Windows Sharing behind a router
I often want to send single files to my brother in another city, and I figured that Windows Sharing should let me do this.
However, when I turn on Windows Sharing, it says "Windows users can access your computer at \\192.168.0.103\Name" which is the IP Address behind my router...
How do I get around this?
Matthew
Since you are only sending 'single files,' if the files are under 2mb, and you are both on DSL or cable, e-mail them.
Similar Messages
-
Printer Sharing and Windows Sharing with Windows Vista
Today I tired setting up a printer sharing network over my linksys wireless router. I turned the printer sharing on and the windows sharing on my mac. Then I launched my notebook with vista on it and installed Bonjour for Windows 1.0.3. Once the installation finished I ran the wizard and installed the shared Epson Stylus Photo 1280 printer.
Once I finished the wizard I gave the printer a go.
I tried printing a word document on my Vista machine using the new wireless set up and nothing happens the printer queue gains the document spools it and then it's gone. Then, I tried using Vistas Sharing set up. After setting up another printer icon (the same printer). When I go to print I get an error message.
Also when I try accessing my shared folder from my vista machine. I use my Username and password for the login. The computer responds that my Mac Mini's username and password is incorrect. Thus, I cannot fileshare between by Mac Mini and my Vista Laptop
What can I do to get my printer sharing and my windows sharing set up to work.
(also, my Epson Stylus Photo 1280 Printer is hooked up to my mac mini through USB).
Please respond
Thank youHello Joe,
I failed the login “connection to server with username and password not possible - Failure 256”
Some cures here...
http://archive.macfixitforums.com/ubbthreads.php/ubb/showflat/Number/691131/site _id/1#import
One more way to overcome stubborn printing to a Windows® printer from a Mac...
http://iharder.sourceforge.net/current/macosx/winmacprinter/
http://docs.info.apple.com/article.html?artnum=301397
iFelix...
http://www.ifelix.co.uk/tech/3020.html
http://www.ifelix.co.uk/tech/windowsxp.html
I did not succeed using the PC’s name - even though the workgroup is set correctly.
Might try Bonjour for Windows...
http://www.apple.com/downloads/macosx/apple/windows/bonjourforwindows.html
Which may also cure the Printer Sharing problem.
Oh. make sure Printer Sharing IS NOT set on the Mac, if it is turn it off & reboot. -
RA VPN into ASA5505 behind C871 Router with one public IP address
Hello,
I have a network like below for testing remote access VPN to ASA5505 behind C871 router with one public IP address.
PC1 (with VPN client)----Internet-----Modem----C871------ASA5505------PC2
The public IP address is assigned to the outside interface of the C871. The C871 forwards incoming traffic UDP 500, 4500, and esp to the outside interface of the ASA that has a private IP address. The PC1 can establish a secure tunnel to the ASA. However, it is not able to ping or access PC2. PC2 is also not able to ping PC1. The PC1 encrypts packets to PC2 but the ASA does not to PC1. Maybe a NAT problem? I understand removing C871 and just use ASA makes VPN much simpler and easier, but I like to understand why it is not working with the current setup and learn how to troubleshoot and fix it. Here's the running config for the C871 and ASA. Thanks in advance for your help!C871:
version 15.0
no service pad
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
service password-encryption
hostname router
boot-start-marker
boot-end-marker
enable password 7 xxxx
aaa new-model
aaa session-id common
clock timezone UTC -8
clock summer-time PDT recurring
dot11 syslog
ip source-route
ip dhcp excluded-address 192.168.2.1
ip dhcp excluded-address 192.168.2.2
ip dhcp pool dhcp-vlan2
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
ip cef
ip domain name xxxx.local
no ipv6 cef
multilink bundle-name authenticated
password encryption aes
username xxxx password 7 xxxx
ip ssh version 2
interface FastEthernet0
switchport mode trunk
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description WAN Interface
