divide the tunnel pptp vpn router 7200

I have cisco 7200 running Cisco IOS Software, software 7200 (C7200-ADVENTERPRISEK9-M), Version 12.4 (24) T2, VERSION of the SOFTWARE (fc2). I want that connects to the pptp VPN in order to access the internet at the same time. I think that this can be achieved by implementing split VPN tunnel. However I can't understand how to implement this on my 7200. All the documentation I found only tell how to do it on a cisco ASA. I've been watching this article to help me to http://www.cisco.com/en/US/tech/tk59/technologies_configuration_example09186a00800a393b.shtml#con4VPN clients will assign an ip address in the range of 172.16.10.0/24 to access the network remote fo 17.16.0.0/24Looking to the article posted above, I created the list 102 permit ip 172.16.0.0 ACLaccess 0.0.0.255 172.16.10.0 is 0.0.0.255What I can not understand how to apply this to my activation of VPDN PPTP groupvpdn
!
VPDN-Group 1
!  PPTP by default VPDN group
accept-dialin
Pptp Protocol
virtual-model 1
! interface virtual-Template1
IP unnumbered GigabitEthernet0/2
peer default ip address pool-pptp pool
PPP encryption mppe auto
PPP ms-chap for authentication ms-chap-v2
! access-list 102 permit ip 172.16.0.0 0.0.0.255 172.16.10.0 0.0.0.255
Local IP pool pptp 172.16.10.1 172.16.10.254Any help is appreciatedThanks
Advertisement

Split PPTP tunnel must be configured on the client. Unlike the IPSec tunnel split which is performed on the head end, split PPTP tunnel is configured on the client itself.

Here is the configuration guide for document Q & A (last question):

http://www.Cisco.com/en/us/Partner/Tech/tk827/tk369/technologies_q_and_a_item09186a00800946ef.shtml

Here is an article from Microsoft that takes in charge who:

http://TechNet.Microsoft.com/en-us/library/cc779919%28WS.10%29.aspx#w2k3tr_vpn_how_dkma

Hope that helps.

Tags: Cisco Security

Similar Questions

  • Using the Tunnel interface on router

    Hello world

    I see hew Tunnel interface on the router.

    Router is running OSPF.

    However, there is no cryptographic statements.

    tunnel configuration

    Tunnel1 interface

    10.4.x.x from IP x.x.x.x

    time 7

    source of tunnel Loopback1

    destination 10.4.x.x tunnel

    My question is when we use the interface Tunnel without any cryptographic statements?

    Thank you

    MAhesh

    This Tunnel is a plain GRE Tunnel. They are generally used without crypto when:

    (1) traffic is not sent through an untrusted network and cryptographic protection is not necessary.
    (2) the GRE traffic gets encrypted on a separate device if the end point free WILL is not able to do the necessary cryptographic protection.

    Sent by Cisco Support technique iPad App

  • Force traffic into the tunnel?

    No IPSEC applied anywhere yet.

    If you have 2 routers configured back to back with the physical interfaces tunnel interfaces - which way will be the traffic travels above?

    Answer - It will follow the path of the routing table that I guess. OSPF or static or other routes.

    Series enough.

    Now add one IPSEC.

    OSPF fails as IPSEC does not support multicast.

    Series enough.

    Now, add IPSEC and GRE to the mix. Apply card crypto both physical and tunnel interfaces.

    Included here is the common ACL associated with free WILL. That is: -.

    access-list 100 permit will host [address physical source] [address physical destination]

    It's the ACL that is supposed to define what traffic is 'interesting' and which must be encrypted.

    We will repeat the question: what should be the traffic?

    I guess it's the same answer. Refer to the routing table.

    But that traffic is encrypted? Answer - ONLY traffic destined to the IP tunnel interface.

    If you ping from physics to physics, it will be clear.

    Question - do you need to force ALL traffic to the bottom of the tunnel interface in the order so he could match the ACL and therefore get encrypted?

    How do accomplish us this?

    Discussion and debate would be greatly appreciated.

    He

    Only traffic with the source/destination of the tunnel interfaces - you just encapsulate & encrypt what happens / leaves the tunnel. If you have two sites connected through a VPN IPSEC, 'interesting' traffic for VPN is the source/destination on tunnel interfaces you need to LAN traffic in the tunnel interfaces. If you have either the static routes, or run you a dynamic routing such as OSPF or EIGRP Protocol.

    You may have a default route pointing to the firewall, a routing protocol dynamic running - so that all "internal" traffic will take place on the tunnel = encrypted vpn to a remote site, while all the 'internet' traffic routes to the firewall and leaves normally.

    HTH

  • Traffic to the VPN router IOS NAT tunnel

    I need to configure a VPN tunnel that NATs traffic above him.  I have already established VPN tunnels and NAT traffic.  I did this on a concentrator VPN and ASA, but have seen some places where people say is not possible on a router or I saw real hard evidence that it is.  For example, I use a Cisco 2801 router with 12.4(8a) and advanced security.  This can be quite difficult as the subnet / vlan that we need NAT needs to pass normal traffic on other VPN tunnels and using a NAT on the Internet directly.  Y does it have, any restrictions on it as the IOS version, being a router itself, NAT configuration.  Any help is greatly appreciated.

    Hi James,

    NAT VPN traffic, you can like you do with ASAs on IOS routers.

    If you do, it is that you create an ACL to set traffic to be coordinated, apply the ACL to a NAT rule and a condition that NAT statement with a roadmap to occur only when the traffic will be sent through the tunnel.

    Federico.

  • Default route inside the tunnel VPN Site to site

    We want to carry the default traffic within the site to site VPN tunnel, our goal is to route all traffic including default branch road and HO HO help branch for surfing the internet.

    I have due to difficulties

    1. cannot configure dynamic NAT for the router in the branch on the ASA HO, I know configuration for 8.2, but know not about 8.4

    This is the configuration for the 8.2, if someone can translate to 8.4, which would be a great help

    NAT (outside) 1 192.168.230.0

    2. I do not know how to write the default route on the branch office router to send all traffic within the VPN tunnel

    Hello

    As I understand it then you want to route ALL traffic from the Remote Site to the Central Site and manage Internet traffic there.

