Cisco VPN :: ASA 5510 Using Windows 7 Computer As NTP Server
Apr 29, 2012
I have an ASA5510 connected to a computer running Windows 7 (the NTP Server) on its "inside" interface.Using the ASDM, I have configured the ASA5510 to use the Windows 7 as its NTP server (my architecture forces me to use a local machine as an NTP server):
-IP address: 192.0.99.1 (the ASA5510 has an IP address of 192.0.99.40)
-Interface: inside
-Key number: None
-Enable NTP authentication: no.
I have other Windows computers on the "inside" interface using the NTP Server, so NTP traffic is relayed without any problem. But somehow, the ASA5510 is not able to synchronize with the NTP Server.I see the following log entry:
-Source IP: 192.0.99.1
-Source Port: 123
-Destination IP: 192.0.99.40
-Destination port: 65535
-Description: Teardown UDP connection 3905 for inside: 192.0.99.1/123 to identity: 192.0.99.40/65535 duration 0:02:01 bytes 96
so it seems like the ASA5510 sends a request to the NTP Server, but I am not sure whether the reply doesn't get processed correctly, or the connection stays open too long (my UDP connection timeout is the default, 2 minutes).
I had trouble getting SonicWALL NSA2400s to use Windows 7 devices as NTP servers. I had to get a firmware version where there was no MD5 authentication (which I think is OK in this case), and change a setting in the Windows registry (HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/services/W32Time/Config/AnnounceFlags: from 0xa to 0x5)
View 5 Replies
ADVERTISEMENT
Apr 23, 2011
I have configured a my desktop as a domain controller with server 2008..with dns service running on it. When i tried adding another desktop to this domain, i get the following error message
"Troubleshooting network identification Error: This computer successfully resolved the Domain Name System (DNS) service (SRV) resource record required to locate a domain controller, but it failed to locate a domain controller for the Active Directory domain displayed in the error message.
Cause: The required A (address) resource records that map the name of the domain controller to its IP address do not exist in DNS.
Solution: Verify that the required A resource records do not exist in DNS by using the Nslookup command-line tool.
See also: To verify that A resource records exist in DNS. Cause: The domain controller advertised in DNS may not be connected to the network or is connected to the network but is not running.
Solution: Verify connectivity and then verify that the domain controller is running.
See also: To test a TCP/IP configuration by using the ping command; DNS requirements for joining an Active Directory domain."
View 7 Replies
View Related
Apr 14, 2011
At my office we have a dell server running windows small business server 2003, there are around 15 computers on our network running mostly windows 7 (a few with XP). I am wondering how difficult it is to add a computer to the network so it can log into our domain and all that.I just had to reformat one of the computers and would normally wait for our network guy to do it remotely but If i could do it myself it would save time (and money). I am already an administrator and basically i just need to make it so the log in prompt when windows starts has our office network listed as the domain instead of jus the local log in. It is a dell running windows 7 64 bit.
View 5 Replies
View Related
Jul 5, 2012
I planned for my customer to replace his old LMS 4.0.1 server under Windows 2003 by a new server under Windows 2008 R2.Customer wants also to set a new LMS name and IP address for the new server under Windows 2008 R2 and keep both servers on the network.I'm wondering what could be the best procedure to do that migration.Can I used backup / restore procedure in that case ?If yes, what file must I modify to adapt the new LMS configuration to new hostname and IP Address ?
View 2 Replies
View Related
Jul 24, 2011
I'am using ASA 5510 and I try to understand how PAT is working.I want to add a Mail Server in the LAN and a webmail using port 3000 on the server. ( webmail must be reachable from the WAN)This is my Configuration :actually LAN users access internet using NAT with one global IP ( 194.x.x.69) which is the ASA WAN interface.
WAN ----- ISP Router ---------- FW ---------- LAN -------- Mail Server + Webmail
| (25) | (3000)
194.x.x.69 192.168.1.254 192.168.1.6
I need to forward port 3000 and port 25 from outside to inside.For example, from the WAN : [URL] must be redirect toward 192.168.1.6:3000 . What is the Correct Configuration ? And what about the Inside/Outside Traffic,Is there any configuration to add ?
