VPN does not work on WRT54G v6
Hi,
Just bought a new wireless router (WRT54G v6) to replace my old one who just died after 4 years of loyal services (WRT54G v1) but VPN does not go through even though all the VPN passthrough options are enabled.
I'm using a VPN connection created through the Network connection wizard of Windows XP. This same connection worked fine with my previous router (WRT54G v1) but not with the new one (WRT54G v6). What can I possibly try to check or do.
I also upgraded to the latest firmware 1.00.9 to no avail.
Also, if it can help, when I connect my cable modem directly in my computer the VPN goes through. Through the router, nothing, wired and wireless connections the same.
I changed the flash and it still doesn't work.
Similar Messages
-
VPN does not works anymore (On brand new MiniServer)
Hello,
We have just installed our brand new MacMini Server 10.7. Since then, we cannot connect from outside our LAN (at home, at others offices, ...) to our VPN (who run on the MacMini). Our clients are Apple Only (Mac, iPhone, iPad) and they use the "plain-vanila-Apple-VPN-Client".
The connection problem does not occur when the client is on the same subnet than the server.
Here is the client's settings:
Authentication: Password + Machine Auth: Shared Secret
Here is the log of the client (I have hidden the true server's IP:)
Dec 14 18:47:17 GregAir2 configd[14]: SCNC: start, triggered by SystemUIServer, type L2TP, status 0
Dec 14 18:47:17 GregAir2 pppd[41839]: pppd 2.4.2 (Apple version 560.12) started by gregoryh, uid 501
Dec 14 18:47:17 GregAir2 pppd[41839]: L2TP connecting to server 'tshipot.emerge.be' (193.4x.xxx.200)...
Dec 14 18:47:17 GregAir2 pppd[41839]: IPSec connection started
Dec 14 18:47:17 GregAir2 racoon[41805]: Connecting.
Dec 14 18:47:17 GregAir2 racoon[41805]: IPSec Phase1 started (Initiated by me).
Dec 14 18:47:17 GregAir2 racoon[41805]: IKE Packet: transmit success. (Initiator, Main-Mode message 1).
Dec 14 18:47:17 GregAir2 racoon[41805]: IKE Packet: receive success. (Initiator, Main-Mode message 2).
Dec 14 18:47:17 GregAir2 racoon[41805]: IKE Packet: transmit success. (Initiator, Main-Mode message 3).
Dec 14 18:47:17 GregAir2 racoon[41805]: IKE Packet: receive success. (Initiator, Main-Mode message 4).
Dec 14 18:47:17 GregAir2 racoon[41805]: IKE Packet: transmit success. (Initiator, Main-Mode message 5).
Dec 14 18:47:17 GregAir2 racoon[41805]: IKEv1 Phase1 AUTH: success. (Initiator, Main-Mode Message 6).
Dec 14 18:47:17 GregAir2 racoon[41805]: IKE Packet: receive success. (Initiator, Main-Mode message 6).
Dec 14 18:47:17 GregAir2 racoon[41805]: IKEv1 Phase1 Initiator: success. (Initiator, Main-Mode).
Dec 14 18:47:17 GregAir2 racoon[41805]: IPSec Phase1 established (Initiated by me).
Dec 14 18:47:17 GregAir2 racoon[41805]: IKE Packet: receive success. (Information message).
Dec 14 18:47:18 GregAir2 racoon[41805]: IPSec Phase2 started (Initiated by me).
Dec 14 18:47:18 GregAir2 racoon[41805]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1).
Dec 14 18:47:18 GregAir2 racoon[41805]: IKE Packet: receive success. (Initiator, Quick-Mode message 2).
Dec 14 18:47:18 GregAir2 racoon[41805]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3).
Dec 14 18:47:18 GregAir2 racoon[41805]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode).
Dec 14 18:47:18 GregAir2 racoon[41805]: IPSec Phase2 established (Initiated by me).
Dec 14 18:47:18 GregAir2 pppd[41839]: IPSec connection established
Dec 14 18:47:18 GregAir2 racoon[41805]: IPSec Phase2 started (Initiated by peer).
Dec 14 18:47:18 GregAir2 racoon[41805]: IKE Packet: receive success. (Responder, Quick-Mode message 1).
Dec 14 18:47:18 GregAir2 racoon[41805]: IKE Packet: transmit success. (Responder, Quick-Mode message 2).
Dec 14 18:47:18 GregAir2 racoon[41805]: IKE Packet: receive success. (Responder, Quick-Mode message 3).
Dec 14 18:47:18 GregAir2 racoon[41805]: IKEv1 Phase2 Responder: success. (Responder, Quick-Mode).
Dec 14 18:47:18 GregAir2 racoon[41805]: IPSec Phase2 established (Initiated by peer).
Dec 14 18:47:38 GregAir2 pppd[41839]: L2TP cannot connect to the server
Dec 14 18:47:38 GregAir2 racoon[41805]: IKE Packet: transmit success. (Information message).
Dec 14 18:47:38 GregAir2 racoon[41805]: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA).
Dec 14 18:47:38 GregAir2 racoon[41805]: IKE Packet: transmit success. (Information message).
Dec 14 18:47:38 GregAir2 racoon[41805]: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA).
Dec 14 18:47:38 GregAir2 racoon[41805]: IKE Packet: transmit success. (Information message).
Dec 14 18:47:38 GregAir2 racoon[41805]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA).
Here is the log of the server (the same connection, my clocks does not seems to be synchronized ;-))
I have hidden the true server's IP:
Dec 14 18:46:56 tshipot racoon[146]: Connecting.
Dec 14 18:46:56 tshipot racoon[146]: IPSec Phase1 started (Initiated by peer).
Dec 14 18:46:56 tshipot racoon[146]: IKE Packet: receive success. (Responder, Main-Mode message 1).
Dec 14 18:46:56 tshipot racoon[146]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
Dec 14 18:46:56 tshipot racoon[146]: IKE Packet: receive success. (Responder, Main-Mode message 3).
Dec 14 18:46:56 tshipot racoon[146]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
Dec 14 18:46:56 tshipot racoon[146]: IKEv1 Phase1 AUTH: success. (Responder, Main-Mode Message 5).
Dec 14 18:46:56 tshipot racoon[146]: IKE Packet: receive success. (Responder, Main-Mode message 5).
Dec 14 18:46:56 tshipot racoon[146]: IKEv1 Phase1 Responder: success. (Responder, Main-Mode).
Dec 14 18:46:56 tshipot racoon[146]: IKE Packet: transmit success. (Responder, Main-Mode message 6).
Dec 14 18:46:56 tshipot racoon[146]: IKE Packet: transmit success. (Information message).
Dec 14 18:46:56 tshipot racoon[146]: IKEv1 Information-Notice: transmit success. (ISAKMP-SA).