    I suppose you could define "interesting traffic" in configuring VPN L2L ACL / access-list in the following way

    Branch router

    extended IP access list

    allow an ip

    ASA central

    ip access list allow one

    The idea behind the type of ACL for the VPN L2L above configurations is that, for example, the branch office router has a rule that sets connection coming from the local LAN for 'any' destination address must be sent to the VPN L2L connection. So, it would be in such a way that all the traffic will be sent to the Central Site via VPN L2L.

    I must say however, that the VPN router configurations side are not more familiar to me because I manage especially with ASA Firewall (and to some extent still PIX and FWSMs)

    I guess that on the ASA Central you will PAT translation to "outside" so that the host can access the Internet?

    You would probably do something like this

    object-group network to REMOTE-SITE-PAT-SOURCE

    network-object

    interface of REMOTE-SITE-PAT-SOURCE dynamic NAT (outside, outside) after auto source

    If you don't want to use the 'outside' IP address, then you will have to create a 'network of object' for address IP of PAT and use it in the line of NAT configuration above instead of "interface".

    Alternate configuration might be

    network of the REMOTE-SITE-PAT object

    subnet

    dynamic NAT interface (outdoors, outdoor)

    You also need to enable

    permit same-security-traffic intra-interface

    To allow traffic to enter and exit the same interface on the ASA

    All these answers are naturally suggestion on what you have to do. I don't know what kind of configurations you have right now.

    Hope this helps in some way

    -Jouni

    Post edited by: Jouni Forss

  • Command to check the tunnel VPN S2S awhile in the cisco router

    Dear all,

    Please share the command check S2S tunnel of time that is configured on the router.

    There are commands that define the lifetimes of (his) IPSec Security Associations, ISAKMP.

    For example:

    crypto ISAKMP policy 1
    BA 3des
    preshared authentication
    Group 2
    life 3600

    life 3599 seconds crypto ipsec security association

    ... and you can determine the remaining lifetime for these SAs with the following commands:

    SH detail session crypto

    SH in detail its crypto isakmp

    SH crypto ipsec his

    The delta between the lifetime (s) configured and remaining life will tell you how much time has passed since the last regeneration, but that is as close you are likely to have to determine when the tunnel came first.

    You could use other means as States of syslog for you say when a Tunnel is a transitioning upwards or downwards.

    Best regards

    Mike

  • Best Soho - Split Tunnel VPN router

    Hi - I'm looking for some advice for a soho router.

    Basically the main feature, I'm looking for is to run, which I think is a VPN split tunnel, so that all internal clients route default traffic out to the gateway of the ISP. However, if the traffic is destined for a list of several specific subnets (x.x.x.x/24, y.y.y.y/24 etc.), then it should establish a tunnel to an only PPTP/IPSEC host and route remote traffic for these subnets via the tunnel.   To be clear, that these subnets (x.x.x.x and y.y.y.y) is not attached to the end of the tunnel - which is a gateway device that will route them further.

    I've been watching the various VPN router offers and is not clear to me if I can do it with a RV - 042, BEFVP41 or something like the other thing SRP521W I must be able to manipulate the routing tables directly on.

    As an additional note, I have complete control over the end of SOHO - but simply an account at the end of the tunnel with (it is a service provider).  The idea is to use public services for 90% of the traffic, but if customers want to access a specific set of addresses, it will forward this specific traffic through the tunnel.

    Thanks in advance...

    On current view, do not touch the RPS with a bargepole.

    Adding access to additional subnets through a VPN tunnel is pretty standard, routing will be automatic if the VPN was established, but you must ensure that

    1. politics VPN at BOTH ENDS allows your local subnet to access these networks

    2. your subnet is not incompatible with other subnets or roads that can be used on remote networks

    3. assuming you're OK so far, remote subnets must have a route is added to the default gateway to point to your subnet via intermediate networks

    Good luck!

  • LAN to lan vpn between ASA and router 7200

    Hi friends,

    I need to configure the lan to lan between ASA vpn (remote location) and router 7200 (on our network).

    <7200 router="" (ip="" add:="" 10.10.5.2)="">-(Internet) -<(IP add:="" 192.168.12.2)="" asa(5510)="">---192.135.5.0/24 network

    I will have the following configuration:

    7200 router:

    crypto ISAKMP policy 80

    the enc

    AUTH pre-shared

    Group 1

    life 3600

    ISAKMP crypto key cisco123 address 192.168.12.2

    Cryto ipsec transform-set esp - esp-md5-hmac VPNtrans

    map VPNTunnel 80 ipsec-isakmp crypto

    defined by peer 192.168.12.2

    game of transformation-VPNtrans

    match address 110

    int fa0/0

    IP add 10.10.5.2 255.255.255.192

    IP virtual-reassembly

    no ip route cache

    Speed 100

    full duplex

    card crypto VPNTunnel

    access-list 110 permit ip any 192.135.5.0 0.0.0.255

    ASA:

    int e0/0

    nameif inside

    security-level 100

    192.135.5.254 Add IP 255.255.255.0

    int e0/1

    nameif outside

    security-level 0

    IP add 192.168.12.2 255.255.255.240

    access-list ACL extended ip 192.135.5.0 allow 255.255.255.0 any

    Route outside 0.0.0.0 0.0.0.0.0 192.168.12.3 1

    "pre-shared key auth" ISAKMP policy 10

    ISAKMP policy 10-enc

    ISAKMP policy 10 md5 hash

    10 1 ISAKMP policy group

    ISAKMP duration strategy of life 10-3600

    Crypto ipsec transform-set esp - esp-md5-hmac VPNtran

    card crypto VPN 10 matches the ACL address

    card crypto VPN 10 set peer 10.10.5.2

    card crypto VPN 10 the transform-set VPNtran value

    tunnel-group 10.10.5.2 type ipsec-l2l

    IPSec-attributes of type tunnel-group 10.10.5.2

    cisco123 pre-shared key

    card crypto VPN outside interface

    ISAKMP allows outside

    dhcpd address 192.135.5.1 - 192.135.5.250 inside

    dhcpd dns 172.15.4.5 172.15.4.6

    dhcpd wins 172.15.76.5 172.15.74.5

    dhcpd lease 14400

    dhcpd ping_timeout 500

    dhcpd allow inside

    Please check the configuration, please correct me if I missed something. I'm in a critical situation at the moment...

    Please advise...

    Thank you very much...

