VPN Security

Hi, someone has recently told me that if I am on a VPN network (linking to my university's network from home), and am using a Linksys router, that my computer is not protected, since the university's network is a public one....is this true? If so, how do I protect my Mac Book?

If you are not using an administrator account, and do not enable sharing, then you are reasonably safe from personal attacks.
If you are concerned about your personal information on the web site, if the url is prefaced with https:// then it is secured. If the site is http:// it is unsecured and all bets are off.
If you are concerned about malware from the web site, then that depends on how trustworthy you think it is.
Have a nice day.
Boyd
Message was edited by: Boyd Porter

Similar Messages

  • Router-to-Router VPN Security

    Hi there,
    Should we worry about the the security on router-to-router VPN over internet (IPSec) ?
    We have two offices.
    Office A has Cisco 2811 router (internal, private) and ASA 5510 firewall.
    Office B has Cisco 2821 router (internal, private) and ASA 5505 firewall.
    Office B has private subnets that extend to 7 hops away. (running RIP)
    If we want to set up a site-to-stie VPN between these two offices, should we set it up on ASA's or routers?
    If we set up VPN on routers, does that mean we need to connect one interface to the internet on each router and suffer from Internet attacks?
    How do we defend our routers then?
    Thanks in advance!
    -Andrew

    Hi,
    when it comes to site to site vpn I usually prefer routers. Whith a little bit of tweaking NAT and routing you should be able to operate a public address on the routers even if they are behind the firewall.
    The advantage of IOS based VPN is e.g. the possibility of routing protocols through the VPN tunnels which would give another level of resiliency. Configure tunnel interfaces on the routers with a tunnel mode IPsec and a tunnel protection profile. You can then run e.g. EIGRP to find a possible alternate path if one of the tunnels fails. Its much easier than anything I can think of on the ASA.
    Rgds, MiKa

  • OSX Server 2.21 L2TP VPN - security recommendations

    hi  folks,
    I am running OSX server 2.2.1 hosting mail,  and L2TP VPN which work great..
    I port forward  port 25
    and UDP 500, 1701 , 4500 for the VPN, from my router gateway to my mac mini.
    are there any security concerns in relation to having open access to the UDP ports 500,1701, 4500  on my mac mini?
    I had tried to put a firewall rule on my gateway  to only allow access from the public ip of my iphone over 3g, but that didnt seem to work  as i still could connect over a different public network, so it appears that the firewall rule was ignored as the traffic was automatically being natted by the gateway..
    my main question really, is should i be worried, leaving UDP ports open publically to my mac mini server?
    thanks

    i ran through those processes , and for the last one got file not found
    /System/Library/LaunchDaemons/com.apple.pfctl: file does not exist or is not readable or is not a regular file
    is there a way to verify that the adaptive firewall is running?
    thanks

  • VPN/Security Management Solution

    Will VMS v2.3 support IDSM/IPS 6.x when it is released in the near future?

    Hi,
    The short answer is no.
    See this thread:
    http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Security&topic=Intrusion%20Prevention%20Systems/IDS&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddc61f2
    HTH
    Andrew.

