we recently upgraded from an RVS4000 router which didn't have this issue.
the problem; Internal users from Site A cannot access the external owa address.From Site A i can successfully ping both the external/internal IP addresses/names and they resolve correctly, including pinging the address ('mail.company.com") resolves correctly to the external ip address.
[code]...
I have a Cisco 5505, 2 sites that are internal, 1 external IP (dhcp from cable modem). While on my laptop, ipad, iphone, I cannot access the server via it's external IP address. I MUST use the internal IP in order to access this site. I have heard of hairpinning, internal dns server(don't really want this).
View 8 Replies View RelatedBasically I have a group of static public IPs and I need one of them to point to an internal server IP address. This is for the RVS4000 router.
View 3 Replies View RelatedI have an internal DVR system that I am trying to share to the outside world. We recently put in an ASA5505 and I am having trouble getting the settings correct.I want to use an external IP to access the DVR system from anywhere and have my ASA5505 redirect the traffic to the internal IP address. I assume I need to use a NAT and a route policy however can not figure out how it would be.
View 11 Replies View Related6509-E compact flash Internal vs External
View 1 Replies View RelatedWe have a FortiGate 300C firewall and I was trying to allocate an external IP to an internal IP and I was having a lot of trouble figuring out exactly how to do that.
View 1 Replies View Relatedi have configured my ACS 5.3 server to access AD for user authentication but i would as well like to use the internal store for some users.The problem is that when i test with an internal user account, i can see in the logs that it still tries to access the AD for this user and i receive a message in the logs. " 22056 subject not found in the applicable data store".i have already defined the identity sequence to first use the AD, then if user not found, use the internal database.
View 2 Replies View RelatedI have two devices in my office which both need to be accessible externally. One is an FTP server (Hermstedt Stingray), the other is a NAS drive (Lacie). I don't have a static IP so have instead configured an account with DYNDNS. My understanding is that by using this method, only one device will be ever be accessible because of the one single dynamic IP. Is this correct? Or is there a way of configuring something somewhere (DYNDNS, router etc) so that both my devices can be accessed externally.
View 3 Replies View RelatedIve run into something a bit new to me. Networking! Now i do have some experience but not enough for me to figure this one outHere is what i am trying to achieveWe have a webserver at the office which i can access from the outside world. We also have a local server with a static internal ip(File Server)My question is as follows can i add a link on a web page on my webserver to that i can access the internal ip address from outside the office?
View 13 Replies View RelatedI want to know whether NAT loop back is possible with the RV220W router/firewall, or when can we expect a firmware update that addresses this?For terminology sake, what I mean is that I've got a rule that maps HTTP/S to 192.168.1.2. However, when accessing my external ip from an internal ip, I don't get routed to 192.168.1.2.
View 13 Replies View RelatedAccessing exteral address internally.
I have a mail server, with external access which works fine for external access thorugh our router (a 1941). I have a laptop which connects to a wireless network that is inside our router. When attempting to navigate to the webmail or use outlook, it cannot connect.
The laptop is configured to access the mail through the external path as it would be offsite occasionally.
I think the problem seems to be that the traffic is not leaving the router to come back internally. The laptop can ping the external address ok.
I read about something called hairpinning - is this what i need to be looking at?
I recently purchased the dir-655 router, and am impressed by it's speed. I had no problems configuring the router to my liking, and have found that all of my wireless devices communicate with it flawlessly.
However, my main reason for purchasing this router was for the USB port. I had hoped to connect my 2TB external drive and have it accessible by all wireless devices in my home. To my understanding, the USB port relies on the use of the Shareport Utility. I've installed the Shareport Utility to my laptop for wireless access to my media files for streaming.
Here's my problem. How can I access my media on my external HDD connected to the dir-655 with Apple TV2? I've read several options for PS3 users... and they all seem to involve leaving the pc/laptop running. I would ultimately like to bypass the necessity of leaving my laptop on... but if that's not a possibility, I can live with it being left on.
Therefore, is it possible to access the external drive connected to the dir-655 with my Apple TV 2 by using the laptop as a bridge? Can I access the content via Apple TV by using Windows SMB just as I currently do to access media stored on my laptop?
To summarize, I want to have access to the media on my external drive connected to the dir-655 via Apple TV2.
I want to setup a simple VPN to allow users to access the office via the iOS (iPad/iPhone) devices. I assume I do this through:
VPN>IPsec>Basic VPN Setup
BUT, what do I enter for the "Endpoint Information" and "Secure Connection Remote Accessibility"?
Recently I'm having issues with accessing local services via external IP. Short description of configuration:
- sub.mydomain.com pointing to my external IP.
