Help! Several problem of the setup of site-to-site VPN connection
Recently, I place ASA 5505 on 3 sites and communicate with VPN site-to-site. I am able to connect HQ for two offices without any problem. And each office connect as weel. However, I can't do desktop connection remote at camp. Please see below for each configuration of office and thanks to any part of your experience.
(Pri:172.29.88.254 remote desktop; Pub: 173.190.234.138; Subnet:172.29.88.0/24)
|
| (VPN)
|
HQ office (Pri: 172.29.8.254;) Pub: 173.111.222.140; Subnet: 172.29.8.0/24)
|
| (VPN)
|
Colo (Pri: 172.29.168.254;) Pub: 111.167.239.218; Subnet: 172.29.168.0/24)
Configuration of HQ ASA5505-
ASA 4,0000 Version 1
!
hostname jtfw-AC
domain jollytech.com
activate the encrypted password of Yr4Jr0JzJxYTTQQu
GCdiui.2NH7n52DU encrypted passwd
names of
!
interface Ethernet0/0
switchport access vlan 2
Speed 100
!
interface Ethernet0/1
switchport access vlan 2
Speed 100
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
IP 172.29.8.254 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP 173.111.222.140 255.255.255.248
!
passive FTP mode
clock timezone GMT 0
DNS server-group DefaultDNS
domain jollytech.com
permit same-security-traffic inter-interface
network obj_any object
subnet 0.0.0.0 0.0.0.0
service object RDP
source eq 3389 tcp service
Orange network object
Home 172.29.8.151
network of the WAN_173_111_222_138 object
Home 173.111.222.138
SMTP service object
tcp source eq smtp service
service object PPTP
tcp source eq pptp service
service of the JT_WWW object
tcp source eq www service
service of the JT_HTTPS object
tcp source eq https service
network obj_lex object
172.29.88.0 subnet 255.255.255.0
network of offices of Lexington Description
network obj_HQ object
172.29.8.0 subnet 255.255.255.0
guava network object
Home 172.29.8.3
network obj_HQVPN object
192.168.8.0 subnet 255.255.255.0
jt-fn68zv1 network object
Home 172.29.8.71
service of the JT_FTP object
tcp source eq ftp service
network obj_colo object
172.29.168.0 subnet 255.255.255.0
Standard access list VPN_Tunnel_User allow 172.29.8.0 255.255.255.0
VPN_Tunnel_User standard access list allow 192.168.8.0 255.255.255.0
inside_access_in list extended access permit icmp any one
inside_access_in tcp extended access list deny any any eq idle 135
inside_access_in tcp extended access list refuse any eq 135 all idle state
inside_access_in list extended access deny udp any what eq 135 all idle state
inside_access_in list extended access deny udp any any eq idle 135
inside_access_in tcp extended access list deny any any eq 1591
inside_access_in tcp extended access list refuse any eq 1591 everything
inside_access_in list extended access deny udp any eq which 1591 everything
inside_access_in list extended access deny udp any any eq 1591
inside_access_in tcp extended access list deny any any eq 1214
inside_access_in tcp extended access list refuse any eq 1214 all
inside_access_in list extended access deny udp any any eq 1214
inside_access_in list extended access deny udp any what eq 1214 all
inside_access_in of access allowed any ip an extended list
inside_access_in list extended access permit tcp any any eq www
inside_access_in list extended access permit tcp any eq www everything
outside_access_in list extended access permit icmp any one
outside_access_in list extended access permit tcp any host 173.111.222.138 eq 3389
outside_access_in list extended access permit tcp any host 173.111.222.138 eq smtp
outside_access_in list extended access permit tcp any host 173.111.222.138 eq pptp
outside_access_in list extended access permit tcp any host 173.111.222.138 eq www
outside_access_in list extended access permit tcp any host 173.111.222.138 eq https
outside_access_in of access allowed any ip an extended list
inside_access_out list extended access permit icmp any one
inside_access_out of access allowed any ip an extended list
access extensive list ip 172.29.8.0 outside_cryptomap allow 255.255.255.0 172.29.88.0 255.255.255.0
permit access list extended ip object obj_colo object obj_lex outside_cryptomap
inside_in list extended access permit icmp any one
inside_in of access allowed any ip an extended list
inside_in list extended access udp allowed any any eq isakmp
inside_in list extended access udp allowed any isakmp eq everything
inside_in list extended access udp allowed a whole
inside_in list extended access permitted tcp a whole
permit access list extended ip object obj_HQ object obj_colo outside_cryptomap_1
permit access list extended ip object obj_lex object obj_colo outside_cryptomap_1
pager lines 24
Enable logging
timestamp of the record
logging trap information
asdm of logging of information
address record [email protected] / * /
host of logging inside the 172.29.8.89
Within 1500 MTU
Outside 1500 MTU
mask 192.168.8.100 - 192.168.8.150 255.255.255.0 IP local pool Jolly_HQVPN_DHCP
ICMP unreachable rate-limit 1 burst-size 1
enable ASDM history
ARP timeout 14400
NAT static orange interface (inside, outside) source RDP RDP service
NAT (inside, outside) source obj_HQ destination obj_HQ static static obj_lex obj_lex-route search
NAT (inside, outside) source obj_HQ destination obj_HQ static static obj_colo obj_colo-route search
NAT (inside, outside) source obj_colo destination obj_colo static static obj_lex obj_lex-route search
NAT (inside, outside) source obj_lex destination obj_lex static static obj_colo obj_colo-route search
NAT guava Shared source (internal, external) WAN_173_164_222_138 service JT_WWW JT_WWW
NAT guava Shared source (internal, external) WAN_173_164_222_138 service JT_HTTPS JT_HTTPS
NAT guava Shared source (internal, external) WAN_173_164_222_138 service RDP RDP
NAT guava Shared source (internal, external) WAN_173_164_222_138 SMTP SMTP service
NAT guava Shared source (internal, external) WAN_173_164_222_138 PPTP PPTP service
NAT interface service (Interior, exterior) source static jt-fn68zv1 JT_FTP JT_FTP
NAT (inside, outside) source obj_HQ destination obj_HQ static static obj_HQVPN obj_HQVPN
!