ip address 1.1.1.2 255.255.255.252
ip access-group wna-in in
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no cdp enable
interface Vlan1
no ip address
interface Vlan2
description LAN-192.168.2
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly
interface Vlan10
description router-asa
ip address 10.10.10.1 255.255.255.252
ip nat inside
ip virtual-reassembly
ip forward-protocol nd
no ip http server
no ip http secure-server
ip nat inside source list nat-pat interface FastEthernet4 overload
ip nat inside source static 10.10.10.1 interface FastEthernet4
ip nat inside source static udp 10.10.10.2 500 interface FastEthernet4 500
ip nat inside source static udp 10.10.10.2 4500 interface FastEthernet4 4500
ip nat inside source static esp 10.10.10.2 interface FastEthernet4
ip route 0.0.0.0 0.0.0.0 1.1.1.1
ip route 10.10.10.0 255.255.255.252 10.10.10.2
ip route 192.168.2.0 255.255.255.0 10.10.10.2
ip access-list standard ssh
permit 0.0.0.0 255.255.255.0 log
permit any log
ip access-list extended nat-pat
deny ip 192.168.2.0 0.0.0.255 192.168.100.0 0.0.0.255
permit ip 192.168.2.0 0.0.0.255 any
ip access-list extended wan-in
deny ip 192.168.0.0 0.0.255.255 any
deny ip 172.16.0.0 0.15.255.255 any
deny ip 10.0.0.0 0.255.255.255 any
deny ip 127.0.0.0 0.255.255.255 any
deny ip 169.255.0.0 0.0.255.255 any
deny ip 255.0.0.0 0.255.255.255 any
deny ip 224.0.0.0 31.255.255.255 any
deny ip host 0.0.0.0 any
deny icmp any any fragments log
permit tcp any any established
permit icmp any any net-unreachable
permit udp any any eq isakmp
permit udp any any eq non500-isakmp
permit esp any any
permit icmp any any host-unreachable
permit icmp any any port-unreachable
permit icmp any any packet-too-big
permit icmp any any administratively-prohibited
permit icmp any any source-quench
permit icmp any any ttl-exceeded
permit icmp any any echo-reply
deny ip any any log
control-plane
line con 0
exec-timeout 0 0
logging synchronous
no modem enable
line aux 0
line vty 0 4
access-class ssh in
exec-timeout 5 0
logging synchronous
transport input ssh
scheduler max-task-time 5000
end
ASA:
ASA Version 9.1(2)
hostname asa
domain-name xxxx.local
enable password xxxx encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
passwd xxxx encrypted
names
ip local pool vpn-pool 192.168.100.10-192.168.100.35 mask 255.255.255.0
interface Ethernet0/0
switchport trunk allowed vlan 2,10
switchport mode trunk
interface Ethernet0/1
switchport access vlan 2
interface Ethernet0/2
shutdown
interface Ethernet0/3
shutdown
interface Ethernet0/4
shutdown
interface Ethernet0/5
shutdown
interface Ethernet0/6
shutdown
interface Ethernet0/7
shutdown
interface Vlan1
no nameif
no security-level
no ip address
interface Vlan2
nameif inside
security-level 100
ip address 192.168.2.2 255.255.255.0
interface Vlan10
nameif outside
security-level 0
ip address 10.10.10.2 255.255.255.252
ftp mode passive
clock timezone UTC -8
clock summer-time PDT recurring
dns server-group DefaultDNS
domain-name xxxx.local
object network vlan2-mapped
subnet 192.168.2.0 255.255.255.0
object network vlan2-real
subnet 192.168.2.0 255.255.255.0
object network vpn-192.168.100.0
subnet 192.168.100.0 255.255.255.224
object network lan-192.168.2.0
subnet 192.168.2.0 255.255.255.0
access-list no-nat-in extended permit ip 192.168.2.0 255.255.255.0 192.168.100.0 255.255.255.0
access-list vpn-split extended permit ip 192.168.2.0 255.255.255.0 any
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside) source static lan-192.168.2.0 lan-192.168.2.0 destination static vpn-192.168.100.0 vpn-192.168.100.0 no-proxy-arp route-lookup
object network vlan2-real
nat (inside,outside) static vlan2-mapped
route outside 0.0.0.0 0.0.0.0 10.10.10.1 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
http server enable
http 192.168.2.0 255.255.255.0 inside
http 10.10.10.1 255.255.255.255 outside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-256-SHA
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set reverse-route
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpool policy
crypto ikev1 enable outside
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 192.168.2.0 255.255.255.0 inside
