Cisco VPN :: 5520 - Setup Environment That Allows Users To Use Dameware To Connect

Feb 23, 2012

I have been tasked with attempting to setup an enviroment that allows users to VPN from home and use Dameware to connect, from home, to another machine in another users home that is VPN'd into the same network. Is this possible?
 
We are using 2 5520 ASA's and CiscoAnyConnect.

View 1 Replies


ADVERTISEMENT

Protocols / Routing :: Users Internet Connection Based On Their Username Or Group In A Windows Environment?

Jan 12, 2012

I'm looking into a way of routing users internet connection based on their username or group in a windows environment. Currently there's two ISP connections with their own proxy server. I want a user to be fully redirected to one of the ISPs based on who they are. I was hoping via IE proxy settings, this can be accomplished, but it looks like the primary ISP connection, is still getting most of the connections/routing.

View 1 Replies View Related

Cisco VPN :: ASA 5520 / How To Use Environment-variables In DAP-policy

Feb 27, 2011

I am using the "File exist"-check in my Dynamic Access Policies to be sure that VPN-computers are corporate. I would like to place the file in each users %APPDATA%-directory, but it seem that the ASA cannot use variables when specifying the path? Is there a way to do this or do I have to use a absolute path in the check?I am running a ASA 5520 with sw 8.4(1).

View 1 Replies View Related

Cisco VPN :: What Are Possibilities That Exist For Running Site-to-site Vpn In Environment 5520

May 23, 2013

What are the possibilities that exist for running a site to site vpn in our environment with the following infrastructure Cisco ASA 5520 - running on a multiple context mode
 
-Cisco 3750 switches
-Microsoft TMG
 
I believe these options are limited in terms of providing end point for VPN.Is there a VPN module that we can buy for 5520 to run IPSEC VPN?

View 2 Replies View Related

Cisco VPN :: Log Off Idle Users / ASA 5520

May 6, 2010

I'm using a Cisco ASA 5520 with IOS 8.2.2.  We have many remote users using the Cisco VPN client, but I have been asked can we logout idle users as we do hit our license limit and some users stay conenct for days.

View 3 Replies View Related

Cisco VPN :: ASA 5520 - Persistent IP Address For Some Vpn Users

Sep 13, 2012

We are using Any connect vpn client (v2.5.3055) to an ASA 5520 (v8.4) in a development environment. We use our corporate Radius server to authenticate users. We have certain users which need have the same IP address every time they lo gin. As it is configured now, the IP addresses are assigned sequentially from the pool. Is there a way to allow certain users to get the same IP address each time they log on?

View 3 Replies View Related

Cisco Firewall :: ASA 5520 - Users Can't Access Through By Name

Mar 13, 2011

I just configure an ASA 5520, here is the config (the ip address of outside network if going to change from private direccion by reason security).
 
The problem that I have is the users can access to the web site through the public´s ip address but they do not can access through by name. We review all the config on the server DNS and with the command NSLOOKUP we can see that work fine. The client think that the asa is blocked the connnection.
 
[code]....

View 1 Replies View Related

Cisco VPN :: 5520 - Restrict Certain AD Users From Access?

Dec 13, 2012

Is it possible to deny VPN access to specific AD accounts?
 
Currently setup with 5520, LDAP authentication for VPN users.

View 3 Replies View Related

Cisco Firewall :: ASA 5520 - CSC Blocking Using IP / Users

Jan 17, 2012

I am new at ASA 5520 and CSC module (version 6.3). I would like to know what configurations are possible for my network users if i use the CSC trend micro blocking using IP address or AD users, I know that i could select users/groups from the windows  AD or select the IP addresses that i want to use for blocking or permit HTTP traffic (URL, etc).

My question is on the client side, how the CSC knows what AD users is the one that is requesting certain HTTP pages, or if i user a proxy server, i lose the IP/users options on the CSC??..or i could use authentication options on the proxy for example?.

I have been looking information about this but the manuals only explain the configuration options that i could configure on the CSC Trend Micro page, but it doesn't say which network environment i could use or need.

View 2 Replies View Related

Cisco AAA/Identity/Nac :: 5520 VPN Users Are Authenticated Against MS-AD Through LDAP

Sep 1, 2011

I have 2 ASA 5520 (v. 8.21) in a active/standby fail over configuration.
 
