Access to the remote site

Dreamweaver CS5 on PC with Windows 7 will not access (or sign in) to my remote or the Adobe called FTP server. Dreamweaver CS4 on the same machine will be. I exported the information on the site of CS4 and imported into CS5 as well as to look at a new site in CS5 everything with no success. It's probably not a firewall for access to the site problem CS4 works very well.

> It's probably not a firewall for access to the site problem CS4 works very well.

CS4 and CS5 are two different applications and have different, right firewall rules? Have you checked the firewall?

Tags: Dreamweaver

Similar Questions

Access to the remote site VPN

Hello

I'm trying to solve a problem with the VPN, and I hope that someone could give me a helping hand.

We have 3 offices, each with an ASA 5505 like the router/firewall, connected to a cable modem

(NC Office) <----IPSEC----->(office of PA) <----IPSEC----->(TC Office)

Internally, we have a full mesh VPN, so all offices can talk to each other directly.

I have people at home, by using remote access VPN into the Office of PA, and I need them to be able to connect to two other offices there.

I was able to run for the Office of CT, but I can't seem to work for the Office of the NC. (I want to say is, users can remote access VPN in the PA Office and access resources in the offices of the PA and CT, but they can't get the Office of NC).

Someone could take a look at these 2 configs and let me know if I'm missing something? I am newer to this, so some of these configs do not have better naming conventions, but I'm getting there

PA OFFICE

Output of the command: "show run".

: Saved
:
ASA Version 8.2 (5)
!
hostname WayneASA

names of
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
IP 192.168.1.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP 70.91.18.205 255.255.255.252
!
passive FTP mode
clock timezone IS - 5
clock to summer time EDT recurring
DNS lookup field inside
DNS domain-lookup outside
DNS server-group DefaultDNS
75.75.75.75 server name
75.75.76.76 server name
domain 3gtms.com
permit same-security-traffic intra-interface
object-group Protocol TCPUDP
object-protocol udp
object-tcp protocol
inside_access_in of access allowed any ip an extended list
IPSec_Access to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.2.0 255.255.255.0
IPSec_Access to access extended list ip 192.168.10.0 allow 255.255.255.224 192.168.2.0 255.255.255.0
IPSec_Access to access extended list ip 192.168.10.0 allow 255.255.255.224 192.168.5.0 255.255.255.0
inside_nat0 to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.10.0 255.255.255.224
inside_nat0 to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.2.0 255.255.255.0
inside_nat0 to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.5.0 255.255.255.0
TunnelSplit1 list standard access allowed 192.168.10.0 255.255.255.224
TunnelSplit1 list standard access allowed 192.168.1.0 255.255.255.0
outside_1_cryptomap to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.2.0 255.255.255.0
outside_2_cryptomap to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.5.0 255.255.255.0
outside_cryptomap to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.5.0 255.255.255.0
RemoteTunnel_splitTunnelAcl list standard access allowed 192.168.1.0 255.255.255.0
RemoteTunnel_splitTunnelAcl_1 list standard access allowed 192.168.1.0 255.255.255.0
RemoteTunnel_splitTunnelAcl_1 list standard access allowed 192.168.2.0 255.255.255.0
RemoteTunnel_splitTunnelAcl_1 list standard access allowed 192.168.5.0 255.255.255.0
out_access_in list extended access udp allowed any SIP host 70.91.18.205 EQ
out_access_in list extended access permit tcp any host 70.91.18.205 eq 5000
out_access_in list extended access permits any udp host 70.91.18.205 range 9000-9049
out_access_in list extended access permit tcp any host 70.91.18.205 EQ SIP
out_access_in list extended access allowed object-group TCPUDP any host 70.91.18.205 eq 5090
out_access_in list extended access permit udp any host 70.91.18.205 eq 5000
Note to outside-nat0 access-list NAT0 for VPNPool to Remote Sites
outside-nat0 extended ip 192.168.10.0 access list allow 255.255.255.224 192.168.2.0 255.255.255.0
outside-nat0 extended ip 192.168.10.0 access list allow 255.255.255.224 192.168.5.0 255.255.255.0
pager lines 24
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
IP mask 255.255.255.224 local pool VPNPool 192.168.10.1 - 192.168.10.30
no failover
ICMP unreachable rate-limit 1 burst-size 1
don't allow no asdm history
ARP timeout 14400
Global 1 interface (outside)
NAT (inside) 0-list of access inside_nat0
NAT (inside) 1 0.0.0.0 0.0.0.0
NAT (outside) 0-list of access outside-nat0
inside_access_in access to the interface inside group
Access-group out_access_in in interface outside
Route outside 0.0.0.0 0.0.0.0 70.91.18.206 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
the ssh LOCAL console AAA authentication
Enable http server
http 0.0.0.0 0.0.0.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set esp-3des esp-md5-hmac VPNTransformSet
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 pfs Group1 set
Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
card crypto IPSec_map 1 corresponds to the address IPSec_Access
card crypto IPSec_map 1 set peer 50.199.234.229
card crypto IPSec_map 1 the transform-set VPNTransformSet value
card crypto IPSec_map 2 corresponds to the address outside_2_cryptomap
card crypto IPSec_map 2 set pfs Group1
card crypto IPSec_map 2 set peer 98.101.139.210
card crypto IPSec_map 2 the transform-set VPNTransformSet value
card crypto IPSec_map 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
IPSec_map interface card crypto outside
card crypto outside_map 1 match address outside_1_cryptomap
peer set card crypto outside_map 1 50.199.234.229
crypto ISAKMP allow outside
crypto ISAKMP policy 1
preshared authentication
3des encryption
sha hash
Group 2
life 43200
Telnet 192.168.1.0 255.255.255.0 inside
Telnet timeout 5
SSH 0.0.0.0 0.0.0.0 inside
SSH timeout 60
Console timeout 0
management-access inside
dhcpd outside auto_config
!
dhcpd address 192.168.1.100 - 192.168.1.199 inside
dhcpd dns 75.75.75.75 75.75.76.76 interface inside
dhcpd allow inside
!

