Access to the network-> ACS 5.4 authorization profiles

Similar Questions

• From Firefox blocks all access to the network

  When I start Firefox (41.0.1), all access to the network is completely blocked. Before you start the FF, I can access the Internet (with Chrome or IE), other computers, but as soon as I launch Firefox, all access to the network (including the connection to other computers) is blocked. In addition, my computer will turn off more.

  As far as I KNOW, I have not installed lately extensions or add-ins.

  Thank you for your resolution. Today, when I mentioned to work, I was told to update Firefox. This seems to do the trick (so far, fingers crossed!).

  (https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings) so very probably an extension is causing harm.

  When this isn't ' t the resolution, I will surely return to your resolutions.

• Adapter LAN question, "no access to the network.

  Original title: LAN adapter issue

  Hi all, when connecting my laptop to a switch of the LED on the switch is green which means connected. The IP address on the laptop is entered manually, but when will the cmd and issue ipconfig it shows "media disconnected" and the network adapter in the Control Panel indicates "no access to the network. It also indicates that "this device is working propoerly! Please advice

  Hello

  What is the number and the model of the computer?

  Remember to make changes to the computer before the show?

  Thanks for posting in Microsoft Communities.  The problem description, I understand that you can not connect to the Internet.  Correct me I misunderstood the question

  Follow these steps:

  Method 1: Follow these steps:
  How to troubleshoot possible causes of Internet connection problems in Windows XP: http://support.microsoft.com/kb/314095

   

  Method 2: Follow these steps:

  
  Step 1: renew DHCP Dynamic Host Configuration Protocol)
  a. click Start, click run, type cmd and click OK.
  b. in the command prompt, type ipconfig / renew
  c. Close command prompt.
  d. check the result.

   

  Step 2: Try to obtain an IP address automatically
  a. open Internet Explorer, go to Tools, click on Internet Options, connections, LAN settings.

  b. uncheck all boxes except automatically detect connection settings
  c. click OK to apply the changes.
  d. check if the problem persists.

   

  Method 3: If the methods above do not help, check if the wireless card is very well and try to update the drivers on the manufacturer's Web site.

  a. click Start and right-click my computer.
  b. Select Properties and then click the hardware tab.
  c. click on Device Manager and expand network adapters in the list.
  d. right click on the adapter, then click Properties.
  e. click the driver tab and click Update the driver.

  Please follow the steps and let us know if this helped.  If the problem persists, answer and we will be happy to help you.

• "No access to the network" problem in Windows 7 and error message "your computer seems to be correctly configured but the device or resource (DNS SERVER) is not responding."

  Hello, I have a desktop PC and a laptop (DELL Inspiron N-4050).
  I have problem with my internet connection cable which is working fine on my PC, but does not not on my laptop giving an error "no access to the network.

  When I troubleshoot it says "your computer seems to be correctly configured but the device or resource (DNS SERVER) is not responding."
  I said to many technicians of microsoft online response, but they could not solve my problem and said this is my DNS problem and advised me to contact my Internet service provider. Guess it's because of my internet so why it works on my PC not on laptop?

  Yesterday, my ethernet cable pulled out my cell phone and I couldn't connect to the internet more. But on my desktop PC, it works perfectly fine. (I do not use wifi, if this information is also required) I have studied several threads with similar situations, and I have tried different methods to solve the problem to no avail. I did a system restore, but I'm having no luck. Also, I did not of the latest changes with my anti virus software and my LAN card drivers look to date.

  When I remove my cable from the laptop and again connect my cable then it works but only after the PC sat for awhile.
  1.I did flush DNS by typing "ipconfig/flushdns" in the command prompt.
  2. my IP address, DNS, subnet mask etc are set to automatic.
  3.I also added physical address taken from command line giving "ipconfig/all". for the properties of the network driver settings.
  4.I ' installed the drivers to date of 2014 on my laptop.
  5.I did a lot of searching the web, but they do not solve my problem.

  Please help me to solve it.
  I appreciate your help.
  Thank you.

  Hello Hall,

  Please keep us updated on the status of the issue.

  I suggest you to follow the steps in this Microsoft article troubleshooting and check if it helps:

  Error message "your computer seems to be configured correctly, but the device or resource (DNS server) is not responding" in Windows 7

  http://support.Microsoft.com/kb/2779064/en-us

  Hope the helps of information.