    Where it fails at the present time?

    Can you share out of after trying to establish the VPN tunnel:

    See the isa scream his

    See the ipsec scream his

    Please also run the following debug to see where it is a failure:

    debugging cry isa

    debugging ipsec cry

  • Router (IPSec)-&gt; INTERNET-&gt; Router (IPsec) where to put the TUNNEL IP POOL?

    Hello

    I'm still learning the VPN (IPsec), I was able to create a tunnel between my PC and my router, but now I want to connect two routers:

    F0/1=192.168.0.1 ROUTER A-> INTERNET-> ROUTER B F0/1=192.168.10.1

    Both routers receive an IP address from my ISP, I can't do a ping to a site at the other site, I mean, I am able to PING ROUTER A from ROUTER B with the ISP addresses and otherwise.

    Two ROUTERS have the same configuration, except for the IP addresses and the ACL, they are opposite.

    I think I know what I did wrong, but I don't know how to solve: the TUNNEL need also an IP from a POOL where should I put up, the ROUTER A or ROUTER B?

    ROUTER

    version 12.4

    horodateurs service debug datetime msec

    Log service timestamps datetime msec

    no password encryption service

    !

    router host name

    !

    boot-start-marker

    boot-end-marker

    !

    No aaa new-model

    IP cef

    !

    crypto ISAKMP policy 1

    BA 3des

    preshared authentication

    Group 2

    ISAKMP crypto key cisco address 81.83.201.BB

    !

    !

    Crypto ipsec transform-set esp-3des RIGHT

    !

    router_A_to_router_B 1000 ipsec-isakmp crypto map

    set of peer 81.83.201.BB

    transformation-RIGHT game

    match address 101

    !

    interface FastEthernet0/0

    DHCP IP address

    automatic speed

    full-duplex

    router_A_to_router_B card crypto

    !

    interface FastEthernet0/1

    the IP 192.168.0.1 255.255.255.0

    automatic speed

    full-duplex

    !

    !

    no ip address of the http server

    no ip http secure server

    !

    access-list 101 permit ip 192.168.0.0 0.0.0.255 192.168.10.0 0.0.0.255

    !

    !

    control plan

    !

    Line con 0

    Speed 115200

    line to 0

    line vty 0 4

    !

    !

    end

    ROUTER B

    version 12.4

    horodateurs service debug datetime msec

    Log service timestamps datetime msec

    no password encryption service

    !

    router host name

    !

    boot-start-marker

    boot-end-marker

    !

    No aaa new-model

    IP cef

    !

    crypto ISAKMP policy 1

    BA 3des

    preshared authentication

    Group 2

    ISAKMP crypto key cisco address 81.83.201.AA

    !

    !

    Crypto ipsec transform-set esp-3des RIGHT

    !

    router_B_to_router_A 1000 ipsec-isakmp crypto map

    set of peer 81.83.201.AA

    transformation-RIGHT game

    match address 101

    !

    interface FastEthernet0/0

    DHCP IP address

    automatic speed

    full-duplex

    router_B_to_router_A card crypto

    !

    interface FastEthernet0/1

    IP 192.168.10.1 255.255.255.0

    automatic speed

    full-duplex

    !

    !

    no ip address of the http server

    no ip http secure server

    !

    access-list 101 permit ip 192.168.10.0 0.0.0.255 192.168.0.0 0.0.0.255

    !

    !

    control plan

    !

    Line con 0

    Speed 115200

    line to 0

    line vty 0 4

    !

    !

    end

    !

    !

    !

    !

    !

    !

    Best regards

    Didier

    Didier, there are a number of things missing in your config file to make it work, what I can say fa0/1 is inside and the fa0/0 are outdoors. There is no NAT translation to activate the computers inside the network, allowing access to the Internet. You will also need to exclude the EIGRP NAT roads in order to reach the remote network. Each router must have a default gateway to the Internet, this should be done with the following command:

    IP route 0.0.0.0 0.0.0.0 fa0/0 dhcp

    This will use the default gateway of the DHCP server that assigns IP address on fa0/0. Once that each router has a path to another and the tunnel connects EIGRP will handle the rest given the information to the router 90, this is the spectacle of one of my spoke routers route:

    NTR-2620XM #show ip route
    Code: C - connected, S - static, mobile R - RIP, M-, B - BGP
    D - EIGRP, OSPF, IA - external EIGRP, O - EX - OSPF inter zone
    N1 - type external OSPF NSSA 1, N2 - type external OSPF NSSA 2
    E1 - OSPF external type 1, E2 - external OSPF of type 2
    i - IS - Su - summary IS, L1 - IS - IS level 1, L2 - IS level - 2
    -IS inter area, * - candidate failure, U - static route by user
    o - ODR, P - periodic downloaded route static

    Gateway of last resort is to network 0.0.0.0 0.0.0.0

    65.0.0.0/32 is divided into subnets, subnets 1
    C 65.14.24.190 is directly connected, Dialer0
    172.16.0.0/32 is divided into subnets, subnets 1
    D EX 172.16.50.31 [170/3074560] via 172.19.8.1, 20:04:58, Tunnel0
    172.19.0.0/24 is divided into subnets, subnets 1
    C 172.19.8.0 is directly connected, Tunnel0
    10.0.0.0/8 is variably divided into subnets, subnets 14, 6 masks
    D EX 10.13.13.8/29 [170/2818560] via 172.19.8.1, 20:04:58, Tunnel0
    D EX 10.11.7.0/28 [170/2818560] via 172.19.8.1, 20:04:58, Tunnel0
    D 10.13.13.0/29 [90/2818560] via 172.19.8.1, 20:04:58, Tunnel0
    C 10.19.9.0/27 is directly connected, Vlan200
    C 10.19.8.0/24 is directly connected, Vlan100
    C 10.19.10.0/28 is directly connected, Vlan900
    D EX 10.20.7.0/24 [170/2818560] via 172.19.8.1, 20:04:58, Tunnel0
    D [90/3097600] 10.22.7.0/24 through 172.19.8.1, 17:34:52, Tunnel0
    D 10.37.4.0/24 [90/3074560] via 172.19.8.1, 20:04:59, Tunnel0
    D 10.15.50.0/24 [90/3074560] via 172.19.8.1, 20:04:59, Tunnel0
    D EX 10.24.40.0/24 [170/2818560] via 172.19.8.1, 20:04:59, Tunnel0
    D 10.12.85.0/24 [90/3074560] via 172.19.8.1, 20:04:59, Tunnel0
    C 10.19.9.192/26 is directly connected, Vlan500
    D EX 10.244.0.0/22 [170/2818560] via 172.19.8.1, 20:04:59, Tunnel0
    74.0.0.0/32 is divided into subnets, subnets 1
    C 74.23.201.24 is directly connected, Dialer0
    S * 0.0.0.0/0 is directly connected, Dialer0

    All designated routes D are dynamic routes drawn other routers on the DMVPN EIGRP. It will propagate the routing table and they point to the appropriate star. If you follow the example that I gave you, you will have a functional DMVPN.