a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
WebVPN
internal RemoteTunnel group strategy
attributes of Group Policy RemoteTunnel
value of server DNS 75.75.75.75 75.75.76.76
Protocol-tunnel-VPN IPSec
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list RemoteTunnel_splitTunnelAcl_1
dfavier vUA99P1dT3fvnDZy encrypted password username
username dfavier attributes
type of remote access service
rduske vu0Zdx0n3oZWFSaX encrypted password username
username rduske attributes
type of remote access service
eric 0vcSd5J/TLsFy7nU password user name encrypted privilege 15
lestofts URsSXKLozQMSeCBk username encrypted password
username lestofts attributes
type of remote access service
jpwiggins 3WyoRxmI6LZjGHZE encrypted password username
username jpwiggins attributes
type of remote access service
tomleonard cQXk0RJCBtxyzZ4K encrypted password username
username tomleonard attributes
type of remote access service
algobel 4AjIefFXCbu7.T9v encrypted password username
username algobel attributes
type of remote access service
type tunnel-group RemoteTunnel remote access
attributes global-tunnel-group RemoteTunnel
address pool VPNPool
Group Policy - by default-RemoteTunnel
IPSec-attributes tunnel-group RemoteTunnel
pre-shared key *.
tunnel-group 50.199.234.229 type ipsec-l2l
IPSec-attributes tunnel-group 50.199.234.229
pre-shared key *.
tunnel-group 98.101.139.210 type ipsec-l2l
IPSec-attributes tunnel-group 98.101.139.210
pre-shared key *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
inspect the icmp
inspect the pptp
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:6d1ffe8d570d467e1ea6fd60e9457ba1
: end

CT OFFICE

Output of the command: "show run".