Dec 14 18:46:56 tshipot racoon[146]: IPSec Phase1 established (Initiated by peer).
Dec 14 18:46:57 tshipot racoon[146]: Connecting.
Dec 14 18:46:57 tshipot racoon[146]: IPSec Phase2 started (Initiated by peer).
Dec 14 18:46:57 tshipot racoon[146]: IKE Packet: receive success. (Responder, Quick-Mode message 1).
Dec 14 18:46:57 tshipot racoon[146]: IKE Packet: transmit success. (Responder, Quick-Mode message 2).
Dec 14 18:46:57 tshipot racoon[146]: IKE Packet: receive success. (Responder, Quick-Mode message 3).
Dec 14 18:46:57 tshipot racoon[146]: IKEv1 Phase2 Responder: success. (Responder, Quick-Mode).
Dec 14 18:46:57 tshipot racoon[146]: IPSec Phase2 established (Initiated by peer).
Dec 14 18:46:57 tshipot vpnd[82]: Incoming call... Address given to client = 193.4x.xxx.201
Dec 14 18:46:57 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:46:57 CET Incoming call... Address given to client = 193.4x.xxx.201
Dec 14 18:46:57 tshipot pppd[69220]: pppd 2.4.2 (Apple version 560.13) started by root, uid 0
Dec 14 18:46:57 tshipot pppd[69220]: L2TP incoming call in progress from '94.225.158.94'...
Dec 14 18:46:57 tshipot racoon[146]: IPSec Phase2 started (Initiated by me).
Dec 14 18:46:57 tshipot racoon[146]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1).
Dec 14 18:46:57 tshipot racoon[146]: IKE Packet: receive success. (Initiator, Quick-Mode message 2).
Dec 14 18:46:57 tshipot racoon[146]: IKE Packet: transmit success. (Initiator, Quick-Mode message 3).
Dec 14 18:46:57 tshipot racoon[146]: IKEv1 Phase2 Initiator: success. (Initiator, Quick-Mode).
Dec 14 18:46:57 tshipot racoon[146]: IPSec Phase2 established (Initiated by me).
Dec 14 18:46:58 tshipot vpnd[82]: Incoming call... Address given to client = 193.4x.xxx.202
Dec 14 18:46:58 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:46:58 CET Incoming call... Address given to client = 193.4x.xxx.202
Dec 14 18:46:58 tshipot pppd[69221]: pppd 2.4.2 (Apple version 560.13) started by root, uid 0
Dec 14 18:46:58 tshipot pppd[69221]: L2TP incoming call in progress from '94.225.158.94'...
Dec 14 18:47:00 tshipot vpnd[82]: Incoming call... Address given to client = 193.4x.xxx.203
Dec 14 18:47:00 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:47:00 CET Incoming call... Address given to client = 193.4x.xxx.203
Dec 14 18:47:00 tshipot pppd[69223]: pppd 2.4.2 (Apple version 560.13) started by root, uid 0
Dec 14 18:47:00 tshipot pppd[69223]: L2TP incoming call in progress from '94.225.158.94'...
Dec 14 18:47:04 tshipot vpnd[82]: Incoming call... Address given to client = 193.4x.xxx.204
Dec 14 18:47:04 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:47:04 CET Incoming call... Address given to client = 193.4x.xxx.204
Dec 14 18:47:04 tshipot pppd[69224]: pppd 2.4.2 (Apple version 560.13) started by root, uid 0
Dec 14 18:47:04 tshipot pppd[69224]: L2TP incoming call in progress from '94.225.158.94'...
Dec 14 18:47:08 tshipot vpnd[82]: Incoming call... Address given to client = 193.4x.xxx.205
Dec 14 18:47:08 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:47:08 CET Incoming call... Address given to client = 193.4x.xxx.205
Dec 14 18:47:08 tshipot pppd[69225]: pppd 2.4.2 (Apple version 560.13) started by root, uid 0
Dec 14 18:47:08 tshipot pppd[69225]: L2TP incoming call in progress from '94.225.158.94'...
Dec 14 18:47:17 tshipot vpnd[82]: --> Client with address = 193.4x.xxx.201 has hungup
Dec 14 18:47:17 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:47:17 CET --> Client with address = 193.4x.xxx.201 has hungup
Dec 14 18:47:17 tshipot racoon[146]: IKE Packet: receive success. (Information message).
Dec 14 18:47:18: --- last message repeated 2 times ---
Dec 14 18:47:18 tshipot vpnd[82]: --> Client with address = 193.4x.xxx.202 has hungup
Dec 14 18:47:18 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:47:18 CET --> Client with address = 193.4x.xxx.202 has hungup
Dec 14 18:47:19 tshipot racoon[146]: Connecting.
Dec 14 18:47:19 tshipot racoon[146]: IPSec Phase1 started (Initiated by me).
Dec 14 18:47:19 tshipot racoon[146]: IKE Packet: transmit success. (Initiator, Main-Mode message 1).
Dec 14 18:47:20 tshipot vpnd[82]: --> Client with address = 193.4x.xxx.203 has hungup
Dec 14 18:47:20 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:47:20 CET --> Client with address = 193.4x.xxx.203 has hungup
Dec 14 18:47:22 tshipot racoon[146]: IKE Packet: transmit success. (Phase1 Retransmit).
Dec 14 18:47:24 tshipot vpnd[82]: --> Client with address = 193.4x.xxx.204 has hungup
Dec 14 18:47:24 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:47:24 CET --> Client with address = 193.4x.xxx.204 has hungup
Dec 14 18:47:25 tshipot racoon[146]: IKE Packet: transmit success. (Phase1 Retransmit).
Dec 14 18:47:28 tshipot vpnd[82]: --> Client with address = 193.4x.xxx.205 has hungup
Dec 14 18:47:28 tshipot com.apple.ppp.l2tp[82]: 2011-12-14 18:47:28 CET --> Client with address = 193.4x.xxx.205 has hungup
Dec 14 18:47:28 tshipot racoon[146]: IKE Packet: transmit success. (Phase1 Retransmit).
Dec 14 18:48:13: --- last message repeated 2 times ---
Dec 14 18:48:13 tshipot racoon[146]: IKE Packet: transmit success. (Phase1 Retransmit).
Dec 14 18:48:58: --- last message repeated 1 time ---
Dec 14 18:48:58 tshipot racoon[146]: IKE Packet: transmit success. (Phase1 Retransmit).
Dec 14 18:49:55: --- last message repeated 1 time ---
Dec 14 18:49:55 tshipot racoon[146]: IKEv1 Phase1: maximum retransmits. (Phase1 Maximum Retransmits).
If you need more info, doens not hesitate to ask, because I am desperate ...
Thanks you !
