H323 Keep-alives
I have a client with calls H323 falling at the 1 hour mark. classic symptom of H323 or H225 timeout issues.
Problem is that the customer has a network refuses (big client with many geographically distributed teams) to adjust the firewall of the team time-out values.
Is there a way to Setup persistent on endpoints or the VCS? Endpoints are mainly MXP always, slowly being changed for C-series.
Thank you.
Hi Anthony,.
Cisco/Tandberg endpoints use H245 messages to keep alive the call, they send H245 keep alive messages every 30 seconds. However, in some cases, the firewall does not consider the Dungeon H.245 living messages and then it disconnects the call if no H225 keep alive messages are received during a certain period of time (in your case, 1 hour).
The problem is, most of the Cisco/Tandberg endpoints cannot send H225 keep alive messages, only H245 messages (they use the roundTripDelayRequest and roundTripDelayResponse messages). Of the endpoints of TC, TC6 and versions later, Cisco has provided a keep alive feature H225, but the default time is 2 hours and that cannot be changed, so endpoints keep alive session every 2 hours.
For the MXP endpoints, as far as I know, we're not support H225 keep alive, only H245.
Therefore, you should really fix the configuration of your firewall, once you can make any configuration change in the endpoints to solve the problem.
Take a peek at this defect associated with H225 keep alive question of the endpoints TC, note that Cisco suggests customers to make adjustments in the typology where the H323 (H225/H245) sessions are sent via or on the device firewall to handle the video traffic correctly.
https://Tools.Cisco.com/bugsearch/bug/CSCub20591
Another people in the community here has had the same problem, see:
https://supportforums.Cisco.com/message/4039690?referring_site=BSS&channel=BDP#4039690
https://supportforums.Cisco.com/message/3952227?referring_site=BSS&channel=BDP#3952227
I hope this helps.
Paulo Souza
My answer was helpful? Please note the useful answers and do not forget to mark questions resolved as "responded."
Tags: Cisco Support
Similar Questions
-
What should I change to keep alive indefinitely without any Windows activity?
Title of the Moose: kb2492386
Installed kb2492386 update to XP Pro (version 2002) as well as several IE8, several .NET framework and central management framework. Since the updates windows times out and require a re-login. Power options are unchanged: never stop disks, never attend the eve and disabled hibernation.
What should I change to keep alive indefinitely without any Windows activity?
Hello
Follow these steps and check if that helps:
a. log on to a user administrator account in Windows XP.
b. click the rectangular 'Start' button in the left corner and open the control panel.
c. click on "Performance and Maintenance" and select "Power Options".
d. choose 'Never' lists 'sleep' and 'Putting into hibernation'. Then click on 'OK '.
Also, see this Microsoft KB article and check if that helps:
How to solve the problems of hibernation and standby in Windows XP
-
RV082 VPN to ASA5500 device crashes when the keep-alive enabled
Hi all.
We have several here RV082s which are intended to connect to a central ASA5510 firewall. VPNS are configured and essentially operate, however in our test environment the RV082s kept crashing after seemingly unpredictable time (sometimes after several days or even weeks). The RV082 have the new firmware (v4.1.0.02 - tm).
Investigations further on the issue, I discovered that accidents can be reproduced upon activation of the keep-alive option on the RV082. Power on the RV082, they can get started, start the VPN, and then they crash a few seconds after the tunnel has been implemented (one or two pings go usually). When crashing, the RV082 becomes completely inaccessible, IE no ping, no interface Web etc.
There is a note in the firmware release notes saying that the activation of the keep-alive option would not work the way that it should. However it seems that enabling this option allows the router completely crash after the next reboot. This makes the keep-alive option basically useless, however we need since the routers will be installed at remote sites with no staff there.
Is it possible to activate the keep-alive option without the crash of routers immediately after start-up?
Thanks & cheers
The RV082 is configured to route all traffic to the ASA? If so, there is a special beta firmware that is trying to solve the problem. However, you will need to call the help desk to create a ticket first.
http://www.Cisco.com/en/us/support/tsd_cisco_small_business_support_center_contacts.html
-
LAN-to-LAN VPN and ISAKMP Keep-alives
Hello
We have configured a VPN LAN-to-LAN between ASA 5505 and GNAT box. Looks like that GNat does not support persistent:
January 16, 2007 14:50:22 713122 IP = 210.X.Y.Z, Keep-alives configured on, but the peer does not support persistent (type = None)
Can I disable these KeepAlive on ASA as well?
Thank you.