network obj_any object
NAT dynamic interface (indoor, outdoor)
inside_access_in access to the interface inside group
Access-group outside_access_in in interface outside
Route outside 0.0.0.0 0.0.0.0 173.111.222.142 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
AAA-server protocol nt guava
AAA-server host 172.29.8.3 guava (inside)
Timeout 15
guava auth - NT domain controller
identity of the user by default-domain LOCAL
identity of the user inactive-user-timer minutes 360
Enable http server
http 172.29.8.0 255.255.255.0 inside
SNMP-server host within the 172.29.8.89 community * version 2 c
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac
Crypto ipsec transform-set esp-3des esp-md5-hmac Remote_VPN_Set ikev1
Crypto ipsec ikev2 ipsec-proposal OF
encryption protocol esp
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 proposal ipsec 3DES
Esp 3des encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES
Esp aes encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES192
Protocol esp encryption aes-192
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 AES256 ipsec-proposal
Protocol esp encryption aes-256
Esp integrity sha - 1, md5 Protocol
Crypto-map Dynamics 20 ikev1 transform-set Remote_VPN_Set set outside_dyn_map
Crypto-map dynamic outside_dyn_map 20 the value reverse-road
card crypto outside_map 1 match address outside_cryptomap
card crypto outside_map 1 set pfs
peer set card crypto outside_map 1 173.190.234.138
card crypto outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5
ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA'RE
P-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 1jeu ikev2 AES AES192 AES256 3DES ipsec-proposal
card crypto outside_map 2 match address outside_cryptomap_1
card crypto outside_map 2 set pfs
peer set card crypto outside_map 2 111.167.239.218
card crypto outside_map 2 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5
ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA'RE
P-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 2 set AES AES192 AES256 3DES ipsec-proposal ikev2
map outside_map 65535-isakmp ipsec crypto dynamic outside_dyn_map
outside_map interface card crypto outside
IKEv2 crypto policy 1
aes-256 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 10
aes-192 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 20
aes encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 30
3des encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 40
the Encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
Crypto ikev2 allow outside
Crypto ikev1 allow outside
IKEv1 crypto policy 10
authentication crack
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 20
authentication rsa - sig
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 30
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 40
authentication crack
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 50
authentication rsa - sig
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 60
preshared authentication
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 70
authentication crack
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 80
authentication rsa - sig
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 90
preshared authentication
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 100
authentication crack
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 110
authentication rsa - sig
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 120
preshared authentication
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 130
authentication crack
the Encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 140
authentication rsa - sig
the Encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 150
preshared authentication
the Encryption
sha hash
Group 2
life 86400
Telnet 172.29.8.0 255.255.255.0 inside
Telnet timeout 5
SSH timeout 5
SSH group dh-Group1-sha1 key exchange
Console timeout 0
dhcpd auto_config off vpnclient-wins-override
!
dhcprelay Server 172.29.8.3 on the inside
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
WebVPN
allow outside
internal Jolleytech_VPN group strategy
attributes of Group Policy Jolleytech_VPN
value of server DNS 172.29.8.3
Ikev1 VPN-tunnel-Protocol
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list VPN_Tunnel_User
jollytech.local value by default-field
internal GroupPolicy_10.8.8.1 group strategy
attributes of Group Policy GroupPolicy_10.8.8.1
L2TP ipsec VPN-tunnel-Protocol ikev1, ikev2
name of user who encrypted password eicyrfJBrqOaxQvS
type tunnel-group jollytech remote access
tunnel-group jollytech General-attributes
address pool Jolly_HQVPN_DHCP
authentication-server-group guava
Group Policy - by default-Jolleytech_VPN
jollytech group of tunnel ipsec-attributes
IKEv1 pre-shared-key *.
tunnel-group 111.167.239.218 type ipsec-l2l
tunnel-group 111.167.239.218 General-attributes
Group - default policy - GroupPolicy_10.8.8.1
IPSec-attributes tunnel-group 111.167.239.218
IKEv1 pre-shared-key *.
remote control-IKEv2 pre-shared-key authentication *.
remotely IKEv2 authentication certificate
pre-shared-key authentication local IKEv2 *.
tunnel-group 173.190.234.138 type ipsec-l2l
tunnel-group 173.190.234.138 General-attributes
Group - default policy - GroupPolicy_10.8.8.1
IPSec-attributes tunnel-group 173.190.234.138
IKEv1 pre-shared-key *.
remote control-IKEv2 pre-shared-key authentication *.
remotely IKEv2 authentication certificate
pre-shared-key authentication local IKEv2 *.
!
class-map inspection_default
match default-inspection-traffic
!
!
Policy-map global_policy
class inspection_default
inspect the pptp
inspect the ftp
inspect the netbios
inspect the http
!
global service-policy global_policy
172.29.8.3 SMTP server
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:2da829cf9fd3d4901e8131c2ae32b679
: end
Configuration of remote desktop-
ASA Version 8.4 (3)
!
hostname jtfw-lex
activate the encrypted password of Yr4Jr0JzJxYTTQQu
GCdiui.2NH7n52DU encrypted passwd
names of
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
switchport access vlan 2
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
IP 172.29.88.254 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP 173.190.234.138 255.255.255.248
!