  • 10.8 Server (VPN Secure Internet Gateway) setup question

    I am running Mountain Lion 10.8.4 with Server 2.2.1
    I am attempting to setup the server to allow connection to my internal/Private LAN
    I have the source (External Internet access)  setup as #1 in the service order (en0)
    and the Private network as the secondary (en4)
    I followed the steps on http://macminicolo.net/mountainlionvpn and input my own IP's when needed
    I am able to connect and authenticate to the vpn and able to get internet access through the vpn
    unfortunatly I am unable to reach anything on my private LAN
    this is my settings in my customNATRules:
    nat on en4 from 10.0.0.0/24 to any -> (en4)
    pass from {lo0, 10.0.0.0/24} to any keep state
    i have the sysctl.conf setup with
    net.inet.ip.forwarding=1
    I also changed the com.apple in pf.anchors to reflect the instructions above
    Network Settings
    (en0) My external ip is 192.168.168.4 to my firewall (not giving you my full outside)
    and the DNS Server is pointing to itelf via 127.0.0.1 
    (en4) My Private LAN is set with the DNS to my private DNS servers
    VLAN is setup with the same settings as the instructions state in the link above and I have the DNS set as 127.0.0.1
    DNS Server Settings
    I have my DNS server configured with my local hostname with the Vlan, internal ip, and external ip pointing back to the hostname.
    i have the forwarding DNS servers configured to my private DNS servers for the private lan and as the 3rd I have 8.8.8.8 for general internet
    VPN Server settings
    I have the host name and shared secret set
    I have 10 IP's for client addresses with the same IP segment as the VLAN
    DNS settings i have routed back to the gateway of the vlan
    I have one route configured  i am using in my private lan to be routed private
    is there anything I am missing or setting up incorrectly?   I am struggling at this point and need some help.
    if you need any more info please let me know

    The instructions on that web page aren't applicable to your case. Don't follow them.

  • CiscoWorks VPN/Security Management Solution

    What is the difference between VMS server and VMS client?

    Server runs VMS, the client is anything that will connect to the VMS console remotely.