    See you soon,.

    Sam

  • PPTP VPN between clients Windows and Cisco 2921 router

    Hi all!

    I have a problem with PPTP VPN between Windows clients and router Cisco 2921 with permission of RADIUS (IAS). When I try to connect to Cisco 2921 of Windows 7 by using MS-CHAP v2 I get the message 778: it was not possible to verify the identity of the server. Can I use PAP - power is OK. On Windows XP, the same situation.

    Cisco config:

    version 15.0

    horodateurs service debug datetime msec

    Log service timestamps datetime msec

    encryption password service

    !

    hostname gw.izmv

    !

    boot-start-marker

    boot-end-marker

    !

    logging buffered 51200 warnings

    !

    AAA new-model

    !

    AAA authentication ppp default local radius group of

    !

    AAA - the id of the joint session

    !

    clock timezone + 002 2

    !

    No ipv6 cef

    IP source-route

    IP cef

    !

    !

    Authenticated MultiLink bundle-name Panel

    !

    Async-bootp Server dns 192.168.192.XX

    VPDN enable

    !

    VPDN-Group 1

    ! PPTP by default VPDN group

    accept-dialin

    Pptp Protocol

    virtual-model 1

    echo tunnel PPTP 10

    tunnel L2TP non-session timeout 15

    PMTU IP

    adjusting IP mtu

    !

    redundancy

    !

    interface Loopback0

    IP 192.168.207.1 255.255.255.0

    !

    !

    interface GigabitEthernet0/0

    Description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE $ 0/0

    IP 192.168.192.XXX 255.255.255.0

    IP 192.168.192.XX 255.255.255.0 secondary

    IP nat inside

    IP virtual-reassembly

    automatic duplex

    automatic speed

    !

    !

    interface GigabitEthernet0/1

    no ip address

    Shutdown

    automatic duplex

    automatic speed

    !

    !

    interface GigabitEthernet0/2

    Description - Inet-

    no ip address

    NAT outside IP

    IP virtual-reassembly

    automatic duplex

    automatic speed

    PPPoE enable global group

    PPPoE-client dial-pool-number 1

    No cdp enable

    !

    !

    interface virtual-Template1

    IP unnumbered Loopback0

    IP mtu 1492

    IP virtual-reassembly

    AutoDetect encapsulation ppp

    by default PPP peer ip address pool

    PPP mppe auto encryption required

    PPP authentication ms-chap-v2

    !

    !

    interface Dialer1

    the negotiated IP address

    NAT outside IP

    IP virtual-reassembly

    encapsulation ppp

    Dialer pool 1

    Dialer-Group 1

    PPP authentication pap callin

    PPP pap sent-username DSLUSERNAME password DSLPASSWORD

    No cdp enable

    !

    !

    IP local pool PPP 192.168.207.200 192.168.207.250

    IP forward-Protocol ND

    !

    !

    overload of IP nat inside source list NAT_ACL interface Dialer1

    IP nat inside source static tcp 192.168.192.XX 25 expandable 25 82.XXX.XXX.XXX

    IP nat inside source static tcp 192.168.192.XX 1352 82.XXX.XXX.XXX 1352 extensible

    IP route 0.0.0.0 0.0.0.0 Dialer1

    !

    NAT_ACL extended IP access list

    deny ip 192.168.192.0 0.0.0.255 192.168.YYY.0 0.0.0.255

    deny ip 192.168.192.0 0.0.0.255 192.168.YYY.0 0.0.0.255

    deny ip 192.168.192.0 0.0.0.255 192.168.YYY.0 0.0.0.255

    deny ip 192.168.192.0 0.0.0.255 192.168.YYY.0 0.0.0.255

    permit tcp 192.168.192.0 0.0.0.255 any eq www

    permit tcp 192.168.192.0 0.0.0.255 any eq 443

    permit tcp 192.168.192.0 0.0.0.255 any eq 1352

    permit tcp host 192.168.192.XX no matter what eq smtp

    permit tcp 192.168.192.0 0.0.0.255 any eq 22

    permit tcp host 192.168.192.XX no matter what eq field

    permit tcp host 192.168.192.XX no matter what eq field

    permit tcp host 192.168.192.XX no matter what eq field

    allowed UDP host 192.168.192.XX matter what eq field

    allowed UDP host 192.168.192.XX matter what eq field

    allowed UDP host 192.168.192.XX matter what eq field

    !

    host 192.168.192.XX auth-port 1645 1646 RADIUS server acct-port

    Server RADIUS IASKEY key

    !

    control plan

    !

    !

    !

    Line con 0

    line to 0

    line vty 0 4

    line vty 5 15

    !