passive FTP mode
network obj_any object
subnet 0.0.0.0 0.0.0.0
service object RDP
source eq 3389 tcp service
SMTP service object
tcp source eq smtp service
service object PPTP
tcp source eq pptp service
service of the JT_WWW object
tcp source eq www service
service of the JT_HTTPS object
tcp source eq https service
jt-dc01 network object
Home 172.29.88.151
network of the object WAN_jt-dc01
Home 10.8.8.3
network obj_lex object
172.29.88.0 subnet 255.255.255.0
network of offices of Lexinton Description
network obj_HQ object
172.29.8.0 subnet 255.255.255.0
network Jollytech HQ Description
network obj_colo object
172.29.168.0 subnet 255.255.255.0
network of colo Jollytech Description
inside_access_in list extended access permit icmp any one
inside_access_in tcp extended access list deny any any eq idle netbios-ssn
inside_access_in tcp extended access list refuse any netbios-ssn eq all idle state
inside_access_in list extended access deny udp any what eq 139 all
inside_access_in list extended access deny udp any any eq 139
inside_access_in tcp extended access list deny any any eq 135
inside_access_in tcp extended access list refuse any eq 135 everything
inside_access_in list extended access deny udp any what eq 135 everything
inside_access_in list extended access deny udp any any eq 135
inside_access_in tcp extended access list deny any any eq 1591
inside_access_in tcp extended access list refuse any eq 1591 everything
inside_access_in list extended access deny udp any eq which 1591 everything
inside_access_in list extended access deny udp any any eq 1591
inside_access_in tcp extended access list deny any any eq 1214
inside_access_in tcp extended access list refuse any eq 1214 all
inside_access_in list extended access deny udp any what eq 1214 all
inside_access_in list extended access deny udp any any eq 1214
inside_access_in of access allowed any ip an extended list
outside_access_in list extended access permit icmp any one
outside_access_in list extended access permit tcp any host 10.8.8.3 eq smtp
outside_access_in list extended access permit tcp any host 10.8.8.3 eq pptp
outside_access_in list extended access permit tcp any host 10.8.8.3 eq www
outside_access_in list extended access permit tcp any host 10.8.8.3 eq https
outside_access_in list extended access permit tcp any host 10.8.8.3 eq 3389
outside_access_in of access allowed any ip an extended list
inside_access_out list extended access permit icmp any one
access extensive list ip 172.29.88.0 outside_cryptomap allow 255.255.255.0 object obj_HQ
permit access list extended ip object obj_lex object obj_colo outside_cryptomap
Standard access list VPN_Tunnel_user allow 172.29.88.0 255.255.255.0
Standard access list VPN_Tunnel_user allow 172.29.8.0 255.255.255.0
Standard access list VPN_Tunnel_user allow 172.29.168.0 255.255.255.0
Standard access list VPN_Tunnel_user allow 192.168.88.0 255.255.255.0
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
IP local pool jolly_lex_DHCP 192.168.88.100 - 192.168.88.120 mask 255.255.255.0
ICMP unreachable rate-limit 1 burst-size 1
don't allow no asdm history
ARP timeout 14400
NAT WAN_jt-dc01 service (Interior, exterior) source static jt-dc01 RDP RDP
NAT static (inside, outside) source JT_WWW JT_WWW WAN_jt-dc01 jt-dc01 service
NAT (inside, outside) source obj_lex destination obj_lex static static obj_HQ obj_HQ-route search
NAT (inside, outside) source obj_lex destination obj_lex static static obj_colo obj_colo-route search
!
network obj_any object
NAT dynamic interface (indoor, outdoor)
inside_access_in access to the interface inside group
Access-group outside_access_in in interface outside
Route outside 0.0.0.0 0.0.0.0 173.190.234.137 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
Enable http server
http 172.29.88.0 255.255.255.0 inside
SNMP-server host within the 172.29.88.30 community * version 2 c
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac
Crypto ipsec transform-set esp-3des esp-md5-hmac Remote_VPN_set ikev1
Crypto ipsec ikev2 ipsec-proposal OF
encryption protocol esp
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 proposal ipsec 3DES
Esp 3des encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES
Esp aes encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES192
Protocol esp encryption aes-192
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 AES256 ipsec-proposal
Protocol esp encryption aes-256
Esp integrity sha - 1, md5 Protocol
card crypto outside_map 1 match address outside_cryptomap
card crypto outside_map 1 set pfs
peer set card crypto outside_map 1 173.111.222.140
card crypto outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5
ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA'RE
P-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 1jeu ikev2 AES AES192 AES256 3DES ipsec-proposal
outside_map interface card crypto outside
IKEv2 crypto policy 1
aes-256 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 10
aes-192 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 20
aes encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 30
3des encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 40
the Encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
Crypto ikev2 allow outside
Crypto ikev1 allow outside
IKEv1 crypto policy 10
authentication crack
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 20
authentication rsa - sig
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 30
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 40
authentication crack
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 50
authentication rsa - sig
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 60
preshared authentication
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 70
authentication crack
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 80
authentication rsa - sig
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 90
preshared authentication
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 100
authentication crack
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 110
authentication rsa - sig
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 120
preshared authentication
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 130
authentication crack
the Encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 140
authentication rsa - sig
the Encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 150
preshared authentication
the Encryption
sha hash
Group 2
life 86400
Telnet 172.29.88.0 255.255.255.0 inside
Telnet timeout 5
SSH timeout 5
Console timeout 0
dhcpd address 172.29.88.50 - 172.29.88.100 inside
dhcpd dns 172.29.8.3 166.102.165.11 interface inside
dhcpd jollytech.local area inside interface
dhcpd allow inside
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
WebVPN
internal GroupPolicy_173.164.222.140 group strategy
attributes of Group Policy GroupPolicy_173.164.222.140
L2TP ipsec VPN-tunnel-Protocol ikev1, ikev2
name of user who has encrypted password JOYSoaqW4x32VHKB
tunnel-group 173.111.222.140 type ipsec-l2l
tunnel-group 173.111.222.140 general-attributes
Group - default policy - GroupPolicy_173.164.222.140
IPSec-attributes tunnel-group 173.111.222.140
IKEv1 pre-shared-key *.
remote control-IKEv2 pre-shared-key authentication *.
remotely IKEv2 authentication certificate
pre-shared-key authentication local IKEv2 *.
!
class-map inspection_default
match default-inspection-traffic
!
!
