Unable to enable the adaptive firewall: No ALTQ support in kernel ALTQ related functions disabled
No ALTQ support in kernel ALTQ related functions disabled
OS X Server: How to enable the adaptive firewall - Apple Support
Recently ran the latest OS X Yosemite Server Updates: OS X v10.10.3 and Server v4.1. Tried to enable the "adaptive firewall" by following the steps in Apple's article (see above) and encountered the error after the second line of commands
Charlie$ sudo pfctl -f /etc/pf.conf
pfctl: Use of -f option, could result in flushing of rules
present in the main ruleset added by the system at startup.
See /etc/pf.conf for further details.
No ALTQ support in kernel
ALTQ related functions disabled
server:~ Charlie$
I'm not sure that is an error, it is a warning.
The Mac kernel is not compiled with support for ALTQ so you can't use those features.
Carry on & test your firewall is working as you expect.
Similar Messages
-
How can I re-enable the "are you sure you want to delete this email" function?
When I click delete my emails get deleted with one click. I accidentally click delete and they get lost in my trash folder often. How can I enable the "are you sure you want to delete this email" function?
The following previous discussion may help: Re: Delete Confirmation Warning. I want back.
-
If I connect my ipohone 5 to an iphone 4 dock with the apple adapte will it still stably on the adapter with no back support?
I use an iPhone 4 dock but have super glued a piece of (elegant) plastic to support
the iP5 . It will wave around in wind a bit without support putting strain on the
.lightning socket
I have also adapted an iPad dock which does have a lip at rear -
Controlling the Adaptive Firewall with `afctl`
For those of you that don't know, afctl controls (is?) Leopard Server's Adaptive Firewall. Its a really cool program, you give it an IP address, and a time-to-live in minutes, and that ip instantly gets firewalled for about that many minutes.
Here is the man page for the program:
http://developer.apple.com/documentation/Darwin/Reference/ManPages/man8/afctl.8. html
And here is the man page for it's config file:
http://developer.apple.com/documentation/Darwin/Reference/ManPages/man5/af.plist .5.html
At first it seems like the perfect program. But I'm having big problems with it, all regarding rule numbers.
afctl's first firewall rule is number 1700. Its next rule is 1705. And so on and so on. Now my rules come from a script I have running on my server, that automatically 'detects' abusers and blocks them. Rules last for 1 hour. So after the first hour of running, rule 1700 will expire, then 1705 and so on. New rules that are constantly getting generated, are up to maybe lets just say 1840.
So even though rules only last an hour, the rule numbers keep going up and up and up. This becomes a big problem because once the rules get to 12300, the overlap and then pass existing rules in ipfw. Once they surpass this, incoming packets are matched and accepted before they get to their block rule (generated by afctl). So every second or so, another and another and another firewall rule gets added to block that same IP. But the rules are so high they don't work. Multiply this by 30 or 40 IPs at a time and you can see how once my afctl rules get to 12300, total chaos ensues.
If I totally disable my script for two hours, and let all my afctl rules expire. Then I can re-enable the script and it will start generating rules again at 1700. But this can be a problem, some times I'm getting more traffic than I can handle during those two hours. After about 250 requests per second, things start to get sketchy.
I need a way to manage these rule numbers without having to turn off the script that makes these rules.
One thing that confuses me is the 'default_set' setting in the af.plist file. I'm not sure what this means, but does this somehow let me put my afctl rules into their own 'group'? The default setting for 'default_set' in my plist file is 17. That means nothing to me though. Reading the ipfw man page, it refers to it's whole configuration as it's 'ruleset'. So I'm not sure what this setting is, or if it can help me.
As it stands now, I have to 'reset' my rules (by way of disabling my script and letting all afctl created rules expire) about every other day. If I could have afctl rules increment by 1 instead of 5, that would give me about 10 days. Still a bandaid, but a better bandaid. If there was a way to make afctl choose rules that are the lowest available rule number greater than 1699, so as rules expired, their numbers would be recycled. That would also work. Although i'd feel better if my dymanic rules also had a greater range to life in, than 1700-12300. But I'd have to be under one **** of an attack for that not to be enough.Well I found a solution, but it's not great. I run the following commands daily (nightly).
sudo rm /var/db/af/blacklist;
sudo ipfw delete set 17;
sudo /usr/libexec/afctl;
This deletes any memory afctl has of it's rules. Then it manually deletes all the rules it's made. Then it recreates it's database file.