ssh 10.10.10.1 255.255.255.255 outside
ssh timeout 20
ssh version 2
ssh key-exchange group dh-group1-sha1
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
anyconnect-essentials
group-policy vpn internal
group-policy vpn attributes
dns-server value 8.8.8.8 8.8.4.4
vpn-tunnel-protocol ikev1
split-tunnel-policy tunnelspecified
split-tunnel-network-list value vpn-split
default-domain value xxxx.local
username xxxx password xxxx encrypted privilege 15
tunnel-group vpn type remote-access
tunnel-group vpn general-attributes
address-pool vpn-pool
default-group-policy vpn
tunnel-group vpn ipsec-attributes
ikev1 pre-shared-key xxxx
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect ip-options
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
inspect icmp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
call-home
profile CiscoTAC-1
no active
destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
destination address email [email protected]
destination transport-method http
subscribe-to-alert-group diagnostic
subscribe-to-alert-group environment
subscribe-to-alert-group inventory periodic monthly
subscribe-to-alert-group configuration periodic monthly
subscribe-to-alert-group telemetry periodic daily
Cryptochecksum:40c05c90210242a42b7dbfe9bda79ce2
: endHi,
I think, that you want control all outbound traffic from the LAN to the outside by ASA.
I suggest some modifications as shown below.
C871:
interface Vlan2
description LAN-192.168.2
ip address 192.168.2.2 255.255.255.0
no ip nat inside
no ip proxy-arp
ip virtual-reassembly
ip access-list extended nat-pat
no deny ip 192.168.2.0 0.0.0.255 192.168.100.0 0.0.0.255
no permit ip 192.168.2.0 0.0.0.255 any
deny ip 192.168.2.0 0.0.0.255 any
permit ip 10.10.10.0 0.0.0.255 any
ASA 5505:
interface Vlan2
nameif inside
security-level 100
ip address 192.168.2.1 255.255.255.0
Try them out and response.
Best regards,
MB -
HI.. I thought i would connect up my old G3 iMac running 10.4 Tiger to my Win7 laptop via ethernet crossover and move everything over i wanted to save by browsing the files and folders.
Connected the iMac and the laptop and i can work from the iMac sending files over to the laptop but i cannot remember ever setting a password as administrator on the iMac for my account for windows sharing.
I have a second account on the iMac for friends or guests to use and i logged in and that is the same as the loggin password but for my account my admin password is not recognised.
http://www.fort-delce.pwp.blueyonder.co.uk/images/win-share-pass.jpg
Is there a way to reset the password or a workaround to delete the keychain if possible. I've been sat at the keyboard trying every possible password i might have used but i'm sure i never set one.
Paul.
Added image link http://www.fort-delce.pwp.blueyonder.co.uk/images/win-share-pass.jpg Message was edited by: wudja-cudjaHi BDAqua...
I read up a little on your suggestions for resetting / creating new admin account and decided not to try the New account route. There seemed to be issues with losing accounts and files and ending up with an "as new" mac and that was too big a risk..
All i wanted to do was reset the windows sharing password and there seemed to be NO method of doing this within the sharing preferences window despite being logged in as the Admin for the account. So I moved a few files over to another account on my iMac and started the transfer but this was time consuming.
Having just searched the Apple help docs i found a simple answer.
*Change my admin password*
http://docs.info.apple.com/article.html?path=Mac/10.6/en/8202.html
+If users can’t connect to the Mac from the Windows computer using the user account you specified, you may need to reset the password for that account in Accounts preferences.+
So with a new admin password on my account the windows sharing password was reset to the new admin password and I'm good to go..
Many thanks for your help and suggestions.. It didn't fix my problem but reading a few of the links has shown me how to make my mac safer for the future. I didn't realise that it was so easy to overide the account password.