GregoryThere is no router between the server and the Internet : just an ADSL modem, no PPPoE or whatever, the WAN IP is set on the server directly. The firewall is activated (GRE, ESP, L2TP... ports are all open. Allowing all the traffic doesn't help. The client can connect to the server and the IPSec connection seem to be established, so I don't think the problem is here), and the Lion Server acts as a NAT (which by the way doesn't work as it was in SLS: it won't work for any local subnet different from 192.168.2.x??) for my local network. I tried to reinstall the system completely twice, with the same results.
euroskunk, how do you connect your server to the WAN ? -
Ugraded to 6.1 now VPN does not work
I upgraded to IOS 6.1 on IPAD 3, Iphone 5 and iphone 3gs. Before upgrade IOS was at level 6.0.2, VPN using IPSEC worked on all 3 devices. Now with upgrade to IOS 6.1 all 3 devices will not work. Have setup right for VPN config. Turn on VPN, I get username(filled in) and asks for password. Once password is entered in, VPN quickly turns off. No errors or messages, same on all 3 devices.
Me too same problem. Dont work.
My VPN server its a Mikrotik Router ( update to last versión of RouterOS )
Any alternative.? -
I have just upgraded to Lion and now my VPN connection does not work properly. It was working fine when I was using Leopard. The VPN is My Private Network and we use it to link to BBC iPlayer when abroad. It will actually connect to the VPN site and shows a UK IP address, but then when we try to load an iPlayer programme we get the message from the BBC that we are not in the country and, therefore, cannot access the site. Any suggestions?
Have a look at System Preferences, Accessibility, VoiceOver.
(Command - F5).
charlie -
I have a WRT54G v8.1. I upgraded the firmware, and now it DOES NOT WORK.
I have a WRT54G v8.1. I upgraded the firmware, and now it DOES NOT WORK. It keeps telling me that this router is not supported. There is no firmware to roll back to. It worked fine until a power outage. HELP!
If your Internet Service Provider is Cable follow this link to configure the router.
If your Internet Service Provider is DSL follow this link to configure the router. -
L2TP Passthrough not working on WRT54GS
I have a VPN server behind my WRT54GS (firmware v7.2.06) which I have no problems connecting to via PPTP. I cannot however connect with L2TP. I am certain that an L2TP request is not getting past the router because the connection attempt doesn't even show up in the VPN logs on the server.
IPSec, PPTP ad L2TP Passthoughs are all enabled. I even setup port forwarding on 1701 UDP and 1723 TCP. Also have ISAKMP/IKE at port 500, IKE NAT on port 4500 (both UDP) setup to forward.
I would rather be using L2TP for higher security.
I do not see what I am doing wrong here. Any ideas?If you are sure that port forwarding rules are properly applied, change the MTU to 1300 and see if it works, if it does not work change the MTU to 1200 and cross check...
-
WRT610N disconnects and does not work with Vista or media center extenders like the DMA2200
Linksys and all other router manufacturers advertise the greatness of the wireless 5ghz band (especially with 802.11n), but I’m beginning to have my doubts. It is true that the 5Ghz band is hardly being used so you'll have virtually no one to compete with. However, the 5Ghz distance in no way compares to 2.4Ghz, and as a matter of fact, I find it to be quite terrible. At approximately 20 feet away, both my Linksys DMA2200 and HP notebook barely get 1 bar using the 5Ghz N band with my WRT610N router. In comparison, while using my 2.4Ghz WRT54g router, I get 5 full bars at that range, and at least 2 bars from anywhere else in my house.
I have all Linksys equipment in my house as I have been impressed with all of their 2.4Ghz in the past. However, I’ve recently upgraded everything to dual-band N equipment and found numerous flaws in each of the new devices, plus none of them really even play well together. My setup is: Linksys 610n router, DMA2200 media center extender, and a WUSB600N Dual-Band Wireless-N USB Network Adapter for my laptop – all of which are currently using the most up-to-date firmware. Other devices include a WRE54G extender and Nintendo Wii.
Problem #1) The LELA software with the new N devices doesn't even recognize that my DMA2200 is a media center extender. Using LELA, I should be able to select my media extender and allocate more bandwidth for streaming media. However, since my extender only shows up as an “unknown network device” those options are greyed out. I tried to manually change the device to a media center, but still no go. I suppose you can manually allocate bandwidth in the router setup somewhere, but considering these are all Linksys products, it’s absolutely ridiculous that an option specifically incorporated in the LELA software for a Linksys Media Extender does not work!!!
Problem #2) If you are only using one system with the router, the router might actually work as intended. For most of us though there are going to be at least 2 or more systems connected to the router (wired, wireless, or a combination of the two) such as a PS3, Wii, laptop, PC, media extender, Xbox, etc. If that’s the case, you’re probably screwed because you WILL experience frequent dropouts… ESPECIALLY if just one those clients is a VISTA machine. Check the Linksys forums and you will find that this seems to be a problem with all of the new Linksys routers (610N, 310N, and 110).
Here is a Microsoft article that explains the issue
http://support.microsoft.com/kb/928233/en-us
Problem #3) Because of problem #2 I will never be able to get rid of the dropouts since my network is using one of Linksys’s media center extenders. The DMA2200 is essentially a VISTA PC to some extent and accepts DHCP requests the same as a VISTA PC. Since it is not really a PC though, there is no registry modification that can be done to alleviate the VISTA problem (not that the registry mod really works anyways). So as long as I try to use my DMA2200 wirelessly with my WRT610N router, the frequent dropouts will occur and there’s nothing I can do about it. This is REALLY TERRIBLE since the DMA2200 is specifically designed to be used with the WRT610N router in order to take advantage of the 5Ghz band and wireless N transfer rates. You absolutely need 5Ghz wireless N to efficiently stream HDTV WIRELESSLY, but if you lose your connection every 10 minutes, it is impossible to watch any type of streaming media.
Problem #4) As mentioned already, when the “N” 5Ghz range is working on the WRT510N router, the distance sucks compared to standard 2.4Ghz G, N or mixed mode networks. You can try to make it better by strictly using N products, disabling the 2.4ghz band all-to-gether, and using the wider 40mhz frequency, but it doesn’t really help. The higher 5Ghz band is a more concentrated signal and therefore simply does not reach as far as the lower 2.4ghz band. I wonder why all of these new products state that the 5Ghz range will increase your distance, when in fact it actually makes it worse?
So… basically, this router does nothing that it claims too and is basically rendered useless on any network with a VISTA machine. This has not been addressed by any Linksys firmware updates or VISTA software updates so there is no reason to even consider using this router if you you’re using VISTA or some type of VISTA Media Center Extender such as the Linksys DMA2200.
Although, I’ve always sworn by Linksys in the past, the amount of wasted time, frustration, and horrible support has really changed my view about them. I’ve reverted back to my old trustworthy WRT54g router and had to run cable through my house so that I wouldn’t have to box my DMA2200 extender up and let it collect dust in the attic. It’s really disappointing that I spent all this money to buy this equipment specifically because they’re supposed to work together, but in fact they don’t. Plus what’s the point of having top notch wireless equipment if you have to run cables in order for them to work?