This will make your rules start over every night so you won't get 'rule number overflow' headaches.
OF COURSE the whole point of afctl is auto-expiring firewall rules. So if you're going to do this, I might as well have my server firewall addresses directly to ipfw instead of bothering with afctl. I'm going to leave it using afctl now only because its already set up and running. At least I can be away from my server now without having a rule number overflow which for several different reasons brings my server to it's knees. -
Problem using the adaptive firewall : "Firewall management disabled"
I am facing a problem that Google and man pages cannot solve : it seems that af is disabled; I don't know why and cannot enable it.
In /var/log/system.log, I can see entries like this :
Aug 19 08:07:14 arda emond[14295]: Host at 202.99.122.136 will be blocked for at least 15.00 minutes
Aug 19 08:07:14 arda emond[21852]: DoRunAction (child): setting the uid/gid to 0/0
But ipfw tells me otherwise :
$ ipfw list
00001 allow udp from any 626 to any dst-port 626
01000 allow ip from any to any via lo0
01010 deny log ip from any to 127.0.0.0/8
01020 deny log ip from 224.0.0.0/4 to any in
01030 deny log tcp from any to 224.0.0.0/4 in
01040 allow udp from 192.168.0.0/16 to 192.168.0.0/16 dst-port 514 in
01050 allow udp from 212.27.38.253 to 192.168.0.0/16 in
01060 allow tcp from any to 192.168.0.0/16 dst-port 6881-6889 in
12300 allow ip from any to any
12301 allow tcp from 192.168.0.0/16 to any dst-port 25
12301 allow udp from 192.168.0.0/16 to any dst-port 25
65534 deny log ip from any to any
65535 allow ip from any to any
afctl refuses to run, giving an explicit message that i cannot find anywhere on the web :
$ /usr/libexec/afctl -v 1 -a 202.99.122.136
Tue Aug 19 08:09:53 arda.private afctl[22253] <Notice>: Firewall management disabled
And of course, no new rules added in ipfw.
Do you have any idea on what is wrong ? afctl is loaded durong boot (I didn(t change anything), but not working :
$ launchctl list | grep afctl
- 0 com.apple.afctlOK, thanks. Situation is getting better.
Now af is enabled, and I can add IP to black and white list. I had also to enable the rule set with the -e option (not sure it will stay after reboot; man page is silent on this).
The rules set 17 appears in ipfw list, but it seems there is still some problem for automatic blacklisting.
I will continue to investigate the situation, but Apple provides very little documentation on this. -
I have an unsaved document open in pages but can not save it because the, "charicter boarders aren't supported and were removed" warning is open and I can not close the warning. How can i get the warning to close so I can save my document? Can I save the document without closing the warning?
Probably not, but as you will have been unable to make any changes to the document with that warning window open, you're not going to lose anything by quitting (or force quitting) without saving. You'll still have the original document you were trying to import.
I would suggest attempting to open the document in one of the open source Office applications, LibreOffice, Apache OpenOffice, or NeoOffice, each available for download from the linked sites. Once open there, remove the attributes that are causing the warning, save the file (as an MS Word document), then try opening that version in Pages.
Regards,
Barry -
Unable to determine the adapter engine or sld connection error
1. Check wether the SLD is up or not
2. Note 764176 - Error in XI due to inconsistent SLD contents --> Follow this note.Aswin..
Is that a question or answer or information to others?
VJ -
Unable to enable the links(Personalize Page & About this Page)
Hi,
I have set the set the profile options at user level :
1. Personalize Self Service Page Defn and 2)Region Links 3) Fnd Diagnostics
I can see the links 'Personalize Page' & 'About this Page' and 'region links' for all the responsibilities like isupplier , iexpenses..etc
except for the responsibility "Oracle Installed Base User"
What could be the reason?
Is it restricted by default? how to find out the page definition for "Oracle Installed Base User" pages?
