Don't type flow HP 13

Hi I recently factory zero my pc and reinstalled the wifi drivers and other at hp and made the keyboard type please help

Hello @LePixel,

Welcome to the Forums of HP Support!

I read your post about the problem of keyboard and wanted to help you!

For starters, can you provide me with the product number of the laptop? Here is a link that you can use that will help you find your model and product number:
How can I find my model number or product number?

In the meantime, please consult the following document and let me know how it goes:

HP - computer keyboard laptops laptop troubleshooting (Windows, 10, 8)

Please let me know if this information helps you solve the problem by marking this message as 'accept as Solution' , this will help others easily find the information they seek. In addition, by clicking on the Thumbs up below is a great way to say thank you!

Happy new year!

Tags: Notebooks

Similar Questions

don't type in the empty fields as search engines or login information

Hello
I installed firefox for android, but the problem is that noting happens when I try to type anything in the empty fields.
for example, in google.com when I tap on edit search to write s.th. to perform a search, the QWERTY keyboard appears, but no letter is threre when I type!
It also happens when in a forum, I want to enter my login details; new keyboard is displayed but no letter does when I type.
but in the address bar, I can write without any problem.
my camera is galaxy notes with android 4.0.4
Thank you.

Try turning off "Don't keep the activities" of the Android settings.
- Press the home button
- Press the menu key
- Select settings
- Scroll down to developer
- Scroll down to 'Don't keep activities' and uncheck the box

iPad Pro occasionally don't type the lowercase letters (the "space" remains stuck in upper case)

What happens is I type something, in general, I accidentally hit the 'Shift' or something happens that otherwise made me decide to go back and change a letter to a lowercase letter, but after a BACKSPACE on a capitalized letter, I type a new letter, only that the new letter is now capitalized. So I back the thought of this letter I must have accidentally hit the 'Shift' key while typing again... I'm not. So I don't move the caps lock... no luck. It takes a return back a space behind the letter, I'm changing character before the character space will allow a lowercase to appear.

This behavior started after upgrading to iOS 9.2 (and I use a Smart keyboard). I already checked and turned off "Auto-capitalisation" and "AutoCorrect". At this point, I can't think of another setting that could consistently produce this behavior. All the world experienced and/or sounds like a bug?

Just an update so it doesn't matter which allows to diagnose a problem, this bug does not happen in mailboxes mailbox for these forums (such as the boxes provided to type your answers in), but it does in native applications.

Wireless 800 keyboard some keys don't type symbol

I just installed 800 wireless keyboard. Some keyboard keys not typing the symbol displayed on the key. For example when I try to type the question mark when you press shift and the button with a question mark for this _. I have a problem with a number of keys.

I installed the drivers will and still experience this problem. All advice given graciously received.

Hi Wairds,

Have you changed the keyboard to another language?

This kind of problem occurs if the keyboard layout is changed to another format like English (United Kingdom) or other non-English of the provision.

Try to define the layout of the English (United States) and check if you face this problem.

http://Windows.Microsoft.com/en-CA/Windows/change-keyboard-layout#1TC=Windows-Vista

my mouse on my laptop does not respond correctly, going where ever he wantsa go and don't type wht words I will have a few seconds delay, can't play games or do much his frustratjing

the mouse does not well, typing is slow and have to wait for the words to catch up, internet or disable, this has just begun, I can't select things very well, it takes time to play a game or write a letter

Hi Kandikane,

A. are you referring to the touch pad or external mouse?
B. What is a USB or a wireless mouse?
C. who is the manufacturer of your computer?
D. recent changes made on your computer?

You can try to update the drivers and let us know the result

1. click on Start.

2 type devmgmt.msc in the start search box and press on enter.

3. right click on the driver, and then choose Update.

Previous post: the result.

Bindu S - Microsoft Support

[If this post can help solve your problem, please click the 'Mark as answer' or 'Useful' at the top of this message.] [Marking a post as answer, or relatively useful, you help others find the answer more quickly.]

BlackBerry Classic no police don't type on Classic

I can change the font size on my new classic, however there is no font type to select from. Please someone comment on this topic.

Font size is available. Font type is NOT on the Q10, or any other device BB10 and has never been.,.

keyboard by clicking on sounds and sometimes don't type repeated letters

I was watching TV with my fiance and his foot kept hitting the laptop. He started making rattling noises so I went to check. the screen was a message to the top sticky keys or something, I pressed cancel and now all my keyboards, looted. I have to wait a second before you type the same letter and it made a noise of rattling for each key pressed. What is - this and how to fix it?

Hi Russ,

-What is the brand and model of the laptop?

I suggest you to disable sticky keys and check if it helps.

Make the keyboard easier to use

Please post back with the results and we will be happy to help you further.

wireless keyboards that do not answer or type incorrect characters

Hello, I contacted Dell a couple of times and everything they have done has tried to update my drivers that did not work, or they had me use a wired keyboard that still had the problem.

When typing my keyboard makes a break, don't type, types the same character repeatedly, takes up to 30 seconds between the characters to be able to type a different and at other times, there is zero problem. This can happen several times a day. It happens with IE, Firefox, type in word, try to access a Web site. Its very frustrating.

I use Windows 7 with a wireless keyboard. If anyone has any ideas on how to solve this problem, I would appreciate it!

Hello

Welcome to Microsoft Community where you can find the answers related to Windows.

According to the description, it looks like you are facing a problem with the keyboard.

It would be great if you could answer these questions to help you further.