- few web services running on my local server with reverse proxy on Apache 2
- firewall on router enabled
- ips on router disabled
- single port forwarding: WAN 80->Lan 443, WAN 443->LAN 443
- accessing my services via sub.mydomain.com/service1, sub.mydomain.com/service2, etc
- I had to create a new rule in internet access policy allowing LAN, any, any to
Basicaly if I go no matter if I type http or https I will be redirected on 443. That configuration has beed working without any issues for a month. Recently I have increased the amount of DHCP users and suddenly it's not working any more. I can still access my services from outside but not from LAN.Restarting router does the trick for a while,sometimes for few minutes, sometimes longer.Enabling IPS is the way to go but then I'm limited to around 22Mbit/s. I have no idea what happend.What I can't understand that it was working, suddenly it's stopped and there are two solutions, either to enable IPS or to restart router?
We have a D-Link DIR655 wireless router on our network. I have purchased two Seagate 1TB network storage units and would like to have one for me and one for my wife. It seems that the router will not support two, because they try to access the same port. How can I plug these two storage units to the router and have access for each of us to one device?
View 2 Replies View RelatedI just moved from a Linksys wired router to the Cisco EA2700 wired/wireless router.I have three web servers on my network that serve up content via standard web URLs. For example, pretend www.domain.com pointed to the WAN side of my EA2700. Port forwarding routes port 80 traffic to the server, located on an internal, private IP (ie, 192.168.1.21).All works well when accessing these servers from outside my network (I checked this via my mobile broadband connection). But when I'm on a workstation internal to the same network as the servers, I cannot connect to the servers via the web URL. Of course, I can hit them via the IP or an internal-only DNS network entry. For example, when on 192.168.1.55 on a desktop machine, and I type the URL in the form www.domain.com, it just hangs and times out. I was able to do this on the old Linky router. Traffic should go stop at the router and be re-routed back internally to the port-forwarded server - but it does not.
I have to route properly via the web URL and not the internal DNS name or IP addy, as I am running virtual web servers on IIS on one of the servers.Is there a setting I failed to set on the EA2700?
I work at a campus and use the WCS to control access to my network for staff and only internet access for students. The Staff are assigned Username/password thru active directory and the student uses another SSID with only WPA --a password for all. I was tasked with adding more securing for students -- by adding a user/password. I do not want them connecting to my Active Directory for two reason--security risk and I have too many to input (over 1000). So, I wanted to use our internal database to validate users. I create a webpage with "WebAuth" that opens my logon page from my site and validates the login fields against the database. It works and this allows the user to navigate thru my website but not outside the site. If they try an outside url it redirect them to my logon script. I now understand why, so I'm looking for code I can add to my logon page that would allow me to redirect me to the controller's (once users are authenticated by my database) to call the WCS controller so I can enter a preset username/password so the policy management file would allow them access. I presently use "External" and don't know if "Custom" would work. Finding a way in using a database instead of adding one person at a time?
View 3 Replies View RelatedI found a link to accomplish this on the old code but how can I get this done on 8.4.
[URL]
I have a 2600 I am trying to setup for educational use.
My Cable ISP has issued me 5 routable IP's through their SMC modem 86.28.12.226-229. The SMC modem is .225. Currently the internal network can get out through .229 as expected but nothing outside (tcp 80 to web server) can get through. When I assigned the ip's to e0/1 as secondarr I could get it to route from the inside network (so hitting .226 80 went to the correct place) but it still didn't work from the outside - plus I read that wasn't a great way to do it anyway.
!
interface FastEthernet0/0
description LAN Interface
[Code].....
I have a checkpoint Safe@Office 500 firewall router, connected to adsl via another adsl device in bridged mode.We needed to assign an external IP to a device behind the firewall.We contacted the ISP, and now they have assigned an additional IP to our adsl account.I have read from the documentation that:"NAT can be defined automatically via the network object (Node, Network or Address Range). When you define NAT via the network object, rules are automatically added to the Address Translation Rule Base"....so I add the object, with the external IP given to us by our ISP, and the wizard simply complains that the IP address is invalid.My thoughts are that the router does not know about the additional IP provided by our ISP. If so, how do I tell the router that there are other IP addresses available to use? I have rebooted the router, and no luck.
View 1 Replies View Relatedi can can ping my host externally from another ip however i have left my house without port forwarding to my pc is there a way to connect to my pc via something like this command "xxxx.dyndns-home.com:192.168.1.100" i have tried this and does not work as it does not like the ":"truth be told my real goal is to ultimately be able to look at my webcam as it is pointed at a homebrewing project which i need to see. this is what i want to work on setting up while in rdp?
View 2 Replies View RelatedI have a new Cisco 2951 router and I am trying to configure it for external users to connect to an internal ftp server. I created a firewall and added rules so as to allow ftp connections from the outside to the internal ftp server. I configured NAT so as to allow incoming connections through the router. I have been unsuccessful so far in trying to make this ftp connection work.I am using a zone-based firewall and for the particular ftp rule, the action is inspect so as to allow stateful inspection of packets.
View 3 Replies View Relatedwe have a ASA 5510 firewall and i have created remote vpn user who connects the internal network via vpn any connect after connecting i want him to only access his internal PC via rdp and not access other internal website or shared folders without connecting to the RDP however now he can access the internal website wihtout connecting to RDP?