  Please reply with the results, in order to help you solve the problem.

  Thank you

• LATITUDE DE820 wiped out loaded XP drivers DELL & SW, no access to the network

  Everyone out there - I need HELP... I bought a second hand LATITUDE DE820 with Windows 7 above and it worked fine (also WIFI). I need to load XP Prof on it (Yes...) and therefore all DELL SW disappeared (had no CD DELL) that I loaded package XP 3 Service that I plugged in Ethernet, but I also have a WLAN - but NO communication to all NETWORKS. Ping an IP address any LAN brings 'Host unreachable' IPConfig/all shows: IP of Windows host Setup...: laptop Prim. DNS: Enter Mode: Broadcast IP routing enabled: No. WINS Proxy enabled: Ethernet adapter without Bluetooth network connection: media state: media disconnected Description: peripheral physical addr Bluetooth (Personal Area Network): Mac addr. Control Panel-> network connections displays LAN at the Connecticut 1394 network adapter (properties: peripheral works properly, driver: MS 07/01/2001!) Connection status: connected but 0 packet protocols: f. Client Microsoft NW File & Printer sharing TCP - IP - trying to hit the repair-> msg "TCP/IP not enabled for this connection") Conclusion: I think that my XP drivers are too old, or not DELL problem: I have no access to the network - minimum need drivers update for access to Internet, and then upgrade to download that/those pilot on a Non-Dell PC then CD, then install on the laptop don't know DELL HW, used Service tag to find 11 drivers, drivers resp. 75 for that I think it's a driver of 'network' - but don't know what or any other suggestion? Thks for any help Peter

  Well well maybe it was because I realized that I needed to insert HTML
  to get my text with line breaks.
  But in any case the problem is solved by support group European German DELL who responded very quickly by there DELL Forum and help me great to go again. Thank you DELL-Dave S.
  Problem solved by:
  followind drivers downloaded from the CD, and then installed on D820
  WLAN: HTTP://WWW.DELL.COM/SUPPORT/DRIVERS/DE/DE/DEBSDT1/DRIVERDETAILS/PRODUCT/LATITUDE-D820?DRIVERID=R257701&OSCODE=WW1&FILEID=2731111614&LANGUAGECODE=DE&CATEGORYID=NI.
  LAN: HTTP://WWW.DELL.COM/SUPPORT/DRIVERS/DE/DE/DEBSDT1/DRIVERDETAILS/PRODUCT/LATITUDE-D820?DRIVERID=04VK6&OSCODE=WW1&FILEID=2731090506&LANGUAGECODE=DE&CATEGORYID=NI.
  Now using Ethernet and wireless network worked with access to the network, all the others downloaded drivers from the net.
  Viva

• Restrict access to the network on 871 router via mac address

  Hello

  I have a Cisco 871 router and I am trying to allow only specific MAC addresses access to the network. Is there a way to specify that only specific MAC addresses are allowed to access? Any other MAC access will be denied?

  I can either have static IP or DHCP for local machines.

  Can I use this "secure DHCP IP address assignment" details found here... http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftdsiaa.html ?

  I use these...

  static Mac address table

  OR

  Security table of Mac addresses

  ... to achieve this?

  Thank you.

  You can use "mac-address-table static" If you know all the mac addresses that will be connected.

  If the router is by distributing ip addresses so you can indeed do secure IP DHCP address assignment.

  Note that you can make a 'mac access-list' switch and aplly in any vlan you want.

  Alternatively, you can do "dhcp snooping" allowing guests who got a dhcp ip addresses and are not identity theft.

  I hope it helps.

  PK

• Update Windows 7 pro (10 users) network January 1, 2013. Now, for more than 4 users connect an access across the network apps stop apparently. Any thoughts?

  Update Windows 7 pro (10 users) network January 1, 2013.

  Now, for more than 4 users connect an access across the network apps stop apparently.

  Any thoughts?

  Hello

  Your question is beyond the scope of these forums. Please ask your question in the following forum.

  Windows 7 networking:

  http://social.technet.Microsoft.com/forums/en-us/w7itpronetworking/threads

  Concerning

• vSwitch ESXi 5.1 workaround to virtual machines (direct access to the network)

  Hello world!