Kind regards
Alex
Hi Alex,
If the VPN is not affected hereby, you should not be disabled.
Please rate if this helped.
Kind regards
Daniel
-
Keep alive does not work in sqldeveloper 4.0
Hi friends,
I use sqldeveloper 4.0 in it, keep alive option is not able to see in the tool. I have download the .jar to the https://sites.google.com/site/keepaliveext/ file and paste it in
.. \sqldeveloper-x.x.x.x.x\sqldeveloper\sqldeveloper\extensions and restarted the tool developer sql.
Even if I'm not able to see the option to keep living. Please is there any alternate to do this.
Please help me in this.
Thank you
RAMU
There is a similar extension of keepalive for SQL Developer 4 available at https://bitbucket.org/scristalli/sql-developer-4-keepalive.
-
Is there a 'keep' alive function to prevent websites to automatically disconnect me?
Y at - it a function, Add on, etc. which will regularly send activity to a web site to prevent it from automatically disconnect me for inactivity? There are several sites that I keep in my tabs for the purposes of monitoring, but they have periods of ridiculous timeout from 5 to 15 minutes. I'm tired of having to connect everything again whenever I want to check.
You probably need an add-on for that. Do a quick search, he came. I have not tested myself.
ReloadEvery: reloads webpages every so many seconds or minutes. The service is accessible via the context menu (menu you get when you right-click on a web page) or via the tab context menu (right click on the tab).
-
Defying death, keeping alive via USB
I have a thread going in the forum of the EU, but I might as well check-in here as well:
I bought my Defy in November. has worked perfectly until yesterday. Two nights ago, I used the phone for surfing the web, and I used the LED flashlight to find my way through the apartment when I went to bed. I plugged the charger as I always do and I got the tone "charge" and it dispalyed "60% load...". "etc, all normal
When I woke, I unplugged the phone, but instead of "disconnected" tone, he was quite dead. Screen wouldn't turn on or anything like that. so I reinstalled the battery, but nothing happened. connected to the PC, etc., nothing.
then I left it for about 9-10 hours (via the wall socket), the battery got hot, but the phone has refused to start.
This morning I plugged it in the PC, nothing happened. I left him there and after about 20 minutes or more, the white LED on and the computer gave this "USB connected" sound and some drivers 'OMAP3630' (or something like that) installed, but nothing more.
now a few minutes, I hear the "USB connected", but he never goes away. and if I press the power button on the phone I can't also 'USB connected' and then sounds instantly "USB disconnected".
White LED keep shining, as I understand it means 'load, but not enough juice to turn on again. I ordered a new battery on Ebay ($40!), but it can take up to two weeks for it to ship to the Sweden
any ideas?
I thought that I would update this post, so if someone gets the same problem in the future, they know what are the components.
I got on the phone to a repair and service center seem to have changed the entire Board internally, as they put a new tile with new identification numbers and other things on the original one (so new IMEI etc.)
seems the charger or battery funked out and shorted the system or something
Since I've returned, it took about three weeks to get it back (this includes the delivery volume of Sweden to Germany, processing, repair, sending back from Germany to the Sweden.) Three weeks is a favourable time for that
-
Hey all,.
Just finished my first approx. Cascades loves it!
The only thing I'm always looking for is a way to keep the view while some things are spend in my application (an animation playing). Is there a way to (temporarily) tell the device to not put the screen on standby in waterfalls?
Thank you!
Marco
QML complete:
import bb.cascades 1.0 Page { Container { Label { id: label text: "KeepAwake is " + (Application.mainWindow.screenIdleMode ? "ON" : "OFF") } ToggleButton { onCheckedChanged: Application.mainWindow.screenIdleMode = checked ? 1 : 0; } } }
-
How can I keep alive the word in IndesignCS5 notes/memos
Hello, I am at a loss regarding the loss of the notes to end 'live' who are alive in my word file, but after placing them in indesign cs5, they become dead, by that I mean that the endnote reference does not relate to his endnote or another. I was wondering have I missed an area of formatting or something. What I did is checked in the 'Microsoft Word Import Options' box my "preserve Styles and formatting from text and tables", and yet, they show always just as if it were numbers in exponent form, which is not what I want. I want to be able to do is when I go in my reference options in Indesign, I want to be able to restart page numbering in each section, modify the style etc., thanks if anyone can help.
Eugene, are both your links in the last post on the same page... Was - this intentional?
