Administration of public hub via HTTPS
Hello
Before SSL - VPN, we could set up a hub which would be administered through the public IP over HTTPS and use filters to block access to a specific range of IP addresses of this port.
When SSL - VPN is configured to a hub, access HTTP and HTTPS are allowed in all areas - and present the WebVPN interface. However, it is not possible to navigate to admin.html on this interface, in order to perform administration. Is this normal?
If so, then there a number of options
(a) administer the concentrtator through the address IP private when connected via remote access VPN - no use if the remote VPN access does not work for some reason any
(b) to set different ports for the interfaces of administration and SSL - VPN - is that possible and if so, how?
(c) provide access to admin.html through the public interface - is it possible and if so, how?
Suggestions/advice on this would be much appreciated.
Kind regards
Matt
Check this document,
http://www.Cisco.com/univercd/CC/TD/doc/product/VPN/vpn3000/4_1/config/webvpnap.htm#1002774
Tags: Cisco Security
Similar Questions
-
The administration server is not reachable from the node target via HTTP (S)
Hi all
I tried add Host in Oracle 12 c. I previously added Linux host OS, but I couldn't add OS AIX in 12 c. I did the auto update for Agent of AIX. You can find my OS and DB info on below.
Server Oracle 12 c - OS is SunOS 5.10
Client host Oracle 11.2.0.1.0 - OS is AIX
During the installation, I got this error message "the administration server is not reachable from the node target via HTTP (S). In topology, we do not use any firewall... As I said I've added Linux and SunOS but AIX does not...
How can I solve that?
B.RYou already mentioned the metalink note? Otherwise please see note
EM 12: Agent deployment fails with error "the administration server can be reached from the node target via HTTP (S)" [1393450.1 ID]
Kind regards
http://www.oracleracexpert.com
Remove the grid or the repository targets control agents
http://www.oracleracexpert.com/2010/06/remove-grid-control-agents-or-targets.html
Tablespace transportable export and import on the same Endian platforms
http://www.oracleracexpert.com/2009/08/transportable-tablespace-export-import.html -
Phone book access via HTTP/s C60
Hello world
I have set up a phonepook through TMS (manual list) and provide this to several endpoints.
Then I've linked to the HTTPS endpoint, but I do not see the telephone directory.
is it possible to see the Yearbook of the C series via http?
Thank you
Stefan
The question is in IIS.
On the TMS server, open IIS and expand the default Web page, then the MST file, and then follow these steps:
I guess it's an iis 7.5 and Windows 2008 server
Click the Public folder
Click on authentication
Disable Windows authentication
Disable Basic authentication
Enable anonymous authentication
Try to get new directory.,.
My guess is it does not work for the MXP either because MXP is caching the entires so what you see is updated information in cache...
/ Magnus
-
I'm a little confused right now. I'm trying to config PIX501 accessmy & PDM via HTTP, but it's not working. Please see my config below. Thank you!
6.3 (3) version PIX
interface ethernet0 car
interface ethernet1 100full
ethernet0 nameif outside security0
nameif ethernet1 inside the security100
activate the
password > passwd
> fixup protocol dns-length maximum 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol 2000 skinny
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names of
pager lines 24
debug logging in buffered memory
Outside 1500 MTU
Within 1500 MTU
IP address outside dhcp setroute
IP address inside 10.29.18.1 255.255.255.248
alarm action IP verification of information
alarm action attack IP audit
location of PDM 10.29.18.0 255.255.255.248 inside
PDM 100 debug logging
history of PDM activate
ARP timeout 14400
Global 1 interface (outside)
NAT (inside) 1 0.0.0.0 0.0.0.0 0 0
Access-group outside-outside interface
Route inside 10.128.40.0 255.255.255.240 10.29.18.2 1
Timeout xlate 0:05:00
Timeout conn 01:00 half-closed 0:10:00 udp 0: CPP 02:00 0:10:00 01:00 h225
H323 timeout 0:05:00 mgcp 0: sip from 05:00 0:30:00 sip_media 0:02:00
Timeout, uauth 0:05:00 absolute
GANYMEDE + Protocol Ganymede + AAA-server
RADIUS Protocol RADIUS AAA server
AAA-server local LOCAL Protocol
Enable http server
http 10.29.18.0 255.255.255.248 inside
No snmp server location
No snmp Server contact
SNMP-Server Community public
No trap to activate snmp Server
enable floodguard
Telnet timeout 5
SSH timeout 5
Console timeout 0
dhcpd outside auto_config
Terminal width 80
Hello
Your PIX config has the following:
Enable http server
http 10.29.18.0 255.255.255.248 inside
If you try to access the market SHARE of 10.128.40.0 255.255.255.240 then you must add this to your config as file:
http 10.128.40.0 255.255.255.240 inside
Your routing looks correct on the PIX, its delivery to 10.128.40.0 255.255.255.240 by what seems to be your SOHO router, so you should be able to ping the inside interface of the PIX
If not add "icmp allow no matter what Interior"
Rgds
Paddy
-
interface Web Expressway-e (via HTTPS)
Hello
So I disable Web interface (via HTTPS) thinking that I could access it via http, but not, so now I can't connect, is any way to activate it via ssh or the console.