Message Edited by bobbodavis on 11-15-2008 07:37 PMI have fixed all the IP adresses to avoid the DHCP problem but I still have problems.
I have sereval scenarioes:
1. MC < 1Gb wire > WRT610N < 5.0n WIFI > MX
I can see HDTV on this one but it disconnects
2. MC < 1Gb wire > WRT610N < 2.4b/g WIFI > MX
No HDTV and disconnections
3. MC < 2.4b/g WIFI > WRT610N < 2.4b/g WIFI > MX
No HDTV but no disconnections - but very slow and streaming like youtube
4. MC < 100Mb wire > WRT610N < 2.4b/g WIFI > MX
No HDTV but nice picture - testing for disconnections right now - 30+ min.
Result:
This test was very good. Stabil streaming, no disconnects for an hour. Won't support HDTV but the rest seem to work fine.
5. MC < 100Mb wire > WRT610N < 5.0n WIFI > MX
Not tested yet - looking forward to this - might bring me HDTV.
Result:
This gives HDTV but there is a problem with stability on the streaming but very difficult to see on the picture. Testing for disconnects - now tested for 30 min. - no disconnects.
This looks really promissing.
I am pretty sure that the WRT610N have a problem in the switching part of the router specially when it has to switch from 1G to WIFI. I bought the WRT610N to get HDTV on WIFI and Cisco markets the DMA and WRT610N as a perfect match. But it definately have problems - i still do not understand their silence about this.
I will come back with the last results when I have them
/John
Message Edited by Infraxpert on 01-05-2009 04:38 PM
Message Edited by Infraxpert on 01-05-2009 05:35 PM -
L2TP VPN connection not working under 10.6.3
Hi everyone.
I need to connect to a VPN with L2TP/IPSec.
The connection works fine if I boot into Bootcamp (win7).
But if I boot into 10.6.3, it does not work.
any idea what the problem could be.
Settings are triple checked and copy pasted into their proper fields (like in win7). router settings are correct, otherwise it would not work in win7.
So it is a problem with osx.
The following is out of the ppp.log:
Thu Apr 22 19:14:03 2010 : L2TP connecting to server 'vpn.xxx.com' (x.x.x.x)...
Thu Apr 22 19:14:03 2010 : IPSec connection started
Thu Apr 22 19:14:03 2010 : IPSec phase 1 client started
Thu Apr 22 19:14:03 2010 : IPSec phase 1 server replied
Thu Apr 22 19:14:04 2010 : IPSec phase 2 started
Thu Apr 22 19:14:34 2010 : IPSec connection failed
the server is reachable, but something fails in phase 2.
in the system log, the entry is:
Apr 22 19:14:03 noname pppd[517]: pppd 2.4.2 (Apple version 412.0.10) started by x, uid x
Apr 22 19:14:03 noname pppd[517]: L2TP connecting to server 'vpn.xxx.com' (x.x.x.x)…
Apr 22 19:14:03 noname pppd[517]: IPSec connection started
Apr 22 19:14:03 noname racoon[518]: Connecting.
Apr 22 19:14:03 noname racoon[518]: IKE Packet: transmit success. (Initiator, Main-Mode message 1).
Apr 22 19:14:03 noname racoon[518]: IKE Packet: receive success. (Initiator, Main-Mode message 2).
Apr 22 19:14:03 noname racoon[518]: IKE Packet: transmit success. (Initiator, Main-Mode message 3).
Apr 22 19:14:03 noname racoon[518]: IKE Packet: receive success. (Initiator, Main-Mode message 4).
Apr 22 19:14:03 noname racoon[518]: IKE Packet: transmit success. (Initiator, Main-Mode message 5).
Apr 22 19:14:03 noname racoon[518]: IKEv1 Phase1 AUTH: success. (Initiator, Main-Mode Message 6).
Apr 22 19:14:03 noname racoon[518]: IKE Packet: receive success. (Initiator, Main-Mode message 6).
Apr 22 19:14:03 noname racoon[518]: IKEv1 Phase1 Initiator: success. (Initiator, Main-Mode).
Apr 22 19:14:03 noname racoon[518]: IKE Packet: transmit success. (Information message).
Apr 22 19:14:03 noname racoon[518]: IKEv1 Information-Notice: transmit success. (ISAKMP-SA).
Apr 22 19:14:04 noname racoon[518]: IKE Packet: transmit success. (Initiator, Quick-Mode message 1).
Apr 22 19:14:04 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:07 noname racoon[518]: IKE Packet: transmit success. (Phase2 Retransmit).
Apr 22 19:14:08 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:10 noname racoon[518]: IKE Packet: transmit success. (Phase2 Retransmit).
Apr 22 19:14:10 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:13 noname racoon[518]: IKE Packet: transmit success. (Phase2 Retransmit).
Apr 22 19:14:13 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:16 noname racoon[518]: IKE Packet: transmit success. (Phase2 Retransmit).
Apr 22 19:14:16 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:19 noname racoon[518]: IKE Packet: transmit success. (Phase2 Retransmit).
Apr 22 19:14:19 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:22 noname racoon[518]: IKE Packet: transmit success. (Phase2 Retransmit).
Apr 22 19:14:22 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:25 noname racoon[518]: IKE Packet: transmit success. (Phase2 Retransmit).
Apr 22 19:14:26 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:28 noname racoon[518]: IKE Packet: transmit success. (Phase2 Retransmit).
Apr 22 19:14:28 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:31 noname racoon[518]: IKE Packet: transmit success. (Phase2 Retransmit).
Apr 22 19:14:31 noname racoon[518]: IKE Packet: receive success. (Information message).
Apr 22 19:14:34 noname pppd[517]: IPSec connection failed
Apr 22 19:14:34 noname racoon[518]: IKE Packet: transmit failed. (Information message).
Apr 22 19:14:34 noname racoon[518]: IKEv1 Information-Notice: transmit failed. (Delete ISAKMP-SA).
Apr 22 19:14:34 noname racoon[518]: Disconnecting. (Connection tried to negotiate for, 31.609591 seconds).
Apr 22 19:14:34 noname racoon[518]: IKE Packets Transmit Failure-Rate Statistic. (Failure-Rate = 7.143).
Apr 22 19:14:34 noname racoon[518]: IKE Information-Notice Transmit Failure-Rate Statistic. (Failure-Rate = 100.000).Hi
i have the same messages on 10.6.4 and with the sonic xx170:
28.06.10 11:39:04 racoon[489] IKE Packet: transmit success. (Phase2 Retransmit).
28.06.10 11:39:07 racoon[489] IKE Packet: transmit success. (Phase2 Retransmit).
