Administration of public hub via HTTPS

Hello

Before SSL - VPN, we could set up a hub which would be administered through the public IP over HTTPS and use filters to block access to a specific range of IP addresses of this port.

When SSL - VPN is configured to a hub, access HTTP and HTTPS are allowed in all areas - and present the WebVPN interface. However, it is not possible to navigate to admin.html on this interface, in order to perform administration. Is this normal?

If so, then there a number of options

(a) administer the concentrtator through the address IP private when connected via remote access VPN - no use if the remote VPN access does not work for some reason any

(b) to set different ports for the interfaces of administration and SSL - VPN - is that possible and if so, how?

(c) provide access to admin.html through the public interface - is it possible and if so, how?

Suggestions/advice on this would be much appreciated.

Kind regards

Matt

Check this document,

http://www.Cisco.com/univercd/CC/TD/doc/product/VPN/vpn3000/4_1/config/webvpnap.htm#1002774

Tags: Cisco Security

Similar Questions

  • The administration server is not reachable from the node target via HTTP (S)

    Hi all

    I tried add Host in Oracle 12 c. I previously added Linux host OS, but I couldn't add OS AIX in 12 c. I did the auto update for Agent of AIX. You can find my OS and DB info on below.

    Server Oracle 12 c - OS is SunOS 5.10
    Client host Oracle 11.2.0.1.0 - OS is AIX

    During the installation, I got this error message "the administration server is not reachable from the node target via HTTP (S). In topology, we do not use any firewall... As I said I've added Linux and SunOS but AIX does not...

    How can I solve that?

    B.R

    You already mentioned the metalink note? Otherwise please see note

    EM 12: Agent deployment fails with error "the administration server can be reached from the node target via HTTP (S)" [1393450.1 ID]

    Kind regards
    http://www.oracleracexpert.com
    Remove the grid or the repository targets control agents
    http://www.oracleracexpert.com/2010/06/remove-grid-control-agents-or-targets.html
    Tablespace transportable export and import on the same Endian platforms
    http://www.oracleracexpert.com/2009/08/transportable-tablespace-export-import.html

  • Phone book access via HTTP/s C60

    Hello world

    I have set up a phonepook through TMS (manual list) and provide this to several endpoints.

    Then I've linked to the HTTPS endpoint, but I do not see the telephone directory.

    is it possible to see the Yearbook of the C series via http?

    Thank you

    Stefan

    The question is in IIS.

    On the TMS server, open IIS and expand the default Web page, then the MST file, and then follow these steps:

    I guess it's an iis 7.5 and Windows 2008 server

    Click the Public folder

    Click on authentication

    Disable Windows authentication

    Disable Basic authentication

    Enable anonymous authentication

    Try to get new directory.,.

    My guess is it does not work for the MXP either because MXP is caching the entires so what you see is updated information in cache...

    / Magnus

  • To access the PIX501 via HTTP

    I'm a little confused right now. I'm trying to config PIX501 accessmy & PDM via HTTP, but it's not working. Please see my config below. Thank you!

    6.3 (3) version PIX

    interface ethernet0 car

    interface ethernet1 100full

    ethernet0 nameif outside security0

    nameif ethernet1 inside the security100

    activate the password >

    passwd >

    fixup protocol dns-length maximum 512

    fixup protocol ftp 21

    fixup protocol h323 h225 1720

    fixup protocol h323 ras 1718-1719

    fixup protocol http 80

    fixup protocol rsh 514

    fixup protocol rtsp 554

    fixup protocol sip 5060

    fixup protocol sip udp 5060

    fixup protocol 2000 skinny

    fixup protocol smtp 25

    fixup protocol sqlnet 1521

    fixup protocol tftp 69

    names of

    pager lines 24

    debug logging in buffered memory

    Outside 1500 MTU

    Within 1500 MTU

    IP address outside dhcp setroute

    IP address inside 10.29.18.1 255.255.255.248

    alarm action IP verification of information

    alarm action attack IP audit

    location of PDM 10.29.18.0 255.255.255.248 inside

    PDM 100 debug logging

    history of PDM activate

    ARP timeout 14400

    Global 1 interface (outside)

    NAT (inside) 1 0.0.0.0 0.0.0.0 0 0

    Access-group outside-outside interface

    Route inside 10.128.40.0 255.255.255.240 10.29.18.2 1

    Timeout xlate 0:05:00

    Timeout conn 01:00 half-closed 0:10:00 udp 0: CPP 02:00 0:10:00 01:00 h225

    H323 timeout 0:05:00 mgcp 0: sip from 05:00 0:30:00 sip_media 0:02:00

    Timeout, uauth 0:05:00 absolute

    GANYMEDE + Protocol Ganymede + AAA-server

    RADIUS Protocol RADIUS AAA server

    AAA-server local LOCAL Protocol

    Enable http server

    http 10.29.18.0 255.255.255.248 inside

    No snmp server location

    No snmp Server contact

    SNMP-Server Community public

    No trap to activate snmp Server

    enable floodguard

    Telnet timeout 5

    SSH timeout 5

    Console timeout 0

    dhcpd outside auto_config

    Terminal width 80

    Hello

    Your PIX config has the following:

    Enable http server

    http 10.29.18.0 255.255.255.248 inside

    If you try to access the market SHARE of 10.128.40.0 255.255.255.240 then you must add this to your config as file:

    http 10.128.40.0 255.255.255.240 inside

    Your routing looks correct on the PIX, its delivery to 10.128.40.0 255.255.255.240 by what seems to be your SOHO router, so you should be able to ping the inside interface of the PIX

    If not add "icmp allow no matter what Interior"

    Rgds

    Paddy

  • interface Web Expressway-e (via HTTPS)

    Hello

    So I disable Web interface (via HTTPS) thinking that I could access it via http, but not, so now I can't connect, is any way to activate it via ssh or the console.

    Thank you

    Dave

    You can re-enable using SSH, you must restart the highway after you make the change before it takes effect, the command is:

    xConfiguration Mode of Administration HTTPS: on

    Note, of the API orders towards the end of the guides from the admin.

  • Error when, with audio streaming via HTTP to the Simulator

    I use JDE 4.7 and 8900 Simulator.  I'm trying to listen to an MP3 via http to a blackberry app.  When you use the BufferedPlayBack example screen, I get the following error when the data source is trying to open the connection - "net.rim.device.cldc.io.dns.DNSException: error trying to solve.

    When I enter the same URL in the BlackBerry browser on the Simulator, I get the following error: "the selected server returned an error when you try to respond to your request.

    When I enter the same URL in my web browser in my PC, I am able to stream audio and play with QuickTime.

    Why I get this DNSException on the BB and not on my local PC?  The web engine runs also locally.  I know that the BB Simulator does not support rstp.  The Simulator also not does support streaming over http?

    This is the URL I used:

    http://myLocalMachine:8080/myMusic/anAudio.MP3;deviceside=true

    Thanks in advance!

    T

    I found a solution to the question in the thread below.  I increased the connection. MaxNumberOfKBytesToSend = 10240 in the... File MDS\config\rimpublic. Property and so was able to sucessfully stream mp3 to my request.

    http://supportforums.BlackBerry.com/T5/Java-development/increase-MDS-CS-limit-on-http-download-size/...

  • Time increasing while sending data via http repeatedly on the storm

    Hi all!

    My application sends data (in general, this is a picture of ~ 1200 Kb) to the server via http.

    The data are sent ok, but the when I send data several times (without leaving the application) the time devoted to writing the data in the outputStream develops. On first use, it takes usually ~ 50 seconds, the second seconds of ~ 70, the third seconds from ~ 100... I see this problem only on the storm, others (Curve 8900, Bold, Tour) are OK. The url is used on Storm is: http://xxxxxxxxxxxxx.com/mobile/mobile.asmx;deviceside=true

    Here is the code snippet:

    private static WSResponse send(byte[] xmlBytes, WSResponseParser parser) throws Exception {

        HttpConnection connection = null;
    OutputStream outputStream = null;

       try {
            connection = (HttpConnection)Connector.open(WifiChecker.getURL(URL), Connector.READ_WRITE, true);

            connection.setRequestMethod(HttpConnection.POST);
            connection.setRequestProperty("Content-Type", CONTENT_TYPE);
            connection.setRequestProperty("Content-Length", String.valueOf(xmlBytes.length));

            outputStream = connection.openOutputStream();

            int offset = 0;
            int chunk = DATA_CHUNK_SIZE; // 1024
            int len = xmlBytes.length;
            while (offset < len) {
                if (offset + chunk >= len) { // avoiding OutOfBounds Exception
                    chunk = len - offset;
                }
                outputStream.write(xmlBytes, offset, chunk);
                offset += chunk;
            }

            xmlBytes = null;

            String response = getResponseAsSting(connection);

            WSResponse wsResponse = null;
            try {
                wsResponse = parser.getWSResponse(response);
            } catch (Exception e) {
                throw ApplicationException.invalidWsResponse();
         }

            if (!wsResponse.isSuccess()) {
                throw new WSFailureException(wsResponse);
            }

            return wsResponse;

        } finally {
            IOUtils.safelyCloseStream(outputStream);
            IOUtils.safelyCloseStream(connection);
            if (xmlBytes != null) {
                xmlBytes = null; // notify VM it can safely free the RAM
            }
        }

    I thought it may be a memory problem, so I manually cancel xmlBytes, but which does not solve the problem.

