VPN Question (match interesting traffic)
Dear guys
A vpn question see below text diagram
inside-------ASA-1-----CHINATELECOM------ASA-2---------CHINAUNICOM----------ASA-3------inside
ipsec vpn tunnel ipsec vpn tunnel
we have configured interesting traffic on ASA-2 for each other on 2 side.
we can ping asa-2 inside network from asa-3 and asa-1 but Why ASA-3 inside can not access ASA-1 inside network ?
Hi Yun,
Step 1: Create site-to-site vpn tunnel between ASA1 to ASA2 and ASA2 to ASA3, however there is NO direct tunnel between ASA1 and ASA3 you need.
Step 2: Now include ASA3's inside network segment in the crypto ACL to between the tunnel ASA1 and ASA2 and do NOT include ASA3's and 1's inside network segment for no-nat on inside interface on ASA2
Step 3: Now include ASA1 inside network segment in the crypto ACL to between the tunnel ASA2 and ASA3, and do NOT include ASA1's and 3's inside network segment for no-nat on inside interface on ASA2.
Step 4: Create no-nat on ASA2 for outside interface and this no-nat must includes ASA1's inside network segment and ASA3's inside network segment. See example below.
only an example, you change it to fit your network segment.
object-group network ASA1-inside
network-object 192.168.100.0 255.255.255.0
object-group network ASA3-inside
network-object 192.168.200.0 255.255.255.0
access-list nonat-outside extended permit ip object-group ASA1-inside object-group ASA3-inside
access-list nonat-outside extended permit ip object-group ASA3-inside object-group ASA1-inside
nat (outside) 0 access-list nonat-outside
Please let me know, how this coming along.
thanks
Rizwan Rafeek
Similar Messages
-
Hi all.
My question is very simple is there any way or feature that could allow us to have a backup VPN tunnel on at the secondary ISP at the asa 5520?
Lets assume if the primary isp goes down is there any way for the VPN tunnel come online at the backup isp ?
Config:
crypto isakmp enable outside
crypto isakmp enable backup
tunnel-group 200.200.2.1 type ipsec-l2l
tunnel-group 200.200.2.1 ipsec-attributes
pre-shared-key CISCO
tunnel-group 200.200.1.1 type ipsec-l2l
tunnel-group 200.200.1.1 ipsec-attributes
pre-shared-key CISCO
crypto ipsec transform-set 3DES_MD5 esp-3des esp-md5-hmac
crypto map VPN 10 match address VLAN121_TO_VLAN23
crypto map VPN 10 set peer 200.200.1.1
crypto map VPN 10 set transform-set 3DES_MD5
crypto map VPN 20 match address VLAN121_TO_VLAN23
crypto map VPN 20 set peer 200.200.2.1
crypto map VPN 20 set transform-set 3DES_MD5
! Apply crypto-map and enable VPN traffic to bypass ACLs
crypto map VPN interface outside
crypto map VPN interface backup
sysopt connection permit-vpn
Thank you.We are not abble to make a loop back on the ASA.
The routing with SLA is working fine the problem is when local network goes to remote network always try to get at the first tunnel with was setup for first isp ip adddrs. -
not sure if this is possible /device asa 5550 - But can a Client establish a SSL VPN to remote network and devices on the remote network access local network printers?
so you got one client one network A that creates a SSL VPN to network B , can network B be configured so that automatic job come across the same ssl vpn to a Different IP?I do not know if its just me but I do not understand what you mean with this:
so you got one client one network A that creates a SSL VPN to network B , can network B be configured so that automatic job come across the same ssl vpn to a Different IP?
Can you try it to explain it one more time?
Now, I think you are saying the following, please look this:
HQ----ASA----INTERNET----------Office2
Now the Office2 will do a clientless SSL vpn to the ASA and afterwards you want the HQ to be able to contact some printers or servers on office 2 via the clientless SSL vpn, If that is the question the answer is NO. the clientless SSL vpn will only allow traffic to go from office2 to the HQ, and not all traffic, it will depend on what you use to configure the clientless ssl ( Smart tunnels, Port-forwarding,Plugins).
Again I am not sure if that was the question.
Regards,
Julio
Do rate all the helpful posts -
Hi All
The question is pretty simple. I can successfully connect to my ASA 5505 firewall via cisco vpn client 64 bit , i can ping any ip address on the LAN behind ASA but none of the LAN computers can see or ping the IP Address which is assigned to my vpn client from the ASA VPN Pool.
The LAN behind ASA is 192.168.0.0 and the VPN Pool for the cisco vpn client is 192.168.30.0
I would appreciate some help pls
Here is the config:
ASA Version 7.2(4)
hostname ciscoasa
domain-name default.domain.invalid
enable password J7NxNd4NtVydfOsB encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 192.168.0.11 EXCHANGE
name x.x.x.x WAN
name 192.168.30.0 VPN_POOL2
interface Vlan1
nameif inside
security-level 100
ip address 192.168.0.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address WAN 255.255.255.252
interface Ethernet0/0
switchport access vlan 2
<--- More --->
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
boot system disk0:/asa724-k8.bin
ftp mode passive
clock timezone EEST 2
clock summer-time EEDT recurring last Sun Mar 3:00 last Sun Oct 4:00
dns server-group DefaultDNS
domain-name default.domain.invalid
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
access-list nk-acl extended permit tcp any interface outside eq smtp
access-list nk-acl extended permit tcp any interface outside eq https
access-list customerVPN_splitTunnelAcl standard permit 192.168.0.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.255.0 VPN_POOL2 255.255.255.0
access-list inside_access_in extended permit ip any any
access-list VPN_NAT extended permit ip VPN_POOL2 255.255.255.0 192.168.0.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool VPN_POOL2 192.168.30.10-192.168.30.90 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (inside) 10 interface
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
nat (outside) 10 access-list VPN_NAT outside
static (inside,outside) tcp interface smtp EXCHANGE smtp netmask 255.255.255.255
static (inside,outside) tcp interface https EXCHANGE https netmask 255.255.255.255
access-group inside_access_in in interface inside
access-group nk-acl in interface outside
route outside 0.0.0.0 0.0.0.0 x.x.x.x 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
aaa authentication enable console LOCAL
aaa authentication http console LOCAL
aaa authentication serial console LOCAL
aaa authentication ssh console LOCAL
aaa authentication telnet console LOCAL
aaa authorization command LOCAL
http server enable
http 192.168.0.0 255.255.255.0 inside
snmp-server host inside 192.168.0.16 community public
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 set pfs group1
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto isakmp nat-traversal 20
telnet 192.168.0.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
dhcp-client client-id interface outside
dhcpd dns 217.27.32.196
dhcpd address 192.168.0.100-192.168.0.200 inside
dhcpd dns 192.168.0.10 interface inside
dhcpd enable inside
group-policy DfltGrpPolicy attributes
banner none
wins-server none
dns-server none
dhcp-network-scope none
vpn-access-hours none
vpn-simultaneous-logins 3
vpn-idle-timeout 30
vpn-session-timeout none
vpn-filter none
vpn-tunnel-protocol IPSec l2tp-ipsec
password-storage disable
ip-comp disable
re-xauth disable
group-lock none
pfs disable
ipsec-udp disable
ipsec-udp-port 10000
split-tunnel-policy tunnelall
split-tunnel-network-list none
default-domain none
split-dns none
intercept-dhcp 255.255.255.255 disable
secure-unit-authentication disable
user-authentication disable
user-authentication-idle-timeout 30
ip-phone-bypass disable
leap-bypass disable
nem disable
backup-servers keep-client-config
msie-proxy server none
msie-proxy method no-modify
msie-proxy except-list none
msie-proxy local-bypass disable
nac disable
nac-sq-period 300
nac-reval-period 36000
nac-default-acl none
address-pools none
smartcard-removal-disconnect enable
client-firewall none
client-access-rule none
webvpn
functions url-entry
html-content-filter none
homepage none
keep-alive-ignore 4
http-comp gzip
filter none
url-list none
customization value DfltCustomization
port-forward none
port-forward-name value Application Access
sso-server none
svc none
svc keep-installer installed
svc keepalive none
svc rekey time none
svc rekey method none
svc dpd-interval client none
svc dpd-interval gateway none
svc compression deflate
group-policy customerVPN internal
group-policy customerVPN attributes
dns-server value 192.168.0.10
vpn-tunnel-protocol IPSec
password-storage enable
split-tunnel-policy tunnelspecified
split-tunnel-network-list value customerVPN_splitTunnelAcl
default-domain value customer.local
username xxx password 8SYsAcRU4s6DpQP1 encrypted privilege 0
username xxx attributes
vpn-group-policy TUNNEL1
username xxx password C6M4Xy7t0VOLU3bS encrypted privilege 0
username xxx attributes
vpn-group-policy PAPAGROUP
username xxx password RU2zcsRqQAwCkglQ encrypted privilege 0
username xxx attributes
vpn-group-policy customerVPN
username xxx password zfP8z5lE6WK/sSjY encrypted privilege 15
tunnel-group customerVPN type ipsec-ra
tunnel-group customerVPN general-attributes
address-pool VPN_POOL2
default-group-policy customerVPN
tunnel-group customerVPN ipsec-attributes
pre-shared-key *
tunnel-group-map default-group DefaultL2LGroup
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
service-policy global_policy global
prompt hostname context
Cryptochecksum:a4dfbb82008f78756fe4c7d029871ec1
: end
ciscoasa#Well lots of new features have been hinted at for ASA 9.2 but I've not seen anything as far as an Engineering Commit or Customer Commit for that feature.
Site-site VPN in multiple context mode was added in 9.0(1) and I have customers have been asking for the remote access features as well.
I will remember to ask about that at Cisco Live next month. -
Cisco ASA VPN question: %ASA-4-713903: IKE Receiver: Runt ISAKMP packet
Dear community,
quite frequently I am now receiving the following error message in my ASA 5502's log:
Oct 17 12:52:17 <myASA> %ASA-4-713903: IKE Receiver: Runt ISAKMP packet discarded on Port 4500 from <some_ip>:<some_port>
Oct 17 12:52:22 <myASA> %ASA-4-713903: IKE Receiver: Runt ISAKMP packet discarded on Port 4500 from <some_ip>:<some_port>
Oct 17 12:52:27 <myASA> %ASA-4-713903: IKE Receiver: Runt ISAKMP packet discarded on Port 4500 from <some_ip>:<some_port>
The VPN Clients (in the last case: A linux vpnc) disconnect with message
vpnc[7736]: connection terminated by dead peer detection
The ASA reports for that <some_ip> at around the same time:
Oct 17 12:52:32 <myASA> %ASA-4-113019: Group = blah, Username = johndoe, IP = <some_ip>, Session disconnected. Session Type: IPSecOverNatT, Duration: 2h:40m:35s, Bytes xmt: 2410431, Bytes rcv: 23386708, Reason: User Requested
A google search did not reveal any explanation to the "%ASA-4-713903: IKE Receiver: Runt ISAKMP packet..." message -- so my questions would be
1) What does the message exactly mean -- I know runts as a L2 problem so I d suppose it means the same: The ISAKMP packet is somehow
crippled (I d suppose this happens during rekeying) ?
2) Any idea where to look for the cause of this
WAN related (however I d assume no -- why does this happen in these regular time frames as show above)?
SW related (vpnc bug)?
Thanks in advance for any pointer...
JoachimYes. You need to eliminate the things I've said to eliminate with the other side. Ensure your configs are matching exactly. They probably are, whatever, just make sure of it because it's easy. You both need to run packet captures on your interfaces both in and out to even begin to have an idea of where to look.
The more info you can have just one person responsible for the better. What I mean by that is, it's typically a nice step for the 'bigger end' to have the 'smaller end's' config file to look at.
If you are seeing packets come in your inside, leave your outside, and never make it to his inside, then take it a step at a time.