28.06.10 11:39:08 racoon[489] IKE Packet: receive success. (Information message).
28.06.10 11:39:10 pppd[488] IPSec connection failed
28.06.10 11:39:10 racoon[489] IKE Packet: transmit success. (Information message).
28.06.10 11:39:10 racoon[489] IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA).
any ideas?
waiting on 10.6.5, 10.6.6 ....?
regards, Arthur -
WRT54G2 connects IM clients but browser does not work.
Hi,
I purchased this router last week and it had been working perfectly. All of a sudden today y lost my VPN connection and all that was connected was the msn and skype, nothing else works. None of the computers work either wired or wireless.
When i connect the PC directly to the cable modem works perfectly. When i connect the router back, does not work.... Any ideas??Does the connection from router work without VPN...?
Does Modem work with VPN or without VPN...?
Make the connection (M-R-Comp) again and power cycle the complete network and check. -
Excel File read using WebUtil does not work. Gives java.lang.NoSuchMethodEr
We have a form which reads from an Excel File. The form works in development env., but in the live env when we deployed the form it does not work. Form fails @ the 1st call to Client_OLE2 where we set the Excel file to read.
For both the envs. the values are given here:
(1.) Client Forms Version : Forms [32 Bit] Version 10.1.2.0.2 (Production)
(2.) Application Server Version : 10.1.2.0.2
(3.) AS Linux Version : (Live) RHEL 5.7 Tikanga / (Dev) Red Hat Enterprise Linux AS release 4 (Nahant Update 4)
(4.) Client Sun JRE Version :Version 1.5.0 (build 1.5.0_10)
(5.) Client Web Browser & Version: I.E 8.0.6001 or Mozilla 3.0.15
(6.) WebUtil Version: 1.0.6Both envs. are the same except the Linux version.
Works fine in Dev but does not work in Live. Other Webutil functions like file open dialog box works fine in live, only this Excel read is not working.
Full Error message
Java Plug-in 1.5.0_10
Using JRE version 1.5.0_10 Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\dinesha.IIL
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
p: reload proxy configuration
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
RegisterWebUtil - Loading WebUtil Version 1.0.6
proxyHost=null
proxyPort=0
connectMode=HTTP, native.
Forms Applet version is : 10.1.2.0
Exception in thread "AWT-EventQueue-3" java.lang.NoSuchMethodError:
com.jacob.com.Dispatch.put(Ljava/lang/Object;Ljava/lang/String;Ljava/lang/Object;)V
at
oracle.forms.webutil.ole.OleFunctions.set_obj_property(OleFunctions.java:1216)
at
oracle.forms.webutil.ole.OleFunctions.setProperty(OleFunctions.java:333)
at oracle.forms.handler.ComponentItem.setCustomProperty(Unknown Source)
at oracle.forms.handler.ComponentItem.onUpdate(Unknown Source)
at oracle.forms.handler.JavaContainer.onUpdate(Unknown Source)
at oracle.forms.handler.UICommon.onUpdate(Unknown Source)
at oracle.forms.engine.Runform.onUpdateHandler(Unknown Source)
at oracle.forms.engine.Runform.processMessage(Unknown Source)
at oracle.forms.engine.Runform.processSet(Unknown Source)
at oracle.forms.engine.Runform.onMessageReal(Unknown Source)
at oracle.forms.engine.Runform.onMessage(Unknown Source)
at oracle.forms.engine.Runform.processEventEnd(Unknown Source)
at oracle.ewt.lwAWT.LWComponent.redispatchEvent(Unknown Source)
at oracle.ewt.lwAWT.LWComponent.processEvent(Unknown Source)
at java.awt.Component.dispatchEventImpl(Unknown Source)
at java.awt.Container.dispatchEventImpl(Unknown Source)
at java.awt.Component.dispatchEvent(Unknown Source)
at java.awt.EventQueue.dispatchEvent(Unknown Source)
at java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown
Source)
at java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
at java.awt.EventDispatchThread.run(Unknown Source)We connected to Live AS server via VPN and ran the Form in a client machine (where the Dev. is working) but same problem.
Any help would be greatly appreciated.Channa,
I sounds like you might have missed a configuration step on your Linux application server (AS). I recommend you go back through the configuration of your AS and verify each step of the WebUtil Runtime Setup Checklist was completed correctly. Seach the Forms Help system on "Runtime Setup Checklist" for a copy of the checklist.
Hope this helps,
Craig B-)
If someone's response is helpful or correct, please mark it accordingly. -
Window 10 build 10041 does not work with Intel 82579V Gigabit Ethernet on ASUS motherboard
I originally posted this question here:
answers.microsoft.com/en-us/insider/forum/insider_wintp-insider_update/window-10-build-10041-does-not-work-with-intel/6729892f-83aa-4822-b20a-ea84f4fd06c7
and was asked to post it on this forum...
I updated a computer I have which is a quad core i7 that I built and includes an ASUS motherboard with Intel 82579V Gigabit Ethernet built in. Windows 10 preview 9926 worked fine with this network adapter. Window 10 build 10041 does not, and I have tried
it twice so far. I even went as far as buying a Thunderbolt-Gigabit Ethernet Adapter (Broadcom, sold by Apple)... and while it installed the driver automatically, it did not work either. Each time you try to view the properties of either of them, it locks
up or give an error. In fact, doing much of anything with the Intel adapter icon assures you of not being able to do a clean reboot... have to kill power. I have finally gone back the previous version 9926, which has its issues but no where near as bad
as not having any network connectivity! Does anyone have this issue and a workaround?
Note, there are two images on the windows 10 preview forum that I posted this question on. I could not post the full link as I was getting a message here that links and graphics are not allowed.Thanks Roger, I posted the following yesterday in the other thread (thinking it was this thread - confusing after they moved it here)... It may be that the new driver fixes the issue that 10041 has with it, but I have not tried that yet. If I do I will update
this... Thanks!
I have more information about this, which basically exonerates any issue with the Intel 82579V Gigabit Ethernet hardware or software. I have 3 computers with Windows 10 preview so I have multiple angles to see issues from. With this I have found a culprit
(but I suspect not just the only culprit) in this above mentioned problem...
10041 build combined with installing (or attempting to install) CISCO VPN Windows 7 64bit 5.0.07.0440-k9 client causes the issue mentioned above. I confirmed this on a completely different machine with a totally different Ethernet adapter. First machine
is an ASUS motherboard in a tower system I built, with the Intel 82579V Gigabit Ethernet hardware built in. Second machine is a Gateway Laptop from 2008 which has a Marvell Yukon 88E8057 PCI-E Gigabit adapter built in. Build 10041 will work fine with my 2008
laptop, including the MS VPN client (which I have tested). However, if you attempt to install or even uninstall the Cisco client you will have to do a recovery to a restore point (as I have done twice) in order to get your network working again. Installing
or attempting to install (because it never even does install properly and times out), CISCO VPN client will render your entire network unusable. Going back to a restore point saved me and I am still running 10041 but I can't use CISCO VPN client any longer.