Thank you
Dave
You can re-enable using SSH, you must restart the highway after you make the change before it takes effect, the command is:
xConfiguration Mode of Administration HTTPS: on
Note, of the API orders towards the end of the guides from the admin.
-
Error when, with audio streaming via HTTP to the Simulator
I use JDE 4.7 and 8900 Simulator. I'm trying to listen to an MP3 via http to a blackberry app. When you use the BufferedPlayBack example screen, I get the following error when the data source is trying to open the connection - "net.rim.device.cldc.io.dns.DNSException: error trying to solve.
When I enter the same URL in the BlackBerry browser on the Simulator, I get the following error: "the selected server returned an error when you try to respond to your request.
When I enter the same URL in my web browser in my PC, I am able to stream audio and play with QuickTime.
Why I get this DNSException on the BB and not on my local PC? The web engine runs also locally. I know that the BB Simulator does not support rstp. The Simulator also not does support streaming over http?
This is the URL I used:
http://myLocalMachine:8080/myMusic/anAudio.MP3;deviceside=true
Thanks in advance!
T
I found a solution to the question in the thread below. I increased the connection. MaxNumberOfKBytesToSend = 10240 in the... File MDS\config\rimpublic. Property and so was able to sucessfully stream mp3 to my request.
-
Time increasing while sending data via http repeatedly on the storm
Hi all!
My application sends data (in general, this is a picture of ~ 1200 Kb) to the server via http.
The data are sent ok, but the when I send data several times (without leaving the application) the time devoted to writing the data in the outputStream develops. On first use, it takes usually ~ 50 seconds, the second seconds of ~ 70, the third seconds from ~ 100... I see this problem only on the storm, others (Curve 8900, Bold, Tour) are OK. The url is used on Storm is: http://xxxxxxxxxxxxx.com/mobile/mobile.asmx;deviceside=true
Here is the code snippet:
private static WSResponse send(byte[] xmlBytes, WSResponseParser parser) throws Exception { HttpConnection connection = null; OutputStream outputStream = null; try { connection = (HttpConnection)Connector.open(WifiChecker.getURL(URL), Connector.READ_WRITE, true); connection.setRequestMethod(HttpConnection.POST); connection.setRequestProperty("Content-Type", CONTENT_TYPE); connection.setRequestProperty("Content-Length", String.valueOf(xmlBytes.length)); outputStream = connection.openOutputStream(); int offset = 0; int chunk = DATA_CHUNK_SIZE; // 1024 int len = xmlBytes.length; while (offset < len) { if (offset + chunk >= len) { // avoiding OutOfBounds Exception chunk = len - offset; } outputStream.write(xmlBytes, offset, chunk); offset += chunk; } xmlBytes = null; String response = getResponseAsSting(connection); WSResponse wsResponse = null; try { wsResponse = parser.getWSResponse(response); } catch (Exception e) { throw ApplicationException.invalidWsResponse(); } if (!wsResponse.isSuccess()) { throw new WSFailureException(wsResponse); } return wsResponse; } finally { IOUtils.safelyCloseStream(outputStream); IOUtils.safelyCloseStream(connection); if (xmlBytes != null) { xmlBytes = null; // notify VM it can safely free the RAM } }
I thought it may be a memory problem, so I manually cancel xmlBytes, but which does not solve the problem.
Any ideas?
Thanks in advance,
Arhimed
P. S.
There is no question about Simulator, only on a real device of the storm.
MSohm, thanks for your response.
Fortunately, I have just fixed the problem. The problem was not in the code above, but in the code that made the xmlBytes. I converted bytes of the image base64 and looks like I did it dangerously on the use of the memory.