If you're seeing them come in his interface and never come back out, you know where to look.
Set your caps to a single host to single host if need be, and generate traffic accordingly.
You need to narrow down where NOT to look so that you know where TO look. I would say then, and only then, do you get the ISP involved. Once you're sure the problem exists between his edge device and your edge device.
I do exactly this for a living on a daily basis...day after day after day. I'm responsible for over 200 IPSec s2s connections and thousands of SSL VPN sessions. I always start the exact same way...from the very bottom. -
Hi all: I have been reading Craig J's newest edition for
BM3.9 to try and setup a VPN to allow me in from my iMac at
home. OUr BM server (3.9sp1) lives behind a Cisco router.
The Cisco router receives T1 traffic at port (changed IPs
for obvious reasons) 200.10.10.1 and forwards to our BM
server public IP at 200.10.10.2. The private IP of the BM
server is 10.100.1.20.
My first question is which example in Craig's book most
closely matches my setup? I believe we closely match
"MANNY".
The last time I worked with a VPN setup was back when we ran
3.6. At that time I had to configure many filters to allow
the needed VPN traffic across the BM server. Is this still
needed? I assume it is and that I should use the Legacy VPN
filters in Craig's book.
Lastly, on my iMac at home I plan on using VPN tracker as
the client. What do I need for it (public vpn certificate
maybe?)
Thanks for the hand-holding, Chris.In article <482C139B.CE15.0032.0@N0_$pam.vrapc.com>, Chris wrote:
> My first question is which example in Craig's book most
> closely matches my setup? I believe we closely match
> "MANNY".
Yes, exactly.
>
> The last time I worked with a VPN setup was back when we ran
> 3.6. At that time I had to configure many filters to allow
> the needed VPN traffic across the BM server. Is this still
> needed? I assume it is and that I should use the Legacy VPN
> filters in Craig's book.
No, the filters for IKE-based VPN are different, but the defaults
should be fine.
>
> Lastly, on my iMac at home I plan on using VPN tracker as
> the client. What do I need for it (public vpn certificate
> maybe?)
>
Dunno - never used a Mac for VPN, so no experience debugging it yet.
Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com *** -
Some Site to Site VPN questions
When you have an ASA to ASA Site to Site VPN, you do have to configure the routes you want to transverse the tunnel in the routing table with a gateway of the device on the other side correct?
Also does each side have to match the exact subnets within the crypto domain? For instance if I have defined two subnets 10.10.10.0/24 and 10.100.100.0/24, the other side should have those exact subnets, not just a 10.0.0.0/8 correct? If that makes sense?Hi,
When we consider routing and L2L VPN connections then we generally can presume that they are built through the interface which has the default route. We can also presume that you are not configuring a L2L VPN for a remote network that overlaps with your LAN networks. Considering both of the mentioned things we can determine that naturally any network that is not in your local network will follow the default route when the ASA is making decision about where to forward the traffic.
So generally you wont need to manually configure any additional routes on the ASA for any remote VPN networks. VPN Client connections adds routes automatically for the VPN Pool IP that is assigned to the VPN Client user. On L2L VPN connections you can configure the ASA to add the routes based on the L2L VPN connections ACL that tells the local and remote networks. In this case you will have to add the following configuration for a given L2L VPN connections
crypto map set reverse-route
This will add a route on the ASAs routing table though this wont show in the "route" configurations on the ASA.
With regards to your questions about the local/remote subnets I actually have to say that I am not 100% sure. To my understanding your ACL can have lines/rules that dont match the other side but the ACL does have to have matching local/remote subnets. Any extra lines in the ACL to my understanding dont matter, just that there is a match between the VPN peers.
I have personally never had the need to make very broad local/remote network definitions for the L2L VPN. I have always been for being as specific as I can be. Naturally a very large environment might dictate to follow another approach but I have not run into anything like that myself.
- Jouni -
ASA 5520 site-to-site VPN question
Hello,
We have a Cisco 5520 ASA 8.2(1) connected to a Cisco RVS4000 router via an IPsec Site-to-Site VPN. The RVS4000 is located at a branch office. The tunnel works beautifully. When computers at the remote site are turned on the tunnel is established, and data is transferred back and forth.
The only issue I'm having is being able to Remote Desktop to the branch office computers, or ping for that matter. I can ping and Remote Desktop from the branch office computers to computers at the main site where the ASA is located.
After doing some research, I came across the this command;
sysopt connection permit-vpn
I haven't tried entering the command yet, but was wondering if this is something that I can try initially to see it it resolves the problem.
Thanks,
JohnWhat are your configs and network diagrams at each location? What are you doing for DNS? I can help quicker with that info. Also, here are some basic site to site VPN examples if it helps.
hostname cisco
domain-name cisco.com
enable password XXXXXXXX encrypted
passwd XXXXXXXXXXX encrypted
names
dns-guard
interface Ethernet0/0
nameif outside
security-level 0
ip address XXX.XXX.XXX.XXX 255.255.255.248
interface Ethernet0/1
nameif inside
security-level 100
ip address 10.0.0.2 255.255.255.0
interface Ethernet0/2
nameif backup
security-level 0
no ip address
interface Ethernet0/3
nameif outsidetwo
security-level 0
no ip address
interface Management0/0
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0
management-only
ftp mode passive
dns server-group DefaultDNS
domain-name cisco.com
same-security-traffic permit intra-interface
access-list XXX extended permit ip 10.0.0.0 255.255.255.0 10.90.238.0 255.255.255.0
access-list XXX extended permit ip 10.0.10.0 255.255.255.0 10.90.238.0 255.255.255.0
access-list XXX extended permit ip 10.0.2.0 255.255.255.0 10.90.238.0 255.255.255.0
access-list XXX extended permit ip 10.0.4.0 255.255.255.0 10.90.238.0 255.255.255.0
access-list XXX extended permit ip 10.0.0.0 255.255.255.0 10.0.2.0 255.255.255.0
access-list XXX extended permit ip 10.90.238.0 255.255.255.0 10.0.2.0 255.255.255.0
access-list XXX extended permit ip 10.0.0.0 255.255.255.0 10.0.4.0 255.255.255.0
access-list XXX extended permit ip 10.90.238.0 255.255.255.0 10.0.4.0 255.255.255.0
access-list nonat extended permit ip 10.0.0.0 255.255.255.0 10.90.238.0 255.255.255.0
access-list nonat extended permit ip 10.0.0.0 255.255.255.0 10.0.2.0 255.255.255.0
access-list nonat extended permit ip 10.0.0.0 255.255.255.0 10.0.4.0 255.255.255.0
access-list nonat extended permit ip 10.0.0.0 255.255.255.0 10.0.10.0 255.255.255.0
access-list nonat extended permit ip 10.0.10.0 255.255.255.0 10.90.238.0 255.255.255.0
access-list nonat extended permit ip 10.0.2.0 255.255.255.0 10.90.238.0 255.255.255.0
access-list nonat extended permit ip 10.0.4.0 255.255.255.0 10.90.238.0 255.255.255.0
access-list split standard permit 10.0.0.0 255.255.255.0
access-list split standard permit 10.90.238.0 255.255.255.0
pager lines 24
logging enable
logging buffer-size 1048576
logging buffered errors
logging trap notifications
logging asdm informational
logging class vpn buffered debugging
mtu outside 1500
mtu inside 1500
mtu backup 1500
mtu outsidetwo 1500
mtu management 1500
ip local pool vpnpool 10.0.10.100-10.0.10.200
ip audit name Inbound-Attack attack action alarm drop
ip audit name Inbound-Info info action alarm
ip audit interface outside Inbound-Info
ip audit interface outside Inbound-Attack
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 0.0.0.0 0.0.0.0
access-group inbound in interface outside
route outside 0.0.0.0 0.0.0.0 XXX.XXX.XXX.XXX 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 0.0.0.0 0.0.0.0 inside
http 192.168.1.0 255.255.255.0 management
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dynmap 10 set transform-set myset
crypto dynamic-map dynmap 10 set security-association lifetime seconds 28800
crypto dynamic-map dynmap 10 set security-association lifetime kilobytes 4608000
crypto map outside_map 1 match address XXX
crypto map outside_map 1 set peer XXX.XXX.XXX.XXX
crypto map outside_map 1 set transform-set myset
crypto map outside_map 1 set security-association lifetime seconds 28800
crypto map outside_map 1 set security-association lifetime kilobytes 4608000
crypto map outside_map 2 match address XXX2
crypto map outside_map 2 set peer XXX.XXX.XXX.XXX
crypto map outside_map 2 set transform-set myset
crypto map outside_map 2 set security-association lifetime seconds 28800
crypto map outside_map 2 set security-association lifetime kilobytes 4608000
crypto map outside_map 3 match address XXX3
crypto map outside_map 3 set pfs
crypto map outside_map 3 set peer XXX.XXX.XXX.XXX
crypto map outside_map 3 set transform-set myset
crypto map outside_map 3 set security-association lifetime seconds 28800
crypto map outside_map 3 set security-association lifetime kilobytes 4608000
crypto map outside_map 65535 ipsec-isakmp dynamic dynmap
crypto map outside_map interface outside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh 0.0.0.0 0.0.0.0 inside
ssh timeout 60
console timeout 0
management-access inside
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd enable management
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy XXXgroup internal
group-policy XXXgroup attributes
dns-server value XXX.XXX.XXX.XXX
vpn-idle-timeout 30
split-tunnel-policy tunnelspecified
split-tunnel-network-list value split
default-domain value domain.local
username XXX24 password XXXX encrypted privilege 15
username admin password XXXX encrypted
tunnel-group XXX.XXX.XXX.XXX type ipsec-l2l
tunnel-group XXX.XXX.XXX.XXX ipsec-attributes
pre-shared-key XXXXXXXXXX
tunnel-group XXXgroup type remote-access
tunnel-group XXXgroup general-attributes
address-pool vpnpool
default-group-policy rccgroup
tunnel-group XXXgroup ipsec-attributes
pre-shared-key XXXXXXXXXX
isakmp ikev1-user-authentication none
tunnel-group XXX.XXX.XXX.XXX type ipsec-l2l
tunnel-group XXX.XXX.XXX.XXX ipsec-attributes
pre-shared-key XXXXXXXXXX
tunnel-group XXX.XXX.XXX.XXX type ipsec-l2l
tunnel-group XXX.XXX.XXX.XXX ipsec-attributes
pre-shared-key XXXXXXXXXX
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns migrated_dns_map_1
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily -
Cisco ASA 5505 - 1st VPN works, 2nd VPN can't get traffic across
This is my first Cisco configuration ever so go easy on me. A lot of the commands that I used here I don't really understand. I got them from Googling configs. I have the need for more than one VPN on this thing, and I've been fighting with this thing for hours today without any luck.
The first VPN I setup, labeled vpn1 here works perfectly. I connect via the public IP on the DSL and I can get traffic to my 192.168.1.0/24 network without any problems.
I pretty much duplicated the configuration for the 2nd VPN, just replacing my 192.168.1.0/24 subnet w/ the network connected to a third interface on the ASA (10.4.0.0 255.255.240.0). I successfully make connection to this VPN, but I cannot get traffic to traverse the VPN. I'm using the address 10.4.0.1 to test pings. The ASA itself can ping 10.4.0.1 as that interface of the ASA has 10.4.13.10 255.255.240.0, which is the same subnet (range is 10.4.0.0 - 10.4.15.255).