: Saved
:
ASA Version 8.2 (5)
!
hostname RaleighASA
activate the encrypted password of Ml95GJgphVRqpdJ7
2KFQnbNIdI.2KYOU encrypted passwd
names of
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
192.168.5.1 IP address 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP 98.101.139.210 255.0.0.0
!
passive FTP mode
clock timezone IS - 5
clock to summer time EDT recurring
DNS lookup field inside
DNS server-group DefaultDNS
Server name 24.25.5.60
Server name 24.25.5.61
permit same-security-traffic intra-interface
object-group Protocol TCPUDP
object-protocol udp
object-tcp protocol
Wayne_Access to access extended list ip 192.168.5.0 allow 255.255.255.0 192.168.1.0 255.255.255.0
Wayne_Access to access extended list ip 192.168.5.0 allow 255.255.255.0 192.168.10.0 255.255.255.0
Shelton_Access to access extended list ip 192.168.5.0 allow 255.255.255.0 192.168.2.0 255.255.255.0
out_access_in list extended access permit tcp any host 98.101.139.210 eq www
out_access_in list extended access permit tcp any host 98.101.139.210 eq ftp
out_access_in list extended access permit udp any host 98.101.139.210 eq tftp
out_access_in list extended access udp allowed any SIP host 98.101.139.210 EQ
out_access_in list extended access permit tcp any host 98.101.139.210 eq 5090
out_access_in list extended access permit tcp any host 98.101.139.210 eq 2001
out_access_in list extended access permit tcp any host 98.101.139.210 eq 5080
out_access_in list extended access permit tcp any host 98.101.139.210 eq ssh
out_access_in list extended access permit tcp any host 98.101.139.210 eq 81
out_access_in list extended access permit tcp any host 98.101.139.210 eq 56774
out_access_in list extended access permit tcp any host 98.101.139.210 eq 5000
out_access_in list extended access permit tcp any host 98.101.139.210 eq 902
out_access_in list extended access permit tcp any host 98.101.139.210 eq netbios-ssn
out_access_in list extended access permit tcp any host 98.101.139.210 eq 445
out_access_in list extended access permit tcp any host 98.101.139.210 eq https
out_access_in list extended access allowed object-group TCPUDP any host 98.101.139.210 eq 3389
out_access_in list extended access allowed object-group TCPUDP range guest 98.101.139.210 5480 5487
out_access_in list extended access permits any udp host 98.101.139.210 range 9000-9050
inside_nat0 to access extended list ip 192.168.5.0 allow 255.255.255.0 192.168.1.0 255.255.255.0
inside_nat0 to access extended list ip 192.168.5.0 allow 255.255.255.0 192.168.2.0 255.255.255.0
inside_nat0 to access extended list ip 192.168.5.0 allow 255.255.255.0 192.168.10.0 255.255.255.0
pager lines 24
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
ICMP unreachable rate-limit 1 burst-size 1
don't allow no asdm history
ARP timeout 14400
Global 1 interface (outside)
NAT (inside) 0-list of access inside_nat0
NAT (inside) 1 0.0.0.0 0.0.0.0

Access-group out_access_in in interface outside
Route outside 0.0.0.0 0.0.0.0 98.101.139.209 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
the ssh LOCAL console AAA authentication
Enable http server
http 0.0.0.0 0.0.0.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set esp-3des esp-md5-hmac WayneTransform
Crypto ipsec transform-set esp-3des esp-md5-hmac SheltonTransform
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
card crypto IPSec_map 1 corresponds to the address Wayne_Access
card crypto IPSec_map 1 set pfs Group1
card crypto IPSec_map 1 set peer 70.91.18.205
card crypto IPSec_map 1 the transform-set WayneTransform value
card crypto IPSec_map 2 corresponds to the address Shelton_Access
card crypto IPSec_map 2 set pfs Group1
card crypto IPSec_map 2 set peer 50.199.234.229
card crypto IPSec_map 2 the transform-set SheltonTransform value
IPSec_map interface card crypto outside
crypto ISAKMP allow outside
crypto ISAKMP policy 1
preshared authentication
3des encryption
sha hash
Group 2
life 43200
Telnet timeout 5
SSH 0.0.0.0 0.0.0.0 inside
SSH timeout 5
Console timeout 0
management-access inside
dhcpd outside auto_config
!
dhcpd address 192.168.5.100 - 192.168.5.199 inside
dhcpd dns 24.25.5.60 24.25.5.61 interface inside
dhcpd allow inside
!

a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
WebVPN
eric 0vcSd5J/TLsFy7nU password user name encrypted privilege 15
tunnel-group 50.199.234.229 type ipsec-l2l
IPSec-attributes tunnel-group 50.199.234.229
pre-shared key *.
tunnel-group 70.91.18.205 type ipsec-l2l
IPSec-attributes tunnel-group 70.91.18.205
pre-shared key *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
inspect the icmp
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:3d770ba9647ffdc22b3637e1e5b9a955
: end

Hello

I might have found the problem.

To be honest, I'm a little tired and concentration is difficult, especially when access between multiple device configurations. So second pair of eyes is perhaps in order.

At the moment it seems to me that this configuration is the problem on the SITE of PA

IPSec_Access to access extended list ip 192.168.10.0 allow 255.255.255.224 192.168.5.0 255.255.255.0

This is an ACL that defines networks the and remote for a connection VPN L2L.

Now, when we look at what connection VPN L2L this belong we see the following

card crypto IPSec_map 1 corresponds to the address IPSec_Access

card crypto IPSec_map 1 set peer 50.199.234.229

card crypto IPSec_map 1 the transform-set VPNTransformSet value

Now, we see that the peer IP address is 50.199.234.229. Is what site this? The IP address of the CT Site that works correctly?