    Any ideas?

    Thanks in advance,

    Arhimed

    P. S.

    There is no question about Simulator, only on a real device of the storm.

    MSohm, thanks for your response.

    Fortunately, I have just fixed the problem. The problem was not in the code above, but in the code that made the xmlBytes. I converted bytes of the image base64 and looks like I did it dangerously on the use of the memory.

    Thanks again for your attention to this thread!

  • Tried everything: 1 address, but not able to connect via HTTPS to the server:

    Hello

    I am trying to connect to the third of the OSB business service web service.

    objective WS is protected with SHA1 base 64 encoded password.

    I am able to connect to the service target of SOAP UI. I am also able to Telnet to my server for dev to the URL of the WS.

    But when connecting from OSB BS I'm tried them all: 1 address, but not able to connect via HTTPS to the server: error.

    Can you please help me solve the problem.

    I tried different policies, but still does not work.

    Kind regards.

    Problem solved. We need to use the proxy server.

  • Secure RestFul WebService call with basic authorization via https

    Hello

    is it possible to call a secure RestFul WebService with basic authorization via https to APEX?

    Database: Oracle 11g XE
    APEX: 4.2.1

    I have a solution by calling the Java Web service, which was called from the database via a scheduled task (run).

    As my hosting partner does not support Java, I'm looking for another option.

    Concerning
    Markus

    Hello

    Oracle XE can USE a wallet with utl_http without problem. Just create a portfolio from a version supporting the creation of the portfolio and copy this portfolio to your XE machine and use it. It really works.

    ---
    Lavenu
    MaxApex accommodation
    http://www.maxapex.com

    Published by: Richard on January 23, 2013 23:32

  • sign the document with 'Draw my signature' and send it via http-post

    Hello

    I have a pdf document with a signature field. When im opening with AcrobatReader XI, I can sign / Place Signature / draw my signature. I can't 'save a copy '. It works pretty well.

    Now, I place a button in the pdf document to be sent via http post to a given address. When I now open this PDF in the XI AcrobatReader, trying to sign. I can only do this with sign / Place Signature / use a certificate. But there is no way to "draw my signature."

    Did I miss an option to do this? Pls tell me if he has a chance to sign the document with 'Draw my signature' and send it via http-post.

    Or is this part of the concept? When I'm looking for a solution, I found EchoSign electronic signature.

    What is available depends on how the as is put in place. If you include a button with an action of type 'Submit form' and/or reader - enable the form, then e-signature (signature of drawing) will not be available in the player. If the document is compatible player then digitally signing will. So for what you want, do not Reader-enable the document and you can use the submitForm JavaScript method to submit. The site that has the JavaScript documentation was not available at the time I wrote this, but post again if you need help with that.

  • Send a PDF form via HTTP Post: Newbie Questions

    Hello

    I am completely new to PDF forms, so I was finding the documentation and the overwhelming options.

    I'm hoping to get directed to the documentation/tutorials/examples that I really need.

    I want to build a 'proof of concept' for my boss.  I would like to include a screen in our webapp Java (JSP & spring) where either a PDF form is incorporated or is accessible via a link.

    I have

    • Standard Adobe Acrobat Distiller X license
    • Adobe Acrobat X Standard
    • Microsoft Office 2010

    I made a little, the form of Microsoft Word 3 field.  I then he converted via distill into a PDF form.

    I then found this document on how to submit a PDF form to a component side Server:

    http://acrobatusers.com/tutorials/form-submit-e-mail-Demystified

    My big problem with this document, is not an example, nor an example of what is happening in an HTML page complete.   Because I I have a few questions:

    1. I see such an example somewhere?
    2. The result of the call to the javascript function doc. SubmitForm (urlToMyServerSideComponent) go in a script tag on the HTML page as other javascripts?
    3. Can I submit the function from an HTML button run or I put a button 'send' the PDF form?
    4. Do I need Adobe LiveCycle to create a PDF form with a button "submit"?  Free versions?
    5. Can I send via HTTP POST?
    6. Do I need Adobe LiveCycle to create a PDF form with a digital signature?
    7. Is there a document/tutorial that fits where I want to? (Please no books, I am tyring to show to my boss that this is something which can be done in a reasonable amount of time, no time to get and go through a book).

    Thanks in advance for things which make me pointed in the right direction

    Steve

    This seems to imply that I can do a such acroform without using an application or can I use an application with an option to write code by hand.  Am I wrong?  If yes could tell me on the document from the beginner to learn how to do this?    I have acrobat, but I don't have the 'send to server' option in the menu to distribute.

    No, you would use Acrobat to add the button and configure. As said earier, you want not to use distribute the form for this type of shape. Simply add a button on one of the pages of the PDF and give a mouse action upward to "submit a form":

    The video tutorial contains more information on the treatment of the submission on the server. Again, do not use the option to distribute the form in Acrobat.