View 2 Replies
View Related
May 10, 2010
We have a working configuration for L2TP-IPSec connection from a native Windows XP client to the ASA 5510. When trying to set up a connection from a Windows 7 client, the connection fails with the message that all SA proposals are unacceptable? Is this coexistence possible, and what parameters would I have to change to get this working. I have understood that the Windows 7 client requires som higher security proposals, but have not found what these are. And at the sam time we are concerned about not destroying the VPN connection for our existing XP clients.
View 8 Replies
View Related
Jan 10, 2013
i've been using a VPN to connect to my home network from elsewhere for a few months. It's set up as follows:
PPTP
Maximum Strength Encryption
EAP-MSCHAP-v2 Authentication
Now I find out that MSCHAPv2 authentication has been broken and is no longer considered secure (even by Microsoft), so I want to change the protocol I'm using to make it secure.
However, I've spent 3 hours now researching this and I cannot for the life of me figure out how to use a better protocol on my Windows Server 2012 home server. I've tried setting up PEAP authentication (still PPTP) a la Microsoft's recommendation document, but it requires a certificate. I've created a self-signed certificate but it seems I can't issue certificates (via this method) without being a member of a domain, so I'm stuck. I can't even get started with L2TP since I can't find the option for it.
My question is this: Is there a way to setup a secure VPN server using Windows Server 2012 without a domain? If so, how do I do this?
View 1 Replies
View Related
Sep 29, 2011
i am facing the same problem now but am using windows 2003 server
View 1 Replies
View Related
Feb 11, 2011
I have install the administration toolpack on Windows 7 and enabled remote connections on my server 2008 box, When i try and connect with my Windows 7 server manager it does not work.I see stuff on google about enabling a trustedhost with winrm but can't find a way to do this.
View 18 Replies
View Related
Mar 10, 2011
Is there an iTunes Server for WHS 2011 available?
View 3 Replies
View Related
Nov 20, 2011
I have a peculiar situation where I need to assign a public ip to a computer without going through firewall (for testing purpose).
I have the leased line going through a 3750 switch to the ASA 5510(15.240.1.2/30) belonging to vlan 999. ASA has default route going to 15.240.1.1/30(ISP).
I have different public ip range for LAN and WAN My WAN ip is 15.240.1.0/30, LAN ip range is 15.240.2.24/27 nated by ASA..
I want to connect the PC to the switch port belonging vlan 999 and ip address of 15.240.2.26/27.
If yes, what will be the gateway for the computer?
View 3 Replies
View Related
Aug 28, 2012
After getting New Workstations, I wanted to connect that to the SERVER but Windows 7 could not log into domain of our server with Windows Server 2003. Besides following the proper process/steps. I am able to use the printer and internet shared through SERVER though.
View 2 Replies
View Related
Dec 14, 2010
I've been reading that the Windows Server Backup that is included with Server 08 R2 is pretty good. Is spending $400 on a third party utility worth it?
I'm asking because we're purchasing a new server soon and I want to know if the included backup is going to be good enough. Will be backing up server state as well as data to tape and possibly an off site server (server 2003) if I get my way.
View 19 Replies
View Related
Sep 27, 2011
Is there any way to use an asa 5510 to detect which computer on the inside of my network is connecting to ip 87.255.51.229. I am being blacklisted for w win32/Zbot connection, I need to identify this computer and get it disconnected from the network ASAP.
View 6 Replies
View Related
Jan 25, 2013
I know the best thing one should do is install an ISA server and an Active Directory Domain Controller on separate servers. But for some reason, I want to configure my Windows Server 2003 as an ISA server as well as an Active Directory Domain Controller. What can happen to my server making it run improperly. For example, my ISA server will function mainly as a Firewall, I wonder if all the rules I create in ISA server determine what I mean it should work or I have to consider any affection from Active Directory DC to those rules?I have to ask this question because I've already installed both ISA and AD DC on my Windows Server 2003, already created an Allow. All rule (just for testing connection) in ISA server but I can't ping from all the clients to my server, all the clients can ping each other and the server itself can ping to all clients. I just think that may be the affection from AD DC to my AllowAll rule in ISA server.
