EoU Age(T) : 2426 Seconds
Hold Left (T): 0 Seconds Posture Token:
Redirect URL :
From ASA i can ping the switch IP
ASA1# ping 10.1.12.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.12.1, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/10 ms
ASA1#
logs from firewall
Jan 26 2014 11:53:20: %ASA-6-302014: Teardown TCP connection 51636 for outside:10.0.0.51/50747(LOCAL\ipsec-user) to identity:10.0.0.1/443 duration 0:00:00 bytes 1075 TCP Reset-O (ipsec-user)
Jan 26 2014 11:53:20: %ASA-6-106015: Deny TCP (no connection) from 10.0.0.51/50747 to 10.0.0.1/443 flags FIN ACK on interface outside
Why firewall logs show https connection to 10.0.0.1 instead of 10.1.12.1?
Regards
MaheshHi Jouni,
ASA1# sh ip address
System IP Addresses:
Interface Name IP address Subnet mask Method
Vlan1 inside 10.0.0.1 255.255.255.0 CONFIG
Vlan2 outside 192.168.1.171 255.255.255.0 CONFIG
Vlan3 sales 10.12.12.1 255.255.255.0 CONFIG
Current IP Addresses:
Interface Name IP address Subnet mask Method
Vlan1 inside 10.0.0.1 255.255.255.0 CONFIG
Vlan2 outside 192.168.1.171 255.255.255.0 CONFIG
Vlan3 sales 10.12.12.1 255.255.255.0 CONFIG
Connection is split tunnel.
when i check stats on vpn client all i see bypassed packets.
ASA1# sh run group-polic$
group-policy ipsec-group internal
group-policy ipsec-group attributes
dns-server value 64.59.144.19
vpn-tunnel-protocol ikev1
split-tunnel-policy tunnelspecified
ipv6-split-tunnel-policy excludespecified
split-tunnel-network-list value ipsec-group_splitTunnelAcl
Regards
Mahesh
Message was edited by: mahesh parmar -
Any thoughts as to how or why my network password would have been spontaneously changed? I am confused and cannot seem to figure this out.
Do othere device now connect to the network?
Try powering off and then back on the router.
Go to System Preferences>Network and creae a new location and try again -
Vc unable to access ouside network
Hi all,
I am having a policom VC and 2811 router with ip-sec bundle(ios)in my network.I am able to receive call from outside(internet) but, i am not able to make calls from my VC.some thing is blocking my out side interface. Please check it out...please find the attm..
Regards,
Satya.Mhi please update...
-
Wired guest access - Unable to access network
Hello,
I've configured two WLC's with the exact same config one of them has working Wired guest network the other one does not.
The only difference in the two I know of is that the one that does not work is connected to a Cisco 3550 switch, the one that works is connected to a Cisco 7600.
The problem is when I connect a computer to the wired guest network I am able to get an IP address from the Internal DHCP server but unable to access the network.
I've tried pinging the gateway's IP and I get no answer.
The Port-channel interface has the correct VLans and the vlans exist on all switches.
If anyone see an error there or might have an idea why this is not working I would appreciate the feedback.
Config follows below..