Policy-map global_policy
class inspection_default
inspect the pptp
inspect the ftp
inspect the netbios
!
global service-policy global_policy
172.29.8.3 SMTP server
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:0a0cf040a1f0f979ff55f0ef7e15c452
: end
Configuration Colo-
ASA Version 8.4 (3)
!
hostname jtfw-colo
domain jollytech.com
activate the encrypted password of Yr4Jr0JzJxYTTQQu
GCdiui.2NH7n52DU encrypted passwd
names of
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
switchport access vlan 2
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
IP 172.29.168.254 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP 111.167.239.218 255.255.255.248
!
passive FTP mode
clock timezone GMT 0
DNS server-group DefaultDNS
domain jollytech.com
network obj_any object
subnet 0.0.0.0 0.0.0.0
service object RDP
source eq 3389 tcp service
SMTP service object
tcp source eq smtp service
service object PPTP
tcp source eq pptp service
service of the JT_WWW object
tcp source eq www service
service of the JT_HTTPS object
tcp source eq https service
network obj_lex object
172.29.88.0 subnet 255.255.255.0
network of offices of Lexington Description
network obj_HQ object
172.29.8.0 subnet 255.255.255.0
network Jollytech HQ Description
guava network object
Home 172.29.8.3
network obj_HQVPN object
192.168.8.0 subnet 255.255.255.0
Description Jollytech HQ VPN network
network of the WAN_111_167_239_220 object
Home 111.167.239.220
jt-dc01 network object
Home 172.29.168.3
jt-exch2010 network object
Home 172.29.168.25
network obj_colo object
172.29.168.0 subnet 255.255.255.0
network of colo Jollytech Description
network of the object RC_jt-r610
Home 172.29.168.8
network of the WAN_111_167_239_221 object
Home 111.167.239.221
inside_access_in list extended access permit icmp any one
inside_access_in tcp extended access list deny any any eq idle 135
inside_access_in tcp extended access list refuse any eq 135 all idle state
inside_access_in list extended access deny udp any what eq 135 everything
inside_access_in list extended access deny udp any any eq 135
inside_access_in tcp extended access list deny any any eq 1591
inside_access_in tcp extended access list refuse any eq 1591 everything
inside_access_in list extended access deny udp any eq which 1591 everything
inside_access_in list extended access deny udp any any eq 1591
inside_access_in tcp extended access list deny any any eq 1214
inside_access_in tcp extended access list refuse any eq 1214 all
inside_access_in list extended access deny udp any any eq 1214
inside_access_in list extended access deny udp any what eq 1214 all
inside_access_in list extended access permit tcp any any eq www
inside_access_in list extended access permit tcp any eq www everything
inside_access_in of access allowed any ip an extended list
outside_access_in list extended access permit icmp any one
outside_access_in list extended access permit tcp any object WAN_198_167_239_220 eq 3389
outside_access_in list extended access permit tcp any object WAN_198_167_239_220 eq www
outside_access_in list extended access permit tcp any object https eq WAN_198_167_239_220
outside_access_in list extended access permit tcp any object WAN_198_167_239_221 eq www
outside_access_in list extended access permit tcp any object https eq WAN_198_167_239_221
outside_access_in list extended access permit tcp any object WAN_198_167_239_221 eq 3389
outside_access_in of access allowed any ip an extended list
inside_access_out list extended access permit icmp any one
inside_access_out of access allowed any ip an extended list
permit access list extended ip object obj_colo object obj_HQ outside_cryptomap
permit access list extended ip object obj_colo object obj_lex outside_cryptomap
pager lines 24
Enable logging
asdm of logging of information
address record [email protected] / * /
exploitation forest-address recipient [email protected] / * / level of errors
host of logging inside the 172.29.168.89
Within 1500 MTU
Outside 1500 MTU
mask 192.168.168.100 - 192.168.168.110 255.255.255.0 IP local pool Jolly_coloVPN_DHCP
ICMP unreachable rate-limit 1 burst-size 1
enable ASDM history
ARP timeout 14400
NAT of the service interface to the Shared source (internal, external) JT_WWW JT_WWW RC_jt-r610
NAT of the service interface to the Shared source (internal, external) JT_HTTPS JT_HTTPS RC_jt-r610
NAT service of WAN_111_167_239_220 jt-dc01 Shared source (internal, external) JT_HTTPS JT_HTTPS
NAT service of WAN_111_167_239_220 jt-dc01 Shared source (internal, external) JT_WWW JT_WWW
NAT service of WAN_111_167_239_220 jt-dc01 Shared source (inside, outside) RDP RDP
NAT service of WAN_111_167_239_221 jt-exch2010 static source (inside, outside) RDP RDP
NAT source service (Interior, exterior) static jt-exch2010 WAN_111_167_239_221 JT_WWW JT_WWW
NAT source service (Interior, exterior) static jt-exch2010 WAN_111_167_239_221 JT_HTTPS JT_HTTPS
NAT (inside, outside) source obj_colo destination obj_colo static static obj_HQ obj_HQ-route search
NAT (inside, outside) source obj_colo destination obj_colo static static obj_lex obj_lex-route search
!