1. What is the brand and model of the keyboard?
2 have you made changes on the computer before this problem?

I suggest to see the steps in the following methods and check if it helps.

Mouse, touchpad and keyboard under Windows problems: http://windows.microsoft.com/en-US/windows/help/mouse-touchpad-and-keyboard-problems-in-windows?T1=tab05

Troubleshoot the incidents of the response to the mouse or wireless keyboard: http://support.microsoft.com/kb/838398

If you need Windows guru, do not hesitate to post your questions and we will be happy to help you.

Contours with type

When I type a font (any kind) and then stroke it, it looks good, until I ask to vectorize (before you send it to a print shop), it seems bad.
is there a way to keep the look?

Type described will look worse then the original because well done vector type has 'hinting '. They are better at low resolution.

There is no way to prevent this. Actually, things like newsletter created by InDesign, etc. will fall completely because they are not part of the police.

Many of us, but also professionals from Adobe, do not believe that there should be no reason of vector fonts. Create a PDF file properly should provide all the information needed to print it. See this announcement I made a few years previously to InDesignSecrets.com:

http://InDesignSecrets.com/outlining-fonts-is-it-necessary.php

Not everyone agrees, including printers that have very old RIPs and very old workflows, as you can read in the reviews below the display.

Issue of pagination on the flow of a new user

I'm pretty new to ID, but am making progress. I created my documents and were assembled in my book. When I export the book in PDF format, the documents don't always flow together. I don't care if a document starts on the left or right, just that it works continuously. I took the attached screen shot, because I'm not as sure as if I know the right vocabulary to express what I see so that see you it too.
Propagation labeled 1 is correct and it flows towards 2 correctly or I should say that I expect to work. What I want, it's marked page 3 to sink to 4 in the same spread, even if they are in different documents. Hope this helps.
In my mind all documents were created in the same way and all share the same Master Page... Thank you in advance.
Jeff

You can post a screenshot of the book panel, please?

I suspect that the problem is you are tyring to export pasta to spread instead of single pages, and you can not combine pages of documents in a spread when you export the book, but I can't tell from the picture you have posted.

Type get lost...
I came across an ad from back in 2006 - the individual was having this problem, but it received no response. Don't know if he was using FW CS3, but I when I open a Photoshop in FW file, any type in the file gets beat - box type is greatly expanded and if I don't type ANYTHING in the box, everything blows up. The type developed (increased attack) to fill the extended area.

Why is this happening? Is there a way to fix this? VERY frustrating, but I love everything else about FW.

-bryan
Some tests and it seems that this happens regardless of the font used. BUT it also seems that Fireworks simply cannot understand a leader 'AUTO' in Photoshop. Fireworks blowing the main way or completely it is falling apart. Set a font to, say, 12/14 and it imports and Fireworks very well. Looks like I have to specify leader and not leave it to 'AUTO '.

nat VPN question.

Try to find what happened. I had the remote end raise the tunnel, as they can ping resources on my side. I am unable to ping 10.90.238.148 through this tunnel. I used to be able to until the interface of K_Inc has been added. The network behind this interface is 10/8.

I asked a question earlier in another post and advises him to play opposite road of Cryptography. And who did it. I was able to ping 10.90.238.148 of 192.168.141.10, with the config below.

I am at a loss to why I can't all of a sudden. A bit of history, given routes have not changed. By adding the command set opposite road to cryptography, I find myself with a static entry for the 10.90.238.0 network is what fixed it initially so I don't think it's a problem of route. The remote end had an overlap with the 192.168.141.0/24 that is why my side is natted on the 10.40.27.0. None of the nats have changed so if adding the reverse route worked for a day, it should still work. Any thoughts?

interface GigabitEthernet0/3.10

VLAN 10

nameif K_Inc

security-level 100

IP address 192.168.10.254 255.255.255.0

interface GigabitEthernet0/3.141

VLAN 141

cold nameif

security-level 100

IP 192.168.141.254 255.255.255.0

(Cold) NAT 0 access-list sheep

NAT (cold) 1 192.168.141.0 255.255.255.0

Access extensive list ip 192.168.141.0 CSVPNOFFSITE allow 255.255.255.0 10.90.238.0 255.255.255.0

Access extensive list ip 10.40.27.0 CSVPNOFFSITE allow 255.255.255.0 10.90.238.0 255.255.255.0

Access extensive list ip 192.168.141.0 CSVPNNAT allow 255.255.255.0 10.90.238.0 255.255.255.0

IP 10.40.27.0 allow Access-list extended sheep 255.255.255.0 10.90.238.0 255.255.255.0

static 10.40.27.0 (cold, outside) - CSVPNNAT access list

card crypto Outside_map 5 corresponds to the address CSVPNOFFSITE

card crypto Outside_map 5 the value reverse-road

card crypto Outside_map 5 set pfs

card crypto Outside_map 5 set peer 20.x.x.3

Outside_map 5 transform-set ESP-3DES-MD5 crypto card game

card crypto Outside_map 5 defined security-association life seconds 28800

card crypto Outside_map 5 set security-association kilobytes of life 4608000

tunnel-group 20.x.x.3 type ipsec-l2l

20.x.x.3 Group of tunnel ipsec-attributes

pre-shared-key *.