  • Unable to Access Company LAN via VPN

    Hello,
    I have a ASA 5505 that I have been using to test run the IPSec VPN connection after studying the different configs and running through the ASDM I keep getting the same issue that I can't receive any traffic.
    The company LAN is on a 10.8.0.0 255.255.0.0 network, I have placed the VPN clients in 192.168.10.0 255.255.255.0 network, the 192 clients can't talk to the 10.8 network.
    On the Cisco VPN client I can see lots of sent packets but none received.
    I think it could be to do with the NAT but from the examples I have seen I believe it should work.
    I have attached the complete running-config, as I could well have missed something.
    Many Thanks for any help on this...
    FWBKH(config)# show running-config           
    : Saved
    ASA Version 8.2(2)
    hostname FWBKH
    domain-name test.local
    enable password XXXXXXXXXXXXXXX encrypted
    passwd XXXXXXXXXXXXXXXX encrypted
    names
    name 9.9.9.9 zscaler-uk-network
    name 10.8.50.0 inside-network-it
    name 10.8.112.0 inside-servers
    name 17.7.9.10 fwbkh-out
    name 10.8.127.200 fwbkh-in
    name 192.168.10.0 bkh-vpn-pool
    interface Vlan1
    nameif inside
    security-level 100
    ip address fwbkh-in 255.255.0.0
    interface Vlan2
    nameif outside
    security-level 0
    ip address fwbkh-out 255.255.255.248
    interface Vlan3
    nameif vpn
    security-level 100
    ip address 192.168.10.1 255.255.255.0
    interface Ethernet0/0
    interface Ethernet0/1
    switchport access vlan 2
    interface Ethernet0/2
    shutdown
    interface Ethernet0/3
    shutdown
    interface Ethernet0/4
    shutdown
    interface Ethernet0/5
    shutdown
    interface Ethernet0/6
    shutdown    
    interface Ethernet0/7
    shutdown
    banner login Trespassers will be Shot, Survivors will be Prosecuted!!!!
    banner motd Trespassers will be Shot, Survivors will be Prosecuted!!!!
    banner asdm Trespassers will be Shot, Survivors will be Prosecuted!!!!
    boot system disk0:/asa822-k8.bin
    ftp mode passive
    dns server-group DefaultDNS
    domain-name test.local
    object-group service DM_INLINE_TCP_2 tcp
    port-object eq www
    port-object eq https
    object-group service DM_INLINE_UDP_1 udp
    port-object eq 4500
    port-object eq isakmp
    object-group protocol DM_INLINE_PROTOCOL_1
    protocol-object ip
    protocol-object icmp
    protocol-object udp
    access-list inside_access_in extended permit tcp 10.8.0.0 255.255.0.0 any object-group DM_INLINE_TCP_2 log warnings inactive
    access-list inside_access_in extended permit ip inside-network-it 255.255.255.0 any inactive
    access-list inside_access_in extended permit tcp 10.8.0.0 255.255.0.0 host zscaler-uk-network eq www
    access-list inside_access_in extended permit ip inside-servers 255.255.255.0 any log warnings
    access-list USER-ACL extended permit tcp 10.8.0.0 255.255.0.0 any eq www
    access-list USER-ACL extended permit tcp 10.8.0.0 255.255.0.0 any eq https
    access-list outside_nat0_outbound extended permit ip bkh-vpn-pool 255.255.255.0 10.8.0.0 255.255.0.0
    access-list outside_access_in extended permit udp any host fwbkh-out object-group DM_INLINE_UDP_1 log errors inactive
    access-list inside_nat0_outbound extended permit object-group DM_INLINE_PROTOCOL_1 10.8.0.0 255.255.0.0 any
    access-list inside_nat0_outbound_1 extended permit ip 10.8.0.0 255.255.0.0 bkh-vpn-pool 255.255.255.0
    access-list UK-VPN-USERS_splitTunnel extended permit ip 10.8.0.0 255.255.0.0 bkh-vpn-pool 255.255.255.0
    access-list UK-VPN-USERS_splitTunnel extended permit ip inside-servers 255.255.255.0 bkh-vpn-pool 255.255.255.0
    pager lines 24
    logging enable
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    mtu vpn 1500
    ip local pool UK-VPN-POOL 192.168.10.10-192.168.10.60 mask 255.255.255.0
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-631.bin
    no asdm history enable
    arp timeout 14400
    nat-control  
    global (inside) 1 interface
    global (outside) 1 interface
    nat (inside) 0 access-list inside_nat0_outbound_1
    nat (inside) 1 10.8.0.0 255.255.0.0 dns
    nat (outside) 0 access-list outside_nat0_outbound outside
    access-group inside_access_in in interface inside
    access-group outside_access_in in interface outside
    route outside 0.0.0.0 0.0.0.0 17.7.9.10 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    dynamic-access-policy-record DfltAccessPolicy
    aaa authentication ssh console LOCAL
    http server enable
    http 10.8.0.0 255.255.0.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
    crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
    crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
    crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
    crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
    crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map interface outside
    crypto ca trustpoint BKHFW
    enrollment self
    subject-name CN=FWBKH
    crl configure
    crypto ca certificate chain BKHFW
    certificate fc968750
        308201dd 30820146 a0030201 020204fc 96875030 0d06092a 864886f7 0d010105
        05003033 310e300c 06035504 03130546 57424b48 3121301f 06092a86 4886f70d 
        ccc6f3cb 977029d5 df42515f d35c0d96 798350bf 7472725c fb8cd64d 514dc9cb
        7f05ffb9 b3336388 d55576cc a3d308e1 88e14c1e 8bcb13e5 c58225ff 67144c53 f2
      quit
    crypto isakmp enable outside
    crypto isakmp policy 10
    authentication pre-share
    encryption aes-256
    hash sha
    group 2
    lifetime 86400
    crypto isakmp policy 30
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    telnet timeout 5
    ssh 10.8.0.0 255.255.0.0 inside
    ssh timeout 30
    ssh version 2
    console timeout 0
    dhcpd auto_config outside
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    group-policy UK-VPN-USERS internal
    group-policy UK-VPN-USERS attributes
    dns-server value 10.8.112.1 10.8.112.2
    vpn-tunnel-protocol IPSec svc
    split-tunnel-policy tunnelspecified
    split-tunnel-network-list value UK-VPN-USERS_splitTunnel
    default-domain value test.local
    address-pools value UK-VPN-POOL
    group-policy DfltGrpPolicy attributes
    vpn-tunnel-protocol webvpn
    username admin password XXXXXXXXXXXXXXXXX encrypted privilege 15
    username karl password XXXXXXXXXXXXXXX encrypted privilege 15
    tunnel-group UK-VPN-USERS type remote-access
    tunnel-group UK-VPN-USERS general-attributes
    address-pool UK-VPN-POOL
    default-group-policy UK-VPN-USERS
    tunnel-group UK-VPN-USERS ipsec-attributes
    pre-shared-key *****
    tunnel-group IT-VPN type remote-access
    tunnel-group IT-VPN general-attributes
    address-pool UK-VPN-POOL
    default-group-policy UK-VPN-USERS
    tunnel-group IT-VPN ipsec-attributes
    pre-shared-key *****
    class-map ALLOW-USER-CLASS
    match access-list USER-ACL
    class-map type inspect http match-all ALLOW-URL-CLASS
    match not request header from regex ALLOW-ZSGATEWAY
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    parameters
      message-length maximum client auto
      message-length maximum 512
    policy-map type inspect http ALLOW-URL-POLICY
    parameters
    class ALLOW-URL-CLASS
      drop-connection
    policy-map global_policy
    class inspection_default
      inspect dns preset_dns_map
      inspect ftp
      inspect h323 h225
      inspect h323 ras
      inspect netbios
      inspect rsh
      inspect rtsp
      inspect skinny 
      inspect esmtp
      inspect sqlnet
      inspect sunrpc
      inspect tftp
      inspect sip 
      inspect xdmcp
      inspect ip-options
    policy-map ALLOW-USER-URL-POLICY
    class ALLOW-USER-CLASS
      inspect http
    service-policy global_policy global
    service-policy ALLOW-USER-URL-POLICY interface inside
    prompt hostname context
    call-home
    profile CiscoTAC-1
      no active
      destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
      destination address email [email protected]
      destination transport-method http
      subscribe-to-alert-group diagnostic
      subscribe-to-alert-group environment
      subscribe-to-alert-group inventory periodic monthly
      subscribe-to-alert-group configuration periodic monthly
      subscribe-to-alert-group telemetry periodic daily
    Cryptochecksum:00725d3158adc23e6a2664addb24fce1
    : end

    Hi Karl,
    Please make the following changes:
    ip local pool VPN_POOL_UK_USERS 192.168.254.1-192.168.254.254
    access-list inside_nat0_outbound_1 extended permit ip 10.8.0.0 255.255.0.0 192.168.254.0 255.255.255.0
    no nat (outside) 0 access-list outside_nat0_outbound outside
    access-list UK-VPN-USERS_SPLIT permit 10.8.0.0 255.255.0.0
    group-policy UK-VPN-USERS attributes
    split-tunnel-network-list value UK-VPN-USERS_SPLIT
    no access-list UK-VPN-USERS_splitTunnel extended permit ip 10.8.0.0 255.255.0.0 bkh-vpn-pool 255.255.255.0
    no access-list UK-VPN-USERS_splitTunnel extended permit ip inside-servers 255.255.255.0 bkh-vpn-pool 255.255.255.0
    access-list inside_access_in extended permit ip 10.8.0.0 255.255.255.0 192.168.254.0 255.255.255.0
    management-access inside
    As you can see, I did create a new pool, since you already have an interface in the 192.168.10.0/24 network, which does affect the VPN clients.
    Once you are done, connect the client and try:
    ping 10.8.127.200
    Does it work?
    Try to ping other internal IPs as well.
    Let me know how it goes.
    Portu.
    Please rate any helpful posts
    Message was edited by: Javier Portuguez

  • Non-Domain computers via VPN

    I am not sure if this a right forum for this. I have some non-domain devices that are coming in to my network via VPN (VPN client). can someone tell me on how to deny these non-devices coming in to my network. Is their a configuration in the VPN concentrator to deny non-domain computers? please advise