Appreciate your help.
thanks in advance,
SumanHi Anand,
Thank you very much for your reply in short time.
As you said, it is a jsp page built by JTT Framework.
OA_HTML/csiPerzEditMain.jsp?jttst0=8053_22971%2C22971%2C-1%2C0%2C&jtfm0=_0_0_0_-1_f_nv_&etfm1=&jfn=ZG23746AF4DF034244327BDC34EB1997A52C3D483299CAC3D9EADAE422BE515F7B7F10019AC9D26401ADB3C0AF6CFE71C1B0&jfn=ZG23746AF4DF034244327BDC34EB1997A52C3D483299CAC3D9EADAE422BE515F7B7F10019AC9D26401ADB3C0AF6CFE71C1B0
Could you pls help how to find this page location and to download this Page?
Thanks,
Suman -
Unable to find the sended message from create support message in solman.
Hello everybody,
I had installed the Solution manager and IDES server.
I have configure the Maintenance Optimizer, Now I am able to send the
support message from the IDES.
But Now where to find or serach the message in solution manager ?
or need to be configure service desk?
Please suggest me step by step configuration to check the sended message.
Thankshi
>
ganesh borase wrote:
> I have configure the Maintenance Optimizer, Now I am able to send the
> support message from the IDES.
> Thanks
sorry nt clear from your above statement, you configured maintenance optimzer for download supprot packages. do you want to configure support messages functiionality?
Can you please clarify your requirement?
Thanks,
Jansi -
Afctl (Adaptive Firewall) error in 10.8.2
I have enabled the Adaptive Firewall in OS X Server (2.2) under Mountain Lion 10.8.2 as per Apple's instructions:
http://support.apple.com/kb/HT5519
However, I get back an error everytime I try to enable it:
# afctl -f
No ALTQ support in kernel
ALTQ related functions disabled
pf enabled
Token : 18446743524496027528
No ALTQ support in kernel
ALTQ related functions disabled
Jan 22 17:41:50 server.domainredacted.com afctl[17998] <Notice>: Cannot update the Event Monitor config
When I try to alter a setting:
sh-3.2# afctl -T 10
Jan 22 17:42:09 server.domainredacted.com afctl[18005] <Notice>: Cannot update the Event Monitor config
Or when I try to disable it:
sh-3.2# afctl -X
Jan 22 17:45:29 server.domainredacted.com afctl[18021] <Notice>: Cannot update the Event Monitor config
I thought perhaps that afctl was having trouble writing to AdaptiveFirewall.plist in /Applications/Server.app/Contents/ServerRoot/private/etc/emond.d/rules
sh-3.2# ls -l /Applications/Server.app/Contents/ServerRoot/private/etc/emond.d/rules
total 0
-rw-r--r-- 1 root wheel 3344 Jan 22 00:11 AdaptiveFirewall.plist
But even adding world write permissions to this file didn't help.
I also wondered if perhaps afctl was looking for AdaptiveFIrewall.plist in the wrong place:
sh-3.2# ls -l /etc/emond.d/rules/
total 0
-rw-r--r-- 1 root wheel 822 Jan 21 20:01 SampleRules.plist
-rw-r--r-- 1 root wheel 8964 Jan 21 20:01 Xsan.plist
But copying AdaptiveFirewall.plist here (or symbolic linking the file in this dir) didn't do the trick either.
Anyone have any idea why afctl keeps complaining that it "Cannot update the Event Monitor config" in OS X Server 2.2 / Mountain Lion 10.8.2?
RustyAn additional (and confusing) update. The adaptive firewall may actually be doing something on my machine after all, but it's definitely not consistent. While digging through my logs again today, I noticed the events that I've pasted below. Apologies for the wall of text, but I've included the entire transcript of the attack for completeness.