View 3 Replies View RelatedI have a base config of AnyConnect VPN below, however the ASA 8.3.1 code has deprecated some commands and the VPN/NAT/FW rule syntax is quite different. Can som point out what's missing from the pertinent config below that prevents the VPN Pool from accessing the internal LAN?
The Core LAN router is 1.2.3.1.
!
ASA Version 8.3(1)
!
interface Ethernet0/0
nameif inside
security-level 100
ip address 1.2.3.2 255.255.255.0
I have two ASA 5515 configured in failover (active / standby).I used the ASDM wizard to create connections through ipsec cisco client.Currently users are able to connect but can not do a ping to anywhere inside the network.
The ping request is received from the internal client but the internal client can not communicate with the remote user.The ping fail also directly from the ASA.
When the remote client is connected an entry is added to the routing table:
S 192.168.10.130 255 255 255 255 [1/0] via <ip of the ISP>, "WAN"
as if that IP was reachable directly from the Internet.I tried changing the settings of the NAT but in no way I can make them communicate.The ultimate goal would be to create different users with different access permissions to the LAN and the other subnets in the company.
The problem is that the PABX is sending out an internal address in it's INVITE messages and the ASA5505 isn't changing the internal address to the external address.We need> From: Calling Number <SIP: SIP Username@Public IP Address>However our PABX sends out> From: Calling Number <SIP: SIP Username@Private IP Address>. How to translate the internal IP address to the external IP address on an ASA 5505?
View 1 Replies View RelatedI am wondering if the folowing is a valid configuration:
WLC2504
AP2600
I need 3 SSID/VLAN, 1 for corporate devices, 1 for coporate smartphones, 1 for guest.
Port 1 on the 2504 should be used for management and corporate devices and connect to the corp network. Port 2 is for smartphones/guest and will be connected to a Cisco ASA 5515 that is connected to a second ISP.
Corp devices should get IP from an Windows DHCP. Smartphones/guest should get IP from the WLC. Is this possilbe? I read this in a document "To use the WLC as a dhcp, you need to enable DHCP proxy as it is required." Some how I am imagining that this will mess with the Windows DHCP. Is it better to use the ASA as DHCP for smartphones/guest?
I have 3 external ips from my isp:
222.222.222.221
222.222.222.222
222.222.222.223
The first one I use to provide internet access to my office. The other two I'm going to use for the following: I'm going to deploy a server in internal network which must have 2 external ips on his network interface (& one internal ip on the second,but that's ok: I cannot put an extra network switch before asa & plug this server there: this server is virtual & is on esxi host in internal network. External ips must be assigned to servers' interfacw,bot just forwarded there (ms direct access requirement).
My current config:
!
ASA Version 8.4(3)
!
hostname msk-office
[Code]....
Our secondary site accesses the internal intranet via a link, which is basically:
[URL] where externalip is the IP address of my router.
* This used to work fine before we migrated from ADSL (6mb up / 0.5mb down) to Fibre(70mb / 20mb) *
Internally, I access the same link, but via [URL] Internally it loads in 2 seconds, externally it is taking 68seconds(ish)..
I can't work it out, the fibre shouldave made things loads quicker but is infact very slow. I'm wondering if something network wise is going on.
The intranet is a php intranet sitting on apache, and using postgresql as the database. Other pages load fine, this specific index.php page does quite a lot of DB connections and so on, but as I say before, it worked fine before the migration.
I can hear nothing sound driver disabled... windows explorer wont open...and my notepad and calculator wont work either... how do i remove it..
View 1 Replies View RelatedI'm trying to access the CLI on a Cisco Catalyst 4003 switch.
It has a WS-X4012 Supervisor module, a WS-X4232-L3 - Layer 3 Routing Module, and a WS-X4418-GB switching module. Well to make things short and sweet, I don't have a computer with a COM port on it. I need to access the CLI to setup the switch, and I only have a ethernet port on my computer and I'm running Ubuntu 11.10. How to access the CLI? This is just a second hand switch I picked up.
We just upgraded from 8.2.4 to 8.2.5.20 on each firewall. The Primary and Secondary work when they are standalone but, when we connect the fail over link from the Primary to the Secondary, invariably, one of them will go into a constant boot cycle and one will be active but, external users will be intermittently dropped. As soon as we unplug the fail over, the firewall that stays up behaves normally. This is with 8.2.5.20 code or any other code for that matter?
View 2 Replies View RelatedHave a WLC 5508 running 6.x code with LAP's providing wireless for our internal laptops (WPA2 and EAP-TLS). I want to provide guest wireless which goes out a different port on the WLC to a guest firewall/cable modem. However, we want to prevent our internal laptops from being able to use the guest wireless. I have RADIUS (IAS) and LDAP for my AD available. We would prefer not to have use Lobby Ambassador and just have the guests use a simple password or web passthru. Guests may be laptops or smartphones. What options are available? I have tried a test setup using dynamic vlan assignments from RADIUS using the IETF flags, but can't seem to get it to work. Is there a way to identify the SSID is being used at the RADIUS server?
View 13 Replies View Related