  I have a server running properly the 5.1 ESXi hypervisor and got inside the physical grid active router with DHCP. How can I configure the vSwitch on ESXi 5.1 work not managed on the network, without VLAN and have direct access to the network?

  Just to clarify, I would like to first of all virtual machines VMware Workstation works - if it is possible to run several virtual machines and define all NICS (Network Interface Card) as connected by a bridge, that is to say. Each VM gets the specific configurations of IP to the external router.

  Since now, thank you very much for the help!

  Best regards

  Eduardo

  With ESXi the vSwitches work comparable to Bridged networking, so there is really nothing special to do.

  André

• Access to the path 'C:\ProgramData\ATI\ACE\Profiles.xml' is denied.

  Original title: Hi I have a problem of AceEventlog of program data, access is denied for the CCC, I guess anyway I'll post the log.

  I've updated the drivers recently CCC 10.8 and now I have a bunch of papers in the journal of AceEvent, any help would be great. Log name: ACEEventLog
  Source: ACEEventLogSource
  Date: 2010-09-12 12:45:46
  Event ID: 0
  Task category: no
  Level: Information
  Keywords: Classic
  User: n/a
  Computer: SavannahMick-PC
  Description:
  0000000241: 2010-09-12 12:45:46:281 Exception: access to the path 'C:\ProgramData\ATI\ACE\Profiles.xml' is denied.
  Called by exception: ATI. ACE. APM. ProcessID:03780 threadID :) server. XmlDocumentSaver::SaverWorker domain name::(APM.) assemblyName (CCC.exe) Server, Version = 2.0.3867.36565, Culture = neutral, PublicKeyToken = 90ba9c70f846762e)
  ************************************************************************************************************************

  The event XML:
  http://schemas.Microsoft.com/win/2004/08/events/event">
   
     
      0
      4
      0
      0 x 80000000000000
     
      10312
      ACEEventLog
      SavannahMick-PC
     
   
   
      0000000241: 2010-09-12 12:45:46:281 Exception < save the Xml Document >: access to the path 'C:\ProgramData\ATI\ACE\Profiles.xml' is denied.
  Called by exception: ATI. ACE. APM. ProcessID:03780 threadID :) server. XmlDocumentSaver::SaverWorker domain name::(APM.) assemblyName (CCC.exe) Server, Version = 2.0.3867.36565, Culture = neutral, PublicKeyToken = 90ba9c70f846762e)
  ************************************************************************************************************************
  
   
  

  Hi SavannahMick,

  The entries refer to the drivers/files associated with the ATI. There are some useful suggestions in the forum link below. See if one of them works for you.

  Thousands of events ati2mtag 62464 s (DVD_OV UVD Information) in the system event log

  The CCC does not open after 10.8

  Catalyst Control Center (CCC.exe and MOM.exe) keep quit

  Kind regards

  Shinmila H - Microsoft Support

  Visit our Microsoft answers feedback Forum and let us know what you think.

• Control access to the network with ACS device

  Hi all!

  I currently have in place an Appliance, Cisco Secure ACS using Windows as main server authentication. Cisco Secure acts as a GANYMEDE server +. I have two groups defined in Cisco Secure: Netadmins and security ITD. Users of the Netadmins group need access to all switches and routers on the network. ITD security must only access async line 53 on a router 2611 for a band of a firewall and no other access to all network devices offline. How can I limit access to the Cisco Secure security ITD group to line 53 only?

  My current config on this router is:

  AAA new-model

  AAA authentication login netadmins group Ganymede + line

  connection ITDSEC authentication group Ganymede + line of AAA.

  RADIUS-server host 10.30.X.X

  RADIUS-server host 10.18.X.X

  key radius-server XXXXXXX

  line 53

  No exec

  authentication of the connection ITDSEC

  transport of entry all

  StopBits 1

  Speed 115200

  line vty 0 4

  exec-timeout 30 0

  login timeout 120 response

  login authentication netadmins

  but users in the ITD security can still access by vty and then reverse telnet to any asynchronous line on the router. In addition, security ITD always access any switch or router using telnet: what should be my setup on these devices? I do an ACS configuration?