Peter Kahrel has a few scripts to deal with notes, including a reference to the script of end-notes, to http://www.kahrel.plus.com/indesign/footnotes.html. The OP can convert notes in the notes in Word, and then do the numbering restarts and so on in the IDS and finally convert back to endnotes. I don't know if it is more or less work than using references cross.
-
VPC of Nexus 5 k Keep-Alives - Portchannel necessary?
I'll set up 2 5548UP for layer 3 connectivity and I was wondering about the configuration of the VPC. What is the best practice? Do I have to configure a port-channel of layer 3 to do this with different interfaces (for example, e1/e1/1-2), or can I only make the mgmt port 0 card layer 3 girl (via copper)?
And also, the ports that are L1 and L2 on the layer 3 daughter card for? I know that at some point there were not usable...
Thank you
Bobby Grewal
Hi Bobby,.
You can use the for the persistent mgmt0 port. The main reason for them to determine what kind of failure has occurred if the VPC peer-link goes down. If persistent are up, we know peer switch is in place, and the secondary switch must stop its ports until the pair link comes back online. If persistent are also declining, we switch know peer is gone and the remaining switch must be responsible for the transfer of traffic.
Hand, I'm not sure on the ports of L1 and L2. I'll look into it, but mabey someone has the practical answer.
Chad
-
Upgrade NAS - how can I increase iSCSI keep alives or time dead-then it reboots internally
I'm running an EMC Celerra NAS. Virtual machines are running on iSCSI. While the storage is upgraded front-end server are switched on the NAS, i.e. disk is not accessible for about 4-5 minutes.
Where to increase the values ISCSI to enable pause extended for upgrades?
Yes. I meant double SP, sorry for the confusion that I worked on EMC, NetApp, HDS, etc. and different vendors use different terminology for the same thing.
-
How to keep the RS232 connection
Hello everyone. I have a problem with the RS232 communication. To activate the connection, I need to send the string "RS232", then the keep alive I send every second CR, but in the meantime, I have to be able to send any other strings without delay on the same port (COM7). Can someone help me?
Thank you
RS232 standard does not impose itself to be kept alive in some way, so I guess that's your remote device that requires it.
In any case, you could create a timer of 1 s and having his reminder send periodically the CR on the serial port.
To avoid conflicts between this task and in the rest of the application, you can use a lock: basically, after you have created the lock, each function that wants to access the serial port must call CmtGetLock (), work on the port and call CmtReleaseLock () afterwards. If the lock belongs to another function, other functions when trying to get access are frozen waits for the lock, so you must be careful in the design of COM function so that they are quick. If you do not want to have a function be blocked waiting for the lock, you can use CmtTryToGetLock instead of CmtGetLock. You will find some information about locks in this tutorial as well as in this chapter program ' s reference.
-
Maintenance of the Socket connections alive
Hello developers,
Please, I have problems to perpetuate a socket connection in my application for a long time. It seems to disconnect after a short (2 minutes) while especially if he's inactive.
It happens that I have write an application with a Chat feature and for that, that I keep a socket connection Alive for the life - tme of my application. I tried stuff like Ping Server every minute, but then this is a leak of resources (Blackberry). Push BlackBerry is not an option (as I have other clients other than BB devices).
Please someone know how I can fix this or suggest a different way to go about this?
I agree with previos answering machine. The problem you have is push RIM invented. I'm not aware of a way around that. If you cannot use the pusher, then you will have to keep alive and if your app will suffer battery drain and possibly additional costs related to data traffic.
Some people have used email instead of push as a wau to notify the application that there is something to it: this requires a listener e-mail in the application process and eliminate these notification emails.
If you do not use a living message of keep, then I think this quesiton becomes useless:
«How I even the difference between blackberry...» »
-
How to keep the session on active network firewall
Hi Experts,
I installed Oracle 10 g Database Server on the Linux machine and one application on another machine. The normal behavior of the application is that it will connect to the database from some users and called SQL loader will load data into the database on network firewall.
Problem:
As I have already mentioned that the entire procedure carried out by network firewall is enabled. As Firewall automatically kill the session after a specific time, that's why we want to keep the connection of database for an unlimited period without changing the firewall settings.
So, how can we implement this?
Kind regards
S.RiziAs Firewall automatically kill the session after a specific time...
This means that the firewall doesn't break an IDLE session, use the server in sqlnet.ora:
SQLNET. EXPIRE_TIME =
. This setting will keep alive a session even if nothing happens.
