Cisco Firewall :: Unable To Setup VPN Between Windows 2008 Server R2 And ASA 5505?
Sep 9, 2012
I have assigned a task to configure a vpn between windows 2008 server and cisco asa 5505, what kind of vpn should i go with as the windows 2008 server r2 is on cloud and is it possible to configure site-to-site vpn for this network senario or not.. i have try ikev1/ipsec remote access vpn with l2tp with (CHAP, MS-CHAP v2) and couldn't find any document which will allow me to configure windows 2008 server to behave a client and connect it to asa, well what i did is that i configured a dail-up connnect with l2tp and found the following debug message
Sep 09 20:04:02 [IKEv1 DEBUG]IP = 172.16.32.5, Oakley proposal is acceptable
Sep 09 20:04:02 [IKEv1 DEBUG]IP = 172.16.32.5, IKE SA Proposal # 1, Transform # 1 acceptable Matches global IKE entry # 1
First network card have the static IP address 82.x.x.30 from the ISP.The second network card have 2 IP addresses: 192.x.x.0 and 82.x.x.1 ( first IP is for LAN and second IP is for routing the additional IP class).In other words if i have the computer "Z" with configuration: IP: 82.x.x.100 Sub: 255.255.255.128 and GTW:82.x.x.1 i can access the internet but practically with with the IP from ISP wich is 82.x.x.30
I am planning to implement wireless network in my work place. Plan is to have two networks one for guests and one for employee. I am trying to find a guide for 2500 WLC but couldn't find one.I've been reading couple of articles about setting up radius server and CA. I want to know what the best way to approach this.In my environment I got a CA server windows server 2003 and current DC's are windows server 2008 R2.I got 2500 WLC with POE switch and 4 aironet AS 1142.
I am planning to implement wireless network in my work place. Plan is to have two networks one for guests and one for employee. I am trying to find a guide for 2500 WLC but couldn't find one.
I've been reading couple of articles about setting up radius server and CA. I want to know what the best way to approach this.
In my environment I got a CA server windows server 2003 and current DC's are windows server 2008 R2.
I got 2500 WLC with POE switch and 4 aironet AS 1142.
I have configured a my desktop as a domain controller with server 2008..with dns service running on it. When i tried adding another desktop to this domain, i get the following error message
"Troubleshooting network identification Error: This computer successfully resolved the Domain Name System (DNS) service (SRV) resource record required to locate a domain controller, but it failed to locate a domain controller for the Active Directory domain displayed in the error message.
Cause: The required A (address) resource records that map the name of the domain controller to its IP address do not exist in DNS.
Solution: Verify that the required A resource records do not exist in DNS by using the Nslookup command-line tool.
See also: To verify that A resource records exist in DNS. Cause: The domain controller advertised in DNS may not be connected to the network or is connected to the network but is not running.
Solution: Verify connectivity and then verify that the domain controller is running.
See also: To test a TCP/IP configuration by using the ping command; DNS requirements for joining an Active Directory domain."
I want to configure ad agent on windows server 2008 R2 SP1 with all need patch installed.When i try to connect to DC with adacfg dc list, status is UP. Log ADOBserver's don't show any errors. But when try to do command "adacfg cache list", result - empty. In what may be the problem? Perhaps it is related to the language of the OS?
I came across a situation where a client had an old PIX 525 running PIX 6.2. There was a Windows 2008 R2 server running Exchange 2010 that was having trouble delivering email to a handful of email servers. We then found out that we could telnet to these servers on port 25 but got no return traffic. We then went back the old email server that was running Windows 2003 Server and could telnet to port 25 on these email servers and got a response, saw the banner and could issue commands. The first thought was reverse DNS which we thoroughly checked and it was not. I turned off the smtp fixup protocol and that didn't fix it either. From workstations on the network running XP or Windows 7 or Linux you could telnet to these servers and you would get a response but just not with 2008 server. I spent hours on the phone with Cisco support and it was determined that the packets were returning and we could capture the packets on the outside interface but they were then dropped by the firewall. Using the 6.2 version of PIX we could not determine why the packets were being dropped. I suggested upgrading to the next major version to be able to troubleshoot the issue further. We then upgraded the PIX to version 7.0(8). After the upgrade we were able to telnet to the problem mail servers from Windows 2008 Server and there were no issues. Is there a know issue with Windows 2008 Server and PIX 6.2?