Here is my config (edited for names and passwords)
ciscoasa# show run
: Saved
ASA Version 8.2(5)
hostname ciscoasa
enable password ********** encrypted
passwd ********** encrypted
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
switchport access vlan 3
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
pppoe client vpdn group ISP_DSL
ip address pppoe setroute
interface Vlan3
no forward interface Vlan1
nameif private
security-level 100
ip address 10.4.13.10 255.255.240.0
ftp mode passive
access-list 100 extended permit icmp any any
access-list nonat remark ACL for Nat Bypass
access-list nonat extended permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
access-list nonat extended permit ip 10.4.0.0 255.255.240.0 192.168.3.0 255.255.255.0
access-list vpn_SplitTunnel remark ACL for VPN Split Tunnel
access-list vpn_SplitTunnel standard permit 192.168.1.0 255.255.255.0
access-list vpn_SplitTunnel standard permit 10.4.0.0 255.255.240.0
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1492
mtu private 1500
ip local pool vpn1pool 192.168.2.100-192.168.2.110
ip local pool vpn2pool 192.168.3.100-192.168.3.110
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 0.0.0.0 0.0.0.0
nat (private) 0 access-list nonat
access-group 100 in interface outside
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set strong-des esp-3des esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dynmap 30 set transform-set strong-des
crypto map vpn1 65535 ipsec-isakmp dynamic dynmap
crypto map vpn1 interface outside
crypto map vpn2 65535 ipsec-isakmp dynamic dynmap
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 11
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 86400
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 10
console timeout 0
vpdn group ISP_DSL request dialout pppoe
vpdn group ISP_DSL localname [email protected]
vpdn group ISP_DSL ppp authentication chap
vpdn username [email protected] password **********
dhcp-client update dns
dhcpd auto_config outside
dhcpd address 192.168.1.100-192.168.1.200 inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy vpn2 internal
group-policy vpn2 attributes
vpn-idle-timeout 120
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value vpn_SplitTunnel
group-policy vpn1 internal
group-policy vpn1 attributes
vpn-idle-timeout 120
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value vpn_SplitTunnel
username cssadmin password ********** encrypted
username vpn2user password ********** encrypted
username vpn1user password ********** encrypted
tunnel-group vpn1-VPN type remote-access
tunnel-group vpn1-VPN general-attributes
address-pool vpn1pool
default-group-policy vpn1
tunnel-group vpn1-VPN ipsec-attributes
pre-shared-key **********
tunnel-group vpn2-VPN type remote-access
tunnel-group vpn2-VPN general-attributes
address-pool vpn2pool
default-group-policy vpn2
tunnel-group vpn2-VPN ipsec-attributes
pre-shared-key *****
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:f5137c68c4b4a832c9dff8db808004ae
: end
Theories: after fighting with it for a while and having another guy in my office look at it, we decided that the problem is probably that even though the pings are probably reaching 10.4.0.1, they have no route back to my VPN subnet 192.168.3.0/24. I contacted the admins of the 10.4.0.0 network and asked if they could add a route to 192.168.3.0/24 via 10.4.13.10, but he said there is no router of default gateway on the network to even configure.
So, what do I do? Maybe NAT the VPN traffic? If that is the correct answer, what lines would I put/change in the config to NAT that traffic.
I'm assuming the reason the 1st VPN works is because the ASA is the default gateway for the inside 192.168.1.0/24 network.
Thanks in advance for any insight you can provide.Hello Belnet,
What do the logs show from the ASA.
Can you post them ??
Any other question..Sure..Just remember to rate all of the community answers.
Julio -
3G VPN established but no traffic using ASA 5505
Hi All,
hoping that someone can help me here. We are able to esatblish VPN connection but we cannot pass traffic out.
Here are the details.
ISP has a range of 25.16.0.0/15 and they are doing Natting.
We are using Raven X and ASA5505 is connected. Session is established but can't pass traffic or ping.
router output:
ASA Version 8.2(2)
hostname DR-5505-50
domain-name dont know
enable password xxxxxx encrypted passwd kOuREZbrVpcZibgH encrypted names name 192.168.0.0 Corp name 10.10.0.0 device !
interface Vlan1
nameif inside
security-level 100
ip address 10.10.254.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns server-group DefaultDNS
domain-name network.comsame-security-traffic permit inter-interface same-security-traffic permit intra-interface object-group network never network-object Jobsites 255.255.0.0 network-object Corp 255.255.0.0 access-list outside_1_cryptomap extended permit ip 10.10.254.0
255.255.255.0 object-group network access-list inside_nat0_outbound extended permit ip 10.10.254.0
255.255.255.0 object-group networkn
access-list inside_access_in extended permit ip 10.10.254.0 255.255.255.0 any pager lines 24 logging asdm informational mtu inside 1500 mtu outside 1500 icmp unreachable rate-limit 1 burst-size 1 icmp permit any inside icmp permit any outside no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 access-group inside_access_in in interface inside access-group outside_access_in in interface outside timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat
0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect
0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 dynamic-access-policy-record DfltAccessPolicy aaa authentication ssh console LOCAL http server enable http 0.0.0.0 0.0.0.0 outside http 0.0.0.0 0.0.0.0 inside snmp-server host inside 192.168.152.28 community edsnmp version 2c no snmp-server location no snmp-server contact snmp-server community edsnmp snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map outside_map 1 match address outside_1_cryptomap crypto map outside_map 1 set pfs group1 crypto map outside_map 1 set peer 204.101.74.2 crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map interface outside crypto isakmp identity hostname crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 crypto isakmp policy 65535 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 no crypto isakmp nat-traversal telnet timeout 5 ssh 0.0.0.0 0.0.0.0 inside ssh 0.0.0.0 0.0.0.0 outside ssh timeout 60 console timeout 0 management-access inside dhcpd auto_config outside !
dhcpd address 10.10.254.70-10.10.254.169 inside dhcpd dns 192.168.152.21 192.168.160.21 interface inside dhcpd lease 432000 interface inside dhcpd domain name.com interface inside dhcpd option 3 ip 10.10.254.254 interface inside dhcpd enable inside !
vpnclient management clear
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept webvpn tunnel-group-list enable username admin password Xhasdfuasdhsdfh encrypted privilege 15 tunnel-group x.x.x.x type ipsec-l2l tunnel-group x.x.x.xipsec-attributes pre-shared-key dynamicvpn !
prompt hostname context
call-home
profile CiscoTAC-1
no active
destination address http
whatever.com
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:
Log file:
6|May 06 2013|07:00:01|302016|192.168.160.21|53|10.10.254.70|57967|Teardown UDP connection 245 for outside:192.168.160.21/53 to inside:10.10.254.70/57967 duration 0:02:07 bytes 148
6|May 06 2013|07:00:01|302016|192.168.152.21|53|10.10.254.70|57967|Teardown UDP connection 243 for outside:192.168.152.21/53 to inside:10.10.254.70/57967 duration 0:02:08 bytes 111
6|May 06 2013|06:59:58|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:57|302015|192.168.160.21|53|10.10.254.70|52108|Built outbound UDP connection 349 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/52108 (10.10.254.70/52108)
6|May 06 2013|06:59:56|302015|192.168.160.21|53|10.10.254.70|50503|Built outbound UDP connection 348 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/50503 (10.10.254.70/50503)
6|May 06 2013|06:59:56|302016|192.168.160.21|53|10.10.254.70|54304|Teardown UDP connection 241 for outside:192.168.160.21/53 to inside:10.10.254.70/54304 duration 0:02:07 bytes 236
6|May 06 2013|06:59:56|302016|192.168.152.21|53|10.10.254.70|54304|Teardown UDP connection 240 for outside:192.168.152.21/53 to inside:10.10.254.70/54304 duration 0:02:08 bytes 177
6|May 06 2013|06:59:56|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:56|302015|192.168.152.21|53|10.10.254.70|52108|Built outbound UDP connection 346 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/52108 (10.10.254.70/52108)
6|May 06 2013|06:59:55|302015|192.168.152.21|53|10.10.254.70|50503|Built outbound UDP connection 345 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/50503 (10.10.254.70/50503)
6|May 06 2013|06:59:55|302016|192.168.160.21|53|10.10.254.70|65422|Teardown UDP connection 238 for outside:192.168.160.21/53 to inside:10.10.254.70/65422 duration 0:02:07 bytes 136
6|May 06 2013|06:59:55|302016|192.168.152.21|53|10.10.254.70|65422|Teardown UDP connection 237 for outside:192.168.152.21/53 to inside:10.10.254.70/65422 duration 0:02:08 bytes 102
6|May 06 2013|06:59:54|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:54|302015|192.168.160.21|53|10.10.254.70|51008|Built outbound UDP connection 344 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/51008 (10.10.254.70/51008)
6|May 06 2013|06:59:53|302015|192.168.152.21|53|10.10.254.70|51008|Built outbound UDP connection 343 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/51008 (10.10.254.70/51008)
6|May 06 2013|06:59:53|302016|192.168.160.21|53|10.10.254.70|50300|Teardown UDP connection 236 for outside:192.168.160.21/53 to inside:10.10.254.70/50300 duration 0:02:07 bytes 152
6|May 06 2013|06:59:53|302016|192.168.152.21|53|10.10.254.70|50300|Teardown UDP connection 234 for outside:192.168.152.21/53 to inside:10.10.254.70/50300 duration 0:02:08 bytes 114
6|May 06 2013|06:59:53|302016|192.168.160.21|53|10.10.254.70|49286|Teardown UDP connection 235 for outside:192.168.160.21/53 to inside:10.10.254.70/49286 duration 0:02:07 bytes 152
6|May 06 2013|06:59:53|302016|192.168.152.21|53|10.10.254.70|49286|Teardown UDP connection 233 for outside:192.168.152.21/53 to inside:10.10.254.70/49286 duration 0:02:08 bytes 114
6|May 06 2013|06:59:52|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:50|302016|192.168.160.21|53|10.10.254.70|57306|Teardown UDP connection 231 for outside:192.168.160.21/53 to inside:10.10.254.70/57306 duration 0:02:07 bytes 152
6|May 06 2013|06:59:50|302016|192.168.152.21|53|10.10.254.70|57306|Teardown UDP connection 229 for outside:192.168.152.21/53 to inside:10.10.254.70/57306 duration 0:02:08 bytes 114
6|May 06 2013|06:59:50|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:49|302014|129.22.177.79|31663|10.10.254.70|34470|Teardown TCP connection 322 for outside:129.22.177.79/31663 to inside:10.10.254.70/34470 duration 0:00:30 bytes 0 SYN Timeout
6|May 06 2013|06:59:49|302016|192.168.160.21|53|10.10.254.70|54646|Teardown UDP connection 230 for outside:192.168.160.21/53 to inside:10.10.254.70/54646 duration 0:02:07 bytes 160
6|May 06 2013|06:59:49|302016|192.168.152.21|53|10.10.254.70|54646|Teardown UDP connection 227 for outside:192.168.152.21/53 to inside:10.10.254.70/54646 duration 0:02:08 bytes 120
6|May 06 2013|06:59:49|302016|192.168.160.21|53|10.10.254.70|64481|Teardown UDP connection 228 for outside:192.168.160.21/53 to inside:10.10.254.70/64481 duration 0:02:07 bytes 152