  All other devices:

  AAA new-model

  AAA authentication login netadmins group Ganymede + line

  RADIUS-server host 10.30.X.X

  RADIUS-server host 10.18.X.X

  key radius-server XXXXXXX

  Line con 0

  password 7 141C015C5806

  login authentication netadmins

  line vty 0 4

  password 7 11020A 524310

  login authentication netadmins

  line vty 5 15

  password 7 11020A 524310

  login authentication netadmins

  Any help will be greatly appreciated.

  Hello

  In the security group, I would create a Restriction of access to IP network with an entry permit. Essentially to allow access to the single port on 2611 only.

  The AAA Client field is the name that you gave to the 2611 in the network config. Address will be * unless you want to restrict access to the ip or address. Port... never quite sure with async if the port value must be "async 53" or "line 53".

  If you look in the pass/fail for the nas-port attribute, you'll see what that T + sends to the ACS. This should help you know what to put in the NAR.

  Mounira

• No access to the network for machine W7 XP machine

  I tried everything I could find until now but still no access to shared folders on my Office XPsp3 for my new laptop Windows 7. I havepeut however use the printer. Also I can browse shared folders on the laptop W7 since Office XP. I tried a number of "fixes" so far but still get the:

  • \\XPmachine is not accessible. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
  • Connection failure: the user has not granted the type of logon required on this computer.
  1. I tweaked IRPStack registry at 15
  2. Turned or Simple sharing of files on the XP machine
  3. set up the correspondence of the usernames and passwords on both machines.
  4. Checked and double-checked the permissions are set for all
  5. The two machines are ysing the same workgroup name

  In my view, there are a number of people having problems with this question and that some become it solved and some are not. I am so far on of the 'are destitute. "

  The problem and the solution are on the XP computer.  Run the Configuration Wizard from the network - which is often all that is needed.  If this does not solve it:

  If the computer is running Windows XP Professional:

  1. click on Start > run , type secpol.msc in the box, and then click OK .
  2. click on local strategies .
  3. click on user rights assignment .
  4. click access this computer from the network and make sure that the everyone group is included.
  5. click deny access to this computer from the network and make sure that the everyone group is NOT included.

  If the computer is running Windows XP Home Edition, the "secpol.msc" program is not available.  To make the user required assignments of rights:

  1. download and install the Tools of the Windows 2003 Server Resource Kit .

  2. click on Start > all programs > Windows Resource Kit Tools .

  3. click on control interface .

  4. type these lines to the prompt exactly as shown (case sensitive):

  NET user guest/active: Yes
     NTRights + r SeNetworkLogonRight u comments
     NTRights - r SeDenyNetworkLogonRight u comments

  Boulder computer Maven
  Most Microsoft Valuable Professional

• Access to the network drive. Unable to drag files to USB

  I can see the files on the network drive, but when I try to drag the file to a USB drive it. He said that problem access the hard disk, but I can open the file on that...   Any ideas would be appreciated

  Hello

  1. What is the exact error message that you receive?

  2 have you tried copier\paste manually?

  I suggest copier\paste manually the files on the USB drive and check to see if the same problem happens.

  You can also check this link:

  http://Windows.Microsoft.com/en-us/Windows-Vista/enable-file-and-printer-sharing

  It will be useful.

• The user read/write register access to the network folder/drive. Some users unable to save or write to the directories.

  I have three users who have no problem with read/write & record readers records secure network access. I have two users who can read some files and save in some files, but cannot save or access certain folders even after receiving full access read/write for all files in the network drive. Help, please. The computers running Vista Ultimate and server access to Windows Server 2003. Thanks for your times * address email is removed from the privacy *.

  Problems related to access to the files on a server networked in a business environment are a produce little for Windows answers Forum.  I recommend you repost the question either in the Technet Forum to the:http://social.technet.microsoft.com/Forums/en-us/winserverfiles/threads orhttp://social.technet.microsoft.com/Forums/en-us/itprovistanetworking/threads.

  I don't know that someone there can help you.

  Good luck!

  Lorien - MCSA/MCSE/network + / has + - if this post solves your problem, please click the 'Mark as answer' or 'Useful' button at the top of this message. Marking a post as answer, or relatively useful, you help others find the answer more quickly.

• RSAC can't disable remote Firewall errors "could not access ServerName, the network name cannot be found.