Route outside 0.0.0.0 0.0.0.0 7.x.x.1 1

Route 10.0.0.0 K_Inc 255.192.0.0 192.168.10.252 1

Route K_Inc 10.64.0.0 255.224.0.0 192.168.10.252 1

Route K_Inc 10.100.100.0 255.255.255.0 192.168.10.252 1

Route K_Inc 10.128.0.0 255.128.0.0 192.168.10.252 1

Tunnel is up:

14 peer IKE: 20.x.x.243

Type: L2L role: answering machine

Generate a new key: no State: MM_ACTIVE

EDIT:

I just noticed when tracer packet i run I don't get a phase VPN or encrypt:

Packet-trace entry cold tcp 192.168.141.10 80 80 10.90.238.148 det

Phase: 1

Type: FLOW-SEARCH

Subtype:

Result: ALLOW

Config:

Additional information:

Not found no corresponding stream, creating a new stream

Phase: 2

Type:-ROUTE SEARCH

Subtype: entry

Result: ALLOW

Config:

Additional information:

in 10.90.238.0 255.255.255.0 outside

Phase: 3

Type: IP-OPTIONS

Subtype:

Result: ALLOW

Config:

Additional information:

Direct flow from returns search rule:

ID = 0xad048d08, priority = 0, sector = option-ip-enabled, deny = true

hits = 2954624, user_data = 0 x 0, cs_id = 0 x 0, reverse, flags = 0 x 0 = 0 protocol

SRC ip = 0.0.0.0 mask 0.0.0.0, port = 0 =

DST ip = 0.0.0.0 mask = 0.0.0.0, port = 0, dscp = 0 x 0

Phase: 4

Type: QOS

Subtype:

Result: ALLOW

Config:

Additional information:

Direct flow from returns search rule:

ID = 0xb2ed4b80, priority = 72, domain = qos by class, deny = false

hits = 2954687, user_data = 0xb2ed49d8, cs_id = 0 x 0, reverse, flags = 0 x 0 = 0 protocol

SRC ip = 0.0.0.0 mask 0.0.0.0, port = 0 =

DST ip = 0.0.0.0 mask = 0.0.0.0, port = 0, dscp = 0 x 0

Phase: 5

Type: FOVER

Subtype: Eve-updated

Result: ALLOW

Config:

Additional information:

Direct flow from returns search rule:

ID = 0xad090180, priority = 20, area = read, deny = false

hits = 618776, user_data = 0 x 0, cs_id = 0 x 0, flags = 0 x 0, Protocol = 6

SRC ip = 0.0.0.0 mask 0.0.0.0, port = 0 =

DST ip = 0.0.0.0 mask = 0.0.0.0, port = 0, dscp = 0 x 0

Phase: 6

Type: NAT

Subtype:

Result: ALLOW

Config:

static (ColdSpring, external) 74.x.x.50 192.168.141.10 netmask 255.255.255.255

match ip host 192.168.141.10 ColdSpring outside of any

static translation at 74.x.x.50

translate_hits = 610710, untranslate_hits = 188039

Additional information:

Definition of static 192.168.141.10/0 to 74.112.122.50/0 using subnet mask 255.255.255.255

Direct flow from returns search rule:

ID = 0xac541e50, priority = 5, area = nat, deny = false

hits = 610742, user_data = 0xac541c08, cs_id = 0 x 0, flags = 0 x 0 = 0 protocol

SRC ip = 192.168.141.10, mask is 255.255.255.255, port = 0

DST ip = 0.0.0.0 mask = 0.0.0.0, port = 0, dscp = 0 x 0

Phase: 7

Type: NAT

Subtype: host-limits

Result: ALLOW

Config:

static (ColdSpring, dmz) 192.168.141.0 192.168.141.0 netmask 255.255.255.0

match ip ColdSpring 192.168.141.0 255.255.255.0 dmz all

static translation at 192.168.141.0

translate_hits = 4194, untranslate_hits = 20032

Additional information:

Direct flow from returns search rule:

ID = 0xace2c1a0, priority = 5, area = host, deny = false

hits = 2954683, user_data = 0xace2ce68, cs_id = 0 x 0, reverse, flags = 0 x 0 = 0 protocol

SRC ip = 192.168.141.0, mask is 255.255.255.0, port = 0

DST ip = 0.0.0.0 mask = 0.0.0.0, port = 0, dscp = 0 x 0

Phase: 8

Type: IP-OPTIONS

Subtype:

Result: ALLOW

Config:

Additional information:

Reverse flow from returns search rule:

ID = 0xaacbcb90, priority = 0, sector = option-ip-enabled, deny = true

hits = 282827537, user_data = 0 x 0, cs_id = 0 x 0, reverse, flags = 0 x 0 = 0 protocol

SRC ip = 0.0.0.0 mask 0.0.0.0, port = 0 =

DST ip = 0.0.0.0 mask = 0.0.0.0, port = 0, dscp = 0 x 0

Phase: 9

Type: QOS

Subtype:

Result: ALLOW

Config:

Additional information:

Reverse flow from returns search rule:

ID = 0xb2ed5c78, priority = 72, domain = qos by class, deny = false

hits = 4749562, user_data = 0xb2ed5ad0, cs_id = 0 x 0, reverse, flags = 0 x 0 = 0 protocol

SRC ip = 0.0.0.0 mask 0.0.0.0, port = 0 =

DST ip = 0.0.0.0 mask = 0.0.0.0, port = 0, dscp = 0 x 0

Phase: 10

Type: CREATING STREAMS

Subtype:

Result: ALLOW

Config:

Additional information:

New workflow created with the 339487904 id, package sent to the next module

Information module for forward flow...

snp_fp_inspect_ip_options

snp_fp_tcp_normalizer

snp_fp_translate

snp_fp_adjacency

snp_fp_fragment

snp_fp_tracer_drop

snp_ifc_stat

Information for reverse flow...

snp_fp_inspect_ip_options

snp_fp_translate

snp_fp_tcp_normalizer

snp_fp_adjacency

snp_fp_fragment

snp_fp_tracer_drop

snp_ifc_stat

Phase: 11

Type:-ROUTE SEARCH

Subtype: output and contiguity

Result: ALLOW

Config:

Additional information:

found 7.x.x.1 of next hop using ifc of evacuation outside

contiguity Active

0007.B400.1402 address of stretch following mac typo 51982146

Result:

input interface: cold

entry status: to the top

entry-line-status: to the top

output interface: outside

the status of the output: to the top

output-line-status: to the top

Action: allow

What version are you running to ASA?