2/6/13 10:48:44.161 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:48:44.161 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:48:51.331 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:48:51.331 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:48:55.243 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:48:55.243 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:03.151 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:03.151 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:07.112 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:07.112 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:10.989 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:10.989 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:21.890 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:21.890 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:25.801 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:25.801 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:29.699 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:29.699 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:29.700 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:29.870 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:29.948 PM afctl[25763]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:29.954 PM emond[117]: 381912569.864889 Host at <IP-ADDRESS> was blocked for 15
2/6/13 10:49:29.954 PM emond[117]: 381912569.864889 Host at <IP-ADDRESS> was blocked for 15
2/6/13 10:49:29.954 PM emond[117]: 381912569.864889 Host at <IP-ADDRESS> was blocked for 15
2/6/13 10:49:33.591 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:33.591 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:33.592 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:33.669 PM afctl[25764]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:33.675 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:33.754 PM afctl[25765]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:33.759 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:33.836 PM afctl[25766]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:37.477 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:37.477 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:37.478 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:37.552 PM afctl[25768]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:37.558 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:37.633 PM afctl[25769]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:37.638 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:37.720 PM afctl[25770]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:41.433 PM log[7449]: auth: Error: od[getpwnam_ext](server,<IP-ADDRESS>): No record for user
2/6/13 10:49:41.433 PM log[7449]: auth: Error: od(server,<IP-ADDRESS>): verify plain: lookup failed for user: server
2/6/13 10:49:41.434 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:41.511 PM afctl[25771]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:41.516 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:41.597 PM afctl[25772]: Address already in the blacklist, not added (timeout has been updated)
2/6/13 10:49:41.602 PM emond[117]: Host at <IP-ADDRESS> will be blocked for at least 15 minutes
2/6/13 10:49:41.678 PM afctl[25773]: Address already in the blacklist, not added (timeout has been updated)
Note that I've made no changes to this server since my last post, but afctl does indeed appear to be working in those logs; there are no more login attempts from that IP after this excerpt. Additionally, I thought this might be a good sign for progress on getting Apple's KB Article (http://support.apple.com/kb/HT5519) to work, but I still receive the <Notice>: Cannot update the Event Monitor config error.
Also, what's up with the auth errors logging after the IP's already been blocked? And there's a 4-second window preceeding them each time.
Curiouser and couriser. -
Excessive 'SecurityServer' log entries for ServerEventAgent after Adaptive Firewall
Hello all,
I'm running an OS X Server running 10.8.2. After enabling the Adaptive Firewall last night ( http://support.apple.com/kb/HT5519, http://support.apple.com/kb/TS4418 ), I started noticing a massive number of logs in /var/log/system.log that look like this:
Jan 11 17:44:59 <hostname> com.apple.SecurityServer[21]: Succeeded authorizing right 'system.privilege.admin'
by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [131] for authorization
created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [131] (2,0)
Jan 11 17:44:59 <hostname> com.apple.SecurityServer[21]: Succeeded authorizing right 'system.privilege.admin'
by client '/Library/PrivilegedHelperTools/com.apple.serverd' [71] for authorization created by
'/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [131] (100000,0)
Does anyone have thoughts on this? They generally come in pairs like above. I've seen other SecurityServer logs while managing the server, but the number of them (and ServerEventAgent string) have really jumped up after trying to enable the Adaptive Firewall. I'm not even sure the firewall is working at this point, as running hb_summary tells me there have been 0 blocks in the last 24 hours. Yesterday, before trying to enable the AF, the server was trying to block login bots every few minutes, so I'm not sure everything is hooked-up correctly.
It should be noted that I had some trouble with the second KB article linked above because I had previously tried using IceFloor to manage the new pffirewall. Apparently IceFloor removes some lines from /etc/pf.anchors/com.apple and doesn't put them back when you uninstall the program. I re-added the two missing lines at the end (with Apple's edits):
anchor "400.AdaptiveFirewall/*"
load anchor "400.AdaptiveFirewall" from "/Applications/Server.app/Contents/ServerRoot/private/etc/pf.anchors/400.AdaptiveFirewall"
Any help would be greatly appreciated!Ahhhhhhh...that's gotta be it!
Um, I mean no, I did not have relations with that application.
Thanks! -
Unable to Find out Adapter Engine in the Communication Channel
Hi Experts,
I am Unable to select the Adapter Engine As Integration Server in the File Sender Communication Channel.
Please Let Me Know
Regards
KhannaHI Khanna
Check the SLD that Adapter Engine is insatlled and all the adapter has the metadata there.