Now what that said the ACL line I mentioned more early basically is that when the 192.168.10.0 network 255.255.255.224 wants to connect to the network 192.168.5.0/24 should be sent to the CT Site. And of course, this should not be the case as we want traffic to go on the NC Site

Also worth noting is that on the SITE of the above connection is configured with the '1' priority so it gets first compared a connection. If the VPN L2L configurations were in different order then the VPN Client connection can actually work. But it's just something that I wanted to point out. The actual resolution of the problem, of course, is to detach the configuration which is the cause of the real problem in which ASA attempts to route traffic to a completely wrong place.

So can you remove this line ACL of the ASA of PA

No IPSec_Access access list extended ip 192.168.10.0 allow 255.255.255.224 192.168.5.0 255.255.255.0

Then, test the VPN Client connection NC SITE again.

Hope that this will finally be the solution

-Jouni

Filtering of VPN and local access to the remote site

Hello

I set up vpn, filtering on all my VPN l2l. I have limited access to remote resources at the local level to the specified ports. It works perfectly.

But I want to have as full access from local to remote networks (but still retain the remote access to the local level). VPN filter now works as I have two-way with a simple ACL. So is it possible to open all the traffic from the local to remote and all by limiting the remote to the local traffic?

ASA 5520 8.4 (3)

Thanks in advance

Tomasz Mowinski

Hello

Well let's say you have a filtering ACL rule when you allow http local network traffic to the remote host

LAN: 10.10.10.0/24

remote host: 192.168.10.10/32

The filter ACL rule is the following:

FILTER-ACL access-list permit tcp host 192.168.10.10 eq 80 10.10.10.0 255.255.255.0

I think that this ACL rule would mean also that until the remote host has been using source port TCP/80, it may access any port on any host tcp in your local network as long as it uses the source TCP/80 port.

I guess you could add a few ranges of ports or even service groups of objects to the ACL rules so that not all well-known ports would be accessible on the LAN. But I guess that could complicate the configurations.

We are usually management customer and completely different in ASA L2L VPN that allows us to all traffic on another filtering device and do not work in this kind of problems. But of course there are some of the situations/networks where this is not only possible and it is not a feasible option for some because of the costs of having an ASA extra.

Please indicate if you have found any useful information

-Jouni

Traffic redirect Internet from the remote site on the main site using the tunel of vpn ipsec

Hi all

I have a problem to redirect internet traffic from my remote to the main site by the IPSEC VPN tunnel. The remote site is a Cisco 2801 router with ios (c2800nm-advipservicesk9 - mz.124 - 22.T) and the remote site has ios (C870-ADVSECURITYK9-M, Version 12.4 (15) T12, fc3 SOFTWARE VERSION). This redirect does not work and the last jump with extended traceroute form the remote site is the ip wan of the main site.

Is there someone who can help me with the right settings this redirection via VPN?

the remote site config file:

/ * Style definitions * / table. MsoNormalTable {mso-style-name : « Tableau Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;}

crypto ISAKMP policy 8

BA 3des

md5 hash

preshared authentication

ISAKMP crypto key dgsn2010 address 41.223.X.X

!

!

Crypto ipsec transform-set esp-3des vpn

!

vpndgsn 10 ipsec-isakmp crypto map

Description at HQ

set of peer 41.223.X.X

Set transform-set vpn

match address VPNHQ

!

interface FastEthernet0

IP 41.223.X.X 255.255.255.0

NAT outside IP

IP virtual-reassembly

IP tcp adjust-mss 1300

automatic duplex

automatic speed

vpndgsn card crypto

!

interface FastEthernet 4

192.168.11.1 IP address 255.255.255.0

IP nat inside

no ip virtual-reassembly

!

IP route 0.0.0.0 0.0.0.0 41.223.X.X

VPNHQ extended IP access list

ip licensing 192.168.11.0 0.0.0.255 any

!

the main site config file:

/ * Style definitions * / table. MsoNormalTable {mso-style-name : « Tableau Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ;}

crypto ISAKMP policy 10

BA 3des

md5 hash

preshared authentication

ISAKMP crypto key dgsn2010 address 41.223.X.X

!

!

