do not access my home network via antconnect
I am able to connect through the anyconnect client and get an ip address, but I am not able to access my administration (internal network)
Administration = 10.18.1.120
VPN pool = 172.16.10.0/28
10.17.13.120 outside
This is my config
ASA 1.0000 Version 2
!
!
interface GigabitEthernet0/0
nameif administration
security-level 100
IP 10.18.1.120 255.255.0.0
!
interface GigabitEthernet0/1
nameif outside
security-level 0
IP 10.17.13.120 255.255.0.0
!
interface GigabitEthernet0/2
nameif admin-out13
security-level 0
IP 10.13.1.120 255.255.0.0
!
interface GigabitEthernet0/3
nameif VOIP
security-level 0
IP 10.90.100.120 255.255.0.0
!
passive FTP mode
network of the NETWORK_OBJ_172.16.10.0_29 object
subnet 172.16.10.0 255.255.255.248
network of the Admin_Email_Server object
Home 10.18.4.120
e-mail Description admin server
network of the Admin_Srv_Farm object
10.18.4.0 subnet 255.255.255.0
Description subenet where the admin servers are hosted
ICMP-type of object-group ICMP_Group
alternate address ICMP-object
ICMP-object-conversion error
echo ICMP-object
response to echo ICMP-object
ICMP-object information-response
ICMP-object-request for information
ICMP object-mask-reply
Mask-request ICMP-object
ICMP-object mobile-redirect
ICMP-object-parameter problem
redirect ICMP-object
ICMP-object-announcement of router
ICMP-object-solicitation of router
Object-ICMP source-quench
ICMP-object has exceeded the time
ICMP-object-response to timestamp
Timestamp-request ICMP-object
Object-ICMP traceroute
ICMP-unreachable object
object-group Protocol TCPUDP
object-protocol udp
object-tcp protocol
pager lines 24
Enable logging
asdm of logging of information
management of MTU 1500
administration of MTU 1500
Outside 1500 MTU
Admin-out13 MTU 1500
ip_phones MTU 1500
local pool ADMIN_VPN_POOL 172.16.10.1 - 172.16.10.10 255.255.255.0 IP mask
no failover
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 66114.bin
don't allow no asdm history
ARP timeout 14400
NAT (administration, outside) static source any any static destination NETWORK_OBJ_172.16.10.0_29 NETWORK_OBJ_172.16.10.0_29 non-proxy-arp-search to itinerary
public static NETWORK_OBJ_172.16.10.0_29 NETWORK_OBJ_172.16.10.0_29 destination NAT (outside directors) static source Admin_Srv_Farm Admin_Srv_Farm
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
LOCAL AAA authentication serial console
AAA authentication LOCAL telnet console
the ssh LOCAL console AAA authentication
Enable http server
http 10.18.0.0 255.255.0.0 administration
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
Crypto ipsec ikev2 ipsec-proposal OF
encryption protocol esp
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 proposal ipsec 3DES
Esp 3des encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES
Esp aes encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES192
Protocol esp encryption aes-192
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 AES256 ipsec-proposal
Protocol esp encryption aes-256
Esp integrity sha - 1, md5 Protocol
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 define ikev2 AES256 AES192 AES 3DES ipsec-proposal OF
outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
outside_map interface card crypto outside
Crypto ca trustpoint ASDM_TrustPoint0
registration auto
name of the object CN = admin-pare-fire
Configure CRL
string encryption ca ASDM_TrustPoint0 certificates
Crypto ikev2 activate out of service the customer port 443
Crypto ikev2 access remote trustpoint ASDM_TrustPoint0
Telnet timeout 5
SSH timeout 5
Console timeout 0
dhcpd address 10.90.100.1 - 10.90.100.100 ip_phones
dhcpd 4.2.2.2 dns 8.8.8.8 interface ip_phones
dhcpd lease 1800 interface ip_phones
dhcpd field uz.ac.zw interface ip_phones
dhcpd option 3 ip 10.90.1.254 interface ip_phones
ip_phones enable dhcpd
!
!
maximum session 1000 TLS-proxy
!
a basic threat threat detection
threat detection statistics
a statistical threat detection tcp-interception rate-interval 30 burst-400-rate average rate 200
SSL-trust outside ASDM_TrustPoint0 point
WebVPN
allow outside
AnyConnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
AnyConnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2
AnyConnect profiles ITADMIN_VPN_client_profile disk0: / ITADMIN_VPN_client_profile.xml
AnyConnect enable
tunnel-group-list activate
internal GroupPolicy_ITADMIN_VPN group strategy
attributes of Group Policy GroupPolicy_ITADMIN_VPN
WINS server no
value of 10.18.4.120 DNS server 10.50.7.178
client ssl-VPN-tunnel-Protocol ikev2
uz.AC.ZW value by default-field
WebVPN
AnyConnect value ITADMIN_VPN_client_profile type user profiles
webster nwgth7HVlZ/qiWnP password encrypted username
webster username attributes
type of remote access service
username admin password encrypted xxxxxxxxxxx privilege 15
username user2 encrypted password privilege 15 xxxxxxxxxxx
attributes of user user2 name
type of remote access service
type tunnel-group ITADMIN_VPN remote access
attributes global-tunnel-group ITADMIN_VPN
address ADMIN_VPN_POOL pool
Group Policy - by default-GroupPolicy_ITADMIN_VPN
tunnel-group ITADMIN_VPN webvpn-attributes
enable ITADMIN_VPN group-alias
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
class class by default
Statistical accounting of user
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:c9820a69d5b4fb9e3f7cce253f2450e4
After the addition of administration management-access command, please check if you are able to ping to the administration interface (ip = 10.18.1.120) of the remote user's machine. In addition, run this command on the ASA.
Packet-trace entry administration icmp
Once you run this copy please order the output and the share here. Please see links to the ip address of the host, sitting behind the administration interface that you think that the ip address of the internal host should be able to ping from outside. Assigned ip address is the ip address that is assigned to the pool anyconnect client.
Share the details here and we will be able to understand the question.
Thank you
Vishnu
Tags: Cisco Security
Similar Questions
-
Need help to access the internal network via VPN on ASA5505 8.4 (1)
Recently, I upgraded my ASA5055 from 8.02 to 8.4 and since I have updated to the new version I can access my home network is no longer through the VPN. I can connect to the VPN with no problems however I can no longer ping or you connect to my network of 10.0. Someone would be kind enough to look at my config and tell me what needs to be added to make it work? In my old config, I had a statement of NAT for VPN that is no longer here.
I also wanted to configure WebVPN to work as well, and this is something that I've never been able to understand. Is it also possible that I can be on my 20.0 network and connect to the VPN and access 10.0 as well? When it is connected to my network of 20.0 I'm not received credentials to connect to the VPN. I would be grateful if someone can help out me. The major part of this is the first part of this question.
My configuration:
ASA Version 8.4 (1)
!
ASA5505 hostname
domain xxxxxxxx.dyndns.org
enable encrypted password xxxxxxxxxxxx
xxxxxxxxxxxxxxx encrypted passwd
names of
nameserver 192.168.10.2
Office of name 192.168.10.3
name Canon 192.168.10.5
name 192.168.10.6 mvix
name 192.168.10.7 xbox
name 192.168.10.8 dvr
name 192.168.10.9 bluray
name 192.168.10.10 lcd
name 192.168.10.11 mp620
name 192.168.10.12 kayla
name 192.168.1.1 asa5505
name 192.168.1.2 ap1
name 192.168.10.4 mvix2
name 192.168.10.13 lcd2
name 192.168.10.14 dvr2
!
interface Vlan1
nameif management
security-level 100
IP address asa5505 255.255.255.248
management only
!
interface Vlan2
0050.8db6.8287 Mac address
nameif outside
security-level 0
IP address dhcp setroute
!
interface Vlan10
nameif private
security-level 100
IP 192.168.10.1 255.255.255.224
!
interface Vlan20
nameif Public
security-level 100
IP 192.168.20.1 255.255.255.224
!
interface Ethernet0/0
Description pointing to WAN
switchport access vlan 2
!
interface Ethernet0/1
Uplink port Linksys 12 description
switchport access vlan 10
!
interface Ethernet0/2
Description Server 192.168.10.2/27
switchport access vlan 10
!
interface Ethernet0/3
Uplink Eth1 management description
!
interface Ethernet0/4
switchport access vlan 30
!
interface Ethernet0/5
switchport access vlan 30
!
interface Ethernet0/6
switchport access vlan 30
!
interface Ethernet0/7
Description of Cisco 1200 Access Point
switchport trunk allowed vlan 1,10,20
switchport trunk vlan 1 native
switchport mode trunk
!
Banner motd users only, all others must disconnect now!
boot system Disk0: / asa841 - k8.bin
passive FTP mode
clock timezone PST - 8
clock summer-time recurring PDT
DNS server-group DefaultDNS
domain xxxxxxx.dyndns.org
network object obj - 192.168.50.0
192.168.50.0 subnet 255.255.255.0
Server network objects
host 192.168.10.2
network object obj - 192.168.10.0
192.168.10.0 subnet 255.255.255.224
network object obj - 192.168.20.0
subnet 192.168.20.0 255.255.255.224
network server-01 object
host 192.168.10.2
network server-02 object
host 192.168.10.2
xbox network object
Home 192.168.10.7
xbox-01 network object
Home 192.168.10.7
xbox-02 network object
Home 192.168.10.7
xbox-03 network object
Home 192.168.10.7
xbox-04 network object
Home 192.168.10.7
network server-03 object
host 192.168.10.2
network server-04 object
host 192.168.10.2
network server-05 object
host 192.168.10.2
Desktop Network object
host 192.168.10.3
kayla network object
Home 192.168.10.12
Home_VPN_splitTunnelAcl list standard access allowed 192.168.10.0 255.255.255.224
outside_access_in list extended access permit tcp any any eq 3389
outside_access_in list extended access permit tcp any any eq 2325
outside_access_in list extended access permit tcp any eq ftp server object
outside_access_in list extended access permit tcp any any eq 5851
outside_access_in list extended access udp allowed any any eq 5850
outside_access_in list extended access permit tcp any any eq pptp
outside_access_in list extended access udp allowed any any eq syslog
outside_access_in list extended access udp allowed any any eq 88
outside_access_in list extended access udp allowed any any eq 3074
outside_access_in list extended access permit tcp any any eq 3074
outside_access_in list extended access permit tcp any any eq field
outside_access_in list extended access udp allowed any any eq field
outside_access_in list extended access permitted tcp everything any https eq
outside_access_in list extended access permit tcp any eq ssh server object
outside_access_in list extended access permit tcp any any eq 2322
outside_access_in list extended access permit tcp any any eq 5900
outside_access_in list extended access permit icmp any any echo response
outside_access_in list extended access permit icmp any any source-quench
outside_access_in list extended access allow all unreachable icmp
outside_access_in list extended access permit icmp any one time exceed
outside_access_in list extended access udp allowed any any eq 5852
KaileY_splitTunnelAcl list standard access allowed 192.168.10.0 255.255.255.224
pager lines 24
Enable logging
timestamp of the record
exploitation forest-size of the buffer of 36000
logging warnings put in buffered memory
recording of debug trap
asdm of logging of information
address record [email protected] / * /
exploitation forest-address recipient [email protected] / * / level of errors
Management Server host forest
MTU 1500 management
Outside 1500 MTU
MTU 1500 private
MTU 1500 Public
local pool IPPOOL 192.168.50.2 - 192.168.50.10 255.255.255.0 IP mask
local pool VPN_POOL 192.168.100.2 - 192.168.100.10 255.255.255.0 IP mask
no failover
ICMP unreachable rate-limit 1 burst-size 1
ICMP allow all outside
ASDM image disk0: / asdm - 641.bin
don't allow no asdm history
ARP timeout 14400
!
Server network objects
NAT (private, foreign) static tcp ftp 5851 service interface
network object obj - 192.168.10.0
NAT (private, foreign) dynamic interface
network object obj - 192.168.20.0
NAT (outside) dynamic public interface
network server-01 object
NAT (private, outside) interface static 2325 2325 tcp service
network server-02 object
NAT (private, outside) interface static udp syslog syslog service
xbox network object
NAT (private, outside) interface static service udp 88 88
xbox-01 network object
NAT (private, outside) interface static service udp 3074-3074
xbox-02 network object
NAT (private, outside) interface static service tcp 3074-3074
xbox-03 network object
NAT (private, outside) interface static tcp domain domain service
xbox-04 network object
field of the udp NAT (private, foreign) of the static interface function
network server-03 object
NAT (private, outside) interface static tcp https https service
network server-04 object
Static NAT (private, outside) interface service tcp ssh 2322
network server-05 object
NAT (private, outside) interface static 5900 5900 tcp service
Desktop Network object
NAT (private, outside) interface static service tcp 3389 3389
kayla network object
NAT (private, outside) interface static service udp 5852 5852
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-registration DfltAccessPolicy
AAA authentication enable LOCAL console
AAA authentication http LOCAL console
the ssh LOCAL console AAA authentication
AAA authentication LOCAL telnet console
Enable http server
http 192.168.1.0 255.255.255.248 management
redirect http outside 80
location of SNMP server on the Office floor
SNMP Server contact [email protected] / * /
Community SNMP-server
Server enable SNMP traps snmp authentication linkup, linkdown cold start
No vpn sysopt connection permit
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
Crypto-map dynamic outside_dyn_map pfs set 20 Group1
Crypto-map dynamic outside_dyn_map 20 set transform-set ESP-3DES-SHA ikev1
life together - the association of security crypto dynamic-map outside_dyn_map 20 28800 seconds
Crypto-map dynamic outside_dyn_map 20 kilobytes of life together - the association of safety 4608000
map outside_map 65535-isakmp ipsec crypto dynamic outside_dyn_map
outside_map interface card crypto outside
Crypto ikev1 allow outside
IKEv1 crypto policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
Telnet timeout 5
SSH 192.168.1.0 255.255.255.248 management
SSH 0.0.0.0 0.0.0.0 outdoors
SSH timeout 30
Console timeout 30
access to administration management
dhcpd dns 24.205.1.14 66.215.64.14
dhcpd ping_timeout 750
dhcpd field xxxxxxxx.dyndns.org
dhcpd outside auto_config
!
dhcpd manage 192.168.1.4 - 192.168.1.5
dhcpd enable management
!
dhcpd address private 192.168.10.20 - 192.168.10.30
enable private dhcpd
!
dhcpd 192.168.20.2 public address - 192.168.20.30
dhcpd enable Public
!
a basic threat threat detection
statistical threat detection port
Statistical threat detection Protocol
Statistics-list of access threat detection
no statistical threat detection tcp-interception
Server NTP 192.43.244.18
Server NTP 129.6.15.28
WebVPN
internal Home_VPN group strategy
attributes of Group Policy Home_VPN
value of 8.8.8.8 DNS Server 4.2.2.2
Ikev1 VPN-tunnel-Protocol without ssl-client
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list Home_VPN_splitTunnelAcl
value by default-field www.xxxxxx.com
the address value IPPOOL pools
WebVPN
the value of the URL - list ClientlessBookmark
political group internal kikou
group attributes political kikou
value of 8.8.8.8 DNS Server 4.2.2.2
Ikev1 VPN-tunnel-Protocol
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list KaileY_splitTunnelAcl
XXXXXXX.dyndns.org value by default-field
username scottrog encrypted password privilege 0 xxxxxxxxxxxxxx
user_name john encrypted password privilege 0 xxxxxxxxxxxxxxx
username joek encrypted password privilege 0 xxxxxxxxxxxx
eostrike encrypted xxxxxxxxxxxx privilege 15 password username
username almostsi encrypted password privilege 0 xxxxxxxxxxxxxx
username ezdelarosa password xxxxxxxxxxxxxxencrypted privilege 0
type tunnel-group Home_VPN remote access
attributes global-tunnel-group Home_VPN
IPPOOL address pool
LOCAL authority-server-group
authorization-server-group (outside LOCAL)
Group Policy - by default-Home_VPN
authorization required
IPSec-attributes tunnel-group Home_VPN
IKEv1 pre-shared-key *.
type tunnel-group SSLClientProfile remote access
tunnel-group SSLClientProfile webvpn-attributes
enable SSLVPNClient group-alias
tunnel-group type ClientLESS remote access
tunnel-group kanazoé type remote access
attributes global-tunnel-group kanazoé
address VPN_POOL pool
by default-group-policy kikou
tunnel-group KaileY ipsec-attributes
IKEv1 pre-shared-key *.
by default-group Home_VPN tunnel-Group-map
!
!
context of prompt hostname
call-home
Profile of CiscoTAC-1
no active account
http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address
email address of destination [email protected] / * /
destination-mode http transport
Subscribe to alert-group diagnosis
Subscribe to alert-group environment
Subscribe to alert-group monthly periodic inventory
monthly periodicals to subscribe to alert-group configuration
daily periodic subscribe to alert-group telemetry
Cryptochecksum:438ed6084bb3dc956574b1ce83f52b86
: end
ASA5505 #.
Here are the declarations of NAT for your first question:
network object obj - 192.168.100.0
255.255.255.0 subnet 192.168.100.0
NAT (private, foreign) source static obj - 192.168.10.0 obj - 192.168.10.0 destination static obj - 192.168.50.0 obj - 192.168.50.0
NAT (private, foreign) source static obj - 192.168.10.0 obj - 192.168.10.0 destination static obj - 192.168.100.0 obj - 192.168.100.0
And 'clear xlate' after the above and that should fix your first question.
I would check your second question and get back to you shortly.
-
I can connect to the internet, but not to my home network
I have a PC running Windows XP SP3, which is connected to a Linksys WRT300N router. I have access to the internet. I can not connect to my home network; don't know what happened. all (3) computers are set to the same workgroup name. I can't find anywhere in the network settings for WinXP that relates my network name. Help!
Thanks for any help you can provide.
John
I guess that the other two computers are working properly and that it can network together and that the only problem is the XP machine. I'm also assuming that this problem persists when the firewall was disabled (including hidden like the one in the Cisco VPN client). I also assume you mean by "is no longer connect to my home network" that you can't see other computers in your network neighborhood. See if this article helps you:
"You can't see the other computers in the workgroup on the network on a Windows XP computer"
<>http://support.Microsoft.com/kb/903267 >If this does not help, try to walk your way through the following:
"How to troubleshoot network domestic in Windows XP"
<>http://support.Microsoft.com/kb/308007 >HTH,
JW -
I opted for the "Restore default settings" option in the firewall while working on a client-side computer. For this reason got disabled the option "remote share' and now I can't access the machine remotely. The machine (which is not in the same network) does not monitor or keyboard attached to her and her to a different location so I can't physically connect you and activate this option.
I tried to disable the firewall remotely, but the following command does not work.
PsExec \\hostname u user_name password cmd.exe PeiIt returns the following:
Could not access ServerName
The network name cannot be found
Make sure you share the default admin$ is enable ServerName
This fact has not resolved the question above.
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem\\\ and create or edit a REG_DWORD LocalAccountTokenFilterPolicy value and set the value to 1
Help, please.
Hello
The question you posted would be better suited in the TechNet Forums. I would recommend posting your query in the TechNet Forums.
TechNet Forum
http://social.technet.Microsoft.com/forums/Windows/en-us/home?Forum=w7itpronetworking%2Cw7itprovirt&filter=AllTypes&sort=lastpostdescHope this information is useful.
-
Pavillion dv 9700 not connect to home network
My laptop does not connect to my home network. I entered password OK-key security, all this and it does not connect. When it connects to the network, it will connect to the internet. I reset the ip address, reset the network for both cards a Wi - Fi connection and wireless and yet nothig happens. Same pop-up error messages saying reset the ip address, to reset the network adapter, or to set a firewall that I can't find on my network. Im running Vista Home Premium
Hello
Download and use the Norton Removal Tool from here. I'm 100%, then it will work. It's a bad uninstall of norton product or some kind of problem with this program.
-
Error 1606: Could not access location %APPDATA%\ network
A year ago, I installed Office Word 2007. For the past 4 months, I could not access my files in Word. When I try to open Word, I get... "Error 1606: could not access network location % APPDATA%\" »
PLEASE... Tell me what I need to do to correct the problem. I have there ini files and I need immediate access!
Thank you!
Please see if the help article:
You receive an "Error 1606" error message when you try to install or remove a program from Microsoft
HAL
--
HAL Hostetler, TCE
Engineer senior/UPDATED--MS MVP-Print/Imaging - WA7BGX
www.kvoa.com - KVOA television, Tucson, AZ.
Live Hot Licks - www.badnewsbluesband.comcom -
How can I block a unknown user to access my home network on windows 7?
I discovered an access device to my network which does not belong there. I can't access, so I can't really do anything to the extent of the see who it is. I thought it was just someone leeches off my wifi hotspot, but when I turned off wifi, they log. When I try to access this unknown, my computer tells me that, basically, the unit is not there. How can I put an end to unwanted access to my network guests? I think it would be not possible, given that the network requires a password to gain access. I did not the password to anyone except those authorized, and yet, here I have a device owned by a person named "Griff" connected to my network.
I have already been burned by leechers unauthorized hiding behind my IP and downloading illegal or pirated content. I don't want this headache yet. How can I stop this?
Here's my view of what has been published. Disabling the SSID broadcast will stop that casual leechers. #2 will not accomplish all that it's someone who connect to your network. #3 is a given... you need to change your password and #4 is probably your best choice, but I would like to change it, so that only the mac addresses you specify can connect to the network.
I hope this helps.
-
HP pavilion dv6 3236nr wil not not allow me to access my home network.
I'll try to connect, but it always says that it is "identifing" and then say "unidentified network". recently he just said "unidentified network" whenever I try to connect. Any help?
Hello
What security software you have installed?
Try the following.
Judgment of the laptop. Tap here to f8 start you toward the top access to the Windows Recovery Console. Use the arrow keys to select "Safe Mode with network" and press ENTER. Let windows take over completely in this mode and see if you can access the internet - choose only a known "safe site" such as Microsoft and HP that your security software will not work in this mode. To exit Safe Mode, just restart the laptop in the usual way and Windows does not start normally.
Let me know the result.
Kind regards
DP - K
-
Error 1606: Could not access the location network 0
Every time I download any software with msi.exe, the software interface says first "Computing space required" and follows this error message "Error 1606 could access the network 0 location . "
I've used windows install Cleanup utility software and also used the link "start > run > Regedit >... > recent removal." Yet the problem persists
Sincerely, Kelly Kelly
This problem occurs because there is incorrect entries in the Shell folder of the user who is logged on to Microsoft Windows. When Windows Installer goes to the sale of Shell folder of the user who is logged on to the computer, Windows Installer cannot locate the correct entry. The solution is in http://support.microsoft.com/default.aspx/kb/886549.
The steps to correct this problem involve editing the Windows registry. Change the settings of the REGISTRY can cause serious problems that may prevent your computer from starting properly. Microsoft cannot guarantee that problems resulting from the REGISTRY settings configuration can be solved. Changes to these settings are at your own risk. I suggest that you first back up your registry as follows: http://windows.microsoft.com/en-US/windows-vista/Back-up-the-registry.
Here are the steps to fix it.
1. click on start, run, type regedit in the Open box, and then click OK.
2. look for the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell dossiers\
3 remove the entries that show the path that is listed in the error message.
886549 KB http://support.microsoft.com/default.aspx/kb/886549: Regedit open again. In the left pane, click User Shell Folders, point to new, click expandable string value, type the value name that you want to restore (AppData) and then press ENTER. Right click on this value, click change, type the value in the value data for the value name box, and then click OK. The value data must be: % USERPROFILE%\AppData\Roaming.
Step 8 KB 886549 suggests that you also check the values in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders. However, by fixing my problem, I had not to change values in the registry key. If this does not work, follow ALL the steps in the referenced article.
Good luck.
Lorien - MCSA/MCSE/network + / has + - if this post solves your problem, please click the 'Mark as answer' or 'Useful' button at the top of this message. Marking a post as answer, or relatively useful, you help others find the answer more quickly.
-
Its not sent over the network via the Console remotely?
When I connect to a Win XP VM via the network by using the Remote Console. The sounds generated by the VM do not pass to the Remote Console but are heard to the host machine. Is it possibe to have passed to the computer running the Console sounds remotely?
Thank you!
Rick
As others have said implicitly... the remote console is not the best way to connect remotely to your virtual machines. It is best used only for management purposes.
The RC is not effective - it uses too much resources on your host - or it has lots of features.
It is better to use a tool like remote desktop on linux or microsoft using something like freeNX or even VNC flavors.
--
Wil
_____________________________________________________
Visit the new VMware developers at http://www.vi-toolkit.com wiki
-
"Error 1606. Could not access the location network O."
Microsoft KB 886549 does not resolve this issue.
Problem solved. Windows Installer Clean Up correctly deleted the H & R Block - entry KS State.
-
Windows 8 - PC
HP Envy m6
This error occurs when I try to install (restore) my Wisconsin State 2013 by HR Blocktax return.
- Clean the registry.
- Disabled Windows Defender briefly.
- Clean boot today.
- Approximately 45 minute online chat with block of HR who instructed me to clean the boot.
This error message occurs every time I have something new to try to help the problem. Oh, ended up buying PC Cleaner Pro to clean the registry and not only did - she did not help, they don't respond to emails through their contact page.
Help, please!
Hi Kathleen,.
To better understand the issue, let me know if you face any problem during the installation of other programs?
I appreciate your efforts to solve this problem. This problem could occur due to damaged user account or damaged registry keys.
Try the steps listed here and see if it helps.
Method 1:
I suggest you run the fixit who will repair the issues that block program installation or removal because of corrupted registry keys.The problems that the programs cannot be installed or uninstalled
http://support.Microsoft.com/mats/Program_Install_and_UninstallMethod 2:
If the problem persists, we will check whether the product is on a new user account (Administrator).Create a user account
http://Windows.Microsoft.com/en-us/Windows/create-user-account#create-user-account=Windows-8Hope this information helps. Reply to the post with an up-to-date report of the issue so that we can help you further.
-
can not access to vShield Manager via Web
Hello
I have deployed vShield manager Appliance and configured it. However, when I connect Portal accepts the credentials and stops spinning.
I've waited enough for the whole night.
Any help is appreciated.
Thank you
This helped.
Thank you very much
-
AnyConnect to ASA 5505 ver 8.4 unable to ping/access within the network
My AnyConnect VPN to connect to the ASA, but I can not access my home network hosts (tried Split Tunnel and it didn't work either). I intend to use a Split Tunnel configuration, but I thought I would get this job until I've set up this configuration. My inside hosts are on a 10.0.1.0/24 network and networks 10.1.0.0/16. My AnyConnect hosts use 192.168.60.0/24 addresses.
I saw the messages of others who seem similar, but none of these solutions have worked for me. I also tried several configurations NAT and ACLs to allow my internal network to the ANYConnect hosts and return traffic shaping, but apparently I did it incorrectly. I undestand what this worm 8.4 is supposed to be easier to achieve, NAT and others, but I now have in the IOS router it is much simpler.
My setup is included below.
Thanks in advance for your help.
Jerry
*************************************************************
ASA Version 8.4 (4)
!
hostname mxfw
domain moxiefl.com
activate the (deleted) password
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
Shutdown
!
interface Ethernet0/4
Shutdown
!
interface Ethernet0/5
switchport trunk allowed vlan 20.22
switchport mode trunk
!
interface Ethernet0/6
Shutdown
!
interface Ethernet0/7
Shutdown
!
interface Vlan1
nameif inside
security-level 100
IP 10.0.1.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP address dhcp setroute
!
interface Vlan20
nameif dmz
security-level 50
IP 172.26.20.1 255.255.255.0
!
interface Vlan22
nameif dmz2
security-level 50
IP 172.26.22.1 255.255.255.0
!
passive FTP mode
DNS lookup field inside
DNS domain-lookup outside
DNS server-group DefaultDNS
name-server 208.67.222.222
Server name 208.67.220.220
domain moxiefl.com
permit same-security-traffic inter-interface
network of the Generic_All_Network object
subnet 0.0.0.0 0.0.0.0
network of the INSIDE_Hosts object
10.1.0.0 subnet 255.255.0.0
network of the AnyConnect_Hosts object
192.168.60.0 subnet 255.255.255.0
network of the NETWORK_OBJ_192.168.60.0_26 object
255.255.255.192 subnet 192.168.60.0
network of the DMZ_Network object
172.26.20.0 subnet 255.255.255.0
network of the DMZ2_Network object
172.26.22.0 subnet 255.255.255.0
pager lines 24
Within 1500 MTU
Outside 1500 MTU
MTU 1500 dmz
dmz2 MTU 1500
local pool VPN_POOL 192.168.60.20 - 192.168.60.40 255.255.255.0 IP mask
no failover
ICMP unreachable rate-limit 1 burst-size 1
don't allow no asdm history
ARP timeout 14400
NAT dynamic interface of Generic_All_Network source (indoor, outdoor)
NAT (inside, outside) static source INSIDE_Hosts INSIDE_Hosts static destination AnyConnect_Hosts AnyConnect_Hosts-route search
NAT (inside, outside) static source any any static destination NETWORK_OBJ_192.168.60.0_26 NETWORK_OBJ_192.168.60.0_26 non-proxy-arp-search to itinerary
NAT (dmz, outside) dynamic interface of Generic_All_Network source
NAT (dmz2, outside) dynamic interface of Generic_All_Network source
Route inside 10.1.0.0 255.255.0.0 10.0.1.2 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
the ssh LOCAL console AAA authentication
AAA authentication http LOCAL console
Enable http server
http 10.0.0.0 255.0.0.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
Crypto ipsec ikev2 AES256 ipsec-proposal
Protocol esp encryption aes-256
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES192
Protocol esp encryption aes-192
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES
Esp aes encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 proposal ipsec 3DES
Esp 3des encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal OF
encryption protocol esp
Esp integrity sha - 1, md5 Protocol
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 define ikev2 AES256 AES192 AES 3DES ipsec-proposal OF
outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
outside_map interface card crypto outside
Crypto ca trustpoint ASDM_TrustPoint0
registration auto
domain name full anyconnect.moxiefl.com
name of the object CN = AnyConnect.moxiefl.com
Keypairs AnyConnect
Proxy-loc-transmitter
Configure CRL
string encryption ca ASDM_TrustPoint0 certificates
certificate 439 has 4452
3082026c 308201d 5 a0030201 9a 445230 02020443 0d06092a 864886f7 0d 010105
05003048 06035504 03131641 6e79436f 6e6e6563 742e6d6f 78696566 311f301d
6c2e636f 312530 2306092a 864886f7 0d 010902 1616616e 79636f6e 6e656374 6 d
2e6d6f78 6965666c 2e636f6d 31333039 32373037 32353331 5a170d32 301e170d
33303932 35303732 3533315a 3048311f 301D 0603 55040313 16416e79 436f6e6e
6563742e 6d6f7869 65666c2e 636f6d31 86f70d01 09021616 25302306 092a 8648
616e7963 6f6e6e65 63742e6d 6f786965 666c2e63 6f6d3081 9f300d06 092 has 8648
86f70d01 01010500 03818d 00 30818902 8181009a d9f320ff e93d4fdd cb707a4c
b4664c47 6d2cc639 4dc45fed bfbc2150 7109fd81 5d6a5252 3d40dc43 696360d 5
fbf92bcc 477d19b8 5301085c daf40de5 87d7e4aa f81b8d7f 8d364dfa 0a6f07d7
6a7c3e9b 56e69152 aa5492d8 e35537bd 567ccf29 7afbeae8 13da9936 9f890d76
1d56d11d da3d039a 0e714849 e6841ff2 a3633061 03010001 300f0603 b 5483, 102
1301 01ff0405 30030101 ff300e06 03551d0f 0101ff04 86301f06 04030201 551d
23 04183016 80142f27 7096c4c5 e396e691 e07ef737 af61b71f 64f1301d 03551d
0603551d 0e041604 142f2770 96c4c5e3 96e691e0 7ef737af 61b71f64 f1300d06
092a 8648 86f70d01 01050500 03818100 8f777196 bbe6a5e4 8af9eb9a 514a 8348
5e62d6cd e430a758 47257243 2b 367543 065d4ceb 582bf666 08ff7be1 f89287a2
ac527824 b11c2048 7fd2b50d 6aa00675 e4df7859 f3590596 b1d52426 ca 35, 3902
226 dec 09 713f7ba9 80bdf7bb b52a7da2 4a68b91b 455cabba 4e77f4b0 1e97a52c
0cc4c6f3 f244f7d9 0a6e32fb 31ce7e35
quit smoking
IKEv2 crypto policy 1
aes-256 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 10
aes-192 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 20
aes encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 30
3des encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 40
the Encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
Crypto ikev2 activate out of service the customer port 443
Crypto ikev2 access remote trustpoint ASDM_TrustPoint0
Telnet timeout 5
SSH 10.0.0.0 255.0.0.0 inside
SSH timeout 5
SSH group dh-Group1-sha1 key exchange
Console timeout 0
dhcpd dns 208.67.222.222 208.67.220.220
dhcpd outside auto_config
!
dhcpd addresses 10.0.1.20 - 10.0.1.40 inside
dhcpd dns 208.67.222.222 208.67.220.220 interface inside
dhcpd allow inside
!
dhcpd address dmz 172.26.20.21 - 172.26.20.60
dhcpd dns 208.67.222.222 208.67.220.220 dmz interface
dhcpd enable dmz
!
dhcpd address 172.26.22.21 - dmz2 172.26.22.200
dhcpd dns 208.67.222.222 208.67.220.220 dmz2 interface
dmz2 enable dhcpd
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
SSL-trust outside ASDM_TrustPoint0 point
WebVPN
allow outside
AnyConnect essentials
AnyConnect image disk0:/anyconnect-win-3.0.2052-k9.pkg 1
AnyConnect profiles AnyConnect_client_profile disk0: / AnyConnect_client_profile.xml
AnyConnect enable
tunnel-group-list activate
internal GroupPolicy_AnyConnect group strategy
attributes of Group Policy GroupPolicy_AnyConnect
WINS server no
value of server DNS 208.67.222.222 208.67.220.220
client ssl-VPN-tunnel-Protocol ikev2
moxiefl.com value by default-field
WebVPN
AnyConnect value AnyConnect_client_profile type user profiles
password username user1 $ $ encrypted privilege 15
password username user2 $ $ encrypted privilege 15
tunnel-group AnyConnect type remote access
tunnel-group AnyConnect General attributes
address VPN_POOL pool
Group Policy - by default-GroupPolicy_AnyConnect
tunnel-group AnyConnect webvpn-attributes
enable AnyConnect group-alias
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
Review the ip options
inspect the netbios
inspect the rsh
inspect the rtsp
inspect the skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect the tftp
inspect the sip
inspect xdmcp
inspect the icmp
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
call-home
Profile of CiscoTAC-1
no active account
http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address
email address of destination [email protected] / * /
destination-mode http transport
Subscribe to alert-group diagnosis
Subscribe to alert-group environment
Subscribe to alert-group monthly periodic inventory
monthly periodicals to subscribe to alert-group configuration
daily periodic subscribe to alert-group telemetry
Cryptochecksum:f2c7362097b71bcada023c6bbfc45121
: end
Hello
You may have problems with the NAT configurations
Look at these 2 high page configurations
NAT dynamic interface of Generic_All_Network source (indoor, outdoor)
NAT (inside, outside) static source INSIDE_Hosts INSIDE_Hosts static destination AnyConnect_Hosts AnyConnect_Hosts-route search
The solution is either to reconfigure the dynamic PAT with the lowest priority (goes tearing down the current normal outbound connections) OR reposition the exempt NAT / configurations NAT0
Dynamic change of PAT could be done with
no nat dynamic interface of Generic_All_Network source (indoor, outdoor)
NAT automatic interface after (indoor, outdoor) dynamic source Generic_All_Network
NAT0 configuration change could be done with
no nat source (indoor, outdoor) public static INSIDE_Hosts static destination INSIDE_Hosts AnyConnect_Hosts AnyConnect_Hosts-route search
NAT (inside, outside) 1 static source INSIDE_Hosts INSIDE_Hosts static destination AnyConnect_Hosts AnyConnect_Hosts-route search
Changing the order of the NAT0 configurations as described above is probably the simplest solution and does not cause a teardown of connections for users. Of course change the dynamic configuration PAT would avoid future problems if it can generate. For example, it could overide static PAT (Port Forward) configured with Auto NAT configurations.
Try option suites you best and let know us if it solved the problem
Remember to mark a reply as the answer if it answered your question.
Feel free to ask more if necessary
-Jouni
-
I have a netbook running Windows 7 Home Premium (the name is Gary-asus-pc), a laptop (my wife) running Windows XP SP3 (the name is Dell640m), and a desktop running Windows XP SP3 (the name is Dell8400). My Canon printer is connected by USB to my desktop. Until this week, my wireless network in my house has been working well and I could access the desktop files and printer both netbook and laptop.
No change in hardware or software tried laptop recently with the exception of the automatic updates.
Today, my wife tried to print a document of IE8 on his cell phone and it did not work. I tried of the netbook and it worked fine. When I tried to check the properties of the printer to the laptop, I got access denied message. Checking the properties of the netbook has worked.
Thinking that something got screwed up on the laptop, I removed the printer from the laptop and tried to add again. The wizard has found the printer, but when I click Next a window pops up showing the following:
Window title: connect to Dell640m
Message: Connection to Dell8400
(in gray) Username Dell640m\Guest
Password
There is no password set on any of the machines. Just by pressing enter or clicking OK just brings back the same window.
I closed the window and went back to try to add the printer again. The laptop computer found the office but did not find all the printers on the laptop or the desktop. This behavior is fairly consistent. The first attempt after a reboot to find the printer is successful, but then asks a password for access. Subsequent attempts are no printer. Attempts to access the office system itself will require a password.
I ran the XP Wizard to re - establish home and office networking on the laptop and the desktop computer. Two machines can be, the Office can see the computer laptop and netbook and their files and printers, but the laptop cannot access anything be it on the desktop (password required) Although it can access the netbook. All the machines were restarted (several times).
Does anyone have any ideas what could cause this strange behavior between the laptop and the desktop computer.
Problem solved!
I don't know why I didn't think this earlier. The problem has been that I have constantly asked me a password for the user Dall640m\Guest. I finally thought, "why not get rid of user Dell640m\Guest?
So, I run the Configuration Wizard from the network on both systems and passed under the names of DELL8400 and Dell640m of new names computers, changed the comment, has changed the name of the Working Group, then restarted both. My hope was that starting a new network with a "totally clean slate" might work. I knew that, at all least, Dell640m\Guest username would not access to the network, so it was worth a try. Fortunately, it worked.
My access to shared files and printers.
Maybe you are looking for
-
Firefox does not open! Troubleshooting do not work.
My operating system is Windows XP. Firefox installed a new updated two days ago. It caused Firefox to crash several times and was a pain in the butt, but seemed to unravel after three restarts and a lot of frustration. Turned on my computer today (tw
-
DVD writer internal necessary for Satellite Pro 4340
Hi everyone has found a suitable DVD INTERNAL burner (preferably double layer) which adapts and will work in a Satellite Pro 4340 or a laptop of the 4200 series? No answers please tell your machine is too old, etc. - they are not useful. I only want
-
How to use Bluetooth on Satellite U200
Hello I have the Satellite U200 and the Bluetooth version v5.00.10 (T).I have no idea how can I use my Bluetooth to transfer files between my computer and my cell phone (Sony ericsson k800) or between my laptop and other computer portable... In fact,
-
How to set up a Wi - Fi so grandson login account can use Nook
-
My question is very simple. I tried all the options I could think for my printer detect the alignment page and it is still unable to detect the page. Can someone who has had the same problem please send me a list of recommended procedures to solve th