Werner
-
RA VPN doesn't work is not on the second external interface
I've temporarily came from two Internet service providers in our ASA 5510. Which works very well. I tried to configure the VPN to our second outside interface (outside-XO) and who does not. The first/original VPN works great. Can someone look at the config and tell me if I did something wrong. It is not a customer number, because it is able to connect fine on the first interface. Thank you.
ASA Version 7.1 (2)
!
hostname FW01
dot.com domain name
activate the password * encrypted
names of
!
interface Ethernet0/0
nameif outside
security-level 0
IP address *.229.200 255.255.255.192
!
interface Ethernet0/1
Speed 100
full duplex
nameif inside
security-level 100
IP 192.168.2.3 address 255.255.255.0
!
interface Ethernet0/2
nameif outside-XO
security-level 0
IP address *.157.100 255.255.255.192
!
interface Management0/0
nameif management
security-level 100
IP 192.168.14.254 255.255.255.0
management only
!
passwd * encrypted
banner login attention is a private network. Unauthorized intruders will BE prosecuted to the extent of the ACT!
boot system Disk0: / asa712 - k8.bin
passive FTP mode
clock timezone PST - 8
clock summer-time recurring PDT 2 Sun Mar 2:00 1 Sun Nov 02:00
DNS server-group DefaultDNS
dot.com domain name
permit same-security-traffic intra-interface
object-group service tcp Server
HTTPS and www description
EQ object of the https port
port-object eq www
object-group service tcp Mail
SMTP POP3 access description
EQ Port pop3 object
EQ smtp port object
port-object eq 32000
non-standard tcp service object-group
Port Description 1429 and 1431
port-object eq 1431
port-object eq 1429
object-group service DNS tcp - udp
Description to allow outside DNS resolution
area of port-object eq
object-group service FTP tcp
FTP description
port-object eq ftp
SMTPMail tcp service object-group
Description SMTP only access
EQ smtp port object
IQWebServer tcp service object-group
Www and port 8082 description access
port-object eq www
EQ object Port 8082
EQ object of the https port
port-object eq 8999
SFTP tcp service object-group
Description SFTP_SSH
EQ port ssh object
outside_access_in list extended access permit tcp any host *. *.229.201 - a group of Web server objects
outside_access_in list extended access permit tcp any host *. *.229.202 object-group Mail
outside_access_in list extended access permit tcp any host *. *.229.202 - a group of Web server objects
outside_access_in list extended access permit tcp any host *. *.229.202 object-group DNS
outside_access_in list extended access permit tcp any host *. *.229.203 - group of non-standard items
outside_access_in list extended access permit tcp any host *. *.229.204 - a group of Web server objects
outside_access_in list extended access permit tcp any host *. *.229.205 - group of non-standard items
outside_access_in list extended access permit tcp any host *. *.229.208 - a group of Web server objects
outside_access_in list extended access permit tcp any host *. *.157.101 - a group of Web server objects
outside_access_in list extended access permit tcp any host *. *.157.102 object-group Mail
outside_access_in list extended access permit tcp any host *. *.157.102 - a group of Web server objects
outside_access_in list extended access permit tcp any host *. *.157.102 object-group DNS
outside_access_in list extended access permit tcp any host *. *.157.103 - group of non-standard items
outside_access_in list extended access permit tcp any host *. *.157.104 - a group of Web server objects
outside_access_in list extended access permit tcp any host *. *.157.105 - group of non-standard items
outside_access_in list extended access permit tcp any host *. *.157.108 - a group of Web server objects
access-list 150 extended permit tcp any any eq smtp
access-list sheep extended ip 192.168.0.0 allow 255.255.0.0 10.1.1.0 255.255.255.0
access-list sheep extended permits all ip 10.1.1.0 255.255.255.240
Splt_tnl list standard access allowed 192.168.0.0 255.255.0.0
Splt_tnl list standard access allowed 10.1.1.0 255.255.255.0
access-list extended webcap permit tcp any host *. * eq.164.210 smtp
access-list extended webcap permit tcp host * smtp eq.164.210 all
pager lines 24
Enable logging
logging asdm-buffer-size 200
buffered logging critical
exploitation forest asdm errors
Outside 1500 MTU
Within 1500 MTU
management of MTU 1500
outside-XO MTU 1500
mask 10.1.1.1 - 10.1.1.15 255.255.255.0 IP local pool VPNpool
mask 192.168.14.244 - 192.168.14.253 255.255.255.0 IP local pool VPNCisco
ICMP allow any inside