WC -
How to add a Windows shared printer
I was doing everything that Article: HT3049 was saying but i still couldn't print with my windows shared printer from my mac , finally I found out another way, so for those of you who that having problem you can do the steps below:
On the Windows 7 PC
1. Go to Control Panel
2. Select "Programs and Features" panel
3. Click "Turn Windows Features on or off"
4. Click on the "LPD Print Service". Under "Print and Document Services"
5. Ensure printer(s) are shared
On the Mac
1. Open "System Preferences" - "Print & Fax"
2. Click "+" to add a printer
3. Right hand button tool bar to customize and add "Advanced" button
4. Select "Advanced"
5. In the "Type:" field select "LPD/LPR Host or Printer"
6. In the "URL:" field enter lpd://IPserver/PrinterShareName; (e.g., lpd://192.168.1.102/samsung)
Using lpd://ServeName/PrinterShareName does not work, the IP address must replace ServerName
The IP address is the address of your PC, the one assigned by your router
7. Click the "Add" button
enjoy!:)I had to download the driver for my printer. Depending on the printer you will have to go to that site. In the search engine type 'mac os driver (model printer). I have a dell wireless. After that I went to printers/faxes and hit the + sign and my dell printer was there to add. Hope this helps a bit. I actually just did it today.
-
QuickVPN - RV110W behind DSL Router
Hi all,
I have a Cisco RV110W behind an Actiontek V1000H DSL router supplied by my ISP.
I'd like to be able to make use of the Cisco QuickVPN client. According to my ISP placing the Actiontek into bridge mode cannot be done.
On the Actiontek I have forwarded the following ports to my RV110W's address:
60443/tcp
4500/udp
500/udp
On the RV110W I have ensured that remote management is enabled (on port 60443).
When attempting to connect with the client (using port 60443) - I get this far:
2012/01/30 11:16:21 [STATUS]OS Version: Windows 7
2012/01/30 11:16:21 [STATUS]Windows Firewall Domain Profile Settings: ON
2012/01/30 11:16:21 [STATUS]Windows Firewall Private Profile Settings: ON
2012/01/30 11:16:21 [STATUS]Windows Firewall Private Profile Settings: ON
2012/01/30 11:16:21 [STATUS]One network interface detected with IP address 192.168.245.164
2012/01/30 11:16:21 [STATUS]Connecting...
2012/01/30 11:16:22 [DEBUG]Input VPN Server Address = xx.xx.xx.xx
2012/01/30 11:16:22 [STATUS]Connecting to remote gateway with IP address: xx.xx.xx.xx
2012/01/30 11:16:22 [WARNING]Server's certificate doesn't exist on your local computer.
2012/01/30 11:16:23 [WARNING]Remote gateway wasn't reached...
2012/01/30 11:16:23 [WARNING]Failed to connect.
2012/01/30 11:16:23 [WARNING]Failed to connect!
Any suggestions? Is this configuration even possible?
Thanks!Hi, Rudi & Craig
I just tested another diffrent way, which way as Craig's book did, I set
Master's IP is DSL Router inside IP which same as "PUBLIC" Network Card's
IP address (10.0.0.101) when setting the MASTER's configuration in
iManager, it still working fine. Then it will be the best way if the ISP
change my static Public IP.
BTW, Craig, when you have chance, can you memtion this on your web site or
in your book (when you have new version book), BM38SP5 got a bug, the
vpn.jar cannot set Non-BM VPN Slave (I used Linksys router for Slave
server), I called Novell support engineer, he said Novell knew this error,
I have to use the vpn.jar which in BM38SP4_IR5 to setup Non-BM VPN Salve.
But there is another problem, the vpn.jar which in BM38SP4_IR5 cannot set
MASTER VPN server. The only way to do the job is install BM38SP5, setup
MASTER VPN server, setup C2S VPN, then copy the vpn.jar which in
BM38SP4_IR5 in, to setup Non-BM VPN Salve. I hope you can understand my
poor Engish.