I successfully created some rules that worked greatly as they should work but when I hadn't installed AD DC yet (just installed ISA), however right after installing AD DC, it still worked well (this made me think that AD DC didn't affect to how ISA works). Then I configured a little related to DNS server, and maybe something I don't remember exactly and now I can't ping from my client PC to my server. My network is virtualized using VMware 8 workstation and GNS3, at first there is no need of GNS3 because I just want to test my internal network (some clients connected to the internal interface of ISA server). Depending on VMware that I can't be sure if it is some fault of VMware or any other thing but my configuration on the servers.
View 5 Replies
View Related
Mar 19, 2011
I'm working on a small network (1 server, 6 workstations, stand-alone, not connected to the main Company Network) "reinstalling" a Workstation. Re-imaging from semi-generic Norton Ghost image (4 of the 6 Workstations run the same programs with different addresses). I then had to reset the IP, the Computer Name, and then the Domain (I did it in that order).
I'm using Windows Server 2003 as the domain controller, and the Workstation is Xp Pro Sp 2.
The Workstation is using the same IP, Name, User as before, and they were working with the server previously (a program had corrupted prompting the reinstall).
The problem is that if I open windows explorer and type in the Workstations IP (\000.00.0.1) I get access to the computer. But if I go there and type in the Workstations Name (\Computer01) I get a "you may not have permission to use this network resource" error.
If I go to the work station, and try the same thing except with the Server's IP (\000.00.0.100) and Name (\Server01) I get access.
This Workstation controls an I/O device that is used by a program running on the server (most of the time, not while I'm doing the install of course) and the program uses the Workstation's Computer Name to access it.
As far as I can tell all the settings on this Workstation match the 3 that are running the same programs, but I could have missed something.
I'm a bit stumped by this, I don't normally deal with the Server side of the computers. I usually just set up the workstations to whatever Name/IP the Net-admins give me. But my bosses put me in charge of this little network, mainly because the Net-admins din't want to deal with it.
View 2 Replies
View Related
Jun 15, 2011
I have an old computer that is currently running XP at 2.1GHz Athlon AMD with 1.5 DDR RAM, would I be able to turn it into a dedicated server? More importantly, should I? all I have is a small home network running a couple desktops and a printer off one and connected by a wireless router to the internet, would it make a difference at all in processing speed or connectivity on any of them?
View 2 Replies
View Related
Jan 7, 2013
How to create a small computer lab. I own a private tutoring class and i want to expand into computer programing. I am planning on purchasing about 10 computers to begin with. However, i want go create a small server so that each student has their own log in id# and all their files are only accessed when they log in. I just want to find out how i would be able to do this as ive seen this at public schools.
View 1 Replies
View Related
Jan 30, 2013
I have recently got our Cisco engineer to create a VPN connection to our network through a ASA5510. I am able to ping all devices on the network bar two servers (2xW2K3, one configured with AD/DNS and the other is a AD/file server) using IP addresses ,However, I cannot ping any devices using host names. The engineer has entered in the correct IP address of our DNS server, but still we have this issue. As the VPN client cannot ping the DNS server, it is unable to resolve the host names, but I cannot seem to work out why we cannot ping the DNS server.
View 1 Replies
View Related
Jun 22, 2012
I have two server computers. there IP addresses are:
1. 192.168.0.99
2. 192.168.1.99
Now, how to configure it for accessing data from each other?
View 7 Replies
View Related
Jun 16, 2011
I have an old computer that is currently running XP at 2.1GHz Athlon AMD with 1.5 DDR RAM, would I be able to turn it into a dedicated server? More importantly, should I? all I have is a small home network running a couple desktops and a printer off one and connected by a wireless router to the internet, would it make a difference at all in processing speed or connectivity on any of them?
View 6 Replies
View Related
Mar 26, 2013
I basically want to get windows rt vpn to connect to the asa 5510.