ASDM image disk0: / asdm512.bin
enable ASDM history
ARP timeout 14400
Global (outside) 1 *. *.229.194
Global (outside-XO) 1 *. *. 157.66
NAT (inside) 0 access-list sheep
NAT (inside) 1 192.168.0.0 255.255.0.0
public static tcp (indoor, outdoor) * domaine.229.202 192.168.14.166 netmask 255.255.255.255 area
public static tcp (indoor, outdoor) *.229.202 www 192.168.14.2 www netmask 255.255.255.255
public static tcp (indoor, outdoor) *.229.202 smtp smtp 192.168.14.2 mask 255.255.255.255 subnet
public static tcp (indoor, outdoor) *.229.202 192.168.14.2 pop3 pop3 netmask 255.255.255.255
public static tcp (indoor, outdoor) *.229.202 32000 192.168.14.2 32000 netmask 255.255.255.255
static (inside, outside) *. * 192.168.14.6.229.203 netmask 255.255.255.255
static (inside, outside) *. * 192.168.14.28.229.204 netmask 255.255.255.255
static (inside, outside) *. * 192.168.14.205.229.205 netmask 255.255.255.255
static (inside, outside) *. * 192.168.14.29.229.208 netmask 255.255.255.255
static (inside, outside) *. * 192.168.14.3.229.201 netmask 255.255.255.255
TCP static (inside, outside-XO) *. * domaine.157.102 192.168.14.166 netmask 255.255.255.255 area
TCP static (inside, outside-XO) *. *.157.102 www 192.168.14.2 www netmask 255.255.255.255
TCP static (inside, outside-XO) *. *.157.102 smtp smtp 192.168.14.2 mask 255.255.255.255 subnet
TCP static (inside, outside-XO) *. *.157.102 192.168.14.2 pop3 pop3 netmask 255.255.255.255
TCP static (inside, outside-XO) *. *.157.102 32000 192.168.14.2 32000 netmask 255.255.255.255
static (inside, outside-XO) *. * 192.168.14.3.157.101 netmask 255.255.255.255
static (inside, outside-XO) *. * 192.168.14.6.157.103 netmask 255.255.255.255
static (inside, outside-XO) *. * 192.168.14.28.157.104 netmask 255.255.255.255
static (inside, outside-XO) *. * 192.168.14.205.157.105 netmask 255.255.255.255
static (inside, outside-XO) *. * 192.168.14.29.157.108 netmask 255.255.255.255
Access-group outside_access_in in interface outside
Access-group outside_access_in in interface outside-XO
Route outside 0.0.0.0 0.0.0.0 *. * 1.229.193
Route inside 192.168.0.0 255.255.0.0 192.168.2.1 1
Route outside-XO 0.0.0.0 0.0.0.0 *. * 2.157.65
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00
Timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
Timeout, uauth 0:05:00 absolute
attributes of Group Policy DfltGrpPolicy
No banner
WINS server no
DNS server no
DHCP-network-scope no
VPN-access-hour no
VPN - connections 3
VPN-idle-timeout 480
VPN-session-timeout no
VPN-filter no
Protocol-tunnel-VPN IPSec
disable the password-storage
disable the IP-comp
Re-xauth disable
Group-lock no
disable the PFS
IPSec-udp disable
IPSec-udp-port 10000
Split-tunnel-policy tunnelall
Split-tunnel-network-list no
by default no
Split-dns no
disable secure authentication unit
disable authentication of the user
user-authentication-idle-timeout 30
disable the IP-phone-bypass
disable the leap-bypass
disable the NEM
Dungeon-client-config backup servers
the firewall client no
rule of access-client-none
WebVPN
url-entry functions
HTML-content-filter none
Home page no
4 Keep-alive-ignore
gzip http-comp
no filter
list of URLS no
value of customization DfltCustomization
port - forward, no
port-forward-name value access to applications
SSO-Server no
value of deny message connection succeeded, but because some criteria have not been met, or because of a specific group policy, you are not allowed to use the VPN features. Contact your administrator for more information
SVC no
SVC Dungeon-Installer installed
SVC keepalive no
generate a new key SVC time no
method to generate a new key of SVC no
client of dpd-interval SVC no
dpd-interval SVC bridge no
deflate compression of SVC
Cisco strategy of Group internal
Cisco group policy attributes
value of server WINS 192.168.14.4 192.168.14.11
value of 192.168.14.4 DNS server 192.168.14.11
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list Splt_tnl
field default value *.com
username * password * encrypted
username * password * encrypted privilege 0
username * password * encrypted
username * password * encrypted
username * password * encrypted
username * password * encrypted privilege 15
username * password * encrypted privilege 15
the ssh LOCAL console AAA authentication
Enable http server
http 0.0.0.0 0.0.0.0 outdoors
http 192.168.0.0 255.255.0.0 inside
http 192.168.1.0 255.255.255.0 management
http 192.168.14.0 255.255.255.0 management
http 0.0.0.0 0.0.0.0 outside-XO
SNMP-server host within the public 192.168.14.27 of the community
location of the SNMP server *.