James
> Rudolf Thilo wrote:
> Hello James.
>> In Craig's book, there is a sample
>> for VPN Slave Server behind DSL router.
>> But I don't know I can setup Master VPN
>> server behind DSL router or not.
> It works, starting with BM3.8. IIRC Craig has an example
> in his book? You will need to specify the DSL router's
> (static!!) public IP address as the MASTER's public IP
> when setting um the MASTER's configuration.
> Regards, Rudi. -
I had to bite the bullet and get a PC Laptop (XPsp2)for work. I'm now trying to get it integrated into my home network with a couple of Macs (10.3.9, one wireless, one hardwired... both have been happily sharing files with each other for over 2 years.)
The PC's connected to the wireless router fine. I can get online.
The two macs have "Windows Sharing" turned on.
I type the address supplied by the Windows Sharing screen on my PC's Run window. ( \\192.168.1.134/myname )
The login screen comes up, and I type my user name and password and...
Now here's where things fall apart.
I cannot login. I get "The network path was not found."
I've tried the short name. I've tried the long user name. I've tried setting up a new user. I've tried both macs.
I've tried finding a parameter in my accounts settings to turn Windows Sharing on. (even though, from what I gather, my vers of OSX doesn't have this requirement)
I've read and reread several tutorials on this but cannot figure out what I'm doing wrong. Is this something they are not telling me? (for instance, none I've seen say whether I should login with the short or long name)
...And when I get this working, I don't want to be restricted to just a shared folder. That would be kinda lame, but I suppose it would be something.
Thanks.I think that you need to also set the share permissions on the folder you want to share with the Windows machine.
In 10.4.9 there is a second button on the sharing tab for Windows Sharing to enable the permissions.
Try using SharePoints to set the folder permissions
http://hornware.com/sharepoints/ -
Windows sharing on airport extreme
I have a windows desktop running XP SP3 and a macbook pro. I just bought an airport extreme to replace my old linksys wireless router. Before installing the airport extreme I had no problem accessing my windows printer and shared folders from my macbook. Now that I've replaced the linksys with an airport extreme my mac no longer can see the windows shared resources. I've rebooted my windows desktop (many times) but that doesn't help. All of the resources are still listed as being shared. Is there some option on the airport extreme that I have to enable?
VictoMore information. I spoke with Apple tech support. They denied that airport extreme blocks any ports (and so there's no option to set). Yesterday, my two windows machines showed up in the finder, but I couldn't connect to them. I later rebooted the AEBS (for other reasons), and not they're gone again! I've tried running the program smbclient from the terminal, and it can find the windows computer names, but when it tries to communicate with them it times out. I've checked with a port scanner that the relevant port (138, 138 and 445) are open on the windows machine. I'm really at a loss of what to do. Any suggestions?
Victor -
Trying to acces printer on windows computer behind airport express and more
Title din't let me put it all in. Heres my problem. I have a mac, mom has a pc. Used to both run on a wireless network was able to access her printer no problem. However, her wireless card or windows itself was garbage so I bought a wired d-link router for cheap and hard lined her in. I however plugged my airport express into the router so I could still get wireless. All is working. However, I am not able to access her computer files or printer anymore. So, because she is behind the router, I can't get it. I am able to put say her address in that the router gives, say 192.168.0.100. Still no help. Basically it used to be set up like this in my printer settings. smb://name-0ab6f1634:139/BrotherM . So if anyone has any idea how to help me with this, that would be awesome. Wasnt sure if I should post here or in the networking place.. Thanks
I'm not there to see everything, but it sounds like you didn't set up the Airport Express correctly. Go into Airport Utility and uncheck/turn off "Distribute IP addresses." Now, your wireless computer(s) will get their IP address from the d-link and be a part of that network.
-
Windows shared folder asks for permanently delete
Hi,
Any file from windows shared folder asks for permanently delete and after that it is not recoverable... Please help, how to enable recycle bin service??Hi,
This is by design the Recycle Bin only stores files deleted from local drives, not from a shared folder. The workaround is to move a folder in C:\users\<user name> to the shared folder.