VPN users are autenticated against the MS-AD through LDAP. For the most part this works well. Occasionally I'm having problems with new users in the AD. If I run a test I keep getting "User was not found". This can happen days after the account was created still. In some cases it never seems to work. The accounts I create exists on the same OU level as all the other accounts that are working.

View 2 Replies View Related

Cisco Firewall :: 5520 - URL Blocking To Be Applied To Specific Users

Feb 10, 2010

I am having ASA firewall 5520. I want to block yahoo mail, gmail using regex for particular users only.

View 5 Replies View Related

Cisco VPN :: 5520 - Incorrect TCP Session Logs For Remote VPN Users On ASA

Oct 29, 2012

I have a problem on a Cisco ASA5520 version 8.2(5). A customer has set up a syslog to keep tracks of tcp sessions made by vpn users. On the syslog we filter %ASA-6-302013 and %ASA-6-302014 log messages, respectively: Built inbound TCP connection and Teardown TCP connection. When the connection is made by a vpn user, at the end of the log line you see the vpn username which should be the same in both the messages for the same connection. I have verified that when a user, let's say UserA, disconnects from the vpn, their tcp sessions are not properly closed; if another user, let's say UserB, establish a VPN immeditaely after and gets the same IP address previously assigned to UserA, the log sessions are recored with UserA in the %ASA-6-302013 message and UserB in the %ASA-6-302014 message. I presume this is due to the fact the tcp sessions are not tore down when the first user disconnects and it looks like a bug to me but I didn't find it referenced anywhere. Is there a way to have all tcp session tore down when a user disconnects the VPN connection?

View 2 Replies View Related

Cisco Firewall :: Traffic Shaping Per Users / Ip / Application Using ASA 5520

Apr 5, 2011

I hava Cisco ASA 5520 with AIP-SSM module. I would like to have the below features with ASA installed in Transparent mode.
 
1. Traffic shapping per user
 
2.  Traffic shapping per IP subnet
 
3.  Traffic shapping per Application
 
Is it possible with ASA installed in Transparent mode?

View 9 Replies View Related

Cisco Firewall :: ASA 5510 / 5520 - Number Of Users That Can Be Created

Jul 5, 2012

How many user accounts i can create to a Cisco ASA box? Say for example a Cisco ASA 5510 or Cisco ASA 5520?

View 5 Replies View Related

Cisco Firewall :: ASA 5520 VPN Users With WCCP Redirection To IronPort

Apr 11, 2012

I have a 5520 ASA using wccp redirection to our IronPorts on the inside and everything works great for inside users. What I'm trying to do is get VPN users off split tunneling and to filter their traffic through the IronPorts as well but I can't figure out how. When they connect they seem to bypass the Ironport completely.

View 5 Replies View Related

Cisco Firewall :: ASA 5520 To Block Https Traffic But Users Are Able To Open Website

Jul 1, 2011

We have ASA 5520 with CSC-SSM 20 and we want to block https traffic but when we are blocking https traffic http traffic going to block but user are able to open website. 

View 1 Replies View Related

Setup A Network With 30 Users Mostly Using Windows?

Oct 6, 2011

I'm looking to setup a network with 30 users mostly using windows. Would you recommend me getting a router and then a switch to hoook up all those LAN connections ?

View 4 Replies View Related

Wifi Network Setup For 200 Users

Jan 2, 2013

I want to setup a wifi network in my office that can support 200+ users at a time. I'm trying to but I have very limited knowledge about networking. We currently have 2 5MBPS internet leased lines. The total office area is around 2000sq ft, all open, separated by glass walls only. I'm thinking about buying a powerful load balancing router and a switch, then connected 4-6 wireless router to this switch and give single wireless SSIDs to all routers. I want to keep one single network for all the users. Is this the right way to do?

View 7 Replies View Related

Cisco AAA/Identity/Nac :: Setup ACS 5.2 With An ASA V8.3.2 To Lock Users Into VPN Groups?

Jan 18, 2011

I'm trying to setup ACS 5.2 with an ASA v8.3.2 to lock users into VPN groups based on a users AD group.  I've tried various combinations but the group lock isn't working.  I've done steps 1 & 2 ...
 