I am using ASA5520 with webvpn for file sharing. But recently we just upgraded the OS that accommodate file shared folder from win2003 R2 32bit to windows server 2008 R2 64bit. Now I have a problem with accessing file share by ASA webvpn, it appears error contacting host, we have tested the file shared of webvpn on the other OS windows 2003 and windows 2008, they are working on these OS except win2008 R2. Current the ASA OS version is 8.0(2). And the windows firewall has been disabed.
I planned for my customer to replace his old LMS 4.0.1 server under Windows 2003 by a new server under Windows 2008 R2.Customer wants also to set a new LMS name and IP address for the new server under Windows 2008 R2 and keep both servers on the network.I'm wondering what could be the best procedure to do that migration.Can I used backup / restore procedure in that case ?If yes, what file must I modify to adapt the new LMS configuration to new hostname and IP Address ?
I'm having trouble setting up the correct rules on an ASA 5505 I'm using in my home office. I have a couple of IP Cams I need to access remotely.
I've tried setting up simple NAT(PAT) and/or Access Rules, but it hasn't worked. I have a single dynamic IP for the Outside interface. Call it 77.76.88.10 and I am using PAT. The CAM is setup to connect on port 80, but could be configured if necessary. I've tried setting up NAT Rules using ASDM as follows:
Match Criteria: Original Packet Source Intf = outside Dest Intf = inside
[Code]....
I'm afraid to use CLI only because I am not confident I'll know how to remove changes if I make a mistake.
I have install the administration toolpack on Windows 7 and enabled remote connections on my server 2008 box, When i try and connect with my Windows 7 server manager it does not work.I see stuff on google about enabling a trustedhost with winrm but can't find a way to do this.
i can't get it working to expose on internal server to an outside interface.I used the public server function in ASDM.Internet access works if i nat my private adress to one of the available ipadresses provided by our isp.
Internal Server : owncloud 172.10.0.4 External Server : ext181 46.245.171.181
I've been reading that the Windows Server Backup that is included with Server 08 R2 is pretty good. Is spending $400 on a third party utility worth it?
I'm asking because we're purchasing a new server soon and I want to know if the included backup is going to be good enough. Will be backing up server state as well as data to tape and possibly an off site server (server 2003) if I get my way.
I am running a small network of 30 pc. I have installed windows server 2003. Now i want to upgrade it to server 2008 but before that i want to test windows server 2008. That is why i,m looking online for a copy of windows server 2008 with reg key. Is there any good and trusted place to get windows server 2008.
I have a dedicated windows server 2008 r2 enterprise.I am running an SSTP VPN but only have 2 IP address to connect to the internet on.My issue is that one of the IPs is for the IIS7 etc and the other is for VPN use.How can I apply the same IP to more than one user allowing them to connect all at one.There are in total about 5 users who want to use the VPN service and I dont really want to pay.How do I apply the same IP to all accounts and allow them to connect and all use the same IP at once.
Does WCS 5.0 run on Windows 2008 Server. Does it run on a 32 or 64-bit OS? The WCS datasheet does specify that it can be easily installed on VMware Systems. Does it mean it can be virtualized.
I would like to allow remote access to a windows server through a ASA (5505) firewall. Users will use the vpn connection in order to connect to a private network. Is there any link that describes the steps for ASDM?
I just purchased a domain name, that I have forwarding to my WAN address. I want to be able to access my home websie via this route. I have an ASA 5505, how do I get the ASA to point to the home server when the WAN IP address is entered?
Trying to setup split tunneling over Site-to-Site (Gateway To Gateway) VPN between RV082 and Win 2008 server. Tunnel seems to be ok, I can ping/access by IP hosts from both ends. But I can't get split DNS to work. Here is the setup
10.10.100.2 is the DNS server for xyz.local zone. It is at remote network.