For more detailed information, please refer to the thread below:
Files deleting over the Network /share drive is not going to the recycle bin it permanently delete the file but deleting from local drive is normaly going to recycle Bin !
http://social.technet.microsoft.com/Forums/windowsserver/en-US/7119aafa-fe55-470c-ae20-568b80c5dcb4/files-deleting-over-the-network-share-drive-is-not-going-to-the-recycle-bin-it-permanently-delete?forum=winservergen
Best Regards,
Mandy
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact [email protected] -
Cant ping behind cisco router (site2site vpn)
Dears;
After configure site to site vpn between cisco router and fortigate firewall,
site A : 10.0.0.0/24 behind fortigate
site B: 10.10.10.0/24 behind cisco router
the tunnel is up and I can ping 10.0.0.1 from site B and can ping 10.10.10.1 from site A but I cant ping any ip inside 10.0.0.0/24 form site B or network 10.10.10.0/24 from site A
my cisco router configuration is
Current configuration : 2947 bytes
! No configuration change since last restart
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
boot-start-marker
boot-end-marker
enable secret 4 EE103as6FtdocdBefpgugX6P9eGaDKDyBvwz7AywH5Q
no aaa new-model
memory-size iomem 10
clock timezone cairo 2 0
crypto pki token default removal timeout 0
ip source-route
ip dhcp excluded-address 192.168.16.1
ip dhcp excluded-address 10.10.10.1 10.10.10.10
ip dhcp pool GUEST
network 192.168.16.0 255.255.255.0
default-router 192.168.16.1
dns-server 8.8.8.8 8.8.4.4
ip dhcp pool LAN
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 8.8.8.8 8.8.4.4
ip cef
controller VDSL 0
ip ssh version 2
crypto isakmp policy 10
encr aes
hash sha256
authentication pre-share
group 5
crypto isakmp key 6 *********** address 4.x.x.x no-xauth
crypto ipsec transform-set myset esp-aes esp-sha256-hmac
crypto map kon-map 10 ipsec-isakmp
set peer 4.x.x.x
set transform-set myset
set pfs group5
match address 105
interface Ethernet0
no ip address
no fair-queue
interface ATM0
no ip address
ip mtu 1452
ip tcp adjust-mss 1452
no atm ilmi-keepalive
interface ATM0.1 point-to-point
ip flow ingress
pvc 0/35
encapsulation aal5snap
pppoe-client dial-pool-number 1
interface FastEthernet0
switchport mode trunk
no ip address
interface FastEthernet1
no ip address
interface FastEthernet2
switchport access vlan 2
no ip address
interface FastEthernet3
no ip address
interface Vlan1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface Vlan2
ip address 192.168.16.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
interface Dialer1
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
ppp authentication chap pap callin
ppp chap hostname
ppp chap password 0
ppp pap sent-username
crypto map kon-map
ip forward-protocol nd
no ip http server
no ip http secure-server
ip nat inside source list 100 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
access-list 100 deny ip 10.10.10.0 0.0.0.255 10.0.0.0 0.0.0.255
access-list 100 permit ip 10.10.10.0 0.0.0.255 any
access-list 100 permit ip 192.168.16.0 0.0.0.255 any
access-list 105 permit ip 10.10.10.0 0.0.0.255 10.0.0.0 0.0.0.255
banner motd ^C^C
end
when ping from cisco router
konsuler#ping 10.0.0.27 source vlan1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.27, timeout is 2 seconds:
Packet sent with a source address of 10.10.10.1
Success rate is 0 percent (0/5)
help pleaseThank you karsten
I can ping interface of router from remote site but cant ping any device behind the router and can ping firewall interface but cant ping any device behind the firewall
-counters in
# sh crypto ipsec sa
increased only while ping 10.0.0.1 or 10.10.10.1 from both sides
r#show crypto session detail
Crypto session current status
Code: C - IKE Configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal, T - cTCP encapsulation
X - IKE Extended Authentication, F - IKE Fragmentation
Interface: Dialer1
Uptime: 00:03:12
Session status: UP-ACTIVE
Peer: 4.x.x.x port 500 fvrf: (none) ivrf: (none)
Phase1_id: 4.x.x.x
Desc: (none)
IKEv1 SA: local 6.x.x.x/500 remote 4.x.x.x/500 Active
Capabilities:(none) connid:2001 lifetime:22:39:59
IPSEC FLOW: permit ip 10.10.10.0/255.255.255.0 10.0.0.0/255.255.255.0
Active SAs: 2, origin: crypto map
Inbound: #pkts dec'ed 9 drop 0 life (KB/Sec) 4605776/3407
Outbound: #pkts enc'ed 14 drop 0 life (KB/Sec) 4605775/3407 -
Set up a proper live and local DNS behind a router
Hello dear friends,
I'm new to Snow Leopard Server and also i'm quite inexperienced in setting up DNS. We bought a Mac Pro for out small company along with Snow Leopard Server to become independent from our ISP, for some specific services like web hosting, mail and to bring up new services like Address book server, iCal server, FTP, Mobile access etc...