    Scheduler allocate 20000 1000

    end

    Debugging is followed:

    14:47:51.755 on 21 oct: PPP: Alloc context [294C7BC4]

    14:47:51.755 on 21 oct: ppp98 PPP: Phase is

    14:47:51.755 on 21 oct: ppp98 PPP: using AAA Id Unique = 8 b

    14:47:51.755 on 21 oct: ppp98 PPP: permission NOT required

    14:47:51.755 on 21 oct: ppp98 PPP: via vpn, set the direction of the call

    14:47:51.755 on 21 oct: ppp98 PPP: treatment of connection as a callin

    14:47:51.755 on 21 oct: ppp98 PPP: Session Session handle [62] id [98]

    14:47:51.755 on 21 oct: ppp98 TPIF: State of the event [OPEN] [initial check]

    14:47:51.755 on 21 oct: ppp98 PPP LCP: switch to passive mode, State [stopped]

    14:47:53.759 on 21 oct: ppp98 PPP LCP: exit passive mode, State [departure]

    14:47:53.759 on 21 oct: LCP ppp98: O CONFREQ [departure] id 1 len 19

    14:47:53.759 on 21 oct: ppp98 TPIF: MRU 1464 (0x010405B8)

    14:47:53.759 on 21 oct: ppp98 TPIF: AuthProto MS-CHAP-V2 (0x0305C22381)

    14:47:53.759 on 21 oct: ppp98 TPIF: MagicNumber 0xF018D237 (0x0506F018D237)

    14:47:53.759 on 21 oct: ppp98 TPIF: event [UP] State [departure at REQsent]

    14:47:54.351 on 21 oct: ppp98 TPIF: I CONFREQ [REQsent] id 0 len 18

    14:47:54.351 on 21 oct: ppp98 TPIF: MRU 1400 (0 x 01040578)

    14:47:54.351 on 21 oct: ppp98 TPIF: MagicNumber 0x2F7C5F7E (0x05062F7C5F7E)

    14:47:54.351 on 21 oct: ppp98 TPIF: PFC (0 x 0702)

    14:47:54.351 on 21 oct: ppp98 TPIF: RAC (0 x 0802)

    14:47:54.351 on 21 oct: LCP ppp98: O CONFNAK [REQsent] id 0 len 8

    14:47:54.351 on 21 oct: ppp98 TPIF: MRU 1464 (0x010405B8)

    14:47:54.351 on 21 oct: ppp98 TPIF: State of the event [receive ConfReq-] [REQsent to REQsent]

    14:47:54.751 on 21 oct: ppp98 TPIF: I CONFACK [REQsent] id 1 len 19

    14:47:54.751 on 21 oct: ppp98 TPIF: MRU 1464 (0x010405B8)

    14:47:54.751 on 21 oct: ppp98 TPIF: AuthProto MS-CHAP-V2 (0x0305C22381)

    14:47:54.751 on 21 oct: ppp98 TPIF: MagicNumber 0xF018D237 (0x0506F018D237)

    14:47:54.751 on 21 oct: ppp98 TPIF: State of the event [receive ConfAck] [REQsent to ACKrcvd]

    14:47:54.915 on 21 oct: ppp98 TPIF: I CONFREQ [ACKrcvd] id 1 len 18

    14:47:54.915 on 21 oct: ppp98 TPIF: MRU 1400 (0 x 01040578)

    14:47:54.915 on 21 oct: ppp98 TPIF: MagicNumber 0x2F7C5F7E (0x05062F7C5F7E)

    14:47:54.915 on 21 oct: ppp98 TPIF: PFC (0 x 0702)

    14:47:54.915 on 21 oct: ppp98 TPIF: RAC (0 x 0802)

    14:47:54.915 on 21 oct: LCP ppp98: O CONFNAK [ACKrcvd] id 1 len 8

    14:47:54.915 on 21 oct: ppp98 TPIF: MRU 1464 (0x010405B8)

    14:47:54.915 on 21 oct: ppp98 TPIF: State of the event [receive ConfReq-] [ACKrcvd to ACKrcvd]

    14:47:55.275 on 21 oct: ppp98 TPIF: I CONFREQ [ACKrcvd] id 2 len 18

    14:47:55.275 on 21 oct: ppp98 TPIF: MRU 1464 (0x010405B8)

    14:47:55.275 on 21 oct: ppp98 TPIF: MagicNumber 0x2F7C5F7E (0x05062F7C5F7E)

    14:47:55.275 on 21 oct: ppp98 TPIF: PFC (0 x 0702)

    14:47:55.275 on 21 oct: ppp98 TPIF: RAC (0 x 0802)

    14:47:55.275 on 21 oct: LCP ppp98: O CONFACK [ACKrcvd] id 2 len 18

    14:47:55.275 on 21 oct: ppp98 TPIF: MRU 1464 (0x010405B8)

    14:47:55.275 on 21 oct: ppp98 TPIF: MagicNumber 0x2F7C5F7E (0x05062F7C5F7E)

    14:47:55.275 on 21 oct: ppp98 TPIF: PFC (0 x 0702)

    14:47:55.275 on 21 oct: ppp98 TPIF: RAC (0 x 0802)

    14:47:55.275 on 21 oct: ppp98 TPIF: State of the event [receive ConfReq +] [ACKrcvd to open]

    14:47:55.295 on 21 oct: ppp98 PPP: Phase is AUTHENTICATING,

    14:47:55.295 on 21 oct: ppp98 MS-CHAP-V2: O CHALLENGE id 1 len 28 of 'gw.izmv '.

    14:47:55.295 on 21 oct: ppp98 TPIF: State is open

    14:47:55.583 on 21 oct: ppp98 MS-CHAP-V2: I ANSWER id 1 len 71 of "domain\username".

    14:47:55.583 on 21 oct: ppp98 PPP: Phase TRANSFER, tempting with impatience

    14:47:55.583 on 21 oct: ppp98 PPP: Phase is AUTHENTICATING, unauthenticated user

    14:47:55.587 on 21 oct: ppp98 PPP: request sent MSCHAP_V2 LOGIN

    14:47:55.591 on 21 oct: ppp98 PPP: received LOGIN response PASS

    14:47:55.591 on 21 oct: ppp98 PPP AUTHOR: author data NOT available

    14:47:55.591 on 21 oct: ppp98 PPP: Phase TRANSFER, tempting with impatience

    14:47:55.595 on 21 oct: Vi3 PPP: Phase is AUTHENTICATING, authenticated user

    14:47:55.595 on 21 oct: Vi3: given msg No. MS_CHAP_V2

    14:47:55.595 on 21 oct: Vi3 MS-CHAP-V2: SUCCESS O id 1 len 46 msg is "tG @ #QDD @(@[email protected] (@[email protected]/ ** / @I @:[email protected]/ ** / @@@ EJFDE)).

    14:47:55.595 on 21 oct: Vi3 PPP: Phase is in PLACE

    14:47:55.595 on 21 oct: Vi3 CPIW: protocol configured, start state cf. [original]

    14:47:55.595 on 21 oct: Vi3 CPIW: State of the event [OPEN] [Initial report on startup]

    14:47:55.595 on 21 oct: Vi3 CPIW: O CONFREQ [departure] id 1 len 10

    14:47:55.595 on 21 oct: Vi3 CPIW: address of 192.168.207.1 (0x0306C0A8CF01)

    14:47:55.595 on 21 oct: Vi3 CPIW: event [UP] State [begins to REQsent]

    14:47:55.595 on 21 oct: Vi3 CCP: protocol configured, start state cf. [original]

    14:47:55.595 on 21 oct: Vi3 CCP: State of the event [OPEN] [Initial report on startup]

    14:47:55.595 on 21 oct: Vi3 CCP: O CONFREQ [departure] id 1 len 10

    14:47:55.595 on 21 oct: Vi3 CCP: MS - PPC supported bits 0 x 01000060 (0 x 120601000060)

    14:47:55.595 on 21 oct: Vi3 CCP: event [UP] State [begins to REQsent]

    14:47:55.599 on 21 oct: % LINK-3-UPDOWN: Interface virtual-access.3, changed State to

    14:47:55.603 on 21 oct: % LINEPROTO-5-UPDOWN: Line protocol on Interface virtual-access.3, changed State to

    14:47:56.027 on 21 oct: Vi3 LCP: I have TERMREQ [open] id 3 len 16

    14:47:56.027 on 21 oct: Vi3 LCP: (0x2F7C5F7E003CCD740000030A)

    14:47:56.027 on 21 oct: Vi3 CPIW: event [BOTTOM] State [REQsent on startup]

    14:47:56.027 on 21 oct: Vi3 CPIW: State of event [CLOSE] [begins with initial]

    14:47:56.027 on 21 oct: Vi3 CCP: event [BOTTOM] State [REQsent on startup]

    14:47:56.027 on 21 oct: Vi3 PPP DISC: MPPE required not negotiated

    14:47:56.027 on 21 oct: Vi3 PPP: sending Acct event [low] id [8B]

    14:47:56.027 on 21 oct: Vi3 CCP: State of event [CLOSE] [start with initial]

    14:47:56.027 on 21 oct: Vi3 LCP: O TERMACK [open] id 3 len 4

    14:47:56.027 on 21 oct: Vi3 LCP: event [receive TermReq] State [Open to stop]

    14:47:56.027 on 21 oct: Vi3 PPP: Phase ENDS

    14:47:56.027 on 21 oct: Vi3 LCP: event [CLOSE] [off status of closing]

    14:47:56.675 on 21 oct: Vi3 PPP: block vaccess to be released [0x10]

    14:47:56.675 on 21 oct: Vi3 LCP: event [CLOSE] State [closing closing]

    14:47:56.679 on 21 oct: Vi3 LCP: event [BOTTOM] State [closing on Initial]

    14:47:56.679 on 21 oct: Vi3 PPP: compensation AAA Id Unique = 8 b

    14:47:56.679 on 21 oct: Vi3 PPP: unlocked by [0x10] always locked by 0 x [0]

    14:47:56.679 on 21 oct: Vi3 PPP: free previously blocked vaccess

    14:47:56.679 on 21 oct: Vi3 PPP: Phase is BROKEN

    14:47:56.679 on 21 oct: % LINK-3-UPDOWN: Interface virtual-access.3, changed State to down

    14:47:56.683 on 21 oct: % LINEPROTO-5-UPDOWN: Line protocol on Interface virtual-access.3, state change downstairs

    I'll be very grateful for any useful suggestions

    We had the same problem using MS-CHAP-V2 and 3945 router using IOS 15.2. When you add the same combination of username/password locally it worked fine but it wasn't no of course of the solution. We have solved this problem by adding the following line in the config file:

    AAA authorization network default authenticated if

    This is because Windows 2000 clients require the use of a statement of authorization aaa in the router config. Maybe it was default (and therefore not shown) previous iOS releases.

    Success!

    Wil Schenkeveld

  • QuickVPN - could not do a ping the remote VPN router!

    Hello

    I have a RV042 (VPN router) and I have some problems to run properly using the QuickVPN client.

    Here is the Log of the QuickVPN client.

    2008-10-15 20:14:38 [STATUS] a network interface detected with 192.168.0.104 IP address
    2008-10-15 20:14:38 [STATUS] connection...
    2008-10-15 20:14:38 [STATUS] connection to a remote gateway with IP address: 96.20.174.84
    2008-10-15 20:14:38 [WARNING] server certificate does not exist on your local computer.
    2008-10-15 20:14:44 remote gateway [STATE] has been reached with https...
    2008-10-15 20:14:44 [STATUS] commissioning...
    2008-10-15 20:14:51 [STATUS] Tunnel is connected successfully.
    2008-10-15 20:14:51 [STATUS] verification of network...
    2008-10-15 20:14:55 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:14:58 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:15:01 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:15:05 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:15:08 [WARNING] failed to do a ping the remote VPN router!
    2008-10-15 20:15:11 [WARNING] Ping has been blocked, which can be caused by an unexpected disconnection.
    2008-10-15 20:15:19 [STATUS] disconnection...
    2008-10-15 20:15:25 [STATUS] Tunnel is disconnected successfully.

    I don't know how it is implemented, but if WuickVPN wait a form ping my router, it will not happen. I was never able to ping my router ouside of my ISP network.

    There is a way to disable the Ping process and continue with the VPN connection?

    QuickVPN try ping on the router via the VPN tunnel to check the connection. It should work without worrying about whether your ISP filters ICMP messages or not. The tunnel is encrypted your ISP won't know what you're doing.

    Please post the corresponding on the RV042 VPN log. That is expected to see how far you get.

    You have a firewall running on the computer? I think that some firewalls have difficulty with the traffic of ESP.

    What is the router that is connected to the computer? How is it that is configured?

  • Cannot open an L2TP VPN tunnel behind a router 806.

    This is the scenario:

    My ISP provider provides pppoE.

    When I connect a PC directly to the ADSL modem, I can open my L2TP VPN and VPN works fine and I am able to navigate.

    When I connect the PC behind 806, I get a private pool in 806 IP and I am able to navigate, but PC, I open my VPN L2TP software utility (same as before) and cannot open the VPN.

    Could you please tell me what config I shoul put in router to open the tunnel of 806 instead of op VPN software utility? The difference is that now 806 global IP gets rather od PC.

    So I know now tunnel should be open from the router, but I Don t know what I have lines shlould Add.

    Help, please!

    I thinkl you want is VPN passthrough, the answer to that is the version of the IOS, I think IOS version 12.2 and allows VPN Passthru especially. There is no other configuration required just to 12.2 or above

  • S2S VPN - cannot get the tunnel upward

    I couldn't lift a VPN site-to site because of a configuration error that I can't fix

    The topology is Server1 > Hub > ASA - 1 ASA-2<><>

    When I launch a ping server 1 Server 2 to try to get out of the tunnel to the top, I get the following error:

    % ASA-6-110002: unable to locate the output for ICMP inside:192.168.100.2/2655 to 192.168.200.2/0 interface

    No matter which side I am ping, I get the error on both of the ASA. Here is the config for the two ASA, thanks for any help.

    !
    ASA-1 hostname
    !
    interface GigabitEthernet0
    nameif outside
    security-level 0
    IP 80.1.1.1 255.255.255.252
    !
    interface GigabitEthernet1
    nameif inside
    security-level 100
    IP 192.168.100.1 address 255.255.255.0
    !
    passive FTP mode
    network of the PC_LAN object
    255.255.255.0 subnet 192.168.100.0
    network of the REMOTE_LAN object
    192.168.200.0 subnet 255.255.255.0
    extended access list ACL-OUTSIDE-PING icmp permitted any one
    LAB_S2S_VPN to access extended list ip 192.168.100.0 allow 255.255.255.0 192.168.200.0 255.255.255.0 connect
    LAB_S2S_VPN list extended access allow icmp 192.168.100.0 255.255.255.0 192.168.200.0 255.255.255.0 connect
    pager lines 24
    Enable logging
    exploitation forest-size of the buffer of 6000
    debug logging in buffered memory
    Outside 1500 MTU
    Within 1500 MTU
    ICMP unreachable rate-limit 1 burst-size 1
    ICMP allow any inside
    ARP timeout 14400
    NAT static PC_LAN PC_LAN destination (indoor, outdoor) static source REMOTE_LAN REMOTE_LAN
    Access-Group ACL-OUTSIDE-PING to the interface inside
    Timeout xlate 03:00
    Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
    Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
    Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    Floating conn timeout 0:00:00
    dynamic-access-policy-registration DfltAccessPolicy
    identity of the user by default-domain LOCAL
    No snmp server location
    No snmp Server contact
    Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
    Crypto ipsec transform-set ikev1 aes-esp - SHA-AES-ESP esp-sha-hmac
    card crypto VPN_CRYPTO_MAP 1 corresponds to the address LAB_S2S_VPN
    card crypto VPN_CRYPTO_MAP 1 set peer 80.1.1.2
    card crypto VPN_CRYPTO_MAP 1 set transform-set ESP-AES-SHA ikev1
    VPN_CRYPTO_MAP interface card crypto outside
    Crypto ikev1 allow outside
    IKEv1 crypto policy 10
    preshared authentication
    aes encryption
    sha hash
    Group 2
    life 86400
    management-access inside
    a basic threat threat detection
    Statistics-list of access threat detection
    no statistical threat detection tcp-interception
    tunnel-group 80.1.1.2 type ipsec-l2l
    IPSec-attributes tunnel-group 80.1.1.2
    IKEv1 pre-shared-key *.

    ASA-2 host name
    !
    interface GigabitEthernet0
    nameif outside
    security-level 0
    IP 80.1.1.2 255.255.255.252
    !
    interface GigabitEthernet1
    nameif inside
    security-level 100
    192.168.200.1 IP address 255.255.255.0
    !
    interface GigabitEthernet2
    Shutdown
    No nameif
    no level of security
    no ip address
    !
    passive FTP mode
    network of the PC_LAN object
    192.168.200.0 subnet 255.255.255.0
    network of the REMOTE_LAN object
    255.255.255.0 subnet 192.168.100.0
    extended access list ACL-OUTSIDE-PING icmp permitted any one
    LAB_S2S_VPN to access extended list ip 192.168.200.0 allow 255.255.255.0 192.168.100.0 255.255.255.0 connect
    LAB_S2S_VPN list extended access allow icmp 192.168.200.0 255.255.255.0 192.168.100.0 255.255.255.0 connect
    pager lines 24
    Outside 1500 MTU
    Within 1500 MTU
    no failover
    ICMP unreachable rate-limit 1 burst-size 1
    don't allow no asdm history
    ARP timeout 14400
    NAT static REMOTE_LAN REMOTE_LAN destination (indoor, outdoor) static source PC_LAN PC_LAN
    Timeout xlate 03:00
    Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
    Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
    Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    Floating conn timeout 0:00:00
    dynamic-access-policy-registration DfltAccessPolicy
    identity of the user by default-domain LOCAL
    Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
    Crypto ipsec transform-set ikev1 aes-esp - SHA-AES-ESP esp-sha-hmac
    card crypto VPN_CRYPTO_MAP 1 corresponds to the address LAB_S2S_VPN
    card crypto VPN_CRYPTO_MAP 1 set peer 80.1.1.1
    card crypto VPN_CRYPTO_MAP 1 set transform-set ESP-AES-SHA ikev1
    VPN_CRYPTO_MAP interface card crypto outside
    Crypto ikev1 allow outside
    IKEv1 crypto policy 10
    preshared authentication
    aes encryption
    sha hash
    Group 2
    life 86400
    Telnet timeout 5
    SSH timeout 5
    Console timeout 0
    a basic threat threat detection
    Statistics-list of access threat detection
    no statistical threat detection tcp-interception
    tunnel-group 80.1.1.1 type ipsec-l2l
    IPSec-attributes tunnel-group 80.1.1.1
    IKEv1 pre-shared-key *.
    !

    You won't have a road to 192.168.200.2 so he was not able to locate the next hop for the traffic of the tunnel.

    These static routes adding causes all traffic to be sent to the default gateway of the internet, including VPN and VPN traffic not.
    So adding a route for 192.168.200.0 pointing to 80.1.1.X gave the same results.

    Kind regards
    Dinesh Moudgil

    PS Please rate helpful messages.

  • VPN router to the problem of the ASA

    Hello world.

    I am doing a VPN between a router and a series of ASA5500 and difficulties.

    The router part is 100% correct because it is a daily task, but miss me something on the side of the ASA of the things.

    The ASA also has remote via IPsec tunnels clients as you'll see below, so I have to make sure that continues to work!

    It is a fairly urgent question. So any help or advice can be provided, it would be very appreciated!

    Here is the router part:

    !

    crypto ISAKMP policy 1

    BA 3des

    preshared authentication

    Group 2

    isakmp encryption key * ASA-PUBLIC-IP address

    ISAKMP crypto keepalive 100

    !

    !

    Crypto ipsec transform-set transform-set esp-3des esp-md5-hmac

    !

    10 customers map ipsec-isakmp crypto

    defined ASA-PUBLIC-IP peer

    transform-set transform-Set

    match address 102

    QoS before filing

    !

    !

    Access-list 100 remark [== NAT control ==]

    access-list 100 deny ip 192.168.2.0 0.0.0.255 10.1.1.0 0.0.0.255

    access-list 100 permit ip 192.168.2.0 0.0.0.255 any

    Access-list 102 remark == [VPN access LISTS] ==

    access-list 102 permit ip 192.168.2.0 0.0.0.255 10.1.1.0 0.0.0.255

    Access-list 102 remark

    (Crypto card has been applied to the corresponding interface)

    SIDE OF THE ASA:

    permit inside_nat0_outbound to access extended list ip 10.1.1.0 255.255.255.0 10.1.1.192 255.255.255.224

    prevpn_splitTunnelAcl list standard access allowed 10.1.1.0 255.255.255.0

    access-list Interior-access-in extended permit ip 10.1.1.0 255.255.255.0 any

    access-list Interior-access-in extended permit icmp 10.1.1.0 255.255.255.0 any

    access list for distance-extended permitted ip network 10.1.1.0 255.255.255.0 192.168.2.0 255.255.255.0

    Global (outside) 1 ASA-PUBLIC-IP

    NAT (inside) 0-list of access inside_nat0_outbound

    NAT (inside) 1 10.1.1.0 255.255.255.0

    NAT (inside) 0 192.168.2.0 255.255.255.0

    Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac

    Crypto-map dynamic outside_dyn_map 20 the transform-set ESP-3DES-MD5 value

    card crypto outside_map 40 match remote-network address

    card crypto outside_map 40 game peers REMOTE-router-IP

    outside_map card crypto 40 the transform-set ESP-3DES-MD5 value

    map outside_map 65535-isakmp ipsec crypto dynamic outside_dyn_map

    outside_map interface card crypto outside

    ISAKMP allows outside

    part of pre authentication ISAKMP policy 10

    ISAKMP policy 10 3des encryption

    ISAKMP policy 10 md5 hash

    10 2 ISAKMP policy group

    ISAKMP life duration strategy 10 86400

    tunnel-group prevpn type ipsec-ra

    tunnel-group prevpn General-attributes

    address pool VPN-pool

    Group Policy - by default-prevpn

    prevpn group of tunnel ipsec-attributes

    pre-shared-key *.

    tunnel-group REMOTE-router-IP type ipsec-l2l

    REMOTE-router-IP tunnel-group ipsec-attributes

    pre-shared-key *.

    Hi Chris

    first on the router make this change to littil than u ned to add md5 as hashing whil employees u th in the asa and the router u did not, so the default is sha!

    do

    crypto ISAKMP policy 1

    md5 hash

    now on the SAA as I see that there is a problem in nat0 you line l2l tunnel

    so that you need to look like:

    permit inside_nat0_outbound to access extended list ip 10.1.1.0 255.255.255.0 192.168.2.0 255.255.255.0

    You also need a permit for the ipsec traffic, the following command will allow all ipsec traffic if you want to filter traffic not to use this command and use rather ACLs on the external interface, but following that to allow all traffic to your L2L and remote vpn access:

    Permitted connection ipsec sysopt

    so, please:

    clear xlate and reload the ASA then attempt to leave the expmtion NAT new effects

    Good luck

    If useful rates

  • Cannot ping vpn client of 1721 cli on the tunnel endpoint

    I have a 1721 fortunately supporting ipsec vpn client connections. With one small exception, everything works perfectly fine.

    The VPN pool is 10.10.10.1 - 10.10.10.254

    The interface internal f0 is attributed to 192.168.1.254/24.

    In my example:

    Ip address of the VPN client is 10.10.10.5

    The host address of an arbitrary machine on the internal lan is 192.168.1.151

    I am able to ping 192.168.1.151 10.10.10.5

    I'm * not * able to ping 10.10.10.5 192.168.1.254 using the cli on the 1721.

    There is a very good reason to want to solve this problem. I would like to be able to access a tftp server on the client vpn directly from the router in order to download the new startup-config files. Is it possible to get the traffic of vpn-/ tunnel-point endpoint client tftp to travel through the tunnel?

    When you ping from the CLI on the router, the packet will be from the external interface, not the IP address fa0 interface. The VPN client and the router only built a tunnel from the 10.10.10.5 address the 192.168.1.0 network, then the router not cryptera a package that her origin is outside the IP address.

    Try to ping extended to 10.10.10.5 and source of 192.168.1.254 package and see if it works. If it does, you will have also to the source of your TFTP packets from inside interface, you can do with:

    IP tftp source interface fa0

Maybe you are looking for

  • Satego X 200-21 L - 3 beeps at startup

    Hello first of all, sorry, my English is not very good, but I can't find a German forum. I hope you understand what I want :-) Here, I have the laptop (subject) and when I try to start it, there is nothing on the screen. Black. Only 3 beeps. Am I jus

  • iCloud does not accept the password

    Despite the State page saying there is no problem on December 27, 2015 at 1800, iCloud does not accept my password anywhere, but the web page to iCloud.

  • HP dm4 connected does not support

    I turned on my computer today and my battery did not work at all. The computer will be ony work when I have the AC adapter is plugged. I hover over the battery icon and it says 0% available (plugged in, does not support). I had this problem before, b

  • Rapid drop window problem

    The Quick Drop window is now extended (see below) and I do not know how to return to its original size. What should I do?

  • HP 1050a printer has no action the printer

    I use printer 1050A printing fades. I am trying to clean the heads and to see the ink levels, but I have no printer hp "action of the printer. I used the updates but still nothing. No maintenance task, no printertoolbox. What can I do? Is there a dri