Thanks again for your attention to this thread!
-
Tried everything: 1 address, but not able to connect via HTTPS to the server:
Hello
I am trying to connect to the third of the OSB business service web service.
objective WS is protected with SHA1 base 64 encoded password.
I am able to connect to the service target of SOAP UI. I am also able to Telnet to my server for dev to the URL of the WS.
But when connecting from OSB BS I'm tried them all: 1 address, but not able to connect via HTTPS to the server: error.
Can you please help me solve the problem.
I tried different policies, but still does not work.
Kind regards.
Problem solved. We need to use the proxy server.
-
Secure RestFul WebService call with basic authorization via https
Hello
is it possible to call a secure RestFul WebService with basic authorization via https to APEX?
Database: Oracle 11g XE
APEX: 4.2.1
I have a solution by calling the Java Web service, which was called from the database via a scheduled task (run).
As my hosting partner does not support Java, I'm looking for another option.
Concerning
MarkusHello
Oracle XE can USE a wallet with utl_http without problem. Just create a portfolio from a version supporting the creation of the portfolio and copy this portfolio to your XE machine and use it. It really works.
---
Lavenu
MaxApex accommodation
http://www.maxapex.comPublished by: Richard on January 23, 2013 23:32
-
sign the document with 'Draw my signature' and send it via http-post
Hello
I have a pdf document with a signature field. When im opening with AcrobatReader XI, I can sign / Place Signature / draw my signature. I can't 'save a copy '. It works pretty well.
Now, I place a button in the pdf document to be sent via http post to a given address. When I now open this PDF in the XI AcrobatReader, trying to sign. I can only do this with sign / Place Signature / use a certificate. But there is no way to "draw my signature."
Did I miss an option to do this? Pls tell me if he has a chance to sign the document with 'Draw my signature' and send it via http-post.
Or is this part of the concept? When I'm looking for a solution, I found EchoSign electronic signature.
What is available depends on how the as is put in place. If you include a button with an action of type 'Submit form' and/or reader - enable the form, then e-signature (signature of drawing) will not be available in the player. If the document is compatible player then digitally signing will. So for what you want, do not Reader-enable the document and you can use the submitForm JavaScript method to submit. The site that has the JavaScript documentation was not available at the time I wrote this, but post again if you need help with that.
-
Send a PDF form via HTTP Post: Newbie Questions
Hello
I am completely new to PDF forms, so I was finding the documentation and the overwhelming options.
I'm hoping to get directed to the documentation/tutorials/examples that I really need.
I want to build a 'proof of concept' for my boss. I would like to include a screen in our webapp Java (JSP & spring) where either a PDF form is incorporated or is accessible via a link.
I have
- Standard Adobe Acrobat Distiller X license
- Adobe Acrobat X Standard
- Microsoft Office 2010
I made a little, the form of Microsoft Word 3 field. I then he converted via distill into a PDF form.
I then found this document on how to submit a PDF form to a component side Server:
http://acrobatusers.com/tutorials/form-submit-e-mail-Demystified
My big problem with this document, is not an example, nor an example of what is happening in an HTML page complete. Because I I have a few questions:
- I see such an example somewhere?
- The result of the call to the javascript function doc. SubmitForm (urlToMyServerSideComponent) go in a script tag on the HTML page as other javascripts?
- Can I submit the function from an HTML button run or I put a button 'send' the PDF form?
- Do I need Adobe LiveCycle to create a PDF form with a button "submit"? Free versions?
- Can I send via HTTP POST?
- Do I need Adobe LiveCycle to create a PDF form with a digital signature?
- Is there a document/tutorial that fits where I want to? (Please no books, I am tyring to show to my boss that this is something which can be done in a reasonable amount of time, no time to get and go through a book).
Thanks in advance for things which make me pointed in the right direction
Steve
This seems to imply that I can do a such acroform without using an application or can I use an application with an option to write code by hand. Am I wrong? If yes could tell me on the document from the beginner to learn how to do this? I have acrobat, but I don't have the 'send to server' option in the menu to distribute.
No, you would use Acrobat to add the button and configure. As said earier, you want not to use distribute the form for this type of shape. Simply add a button on one of the pages of the PDF and give a mouse action upward to "submit a form":
The video tutorial contains more information on the treatment of the submission on the server. Again, do not use the option to distribute the form in Acrobat.