contact SNMP Network Admin Server
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto-map dynamic outside_dyn_map 20 the value transform-set ESP-3DES-SHA
dynamic-map of crypto-XO_dyn_map 10 outside the value transform-set ESP-3DES-SHA
map outside_map 65535-isakmp ipsec crypto dynamic outside_dyn_map
outside_map interface card crypto outside
outside-XO_map 65535 ipsec-isakmp crypto map outside Dynamics-XO_dyn_map
card crypto outside-XO_map interface outside-XO
ISAKMP allows outside
ISAKMP enable outside-XO
part of pre authentication ISAKMP policy 10
ISAKMP policy 10 3des encryption
ISAKMP policy 10 sha hash
10 2 ISAKMP policy group
ISAKMP life duration strategy 10 86400
ISAKMP nat-traversal 20
IPSec-attributes tunnel-group DefaultL2LGroup
ISAKMP keepalive retry threshold 600 10
IPSec-attributes tunnel-group DefaultRAGroup
ISAKMP keepalive retry threshold 600 10
tunnel-group, type Cisco ipsec-ra
attributes global-tunnel-group Cisco
address pool VPNpool
Group Policy - by default-Cisco
tunnel-group Cisco ipsec-attributes
pre-shared-key *.
ISAKMP keepalive retry threshold 600 10
Telnet 192.168.0.0 255.255.0.0 inside
Telnet 192.168.14.109 255.255.255.255 inside
Telnet 192.168.14.36 255.255.255.255 inside
Telnet timeout 5
SSH 0.0.0.0 0.0.0.0 inside
SSH timeout 5
Console timeout 10
management-access inside
dhcpd lease 3600
dhcpd ping_timeout 50
!
INSPECT class-map
class-map inspection_default
match default-inspection-traffic
!
!
Policy-map global_policy
class INSPECT
inspect the dns
inspect the http
inspect the icmp
inspect the tftp
inspect the ftp
inspect the h323 ras
inspect h323 h225
inspect the snmp
inspect the sip
inspect esmtp
class inspection_default
inspect the ftp
!
global service-policy global_policy
TFTP server inside 192.168.14.21 TFTP-root /.
192.168.14.2 SMTP server
Cryptochecksum:5eedeb06395378ed1c308a70d253c1b6
: endHello
Should work.
What I think is the routes:
Route outside 0.0.0.0 0.0.0.0 *. * 1.229.193
Route outside-XO 0.0.0.0 0.0.0.0 *. * 2.157.65If the first interface is ok, the ASA does not go to route packets via the second interface, so VPN will be not through this interface.
On the client, can you PING the two IPs outside of ASA or only the first?
Try to add a static route on the SAA to secondary education outside interface pointing to the address of the customer and try to connect via VPN and see if it works.
Orders:
HS cry isa his
HS cry ips its
Will be a big help as well, when the VPN connection attempt failed.
Federico.
Maybe you are looking for
-
iMac, sleep, no downtime required password?
I have an iMac (OS X El Capitan) and created a password to access the computer once awakened from his sleep. I was surprised that if I stop the computer I can boot and access it without a password. I wish I could do can be used with a password althou
-
Upgrade Touchsmart 600 for 3 to 4
I lost my files and the link to the forum their going to a "not found". I am running Windows7 64 bit. Where can I download them?
-
split the signal not showing multiple output
I'm dividing the multichannel signal from acquisition of data NOR-6008. When I connect the data to the separation of the vi signal, there is that a single output eventhough I did the dow to give me all the outputs. Please help its urgent.
-
Lookout 6.5 new opening of session/logoff feature does not save
I am pleased to see that Lookout 6.5 has a new feature of opening/closing of session - but I'm having a little success with it. I use Lookout 6.5 Integrator on a new PC running Windows 7 Professional. If I go to $System connections and double click o
-
Maybe you can help me, people. My 4 - month, dv6-7014nr, under Win7 Home Premium on a drive hybrid 750Go, has a bad habit: if I leave it unattended for a period of time, the screen turns off (most likely the screen saver, I get it). If I shake the mo