My guess is that your two static NAT is configured above policy nat you have configured for the VPN? If this is the case, move your above these static NAT NAT policy and you should see the traffic start to flow properly.

--

Please note all useful posts

Site-to-Site VPN Ping does not

I configured a vpn site-to site between two firewalls ASA 5505. Establishes the tunnel, but the icmp traffic does not pass. In fact, ping worked twice, but only at random. I need to work on a regular basis. I have attached the configurations as well as an output of the packet - trace both of the ASA and the IPSec and its ISAKMP. Thanks for any help you can provide.

ASA Configuration 1:

ASA Version 8.0 (3)

!

hostname asa1

activate the encrypted password of A.zMQonBIU0NmOC0

names of

!

interface Vlan1

nameif inside

security-level 100

IP 10.1.50.253 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

IP 1.1.1.1 255.255.255.240

!

interface Ethernet0/0

switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

!

interface Ethernet0/3

!

interface Ethernet0/4

!

interface Ethernet0/5

!

interface Ethernet0/6

!

interface Ethernet0/7

!

OMV1AjIsWknnKr9H encrypted passwd

boot system Disk0: / asa803 - k8.bin

passive FTP mode

acl_out list extended access permit tcp any host 63.76.12.195 eq smtp

acl_out list extended access permit tcp any host 63.76.12.195 eq www

acl_out list extended access permit tcp any host 63.76.12.195 eq 3389

acl_out list extended access permit tcp any host 63.76.12.195 eq ftp

acl_out list extended access permit tcp any host 63.76.12.195 eq ftp - data

acl_out list extended access permit tcp any host 63.76.12.195 eq telnet

acl_out list extended access permit tcp any host 63.76.12.195 eq 5800

acl_out list extended access permit tcp any host 63.76.12.195 eq 5900

acl_out list extended access permit tcp any host 63.76.12.195 eq https

acl_out list extended access permit tcp any host 63.76.12.196 eq www

acl_out list extended access permit tcp any host 63.76.12.196 eq https

acl_out list extended access permit tcp any host 63.76.12.196 eq smtp

acl_out list extended access permit tcp any host 63.76.12.196 eq 3389

acl_out list extended access permit icmp any one

access-list 101 extended allow ip 10.1.50.0 255.255.255.0 10.1.40.0 255.255.255.0

access-list 101 extended allow ip 10.1.50.0 255.255.255.0 10.1.51.0 255.255.255.0

vpn-fargo extended ip 10.1.50.0 access list allow 255.255.255.0 10.1.51.0 255.255.255.0

pager lines 24

Enable logging

debug logging in buffered memory

asdm of logging of information

Within 1500 MTU

Outside 1500 MTU

IP local pool ippool 10.1.40.1 - 10.1.40.254

ICMP unreachable rate-limit 1 burst-size 1

ICMP allow any inside

ICMP allow all outside

ASDM image disk0: / asdm - 523.bin

don't allow no asdm history

ARP timeout 14400

Global 1 interface (outside)

(Inside) NAT 0-list of access 101

NAT (inside) 1 0.0.0.0 0.0.0.0

static (inside, outside) 1.1.1.2 tcp ftp 10.1.50.3 ftp netmask 255.255.255.255

static (inside, outside) 1.1.1.2 tcp ftp - data 10.1.50.3 ftp - data netmask 255.255.255.255

static (inside, outside) 1.1.1.2 tcp telnet 10.1.50.3 telnet netmask 255.255.255.255

static (inside, outside) tcp 1.1.1.2 5800 10.1.50.102 5800 netmask 255.255.255.255

static (inside, outside) 1.1.1.2 tcp 5900 10.1.50.102 5900 netmask 255.255.255.255

static (inside, outside) 1.1.1.2 tcp 3389 10.1.50.5 3389 netmask 255.255.255.255

static (inside, outside) 1.1.1.3 10.1.50.6 netmask 255.255.255.255

Access-group acl_out in interface outside

Route outside 0.0.0.0 0.0.0.0 1.1.1.0 1

Timeout xlate 03:00

Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00

Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00

Timeout, uauth 0:05:00 absolute

dynamic-access-policy-registration DfltAccessPolicy

Enable http server

http 192.168.1.0 255.255.255.0 inside

No snmp server location

No snmp Server contact

Server enable SNMP traps snmp authentication linkup, linkdown cold start

Crypto ipsec transform-set esp-3des esp-md5-hmac RIGHT

Crypto-map dynamic dynmap 10 transform-set RIGHT

map mymap 10-isakmp ipsec crypto dynamic dynmap

card crypto mymap 20 match address vpn-fargo

card crypto mymap 20 peers set 2.2.2.2

card crypto mymap 20 transform-set RIGHT

crypto mymap 20 card value reverse-road

mymap outside crypto map interface

crypto isakmp identity address

crypto ISAKMP allow outside

crypto ISAKMP policy 10

preshared authentication

3des encryption

md5 hash

Group 2

life 86400

crypto ISAKMP policy 20

preshared authentication

aes-256 encryption

sha hash

Group 5

life 86400

crypto ISAKMP ipsec-over-tcp port 10000

Telnet timeout 5

SSH 0.0.0.0 0.0.0.0 inside

SSH timeout 5

Console timeout 0

management-access inside

dhcpd outside auto_config

!

a basic threat threat detection

Statistics-list of access threat detection

internal group vpn3000 strategy

attributes of the strategy group vpn3000

value of server WINS 10.1.50.5

value of 10.1.50.5 DNS server 10.1.50.6

Split-tunnel-policy tunnelspecified

Split-tunnel-network-list value 101

asa1.com value by default-field

disable authentication of the user

the address value ippool pools

encrypted vpn Tw.atDK7GScnXkMJ password username

vpn tunnel-group type remote access

VPN tunnel-group general attributes

Group Policy - by default-vpn3000

jtvpn group of tunnel ipsec-attributes

pre-shared-key *.

tunnel-group 2.2.2.2 type ipsec-l2l

2.2.2.2 tunnel-group ipsec-attributes

pre-shared-key *.

!

class-map inspection_default

match default-inspection-traffic

!

!

type of policy-card inspect dns preset_dns_map

parameters

message-length maximum 512

Policy-map global_policy

class inspection_default

inspect the preset_dns_map dns

inspect the ftp

inspect h323 h225

inspect the h323 ras

inspect the rsh

inspect the rtsp

inspect sqlnet

inspect the skinny

inspect sunrpc

inspect xdmcp

inspect the sip

inspect the netbios

inspect the tftp

inspect the icmp

inspect the icmp error

!

global service-policy global_policy

context of prompt hostname

: end

ASA 2 configuration:

ASA Version 8.2 (1)

!

hostname asa2

activate the encrypted password of A.zMQonBIU0NmOC0

1vU9VISnc.IQ6OSN encrypted passwd

names of

!

interface Vlan1

nameif inside

security-level 100

IP 10.1.51.253 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

IP address 2.2.2.2 255.255.255.240

!

interface Ethernet0/0

switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

!

interface Ethernet0/3

!

interface Ethernet0/4

!

interface Ethernet0/5

!

interface Ethernet0/6

!

interface Ethernet0/7

!

passive FTP mode

vpn - dsm extended ip 10.1.51.0 access list allow 255.255.255.0 10.1.50.0 255.255.255.0

IP 10.1.51.0 allow Access-list extended sheep 255.255.255.0 10.1.50.0 255.255.255.0

access outside-access list extended icmp permitted an echo

outside-access extended access list permit icmp any any echo response

outside-access extended access list permit all all unreachable icmp

access outside-access allowed list icmp exceed all once

pager lines 24

asdm of logging of information

Within 1500 MTU

Outside 1500 MTU

ICMP unreachable rate-limit 1 burst-size 1

ICMP allow any inside

ICMP allow all outside

don't allow no asdm history

ARP timeout 14400

Global 1 interface (outside)

NAT (inside) 0 access-list sheep

NAT (inside) 1 0.0.0.0 0.0.0.0

access-outside group access component software snap-in interface outside

Route outside 0.0.0.0 0.0.0.0 2.2.2.0 1

Timeout xlate 03:00

Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00

Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00

Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

dynamic-access-policy-registration DfltAccessPolicy

the ssh LOCAL console AAA authentication

Enable http server

http 192.168.1.0 255.255.255.0 inside

No snmp server location

No snmp Server contact

Server enable SNMP traps snmp authentication linkup, linkdown cold start

Crypto ipsec transform-set ESP-3DES esp-3des esp-md5-hmac

life crypto ipsec security association seconds 28800

Crypto ipsec kilobytes of life - safety 4608000 association

card crypto mymap 10 correspondence address vpn - dsm

card crypto mymap 10 set peer 1.1.1.1

card crypto mymap 10 game of transformation-ESP-3DES

crypto mymap 10 card value reverse-road

mymap outside crypto map interface

crypto isakmp identity address

crypto ISAKMP allow outside

crypto ISAKMP policy 10

preshared authentication

3des encryption

md5 hash

Group 2

life 86400

crypto ISAKMP policy 20

preshared authentication

aes-256 encryption

sha hash

Group 5

life 86400

Telnet 0.0.0.0 0.0.0.0 inside

Telnet timeout 5

SSH 0.0.0.0 0.0.0.0 inside

SSH timeout 5

Console timeout 0

management-access inside

dhcpd outside auto_config

!

a basic threat threat detection

Statistics-list of access threat detection

no statistical threat detection tcp-interception

WebVPN

tunnel-group 1.1.1.1 type ipsec-l2l

tunnel-group 1.1.1.1 ipsec-attributes

pre-shared-key *.

!

class-map inspection_default

match default-inspection-traffic

!

!

type of policy-card inspect dns preset_dns_map

parameters

message-length maximum 512

Policy-map global_policy

class inspection_default

inspect the preset_dns_map dns

inspect the ftp

inspect h323 h225

inspect the h323 ras

inspect the rsh

inspect the rtsp

inspect esmtp

inspect sqlnet

inspect the skinny

inspect sunrpc

inspect xdmcp

inspect the sip

inspect the netbios

inspect the tftp

inspect the icmp

inspect the icmp error

!

global service-policy global_policy

context of prompt hostname

: end

Packet trace of ASA1:

asa1 (config) # entry packet - trace within the icmp 10.1.50.253 1 1 detailed 10.1.51.253

Phase: 1

Type: FLOW-SEARCH

Subtype:

Result: ALLOW

Config:

Additional information:

Not found no corresponding stream, creating a new stream

Phase: 2

Type:-ROUTE SEARCH

Subtype: entry

Result: ALLOW

Config:

Additional information:

in 0.0.0.0 0.0.0.0 outdoors

Phase: 3

Type: ACCESS-LIST

Subtype:

Result: DECLINE

Config:

Implicit rule

Additional information:

Direct flow from returns search rule:

ID = 0xd49dcce0, priority = 500, area = allowed, deny = true

Hits = 5, user_data = 0 x 6, cs_id = 0 x 0, reverse, flags = 0 x 0 = 0 protocol

SRC ip = 10.1.50.253, mask is 255.255.255.255, port = 0

DST ip = 0.0.0.0 mask 0.0.0.0, port = 0 =

Result:

input interface: inside

entry status: to the top

entry-line-status: to the top

output interface: outside

the status of the output: to the top

output-line-status: to the top

Action: drop

Drop-reason: flow (acl-drop) is denied by the configured rule

Packet trace of ASA2:

asa2 (config) # entry packet - trace within the icmp 10.1.51.253 1 1 detailed 10.1.50.253

Phase: 1

Type: FLOW-SEARCH

Subtype:

Result: ALLOW

Config:

Additional information:

Not found no corresponding stream, creating a new stream

Phase: 2

Type:-ROUTE SEARCH

Subtype: entry

Result: ALLOW

Config:

Additional information:

in 10.1.50.0 255.255.255.0 outside

Phase: 3

Type: ACCESS-LIST

Subtype:

Result: DECLINE

Config:

Implicit rule

Additional information:

Direct flow from returns search rule:

ID = 0xc9583648, priority = 500, area = allowed, deny = true

hits = 9, user_data = 0 x 6, cs_id = 0 x 0, reverse, flags = 0 x 0 = 0 protocol

SRC ip = 10.1.51.253, mask is 255.255.255.255, port = 0

DST ip = 0.0.0.0 mask = 0.0.0.0, port = 0, dscp = 0 x 0

Result:

input interface: inside

entry status: to the top

entry-line-status: to the top

output interface: outside

the status of the output: to the top

output-line-status: to the top

Action: drop

Drop-reason: flow (acl-drop) is denied by the configured rule

ASA 1 IPSec security association:

peer address: 2.2.2.2

Tag crypto map: dynmap, seq num: 10, local addr: 1.1.1.1

local ident (addr, mask, prot, port): (10.1.50.0/255.255.255.0/0/0)

Remote ident (addr, mask, prot, port): (10.1.51.0/255.255.255.0/0/0)

current_peer: 2.2.2.2

#pkts program: encrypt 0, #pkts: 0, #pkts digest: 0

decaps #pkts: 5, #pkts decrypt: 5, #pkts check: 5

compressed #pkts: 0, unzipped #pkts: 0

#pkts uncompressed: 0, comp #pkts failed: 0, #pkts Dang failed: 0

success #frag before: 0, failures before #frag: 0, #fragments created: 0

Sent #PMTUs: 0, #PMTUs rcvd: 0, reassembly: 20th century / of frgs #decapsulated: 0

#send errors: 0, #recv errors: 0

endpt local crypto. : 1.1.1.1, remote Start crypto. : 2.2.2.2

Path mtu 1500, fresh ipsec generals 58, media, mtu 1500

current outbound SPI: 1F3E7E3A

SAS of the esp on arrival:

SPI: 0x1DFAE5E0 (502982112)

transform: esp-3des esp-md5-hmac no

running parameters = {L2L, Tunnel}

slot: 0, id_conn: 77824, crypto-card: dynmap

calendar of his: service life remaining (KB/s) key: (3824999/28036)

Size IV: 8 bytes

support for replay detection: Y

outgoing esp sas:

SPI: 0x1F3E7E3A (524189242)

transform: esp-3des esp-md5-hmac no

running parameters = {L2L, Tunnel}

slot: 0, id_conn: 77824, crypto-card: dynmap

calendar of his: service life remaining (KB/s) key: (3825000/28034)

Size IV: 8 bytes

support for replay detection: Y

ASA 1 ISAKMP Security Association:

1 peer IKE: 2.2.2.2

Type: L2L role: answering machine

Generate a new key: no State: MM_ACTIVE

ASA 2 IPSec security association:

peer address: 1.1.1.1

Tag crypto map: mymap, seq num: 10, local addr: 2.2.2.2

list of access vpn - dsm allowed ip 10.1.51.0 255.255.255.0 10.1.50.0 255.255.255.0

local ident (addr, mask, prot, port): (10.1.51.0/255.255.255.0/0/0)

Remote ident (addr, mask, prot, port): (10.1.50.0/255.255.255.0/0/0)

current_peer: 63.76.12.194

#pkts program: 5, #pkts encrypt: 5, #pkts digest: 5

#pkts decaps: 0, #pkts decrypt: 0, #pkts check: 0

compressed #pkts: 0, unzipped #pkts: 0

#pkts uncompressed: 5, comp #pkts failed: 0, #pkts Dang failed: 0

success #frag before: 0, failures before #frag: 0, #fragments created: 0

Sent #PMTUs: 0, #PMTUs rcvd: 0, reassembly: 20th century / of frgs #decapsulated: 0

#send errors: 0, #recv errors: 0

endpt local crypto. : 2.2.2.2, remote Start crypto. : 1.1.1.1

Path mtu 1500, fresh ipsec generals 58, media, mtu 1500

current outbound SPI: 1DFAE5E0

SAS of the esp on arrival:

SPI: 0x1F3E7E3A (524189242)

transform: esp-3des esp-md5-hmac no compression

running parameters = {L2L, Tunnel}

slot: 0, id_conn: 81920, crypto-map: mymap

calendar of his: service life remaining (KB/s) key: (4374000/27900)

Size IV: 8 bytes

support for replay detection: Y

Anti-replay bitmap:

0x00000000 0x00000001

outgoing esp sas:

SPI: 0x1DFAE5E0 (502982112)

transform: esp-3des esp-md5-hmac no compression

running parameters = {L2L, Tunnel}

slot: 0, id_conn: 81920, crypto-map: mymap

calendar of his: service life remaining (KB/s) key: (4373999/27900)

Size IV: 8 bytes

support for replay detection: Y

Anti-replay bitmap:

0x00000000 0x00000001

ASA 2 ISAKMP Security Association:

1 peer IKE: 1.1.1.1

Type: L2L role: initiator

Generate a new key: no State: MM_ACTIVE

Hi Mike,.

I see the following in your configuration:

map mymap 10-isakmp ipsec crypto dynamic dynmap

Sequence number of Th for the peer 2.2.2.2 is 20 so we first hit the dynamic map that could cause this problem.

To avoid this, I suggest you do the following:

No map mymap 10-isakmp ipsec crypto dynamic dynmap

map mymap 65535-isakmp ipsec crypto dynamic dynmap

To validate this fact, if you look at the SA on ASA1 ipsec, you will find that it was negotiated with dymap (card crypto seq 10) and not 20!

ASA 1 IPSec security association:

peer address: 2.2.2.2

Tag crypto map: dynmap, seq num: 10, local addr: 1.1.1.1

local ident (addr, mask, prot, port): (10.1.50.0/255.255.255.0/0/0)

Remote ident (addr, mask, prot, port): (10.1.51.0/255.255.255.0/0/0)

current_peer: 2.2.2.2

#pkts program: encrypt 0, #pkts: 0, #pkts digest: 0

decaps #pkts: 5, #pkts decrypt: 5, #pkts check: 5

compressed #pkts: 0, unzipped #pkts: 0

#pkts uncompressed: 0, comp #pkts failed: 0, #pkts Dang failed: 0

success #frag before: 0, failures before #frag: 0, #fragments created: 0

Sent #PMTUs: 0, #PMTUs rcvd: 0, reassembly: 20th century / of frgs #decapsulated: 0

#send errors: 0, #recv errors: 0

Hope this helps!

See you soon,.

Manasi!

VPN Cisco ASA 5540 L2L - one-way traffic only for the pair to a network

Hello

I'm a little confused as to which is the problem. This is the premise for the problem I have face.

One of our big clients has a Cisco ASA5540 (8.2 (2)) failover (active / standby). Early last year, we have configured a VPN from Lan to Lan to a 3rd party site (a device of control point on their end). He worked until early this week when suddenly the connection problems.

Only 1 of the 3 networks the / guests can access a remote network on the other side. 2 others have suddenly stopped working. We do not know of any change on our side and the remote end also insists that their end configurations are correct (and what information they sent me it seems to be correct)

So essentially the encryption field is configured as follows:

access-list line 1 permit extended ip 10.238.57.21 host 10.82.0.202 (hitcnt = 2)
access-list line 2 extended permit ip 10.207.0.0 255.255.0.0 10.82.0.200 255.255.255.252 (hitcnt = 198)
access-list line 3 extended permit ip 10.231.191.0 255.255.255.0 10.82.0.200 255.255.255.252 (hitcnt = 173)

Free NAT has been configured as follows (names modified interfaces):

NAT (interface1) 0-list of access to the INTERIOR-VPN-SHEEP

the INTERIOR-VPN-SHEEP line 1 permit access list extended ip 10.231.191.0 255.255.255.0 10.82.0.200 255.255.255.252
permit for Access-list SHEEP-VPN-INSIDE line lengthened 2 ip host 10.238.57.21 10.82.0.202

NAT (interface2) 0-list of access VPN-SHEEP

VPN-SHEEP line 1 permit access list extended ip 10.207.0.0 255.255.0.0 10.82.0.200 255.255.255.252

After the problem started only 10.207.0.0/16 network connections worked for the site remote 10.82.0.200/30. All other connections do not work.

There has been no change made on our side and on the side remote also insists there has been no change. I also checked how long the ASAs have been upward and how long the same device has been active in the failover. Both have been at the same time (about a year)

The main problem is that users of the 10.231.191.0/24 cant access remote network network. However, the remote user can initiate and implement the VPN on their side but usually get any return traffic. Ive also checked that the routes are configured correctly in the routers in core for the return of their connections traffic should go back to the firewall.

Also used of "packet - trace" event raising the VPN tunnel (even if it passes the phases VPN). For my understanding "packet - trace" alone with the IP source and destination addresses must activate the VPN connection (even if it generates no traffic to the current tunnel).

This is printing to the following command: "packet - trace entry interface1 tcp 10.231.191.100 1025 10.82.0.203 80.

Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit rule
Additional information:
MAC access list

Phase: 2
Type: FLOW-SEARCH
Subtype:
Result: ALLOW
Config:
Additional information:
Not found no corresponding stream, creating a new stream

Phase: 3
Type:-ROUTE SEARCH
Subtype: entry
Result: ALLOW
Config:
Additional information:
in 10.82.0.200 255.255.255.252 outside

Phase: 4
Type: ACCESS-LIST
Subtype: Journal
Result: ALLOW
Config:
Access-group interface interface1
access-list extended allow ip 10.231.191.0 255.255.255.0 10.82.0.200 255.255.255.252
Additional information:

Phase: 5
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional information:

Phase: 6
Type: INSPECT
Subtype: np - inspect
Result: ALLOW
Config:
class-map inspection_default
match default-inspection-traffic
Policy-map global_policy
class inspection_default
inspect the http
global service-policy global_policy
Additional information:

Phase: 7
Type: FOVER
Subtype: Eve-updated
Result: ALLOW
Config:
Additional information:

Phase: 8
Type: NAT-FREE
Subtype:
Result: ALLOW
Config:
NAT-control
is the intellectual property inside 10.231.191.0 255.255.255.0 outside 10.82.0.200 255.255.255.252
Exempt from NAT
translate_hits = 32, untranslate_hits = 35251
Additional information:

-Phase 9 is a static nat of the problem to another network interface. Don't know why his watch to print.

Phase: 9
Type: NAT
Subtype: host-limits
Result: ALLOW
Config:
static (interface1, interface3) 10.231.0.0 10.231.0.0 255.255.0.0 subnet mask
NAT-control
is the intellectual property inside 10.231.0.0 255.255.0.0 interface3 all
static translation at 10.231.0.0
translate_hits = 153954, untranslate_hits = 88
Additional information:

-Phase 10 seems to be the default NAT for the local network configuration when traffic is to the Internet

Phase: 10
Type: NAT
Subtype:
Result: ALLOW
Config:
NAT (interface1) 5 10.231.191.0 255.255.255.0
NAT-control
is the intellectual property inside 10.231.191.0 255.255.255.0 outside of any
dynamic translation of hen 5 (y.y.y.y)
translate_hits = 3048900, untranslate_hits = 77195
Additional information:

Phase: 11
Type: VPN
Subtype: encrypt
Result: ALLOW
Config:
Additional information:

Phase: 12
Type: VPN
Subtype: ipsec-tunnel-flow
Result: ALLOW
Config:
Additional information:

Phase: 13
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional information:

Phase: 14
Type: CREATING STREAMS
Subtype:
Result: ALLOW
Config:
Additional information:
New workflow created with the 1047981896 id, package sent to the next module

Result:
input interface: interface1
entry status: to the top
entry-line-status: to the top
output interface: outside
the status of the output: to the top
output-line-status: to the top
Action: allow

So, basically, the connection should properly go to connect VPN L2L but yet is not. I tried to generate customer traffic of base (with the source IP address of the client network and I see the connection on the firewall, but yet there is absolutely no encapsulated packets when I check "crypto ipsec to show his" regarding this connection VPN L2L.) Its almost as if the firewall only transfers the packets on the external interface instead of encapsulating for VPN?

And as I said, at the same time the remote end can activate the connection between these 2 networks very well, but just won't get any traffic back to their echo ICMP messages.

access-list extended allow ip 10.231.191.0 255.255.255.0 10.82.0.200 255.255.255.252
local ident (addr, mask, prot, port): (10.231.191.0/255.255.255.0/0/0)
Remote ident (addr, mask, prot, port): (10.82.0.200/255.255.255.252/0/0)
current_peer: y.y.y.y

#pkts program: encrypt 0, #pkts: 0, #pkts digest: 0
#pkts decaps: 131, #pkts decrypt: 131, #pkts check: 131
compressed #pkts: 0, unzipped #pkts: 0
#pkts uncompressed: 0, comp #pkts failed: 0, #pkts Dang failed: 0
success #frag before: 0, failures before #frag: 0, #fragments created: 0
Sent #PMTUs: 0, #PMTUs rcvd: 0, reassembly: 20th century / of frgs #decapsulated: 0
#send errors: 0, #recv errors: 0

If it was just a routing problem it would be a simple thing to fix, but it is not because I can see the connection I have to confirm it by the router base on the firewall, but they don't just get passed on to the VPN connection.

Could this happen due to a bug in the Software ASA? Would this be something with Checkpoint VPN device? (I have absolutely no experience with devices of control point)

If there is any essential information that I can give, please ask.

-Jouni

Jouni,

8.2.4.1 is the minimum - 8.2.4 had some issues (including TCP proxy).

If this does not resolve the problem - I suggest open TAC box to get to the bottom of this ;-)

Marcin

iPad IOS 10 - AutoCorrect keyboard does not turn off?

I don't know if it is a problem of IOS 10 or if it is a question of the iPad. One of the first things I do when I get a new device is turn off easily. I hate to correct automatically, but it seems not turning off itself. I was typing a message to a friend of mine and to instead keep the word I typed (Pervy) it replaces (Percy).

I just upgraded to IOS 10 and checked to see if the AutoCorrect has been disabled or if she has it on again. Even with typing this message, it keeps replacing words on me with words that I don't type and are not what they should be. It is not a question of spelling either, so I don't know what to do to fix, but it's very annoying.

Hello. You may also need to disable predictive. If you are using a physical keyboard, there are different settings for it. They appear only when it is connected.

Don't type flow HP 13

Similar Questions

Maybe you are looking for