regards,
Gk(Cisco Controller) >show running-config
802.11a cac voice tspec-inactivity-timeout ignore
802.11a cac voice stream-size 84000 max-streams 2
802.11b cac voice tspec-inactivity-timeout ignore
802.11b cac voice stream-size 84000 max-streams 2
location rssi-half-life tags 0
location rssi-half-life client 0
location rssi-half-life rogue-aps 0
location expiry tags 5
location expiry client 5
location expiry calibrating-client 5
location expiry rogue-aps 5
Cisco Public Safety is not allowed to set in thisdomain
ap syslog host global 255.255.255.255
auth-list ap-policy ssc enable
custom-web ext-webserver add 1 217.28.176.114
dhcp create-scope guestnetwork
dhcp address-pool guestnetwork 192.168.34.2 192.168.34.200
dhcp default-router guestnetwork 192.168.34.254
dhcp enable guestnetwork
dhcp dns-servers guestnetwork 212.30.200.200 212.30.200.199
dhcp network guestnetwork 192.168.34.0 255.255.255.0
local-auth method fast server-key *****
interface create guestnetwork 331
interface create guestnetwork-wired 332
interface address ap-manager 10.255.255.90 255.255.255.248 10.255.255.94
interface address dynamic-interface guestnetwork 192.168.34.1 255.255.255.0 192.168.34.254
interface address dynamic-interface guestnetwork-wired 192.168.35.1 255.255.255.0 192.168.35.254
interface address management 10.255.255.89 255.255.255.248 10.255.255.94
interface address service-port 10.60.4.200 255.255.255.0
interface address virtual 1.1.1.1
interface dhcp ap-manager primary 10.255.255.89
interface dhcp dynamic-interface guestnetwork primary 10.255.255.89
interface dhcp management primary 10.255.255.89
interface dhcp service-port disable
interface vlan ap-manager 226
interface vlan guestnetwork 331
interface vlan guestnetwork-wired 332
interface vlan management 226
interface port ap-manager 29
interface port guestnetwork 29
interface port guestnetwork-wired 29
interface port management 29
lag enable
load-balancing window 5
mesh security eap
mgmtuser add root **** read-write
mobility group domain XXXXXXX
mobility symmetric-tunneling enable
network otap-mode disable
network rf-network-name XXXXXXX
radius acct add 1 XXXXXXX 1813 ascii ****
radius auth add 1 XXXXXXX 1812 ascii ****
radius auth management 1 disable
spanningtree port mode off 1
spanningtree port mode off 2
sysname XXXXXXX
time ntp interval 3600
time ntp server 1 XXXXXXX
wlan create 1 hotspot hotspot
guest-lan create 1 hotspot-wired
wlan interface 1 guestnetwork
guest-lan interface 1 guestnetwork
wlan custom-web webauth-type external 1
wlan custom-web ext-webauth-url https://XXXXXXX
wlan session-timeout 1 disable
wlan wmm allow 1
wlan wmm allow 18
wlan security wpa disable 1
wlan security wpa disable 18
wlan radius_server auth add 1 1
wlan radius_server acct add 1 1
guest-lan radius_server auth add 1 1
guest-lan radius_server acct add 1 1
wlan dhcp_server 1 0.0.0.0 required required
wlan enable 1
guest-lan enable 1 -
I am unable to access 3G network, although wireless access is working fine. When opening a page in safari it churns for a while and then says that server has stopped responding. I noticed on one forum that it said something about changing brightness settings causing a conflict - coincidentally this first started happening after I had tweaked brightness. I have tried resets etc, but still no joy. Any ideas?
Hi there humph86,
You may find the troubleshooting steps in the article below helpful.
iPad (Wi-Fi + Cellular Models): Troubleshooting a cellular data connection
http://support.apple.com/kb/TS4249
-Griff W. -
WI-Fi problem IPhone 3G (Unable to join the network XY)
Hi, I bought a 3G Iphone 8Gb, It came with firmware 2.2 ...
When I try to access Wi-Fi I got this error : "Unable to join the network XY"
I updated to 2.2.1 and the error continues...
Tried to restore network settings, and nothing...
ps.: My friend with other Iphone 3G can access the same Wi-Fi network...
Help?It may be that the battery is the issue. I am having the same problems - unable to log in to my WIFI at home, which I have never had an issue with until yesterday, when I started getting the "Unable to access XXX network".
I have tried everything including full iphone restore and router factory restore, but nothing. I did note that after having the phone switched off overnight, I was able to access my wireless network for about fifteen minutes then it just dropped the connection and now I am back to no access whatsoever.
Take a read here:
http://www.applesource.com.au/iphone/soa/iPhone-Wi-Fi-failures-caused-by-battery -heat-/0,2000070787,339295984,00.htm
It is one of many internet postings on this issue and would make sense of the posting above mine..
I'm going to try reverting to 2.2.0 - people such as Leo Laporte on Macbreak Weekly have been complaining of battery issues since upgrading to 2.2.1 -
Unable to Access Web Site (with same name) outside of Local Network
Hi everyone,
I have my web site (and some other services) hosted outside of my network by my hosting provider, but handle all other items using OS X Server on my network (i.e. Wiki and so forth).
The problem is now that I am unable to access my website at www.mydomain.com from within the network. I have external DNS set up for www.mydomain.com to point to my website, while mydomain.com points to my OS X Server (static IP address). Internally in OS X Server's DNS settings this used to work when I had www.mydomain.com resolving to the IP address of my web host, in addition to the default domain settings that OS X had set up. For some reason this is no longer working, and I am unable to figure out why.
Using latest version of OS X Server 3.0.2.
Any help is greatly appreciated. Thanks!
Update: this ended up being a redirect issue on the web host. I added another subdomain that was hosted externally, and it worked fine. For some reason my web host is redirecting www.mydomain.com to domain.com.I am in Texas and cannot get to that site either. Do you know for sure the site is up and working? It could just be down (for days, a site I support was down for almost 4 full days a few weeks ago due to a virus problem).
This may (again, may) be your problem: I see you have a173.48.x.x (you really should x-out the last two octets of your IP address for privacy reasons), I am on a 173.74.x.x address; I know some people have had problems with getting to some sites now that they have a 173.x.x.x address. I think Verizon obtained addresses in that range and some of the addresses apparently previously belonged to spammers or some malicious folks.Some sites (web sites, intermeidate routers, etc.) blocked those addresses, and may not have updated their filters to remove the block on those addresses because they don't know that Verizon now owns them. If this is the problem, eventually those filters will get updated and you will be able to access the site, but this could be a fairly long time.
If you know how to contact that site I suggest you email them about the problem. You can also try turning off your router overnight and when you turn it back on the next day you may find that you have a different address (one that doesn't start with 173) that will allow you to get to the site.
I don't think there is much Verizon can do to help, it is not their site that is blocking your address (at least I don't think it is).
Hope this helps.
Justin
Verizon FiOS TV, Internet, and phone
IMG 1.6.2, Build 08.58
Keller, TX 76248 -
Unable to access my other macs in the airport network
Since I have installed Leopard 10.5.1 I am unable to access my other MACs in my airpot network for file sharing. Interesting that I can accesss my older IMAC which has TIGER 10.4.11 installed. This bug is new since I updated to 10.5.1. Its funny but "screensharing" on the other hand is working.
(I checked all possibilities in the firewall setting. (File sharing) is allowed on all MACs.
Anyone with a solution or having the same problem
TonyOk, they didn't post the link to my screen cap.
Here is the link to the screen cap of my problem in FireFo:.
http://i88.photobucket.com/albums/k196/ajax6677/more.png
Here is how it looks when loaded properly in IE:
http://i88.photobucket.com/albums/k196/ajax6677/more2.png
They are also attached below/
Maybe you are looking for
-
Can I repair a Snow Leopard disk from a Tiger machine?
I had the hard drive go down on a MacPro with an Intel processor running OS 10.6.4. When I try to boot, it gets to the Apple screen and shuts down. Running the disk utility from the installation disk gives me the error: Checking HFS Plus Volume Inv
-
When I open itunes, this message keeps popping up, "itunes was not properly installed. If you wish to import or burn CDs you need to reinstall itunes."
-
Cant uploade my movie too youtube please help
My kid is making movies on iMovie but now he cant upload too you tube Please need some help
-
How to use paint method to draw in many componets.
Hi! I have code like this: public class MainPanel extends JPanel{ JPanel p1; JPanel p2; public MainPanel(){ super(new BorderLayout()); p1 = new JPanel(); p2 = new JPanel(); add(p1 , BorderLayout.Center); ad
-
HT4972 When I update, the backup begins then I get an error message -5000
When updating to IOS 5 the backup starts, then I get an error message -5000. How do I resolve this?