I have one server-A(windows 2008) installed one application called"host front" which gives athentication to connect Linux(mainframe console)server(SERVER B). These 2 servers are bihind the firewall.If one internal user who has the athentication to logine server-B ,tried to login server A,will get the" username and password"screen and once they enter the username and password ,will get the server-B screen.But if somebody try to connet via MPLS(we need to test MPLS site customers) from outside via ASA 5540 ,to server-A will get the "username password" screen and once enter the credentials,after 1 minitue will get error"http server faild to send datas to the server" and will not move to server -B screen.Where do you think is the problem?
I have one server-A(windows 2008) installed one application called"host front" which gives athentication to connect Linux(mainframe console) server (SERVER B).These 2 servers are bihind the firewall.If one internal user who has the athentication to logine server-B ,tried to login server A,will get the" username and password"screen and once they enter the username and password ,will get the server-B screen.But if somebody try to connet via MPLS(we need to test MPLS site customers) from outside via ASA 5540 ,to server-A will get the "username password" screen and once enter the credentials, after 1 minitue will get error"http server faild to send datas to the server" and will not move to server -B screen.
We have Cisco ASA 5505 with ASDM 5.2 We have one Proxy server in our Local Lab and pointed to Hosted service(Simple Signal)issue is, When our proxy server send register to hosted server, ASA change private IP and post with outside IP and src port as 1063 every time.
Here is debug log on real time monitoring.
Aug 24 2011 05:21:19 302015 203.xxx.xxx.226 192.168.1.51 Built outbound UDP connection 3774 for outside:203.xxx.xxx.226/5060 (203.xxx.xxx.226/5060) to inside:192.168.1.51/27014 (126.96.36.199/1142) Aug 24 2011 05:21:19 607001 203.xxx.xxx.226 Pre- allocate SIP Via UDP secondary channel for inside:192.168.1.51/27014 to outside:203.xxx.xxx.226 from REGISTER message Aug 24 2011 05:21:19 710005 203.xxx.xxx.226 99.xxx.xxx.107 UDP request discarded from 203.xxx.xxx.226/5060 to outside:99.xxx.xxx.107/1063
Here 99.xxx.xxx.107 is Our ASA Outside IP address 203.xxx.xxx.226 is Hosted server IP address. My ASA config is attached.
Add the ability to send syslog events to multiple syslog servers in the SA500 Series routers. I know the functionality is currently in the RV220W because we utilized it. It would be great if you could configure the syslog servers by event type as well. For example, being able to send the kernel events to syslog server A, and all other events to syslog server B.
I have a server with two adapters: 192.168.1.200 and 10.99.1.200, 10.99.1.200 connects to a cisco router 10.99.1.254 (which I have no access to). This connects via WAN to another network to transfer files to another company. 192.168.1.200 is connected to our local LAN. I have a service that uses FTP to get and send files to a server through 10.99.1.200. I recently had to switch our IP scheme from 10.99 to 192.168 and since then haven't been able to send files to the ftp server. My question is, would a router solve my problem? If so, would I; remove the 10.99 adapter, connect 192.168 to the router, connect the router to the switch, connect the 10.99 gateway to the new router (and update any appropriate routing tables on the server)? The service appears to have issues with using a dual homed server and updating it isn't going to happen anytime soon.
Wondering if it's possible to send a VSA from my radius server to my ASA-5505 that will instruct the ASA to use one of several split tunnel lists I have created, based on the user name supplied in the Radius request.For example, I can send a VSA of "ip:inacl#1=permit ..." and the ASA will dynamically create an access-list for that user.Is there a similar VSA for split tunnel?
I cannot get my server to send outgoing traffic through my network. I.e. If i try to connect to any of my services i get a very weak connection. Now, i can still CONNECT, i just don't get any data flow. I cant even PING the server internally, it just times out. Now, regardless of whether i use my internal IP/external domain, i get the same issue. I logged onto my computer and tried a speed test the download was normal (around ~20mbit) but the upload times out.
Here is the fun part, if i connect to the server using a switch, everything works fine! Is it my router or some stupid configuration issue? Router is a WRV54G (I hate this thing). Server is running windows 2008 and has a virtual machine.
I currently have 90 remote locations that have PIX501's. They are all running 6.3 on them. All of these locations are creating an IPSEC VPN to my ASA 5520 (8.4) at the data center. Web access at the remote locations is currently being handled with ACL thru split tunnels. This is getting increasingly not fun as I have to reach out and touch them one at a time whenever I have to allow more access to the net. Code...
I would like to keep my split tunnel (if possible) for ports 443 and 21. I allow access to "any" on those ports and have no plans to change it.
Can I send port 80 down the VPN tunnel to the Proxy/Web Filter and then return the results to the Remote Client.
Just installed a RV042 with dual wan connections. Would like to make the WAN 2 (new cable modem as well) the primary connection over WAN1 (DSL), however whenever I switch from WAN1 to WAN2 in Smark Link set up, our email server will not send mail out, even though nothing is blocking the connection.