network obj_any object
NAT dynamic interface (indoor, outdoor)
inside_access_in access to the interface inside group
Access-group outside_access_in in interface outside
Route outside 0.0.0.0 0.0.0.0 111.167.239.217 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
Enable http server
http 172.29.168.0 255.255.255.0 inside
http 172.29.8.0 255.255.255.0 inside
SNMP-server host within the 172.29.168.89 community * version 2 c
location of SNMP server it Fremont Colo
SNMP Server contact [email protected] / * /
Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac
Crypto ipsec transform-set esp-3des esp-md5-hmac Remote_VPN_Set ikev1
Crypto ipsec transform-set esp-3des esp-md5-hmac Remote_vpn_set ikev1
Crypto ipsec ikev2 AES256 ipsec-proposal
Protocol esp encryption aes-256
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES192
Protocol esp encryption aes-192
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES
Esp aes encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 proposal ipsec 3DES
Esp 3des encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal OF
encryption protocol esp
Esp integrity sha - 1, md5 Protocol
Crypto-map Dynamics 20 ikev1 transform-set Remote_VPN_Set set outside_dyn_map
Crypto-map dynamic outside_dyn_map 20 the value reverse-road
card crypto outside_map 1 match address outside_cryptomap
card crypto outside_map 1 set pfs
peer set card crypto outside_map 1 173.111.222.140
card crypto outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5
ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA'RE
P-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 1 set ikev2 AES256 AES192 AES 3DES ipsec-proposal OF
map outside_map 65535-isakmp ipsec crypto dynamic outside_dyn_map
outside_map interface card crypto outside
IKEv2 crypto policy 1
aes-256 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 10
aes-192 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 20
aes encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 30
3des encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 40
the Encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
Crypto ikev2 allow outside
Crypto ikev1 allow outside
IKEv1 crypto policy 1
preshared authentication
3des encryption
sha hash
Group 2
life 43200
IKEv1 crypto policy 10
authentication crack
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 20
authentication rsa - sig
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 30
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 40
authentication crack
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 50
authentication rsa - sig
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 60
preshared authentication
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 70
authentication crack
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 80
authentication rsa - sig
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 90
preshared authentication
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 100
authentication crack
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 110
authentication rsa - sig
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 120
preshared authentication
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 130
authentication crack
the Encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 140
authentication rsa - sig
the Encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 150
preshared authentication
the Encryption
sha hash
Group 2
life 86400
Telnet 172.29.8.0 255.255.255.0 inside
Telnet 172.29.168.0 255.255.255.0 inside
Telnet timeout 5
SSH timeout 5
Console timeout 0
dhcpd auto_config off vpnclient-wins-override
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
WebVPN
allow outside
internal GroupPolicy_173.111.222.140 group strategy
attributes of Group Policy GroupPolicy_173.111.222.140
L2TP ipsec VPN-tunnel-Protocol ikev1, ikev2
name of user who encrypted password eicyrfJBrqOaxQvS
tunnel-group 173.111.222.140 type ipsec-l2l
tunnel-group 173.111.222.140 general-attributes
Group - default policy - GroupPolicy_173.111.222.140
IPSec-attributes tunnel-group 173.111.222.140
IKEv1 pre-shared-key *.
remote control-IKEv2 pre-shared-key authentication *.
remotely IKEv2 authentication certificate
pre-shared-key authentication local IKEv2 *.
!
class-map inspection_default
match default-inspection-traffic
!
!
Policy-map global_policy
class inspection_default
inspect the pptp
inspect the ftp
inspect the netbios
!
global service-policy global_policy
172.29.8.3 SMTP server
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:a45d9f3e7b23713c34d13d5a8ac5ece5
: end
Hello
I think that these NAT configurations must change in the ASA HQ
NAT (inside, outside) source obj_colo destination obj_colo static static obj_lex obj_lex-route search
NAT (inside, outside) source obj_lex destination obj_lex static static obj_colo obj_colo-route search
Note that you must configure to use 'inside' and 'outside' interface.
However if two remote sites put an end to the ASA HQ "outside" interface and the traffic between these remote sites (that go through this ASA HQ) actually must a NAT between 'outside' and 'outside '.
You will need to use the (outside, outside) in the NAT configurations.
NAT (outside, outside) source obj_colo destination obj_colo static static obj_lex obj_lex-route search
NAT (outside, outside) source obj_lex destination obj_lex static static obj_colo obj_colo-route search
You could actually be fine with either NAT 2 only two-way configurations as it should.
-Jouni
Tags: Cisco Security
Similar Questions
-
Anyone know if there is a problem with the "Windows Update" site? Since May 11, 2010...
Anyone know if there is a problem with the "Windows Update" site? As of May 11, 2010 I could not access it for 2 days now. I get an error report indicating that he has a "problem with the site '... Not sure if it's my computer or the site itself. I just need to check updates and download them. I would be grateful for any feedback... Thank you!
~ JeniferIt is without a doubt. There were a few patches published today, and I was able to update all my machines successfully. This looks more like a virus problem. Have you run a virus scan recently? Many times, if you are infected the virus will prevent you to access Windows Update.
You can also use Microsoft Fix It to reset the Windows Update components: http://support.microsoft.com/kb/971058. This could also be your problem.
Let me know how it goes,
Barbara
-
Multiple site to site VPN connections
Hello.
I've finally set up a site to site VPN connection and now wonder how I can configure multiple connections that are accessible by different VLAN.
So that VLAN1 use a tunnel and VLAN2 another.
Best regards Tommy Svensson
Configuration up to now:
crypto ISAKMP policy 10
BA aes 256
preshared authentication
Group 5
life 3600
vpnkey crypto isakmp key address?. 206
!
!
Crypto ipsec transform-set VPN aes - esp esp-sha-hmac
!
VPNMAP 10 ipsec-isakmp crypto map
Site 2 site description
defined by peers? 206
security-association the value of life 4000 kilobytes
game of transformation-VPN
PFS Set group5
match address 100access-list 100 permit ip 10.10.1.0 0.0.0.255 192.168.3.0 0.0.0.255
Hi Tommy
In order to complete their reviews of Marcin, something like this should help (obviously you need to change the IP addresses accordingly).
VPNMAP 10 ipsec-isakmp crypto map
Site 2 site description
defined by peers? 206
security-association the value of life 4000 kilobytes
game of transformation-VPN
PFS Set group5
match address 100!
VPNMAP 20 ipsec-isakmp crypto map
Description site-2-site n ° 2
defined by peers?
security-association the value of life 4000 kilobytes
game of transformation-VPN
PFS Set group5
match address 101access-list 100 permit ip 10.10.1.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 101 permit ip x.x.x.0 0.0.0.255 y.y.y.0 0.0.0.255
Barry
-
SEVERAL problems with the new X 34
So, I have been active during the overclock.net forums concerning the many problems I am having with my X 34.
Long story short, I'm back this thing to Newegg and waiting for another delivery. But I thought I'd come at least here because it has high liklihood to return to anyone who cares to Acer. I called their tech support to let them know about the issues, but when the old Indian robot for 2 years at the other end kept referring to as resolution of refresh rate, I decided that I couldn't take more.
So I took delivery of the monitor yesterday and he initially worked well... but the longer he stayed, the more problems, he has developed.
My system is one I built a year or two ago and works perfectly with my Dell 3008WFP. Video card is a brand new MSI 980 Ti Lightning. Operating system is Windows 10 x 64. Is a Corsair 750W POWER supply. 16 GB of DDR3 RAM.