I could with build 9926, including on all 3 machines. I now have 9926 on two machines and 10041 on only the 2008 laptop.
Hopefully this above information helps someone resolve the issue. I will also mention, even though my network is working on the 2008 laptop, I still can't go into the Control Panel\Network and Internet\Network Connections and right mouse click on the Marvell
Yukon 88E8057 PCI-E Gigabit adapter icon. I get an error when clicking on Properties menu popup : "An unexpected error has occurred". So something is still up with my network adapter driver or windows software, but it could be a side effect of all
that has happened with the Cisco software install attempts under 10041.
Another note: CISCO Anyconnect also has the issue. -
I want to mirror an iOS device to my computer for demonstration and training purposes. I cannot use Airserver as my company VPN does not allow the connection. Is there a hardware solution instead?
Shoeb, hi.
Thanks for replying and apologies for my tardiness in responding. I have just completed a re-creation of my web page using CSS/HTML rather than XML/XSLT and now I find that when saving in MHT format the watermark/background image is saved, which is nice, but trying to save it as 'webpage complete' under 'save as' in the browser still does not work. (For those who are new to Firefox, MHT files are not supported by the browser, but using the FF extention UnMHT one can open such files and save web documents as MHT files, meaning no accompanying folder is required to properly view the file.) -
Cisco 1841 as PPTP client Does not work
Dear All,
I have Cisco 1841 router running the below roles
1) SSL VPN Server
2) PPTP Server
3) Site to Site Connection with Sonicwall router
I want the router to be configured a pptp client to internet vpn server (so that i will get a fixed public ip )
Once i get this ip address i want to use this connection to accept in coming connection and forward ports to internal host,
I went through below
http://www.mreji.eu/content/cisco-router-pptp-client
https://supportforums.cisco.com/thread/2167562
But it does not work as i do not have the option for the below 2 commands in vpdn-group 2 section.(Please see section in blue)
protocol pptp
rotary-group 4
Please Advise and Help
Regards
Hasan Reza
My Current Config is as below
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.06.09 17:55:23 =~=~=~=~=~=~=~=~=~=~=~=
exit
Gateway#show run |
Building configuration...
Current configuration : 25109 bytes
! Last configuration change at 13:33:57 UTC Sun Jun 9 2013 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname Gateway
boot-start-marker
boot system flash c1841-advsecurityk9-mz.151-2.T1.bin
boot-end-marker
logging buffered 4096
no logging console
enable secret 5 $1$SciF$TlX1tR5qaG9ZE7pdZHcRJ/
no aaa new-model
dot11 syslog
ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 10.236.5.1 10.236.5.20
ip dhcp excluded-address 10.236.5.21 10.236.5.50
ip dhcp excluded-address 172.21.51.2 172.21.51.50
ip dhcp pool ContosoPool
network 10.236.5.0 255.255.255.0
default-router 10.236.5.254
dns-server 213.42.20.20 195.229.241.222
ip dhcp pool DMZ
network 172.21.51.0 255.255.255.0
dns-server 172.21.51.10
default-router 172.21.51.1
domain-name contoso.local
ip cef
ip domain name contoso.local
ip name-server 213.42.20.20
ip name-server 195.229.241.22
ip name-server 195.229.241.222
ip ddns update method dyndns
HTTP
add http://xxxxxx:[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove http://xxxxxx:yyyyy@@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
interval maximum 0 1 0 0
multilink bundle-name authenticated
vpdn enable
vpdn-group 2
request-dialin
protocol l2tp
initiate-to ip 173.195.0.42
vpdn-group RAS-VPN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
l2tp tunnel timeout no-session 15
crypto pki token default removal timeout 0
crypto pki trustpoint TP.StartSSL.CA
enrollment terminal pem
revocation-check none
crypto pki trustpoint TP.StartSSL-vpn
enrollment terminal pem
usage ssl-server
serial-number none
fqdn ssl.spktelecom.com
ip-address none
revocation-check crl
rsakeypair RSA.StartSSL-vpn
crypto pki trustpoint TP-self-signed-1981248591
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1981248591
revocation-check none
rsakeypair TP-self-signed-1981248591
crypto pki trustpoint VMWare
enrollment terminal
revocation-check crl
crypto pki trustpoint OWA
enrollment terminal pem
revocation-check crl
crypto pki certificate chain TP.StartSSL.CA
certificate ca 01
(removed the certificate info for clarity)
quit
crypto pki certificate chain TP.StartSSL-vpn
certificate 0936E1
(removed the certificate info for clarity)9
quit
certificate ca 18
(removed the certificate info for clarity)
quit
crypto pki certificate chain TP-self-signed-1981248591
certificate self-signed 01
(removed the certificate info for clarity)
quit
crypto pki certificate chain VMWare
certificate ca 008EDCE6DBCE6B
(removed the certificate info for clarity)
quit
crypto pki certificate chain OWA
(removed the certificate info for clarity)
license udi pid CISCO1841 sn FCZ122191TW
archive
log config
hidekeys
username admin privilege 15 password 7 1304131F02023B7B7977
username ali password 7 06070328
redundancy
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
lifetime 84000
crypto isakmp key admin_123 address 0.0.0.0 0.0.0.0
crypto isakmp keepalive 10
crypto ipsec security-association lifetime seconds 28800
crypto ipsec transform-set vpnset esp-3des esp-sha-hmac
crypto ipsec transform-set strongsha esp-3des esp-sha-hmac
crypto dynamic-map mydyn 10
set transform-set strongsha
crypto map Dxb-Auh 1000 ipsec-isakmp dynamic XXXXXXXXXX
interface FastEthernet0/0
description Internal Network (Protected Interface)
ip address 10.236.5.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface FastEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface ATM0/0/0
no ip address
shutdown
no atm ilmi-keepalive
interface BRI0/1/0
no ip address
encapsulation hdlc
shutdown
interface Virtual-Template1
ip unnumbered Dialer1
peer default ip address dhcp-pool ContosoPool
ppp encrypt mppe auto required
ppp authentication ms-chap ms-chap-v2 eap
interface Dialer1
ip ddns update hostname XXXXXXX.dyndns.org
ip ddns update dyndns
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1450
dialer pool 1
ppp pap sent-username vermam password 7 13044E155E0913323B
crypto map Dxb-Auh
interface Dialer2
mtu 1460
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 2
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp authentication ms-chap ms-chap-v2 callin
ppp eap refuse
ppp chap hostname hasanreza
ppp chap password 7 070E2541470726544541