6|May 06 2013|06:59:49|302016|192.168.152.21|53|10.10.254.70|64481|Teardown UDP connection 226 for outside:192.168.152.21/53 to inside:10.10.254.70/64481 duration 0:02:08 bytes 114
6|May 06 2013|06:59:48|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:47|305012|10.10.254.70|34468|192.168.13.100|55721|Teardown dynamic TCP translation from inside:10.10.254.70/34468 to outside:192.168.13.100/55721 duration 0:01:30
6|May 06 2013|06:59:46|305012|10.10.254.70|34467|192.168.13.100|48446|Teardown dynamic TCP translation from inside:10.10.254.70/34467 to outside:192.168.13.100/48446 duration 0:01:30
6|May 06 2013|06:59:46|302016|192.168.152.21|53|10.10.254.70|63417|Teardown UDP connection 224 for outside:192.168.152.21/53 to inside:10.10.254.70/63417 duration 0:02:07 bytes 111
6|May 06 2013|06:59:46|302016|192.168.160.21|53|10.10.254.70|63417|Teardown UDP connection 223 for outside:192.168.160.21/53 to inside:10.10.254.70/63417 duration 0:02:08 bytes 148
6|May 06 2013|06:59:46|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:44|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:42|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:40|302015|192.168.152.21|53|10.10.254.70|62424|Built outbound UDP connection 339 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/62424 (10.10.254.70/62424)
6|May 06 2013|06:59:40|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:39|302015|192.168.160.21|53|10.10.254.70|62424|Built outbound UDP connection 337 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/62424 (10.10.254.70/62424)
6|May 06 2013|06:59:38|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:37|302016|192.168.152.21|53|10.10.254.70|59943|Teardown UDP connection 219 for outside:192.168.152.21/53 to inside:10.10.254.70/59943 duration 0:02:07 bytes 108
6|May 06 2013|06:59:37|302016|192.168.160.21|53|10.10.254.70|59943|Teardown UDP connection 218 for outside:192.168.160.21/53 to inside:10.10.254.70/59943 duration 0:02:08 bytes 144
6|May 06 2013|06:59:37|302015|192.168.152.21|53|10.10.254.70|58710|Built outbound UDP connection 336 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/58710 (10.10.254.70/58710)
6|May 06 2013|06:59:36|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:36|302015|192.168.160.21|53|10.10.254.70|58710|Built outbound UDP connection 334 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/58710 (10.10.254.70/58710)
6|May 06 2013|06:59:36|302016|192.168.152.21|53|10.10.254.70|51377|Teardown UDP connection 217 for outside:192.168.152.21/53 to inside:10.10.254.70/51377 duration 0:02:07 bytes 114
6|May 06 2013|06:59:36|302016|192.168.160.21|53|10.10.254.70|51377|Teardown UDP connection 215 for outside:192.168.160.21/53 to inside:10.10.254.70/51377 duration 0:02:08 bytes 152
6|May 06 2013|06:59:34|302016|192.168.152.21|53|10.10.254.70|56751|Teardown UDP connection 214 for outside:192.168.152.21/53 to inside:10.10.254.70/56751 duration 0:02:07 bytes 111
6|May 06 2013|06:59:34|302016|192.168.160.21|53|10.10.254.70|56751|Teardown UDP connection 213 for outside:192.168.160.21/53 to inside:10.10.254.70/56751 duration 0:02:08 bytes 148
6|May 06 2013|06:59:34|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:32|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:32|302016|192.168.152.21|53|10.10.254.70|63965|Teardown UDP connection 212 for outside:192.168.152.21/53 to inside:10.10.254.70/63965 duration 0:02:07 bytes 114
6|May 06 2013|06:59:32|302016|192.168.160.21|53|10.10.254.70|63965|Teardown UDP connection 210 for outside:192.168.160.21/53 to inside:10.10.254.70/63965 duration 0:02:08 bytes 152
6|May 06 2013|06:59:30|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:28|302016|192.168.152.21|137|10.10.254.70|137|Teardown UDP connection 211 for outside:192.168.152.21/137 to inside:10.10.254.70/137 duration 0:02:04 bytes 150
6|May 06 2013|06:59:28|302015|192.168.152.21|53|10.10.254.70|57795|Built outbound UDP connection 332 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/57795 (10.10.254.70/57795)
6|May 06 2013|06:59:28|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:28|302016|192.168.152.21|53|10.10.254.70|60822|Teardown UDP connection 206 for outside:192.168.152.21/53 to inside:10.10.254.70/60822 duration 0:02:07 bytes 114
6|May 06 2013|06:59:28|302016|192.168.160.21|53|10.10.254.70|60822|Teardown UDP connection 205 for outside:192.168.160.21/53 to inside:10.10.254.70/60822 duration 0:02:08 bytes 152
6|May 06 2013|06:59:27|302015|192.168.160.21|53|10.10.254.70|57795|Built outbound UDP connection 330 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/57795 (10.10.254.70/57795)
6|May 06 2013|06:59:26|302015|192.168.152.21|53|10.10.254.70|54989|Built outbound UDP connection 329 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/54989 (10.10.254.70/54989)
6|May 06 2013|06:59:26|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:25|302015|192.168.160.21|53|10.10.254.70|54989|Built outbound UDP connection 328 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/54989 (10.10.254.70/54989)
6|May 06 2013|06:59:25|302015|192.168.152.21|53|10.10.254.70|58248|Built outbound UDP connection 327 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/58248 (10.10.254.70/58248)
6|May 06 2013|06:59:24|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:24|302015|192.168.160.21|53|10.10.254.70|58248|Built outbound UDP connection 325 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/58248 (10.10.254.70/58248)
6|May 06 2013|06:59:22|302016|192.168.152.21|53|10.10.254.70|52148|Teardown UDP connection 204 for outside:192.168.152.21/53 to inside:10.10.254.70/52148 duration 0:02:07 bytes 111
6|May 06 2013|06:59:22|302016|192.168.160.21|53|10.10.254.70|52148|Teardown UDP connection 201 for outside:192.168.160.21/53 to inside:10.10.254.70/52148 duration 0:02:08 bytes 148
6|May 06 2013|06:59:22|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:20|302013|129.22.177.79|31663|10.10.254.70|34471|Built outbound TCP connection 324 for outside:129.22.177.79/31663 (129.22.177.79/31663) to inside:10.10.254.70/34471 (192.168.13.100/60918)
6|May 06 2013|06:59:20|305011|10.10.254.70|34471|192.168.13.100|60918|Built dynamic TCP translation from inside:10.10.254.70/34471 to outside:192.168.13.100/60918
6|May 06 2013|06:59:20|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:20|302016|192.168.152.21|53|10.10.254.70|50470|Teardown UDP connection 200 for outside:192.168.152.21/53 to inside:10.10.254.70/50470 duration 0:02:07 bytes 135
6|May 06 2013|06:59:20|302016|192.168.160.21|53|10.10.254.70|50470|Teardown UDP connection 199 for outside:192.168.160.21/53 to inside:10.10.254.70/50470 duration 0:02:08 bytes 180
6|May 06 2013|06:59:20|302014|71.207.1.189|1761|10.10.254.70|34468|Teardown TCP connection 275 for outside:71.207.1.189/1761 to inside:10.10.254.70/34468 duration 0:01:02 bytes 376 TCP FINs
6|May 06 2013|06:59:19|302013|129.22.177.79|31663|10.10.254.70|34470|Built outbound TCP connection 322 for outside:129.22.177.79/31663 (129.22.177.79/31663) to inside:10.10.254.70/34470 (192.168.13.100/64832)
6|May 06 2013|06:59:19|305011|10.10.254.70|34470|192.168.13.100|64832|Built dynamic TCP translation from inside:10.10.254.70/34470 to outside:192.168.13.100/64832
6|May 06 2013|06:59:18|302014|67.86.118.52|17365|10.10.254.70|34467|Teardown TCP connection 274 for outside:67.86.118.52/17365 to inside:10.10.254.70/34467 duration 0:01:02 bytes 453 TCP FINs
6|May 06 2013|06:59:18|302013|173.164.60.149|12864|10.10.254.70|34469|Built outbound TCP connection 321 for outside:173.164.60.149/12864 (173.164.60.149/12864) to inside:10.10.254.70/34469 (192.168.13.100/39628)
6|May 06 2013|06:59:18|305011|10.10.254.70|34469|192.168.13.100|39628|Built dynamic TCP translation from inside:10.10.254.70/34469 to outside:192.168.13.100/39628
6|May 06 2013|06:59:18|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:17|302016|192.168.152.21|53|10.10.254.70|54536|Teardown UDP connection 198 for outside:192.168.152.21/53 to inside:10.10.254.70/54536 duration 0:02:07 bytes 114
6|May 06 2013|06:59:17|302016|192.168.160.21|53|10.10.254.70|54536|Teardown UDP connection 197 for outside:192.168.160.21/53 to inside:10.10.254.70/54536 duration 0:02:08 bytes 152
6|May 06 2013|06:59:16|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:14|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:13|302016|192.168.152.21|53|10.10.254.70|57635|Teardown UDP connection 196 for outside:192.168.152.21/53 to inside:10.10.254.70/57635 duration 0:02:07 bytes 102
6|May 06 2013|06:59:13|302016|192.168.160.21|53|10.10.254.70|57635|Teardown UDP connection 195 for outside:192.168.160.21/53 to inside:10.10.254.70/57635 duration 0:02:08 bytes 136
6|May 06 2013|06:59:12|302015|192.168.152.21|53|10.10.254.70|60510|Built outbound UDP connection 319 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/60510 (10.10.254.70/60510)
6|May 06 2013|06:59:12|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:12|302015|192.168.152.21|53|10.10.254.70|50779|Built outbound UDP connection 317 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/50779 (10.10.254.70/50779)
6|May 06 2013|06:59:11|302015|192.168.160.21|53|10.10.254.70|60510|Built outbound UDP connection 316 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/60510 (10.10.254.70/60510)
6|May 06 2013|06:59:11|302016|192.168.152.21|53|10.10.254.70|49716|Teardown UDP connection 194 for outside:192.168.152.21/53 to inside:10.10.254.70/49716 duration 0:02:07 bytes 111
6|May 06 2013|06:59:11|302016|192.168.152.21|53|10.10.254.70|57570|Teardown UDP connection 193 for outside:192.168.152.21/53 to inside:10.10.254.70/57570 duration 0:02:07 bytes 156
6|May 06 2013|06:59:11|302016|192.168.160.21|53|10.10.254.70|49716|Teardown UDP connection 192 for outside:192.168.160.21/53 to inside:10.10.254.70/49716 duration 0:02:08 bytes 148
6|May 06 2013|06:59:11|302016|192.168.160.21|53|10.10.254.70|57570|Teardown UDP connection 191 for outside:192.168.160.21/53 to inside:10.10.254.70/57570 duration 0:02:08 bytes 208
6|May 06 2013|06:59:11|302015|192.168.160.21|53|10.10.254.70|50779|Built outbound UDP connection 315 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/50779 (10.10.254.70/50779)
6|May 06 2013|06:59:10|302015|192.168.152.21|53|10.10.254.70|64783|Built outbound UDP connection 314 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/64783 (10.10.254.70/64783)
6|May 06 2013|06:59:10|302016|192.168.152.21|53|10.10.254.70|63136|Teardown UDP connection 190 for outside:192.168.152.21/53 to inside:10.10.254.70/63136 duration 0:02:07 bytes 111
6|May 06 2013|06:59:10|302016|192.168.160.21|53|10.10.254.70|63136|Teardown UDP connection 189 for outside:192.168.160.21/53 to inside:10.10.254.70/63136 duration 0:02:08 bytes 148
6|May 06 2013|06:59:10|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:09|302015|192.168.160.21|53|10.10.254.70|64783|Built outbound UDP connection 313 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/64783 (10.10.254.70/64783)
6|May 06 2013|06:59:08|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:06|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:04|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:03|305012|10.10.254.70|34458|192.168.13.100|26157|Teardown dynamic TCP translation from inside:10.10.254.70/34458 to outside:192.168.13.100/26157 duration 0:01:00
6|May 06 2013|06:59:02|302016|192.168.160.21|53|10.10.254.70|54985|Teardown UDP connection 186 for outside:192.168.160.21/53 to inside:10.10.254.70/54985 duration 0:02:07 bytes 152