I even made a COMPLETELY new install of Windows 10 on this computer to try to resolve these problems. Did not work. I have disconnected/reconnected everything inside my computer, including RAM and GPU. Did not work.
And Yes, G-sync is enabled in the NVCP. And Yes, I manually set the refresh rate in the NVCP in correlation with the manual settings on the monitor.
Problem no. 1: Menu recording does not settings
-Don't know what the problem is here. But for about 3 hours last night, my monitor would not save settings for serger refresh rate. I would go on the menu... allow the serger... Set it to 100 Hz... Select "Apply and restart. Then (here's the interesting thing I think in hindsight), the screen would flash many colors several times and restart. I assumed that flashing color was normal... but it was never the Predator Logo when it has been reset. The office is finally pointing upwards and I could choose 100 Hz in my NVCP... but when you returned from the settings menu, Overclock was Off back with the default refresh rate. I have nothing would fix it with the reset of the monitor and unplug. Later... I have unplugeed the monitor for 30 minutes and when I plugged it back in, it would save my overclock settings now. It is interesting, but now, when I selected "Apply and reset", he would show the Predator logo when restarting... this logo did not appear before.
Problem #2: Flashing screen
-See a video of this question HERE
-This developed before my eyes. After the initial installation of the monitor, it worked fine. Without no flicker, no problems. But as I was sitting at the dinner table last night, I started to see the monitor flashing intermittently in the other room. I look at the screen, he flickered about 4 or 5 times per minute. For the next hour, he progressed to 30 - 40 times per minute. And subsequently developed in constant blinking. BUT this flicker only happens when I go to the Office at 100 Hz. It happens sometimes in games, but not constant.
I first thought that I had a bad cable of DP since I used one from Amazon, if I swapped it for the Acer cable included. Nope... same problem. I even inserted my previous EVGA 780 TI... but the flicker that happens too.
Then, I thought it was a driver problem, I did a clean install of the nVdiia previous drivers. Nope. Then a cleaning installed latest drivers from nVidia WHQL. Nope.
Then I saw here that you can download the drivers for the monitor directly from Acer. So, I did a guy like an unsigned driver installation. Nope.
After all this, the problem persists.
Strange thing about this one is that there was when I first got the monitor but got progressively worse since I got it.
Another weird thing is that if I have a window open, then it isn't twinkle... reduce the window, and he comes back. It's actually what made me think, it was a driver issue, but as you can see above, I think that I have ruled that that fully.
Also, if I set my refresh rate to 95Hz or below, the problem occurs. (This is actually how I currently work).
-UPDATE: the issue has actually started just after executing i1Profiler to calibrate the screen several times back to back. I can't imagine how, but could the rapid exchange of multiple colors full screen damaged electronics somehow? Or is it just a weird coincidence?
-UPDATED #2: it was suggested that ADC can cause the problem as it caused problems with the previous Acer monitors. So I completely deleted i1Profiler and reset my default .icc profile. I also think that I figured out how to do a monitor factory reset - if you hold the buttons first and fifth, restarting the screen and all the default settings. in any case, does too and the blinking persists...
#3 problem: Backlight horrible bleeding
I have to type anything here? Leave some pictures to speak for themselves...
Trouble #4: Parts of the screen does not not on
It has been described elsewhere, so I won't detail it here. But yes, I have the same problem. Here is a representative of my monitor picture when the issue arose.
Overall, I am extremely disappointed, although I can't say I'm surprised. I mean, we deal with Acer here guys... Not exactly known for the high-end products. You can put the red lipstick on a pig...
So is there more any idea or suggestion out there?
Until then... I'll wait for my new X 34 excerpt here from Newegg to see if I won the lottery of Acer he...
I created this post to be a "accepted solution" to this thread with the purpose to help other users who need to find the answers. This should help to find this information faster than to have to go almost 800 posts to find pieces of information.
Wake up from sleep (backlight) - initial response and follow-up
Problems with Overclocking at 100 hz - original response
Coil - Whine Original response
Color banding - users in Australia reported the problem. The teams in the region to THE have been notified and a firmware is available.
-Scanning lines Original response
Thank you
Cory -
a problem with the alignment of site on the Tablet and phone version.
I have a problem with the alignment of my site on the Tablet and phone Version of my site.
If you open the Tariffuehrer.com site on the tablet or smartphone, you can see, the page is aligned to the left in the browser. I want the page to Center. I did find an option for it in the backend of muse.
I'd be happy if someone can help me.
Hi Michael,
I can't view your site as it showed error 403,
Can you please recheck the url of your site and repost it so that I can check on this subject.
Kind regards
_Ankush
-
Problem with the download Web site
I'm having a problem when I publish my site Builder at host gator. The following errors are happening, and I don't know if these are problems of vista or not
l\Temp\WER70C1.tmp.version.txt
\Temp\WERC789.tmp.AppCompat.txt
l\Temp\WERC7F7.tmp.mdmp
Thanks advance!Cat hubrich,
You will need to check with the Support of Ewisoft with this question. Mike - Engineer Support Microsoft Answers
Visit our Microsoft answers feedback Forum and let us know what you think. -
Problem with the BlackBerry Developer Site
We are currently experiencing a problem with the integration of BlackBerry ID with the BlackBerry Developer web site. This prevents the developers to create a new BlackBerry ID Token, connecting Issue Tracker and Developer area and potentially other areas that require authentication. Trying to access one of these pages gives the following error.
Sorry, there is a problem with the page you are trying to reach and it cannot be displayed. Please try again later.
Teams are trying to solve the problem. We apologize for the inconvenience.
The problem has been resolved. You should now be able to connect Issue Tracker and generate BlackBerry ID chips again.
-
Problems with the Eclipse Update site
Hello
I try to install the component pack v6.0.0. I'm just following the instructions here
http://NA.BlackBerry.com/eng/developers/javaappdev/javaupdate.jsp
and installation just hangs (or I get the Exception of transfer). I found many messages of forum on the problems with the update site but no solutions. Is this one? Or y at - it another way to install the component pack in eclipse?