interface Dialer995
no ip address
ip local pool webssl 10.236.6.10 10.236.6.30
ip forward-protocol nd
ip http server
ip http secure-server
ip nat inside source list nat interface Dialer1 overload
ip nat inside source static tcp 10.236.5.12 25 interface Dialer1 25
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 172.21.51.0 255.255.255.0 10.236.5.253
ip access-list extended internal
permit ip any 10.236.5.0 0.0.0.255
ip access-list extended nat
deny ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
deny ip 10.236.5.0 0.0.0.255 172.19.19.0 0.0.0.255
permit ip 10.236.5.0 0.0.0.255 any
ip access-list extended nonat
permit ip 10.236.5.0 0.0.0.255 172.19.19.0 0.0.0.255
permit ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
ip access-list extended sslacl
ip access-list extended webvpn
permit tcp any any eq 443
logging esm config
access-list 101 permit ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
control-plane
line con 0
line aux 0
line vty 0 4
exec-timeout 0 0
login local
transport preferred ssh
transport input telnet ssh
line vty 5 15
exec-timeout 0 0
login local
transport preferred ssh
transport input telnet ssh
scheduler allocate 20000 1000
webvpn gateway gateway1
ip interface Dialer1 port 443
ssl encryption rc4-md5
ssl trustpoint TP.StartSSL-vpn
inservice
webvpn install svc flash:/webvpn/anyconnect-win-3.1.00495-k9.pkg sequence 1
webvpn install csd flash:/webvpn/sdesktop.pkg
webvpn context webvpn
ssl authenticate verify all
url-list "Webservers"
heading "SimpleIT Technologies NBNS Servers"
url-text "Google" url-value "www.google.com"
url-text "Mainframe" url-value "10.236.5.2"
url-text "Mainframe2" url-value "https://10.236.5.2"
nbns-list "ContosoServer"
nbns-server 10.236.5.10
nbns-server 10.236.5.11
nbns-server 10.236.5.12
port-forward "PortForwarding"
local-port 3389 remote-server "10.236.5.10" remote-port 3389 description "Server-DC01"
policy group policy1
url-list "Webservers"
port-forward "PortForwarding"
nbns-list "ContosoServer"
functions file-access
functions file-browse
functions file-entry
functions svc-enabled
svc address-pool "webssl"
svc default-domain "Contoso.Local"
svc keep-client-installed
svc split include 10.236.5.0 255.255.255.0
svc split include 10.236.6.0 255.255.255.0
svc split include 172.31.1.0 255.255.255.0
svc split include 172.21.51.0 255.255.255.0
svc dns-server primary 172.21.51.10
default-group-policy policy1
gateway gateway1
inservice
end
Gateway#Dear All,
I have Cisco 1841 router running the below roles
1) SSL VPN Server
2) PPTP Server
3) Site to Site Connection with Sonicwall router
I want the router to be configured a pptp client to internet vpn server (so that i will get a fixed public ip )
Once i get this ip address i want to use this connection to accept in coming connection and forward ports to internal host,
I went through below
http://www.mreji.eu/content/cisco-router-pptp-client
https://supportforums.cisco.com/thread/2167562
But it does not work as i do not have the option for the below 2 commands in vpdn-group 2 section.(Please see section in blue)
protocol pptp
rotary-group 4
Please Advise and Help
Regards
Hasan Reza
My Current Config is as below
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.06.09 17:55:23 =~=~=~=~=~=~=~=~=~=~=~=
exit
Gateway#show run |
Building configuration...
Current configuration : 25109 bytes
! Last configuration change at 13:33:57 UTC Sun Jun 9 2013 by admin
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
hostname Gateway
boot-start-marker
boot system flash c1841-advsecurityk9-mz.151-2.T1.bin
boot-end-marker
logging buffered 4096
no logging console
enable secret 5 $1$SciF$TlX1tR5qaG9ZE7pdZHcRJ/
no aaa new-model
dot11 syslog
ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 10.236.5.1 10.236.5.20
ip dhcp excluded-address 10.236.5.21 10.236.5.50
ip dhcp excluded-address 172.21.51.2 172.21.51.50
ip dhcp pool ContosoPool
network 10.236.5.0 255.255.255.0
default-router 10.236.5.254
dns-server 213.42.20.20 195.229.241.222
ip dhcp pool DMZ
network 172.21.51.0 255.255.255.0
dns-server 172.21.51.10
default-router 172.21.51.1
domain-name contoso.local
ip cef
ip domain name contoso.local
ip name-server 213.42.20.20
ip name-server 195.229.241.22
ip name-server 195.229.241.222
ip ddns update method dyndns
HTTP
add http://xxxxxx:[email protected]/nic/update?system=dyndns&hostname=<h>&myip=<a>
remove http://xxxxxx:yyyyy@@members.dyndns.org/nic/update?system=dyndns&hostname=<h>&myip=<a>
interval maximum 0 1 0 0
multilink bundle-name authenticated
vpdn enable
vpdn-group 2
request-dialin
protocol l2tp
initiate-to ip 173.195.0.42
vpdn-group RAS-VPN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
l2tp tunnel timeout no-session 15
crypto pki token default removal timeout 0
crypto pki trustpoint TP.StartSSL.CA
enrollment terminal pem
revocation-check none
crypto pki trustpoint TP.StartSSL-vpn
enrollment terminal pem
usage ssl-server
serial-number none
fqdn ssl.spktelecom.com
ip-address none
revocation-check crl
rsakeypair RSA.StartSSL-vpn
crypto pki trustpoint TP-self-signed-1981248591
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1981248591
revocation-check none
rsakeypair TP-self-signed-1981248591
crypto pki trustpoint VMWare
enrollment terminal
revocation-check crl
crypto pki trustpoint OWA
enrollment terminal pem
revocation-check crl
crypto pki certificate chain TP.StartSSL.CA
certificate ca 01
(removed the certificate info for clarity)
quit
crypto pki certificate chain TP.StartSSL-vpn
certificate 0936E1
(removed the certificate info for clarity)9
quit
certificate ca 18
(removed the certificate info for clarity)
quit
crypto pki certificate chain TP-self-signed-1981248591
certificate self-signed 01
(removed the certificate info for clarity)
quit
crypto pki certificate chain VMWare
certificate ca 008EDCE6DBCE6B
(removed the certificate info for clarity)
quit
crypto pki certificate chain OWA
(removed the certificate info for clarity)
license udi pid CISCO1841 sn FCZ122191TW
archive
log config
hidekeys
username admin privilege 15 password 7 1304131F02023B7B7977
username ali password 7 06070328
redundancy
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
lifetime 84000
crypto isakmp key admin_123 address 0.0.0.0 0.0.0.0
crypto isakmp keepalive 10
crypto ipsec security-association lifetime seconds 28800
crypto ipsec transform-set vpnset esp-3des esp-sha-hmac
crypto ipsec transform-set strongsha esp-3des esp-sha-hmac
crypto dynamic-map mydyn 10
set transform-set strongsha
crypto map Dxb-Auh 1000 ipsec-isakmp dynamic XXXXXXXXXX
interface FastEthernet0/0
description Internal Network (Protected Interface)