View 1 Replies
View Related
Feb 14, 2013
I have two computers one running on Xp and the other on 8, they are positioned next to each other and I'd like to connect them so each can access the other. They are connected via enthral to a common router.
View 1 Replies
View Related
Jul 2, 2012
I need to forward traffic from an Amazon server to an internal server with a SQL database on it so need to forward TCP 1433 to an internal IP (192.168.252.43) I have created an access rule to allow the amazon IPP through on 1433 but I am unsure how to point the traffic to the SQL server on the LAN.
I expect I will need to create a NAT rule to do this but cannot see how to achieve it.
I have another problem concerning a site to site VPN which establishes OK but does not pass traffic, I will post that question separately.
View 2 Replies
View Related
Jul 5, 2011
i have an ASA 5510, i configured a ssl portal acces for my company. it used to work. now, it's still half working : 1/ i can connect to the web ssl portal page with the AAA acces (login and psw) 2/ but after, it's no more possible to access at corporate web pages, like intranet, always the same message : "connexion failed - serveur xxx not available". See the attachement.
i watched logs, my packets are dropped but i don't know why.
View 0 Replies
View Related
Dec 5, 2011
I have a Cisco ASA 5510 and a Cisco ASA 5505. I want to configure the ASA 5510 as Easy VPN Server and 5505 as Easy VPN hardware client.Using either CLI or ASDM.
View 1 Replies
View Related
Nov 19, 2012
Is this possible and if so what commands do i need to configure on my ASA 5510 for it to work.I have two web server within my DMZ and i want to access the outside url of on on the web server from the other. Currently i can access the internet from both webserver server but not the url form either webservers.
E.g. config
webserver 1 https://xxxxxx.xxxxxxx.com ---> public ip---> dmz ip
webserver 2 https://xxxxxx.xxxxxxx.com ---> public ip---> dmz ip
View 2 Replies
View Related
Mar 23, 2013
I bought ASA 5510 about a week ago, very basic configuration and my priority was and still to get access list inbound the outside “Security Level 0 “so I can access my web server from the cloud but unfortunately I could not make it work (((TCP access denied by ACL from 92.40.X.X/52511 to outside:81.108.X.X/80))). ••à>> 92.40.X.X is a pc from the cloud that I used to access my web server and the 81.108.X.X is my public ip address My recent Conf is as follow:
Nat Section:
==================================================================================
Dynamic:
nat (inside,outside) source dynamic any interface <<<To have the PCs that inside the Network to have access to Internet>>>>
[Code].....
View 4 Replies
View Related
Apr 5, 2011
I can not have "dns server-group" on my asa 5510, could you tell me how to get this command in my ASA 5510.
View 3 Replies
View Related
Feb 22, 2011
System was running fine untill about two days ago. File and print sharing stop working. went to services and tried to restart "Computer Browser". It would not start due to a dependancy. Tried to start "Server Services" Got the following error. "Can not start Server Service on local computer, Error 2:The system cannot find the filed specified". The files srvsvc.dll 95KB 4/14/2008 The file srv.sys 327KB 4/14/2008.If I delete either of these files they are just created again. If I replace them with the new versions they are converted back to these files.I am running XP Pro SP3.
View 3 Replies
View Related
May 2, 2012
I work in a small group with a network server so we can share files and documents from computer to computer. I am trying to access this server on a new computer and am not having any luck finding instructions on how to do so. I don't need to sign in to the network (to gain access to internet browser, etc), I need to be able to add this computer to our server so I can view these folders & files on this new computer.
View 2 Replies
View Related
Feb 10, 2012
need to know why I can not connect to the internet after I am done downloading windows Xp on my Desk top. I got an error message from the cmd, saying that computer is unable to contact DHCP server.
View 1 Replies
View Related
Nov 21, 2011
I am just wondering how to set up a home network with an old computer used as a server... we will have a wii, ps3, lap top, and 2 desktops connected to the network as well as two dell printers. The laptop runs windows XP and the desktops run windows vista. The old computer will will use as a server is windows xp or windows 98 (most likely wont use that computer). What will i have to do to set this up and run the server as well as the network.
View 9 Replies
View Related