    Did u deploy IPSEC in ur VPN network?.If snot, u just deploy IP SEC on all the peers and the VPN server.
    IPSEC is a 2 phase VPN security provider.This IPsec along with IKE provides double level security.
    With this ipsec, we configure some security parameters like hostname or remote ip address , pre-shared key etc on both ends(server and peer).When a non-domain client tries to access ur VPN, the vpn server may authenticate the in coming client using either ip address or host name and it wil contact with a aaa server or its own database for validating the user.
    If u r using an external server for validating the incoming users, u must go for aaa server externally.
    For a complete detail of deploying vpn with ipsec,
    http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008017278c.html#wp1045493

  • Secure wireless network connection using Airport.

    Hi,
    I live in a condo with wireless connection. I do not have access to the router and I do not know what its settings are.
    I was provided with a password when I moved in so it has some kind of security.
    Is there any way I can transmit secure data using the building's router? How can I protect my laptop from unwanted intrusion?
    Thank you.

    Couple of points:
    1. Since you don't say what kind of security the wireless router is using, it is hard to say how vulnerable it is or isn't. I am not at a location right at the moment where wireless is permitted, so there is nothing nearby for me to check, but as I recall, if you option-click on the airport icon in your menubar, I think it may tell you the type of encryption. The other option would be to turn off airport then delete the password item from your system keychain (/Applications/Utilities/Keychain Access.app) then turn airport back on and as I recall, it will say what kind of password it wants you to enter (WPA2 or whatever). As far as I know, WPA2 with a good password is as good as it gets. A good password is something not prone to an automated dictionary attack (p@$$w0Rd is not a good password - stuff like that is in the hackers' dictionaries). The more random the character string and the more characters (up to 63), the better.
    2. To keep your computer secure, disable all sharing (System Prefs > Sharing) except for when you need to let others gain access to your computer. Use good passwords (a la #1 above, except I don't think OS X allows anywhere close to 63-character passwords, which nobody could remember anyways, besides it being really inconvenient from a user perspective). Turn your firewall on (System Prefs > Security > Firewall) to block (unanticipated/unexpected) incoming connections unless you know you need it otherwise.
    3. To transmit data securely, your web traffic can only be considered to be secure if using https protocol (like what online banking websites use). There will be a small padlock in the upper right hand corner of Safari's user interface, and the site URL will begin with "https." For file transfers like ftp, it has to be using sftp protocol. For email, it has to have SSL checked on for both send and receive in Mail's Prefs, and whether you use those parameters or not is determined by the email provider, not by you. Also, if you access networks via VPN (like your employer's corporate LAN), VPN securely encapsulates data destined to and from that netwrok.

  • Install cisco security manager

    Good morning:
    I adquire a CSM license and need install, only have one server and this is installed LMS 3.2.
    Follow the installation instructions, i found that this CSM can't be installed in the same server that LMS.
    This is the paragraph:
    "We do not support the coexistence of Security Manager with any third-party software or other Cisco software (including any CiscoWorks-branded “solution” or “bundle,” such as the LAN Management Solution [LMS] or the VPN/Security Management Solution [VMS]), unless we state explicitly otherwise in this guide or at http://www.cisco.com/go/csmanager
    Someone can tell me if this is definitive or can install both in the same server.
    Thank's in advanced

    Yes both cannot be installed on the same server. Even if you manage it by some 'fancy' trick, it won't be supported by Cisco TAC. If you have only one physical server available, consider VMWARE. Regards
    Farrukh

  • Looking for a cisco vpn book

    Hi,
    I?m looking for a cisco book about vpn, secure and deploying.
    I?ve found this one https://ciscobookstore.informit.com/bookstore/product.asp?isbn=1587051796#
    What about this book?
    i?m interested in secure my vpn and migrate them fro site-to-site ipsec to dmvpn.
    Any help?
    Best regards

    Try this:
    http://www.amazon.com/Complete-Cisco-Configuration-Networking-Technology/dp/1587052040/ref=pd_bxgy_b_text_b/102-6156260-7032959
    It's an excellent resource for anyone looking for a reference book on VPN with Cisco device.
    Regards,
    Marco.