  I opted for the "Restore default settings" option in the firewall while working on a client-side computer. For this reason got disabled the option "remote share' and now I can't access the machine remotely. The machine (which is not in the same network) does not monitor or keyboard attached to her and her to a different location so I can't physically connect you and activate this option.

  I tried to disable the firewall remotely, but the following command does not work.
  PsExec \\hostname u user_name password cmd.exe Pei

  It returns the following:

  Could not access ServerName

  The network name cannot be found

  Make sure you share the default admin$ is enable ServerName

  This fact has not resolved the question above.

  HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem\\\ and create or edit a REG_DWORD LocalAccountTokenFilterPolicy value and set the value to 1

  Help, please.

  Hello

  The question you posted would be better suited in the TechNet Forums. I would recommend posting your query in the TechNet Forums.
   
  TechNet Forum
  http://social.technet.Microsoft.com/forums/Windows/en-us/home?Forum=w7itpronetworking%2Cw7itprovirt&filter=AllTypes&sort=lastpostdesc

  Hope this information is useful.

• Cisco ASA 8.4 (3) remote access VPN - client connects but cannot access inside the network

  I have problems to access the resources within the network when connecting with the Cisco VPN client for a version of 8.4 (3) operation of the IOS Cisco ASA 5510. I tried all new NAT 8.4 orders but cannot access the network interior. I can see traffic in newspapers when ping. I can only assume I have NAT evil or it's because the inside interface of the ASA is on the 24th of the same subnet as the network interior? Please see config below, any suggestion would be appreciated. I configured a VPN site to another in this same 5510 and it works well

  Thank you

  interface Ethernet0/0

  Speed 100

  full duplex

  nameif outside

  security-level 0

  IP x.x.x.x 255.255.255.240

  !

  interface Ethernet0/1

  Speed 100

  full duplex

  nameif inside

  security-level 100

  IP 10.88.10.254 255.255.255.0

  !

  interface Management0/0

  Shutdown

  nameif management

  security-level 0

  no ip address

  !

  permit same-security-traffic inter-interface

  permit same-security-traffic intra-interface

  network of the PAT_to_Outside_ClassA object

  10.88.0.0 subnet 255.255.0.0

  network of the PAT_to_Outside_ClassB object

  subnet 172.16.0.0 255.240.0.0

  network of the PAT_to_Outside_ClassC object

  Subnet 192.168.0.0 255.255.240.0

  network of the LocalNetwork object

  10.88.0.0 subnet 255.255.0.0

  network of the RemoteNetwork1 object

  Subnet 192.168.0.0 255.255.0.0

  network of the RemoteNetwork2 object

  172.16.10.0 subnet 255.255.255.0

  network of the RemoteNetwork3 object

  10.86.0.0 subnet 255.255.0.0

  network of the RemoteNetwork4 object

  10.250.1.0 subnet 255.255.255.0

  network of the NatExempt object

  10.88.10.0 subnet 255.255.255.0

  the Site_to_SiteVPN1 object-group network

  object-network 192.168.4.0 255.255.254.0

  object-network 172.16.10.0 255.255.255.0

  object-network 10.0.0.0 255.0.0.0

  outside_access_in deny ip extended access list a whole

  inside_access_in of access allowed any ip an extended list

  11 extended access-list allow ip 10.250.1.0 255.255.255.0 any

  outside_1_cryptomap to access extended list ip 10.88.0.0 255.255.0.0 allow object-group Site_to_SiteVPN1

  mask 10.250.1.1 - 10.250.1.254 255.255.255.0 IP local pool Admin_Pool

  NAT static NatExempt NatExempt of the source (indoor, outdoor)

  NAT (inside, outside) static source any any static destination RemoteNetwork4 RemoteNetwork4-route search

  NAT static LocalNetwork LocalNetwork destination (indoor, outdoor) static source RemoteNetwork1 RemoteNetwork1

  NAT static LocalNetwork LocalNetwork destination (indoor, outdoor) static source RemoteNetwork2 RemoteNetwork2

  NAT static LocalNetwork LocalNetwork destination (indoor, outdoor) static source RemoteNetwork3 RemoteNetwork3