1) Network Devices and AAA Clients -> Define VPN

2) Users and Identity Stores -> Setup AD and Directory Groups, test connection
  
Policy Elements:
 
Q1) Policy Elements - Do I need an authorization profile for each group:

Q2) What RADIUS attributes should I use to match my ASA tunnel-groups?
 
RADIUS-IETF attribute 25?RADIUS-Cisco VPN 3000/ASA/PIX 7.x 85 (Tunnel-Group-Lock)?Other?
 
Access Policies:
 
Q1) Do I need to enable and use group mapping?

Q2) Do I need a Network Access Authorization Policy for each group?

View 8 Replies View Related

Office Wireless Network Setup - 50 Users?

Nov 1, 2012

I presently have a fiber internet connection to my office with about 40 wireless users on a single AP. The connection keeps dropping. Probably due to too many users on a single AP?

1. My question is similar to aniketchitale's, can get another wireless router, create a different SSID (eg. router1 and router2), but both wireless routers still connected to the same fiber connection. In other words, I would like to segregate the first 20 users to router 1 and the next 20 users to router 2.

2. By having 2 wireless routers each with their unique SSID, will all the users still be able to access to the same printer in the office?

View 12 Replies View Related

Setup Of 20 Users Small Network Description?

Mar 10, 2013

How to setup a 20 -30 computer network.

Requirement:
- All systems can be accessed from network and should be connected.
- Data storage in a centralized device and accessible from all device.
- Should be connected to internet.

View 1 Replies View Related

How To Setup Home Server And Restricting Users

Feb 20, 2013

I am a networking student so have access to a free copy of Windows Server 2012. I want to setup and get experience with AD, DHCP, and DNS, among other services. Right now I have a Netgear router attached to a Cisco switch. (studying for CCENT cert) I have my desktop and server plugged into switch. I want my desktop to connect to the domain for testing and messing aroudn with. My wife has a netboook, smartphone, and wireless ipod. I'd like her 3 devices to get an IP from the DHCP server without having her authenticate to the server. Will the Netgear router allow this since wirless access is on? Or will she need to authenticate with the server to get a DHCP IP? I am gonig to disable the router's DHCP service.

View 3 Replies View Related

Setup Of 20 Users Small Network Description

Mar 21, 2012

setup of 20 users small network description

View 1 Replies View Related

Cisco Routers :: RV180 - Setup VPN To Allow Users Accessing Via IOS Devices?

Mar 29, 2013

I want to setup a simple VPN to allow users to access the office via the iOS (iPad/iPhone) devices.  I assume I do this through:
 
VPN>IPsec>Basic VPN Setup
 
BUT, what do I enter for the "Endpoint Information" and "Secure Connection Remote Accessibility"?

View 1 Replies View Related

Cisco Routers :: RV220W Rebooting Daily / Setup With SSL VPN Users

Dec 3, 2012

I have a RV220W setup with SSL VPN users, authenticating to an internal Active Directory. Maybe 5 ports forwarded and 8 external IP addresses. Besides this i have 1 data VLAN and a voice vlan on my network.
 
The reboots are on different times on a day, even on Sundays at 7 AM when noone is logged in to the network.FW is at 1.0.4.17.

View 1 Replies View Related

Cisco AAA/Identity/Nac :: 7000 Setup Switch To Be Able To Authenticate Users With Tacacs+

May 2, 2012

I have a cisco nexus 7000 switch and a cisco ACS 5.2. I would like to setup the switch to be able to authenticate users with tacacs+ using RSA secureid tokens when they try to logon to the switch.

View 1 Replies View Related

D-link Dir-615 :: Setup Wifi Users With Limited Time Connection

Dec 29, 2011

I have DIR-615 Cx (bought in Taiwan) Hardware C2 ver. I reflashed with DIR-615 firmware from Singapore to get English interface. I connect to a internet through another router on which I setup D-Link on DMZ with port forwarding.  Router works fine, I have internet connection.  So the question is: I have small cafe and want to offer customers WiFi connection.  I want to setup a time limit and allow them to browse only internet not internal network. (When I connect laptop to D-Link Wifi I can see my NAS on different subnet connected to cable modem/router) And if its possible to limit bandwidth.  Can I do it with DIR-615 and how to configure such a setup?

View 1 Replies View Related

Cisco VPN :: ASA 5520 / Routing Site-to-Site VPN To Remote Users?