Go to Transaction Code SXI_CACHE in the Inetgration Server(XI- ABAP stack) Then you can see the list of components.
Just have a look into Menu Bar - in there goto : GoTo->Adapter Engine Cache ( if the status is green - then it is correct-otherwise you need to refreshit.)
You just go thru mentioned document from service.sap.com/nw04
You will get the full info about that.
/people/michal.krawczyk2/blog/2005/09/07/xi-why-dont-start-searching-for-all-errors-from-one-place
/people/michal.krawczyk2/blog/2005/06/28/xipi-faq-frequently-asked-questions
http://help.sap.com/saphelp_nw2004s/helpdata/en/0d/28e1c20a9d374cbb71875c5f89093b/frameset.htm
Just try with Visual Administrator to check the services for the adapter engine are running or not
All services starts with SAP XI..
SAP XI AF Core
SAP XI AF CPA Cache
SAP XI AF Messaging
SAP XI Adapter XI
SAP XI AF Security
Check SAP note on CPACache- 741214 and also 824236.
Let me know if any errors..
Cheers..
Vasu
<i>** Reward Points if found useful **</i> -
Adaptive-Firewall (af) blacklist or blockedHosts? Packet-Filter (pf)
I have just upgraded my Mac mini Server from the latest version of OS X 10.8.5 and OS X Server 2.2.1 to OS X 10.9.3 and OS X Server 3.1.2 by turning off all server services (except Open Directory), upgrade to OS X 10.9.3 and touching up System Preferences, reboot, upgrade OS X Server 3.1.2 and run the Server app to upgrade the server's directories, files and services, and now proceeding carefully by comparing notes from my previous configuration and turning on required server services one by one.
Now the Adaptive Firewall (af) and Packet Filter (pf) perplexes me since OS X 10.8...
I have configured how to enable af on system boot-up based on information from Apple support documents. I understand that Event Monitor (emon) monitors the incoming IP connections (among its other functions) and if it detects abnormal behaviour from a particular IP connection, emon uses af to add the offending IP address to af's blacklist file.
My first question is: does af itself blocks the IP connection, or does it use pf instead to do the job?
If af uses the latter, my second question is: does af uses some internal socket/pipes to communicate with pf, or does pf uses some file from af?
Now if pf uses some file from af, it can't be the blacklist file as the pf.anchor uses the table from /var/db/af/blockedHosts file, and it seems that the blockedHosts file is perpetually an empty file and no app or process seems to touch the file since it was created.
The gist of my question is that the af and/or pf on my system seem not to be doing their job even though emon is detecting abnormal IP connections based on the log messages its been producing after following Apple support documents to enable Adaptive Firewall on my system."The gist of my question is that the af and/or pf on my system seem not to be doing their job even though emon is detecting abnormal IP connections based on the log messages its been producing after following Apple support documents to enable Adaptive Firewall on my system."
And when and which service use the /var/db/af/blockedHosts file? -
Failed to enable Virtual Adapter in Windows 8
Hello
I got a problem when using Cisco VPN client 5.0.04.0300 in Windows 8...today
Error as following:
Reason 442: Failed to enable Virtual Adapter.
Logs here:
1 20:48:21.787 03/01/12 Sev=Warning/3 CVPND/0xE340000C
The Client was unable to enable the Virtual Adapter because it could not open the device.
2 20:48:21.807 03/01/12 Sev=Warning/3 CVPND/0xE340000C
The Client was unable to enable the Virtual Adapter because it could not open the device.
3 20:48:21.807 03/01/12 Sev=Warning/2 IKE/0xE300009B
Failed to active IPSec SA: Unable to enable Virtual Adapter (NavigatorQM:936)
4 20:48:21.807 03/01/12 Sev=Warning/2 IKE/0xE30000A7
Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)
I'm using a laptop which belongs to the company...this is really urgent.
Can anybody help me!!?
Really appreciate any feedback!!!
Snailthank you so much for your reply.
I'm considering to restore to Windows 7 cuz I use those apps very offen..
thanks again... -
64bit vpn client issue /error :reason -442:failed to enable virtual adapter.
Hi All of you ,
I m using vpn client for windows64bit - file name - vpnclient-winx64-msi-5.0.07.0290-k9.exe and installing it on windows 2003 server .
But while connecting via vpn client to f/w , Virtual Adapter is taking the ip address but not connecting .getting error message on screen -
reason -442:failed to enable virtual adapter.
Is it possible some configuration or image issue from ASA as its first time we are trying to use 64bit OS , vpn client for 32bit OS working fine .
Below are the logs from vpn clinet when i tried to connect to ASA5520 . Version 7.0(8) -
Cisco Systems VPN Client Version 5.0.07.0290
Copyright (C) 1998-2010 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.2.3790 Service Pack 2
Config file directory: C:\Program Files (x86)\Cisco Systems\VPN Client\
1 15:38:03.921 01/27/11 Sev=Info/4 CM/0x63100002
Begin connection process
2 15:38:03.937 01/27/11 Sev=Info/4 CM/0x63100004
Establish secure connection
3 15:38:03.937 01/27/11 Sev=Info/4 CM/0x63100024
Attempt connection with server "203.199.30.190"
4 15:38:04.125 01/27/11 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
5 15:38:04.140 01/27/11 Sev=Info/4 CM/0x63100015
Launch xAuth application
6 15:38:09.515 01/27/11 Sev=Info/4 CM/0x63100017
xAuth application returned
7 15:38:09.515 01/27/11 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system
8 15:38:10.562 01/27/11 Sev=Info/4 CM/0x63100019
Mode Config data received
9 15:38:10.781 01/27/11 Sev=Warning/2 CVPND/0xE340002C
Unable to enable the 64-bit VA after timeout
10 15:38:10.781 01/27/11 Sev=Warning/3 CVPND/0xE3400029
The Client failed to enable the Virtual Adapter on 64-bit Windows
11 15:38:10.781 01/27/11 Sev=Warning/2 CM/0xE310000A
The virtual adapter failed to enable
12 15:38:10.781 01/27/11 Sev=Info/6 CM/0x6310003A
Unable to restore route changes from file.
13 15:38:10.781 01/27/11 Sev=Info/6 CM/0x63100037
The routing table was returned to original state prior to Virtual Adapter
14 15:38:10.859 01/27/11 Sev=Info/4 CM/0x63100035
The Virtual Adapter was disabled
15 15:38:10.859 01/27/11 Sev=Warning/2 IKE/0xE300009B
Failed to active IPSec SA: Unable to enable Virtual Adapter (NavigatorQM:936)
16 15:38:10.859 01/27/11 Sev=Warning/2 IKE/0xE30000A7
Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)
17 15:38:11.546 01/27/11 Sev=Info/4 CM/0x63100012
Phase 1 SA deleted before first Phase 2 SA is up cause by "Unknown". 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
18 15:38:11.546 01/27/11 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
19 15:38:11.578 01/27/11 Sev=Info/6 CM/0x63100046
Set tunnel established flag in registry to 0.
20 15:38:40.953 01/27/11 Sev=Info/4 CM/0x63100002
Begin connection process
21 15:38:40.953 01/27/11 Sev=Warning/2 CVPND/0xA3400019
Error binding socket: -21. (DRVIFACE:1234)
22 15:38:40.968 01/27/11 Sev=Info/4 CM/0x63100004
Establish secure connection
23 15:38:40.968 01/27/11 Sev=Info/4 CM/0x63100024
Attempt connection with server "203.199.30.190"
24 15:38:41.156 01/27/11 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
25 15:38:41.171 01/27/11 Sev=Info/4 CM/0x63100015
Launch xAuth application
26 15:39:08.031 01/27/11 Sev=Info/4 CM/0x63100017
xAuth application returned
27 15:39:08.046 01/27/11 Sev=Info/4 CM/0x6310000E
Established Phase 1 SA. 1 Crypto Active IKE SA, 1 User Authenticated IKE SA in the system
28 15:39:09.093 01/27/11 Sev=Info/4 CM/0x63100019
Mode Config data received
29 15:39:09.312 01/27/11 Sev=Warning/2 CVPND/0xE340002C
Unable to disable the 64-bit VA after timeout
30 15:39:09.312 01/27/11 Sev=Warning/3 CVPND/0xE340002A
The Client failed to disable the Virtual Adapter on 64-bit Windows
31 15:39:19.937 01/27/11 Sev=Warning/3 CVPND/0xA340000D
The virtual adapter was not recognized by the operating system.