6|May 06 2013|06:59:02|302016|192.168.152.21|53|10.10.254.70|54985|Teardown UDP connection 184 for outside:192.168.152.21/53 to inside:10.10.254.70/54985 duration 0:02:08 bytes 114
6|May 06 2013|06:59:02|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:59:00|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:58|305012|10.10.254.70|34457|192.168.13.100|43659|Teardown dynamic TCP translation from inside:10.10.254.70/34457 to outside:192.168.13.100/43659 duration 0:01:00
6|May 06 2013|06:58:58|305012|10.10.254.70|34456|192.168.13.100|47534|Teardown dynamic TCP translation from inside:10.10.254.70/34456 to outside:192.168.13.100/47534 duration 0:01:00
6|May 06 2013|06:58:58|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:57|305012|10.10.254.70|34455|192.168.13.100|4536|Teardown dynamic TCP translation from inside:10.10.254.70/34455 to outside:192.168.13.100/4536 duration 0:01:00
6|May 06 2013|06:58:57|302016|192.168.160.21|53|10.10.254.70|57758|Teardown UDP connection 182 for outside:192.168.160.21/53 to inside:10.10.254.70/57758 duration 0:02:07 bytes 152
6|May 06 2013|06:58:57|302016|192.168.160.21|53|10.10.254.70|56258|Teardown UDP connection 181 for outside:192.168.160.21/53 to inside:10.10.254.70/56258 duration 0:02:07 bytes 148
6|May 06 2013|06:58:57|302016|192.168.152.21|53|10.10.254.70|57758|Teardown UDP connection 180 for outside:192.168.152.21/53 to inside:10.10.254.70/57758 duration 0:02:08 bytes 114
6|May 06 2013|06:58:57|302016|192.168.152.21|53|10.10.254.70|56258|Teardown UDP connection 179 for outside:192.168.152.21/53 to inside:10.10.254.70/56258 duration 0:02:08 bytes 111
6|May 06 2013|06:58:57|305012|10.10.254.70|34454|192.168.13.100|39886|Teardown dynamic TCP translation from inside:10.10.254.70/34454 to outside:192.168.13.100/39886 duration 0:01:00
6|May 06 2013|06:58:56|302015|192.168.152.21|53|10.10.254.70|65123|Built outbound UDP connection 309 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/65123 (10.10.254.70/65123)
6|May 06 2013|06:58:56|305012|10.10.254.70|34453|192.168.13.100|34856|Teardown dynamic TCP translation from inside:10.10.254.70/34453 to outside:192.168.13.100/34856 duration 0:01:00
6|May 06 2013|06:58:56|305012|10.10.254.70|34452|192.168.13.100|33908|Teardown dynamic TCP translation from inside:10.10.254.70/34452 to outside:192.168.13.100/33908 duration 0:01:00
6|May 06 2013|06:58:56|302016|67.84.253.214|56426|10.10.254.70|64582|Teardown UDP connection 185 for outside:67.84.253.214/56426 to inside:10.10.254.70/64582 duration 0:02:01 bytes 44
6|May 06 2013|06:58:56|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:56|302015|192.168.152.21|53|10.10.254.70|65511|Built outbound UDP connection 307 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/65511 (10.10.254.70/65511)
6|May 06 2013|06:58:56|302016|192.168.160.21|53|10.10.254.70|54190|Teardown UDP connection 178 for outside:192.168.160.21/53 to inside:10.10.254.70/54190 duration 0:02:07 bytes 148
6|May 06 2013|06:58:56|302016|192.168.152.21|53|10.10.254.70|54190|Teardown UDP connection 177 for outside:192.168.152.21/53 to inside:10.10.254.70/54190 duration 0:02:08 bytes 111
6|May 06 2013|06:58:55|302015|192.168.160.21|53|10.10.254.70|65123|Built outbound UDP connection 306 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/65123 (10.10.254.70/65123)
6|May 06 2013|06:58:55|302015|192.168.160.21|53|10.10.254.70|65511|Built outbound UDP connection 305 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/65511 (10.10.254.70/65511)
6|May 06 2013|06:58:54|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:53|302016|192.168.160.21|53|10.10.254.70|57069|Teardown UDP connection 175 for outside:192.168.160.21/53 to inside:10.10.254.70/57069 duration 0:02:07 bytes 236
6|May 06 2013|06:58:53|302016|192.168.152.21|53|10.10.254.70|57069|Teardown UDP connection 173 for outside:192.168.152.21/53 to inside:10.10.254.70/57069 duration 0:02:08 bytes 177
6|May 06 2013|06:58:52|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:51|302015|192.168.152.21|53|10.10.254.70|51914|Built outbound UDP connection 303 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/51914 (10.10.254.70/51914)
6|May 06 2013|06:58:51|302016|192.168.160.21|53|10.10.254.70|53582|Teardown UDP connection 169 for outside:192.168.160.21/53 to inside:10.10.254.70/53582 duration 0:02:07 bytes 120
6|May 06 2013|06:58:51|302016|192.168.152.21|53|10.10.254.70|53582|Teardown UDP connection 166 for outside:192.168.152.21/53 to inside:10.10.254.70/53582 duration 0:02:08 bytes 90
6|May 06 2013|06:58:50|302016|178.46.108.7|36497|10.10.254.70|64582|Teardown UDP connection 96 for outside:178.46.108.7/36497 to inside:10.10.254.70/64582 duration 0:02:34 bytes 108
6|May 06 2013|06:58:50|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:50|302015|192.168.160.21|53|10.10.254.70|51914|Built outbound UDP connection 302 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/51914 (10.10.254.70/51914)
6|May 06 2013|06:58:48|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:48|302015|192.168.152.21|53|10.10.254.70|65020|Built outbound UDP connection 300 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/65020 (10.10.254.70/65020)
6|May 06 2013|06:58:47|302014|50.72.9.170|12248|10.10.254.70|34454|Teardown TCP connection 252 for outside:50.72.9.170/12248 to inside:10.10.254.70/34454 duration 0:00:50 bytes 389 TCP FINs
6|May 06 2013|06:58:47|302014|174.91.241.232|53766|10.10.254.70|34458|Teardown TCP connection 260 for outside:174.91.241.232/53766 to inside:10.10.254.70/34458 duration 0:00:44 bytes 384 TCP FINs
6|May 06 2013|06:58:47|302014|24.202.182.58|43715|10.10.254.70|34452|Teardown TCP connection 249 for outside:24.202.182.58/43715 to inside:10.10.254.70/34452 duration 0:00:51 bytes 440 TCP FINs
6|May 06 2013|06:58:47|302015|192.168.160.21|53|10.10.254.70|65020|Built outbound UDP connection 299 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/65020 (10.10.254.70/65020)
6|May 06 2013|06:58:46|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:45|305012|10.10.254.70|34448|192.168.13.100|53786|Teardown dynamic TCP translation from inside:10.10.254.70/34448 to outside:192.168.13.100/53786 duration 0:01:30
6|May 06 2013|06:58:44|305012|10.10.254.70|34447|192.168.13.100|43394|Teardown dynamic TCP translation from inside:10.10.254.70/34447 to outside:192.168.13.100/43394 duration 0:01:30
6|May 06 2013|06:58:44|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:44|302016|192.168.152.21|53|10.10.254.70|62190|Teardown UDP connection 162 for outside:192.168.152.21/53 to inside:10.10.254.70/62190 duration 0:02:07 bytes 111
6|May 06 2013|06:58:44|302016|192.168.160.21|53|10.10.254.70|62190|Teardown UDP connection 158 for outside:192.168.160.21/53 to inside:10.10.254.70/62190 duration 0:02:08 bytes 148
6|May 06 2013|06:58:42|302015|192.168.152.21|53|10.10.254.70|57574|Built outbound UDP connection 297 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/57574 (10.10.254.70/57574)
6|May 06 2013|06:58:42|302016|192.168.152.21|53|10.10.254.70|52009|Teardown UDP connection 157 for outside:192.168.152.21/53 to inside:10.10.254.70/52009 duration 0:02:07 bytes 111
6|May 06 2013|06:58:42|302016|192.168.152.21|53|10.10.254.70|56201|Teardown UDP connection 156 for outside:192.168.152.21/53 to inside:10.10.254.70/56201 duration 0:02:07 bytes 114
6|May 06 2013|06:58:42|302016|192.168.160.21|53|10.10.254.70|56201|Teardown UDP connection 154 for outside:192.168.160.21/53 to inside:10.10.254.70/56201 duration 0:02:08 bytes 152
6|May 06 2013|06:58:42|302016|192.168.160.21|53|10.10.254.70|52009|Teardown UDP connection 153 for outside:192.168.160.21/53 to inside:10.10.254.70/52009 duration 0:02:08 bytes 148
6|May 06 2013|06:58:42|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:41|302015|192.168.152.21|53|10.10.254.70|54805|Built outbound UDP connection 296 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/54805 (10.10.254.70/54805)
6|May 06 2013|06:58:41|302015|192.168.160.21|53|10.10.254.70|57574|Built outbound UDP connection 295 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/57574 (10.10.254.70/57574)
6|May 06 2013|06:58:40|302015|192.168.160.21|53|10.10.254.70|54805|Built outbound UDP connection 294 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/54805 (10.10.254.70/54805)
6|May 06 2013|06:58:40|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:39|302016|192.168.152.21|53|10.10.254.70|49838|Teardown UDP connection 149 for outside:192.168.152.21/53 to inside:10.10.254.70/49838 duration 0:02:07 bytes 165
6|May 06 2013|06:58:39|302016|192.168.160.21|53|10.10.254.70|49838|Teardown UDP connection 142 for outside:192.168.160.21/53 to inside:10.10.254.70/49838 duration 0:02:08 bytes 220
6|May 06 2013|06:58:38|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:37|302016|192.168.152.21|53|10.10.254.70|65386|Teardown UDP connection 138 for outside:192.168.152.21/53 to inside:10.10.254.70/65386 duration 0:02:07 bytes 105
6|May 06 2013|06:58:37|302016|192.168.160.21|53|10.10.254.70|65386|Teardown UDP connection 136 for outside:192.168.160.21/53 to inside:10.10.254.70/65386 duration 0:02:08 bytes 140
6|May 06 2013|06:58:36|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:35|302016|76.119.99.25|62111|10.10.254.70|64582|Teardown UDP connection 140 for outside:76.119.99.25/62111 to inside:10.10.254.70/64582 duration 0:02:04 bytes 220
6|May 06 2013|06:58:34|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:33|302016|192.168.1.134|34097|10.10.254.70|64582|Teardown UDP connection 143 for outside:192.168.1.134/34097 to inside:10.10.254.70/64582 duration 0:02:02 bytes 56
6|May 06 2013|06:58:33|302015|192.168.152.21|53|10.10.254.70|64940|Built outbound UDP connection 291 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/64940 (10.10.254.70/64940)
6|May 06 2013|06:58:32|302016|213.199.179.150|443|10.10.254.70|64582|Teardown UDP connection 141 for outside:213.199.179.150/443 to inside:10.10.254.70/64582 duration 0:02:01 bytes 44
6|May 06 2013|06:58:32|302015|192.168.160.21|53|10.10.254.70|64940|Built outbound UDP connection 290 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/64940 (10.10.254.70/64940)
6|May 06 2013|06:58:32|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:32|302016|192.168.160.21|53|10.10.254.70|62327|Teardown UDP connection 133 for outside:192.168.160.21/53 to inside:10.10.254.70/62327 duration 0:02:07 bytes 148
6|May 06 2013|06:58:32|302016|192.168.152.21|53|10.10.254.70|62327|Teardown UDP connection 131 for outside:192.168.152.21/53 to inside:10.10.254.70/62327 duration 0:02:08 bytes 111
6|May 06 2013|06:58:31|302016|111.221.77.161|443|10.10.254.70|64582|Teardown UDP connection 101 for outside:111.221.77.161/443 to inside:10.10.254.70/64582 duration 0:02:14 bytes 88
6|May 06 2013|06:58:31|302016|192.168.160.21|53|10.10.254.70|50601|Teardown UDP connection 132 for outside:192.168.160.21/53 to inside:10.10.254.70/50601 duration 0:02:07 bytes 136
6|May 06 2013|06:58:31|302016|192.168.152.21|53|10.10.254.70|50601|Teardown UDP connection 130 for outside:192.168.152.21/53 to inside:10.10.254.70/50601 duration 0:02:08 bytes 102
6|May 06 2013|06:58:31|302016|69.142.74.136|5370|10.10.254.70|64582|Teardown UDP connection 97 for outside:69.142.74.136/5370 to inside:10.10.254.70/64582 duration 0:02:14 bytes 88
6|May 06 2013|06:58:30|302016|187.35.72.228|9426|10.10.254.70|64582|Teardown UDP connection 98 for outside:187.35.72.228/9426 to inside:10.10.254.70/64582 duration 0:02:13 bytes 36
6|May 06 2013|06:58:30|302015|192.168.152.21|53|10.10.254.70|52963|Built outbound UDP connection 288 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/52963 (10.10.254.70/52963)
6|May 06 2013|06:58:30|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:30|302015|192.168.152.21|53|10.10.254.70|50141|Built outbound UDP connection 287 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/50141 (10.10.254.70/50141)
6|May 06 2013|06:58:30|302016|192.168.160.21|53|10.10.254.70|49975|Teardown UDP connection 129 for outside:192.168.160.21/53 to inside:10.10.254.70/49975 duration 0:02:07 bytes 160
6|May 06 2013|06:58:30|302016|192.168.152.21|53|10.10.254.70|49975|Teardown UDP connection 127 for outside:192.168.152.21/53 to inside:10.10.254.70/49975 duration 0:02:08 bytes 120
6|May 06 2013|06:58:29|302016|192.168.160.21|53|10.10.254.70|57658|Teardown UDP connection 128 for outside:192.168.160.21/53 to inside:10.10.254.70/57658 duration 0:02:07 bytes 136
6|May 06 2013|06:58:29|302016|192.168.152.21|53|10.10.254.70|57658|Teardown UDP connection 126 for outside:192.168.152.21/53 to inside:10.10.254.70/57658 duration 0:02:08 bytes 102
6|May 06 2013|06:58:29|302015|192.168.160.21|53|10.10.254.70|52963|Built outbound UDP connection 286 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/52963 (10.10.254.70/52963)
6|May 06 2013|06:58:29|302015|192.168.160.21|53|10.10.254.70|50141|Built outbound UDP connection 285 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/50141 (10.10.254.70/50141)
6|May 06 2013|06:58:28|302014|184.64.37.48|80|10.10.254.70|34457|Teardown TCP connection 257 for outside:184.64.37.48/80 to inside:10.10.254.70/34457 duration 0:00:30 bytes 0 SYN Timeout
6|May 06 2013|06:58:28|302014|184.64.37.48|443|10.10.254.70|34456|Teardown TCP connection 256 for outside:184.64.37.48/443 to inside:10.10.254.70/34456 duration 0:00:30 bytes 0 SYN Timeout
6|May 06 2013|06:58:28|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:27|302014|184.64.37.48|53578|10.10.254.70|34455|Teardown TCP connection 254 for outside:184.64.37.48/53578 to inside:10.10.254.70/34455 duration 0:00:30 bytes 0 SYN Timeout
6|May 06 2013|06:58:27|302015|192.168.152.21|53|10.10.254.70|57349|Built outbound UDP connection 283 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/57349 (10.10.254.70/57349)
6|May 06 2013|06:58:26|302015|192.168.152.21|53|10.10.254.70|54841|Built outbound UDP connection 282 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/54841 (10.10.254.70/54841)
6|May 06 2013|06:58:26|302014|184.64.37.48|53578|10.10.254.70|34453|Teardown TCP connection 250 for outside:184.64.37.48/53578 to inside:10.10.254.70/34453 duration 0:00:30 bytes 0 SYN Timeout
6|May 06 2013|06:58:26|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:26|302015|192.168.160.21|53|10.10.254.70|57349|Built outbound UDP connection 281 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/57349 (10.10.254.70/57349)
6|May 06 2013|06:58:25|302015|192.168.160.21|53|10.10.254.70|54841|Built outbound UDP connection 280 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/54841 (10.10.254.70/54841)
6|May 06 2013|06:58:25|302016|192.168.160.21|53|10.10.254.70|63377|Teardown UDP connection 118 for outside:192.168.160.21/53 to inside:10.10.254.70/63377 duration 0:02:07 bytes 236
6|May 06 2013|06:58:25|302016|192.168.152.21|53|10.10.254.70|63377|Teardown UDP connection 104 for outside:192.168.152.21/53 to inside:10.10.254.70/63377 duration 0:02:08 bytes 177
6|May 06 2013|06:58:24|302016|192.168.160.21|53|10.10.254.70|53894|Teardown UDP connection 107 for outside:192.168.160.21/53 to inside:10.10.254.70/53894 duration 0:02:07 bytes 164
6|May 06 2013|06:58:24|302016|192.168.160.21|53|10.10.254.70|53008|Teardown UDP connection 106 for outside:192.168.160.21/53 to inside:10.10.254.70/53008 duration 0:02:07 bytes 164
6|May 06 2013|06:58:24|302016|192.168.160.21|53|10.10.254.70|62979|Teardown UDP connection 105 for outside:192.168.160.21/53 to inside:10.10.254.70/62979 duration 0:02:07 bytes 164
6|May 06 2013|06:58:24|302016|192.168.152.21|53|10.10.254.70|53894|Teardown UDP connection 92 for outside:192.168.152.21/53 to inside:10.10.254.70/53894 duration 0:02:08 bytes 123
6|May 06 2013|06:58:24|302016|192.168.152.21|53|10.10.254.70|53008|Teardown UDP connection 91 for outside:192.168.152.21/53 to inside:10.10.254.70/53008 duration 0:02:08 bytes 123
6|May 06 2013|06:58:24|302016|192.168.152.21|53|10.10.254.70|62979|Teardown UDP connection 90 for outside:192.168.152.21/53 to inside:10.10.254.70/62979 duration 0:02:08 bytes 123
6|May 06 2013|06:58:24|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:24|302016|192.168.160.21|53|10.10.254.70|54579|Teardown UDP connection 100 for outside:192.168.160.21/53 to inside:10.10.254.70/54579 duration 0:02:07 bytes 128
6|May 06 2013|06:58:24|302016|192.168.152.21|53|10.10.254.70|54579|Teardown UDP connection 86 for outside:192.168.152.21/53 to inside:10.10.254.70/54579 duration 0:02:08 bytes 96
6|May 06 2013|06:58:22|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:22|302016|192.168.160.21|53|10.10.254.70|50518|Teardown UDP connection 94 for outside:192.168.160.21/53 to inside:10.10.254.70/50518 duration 0:02:05 bytes 80
6|May 06 2013|06:58:22|302016|192.168.152.21|53|10.10.254.70|50518|Teardown UDP connection 93 for outside:192.168.152.21/53 to inside:10.10.254.70/50518 duration 0:02:05 bytes 80
6|May 06 2013|06:58:22|302016|192.168.160.21|53|10.10.254.70|61054|Teardown UDP connection 89 for outside:192.168.160.21/53 to inside:10.10.254.70/61054 duration 0:02:06 bytes 74
6|May 06 2013|06:58:22|302016|192.168.152.21|53|10.10.254.70|61054|Teardown UDP connection 88 for outside:192.168.152.21/53 to inside:10.10.254.70/61054 duration 0:02:06 bytes 74
6|May 06 2013|06:58:20|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:19|302016|192.168.160.21|53|10.10.254.70|49862|Teardown UDP connection 124 for outside:192.168.160.21/53 to inside:10.10.254.70/49862 duration 0:02:01 bytes 41
6|May 06 2013|06:58:19|302016|192.168.160.21|53|10.10.254.70|52028|Teardown UDP connection 123 for outside:192.168.160.21/53 to inside:10.10.254.70/52028 duration 0:02:01 bytes 41
6|May 06 2013|06:58:19|302016|192.168.152.21|53|10.10.254.70|52028|Teardown UDP connection 122 for outside:192.168.152.21/53 to inside:10.10.254.70/52028 duration 0:02:01 bytes 41
6|May 06 2013|06:58:19|302016|192.168.152.21|53|10.10.254.70|49862|Teardown UDP connection 121 for outside:192.168.152.21/53 to inside:10.10.254.70/49862 duration 0:02:01 bytes 41
6|May 06 2013|06:58:19|302016|192.168.160.21|53|10.10.254.70|63772|Teardown UDP connection 120 for outside:192.168.160.21/53 to inside:10.10.254.70/63772 duration 0:02:01 bytes 41
6|May 06 2013|06:58:19|302016|192.168.152.21|53|10.10.254.70|63772|Teardown UDP connection 119 for outside:192.168.152.21/53 to inside:10.10.254.70/63772 duration 0:02:01 bytes 41
6|May 06 2013|06:58:19|302016|192.168.160.21|53|10.10.254.70|55207|Teardown UDP connection 117 for outside:192.168.160.21/53 to inside:10.10.254.70/55207 duration 0:02:01 bytes 40
6|May 06 2013|06:58:19|302016|192.168.152.21|53|10.10.254.70|55207|Teardown UDP connection 116 for outside:192.168.152.21/53 to inside:10.10.254.70/55207 duration 0:02:01 bytes 40
6|May 06 2013|06:58:19|302016|192.168.160.21|53|10.10.254.70|51370|Teardown UDP connection 115 for outside:192.168.160.21/53 to inside:10.10.254.70/51370 duration 0:02:02 bytes 32
6|May 06 2013|06:58:19|302016|192.168.152.21|53|10.10.254.70|51370|Teardown UDP connection 114 for outside:192.168.152.21/53 to inside:10.10.254.70/51370 duration 0:02:02 bytes 32
6|May 06 2013|06:58:18|302016|192.168.160.21|53|10.10.254.70|54447|Teardown UDP connection 113 for outside:192.168.160.21/53 to inside:10.10.254.70/54447 duration 0:02:01 bytes 38
6|May 06 2013|06:58:18|302016|192.168.152.21|53|10.10.254.70|54447|Teardown UDP connection 112 for outside:192.168.152.21/53 to inside:10.10.254.70/54447 duration 0:02:01 bytes 38
6|May 06 2013|06:58:18|302016|192.168.160.21|53|10.10.254.70|53196|Teardown UDP connection 111 for outside:192.168.160.21/53 to inside:10.10.254.70/53196 duration 0:02:01 bytes 32
6|May 06 2013|06:58:18|302016|192.168.152.21|53|10.10.254.70|53196|Teardown UDP connection 110 for outside:192.168.152.21/53 to inside:10.10.254.70/53196 duration 0:02:01 bytes 32
6|May 06 2013|06:58:18|302016|192.168.160.21|53|10.10.254.70|59127|Teardown UDP connection 109 for outside:192.168.160.21/53 to inside:10.10.254.70/59127 duration 0:02:01 bytes 32
6|May 06 2013|06:58:18|302016|192.168.152.21|53|10.10.254.70|59127|Teardown UDP connection 108 for outside:192.168.152.21/53 to inside:10.10.254.70/59127 duration 0:02:01 bytes 32
6|May 06 2013|06:58:18|302016|157.55.130.158|443|10.10.254.70|64582|Teardown UDP connection 102 for outside:157.55.130.158/443 to inside:10.10.254.70/64582 duration 0:02:01 bytes 44
6|May 06 2013|06:58:18|302016|126.159.50.221|5081|10.10.254.70|64582|Teardown UDP connection 95 for outside:126.159.50.221/5081 to inside:10.10.254.70/64582 duration 0:02:02 bytes 18
6|May 06 2013|06:58:18|302015|192.168.152.21|53|10.10.254.70|57615|Built outbound UDP connection 277 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/57615 (10.10.254.70/57615)
6|May 06 2013|06:58:18|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:17|302015|192.168.160.21|53|10.10.254.70|57615|Built outbound UDP connection 276 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/57615 (10.10.254.70/57615)
6|May 06 2013|06:58:17|302014|65.183.143.163|10103|10.10.254.70|34448|Teardown TCP connection 203 for outside:65.183.143.163/10103 to inside:10.10.254.70/34448 duration 0:01:02 bytes 353 TCP FINs
6|May 06 2013|06:58:17|302013|71.207.1.189|1761|10.10.254.70|34468|Built outbound TCP connection 275 for outside:71.207.1.189/1761 (71.207.1.189/1761) to inside:10.10.254.70/34468 (192.168.13.100/55721)
6|May 06 2013|06:58:17|305011|10.10.254.70|34468|192.168.13.100|55721|Built dynamic TCP translation from inside:10.10.254.70/34468 to outside:192.168.13.100/55721
6|May 06 2013|06:58:16|302014|184.37.189.185|60952|10.10.254.70|34447|Teardown TCP connection 202 for outside:184.37.189.185/60952 to inside:10.10.254.70/34447 duration 0:01:02 bytes 400 TCP FINs
6|May 06 2013|06:58:16|302016|112.208.137.190|25040|10.10.254.70|64582|Teardown UDP connection 29 for outside:112.208.137.190/25040 to inside:10.10.254.70/64582 duration 0:02:08 bytes 184
6|May 06 2013|06:58:16|302013|67.86.118.52|17365|10.10.254.70|34467|Built outbound TCP connection 274 for outside:67.86.118.52/17365 (67.86.118.52/17365) to inside:10.10.254.70/34467 (192.168.13.100/48446)
6|May 06 2013|06:58:16|305011|10.10.254.70|34467|192.168.13.100|48446|Built dynamic TCP translation from inside:10.10.254.70/34467 to outside:192.168.13.100/48446
6|May 06 2013|06:58:16|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:16|302016|37.229.14.159|5806|10.10.254.70|64582|Teardown UDP connection 28 for outside:37.229.14.159/5806 to inside:10.10.254.70/64582 duration 0:02:07 bytes 184
6|May 06 2013|06:58:15|305012|10.10.254.70|34441|192.168.13.100|33964|Teardown dynamic TCP translation from inside:10.10.254.70/34441 to outside:192.168.13.100/33964 duration 0:01:30
6|May 06 2013|06:58:15|302015|192.168.152.21|53|10.10.254.70|55062|Built outbound UDP connection 272 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/55062 (10.10.254.70/55062)
6|May 06 2013|06:58:14|302015|192.168.160.21|53|10.10.254.70|55062|Built outbound UDP connection 271 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/55062 (10.10.254.70/55062)
6|May 06 2013|06:58:14|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:12|302015|192.168.152.21|53|10.10.254.70|61073|Built outbound UDP connection 270 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/61073 (10.10.254.70/61073)
6|May 06 2013|06:58:12|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:11|302015|192.168.160.21|53|10.10.254.70|61073|Built outbound UDP connection 268 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/61073 (10.10.254.70/61073)
6|May 06 2013|06:58:10|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:10|302016|157.55.130.155|443|10.10.254.70|64582|Teardown UDP connection 31 for outside:157.55.130.155/443 to inside:10.10.254.70/64582 duration 0:02:01 bytes 18
6|May 06 2013|06:58:10|302016|111.221.77.166|443|10.10.254.70|64582|Teardown UDP connection 30 for outside:111.221.77.166/443 to inside:10.10.254.70/64582 duration 0:02:01 bytes 18
6|May 06 2013|06:58:08|302015|192.168.152.21|53|10.10.254.70|50088|Built outbound UDP connection 267 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/50088 (10.10.254.70/50088)
6|May 06 2013|06:58:08|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:08|302016|10.10.254.70|68|10.10.254.254|67|Teardown UDP connection 19 for inside:10.10.254.70/68 to identity:10.10.254.254/67 duration 0:02:01 bytes 641
6|May 06 2013|06:58:08|302016|255.255.255.255|68|10.10.254.254|67|Teardown UDP connection 17 for inside:255.255.255.255/68 to identity:10.10.254.254/67 duration 0:02:01 bytes 249
6|May 06 2013|06:58:08|302016|0.0.0.0|68|255.255.255.255|67|Teardown UDP connection 16 for inside:0.0.0.0/68 to identity:255.255.255.255/67 duration 0:02:01 bytes 948
6|May 06 2013|06:58:07|302015|192.168.160.21|53|10.10.254.70|50088|Built outbound UDP connection 265 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/50088 (10.10.254.70/50088)
6|May 06 2013|06:58:06|302015|192.168.152.21|53|10.10.254.70|63993|Built outbound UDP connection 264 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/63993 (10.10.254.70/63993)
6|May 06 2013|06:58:06|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:05|302015|192.168.160.21|53|10.10.254.70|63993|Built outbound UDP connection 263 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/63993 (10.10.254.70/63993)
6|May 06 2013|06:58:04|302016|70.171.138.105|9016|10.10.254.70|64582|Teardown UDP connection 5 for outside:70.171.138.105/9016 to inside:10.10.254.70/64582 duration 0:02:01 bytes 18
6|May 06 2013|06:58:04|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:03|302015|192.168.152.21|53|10.10.254.70|53734|Built outbound UDP connection 261 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/53734 (10.10.254.70/53734)
6|May 06 2013|06:58:03|302013|174.91.241.232|53766|10.10.254.70|34458|Built outbound TCP connection 260 for outside:174.91.241.232/53766 (174.91.241.232/53766) to inside:10.10.254.70/34458 (192.168.13.100/26157)
6|May 06 2013|06:58:03|305011|10.10.254.70|34458|192.168.13.100|26157|Built dynamic TCP translation from inside:10.10.254.70/34458 to outside:192.168.13.100/26157
6|May 06 2013|06:58:03|302014|10.10.225.18|443|10.10.254.70|34451|Teardown TCP connection 221 for outside:10.10.225.18/443 to inside:10.10.254.70/34451 duration 0:00:30 bytes 0 SYN Timeout
6|May 06 2013|06:58:02|302015|192.168.160.21|53|10.10.254.70|53734|Built outbound UDP connection 259 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/53734 (10.10.254.70/53734)
6|May 06 2013|06:58:02|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:58:00|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:58|302013|184.64.37.48|80|10.10.254.70|34457|Built outbound TCP connection 257 for outside:184.64.37.48/80 (184.64.37.48/80) to inside:10.10.254.70/34457 (192.168.13.100/43659)
6|May 06 2013|06:57:58|305011|10.10.254.70|34457|192.168.13.100|43659|Built dynamic TCP translation from inside:10.10.254.70/34457 to outside:192.168.13.100/43659
6|May 06 2013|06:57:58|302013|184.64.37.48|443|10.10.254.70|34456|Built outbound TCP connection 256 for outside:184.64.37.48/443 (184.64.37.48/443) to inside:10.10.254.70/34456 (192.168.13.100/47534)
6|May 06 2013|06:57:58|305011|10.10.254.70|34456|192.168.13.100|47534|Built dynamic TCP translation from inside:10.10.254.70/34456 to outside:192.168.13.100/47534
6|May 06 2013|06:57:58|305012|10.10.254.70|34446|192.168.13.100|3562|Teardown dynamic TCP translation from inside:10.10.254.70/34446 to outside:192.168.13.100/3562 duration 0:01:00
6|May 06 2013|06:57:58|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:58|302015|192.168.152.21|53|10.10.254.70|56866|Built outbound UDP connection 255 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/56866 (10.10.254.70/56866)
6|May 06 2013|06:57:57|302013|184.64.37.48|53578|10.10.254.70|34455|Built outbound TCP connection 254 for outside:184.64.37.48/53578 (184.64.37.48/53578) to inside:10.10.254.70/34455 (192.168.13.100/4536)
6|May 06 2013|06:57:57|305011|10.10.254.70|34455|192.168.13.100|4536|Built dynamic TCP translation from inside:10.10.254.70/34455 to outside:192.168.13.100/4536
6|May 06 2013|06:57:57|302014|74.56.154.191|62152|10.10.254.70|34441|Teardown TCP connection 170 for outside:74.56.154.191/62152 to inside:10.10.254.70/34441 duration 0:01:11 bytes 6953 TCP FINs
6|May 06 2013|06:57:57|302015|192.168.160.21|53|10.10.254.70|56866|Built outbound UDP connection 253 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/56866 (10.10.254.70/56866)
6|May 06 2013|06:57:57|302013|50.72.9.170|12248|10.10.254.70|34454|Built outbound TCP connection 252 for outside:50.72.9.170/12248 (50.72.9.170/12248) to inside:10.10.254.70/34454 (192.168.13.100/39886)
6|May 06 2013|06:57:57|305011|10.10.254.70|34454|192.168.13.100|39886|Built dynamic TCP translation from inside:10.10.254.70/34454 to outside:192.168.13.100/39886
6|May 06 2013|06:57:56|302014|96.228.226.64|48962|10.10.254.70|34446|Teardown TCP connection 188 for outside:96.228.226.64/48962 to inside:10.10.254.70/34446 duration 0:00:58 bytes 363 TCP FINs
6|May 06 2013|06:57:56|302015|192.168.152.21|53|10.10.254.70|59590|Built outbound UDP connection 251 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/59590 (10.10.254.70/59590)
6|May 06 2013|06:57:56|302013|184.64.37.48|53578|10.10.254.70|34453|Built outbound TCP connection 250 for outside:184.64.37.48/53578 (184.64.37.48/53578) to inside:10.10.254.70/34453 (192.168.13.100/34856)
6|May 06 2013|06:57:56|305011|10.10.254.70|34453|192.168.13.100|34856|Built dynamic TCP translation from inside:10.10.254.70/34453 to outside:192.168.13.100/34856
6|May 06 2013|06:57:56|302013|24.202.182.58|43715|10.10.254.70|34452|Built outbound TCP connection 249 for outside:24.202.182.58/43715 (24.202.182.58/43715) to inside:10.10.254.70/34452 (192.168.13.100/33908)
6|May 06 2013|06:57:56|305011|10.10.254.70|34452|192.168.13.100|33908|Built dynamic TCP translation from inside:10.10.254.70/34452 to outside:192.168.13.100/33908
6|May 06 2013|06:57:56|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:55|302015|192.168.160.21|53|10.10.254.70|59590|Built outbound UDP connection 247 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/59590 (10.10.254.70/59590)
6|May 06 2013|06:57:55|302015|192.168.152.21|53|10.10.254.70|63756|Built outbound UDP connection 246 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/63756 (10.10.254.70/63756)
6|May 06 2013|06:57:54|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:54|302015|192.168.160.21|53|10.10.254.70|57967|Built outbound UDP connection 245 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/57967 (10.10.254.70/57967)
6|May 06 2013|06:57:54|302014|10.10.225.18|443|10.10.254.70|34450|Teardown TCP connection 209 for outside:10.10.225.18/443 to inside:10.10.254.70/34450 duration 0:00:30 bytes 0 SYN Timeout
6|May 06 2013|06:57:54|302014|10.10.225.18|443|10.10.254.70|34449|Teardown TCP connection 207 for outside:10.10.225.18/443 to inside:10.10.254.70/34449 duration 0:00:30 bytes 0 SYN Timeout
6|May 06 2013|06:57:54|302015|192.168.160.21|53|10.10.254.70|63756|Built outbound UDP connection 244 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/63756 (10.10.254.70/63756)
6|May 06 2013|06:57:53|302015|192.168.152.21|53|10.10.254.70|57967|Built outbound UDP connection 243 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/57967 (10.10.254.70/57967)
6|May 06 2013|06:57:52|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:50|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:49|302015|192.168.160.21|53|10.10.254.70|54304|Built outbound UDP connection 241 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/54304 (10.10.254.70/54304)
6|May 06 2013|06:57:48|302015|192.168.152.21|53|10.10.254.70|54304|Built outbound UDP connection 240 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/54304 (10.10.254.70/54304)
6|May 06 2013|06:57:48|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:48|302015|192.168.160.21|53|10.10.254.70|65422|Built outbound UDP connection 238 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/65422 (10.10.254.70/65422)
6|May 06 2013|06:57:47|302015|192.168.152.21|53|10.10.254.70|65422|Built outbound UDP connection 237 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/65422 (10.10.254.70/65422)
6|May 06 2013|06:57:46|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:46|302015|192.168.160.21|53|10.10.254.70|50300|Built outbound UDP connection 236 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/50300 (10.10.254.70/50300)
6|May 06 2013|06:57:46|302015|192.168.160.21|53|10.10.254.70|49286|Built outbound UDP connection 235 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/49286 (10.10.254.70/49286)
6|May 06 2013|06:57:45|302015|192.168.152.21|53|10.10.254.70|50300|Built outbound UDP connection 234 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/50300 (10.10.254.70/50300)
6|May 06 2013|06:57:45|302015|192.168.152.21|53|10.10.254.70|49286|Built outbound UDP connection 233 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/49286 (10.10.254.70/49286)
6|May 06 2013|06:57:44|302020|10.10.254.70|1|192.168.152.21|0|Built outbound ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:43|305012|10.10.254.70|34440|192.168.13.100|17057|Teardown dynamic TCP translation from inside:10.10.254.70/34440 to outside:192.168.13.100/17057 duration 0:01:00
6|May 06 2013|06:57:43|302015|192.168.160.21|53|10.10.254.70|57306|Built outbound UDP connection 231 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/57306 (10.10.254.70/57306)
6|May 06 2013|06:57:42|305012|10.10.254.70|34439|192.168.13.100|24448|Teardown dynamic TCP translation from inside:10.10.254.70/34439 to outside:192.168.13.100/24448 duration 0:01:00
6|May 06 2013|06:57:42|305012|10.10.254.70|34438|192.168.13.100|20628|Teardown dynamic TCP translation from inside:10.10.254.70/34438 to outside:192.168.13.100/20628 duration 0:01:00
6|May 06 2013|06:57:42|302015|192.168.160.21|53|10.10.254.70|54646|Built outbound UDP connection 230 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/54646 (10.10.254.70/54646)
6|May 06 2013|06:57:42|302015|192.168.152.21|53|10.10.254.70|57306|Built outbound UDP connection 229 for outside:192.168.152.21/53 (192.168.152.21/53) to inside:10.10.254.70/57306 (10.10.254.70/57306)
6|May 06 2013|06:57:42|302021|192.168.152.21|0|10.10.254.70|1|Teardown ICMP connection for faddr 192.168.152.21/0 gaddr 10.10.254.70/1 laddr 10.10.254.70/1
6|May 06 2013|06:57:42|302015|192.168.160.21|53|10.10.254.70|64481|Built outbound UDP connection 228 for outside:192.168.160.21/53 (192.168.160.21/53) to inside:10.10.254.70/64481 (10.10.254.70/64481)
6|May 06 2013|06:57:41|302015|192.168.152.21|53|10.1First, make sure you correct the mask in the crypto ACL, per my other post.