ip address 10.236.5.254 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
interface FastEthernet0/1
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
interface ATM0/0/0
no ip address
shutdown
no atm ilmi-keepalive
interface BRI0/1/0
no ip address
encapsulation hdlc
shutdown
interface Virtual-Template1
ip unnumbered Dialer1
peer default ip address dhcp-pool ContosoPool
ppp encrypt mppe auto required
ppp authentication ms-chap ms-chap-v2 eap
interface Dialer1
ip ddns update hostname XXXXXXX.dyndns.org
ip ddns update dyndns
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1450
dialer pool 1
ppp pap sent-username vermam password 7 13044E155E0913323B
crypto map Dxb-Auh
interface Dialer2
mtu 1460
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 2
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp authentication ms-chap ms-chap-v2 callin
ppp eap refuse
ppp chap hostname hasanreza
ppp chap password 7 070E2541470726544541
interface Dialer995
no ip address
ip local pool webssl 10.236.6.10 10.236.6.30
ip forward-protocol nd
ip http server
ip http secure-server
ip nat inside source list nat interface Dialer1 overload
ip nat inside source static tcp 10.236.5.12 25 interface Dialer1 25
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 172.21.51.0 255.255.255.0 10.236.5.253
ip access-list extended internal
permit ip any 10.236.5.0 0.0.0.255
ip access-list extended nat
deny ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
deny ip 10.236.5.0 0.0.0.255 172.19.19.0 0.0.0.255
permit ip 10.236.5.0 0.0.0.255 any
ip access-list extended nonat
permit ip 10.236.5.0 0.0.0.255 172.19.19.0 0.0.0.255
permit ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
ip access-list extended sslacl
ip access-list extended webvpn
permit tcp any any eq 443
logging esm config
access-list 101 permit ip 10.236.5.0 0.0.0.255 172.31.1.0 0.0.0.255
control-plane
line con 0
line aux 0
line vty 0 4
exec-timeout 0 0
login local
transport preferred ssh
transport input telnet ssh
line vty 5 15
exec-timeout 0 0
login local
transport preferred ssh
transport input telnet ssh
scheduler allocate 20000 1000
webvpn gateway gateway1
ip interface Dialer1 port 443
ssl encryption rc4-md5
ssl trustpoint TP.StartSSL-vpn
inservice
webvpn install svc flash:/webvpn/anyconnect-win-3.1.00495-k9.pkg sequence 1
webvpn install csd flash:/webvpn/sdesktop.pkg
webvpn context webvpn
ssl authenticate verify all
url-list "Webservers"
heading "SimpleIT Technologies NBNS Servers"
url-text "Google" url-value "www.google.com"
url-text "Mainframe" url-value "10.236.5.2"
url-text "Mainframe2" url-value "https://10.236.5.2"
nbns-list "ContosoServer"
nbns-server 10.236.5.10
nbns-server 10.236.5.11
nbns-server 10.236.5.12
port-forward "PortForwarding"
local-port 3389 remote-server "10.236.5.10" remote-port 3389 description "Server-DC01"
policy group policy1
url-list "Webservers"
port-forward "PortForwarding"
nbns-list "ContosoServer"
functions file-access
functions file-browse
functions file-entry
functions svc-enabled
svc address-pool "webssl"
svc default-domain "Contoso.Local"
svc keep-client-installed
svc split include 10.236.5.0 255.255.255.0
svc split include 10.236.6.0 255.255.255.0
svc split include 172.31.1.0 255.255.255.0
svc split include 172.21.51.0 255.255.255.0
svc dns-server primary 172.21.51.10
default-group-policy policy1
gateway gateway1
inservice
end
Gateway# -
RDP does not work after disabling TLS 1.0
RDP does not work after disabling TLS 1.0
Had to re-enable it .... what can i do to make it work with TLS 1.2 ??Hi,
Disabling TLS 1.0 will break RDP under default settings. Did the security scan say specifically to disable TLS 1.0? Normally you should be able to disable use of certain ciphers or prioritize ciphers. You may want to try IISCrypto, on
it you click the PCI button, then Apply button, then restart your server.
Additionally there are still a substantial number of web browsers in use that do not support TLS 1.1/1.2.
If you would like to continue with TLS 1.0 disabled you may change the RDP Security Layer. To do this please open Terminal Services Configuration (tsconfig.msc), double-click RDP-Tcp, change Security Layer to RDP Security Layer.
IMPORTANT: You are vulnerable to MITM attack when using RDP Security Layer because there is no Server Authentication. If you are running RDP over a VPN connection and there is no risk for interception then this may be okay. I recommend
you re-enable TLS 1.0 and have a ssl certificate from a public authority set on your RDP-Tcp listener.
Quoted from this thread answered
by TP, for more information you can go through that thread.
Hope it helps!
Thanks.
Dharmesh Solanki
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Java applet works in windows and does not work in linux
Hello, guys!
I'm working with site which is located in vpn network at work.
I use browsers firefox 3 and opera.
When I want to open java applet using firefox or opera at first everything is fine then on the last stage of loading(judging by progress bar) applet hangs(progress bar hangs) and when I reload page firefox shows in the bottom bar: applet <applet's name> bail.
In windows everything works both in ie6 and firefox 3.
On both environments I have the jre 6 installed.
please help!Ok, I installed ies4linux and jre 1.5.16. I can work with that but when I start applet screen goes black and window frames dissapear.
To solve this problem(feature?) I disabled DirectX-based acceleration for Java 2D but that works for javacpl.exe and does not work for my applet.
Maybe you are looking for
-
Hi, my iPhone 4S and another one within my family are not synchronizing correctly the adressbook.
Hi out there, could anybody give me a hint please? Since one week our both iPhones 4S are not getting the changings in the adressbook on our iMAC. Even replacing the complete contacts on the phones does not help. A call to apple support just confirme
-
Quicktime not playing back correctly
In FCP I exported Quicktime Movie. When I playback in Quicktime and manually drag to the end of the movie, it freezes and then turns black. When I go back to start and replay, the screen stays black and only plays the audio. I'm running the latest ve
-
Hi everyone, I'm a newbie in AE, today I downloaded a project name Head in the clouds (http://www.youtube.com/watch?v=p8ftOwjdmJ8), it show a camera go through clouds with 3 layer of text, the camera had been set move slowly each time a text layer ap
-
How do i block unwanted emails or contacts
how do i block unwanted emails or contacts
-
Problem with the installation of ios 7.0.4.?
why i have no signal since i installed ios 7.0.4.?