-
Hello
I created a user registration page and the login page, which is accessible via http.
On each page, the browser gets the pages where is a form, the form is published on the same page for validation prior to be entered in the database.
Sensitive information only in the forms is the password that is encrypted after the form is displayed and before being added to the database.
This method I use is safe? as immune to the attacks? or do I need to use HTTPS?
Any advice would be much appreciated.
Thank you in advance.
What protects you against attacks is not the choice of http or https, but security measures your validation. If you filter the HTML tags and scripts, verify that user input to corresponding to your criteria, and if be escaped from the values inserted in the database, you should be OK.
The value of the use of https is that others cannot spy on data sent to the server. But if your validation and SQL injection prevention measures are insufficient, using https is meaningless.
-
Access to local administration E3000 via HTTPS problem
I usually use a wired connection to the laptop to access the E3000 and http to access to local administration. I decided to simply to change to https and uncheck http. When I did this and use https to try to get web access, Firefox and IE say there is a certificate error and refuses to connect. In Firefox, I even said to use the certificate, but he refuses. I save a configuration file backup before proceeding with this change.
Any ideas on how to enter the web access with security 'mistakes '?
Also, if I have to reset the modem (shudder) completely restore configuration will set all my settings city MAC addresses? Since I also use MAC addresses for more security, I hope than those that are saved in the backup as I have entered him very much. I should re - establish links to all my devices like TVs and smartphones.
Thanks in advance.
No, if you upgrade the firmware do not use a backup saved configuration as it is specific firmware. If you upgrade your router reconfigure it back manually.
-
Cannot access/card Hub via my AVG firewall
Hello...
I just got myself a NMH405, but he teases me...
I have a lot of problems :-), but first I would like to help with is:
Today, I use AVG Firewall... But I can't access the hub when the AVG firewall is active. When I turn it off, I can. I tried to use the Windows Firewall and then I can access, but I would use my AVG.
Some who know how to configure my AVG so that it allows me to get in touch with my hub?
Forward your answers :-)
By
Hello
I don't use AVG, but try to run instructions on the link below maybe that would help. Click on the section 815.
-
Administration of the ASA via IPSec VPN
Recently, I upgraded my ASA5505 8.2.1 7.2 and curiously lost the ability to manage a VPN (via ASDM or SSH) unit. Before the upgrade, I was able to connect via a method without problem through the VPN. Internally, I still have no problem.
The fault on the ASDM client message when I try to connect to remote is "Impossible to launch the 10.x.x.x:4444 Device Manager." If I look at the output of the console mode of information, I see later that there is a "completed by interception TCP Flow' regarding the conversation between ASA and my system remotely.
The config lines are (I've got running on 443 webvpn):
http server enable 4444
255.x.x.x http inside 10.x.x.x
http 192.x.x.x outside 255.x.x.x
The 192 is located the beach DHCP VPN that get VPN clients (and I checked) such that these systems are able to connect to the ASDM or SSH management interface.
Is there another ACL I need to make this work? Not sure why it worked without problem on 7.2 and as soon as I upgraded to 8.2.1, he stopped, without changing the config (manual).
Thanks in advance for the help!
Point VPN network ssh interface inside rather than the outside, should work, while vpn - ssh to the asa inside the ip address of the interface.
without ssh 192.x.x.x 255.x.x.x outdoors.
SSH 192.x.x.x 255.x.x.x inside.
Concerning
Maybe you are looking for
-
URL is not valid when I start private browsing.
Whenever I start a private browsing session, the error message:"This URL is not valid and cannot be loaded" appears. I tried to disable all add-ons and boot in safe mode, but thatdid not help at all. All solutions?
-
Need an old Bios for Satellite M70 151
Hello everyone is able to share the old 1.30 bios for satellite m70 151 Thanks Matthias
-
BIOS paswword on Satellite L750D appears
Hello I need to change a hard drive on Satellite L750D but when I turn on the computer (with the new hard drive) I got a message that tells me to enter the password of the bios. The computer's bios has a whitelist?When I put the old hard drive, I now
-
I use a wireless router to wifi since the long and worked fine on my e bike until yesterday, and the same router works fine on other devices. On the e bike it keep disconnecting in seconds and forget the password. I can connect to other networks wifi
-
turn on the generator of endpoint audio windows in dell optiplex gx 260
The fix tool said that the device does not work audio audio endpoint endbuilder. How to reinstall. Thank you Alice