Crypto ipsec transform-set esp-3des vpn

!

vpncreo 10 ipsec-isakmp crypto map

Description FOR bastos

set of peer 41.205.X.X

Set transform-set vpn

match address 110

!

interface FastEthernet0/0

Description OF WAN

IP 41.223.X.X 255.255.255.240

NAT outside IP

IP tcp adjust-mss 1492

vpncreo card crypto

!

interface FastEthernet0/1

Description OF LAN

IP 192.168.10.1 255.255.255.0

IP nat inside

automatic duplex

automatic speed

!

overload of IP nat inside source list NAT interface FastEthernet0/0

IP route 0.0.0.0 0.0.0.0 41.223.31.241

access-list 110 permit ip any 192.168.11.0 0.0.0.255

NAT extended IP access list

deny ip 192.168.10.0 0.0.0.255 192.168.11.0 0.0.0.255 any

permit ip 192.168.10.0 0.0.0.255 any

ip licensing 192.168.11.0 0.0.0.255 any

!

You must configure the routing policy based closure for NAT can be invoked on the main site.

Here is an example configuration for your reference:

http://www.Cisco.com/en/us/products/sw/secursw/ps2308/products_configuration_example09186a008073b06b.shtml

Additionally, make sure that you don't do any NATing at your remote end, IE: you must configure the NAT exemption for all traffic from 192.168.11.0/24 to any (Internet).

Hope that helps.

Internet access and VPN remote site?

Hi all!

I have a remote site who want to use their own internet connection to access the internet. Just at that moment that I use their router gateway to send all their data on an IPSec tunnel to us (Cisco 831) it connects to a headquarters at 2600. is it possible to have a slot on the remote site, so that surfers IP packets are sent directly to the internet and IP private to the IPSec VPN?

I have to get more / different HW or a simple change in config?

I checked Cisco.com but just GRE tunnels where both the tunnel AND out of the interface have the Crypto Card...

Hello

You can restore the mode of connectivity with the outside world?

Also can you confirm if you use any device behind the router coz your LAN network is configured to only 2 usable/configurable ips belonging to 30 mask...

with this configuration a little you must enable natting who will do the trick for you...

just include commands in your config below...

interface Ethernet0/0

NAT outside IP

!

interface Ethernet0/1

IP nat inside

!

IP nat inside source list 1 interface ethernet 0/0 overload

!

access-list 1 permit 172.16.222.44 0.0.0.3

regds

ORA-19846: cannot read the header of the data file of the remote site 21

Hello
I have a situation or I can say a scenario. It is purely for testing base. Database is on 12.1.0.1 on a Linux box using ASM (OMF).
Standby is created on another machine with the same platform and who also uses ASM (OMF) and is in phase with the primary. Now, suppose I have create a PDB file on the primary of the SEED and it is created successfully.
After that is a couple of log, do it again passes to the waiting, but MRP fails because of naming conventions. Agree with that! Now, on the primary, I remove the newly created PDB (coward the PDB newly created). Once again a couple of switches of newspapers which is passed on to the wait. Of course, the wait is always out of sync.
Now, how to get back my watch in sync with the primary? I can't roll method until the required data (new PDB) file does not exist on the main site as well. I get the following error:

RMAN > recover database service prim noredo using backupset compressed;

To go back to November 8, 15

using the control file of the target instead of recovery catalog database

allocated channel: ORA_DISK_1

channel ORA_DISK_1: SID = 70 = device = DISK stby type instance

RMAN-00571: ===========================================================

RMAN-00569: = ERROR MESSAGE STACK FOLLOWS =.

RMAN-00571: ===========================================================

RMAN-03002: failure of the command recover at the 18:55:32 08/11/2015

ORA-19846: cannot read the header of the data file of the remote site 21

The clues on how to I go ahead? Of course, recreating the eve is an option as its only based on test, but I don't want recreation.
Thank you.

I tried like below:

1 a incremental backup of the primary of the CNS where off the eve also taken primary backup controlfile as Eve format.

2 copy the backup of the watch parts, catalogged them on the day before.

3 recovered Eve with noredo option - it fails here with the same error pointing to the 21 data file.

OK, understood. Try not to get back the day before first, rather than restore the controlfile and then perform the restoration.

Make it like:

1. take incremental backup of primary SNA, also ensures the backup controlfile format.

2. copy pending, get the location of the data file (names) by querying v$ datafile on the eve. Restore the controlfile ensures from the backup controlfile you took on primary and mount.

3. Since you are using OMF, the path of primary and standby data file will be different. (/). If you require catalog data from the database files pending.

(Reason: you restore controlfile from elementary to step 2, which takes place from the main access road). Use the details that you obtained in step 2 and catalog them.