So for me to do that i have to set up our own DNS first. We already bought our domain name (crisconsult.ro) and since then the site has been hosted on our ISP and then aliased to Apple. We also have our own (fix) public IP 80.86.123.116.
Having installed SL Server and set-up, behind an Airport extreme router, the server was unable to pick up our name server which is ns.crisconsult.ro. Since the router is the first in the network, the server became second with a local IP 10.0.1.2. This is the same IP that the server automatically set up for DNS, BUT if i keep this ip on our name server (ns) i feel it's not good since:
host ns.crisconsult.ro returns
ns.crisconsult.ro has address 10.0.1.2
and host 80.86.123.116 returns
116.123.86.80.in-addr.arpa domain name pointer ns.crisconsult.ro.
As i understand there should be our public IP (80.86.123.116), BUT all the tutorials on the net regarding setting up DNS in Leopard Server point that at DNS one should put the machine's own local IP and have the machine look at itself as DNS in network settings.
So? Is there a local DNS and a public DNS to set up? What gives?
I could really appreciate some help in configuring DNS, along to some good and real examples of DNS servers configured behind a router.
Thanks,
AndreiAndrei,
I too, would love nothing more than to be able to use DNS on my 10.4, 10.5 & 10.6 servers. Unfortunately, the only way I have found to effectively wield a somewhat complete level of control over the bind DNS included with the server, is to abandon all usage of the Server Admin DNS control in favor of something like webmin. The good news is, webmin gives you a host of other features that I (sadly) don't expect to see within the Apple Server GUI any time soon.
Bad news, is that the 'best practice' way of setting up a stable, functional DNS on a Mac Server seems to be: clean install, webmin install, and never, ever use the apple DNS interface. Similar rule applies to web server.
I like to think the measure of a good admin is the ability to fix the problem(s) without having to reinstall completely. However, I can say from much experience and extensive googling, that what you are trying to do is a game of hopscotch in a minefield. You should be VERY familiar with the installation and setup process once you have your box configured the way you want it.
Hopefully one day Apple will decide to take the bull by the horns and address teh fact that DNS is an integral part of a sever set up these days and provide us users with some of that Apple think-outside-the-box-so-you-dont-have-to product that they have been so well known for. I can't say whether they're in too much of a hurry deploying video iPods or super-duper mice that the server product that you and I would love to see work efectively simply doesn't.
Sorry to get on a rant, I just want to save you some time that I lost figgerin' on this vexing enigma. I can use citations for my assertions if need be.
-Chance -
Printing to a Windows Shared Printer in Windows Domain Stopped Working
If anybody can shed some light on the problem below I would be highly appreciative. I have tried every suggestion I've found on ways to fix this problem, including postings found on this forum, without success.