The tunnel and routing work properly. I can ping 10.10.100.2 either from RV082 (system management - diagnostics) or from hosts at local network.
Moreover, I can run nslookup on a host from RV082 side (local network), set 10.10.100.2 as server to be queried and test dns resolution. names of hosts from xyz.local are resolved correctly. But. If I use nslookup on host to query RV082 as a DNS server and query for a host from xyz.local it responds that xyz.local is nonexistent domain. The same result I get trying to resolve/ping same name on system management - diagnostics page. Resolution of names from xyz.local fails. But Internet names are resolved just fine.
I've tried to reboot the router, connect/disconnect the tunnel, set Domain Name fields of split DNS configuration pagein different ways including fqdn of hosts from xyz.local No effect. Just the same situation.
I am involved in a huge project that requires Servers PCs to function as Routers in schools to prevent broadcast traffic issues (Thread here: Need Professional Advice on 3 MANs implementations - Long story short: Can't buy regular routers because of budget and neet to use current equipment to make the network work, that is, Windows Servers 2008 with 2 NICs.
Now to the point. We are making tests but can't make Static routes to work properly. Design is as follows:
Now we have seen that we need to use this command (in cmd) to add a static route in W2008:
route add [NETWORK DESTINATION] mask [SUBNETMASK] [GATEWAY] if [NIC]
Q1: What exact command(s) do we have to use to make the Laptop in 10.10.10.0 to access Internet? How would you fill those fields based on the diagram? Q2: How many Static routes do we need to declare? I am guessing we just need one, but I have been told that I need to activate two (one for packets sent by the laptop to the router, and one for the packets sent by the router to the laptop?)
We have tried several combinations and can't make laptop to access Internet, not even to ping 192.168.1.5. We have just accomplished pinging to 192.168.1.181 from the Laptop, and to ping 10.10.10.2 from the Server but that's as far as we went.
I can't join a Windows 2008 Server from client computer running Windows Vista Business Edition. I get the message "Network path not Found" yet I can ping the server and the server can ping my computer.
I have a home server that I'm using to host a site with a domain purchased from Go Daddy. I understand how to set up a static IP address on Win Server 2008, but my provider will not allow for me to purchase a static IP because I'm a home customer, not a business.My question is this: should I just ipconfig my ip address every seven days and then change my server's address? Is there a software alternative? Is it necessary for me to change it at all?
I want to run my own web server. i have Windows 2008 Server R2. we hv one router for internet and it is linked with switch. 30 computer are running on local LAN and getting Internet. now my ISP give me a block of IP. i want to give it to web server. what is the simplest way to use that IP and my web server is Online and also all user have to access to Internet.
As always, I am trying to install LMS 4.1 on windows server 2008 R2 and after the installation and login to the LMS I find the following:DCRServer is down or may not be completely up. Check if the DCRServer process is running.And after some troubleshooting I found that the LMS is not creating the CMF database and the other databases.
1. I have downloaded the installation file from Cisco website twice, so I do not think it is the file that is corrupted, also it is only evaluation license.
2. I have met all the prerequisites and requirement as in the documentation guides, but maybe there is something still wrong.
Any here ever used a Windows Server 2008 Core installation? Got one running on a VM right now, thought I'd try it. After installing VMWare Tools things really speeded up. Now gave it a static IP, installed Active Directory services (DNS along with it) and everything seems to work. The RAM usage is about the same, but so far it's been much more responsive, and it takes a lot less disk space, it needs just under 3GB for the moment. Any else here have one running, or seen one in a production environment? I don't think they're very common yet.
im having problems getting desktop folder redirection to work on windows 7 machinesI have users set up just with local profiles but want to redirect "my documents" and "desktop" directories to the server. I have set up the gpo's on the server and it all works fine propergating to the xp machines but the windows 7 machines just wont take the desktop redirection. However "eventually" it did take the "my documents" redirection policy
I have a windows 2008 foundation server at a clients property and they wish to have users access shares on a data drive that is seperate on the server.I have the server setup with active Directory Users and logon scripts to their local shares on the data drive but need to setup VPN so they can use their mapped drives at home.