4. turn the database copy by RMAN. (RMAN > switch database to copy ;))

5 Catalog backup items that you copied in step 2.

6. recover the standby database using 'noredo' option.

7. finally start the MRP. This should solve your problem.

The reason I say this works is because here, you restore the controlfile to primary first, which will not have details 21, datafile, and then you are recovering. So it must succeed.

In the previous method, you tried to first collect all the day before, and then restore the controlfile. While remedial classes, always watch seeks datafile 21 as he controlfile is not yet updated.

HTH

-Jonathan Rolland

Adobe flash player 11.0 blocks access to the Web site home pages

Why is Adobe flash player 11.0, allowed to block access to the Web site home pages, until their trash is installed? They should be prosecuted for punishment of the loss of time by Internet users, who spend countless hours trying to fix their garbage, which takes control of the web and blocks PCs access to their program settings, unless it is done according to their specific updates. N ' ILS OWN INTERNET and everything on it, or what?

Are you sure he blocked it, or the web page requires Flash Player to see this?

Most web pages require an element of Adobe Flash Player.

First of all, try to enable Active Scripting in the areas of Sites Internet Options, security settings, trust.

You should also add a corrupted on.

Click Start, type: Internet Options

Press enter

Select the "Advanced" tab

Under reset Internet Explorer settings, click "reset".

This should restore the Internet Explorer default settings.

Then reinstall Flash Player

http://get.Adobe.com/flashplayer/

----------

Flash Player

Troubleshoot installation of Flash Player for Windows

http://kb2.Adobe.com/CPS/191/tn_19166.html

Troubleshooting player stability and performance

http://blogs.Adobe.com/JD/2010/02/troubleshooting_player_stabili.html

Uninstaller

http://kb2.Adobe.com/CPS/141/tn_14157.html

Flash Player Support Forum

http://forums.Adobe.com/community/webplayers/flash_player

Why can't I preview the changes before putting them live on the remote site in a browser?

Help, please! I have inherited a website for editing and can't seem to get a preview of my changes without them going to live first. When I click on 'Live', the program hangs and I have to reopen. When I click on 'Preview in browser' he asks me to save the file or not and puts them on the remote site as well. I'm not particularly web savvy and learn on the way. I use CS6 on a Macbook OS X Yosemite.

Your test server (Mamp) works? If this isn't the case, you must start it.

Nancy O.

Site Web is updated online, but seem to update the remote site pane?

I use Dreamweaver 8.
I am updating a website I have created initially. I did this summer with success, until I did a major synchronization in order to cleanse the body of some really old files and make the site easier to manage for everyone. Sync seems fine, but got it wrong in the end and ended up with the 'old' mainwebsite file and a mainwebsite file 'new '. I then synced and it deleted the 'old' main site file (which is what I wanted to do).
Now, when I do updates and put them on the remote site... they do not appear online. Update the side "remote" site of the box of files.
I tried to remove the site and then re - get the whole thing as if I've ever been in, but it is not yet published on the web.
When I "re-" the site, he came with the old main site file, so I'm not sure what the field is SEO. The old site file could be hiding somewhere on the FTP?
Any ideas I could try?
Sorry if I don't am not worded this correctly, I am new to Dreamweaver and use this site to learn the basics. Thanks in advance!

You need to be sure the site definitions are contained properly, if we're wrong, local or remote, you will have problems that you have.

http://TV.Adobe.com/#VI+f1592v1760 Watch this video for a better explanation I can give.

Brad Lawryk
Adobe, Dreamweaver community expert
Northern British Columbia Adobe User Group, Adobe user group manager

How to check if the link exists in the remote site
Hi all:

Guys please can you me if there is a way I can check if the link exists in the remote site? for example

< cfif hyper link to www.mysite.com exists in www.remotesite.com >
good... We will continue
< cfelse >
Please add link to www.mysite.com before continuing
< / cfif >

Is this possible... you have to use the spider? If yes how?

Thanks guys,.
A

to develop the excellent suggestion of tclaremont:

You can use refindnocase() to search the returned by cfhttp filecontent
call us at:

http://www.yourwebsite.com">
method http://www.VisitorsPage' = 'GET' result = 'Foobar '.
ResolveUrl = "yes" getasbinary = "auto" >
<>
foobar. StatusCode is "200 OK" >
] * href [^ >] *' & replace (myurl, '. ',' \.',)
'all') & '[^>]*>(.*?) <\>', Foobar.filecontent) >
link

no link...