  • Central Site Internet Connectivity for MPLS VPN User

    What are the solutions of Central site Internet connectivity for a MPLS VPN user, and what is the best practice?

    Hello,
    Since you mentioned that Internet Access should be through a central site, it is clear that all customer sites (except the central) will somehow have a default (static/dynamic) to reach the central site via the normal VPN path for unknown destinations. Any firewall that might be needed, would be placed at the central site (at least). So, the issue is how the central site accesses the Internet.
    Various methods exist to provide Internet Access to an MPLS VPN. I am not sure if any one of them is considered the best. Each method has its pros and cons, and since you have to balance various factors, those factors might conflict at some point. It is hard to get simplicity, optimal routing, maximum degree of security (no matter how you define "security"), reduced memory demands and cover any other special requirements (such as possibility for overlapping between customer addresses) from a single solution. Probably the most secure VPN is the one which is not open to the Internet. If you open it to the Internet, some holes also open inevitably.
    One method is to create a separate Internet_Access VPN and have other VPNs create an extranet with that Internet_Access VPN. This method is said to be very secure (at least in terms of backbone exposure). However, if full routing is a requirement, the increased memory demands of this solution might lead you to prefer to keep the internet routing table in the Global Routing Table (GRT). You might have full routing in the GRT of PEs and Ps or in PEs only (second is probably better).
    Some names for solutions that exist are: static default routing, dynamic default routing, separate BGP session between PE and CE (via separate interface, subinterface or tunnel), extranet with internet VRF (mentioned earlier), extranet with internet VRF + VRF-aware NAT.
    The choice will depend on the requirements of your environment. I cannot possibly describe all methods here and I do not know of a public document that does. If you need an analysis of MPLS VPN security, you may want to take a look at Michael Behringer's great book with M.Morrow "MPLS VPN Security". Another book that describes solutions is "MPLS and VPN Architectures" by Ivan Pepelnjak. There is a Networkers session on MPLS VPNs that lists solutions. There is also a relevant document in CCO:
    http://www.cisco.com/en/US/tech/tk436/tk428/technologies_configuration_example09186a00801445fb.shtml (covering static default routing option).
    Kind Regards,
    M.

  • VPN monitoring

    Hi, i have a IPSEC VPN tunnel on a 7206 router. Concern is that we want to monitor the status of the tunnel, with following points...
    - Other end is not willing to give us the ICMP access, so we cannot check the status using ICMP.
    - We have enabled the tunnel on CiscoWorks VPN/Security Monitoring Solution.
    First requirement: is that we want to give an interface to our 24/7 helpdesk team, with limited rights.. when i create a user id on CW, with privilege access=helpdesk,that id can view other devices as well, which is not desired. We JUST want to give the page of VPN monitring to that team. How can that be achieved?
    Second Requirement: We have a solution where we can send any text file to our mobile thru sms. I want to send the syslog thru that router-->CW--> our mobile. I can see that the syslogs are reaching in CW-->RME-->Syslog Analysis, but i get following message when i go to CW-->VMS-->Syslog analysis,i get "No records found"..
    so, the first thing is to get the syslog messages visible in VMS, and the second thing to do is to get those syslogs sent to a text file on the server, and rest is easy.
    Please help on both of requirements.

    is there no one else?

  • AnyConnect - Posture Assessment Failed: Unable to get the available CSD version....