32 15:39:19.937 01/27/11 Sev=Warning/2 CM/0xE310000A
The virtual adapter failed to enable
33 15:39:19.937 01/27/11 Sev=Info/6 CM/0x6310003A
Unable to restore route changes from file.
34 15:39:19.937 01/27/11 Sev=Info/6 CM/0x63100037
The routing table was returned to original state prior to Virtual Adapter
35 15:39:20.109 01/27/11 Sev=Warning/2 CVPND/0xE340002C
Unable to disable the 64-bit VA after timeout
36 15:39:20.109 01/27/11 Sev=Warning/3 CVPND/0xE340002A
The Client failed to disable the Virtual Adapter on 64-bit Windows
37 15:39:20.281 01/27/11 Sev=Warning/2 CVPND/0xE340002C
Unable to disable the 64-bit VA after timeout
38 15:39:20.281 01/27/11 Sev=Warning/3 CVPND/0xE340002A
The Client failed to disable the Virtual Adapter on 64-bit Windows
39 15:39:20.578 01/27/11 Sev=Warning/2 CVPND/0xE340002C
Unable to disable the 64-bit VA after timeout
40 15:39:20.578 01/27/11 Sev=Warning/3 CVPND/0xE340002A
The Client failed to disable the Virtual Adapter on 64-bit Windows
41 15:39:20.953 01/27/11 Sev=Warning/2 CVPND/0xE340002C
Unable to disable the 64-bit VA after timeout
42 15:39:20.953 01/27/11 Sev=Warning/3 CVPND/0xE340002A
The Client failed to disable the Virtual Adapter on 64-bit Windows
43 15:39:21.437 01/27/11 Sev=Info/4 CM/0x63100035
The Virtual Adapter was disabled
44 15:39:21.437 01/27/11 Sev=Warning/2 IKE/0xE300009B
Failed to active IPSec SA: Unable to enable Virtual Adapter (NavigatorQM:936)
45 15:39:21.437 01/27/11 Sev=Warning/2 IKE/0xE30000A7
Unexpected SW error occurred while processing Quick Mode negotiator:(Navigator:2263)
46 15:39:22.046 01/27/11 Sev=Info/4 CM/0x63100012
Phase 1 SA deleted before first Phase 2 SA is up cause by "Unknown". 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
47 15:39:22.046 01/27/11 Sev=Info/5 CM/0x63100025
Initializing CVPNDrv
48 15:39:22.062 01/27/11 Sev=Info/6 CM/0x63100046
Set tunnel established flag in registry to 0.
release notes for vpn client 64bit -
http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client5007/release/notes/vpnclient5007.html#wp63537Hi Anisha ,
Exact version of OS is "Microsoft Windows Server 2003 x64" .
I need supported cisco vpn client for this OS .
=========
Thanx 4 reply .
Raj
Maybe you are looking for
-
I can receive email through my local carrier but unable to send emails. This also applies when I want to send messages.. This just occurred in the last few days.
-
Imac g5 Rev A - Boots, dies after login, finder, etc.
My usual morning ritual at the computer and noticed the computer was awaiting a log-in, sign of a reboot. I rebooted and played, worked for 45 minutes or so, everything ok. Later as the wife was using the machine later in the morning, it began reboot
-
Could someone please help me . . .
Hello, Could someone please tell me how to go about writing a java program that would be able to process a statement/sentence. How can I make it is so that when someone types in a statement/sentence and presses enter, the program calculates the total
-
Recurring payments in itunes billing
How can I stop a monthly recurring charge in my itunes account? I clicked on Hulu+ on Apple TV as a trial membership. I am being charged monthly. How can I stop it? Thanks'
-
Difference in results of queries on same data
Hi all I have two tables, FURNITURE which contains transactions information of the customers who come for shoping to a store. IDNO column in the table shows ID of the customer, RECEIPTNO shows the receipt number of the customer. Each single visit wil