... connection error or the web page you requested does not exist...

of course, if the www.VisitorsPage site is sneaky and has the link to
your site code page, but hide it with css/javascript, it's going to
be difficult to discover using regexp... better just go and watch their
Web site...

Azadi Saryev
SABAI - Dee.com
http://www.SABAI-Dee.com/

PIX - ASA, allow RA VPN clients to access servers at remote sites

I got L2L tunnels set up for a couple of remote sites (PIX) for several months now. We have a VPN concentrator, which will go EOL soon, so I'm working on moving our existing customers of RA our ASA. I have a problem, allowing RA clients access to a server to one of our remote sites. PIX and ASA (main site) relevant config is shown below. The error I get on the remote PIX when you try a ping on the VPN client is:

Group = 204.14. *. *, IP = 204.14. *. * cheque card static Crypto Card = outside_map, seq = 40, ACL does not proxy IDs src:172.16.200.0 dst: 172.16.26.0

The config:

Hand ASA config

access extensive list ip 172.16.0.0 inside_nat0_outbound allow 255.255.255.0 172.16.26.0 255.255.255.0

access extensive list ip 172.16.1.0 inside_nat0_outbound allow 255.255.255.0 172.16.26.0 255.255.255.0

access extensive list ip 172.16.22.0 inside_nat0_outbound allow 255.255.255.0 172.16.26.0 255.255.255.0

access extensive list ip 172.16.200.0 inside_nat0_outbound allow 255.255.255.0 172.16.26.0 255.255.255.0

access extensive list ip 172.16.0.0 inside_nat0_outbound allow 255.255.255.0 172.16.200.0 255.255.255.0

access extensive list ip 172.16.0.0 outside_cryptomap_60 allow 255.255.255.0 172.16.26.0 255.255.255.0

access extensive list ip 172.16.1.0 outside_cryptomap_60 allow 255.255.255.0 172.16.26.0 255.255.255.0

access extensive list ip 172.16.22.0 outside_cryptomap_60 allow 255.255.255.0 172.16.26.0 255.255.255.0

access extensive list ip 172.16.200.0 outside_cryptomap_60 allow 255.255.255.0 172.16.26.0 255.255.255.0

card crypto outside_map 60 match address outside_cryptomap_60

outside_map 60 set crypto map peer 24.97. *. *

card crypto outside_map 60 the transform-set ESP-3DES-MD5 value

map outside_map 65535-isakmp ipsec crypto dynamic outside_dyn_map

outside_map interface card crypto outside

=========================================

Remote config PIX

access extensive list ip 172.16.26.0 inside_nat0_outbound allow 255.255.255.0 172.16.0.0 255.255.255.0

access extensive list ip 172.16.26.0 inside_nat0_outbound allow 255.255.255.0 172.16.1.0 255.255.255.0

access extensive list ip 172.16.26.0 inside_nat0_outbound allow 255.255.255.0 172.16.22.0 255.255.255.0

access extensive list ip 172.16.26.0 inside_nat0_outbound allow 255.255.255.0 172.16.200.0 255.255.255.0

access extensive list ip 172.16.26.0 outside_cryptomap_60 allow 255.255.255.0 172.16.0.0 255.255.255.0

access extensive list ip 172.16.26.0 outside_cryptomap_60 allow 255.255.255.0 172.16.1.0 255.255.255.0

access extensive list ip 172.16.26.0 outside_cryptomap_60 allow 255.255.255.0 172.16.22.0 255.255.255.0

access extensive list ip 172.16.26.0 outside_cryptomap_60 allow 255.255.255.0 172.16.200.0 255.255.255.0

card crypto outside_map 60 match address outside_cryptomap_60

peer set card crypto outside_map 60 204.14. *. *

card crypto outside_map 60 the transform-set ESP-3DES-MD5 value

outside_map interface card crypto outside

EDIT: Guess, I might add, remote site is 172.16.26.0/24 VLAN VPN is 172.16.200.0/24...

What you want to do is 'tunnelall', which is not split tunneling. This will still allow customers to join the main and remote site, but not allow them to access internet... unless you have expressly authorized to make a 'nat (outside)"or something. Your journey on the client will be, Secured route 0.0.0.0 0.0.0.0

attributes of group policy

Split-tunnel-policy tunnelall

Who is your current config, I don't see where the acl of walton is attributed to what to split tunnel?

Access even if remote site 2 site VPN

Hello

I'm under VPN between two sites using 2 ASA 5505.

Also, I want that RA - VPN which is accommodated in the two ASA.

My need is to remove one of access VPN - RA and keep only one, but must be able to reach the second site.