Thank you
Sarah
Hi Mark,
Apologies that I was on vacation and never had to deal with that. I just tried to update the software development kits using the same procedure. It must have been a problem with the update site before that it worked well this time.
Thank you
Sarah
-
Help for problems with the functionality of Capture from Adobe
Hello
I recently installed Adobe Capture on my Smartphone (Android device) and the app is very cool. However, after a few weeks of use, the software stops working. I uninstalled the software and reinstalled to see if that would help solve the problem. Unfortunately, it has not solved the problem. Adobe does not provide an over-the-phone technical support for this product, so I hope someone here can help.
Recreation of question:
When you start the application, there are four 4 functions:
- Colors
- Forms
- Brushes
- Looks like
In the lower right corner of the screen, we see a sign '+', which, depending on which function you select, invite the user to 1) select from the cloud or 3) take a new photo 2) select a picture in the camera. When you select an option, Adobe Capture executes the designated function and the State final changes / outputs on the picture are visible.
However, when you try to accept or to save changes / outputs, the screen seems to hang up and return to the initial splash screen.
Can provide you any assistance?
Thank you!
Jerry
Hi Jerry,
I'm really sorry that capture does not work as it should. This is a known issue in the app and the team is working on a beta version with a fix. I hope that it will be available before the end of the week, but I'm not totally sure of the timeline.
I know we'll get it on Adobe Android Apps - community - Google +, then join this page and you will be informed as soon as it is available.
A couple of other things:
It's an incredible description of the problem you are experiencing. Thank you very much for going into details so. It makes a huge difference when engineers are trying to understand what is happening.
If please post here or contact us through the app (tap on the draw icon, then give us Feedback) whenever you need help. Sometimes on the weekends, I'm a little slow, but during the week, I'm trying to reach people as quickly as possible.
I hope this helps.
Sue.
-
Firefox browser will not move to the office. Other browsers have no problem on the same Web site. ??
Browser hangs and will not move through or around the office. Using
rt click disobeys. (sometimes it also locks).
Other browsers are moving very well with
Same or similar pluginsThank you
Dale
I had this problem with Firefox version 15 and found out it was because of the theme I had installed. As soon as I changed back to generic theme of firefox browser was able to move freely again. Some themes work very well but there are some that causes this problem of the browser do not move with left click the top title bar.
-
Problems with the windows computer 8 loss of wireless connection?
I'm on my 2nd NEW Dell with Windows 8 in the last 3 weeks. I use a Trendnet Wireless router to connect to the internet. The 1 Dell computer dropped the signal wireless on the 2nd day I got it. The 2nd Dell computer began the wireless signal very frequently the 5th day I got it. My Dell Inspiron 1545 computer that is 3 years old, 1 year 6 months never old old ipod and iphone removes the wireless signal. Help, please! I've been in contact with Dell several times with any resolution of this problem,
I'm on my 2nd NEW Dell with Windows 8 in the last 3 weeks. I use a Trendnet Wireless router to connect to the internet. The 1 Dell computer dropped the signal wireless on the 2nd day I got it. The 2nd Dell computer began the wireless signal very frequently the 5th day I got it. My Dell Inspiron 1545 computer that is 3 years old, 1 year 6 months never old old ipod and iphone removes the wireless signal. Help, please! I've been in contact with Dell several times with any resolution of this problem,
I have a new laptop from Toshiba with WIN 8 pre-installed, and I have the same problem. I ran the program of problem determination and it reset the WiFi card and fixed an issue reported. He canned breed, I have 2 WIN 7 laptops who have no problem at all.
Symptom: In normal operation, the wireless connection to the router drops to limited connection (No. Internet). It does not actually lose the router, he loses just an internet connection.
Update - has visited the Intel site to check the drivers. They had an updated driver, even if the driver search said I was current. I updated the driver and 24 hours later I got not drops. I hope that fixed it for me. http://www.Intel.com/p/en_US/support/detect/wireless
-
problem with the creation of my usb data card connect to a wifi hotspot network!
Hello, I have g62005ax machine of hp pavilion and the use of windows 7 home basic service 1 since I bought it, I map of 3g data through which I use internet on my laptop, recently I had a phone android romaric mi3 and wanted to use the net to my data card 3 g on phone via my laptop by creating my cell phone as a wifi hotspot I tried connectify and virtual wifi router and mhotspot, enable me to create a hotspot wifi successfully, my phone can identify them and even be able to connect to the wifi network but I can not surf or download in the phone no matter what app or browser, phone says connected wifi network and phone receives the data as 0.15 0.58, 0.98 KB. My card data speeds work fine on pc on 1 MB/s with no problems, but what is wrong I am doing even after the connection is established? As I said I tried different pc applications, given that my phone might have problem then I tried another star of the Galaxy samsund phone pro, it also connects to the wifi network but the same problem, IE. No surf, the so problem is not end of my phone, what am I doing wrong here?
Hello IRON-MAN.
Thanks for posting on the HP Forums!
I understand the hotspot of data card USB that you create from your laptop is not working properly. I'll do what I can to help out you! Please follow this guide to make sure that you follow the correct procedures: How to create a WiFi HotSpot with your connection Internet/card USB Data...
Please let me know your results. If you're still having problems, please provide some screen shots so I have something to look at. Thank you and have a great day!
Mario
-
There was a problem with the Hotmail service (a network connectivity problem temporary has nothing to do with your computer). Please try again
. I really need to fix this! Help!original title: no answer not before!track every step!
no change!I am getting really worried about it!Please ask in the forum Hotmail. We do not use it. We cannot answer your question.
Windows Live Solution Center Hotmail Forum
http://windowslivehelp.com/forums.aspx?ProductID=1 -
Cisco router 1921 internet problem with a site-to-site vpn connection
I have TE-data Modem 3com dsl connection in 2 sites. and I have 2 routers cisco 1921 and there is a vpn site-to-site between them and
the VPN connection works well. and I configured the PAT on one of them to allow users access to the internet but tere is a problem:
all users can ping a public ip address
all users can ping any URL
but there is no navigation of the internet
and it's configuration
NOZHA #sh run
Building configuration...Current configuration: 2425 bytes
!