    Hello all
    I am attempting to get the HostScan posture assessment working so we can check that any device connecting to the ASA is a valid corporate asset.
    I have installed the posture module onto our test client machine (Windows 8.1) using the following software:
    anyconnect-posture-win-4.0.00061-pre-deploy-k9
    Then in ASDM under Remote Access VPN > Host Scan Image I have uploaded the following package:
    disk0:/hostscan_3.1.06073-k9.pkg
    ...and ticked the box 'Enable Host Scan/CSD'.
    Under Remote Access VPN > Secure Desktop Manager I have configured an initial simple Prelogin policy to test it working, this simply just checks that the OS is Windows 8. A success should map this user to a Group Policy I have created that is mapped to a Connection Profile. 
    So, with all that said, when I try to connect I see that the AnyConnect client going through the motions: "Posture Assessment: Checking for updates....", after which I get a pop-up and error message:
    "Posture Assessment Failed: Unable to get the available CSD version from the secure gateway"
    A bit stumped here and haven't quite found much on the web as to how to resolve this.
    Has anyone encountered this before? If so, can you advise on what I can do
    By the way I am connecting using IKEv2 (IPsec) as these are the requirements and the AC version is 4.0.00061, ASA version: 9.2(1).
    Many thanks

    Hello
    Please forgive the shameless bump. Was hoping someone could help?
    Many thanks

  • Connecting 9.2.2 iBook G3 to iMac with 10.4.9

    I've finally determined (tech support docs on 10.3.9 and online help do NOT make this simple to determine) that AFP ain't supported on 10.4.
    Here is my current problem:
    Open Public folder on iMac (10.4.9, Personal File Sharing enabled) using Chooser and the network icon on the iBook’s Desktop. File Sharing (or is it AppleTalk) Control Panel on the iBook has the "Applehare over TCP/IP" option enabled).
    1. Open finder window to OS X drop box
    2. Click and drag file to open window
    3. Copying starts and progress dialog comes up
    4. First error alert: The File Service's Connection Has Unexpectedly Closed Down
    5. Dismiss that dialog and
    6. "The Selected Files Could Not Be Copied Because the Server Is No Longer Connected."
    I then installed Shareway IP Personal, latest version.
    Restart iBook. I get the same error and error messages.
    During all this time, a connection from iBook to a Blue and White running 10.3.9 remains connected and usable, as does the file sharing connection to an OS 9.2.2 Blue and White.
    I'm a very savvy pre-OS X Mac user and a reasonably savvy OS X user, though simple file sharing in the house with OS X has become an exercise in bafflement.
    The iBook is using an AirPort card through an Asante Wireless VPN Security Router, which is connected to my IP provider. All other Macs are wired.

    Yeah, 10.4.9 broke Appletalk even further than 10.4.0 did!
    I've been able, (using the old Shareway), to download either way, but not upload either way over a few KB.
    10.4.9 copies from my OS9.2.2 machine to itself fine. OS9.2.2 copies from the 10.4.9 machine fine, but trying to put it either way will get that "no longer connected", and most of the time then freeze one or both machines until I reboot the OS9.2.2 machine.

Maybe you are looking for

  • Oracle 10g database homepage not working?

    Oracle 10g database homepage not working? Hi just i installed oracle database 10g express edition but after the restart the oracle database homepage wont open http://127.0.0.1:8080/apex that link always telling cannot display... here i have posted ls

  • Creating alternate layout --- missing a step --- how do I change setting so not only print options?

    Hi - I'm running into an issue when going to Layout/Create Alternate Layout on one of my docs. The following options only appear vs any of the digital options (iPad-H or iPad-V). Then when I hit the Page Size dropdown, these are the only options that

  • How to change language in istore

    Id like to change the language in istore. I live in spain and my billing address is in spain, but id like to do my business in english. Any way to do this?

  • USER EXITS IN BILLING

    HI ALL, Scenario. Billing document created and the user wants to cancel the billing document after the closing period . but the system should not allow to do that what is the user exit to be used ? Please provide the user exit Regards Anil Mairpady

  • Newbie - help with website that i didn't build?

    Hi, My Mother had a website built for her. Things have changed and the site now needs editing. I have gallantly offered to help but am finding it tougher than i thought it would be.  I have the FTP login and the host login - although I'm not really s