I did a split with two LANs tunnel. But I still not able to get the directions in my computer when I connect to the RA - VPN.

Is this possible? And how?

A few things that should be configured to access remote access vpn remote vpn site to site LAN:

(1) on cryptography from site to site tunnel ACL, it must include the subnet remote vpn client ip pool as follows:

On the SAA ending the vpn client: ip allow

On the ASA distance that ends the tunnel from site to site: ip allow

(2) on the SAA ending the vpn client: same-security-traffic permit intra interface

(3) on the ASA distance that ends the tunnel from site to site: NAT ACL exemption must include the Remote LAN traffic to the subnet IP Pool.

In addition, ACL split tunnel which includes two subnets which I believe you already configured.

Hope that helps.

access to a remote site even tunnel pix

I have a 515 running ASDM 5.2 and have configured remote access VPN. That works fine, but when you try to add a site to the other tunnel it seems my crypto card is crushed for my remote VPN configuration, and the configuration of remote access stops working. I guess you can have remote access and tunnels running on the same PIX, but know that you can have only a single encryption card assigned to an interface. Is there a good note on the configuration of the two to run at the same time, or is this edition of this single card encryption from the command line and with the IPSec policy for the tunnel? Here are some of my config that relates to the config for my configuration of remote access vpn

Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac

Dynamic crypto map outside_dyn_map 20 match address outside_cryptomap_dyn_20

Crypto-map dynamic outside_dyn_map 20 the value transform-set ESP-AES-256-SHA ESP-AES-128-SHA ESP-AES-128-MD5 ESP-3DES-SHA ESP-3DES-MD5

map outside_map 65535-isakmp ipsec crypto dynamic outside_dyn_map

outside_map interface card crypto outside

crypto isakmp identity address

crypto ISAKMP allow outside

crypto ISAKMP policy 20

preshared authentication

aes-256 encryption

sha hash

Group 2

life 86400

Crypto isakmp nat-traversal 20

crypto ISAKMP ipsec-over-tcp port 10000

Thank you

Bill

Bill

Yes, you can configure the vpn and site to site access to the customer on the same pix, have a look here:

http://www.Cisco.com/en/us/products/HW/vpndevc/ps2030/products_configuration_example09186a008046f307.shtml

Let me know if you need help and or explanation and please rate poster if it helps.

Jay

. Audio OGA works very well with local files, is to play at the remote site.

I created a mini-site. It works well when I test it on my computer using local files, but the sound does play with it is downloaded on my remote site.
The problem occurs on multiple computers, with several versions of Firefox, on Windows 7 and OSX Snow Leopard.

Your server sends the correct MIME information in the Content-Type header? See this link for more information: https://developer.mozilla.org/en/Configuring_servers_for_Ogg_media

What are the limitations of access to the remote system?

I've got a PXI-1042 remote controller 8108 and 5112, 6723 & 8420 PXI. I can see all the devices remotely from my laptop to the MAX 4.4 (under NIVisaServer). My problem is that I don't know if I can use all of these cards remotely?

I am programming in C++ of MS using VISA & DAQmx libraries and have been able to use the serial ports of the 8420 distance without any problem. But the programming remotely 6723 poses a greater challenge. On previous projects (not involving remote systems) I simply defined virtual world channels in NOR-MAX and DAQmx... used library calls to control. But I'm not able to access the Global virtual channels on the remote system and I can't create anything on my laptop that connect la carte 6723.

Also, I can't run OR-SCOPE Soft Front Panel on my laptop because it is impossible to find the 5112 digitizer.

Is it possible to have full access and the capacity for remote 5112 & 6723 card?

Ken

You are able to view the various devices on the network to the MAX, but unfortunately you can not create glodbal virtual channels or use the functionality of these cards. The best way to use these cards on the network is to use the remote façade (in LabVIEW only), Remote Desktop, etc. I have included some useful links to get more information.

Display of an Application or a front panel remote using LabVIEW

http://zone.NI.com/reference/en-XX/help/371361B-01/lvhowto/viewfrntpnlrmtlyusnglv/

Do the NI 5102, NI 5112, and NI 5911 Oscilloscope cards support remote device access (RDA)?

http://digital.NI.com/public.nsf/allkb/8AC1067C0944FACD8625697A005B92C8

What is device Remote Access (RDA) and where is the server?

http://digital.NI.com/public.nsf/allkb/5CC9792C6CD4A34C862565BC0072D5DF

Access to the remote site

Similar Questions

Maybe you are looking for