I use able to Print to a Shared HP Laser Jet printer one a Windows 2003 Server machine, which is part of a Windows 2003 Domain. It has been working faultlessly until about a 2 weeks ago. I have had a number of errors including unable to Connect but the Error I get constantly now is:
+Unable to connect to SAMBA host, will retry in 60 seconds...ERROR: Connection failed with error NTSTATUS_NOMEMORY"+
I have reset the password of the windows user that originally made the connection when the computer was set up and this password had special characters. After reading various posts I have tried:
1. Reseting that users password without special characters, deleting the printer and adding it back in using the same user and the new password. The same user can map and connect to windows Shared Directories on the same Server and open and edit files
2. I have reset the Keychain to make sure it was using the new password. Again deleted and re-added the printer.
3. Created a new user both on the domain and one the print server deleted and re-added the printer using each user while also reseting the key chain
4. Tried the Advance option on the Printer Setup Utility using the following SMB URL format,
smb://user:pass@Domain/Machine/Printer where, the domain is called "home", the machine name is "Devserver01" and the printer share name is "HPLaser" resulting in a smb URL of smb://shanep:xxxxx@Home/Devserver01/hplaser.
None of the above work!
So as a new MAC user I have absolutely no other ideas of where to look for additional information on what is happening i.e. where do you look for log files that may contain additional detail.
Can anybody assist on suggesting any other things to look for or check?
Thanks
ShaneHi Greg,
Thanks of the tips. I have just managed to get it working and I didn't use the LPD method but tried a few different smb URI's.
Here's what I found worked.
1. I created a standard user account on the Windows 2003 server on which the printer is connected and shared, i.e. a non Domain user name that is local to the server only and not the domain
2. I then used this user name and password, along with the IP address of the server in the URL i.e.
smb://user:password@IPofserver/hplaser.
3. Printed a test page successfully
I then tried variations of a theme using username and passwords on the domain, changing the @workgroup/server/printer with no success.
I could however replace the IP address with simply the @Server/Printer combinations using he local user name and password successfully.
I also installed apple and Unix printing and file services so whether this made the difference I'm not sure.
Interestingly I tried to add the mac to the LDAP/Active Directory and couldn't successfully bind to the directory. Not that I'm an AD expert, but I have configured a few Java applications to use LDAP/AD authentications and groups of late so this problem is a little unusual, but that aside, thanks for the pointers, Printing problem solved. now to solve the AD one
Shane -
How do I map a windows shared drive to my mac?
how do I map a windows shared drive to my mac?
Mac 101: File sharing may have some hints.
Stefan -
It isn't every time, and sometimes doesn't happen for a long time, then I'll go to a bookmark or toolbar link and the new window opens behind the one I was on. Example: I just opened a second window (CTRL N) and clicked on a bookmark. It opened a new window behind the one I'm on as I type this. I did the same steps again and it opened the new window in front of this one. It doesn't seem to make any difference which site I start from or go to or if I use CTRL N or let the bookmark do the opening.
This can happen if you have a tab open in the main browsing window that uses the plugin-container process (e.g. Flash).
*[[/questions/977544]]
Maybe you are looking for
-
I'm migrating from a Windows 2003 server running DHCP to a Windows 2012 server with DHCP. I would like to do the migration by moving a single scope at a time. I'm only finding ways to move the entire scope. Can you move a single scope at a time?
-
How do I create a PDF using Acrobat 7.0 in Windows 8 from a Visio drawing on a 64-bit system
I used to be able to create a PDF using Acrobat 7.0 from a Visio drawing in XP. Now I'm running a 64-bit system, no Adobe printer can be installed, and it is unsupported. Help?
-
Unable to attach PDF to email (Outlook for Mac 2011)
We are pushing out software upgrades for CS5 and MS Office 2011 for Mac. We've discoverd that we can't use the Attach to email feature in Acrobat. The spinning rainbow wheel pops up for about a minute, and then Acrobat is non-responsive and we have t
-
Hi experts, We have recently had a change in our licensing agreement such that almost all of our users (approximately 99%) will be assigned to one license type going forward. With respect to creating new users with this license type, is there any wa
-
hello, could anyone please post screen capture of ISE posture configuration ( and remediation ) I need urgently a dACL and a redirection ACL that work at least in a mockup lab. Authentification and authorizations policies not needed. posture and reme