After we have installed patch 5 on several ACS 5.2 server they aren't able anymore to write their backups to the sftp servers. I tried to search on the bug tool kit, but it seems to be broken when searching for the keyword "sftp". It's the same when I try to do a "copy logs" with sftp as destination.running a debug I can see,
acs/admin# copy logs sftp://10.1.115.11/,Collecting logs...,Username: backupuser,Password: ,6 : transfer: cars_xfer.c [admin]: sftp copy out of /var/tmp/ADElogs.tar.gz requested,6 : transfer: cars_xfer_util.c [admin]: resolved server to 10.1.115.11,7 : transfer: sftp_copy.c [daemon]: Executing SFTP command: /usr/bin/scp -o StrictHostKeyChecking=no /var/tmp/ADElogs.firstname.lastname@example.org://ADElogs.tar.gz,% Error: Transfer failed3 : transfer: sftp_copy.c [admin]: sftp_copy ERROR: command execution failed,3 : copy: cm_copy.c [admin]: Logs archive transfer to url sftp://10.1.115.11/ failed retcode=-306,acs/admin#
I am using Solawinds syslog and trying to get our Cisco routers send syslogs to our syslog server. I followed the procedure on Configuring Cisco Devices to Use a Syslog Server from [URL] Our Cisco swtches are all sending syslog messages but not the routers. I compared the config with our access switches but can't seem to find the problem:
I have a Windows XP laptop and a Windows 7 desktop. The desktop has no wifi support, I had built it myself. To get internet on my desktop (used for games), I had connected my laptop to the pc, and the laptop picked up wifi from my AT&T gateway in another part of the house. ( I can't move the gateway currently) I have been wanting to connect the desktop to a router/repeater/bridge that would pick up my gateway signal, therefore eliminating the use of the laptop. I also have an Xbox right next to the pc, so I din't want to get an adapter because then I would have to purchase two, so I picked up a a wireless n router with 4 ethernet ports. ( then I could connect both systems using 2 ethernet cables) [URL] I knew when purchasing the router that it had repeater/bridge support. Currently, I have it configured as a wifi bridge. I can connect to it via my laptop, on the wireless networks page, it shows my gateway signal, and the bridge/router, so I connect to the router. It says I have excellent connection, but I can't connect to the internet? Using Google Chrome, it says DNS lookup failed. I can't get on any website, only the router's config page, which is 192.168.1.1. I also connected the router to my pc, and when troubleshooting it says DNS server not responding, may be non existant or incorrect?
Trying to set up remote access to webcam. Signed up with dyndns.org for Hostname, but when I try to set up the DDNS Service Settings in the webcam firmware it continually gives 'Bad reply from server' and I'm pretty clueless when it comes to networking! As far as I can see it requires a User name and Password plus the newly acquired Hostname as shown [URL]
My wireless internet at uni is showing up with two errors, when its connected it will come up saying that there is an ip address conflict then it will work for a short time then show this message when I try to load a webpage:The server at Google can't be found because the DNS look-up failed. DNS is the network service that translates a website's name to its Internet address. This error is most often caused by having no connection to the Internet or a misconfigured network. It can also be caused by an unresponsive DNS server or a firewall preventing*Google Chrome*from accessing the network.
i have an ASA 5510, i configured a ssl portal acces for my company. it used to work. now, it's still half working : 1/ i can connect to the web ssl portal page with the AAA acces (login and psw) 2/ but after, it's no more possible to access at corporate web pages, like intranet, always the same message : "connexion failed - serveur xxx not available". See the attachement.
i watched logs, my packets are dropped but i don't know why.
I connects to the wireless box and has full signal but an exclamation mark is present.I have run some tests and the IPv4 and IPv6 say they have no internet access.I also run a full test and everything passed except the ping test which failed and it said: no response:default gateway response: dhcp server it suggested disabling security firewall but i'm not sure if that's the correct thing to do or even how to do that!
I've configured in an UC520 a SSL VPN.I can access properly and I can see the labels, but I only can access urls which are http, not https:I can access the default ip of the uc520 (192.168.1.10) but When I try to get access to a secure url I get the msg: Failed to validate server certificate I'm trying to access a Cisco Digital Media Manager, whose url is URL Does the certificate of both hardware has to be the same?
I have a little problem with my ASA 5510 version 8.2(1) with a IAS server RADIUS for strong authentication.
I have configured a double authentication for my client to access SSL portal:
First authentication: AD serverSecondary authentication: IAS for my token SAFENET ALADDIN The server IAS is declared on a W2K3 and it's standard.
The problem I have is that after more than 24hours of unutilization, when i try to log in, my authentication failed the first time and then the other tries work fine as long as I use it in a period of 24hours.
I first thought about the timeout so i tried to put a "timeout" of 15seconds for AD and IAS servers and a "retry intervall" of 3 seconds, it doesn't change much.
Is there a tool/option in the ASA to check connectivity with the radius every 1h for example.
I just had comcast business class installed. They installed a SMC d3g router. It does not support nat loopback. I had a server installed and could not browse to it inside the lan because of this issue. I was instructed that I needed to set the the servers IP to the external address and open the ports to that. That worked, and I added an internal address 10.1.10.x so that I could see it inside the firewall. The issue that I am having is that since I did this, the server can not be seen by the macs and the mac shares don;t show up for them.