  • registration via http page

    Hello

    I created a user registration page and the login page, which is accessible via http.

    On each page, the browser gets the pages where is a form, the form is published on the same page for validation prior to be entered in the database.

    Sensitive information only in the forms is the password that is encrypted after the form is displayed and before being added to the database.

    This method I use is safe? as immune to the attacks? or do I need to use HTTPS?

    Any advice would be much appreciated.

    Thank you in advance.

    What protects you against attacks is not the choice of http or https, but security measures your validation. If you filter the HTML tags and scripts, verify that user input to corresponding to your criteria, and if be escaped from the values inserted in the database, you should be OK.

    The value of the use of https is that others cannot spy on data sent to the server. But if your validation and SQL injection prevention measures are insufficient, using https is meaningless.

  • Access to local administration E3000 via HTTPS problem

    I usually use a wired connection to the laptop to access the E3000 and http to access to local administration. I decided to simply to change to https and uncheck http. When I did this and use https to try to get web access, Firefox and IE say there is a certificate error and refuses to connect. In Firefox, I even said to use the certificate, but he refuses. I save a configuration file backup before proceeding with this change.

    Any ideas on how to enter the web access with security 'mistakes '?

    Also, if I have to reset the modem (shudder) completely restore configuration will set all my settings city MAC addresses? Since I also use MAC addresses for more security, I hope than those that are saved in the backup as I have entered him very much. I should re - establish links to all my devices like TVs and smartphones.

    Thanks in advance.

    No, if you upgrade the firmware do not use a backup saved configuration as it is specific firmware.  If you upgrade your router reconfigure it back manually.

  • Cannot access/card Hub via my AVG firewall

    Hello...

    I just got myself a NMH405, but he teases me...

    I have a lot of problems :-), but first I would like to help with is:

    Today, I use AVG Firewall... But I can't access the hub when the AVG firewall is active. When I turn it off, I can. I tried to use the Windows Firewall and then I can access, but I would use my AVG.

    Some who know how to configure my AVG so that it allows me to get in touch with my hub?

    Forward your answers :-)

    By

    Hello

    I don't use AVG, but try to run instructions on the link below maybe that would help. Click on the section 815.

     

    http://www.Avg.com/support#tba6

  • Administration of the ASA via IPSec VPN

    Recently, I upgraded my ASA5505 8.2.1 7.2 and curiously lost the ability to manage a VPN (via ASDM or SSH) unit. Before the upgrade, I was able to connect via a method without problem through the VPN. Internally, I still have no problem.

    The fault on the ASDM client message when I try to connect to remote is "Impossible to launch the 10.x.x.x:4444 Device Manager." If I look at the output of the console mode of information, I see later that there is a "completed by interception TCP Flow' regarding the conversation between ASA and my system remotely.

    The config lines are (I've got running on 443 webvpn):

    http server enable 4444

    255.x.x.x http inside 10.x.x.x

    http 192.x.x.x outside 255.x.x.x

    The 192 is located the beach DHCP VPN that get VPN clients (and I checked) such that these systems are able to connect to the ASDM or SSH management interface.

    Is there another ACL I need to make this work? Not sure why it worked without problem on 7.2 and as soon as I upgraded to 8.2.1, he stopped, without changing the config (manual).

    Thanks in advance for the help!

    Point VPN network ssh interface inside rather than the outside, should work, while vpn - ssh to the asa inside the ip address of the interface.

    without ssh 192.x.x.x 255.x.x.x outdoors.

    SSH 192.x.x.x 255.x.x.x inside.

    Concerning

Maybe you are looking for

  • URL is not valid when I start private browsing.

    Whenever I start a private browsing session, the error message:"This URL is not valid and cannot be loaded" appears. I tried to disable all add-ons and boot in safe mode, but thatdid not help at all. All solutions?

  • Need an old Bios for Satellite M70 151

    Hello everyone is able to share the old 1.30 bios for satellite m70 151 Thanks Matthias

  • BIOS paswword on Satellite L750D appears

    Hello I need to change a hard drive on Satellite L750D but when I turn on the computer (with the new hard drive) I got a message that tells me to enter the password of the bios. The computer's bios has a whitelist?When I put the old hard drive, I now

  • Dungeon of WiFi on the logout

    I use a wireless router to wifi since the long and worked fine on my e bike until yesterday, and the same router works fine on other devices. On the e bike it keep disconnecting in seconds and forget the password. I can connect to other networks wifi

  • turn on the generator of endpoint audio windows in dell optiplex gx 260

    The fix tool said that the device does not work audio audio endpoint endbuilder.    How to reinstall.  Thank you Alice