! Last configuration change at 11:24:08 UTC Thu Sep 20 2012
!
version 15.0
horodateurs service debug datetime msec
Log service timestamps datetime msec
no password encryption service
!
hostname NOZHA
!
boot-start-marker
boot-end-marker
!
enable secret 5
!
No aaa new-model
!
!
!
!
No ipv6 cef
IP source-route
IP cef
!
!
!
IP dhcp pool 1
network 192.168.40.0 255.255.255.0
router by default - 192.168.40.1
4.2.2.2 DNS Server 8.8.8.8
Infinite rental
!
!
IP domain name shady2012
!
Authenticated MultiLink bundle-name Panel
!
!
!
license udi pid CISCO1921/K9 sn FCZ1432C5KM
licence start-up module c1900 technology-package securityk9
!
!
!
redundancy
!
!
!
!
crypto ISAKMP policy 10
BA aes
preshared authentication
Group 2
ISAKMP crypto key shady2012 address 81.10.xxx.yy
!
!
Crypto ipsec transform-set shady2012 aes - esp esp-sha-hmac
!
card crypto 150 s2s - VPN ipsec-isakmp
the value of 81.10.xxx.yy peer
PFS group2 Set
match address s2s-vpn-Oly
!
!
!
!
!
interface GigabitEthernet0/0
MTU 1000
IP address 41.41.xx.yy 255.255.255.252
NAT outside IP
activate nat IP
IP virtual-reassembly
automatic duplex
automatic speed
s2s - VPN crypto card
!
!
interface GigabitEthernet0/1
192.168.40.1 IP address 255.255.255.0
IP nat inside
activate nat IP
IP virtual-reassembly
automatic duplex
automatic speed
!
!
default IP gateway (hop 41.41.xx.yy) next
IP forward-Protocol ND
!
no ip address of the http server
no ip http secure server
!
The dns server IP
overload of the IP nat source list mypool GigabitEthernet0/0 interface
IP route 0.0.0.0 0.0.0.0 41.41.xx.yy
IP route 192.168.20.0 255.255.255.0 (41.41.xx.yy) next hop
IP route 192.168.30.0 255.255.255.0 (41.41.xx.yy) next hop
!
mypool extended IP access list
deny ip 192.168.21.0 0.0.0.255 192.168.20.0 0.0.0.255
deny ip 192.168.21.0 0.0.0.255 192.168.30.0 0.0.0.255
deny ip 192.168.40.0 0.0.0.255 192.168.20.0 0.0.0.255
deny ip 192.168.40.0 0.0.0.255 192.168.30.0 0.0.0.255
allow an ip
s2s-vpn-Oly extended IP access list
ip permit 192.168.40.0 0.0.0.255 192.168.30.0 0.0.0.255
IP 192.168.21.0 allow 0.0.0.255 192.168.20.0 0.0.0.255
IP 192.168.30.0 allow 0.0.0.255 192.168.40.0 0.0.0.255
ip licensing 192.168.20.0 0.0.0.255 192.168.21.0 0.0.0.255
ip permit 192.168.40.0 0.0.0.255 192.168.20.0 0.0.0.255
IP 192.168.21.0 allow 0.0.0.255 192.168.30.0 0.0.0.255
!
!
!
!
!
!
!
control plan
!
!
!
Line con 0
line to 0
line vty 0 4
password
opening of session
!
Scheduler allocate 20000 1000
endIf anyone has the answer please answer ASAP
When you say can ping any URL, I am assuming that you are pinging of the FULL domain name, IE: it is resolved to an ip address, right?
If you disable the VPN, can you access the internet?
You have a proxy server or anything that could block navigation?
This error message you get on your web browser?
Also try another web browser, and none works?
-
Cannot ping computers on the subnet remote site vpn while to set up
Hi all
I encountered a problem of site to site vpn for ping answered nothing of machines of remote subnet.
the ipsec tunnel is ok but I can ping the ASA distance inside the interface ip
Here is my scenario:
LAN1 - ASA5510 - ASA5505 - LAN2 - ordinateur_distant
LAN1: 192.168.x.0/24
LAN2: 172.25.88.0/24
remote_machine_ip: 172.25.87.30
LAN1 can ping to ASA5505 inside interface (172.25.88.1)
but cannot ping ordinateur_distant (172.25.87.30)
Inside of the interface ASA5505 can ping ordinateur_distant
LAN2 can ASA5510 ping inside the machines on LAN1 and interface
Is there something I missed?
Thanks much for the reply
I don't think it's something you really want to do.
If you PAT the whole subnet to LAN1 ip (192.168.1.0/24) to 172.25.249.1, then LAN2, will not be able to reach the specific host on LAN1, cause now, you represent the LAN1 network, with a single ip address.
So traffic will become a way from LAN1 can reach LAN2 and get the response of LAN2 through the PAT on 172.25.249.1
But LAN2, is no longer specific hosts LAN1 ip traffic, since you only have 172.25.249.1, to represent the subnet to LAN1.
If you still want to PAT the whole subnet to LAN1 (192.168.1.0/24) ip to 172.25.249.1, then you have to do outside the NAT.
http://www.Cisco.com/en/us/customer/docs/security/ASA/asa80/command/reference/no.html#wp1737858
Kind regards
Maybe you are looking for
-
Why my browser is spawning invisible windows?
Operating system: OS X 10.9 To go about four months ago, I started seeing windows without title and not selectable spawning after my browser has been open for some time (i.e. after I visited a few sites). The number of these invisible windows develop
-
Hey, my (the place under the time bar) screen of my ipad mini moves and strongly waving the top of worms worms down and back and straight left and back. How to fix, thanks!
-
When I try to activate my Windows tells me that my product is bad.
I comand to turn on my computer I but my product key .so tell my rong. I have comand to activate my computer. I put my product key .this I'm .so stell is not enabled. I need help.
-
I just buy a x 230 and I need to change the keyboard to a Spanish keyboard (not Latin American Spain), anyone knows the part number I need to purchase? a link where I can see how to change? Thank you
-
Is it possible to sign up with a certified signature (eID or certified token) in the webapp eSign-services to the Mobile app (s)?