You should check with the other admin and make sure your crypto ACLs are exact mirrors of each other. It wouldn't be a bad idea to put a sniffer on the WAN side to see if you can detect asymmetrical operation (packets that should be encapsulated, but are not).
It looks like the pool (192.168.100.0 255.255.255.248) is not part of a policy push from the other crypto endpoint.
Are they actually using a /24 mask on their side, or is that an assumption on your part?
Could it be that they are actually using a mask greater than /24 so as to not have an overlap?
My concern was how a host on the far side with a /24 mask would initiate/respond to a host on your side. The host on their side would ARP your host believing it was directly reachable, due to the mask.
Perhaps this might be resolved with "ip proxy-arp" configured on the internal interface of their router.
Is their 192.168.100.0 /? network the connected network on the inside of their router, or buried deeper in their topology? -
Cisco 5520 ASA Port Forward to Endian Firewall VPN Question
Hello,
We have had a VPN operational on our Endian Firewall which uses OpenVPN server on port number 1194. We recently purchased a Cisco 5520 ASA to put in front of our Endian Firewall and I am still hoping to use our current Endian Firewall VPN server. So I am thinking the easiest way to make this happen is to port forward all vpn traffic through the ASA to our Endian Firewall to access the VPN. Anyhow, I am just hoping someone with higher knowledge can let me know if this is the best course of action or if there is another easier or more efficient way of doing this?
Thanks for your comments in advance I am new to cisco technology,
JoeWrong forum, post in "Secuirity - Firewalling". You can move your posting with the Actions panel on the right.
-
Regular expression question - match a template
Hello All!
I've put regex patterns to simple use b4, but this one I'm finding a bit of a challenge.
I need to match lines to the following template:
"9############ ###9,99 XXXXX####9,99 #9"In this template 9s mean digits, Xs mean alphanum characters and the #s mean optional digits.
For example the following strings must mutch the above pattern:
1. "123 18,10 abcde 9,99 1"
2. "1234567890123 1000,99 CCCCC 260,99 2"This is the regex I came up with so far.
"^[ \\d]{13}? [ \\d]{3}?\\d,\\d\\d .{5}?[ \\d]{4}\\d,\\d\\d [ \\d]\\d$"The problem with it of course is that it will match a string like:
1. "9 9 9 ,99 abcde 9 9,99 1"Basically, the question is whether it is possible to ensure that when the optional digits are
not present, they have the required spaces in their positions.
Any help is much appreciated.
P.s. the reason I am trying to use regex instead of splitting the string and validating the tokens
separately is because I have a number of such templates to validate lines against, and each template signals a particular line type. :) Basically I need to decide what type of line is it I just read from a file...
Thnx.First of all, isn't the first digit mandatory?
That would mean that the first part of your regex should be:"^\\d"followed by 12 characters that can be either ' ' or any digit:"^\\d[ \\d]{12}"followed by space, three spaces or digits and a digit"^\\d[ \\d]{12} [ \\d]{3}\\d"comma, two digits, space, five alphanums"^\\d[ \\d]{12} [ \\d]{3}\\d,\\d{2} [\\w[^_]]{5}"4 space or digit, digit, comma, 2 digits"^\\d[ \\d]{12} [ \\d]{3}\\d,\\d{2} [\\w[^_]]{5}[ \\d]{4}\\d,\\d{2}"space, space or digit, digit, the end"^\\d[ \\d]{12} [ \\d]{3}\\d,\\d{2} [\\w[^_]]{5}[ \\d]{4}\\d,\\d{2} [ \\d]\\d$"And please note that the string you provided"9 9 9 ,99 abcde 9 9,99 1"is not supposed to match but the string"9 9,99 abcde 9,99 9"will. -
Anyconnect VPN Certificate-matching not working
Cisco Adaptive Security Appliance Software Version 9.1(4); Device Manager Version 7.1(5)100; anyconnect-win-3.1.05152-k9.pkg
Hello, I am trying to implement Certificate Matching for certain client profiles. However 'certificate matching' does not seem to work- another certificate is always selected instead for Anyconnect SSL VPN authentication.
For example the client has two client-certificates installed: masin2 and masin3. I have configured the client-profile certificate-matching to use masin2 for authentication, but Anyconnect still chooses masin3 instead.
The client-profile looks like this:
<CertificateMatch>
<KeyUsage>
<MatchKey>Key_Encipherment</MatchKey>
<MatchKey>Digital_Signature</MatchKey>
</KeyUsage>
<ExtendedKeyUsage>
<ExtendedMatchKey>ClientAuth</ExtendedMatchKey>
</ExtendedKeyUsage>
<DistinguishedName>
<DistinguishedNameDefinition Operator="Equal" Wildcard="Disabled" MatchCase="Disabled">
<Name>CN</Name>
<Pattern>masin2</Pattern>
</DistinguishedNameDefinition>
</DistinguishedName>
</CertificateMatch>
Any suggestions/ideas? thanks for any input,
heiki.enabling wildcard did not help. also tried disabling/enabling automatic certificate selection- no luck.
I have also tried with and without different keyusage and extendedkeyusage- no difference.
The Client Profile is correctly updated on the client PC every time a change in made, but it seems like Anyconnect is not evaluating the Certificate Matching fields at all. And it seems like the problem is only with the CertificateMatch fields, because other fields are used as configured (for example: certificatestore, retainvpnonlogoff, usestartbeforelogon and so on).
I even upgraded Anyconnect to the latest version 3.1.05160 and still- anyconnect completely ignores certificatematch configuration in client-profile. -
Hi,
We have a customer with a Pix 501(v6.3.4)(PDM v3.02) Firewall.
We can succesfully setup a VPN connection, but the client loses the Internet connection when the VPN connection is up. I found some articles on the Internet about split tunneling, but I cant figure out how to do this.
Can someone please help me out?I suppose 501 is Easy VPN server
Split tunnel says what traffic goes to VPN tunnel if you dont have split tunnel enabled all traffic iis encrypted you need specify with ACL what traffic should be encrypted
check following example whe is ACL 80 used for split tunnel
http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a0080172787.html#wp1062497
M.
Hope that helps rate if it does -
I know this isnt strictly the right forum but this does seem the most appropriate.
I have a hardware firewall and would like clients to be able to login/check email remotely. Will the VPN in the clients leopard network do the trick?
Also if so;
1) would PPTP or L2TP ve best for this.
2) do I need a special key or will the normal password work
3) do I need to open any ports on my hardware firewall
4) any other setup in the firewall required?
ThanksWhat router/firewall is it?
1) Most VPN routers do IPSec which share some ports and protocols with L2TP ("L2TP over IPSec").
So it's common those "steal" the L2TP traffic because UDP port 500 (and ESP protocol if both client and server is directly connected to Internet using public IPs) is used by "plain" IPSec too.
"Apple" L2TP use only UDP ports 500, 4500 (and 1701) when either server or client is behind NAT.
You could perhaps use another VPN client like IPSecuritas (free) or VPN Tracker but IPSec is harder to setup/use.
2) You put what network(s) is on the VPN server side that you want VPN clients to be able to reach.
If you have nothing a default route is assumed and all trafffic is sent through the VPN when a client is connected. If you want a split tunnel setup (only traffic to VPN goes through VPN and the rest straight out through whatever router the client has as for it's gw/default route) you add a private network and a public default route:
private 192.168.123.0/255.255.255.0 (your server LAN or just a part of it using a differnt netmask)
public 0.0.0.0/0.0.0.0 (usually doesn't have much impact and you can override some setting on the VPN client to maybe get a split tunnel).
Here you can try what different netmasks means: http://jodies.de/ipcalc
Also the server LAN shouldn't use any of these networks:
192.168.0.0/24
192.168.1.0/24
becuase most broadband routers use on of those as the default.
Maybe you are looking for
-
AutoSuggest Menu On Input Focus?
I currently am using Spry's autosuggest widgets on various text inputs. Its convenient in that I can give the user the flexibility of typing whatever they want (the html text input) but provide a list of suggestions for pre-existing categories (the a
-
Upgrade from 10.4.11 to 10.5 failing
I'm getting the message that "OSX cannot be installed on this computer". Very odd, it's Mac Pro software and all... Thanks
-
Product type and customer details in project
Hi We are developing a report on the project cost and one of the information in the output should be Customer ..... Product type .....project defn.... Activity start date end date My problem is to identify the product type . The only way i know is
-
Hi, I am looking for a remote debugger for a Java application. Does anyone have any advice ? Thanks.
-
iDvd is no longer available. What program to I use to burn an iMovie to disk? Do I have to purchase another program???