  NAT (inside, outside) static source LocalNetwork LocalNetwork static destination RemoteNetwork4 RemoteNetwork4-route search

  !

  network of the PAT_to_Outside_ClassA object

  NAT dynamic interface (indoor, outdoor)

  network of the PAT_to_Outside_ClassB object

  NAT dynamic interface (indoor, outdoor)

  network of the PAT_to_Outside_ClassC object

  NAT dynamic interface (indoor, outdoor)

  Access-group outside_access_in in interface outside

  inside_access_in access to the interface inside group

  Route outside 0.0.0.0 0.0.0.0 x.x.x.x 1

  dynamic-access-policy-registration DfltAccessPolicy

  Sysopt connection timewait

  Service resetoutside

  Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac

  Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac

  Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac

  Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac

  Crypto ipsec transform-set esp-ikev1 esp-md5-hmac bh-series

  Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac

  Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac

  Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac

  Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac

  Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac

  Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac

  Crypto-map dynamic dynmap 10 set pfs

  Crypto-map dynamic dynmap 10 set transform-set bh - set ikev1

  life together - the association of security crypto dynamic-map dynmap 10 28800 seconds

  Crypto-map dynamic dynmap 10 kilobytes of life together - the association of safety 4608000

  Crypto-map dynamic dynmap 10 the value reverse-road

  card crypto mymap 1 match address outside_1_cryptomap

  card crypto mymap 1 set counterpart x.x.x.x

  card crypto mymap 1 set transform-set ESP-AES-256-SHA ikev1

  card crypto mymap 86400 seconds, 1 lifetime of security association set

  map mymap 1 set security-association life crypto kilobytes 4608000

  map mymap 100-isakmp ipsec crypto dynamic dynmap

  mymap outside crypto map interface

  crypto isakmp identity address

  Crypto isakmp nat-traversal 30

  Crypto ikev1 allow outside

  IKEv1 crypto ipsec-over-tcp port 10000

  IKEv1 crypto policy 5

  preshared authentication

  3des encryption

  sha hash

  Group 2

  life 86400

  IKEv1 crypto policy 10

  preshared authentication

  3des encryption

  sha hash

  Group 1

  life 86400

  IKEv1 crypto policy 50

  preshared authentication

  the Encryption

  md5 hash

  Group 2

  life 86400

  IKEv1 crypto policy 60

  preshared authentication

  aes-256 encryption

  sha hash

  Group 2

  life 86400

  IKEv1 crypto policy 70

  preshared authentication

  aes-256 encryption

  sha hash

  Group 1

  life 86400

  IKEv1 crypto policy 90

  preshared authentication

  aes encryption

  sha hash

  Group 2

  life 86400

  Telnet timeout 5

  Console timeout 0

  management-access inside

  a basic threat threat detection

  Statistics-list of access threat detection

  no statistical threat detection tcp-interception

  WebVPN

  internal BACKDOORVPN group policy

  BACKDOORVPN group policy attributes

  value of VPN-filter 11

  Ikev1 VPN-tunnel-Protocol

  Split-tunnel-policy tunnelall

  BH.UK value by default-field

  type tunnel-group BACKDOORVPN remote access

  attributes global-tunnel-group BACKDOORVPN

  address pool Admin_Pool

  Group Policy - by default-BACKDOORVPN

  IPSec-attributes tunnel-group BACKDOORVPN

  IKEv1 pre-shared-key *.

  tunnel-group x.x.x.x type ipsec-l2l

  tunnel-group ipsec-attributes x.x.x.x

  IKEv1 pre-shared-key *.

  !

  class-map inspection_default

  match default-inspection-traffic

  !

  !

  type of policy-card inspect dns preset_dns_map

  parameters

  maximum message length automatic of customer

  message-length maximum 512

  Policy-map global_policy

  class inspection_default

  inspect the preset_dns_map dns

  inspect the ftp

  inspect h323 h225

  inspect the h323 ras

  inspect the rsh

  inspect the rtsp

  inspect esmtp

  inspect sqlnet

  inspect the skinny

  inspect sunrpc

  inspect xdmcp

  inspect the sip

  inspect the netbios

  inspect the tftp

  Review the ip options

  !

  global service-policy global_policy

  Excellent.

  Evaluate the useful ticket.

  Thank you

  Rizwan James