Oct 29, 2011

We have a site-site and remote vpn configured in same interface in ASA 5520 ( software version 8.3  ). When Remote vpn users try to connect to computers located on the distant end of site-site VPN, their request failed. I tried No-Nat between  remote vpn private IP to the remote site private IP, also stated the same in Split tunneling. I cant find even the tracert, ping also timed out.

View 7 Replies View Related

Cisco :: Setup A Juniper VPN Into ASA 5520

Jan 25, 2012

I have a ASA 5520 with a functional IPSEC VPN using the Cisco VPN client. This allows my remote users (Staff) using laptops to come in from anywhere on the Internet and tunnel in. Works great.Next, we need to stand up a VPN over a Juniper SSG5 so that when we have groups working outside of our network, they can tunnel back into our network. If they were going to be coming from a known, fixed IP, or even netblock, we'd probably use Route-based setup from a Juniper SSG5 into the ASA 5520. But they may very well be coming from any IP. I am thinking this leads us to Site-to-Site VPNs- it won't be Network Client access obviously, nor will it be Clientless (browser-based).

View 9 Replies View Related

Cisco AAA/Identity/Nac :: 5520 How To Setup Another Access Policy 5.3

Jan 30, 2012

I am new to v5.3, and I am not good at VPN.I just have my consultant to configure this correctly just today. Currently, there is only one rule for the access policy (Single Result Selection). That rule is to use Active Directory as the source for the authentication. And by default will deny any other access which is not found in the rule.Now... I just got an order that I need to setup a new user who will need to access to our network by using Cisco IPSec VPN (the software one). But that user is not setup in our Active Directory, and we do not want him to access our domain anyway. He only needs to access non-domain resourse...such as airconditioning controller by IP. So I am thinking to setup his account by using "internal identtity". If I do this way, what do I need to do to setup another access policy? May you give me some steps with little more details? OR... if it is not the way I should do...what else can I do to achieve this goal? Also, he said he could provide his static IP trying to access from. I have a ASA 5520.

View 4 Replies View Related

Cisco Firewall :: Setup ASA 5520 To Correctly NAT Over Two Wan Links

Jan 18, 2012

I need to setup an ASA 5520 to correctly NAT over two wan links. The idea sounds pretty straingforward but it does not, I have only 2 IPs that are involved with the NAT
 
192.168.1.10(Nated Server) -- 172.16.1.10(Web Server)
 
I have 2 interfaces that sould be applied to it let's say outside1, outside2. The server is reacheable through each outside interface, the outside interfaces is selected uppon dynamic routing and that is working OK.
 
So if link outside1 is up the Nat follows this schema 192.168.1.10(inside) -- 172.16.1.10(outside1)
 
that works fine, but I want that automagically changes over when the link outside1 is down to 192.168.1.10(inside) -- 172.16.1.10(outside2).I know I can't have a NAT with 2 IPs and 2 different interfaces (ASDM doesn't allow me to), is there a way to implement this??

View 22 Replies View Related

Cisco Firewall :: Setup NAT With ASDM On ASA 5520 For A Client?

Sep 15, 2011

I want to setup NAT with ASDM on ASA for a client and I can not make it work. I have several interface:
 
Inside: 10.97.0.1 / 24
Outside: 10.0.1.70 /24
Interco: 192.168.6.1 /24
Other Sites: 10.26.0.4 /24
 
All routing in the network is Ok My customer want to access a server @ ip 10.194.70.1 in https on the interface Interco with his nat address as 10.97.0.11 .This server must be accessible with the address 10.97.0.11:443 from interfaces inside, outside and other sites.And source address must be nated with original destination address 10.97.0.11 to be redirected on 10.194.70.1.

View 7 Replies View Related

Cisco Firewall :: Setup Of IPSec Passthrough On ASA 5520

Mar 28, 2012

I am working on IPSec Passthrough on an ASA 5520, with version 8.3, and ASDM 6.3. Currently I have a requirement for users in my internal network (10.10.249.128 / 25) to be able to connect to external IPSec VPN servers.
 
So I created a network object with 10.10.249.128 / 25, and used dynamic PAT to translate the source ip address to the external internet facing outside interface:

I then added the following rules on the inside-in ACL: However troubleshooting shows that isakmp is passing through the firewall, but esp and ah is not.
 
For isakmp:
 
For ESP:Seems like the nat rule is drawing my ESP traffic,

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved