IKE Phase 2 SA expires immediately - site 2 site ipsec over gre

Hello

I'm migrating a config site to IPsec for a new 'face', a ASR1001 router VPN (ipsec-tools + racoon) Linux machine.

As the Debian Linux does not VTI, I use a card encryption.

The config of work is given below, with corresponding newspapers, with Linux.

When I try to apply what worked before config for the ASR1001, I get the following error:

000855: * 18:28:21.859 Dec 12 UTC: % ACE-3-TRANSERR: IOSXE-ESP (14): IKEA trans 0 x 1350; opcode 0 x 60; Param 0x2EE; error 0 x 5; Retry cnt 0

Suspicion about the error code 0 x 5?

The newspapers aside Linux show sync issues...

12 Dec 18:50:19 FAKE-AUCH-GW racoon: INFO: new phase 1 opening of negotiation: 194.214.196.2 [500]<=>130.120.124.8 [500]

12 Dec 18:50:19 FAKE-AUCH-GW racoon: INFO: mode of Identity Protection.

12 Dec 18:50:19 FAKE-AUCH-GW racoon: INFO: received Vendor ID: CISCO-UNITY

12 Dec 18:50:19 FAKE-AUCH-GW racoon: INFO: received Vendor ID: DPD

12 Dec 18:50:19 FAKE-AUCH-GW racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt

12 Dec 18:50:19 FAKE-AUCH-GW racoon: INFO: ISAKMP - ITS established 194.214.196.2 [500] - 130.120.124.8 [500] spi: 5f8e6339fb954d45:e513d25e42e19d11

12 Dec 18:50:20 FALSE-AUCH-GW racoon: INFO: new phase 2 negotiation opening: 194.214.196.2 [500]<=>130.120.124.8 [500]

12 Dec 18:50:39 FAKE-AUCH-GW racoon: INFO: answer for negotiation of the new phase 2: 194.214.196.2 [500]<=>130.120.124.8 [500]

12 Dec 18:50:50 FAKE-AUCH-GW racoon: NOTIFY: the packet is retransmitted by 130.120.124.8 [500] (1).

12 Dec 18:50:50 FAKE-AUCH-GW racoon: INFO: IPsec - SA has expired: ESP/Transport 130.120.124.8 [500]-> 194.214.196.2 [500] spi = 30866420 (0x1d6fbf4)

12 Dec 18:50:50 FAKE-AUCH-GW racoon: WARNING: EXPIRES PF_KEY message received from core for SA under negotiation. Judgment of the negotiations.

12 Dec 18:50:50 FAKE-AUCH-GW racoon: INFO: IPsec - SA has expired: AH / Transport 130.120.124.8 [500]-> 194.214.196.2 [500] spi = 258959 (0x3f38f)

12 Dec 18:50:59 FAKE-AUCH-GW racoon: INFO: new phase 2 negotiation opening: 194.214.196.2 [500]<=>130.120.124.8 [500]

12 Dec 18:51 FAKE-AUCH-GW racoon: NOTIFY: the packet is retransmitted by 130.120.124.8 [500] (1).

12 Dec 18:51:09 FAKE-AUCH-GW racoon: INFO: IPsec - SA has expired: ESP/Transport 130.120.124.8 [500]-> 194.214.196.2 [500] spi = 95427747 (0x5b01ca3)

12 Dec 18:51:09 FAKE-AUCH-GW racoon: WARNING: EXPIRES PF_KEY message received from core for SA under negotiation. Judgment of the negotiations.

12 Dec 18:51:09 FAKE-AUCH-GW racoon: INFO: IPsec - SA has expired: AH / Transport 130.120.124.8 [500]-> 194.214.196.2 [500] spi = 159198575 (0x97d2d6f)

12 Dec 18:51:09 FAKE-AUCH-GW racoon: INFO: answer for negotiation of the new phase 2: 194.214.196.2 [500]<=>130.120.124.8 [500]

12 Dec 18:51:10 FALSE-AUCH-GW racoon: NOTIFY: the packet is retransmitted by 130.120.124.8 [500] (1).

!###########################################

! Config of IOS running

!

crypto ISAKMP policy 10

BA aes 256

md5 hash

preshared authentication

Group 2

ISAKMP crypto key MY-0WN-T3RR1F1C-PR35H4R3D-K3Y address 192.0.2.66 No.-xauth

!

!

Crypto ipsec transform-set MY-0WN-TS-MD5 ah-md5-hmac esp - aes 256 esp-md5-hmac

transport mode

!

card crypto ipsec-isakmp MY-0WN-map 1

defined peer 192.0.2.66

game of transformation-MY-0WN-TS-MD5

PFS group2 Set

match address 120

!

interface Tunnel0

bandwidth 45000

IP 198.51.100.1 255.255.255.252

no ip redirection

no ip proxy-arp

IP 1400 MTU

IP virtual-reassembly in

IP tcp adjust-mss 1360

source of tunnel GigabitEthernet0/0

tunnel destination 192.0.2.66

tunnel path-mtu-discovery

bandwidth tunnel pass 45000

bandwidth tunnel receive 45000

!

interface GigabitEthernet0/0

IP 192.0.2.34 255.255.255.224

no ip redirection

no ip proxy-arp

IP virtual-reassembly in

full duplex

Speed 1000

GBIC media type

auto negotiation

Crypto map MY-0WN-map

###########################################

Newspapers aside Linux

Dec 12 08:18:30 racoon GLA: INFO: ISAKMP Security Association expired 192.0.2.66 [500] - 192.0.2.34 [500] spi: 88ed3c49ea8ffe38:e568a2dd27cbec5d

Dec 12 08:18:30 racoon GLA: INFO: ISAKMP Security Association deleted 192.0.2.66 [500] - 192.0.2.34 [500] spi: 88ed3c49ea8ffe38:e568a2dd27cbec5d

Dec 12 08:18:31 racoon GLA: INFO: respond new phase 1 negotiation: 192.0.2.66 [500]<=>192.0.2.34 [500]

Dec 12 08:18:31 racoon GLA: INFO: mode of Identity Protection.

Dec 12 08:18:31 racoon GLA: INFO: received Vendor ID: RFC 3947

Dec 12 08:18:31 racoon GLA: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-07

Dec 12 08:18:31 racoon GLA: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03

Dec 12 08:18:31 racoon GLA: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02#012

Dec 12 08:18:31 racoon GLA: INFO: received Vendor ID: DPD

Dec 12 08:18:31 racoon GLA: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt

Dec 12 08:18:31 racoon GLA: [192.0.2.34] INFO: received INITIAL-CONTACT

Dec 12 08:18:31 racoon GLA: INFO: ISAKMP - HIS established 192.0.2.66 [500] - 192.0.2.34 [500] spi: 88ed3c49e027808c:b17ba35c5b7f1e82

Dec 12 08:18:31 racoon GLA: INFO: answer for negotiation of the new phase 2: 192.0.2.66 [500]<=>192.0.2.34 [500]

[[Dec 12 08:18:31 racoon GLA: INFO: update generated politics: 192.0.2.34/32[0] 192.0.2.66/32[0] proto = all dir = in

Dec 12 08:18:31 racoon GLA: INFO: IPsec - HIS established: AH / Transport 192.0.2.66 [500]-> 192.0.2.34 [500] spi = 88493238 (0x5464cb6)

Dec 12 08:18:31 racoon GLA: INFO: IPsec - HIS established: ESP/Transport 192.0.2.66 [500]-> 192.0.2.34 [500] spi = 21367141(0x1460965)

Dec 12 08:18:31 racoon GLA: INFO: IPsec - HIS established: AH / Transport 192.0.2.66 [500]-> 192.0.2.34 [500] spi = 1579505880 (0x5e2558d8)

Dec 12 08:18:31 racoon GLA: INFO: IPsec - HIS established: ESP/Transport 192.0.2.66 [500]-> 192.0.2.34 [500] spi = 838280164 (0x31f723e4)

Could adjust your game of transformation?

Right now you have: crypto ipsec transform-set MY-0WN-TS-MD5 ah-md5-hmac esp - aes 256 esp-md5-hmac

Could you change strictly cela ESP or AH on both sides rather than mix them.

There is a known issue with the ASR and the mixture AH / ESP in ipsec configuration. I'll post below:

CSCtb60545 / CSCsv96390

Mixing protocols AH and ESP in transformation defined on ASR may not work. This is an enhancement request who will introduce support for this.

Symptoms:

Router can display as a result of messages to the console:
% 3-ACE-TRANSERR: ASR1000-ESP (14): IKEA trans 0x27E; opcode 0 x 60; Param 0x2A.
error 0 x 5; Retry cnt 0
Conditions:
This symptom is observed on a Cisco ASR1000 series router when works as an IPSec
final point, and when nested transformation is applied, such as:
Crypto ipsec transform-set transform-1 ah-sha-hmac esp-3des esp-md5-hmac
Crypto ipsec transform-set transform-1 ah-md5-hmac esp-3des esp-md5-hmac
Workaround solution:
Remove the unsupported configuration.

Tags: Cisco Network

Similar Questions

  • ASDM IKE Phase 2 parameters

    Hello.

    I'll put up the part remote site VPN and you can't find IKE Phase 1 settings in ASDM.  Can someone tell me where I can find the phase 2 settings?  Thank you.

    If this is the case, by ASDM 6.3 above, you can use link below to verify:

    Go to the Configuration > VPN Site to Site > advanced > Crypto Maps pane.

    http://www.Cisco.com/en/us/products/ps6120/products_tech_note09186a0080b9b90a.shtml#asdmconfig

  • Configuration of VPN - IKE phase 1...

    I have some confusion in the VPN configuration... In my ASA below mentioned IKE phase 1 already configured setting.

    crypto ISAKMP policy 1

    preshared authentication

    the Encryption

    sha hash

    Group 2

    life 43200

    crypto ISAKMP policy 9

    preshared authentication

    the Encryption

    md5 hash

    Group 1

    life 86400

    crypto ISAKMP policy 10

    preshared authentication

    the Encryption

    sha hash

    Group 2

    life 86400

    crypto ISAKMP policy 30

    preshared authentication

    the Encryption

    md5 hash

    Group 2

    life 86400

    Crypto isakmp nat-traversal 20

    Last week, I configured a new L2L VPN. For IPSec phase, I have added the below mentioned lines...

    card crypto toremote 20 match address remotevpn2

    card crypto toremote 20 peers set x.x.x.x

    toremote 20 set transformation-strong crypto card

    life safety association set card crypto toremote 20 28800 seconds

    Now my question is the seq n20 crypto map is not matched with any IKE phase 1 seq no (1,9,10,30) that is already configured. But the VPN is up and working fine. How it associate a particular phase of IKE IPsec?

    If you want to configure a new virtual private network with different parameters in the IKE phase 1like 3DES, SHA1, life 86400, what are the configuration that I have to do in phase 1 of IKE?

    Kind regards

    SOM

    isakmp policy number and the number of ipsec policy do not match your ASA or with the other end. They are two distinct phases of negotiation. The ASA will compare your policy at the other end, starting with the smallest number of policies, until a match is found.

    I usually put safer policies first (i.e. with the lowest number of the police).

    To create a new policy, just add it with a new policy number, anywhere where you want in the order.

  • Ports used in IKE Phase 1

    Hello world

    He had to confirm IKE Phase 1

    We use port UDP 500

    IKE Phase 2, we use ports

    ESP - 50

    NAT - T UDP 4500

    ESP TCP-1000-50
    NAT - T UDP 4500
    TCP-1000

    Concerning

    Mahesh

    IKE phase 1 (main mode/aggressive mode) is udp src and dst 500

    Phase 2 of IKE could be:

    • Protocol IP 50 (ESP)
    • NAT - T is udp src (customer) ephemeral dst (server) udp 4500
    • In former VPN clients tcp encapsulation was CBC (customer), ephemeral dst (server) tcp 10000 (10,000 in US) and 10,000 in most of the other countries

  • Pre shared keys used in IKE Phase 1

    Hello world

    Need to confirm if we use the buttons pre shared during IKE Phase 1 main mode and aggressive mode

    Concerning

    MAhesh

    The pre-shared key is used in both modes of IKE Phase I. With pre-shared keys, the same preshared key is configured on each IPSec peer. IKE peers authenticate each other computer and sending a hash key data that includes the pre-shared key.

  • Understanding, IKE Phase I and II

    Hi, I've been through the concept of a lot of time, but what confuses me, is encryption algorithm and a key to the DH, how they go hand in hand in IKE phase II.  I understand phase I authenticates the vpn peers and negotiates policy ISAKMP which includes Exchange Diffie-Hellman and symmetric encryption example WITH or TDES.  What I don't understand is what Exchange Diffie-Hellman (key derived from the public/private function) is used for, it encrypts the exchange of IKE2 already encrypted with DES/TDES/AES.

    Also if m do not use PFS in Phase II, would I by using the same key DH derived at the time of the phase I, if yes which is secure enough?

    Another issue is when the peers authenticate each other and then the protocol IKE phase I policy are exchanged, happens in clear text?

    Could someone please explain the process step by step in the two phases stressing precisely on the Diffie-Hellman exchange and how it is used with encryption algorithms.

    Concerning

    Sonu

    Sonu,

    Looks like you want to go back to RFC to take a peek. We have also a series of documents explaining IKEv1 and goes with debugging.

    What you miss is that in IKEv1 (main mode), messages, 5 and 6 are already encyrpted, while the previous, including Diffie-Hellman exchange are not.

    MM5 MM6 is when we exchange their identities. Those who must be protected, where the DH before negotiating.

    Phase 2 is a separate Exchange protected with the result of the phase 1. The role of DH for the phase 2 is to ensure that the encryption keys are not from previous key material.

    Start here:

    http://www.Cisco.com/en/us/Tech/tk583/TK372/technologies_tech_note09186a0080094203.shtml

    http://www.Cisco.com/en/us/products/ps6120/products_tech_note09186a0080bce100.shtml

    https://supportforums.Cisco.com/docs/doc-18522

    M.

  • cfcookie expires immediately

    I can't cfcookie to stop expiring immediately.  It worked fine until recently to move to a new VPS.  Now prepare the cookies only the first time that application.cfm is run.  If you visit any other page in this same Director the cookie disappears mysteriously.

    Here is my application tag...

    < name cfapplication sessionmanagement = "yes" sessiontimeout = "KYND" = "#CreateTimeSpan (0,3,0,0)" # "setclientcookies =" "setdomaincookies ="yes">"

    http://www.kyndoutdoors.com/DBF/_kynd-controller/my-kynd.cfm

    Use timmyv as the username and the password.

    Cookies are NOT deleted. The problem is the duplication. And more specifically, the problem is cfparam I encouraged to remove them.

    Your first decision in your test is the following:

    (btw, you don't need sharp in this code or in one of the other cfif statements in your code. Delete them, they are so ugly)

    Well, kp_id is empty and he is not. The cookie exist twice, once with and once without value. CF uses the one without value. Both are sent, order of which they are sent in the results in the cookie being blank.

    This is the HTTP request sent:

    GET /dbf/cookies.cfm HTTP/1.1

    Host: www.kyndoutdoors.com

    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; RV:16.0) Gecko/20100101 Firefox/16.0

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

    Accept-Language: en-US, en; q = 0.5

    Accept-Encoding: gzip, deflate

    Connection: keep-alive

    "" Cookie: kp_id = ""; KP_ID = 13608; KP_USERNAME = timmyv; KP_PASSWORD = timmyv

    The important line is the last. TWO KP_IDs are sent. One is empty, we're not. CF must use the first one it receives.

    Nevertheless, delete the cfparam (you will need to add a control of existence to your cfifs that make use of this cookie var), delete your cookies and try again.

    Jason

  • remote users access site ipsec tunnel

    How to configure the ACL and the road to allow remote users access to site ipsec as local users?

    Current scenario is

    1. distance users (192.168.2.0/24) ipsec <->Cisco 870 (192.168.0.0/24)

    (2 cisco 870(192.168.0.0/24) ipsec tunnel <->cisco 1811 (10.0.0.0/24)

    Now remote users can access the 192.168.0.0 network, no problem, but how they can access 10.0.0.0 network?

    I guess I can do like this:

    1. in cisco 870, site to site ip 192.168.0.0 tunnel allow 0.0.0.255 10.0.0.0 0.0.0.255

    (add) permit ip 192.168.2.0 0.0.0.255 10.0.0.0 0.0.0.255

    2. in the site-to-site vpn cisco 1811

    (add) permit ip 10.0.0.0 0.0.0.255 192.168.2.0 0.0.0.255

    3. in settings vpn split cisco870 add the 10.0.0.0/24 network

    Is this fair?

    Thank you.

    You must configure the interesting traffic that an ACL contains the source is remote destination as local LAN and LAN.

  • VPN site to Site stuck in IKE Phase 1 - MM_WAIT_MSG2

    We do a vpn site-to site. The tunnel has worked before, but after some discussions about the location of ASA_Receiving (no change in config for asa made, this asa is directly connected to the internet) will not return the tunnel upward. The devices can ping each other without problem.

    It is a vpn L2L, I wonder if the guy saying user is related to the issue?

    ASA_Initiator

    IKE Peer: 71.13.xxx.xxx
    Type: user role: initiator
    Generate a new key: no State: MM_WAIT_MSG2

    ASA_Receiving

    # show crypto isakmp his

    There is no isakmp sas

    Hey,.

    is the remote end ASA as well?

    If so, the capture below on the ASA:

    capture capout match udp host host interface

    The tunnel gets stuck on MM_WAIT_MSG2 for 2 reasons:

    1 either a problem with the policies of the phase 1 of the remote end or

    2 UDP 500 is not reaching the remote end or the remote end sends the packet UDP 500 back and can't the ASA local.

    Concerning

  • Site of the error of phase 2 for the VPN site

    Dear all,

    We have a VPN site to site with a partner, we need to access three different hosts on the network of partners. Phase 1 came but there is problem with the guests of the three phase 2 we can only connected with a host of others are not connected, and they all share the same settings.

    Below is show access ip list matching packages shown but connection to host failed

    With the crypto ipsec to see his I saw send error and I don't know what could be responsible.

    Any body who could be wrong please help me to am exhausted.

    access-list

    10 permit ip host 4.2.3.1 4.2.6.22 (647594 matches)
    20 permit ip host 4.2.3.14 4.2.6.64 (47794 matches)
    30 permit ip host 41.2.3.37 41.2.6.76 (581720 matches)

    Crypto ipsec to show his

    local ident (addr, mask, prot, port): (41.2.3.37/255.255.255.255/0/0)
    Remote ident (addr, mask, prot, port): (4.2.6.76/255.255.255.255/0/0)
    current_peer 4.2.6.24 port 500
    LICENCE, flags is {origin_is_acl},
    #pkts program: encrypt 0, #pkts: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts check: 0
    compressed #pkts: 0, unzipped #pkts: 0
    #pkts uncompressed: 0, #pkts compr. has failed: 0
    #pkts not unpacked: 0, #pkts decompress failed: 0
     Errors #send 198, #recv errors 0

    local crypto endpt. : 4.2.3.16, remote Start crypto. : 4.2.6.24
    clearly, mtu 1500, path mtu 1500, mtu 1500 ip mtu IDB FastEthernet4 ip
    current outbound SPI: 0x0 (0)
    PFS (Y/N): N, Diffie-Hellman group: no

    SAS of the esp on arrival:

    the arrival ah sas:

    SAS of the CFP on arrival:

    outgoing esp sas:

    outgoing ah sas:

    outgoing CFP sas:

    local ident (addr, mask, prot, port): (4.2.3.14/255.255.255.255/0/0)
    Remote ident (addr, mask, prot, port): (4.2.6.64/255.255.255.255/0/0)
    current_peer 4.2.6.24 port 500
    PERMITS, flags = {origin_is_acl, ipsec_sa_request_sent}
    #pkts program: encrypt 0, #pkts: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts check: 0
    compressed #pkts: 0, unzipped #pkts: 0
    #pkts uncompressed: 0, #pkts compr. has failed: 0
    #pkts not unpacked: 0, #pkts decompress failed: 0
        Errors #send 508, #recv errors 0

    local crypto endpt. : 4.2.3.16, remote Start crypto. : 4.2.6.24
    clearly, mtu 1500, path mtu 1500, mtu 1500 ip mtu IDB FastEthernet4 ip
    current outbound SPI: 0x0 (0)
    PFS (Y/N): N, Diffie-Hellman group: no

    SAS of the esp on arrival:

    the arrival ah sas:

    SAS of the CFP on arrival:

    outgoing esp sas:

    outgoing ah sas:

    outgoing CFP sas:

    Edit: can you put the configuration on both sides of the tunnel? Otherwise re - check once more the configs on both sides

  • Cannot complete the tunnel ' phase 2 ', by establishing a site to site VPN.

    I am trying to establish a VPN tunnel from site to site between a Cisco 1921 and an ASA.

    I am debugging using:

    Debug crypto ISAKMP

    Debug crypto ipsec

    No debug message is coming on the 1921.

    The following debug message returns constantly to the ASA:

    15 jan 16:42:55 [IKEv1]: Group = 184.1.126.140, IP = 184.1.126.140, construct_ ipsec_delete(): No. SPI to identify the Phase 2 SA!

    ASA config: http://pastebin.com/raw.php?i=wgTxe3gF

    1921 config: http://pastebin.com/raw.php?i=TEihijEF

    Why won't the two establish a VPN tunnel?

    It's very strange that ASA appears the tunnel, but the router does not work. It seems that the router is waiting for authentication.

    You can add-

    crypto isakmp key address 184.1.96.42 no-xauth

    You can debug isakmp and ipsec on the router and display it?

  • WHEN NEGOTAITE ISAKMP IN FASHION MAIN IKE PHASE 1

    WHEN THE ISAKMP NEGOTIATION BEGINS IN IKE, SEARCH ISAKMP MAIN MODE IDENTICAL ON BOTH PEERS ISAKMP POLICY.

    PLEASE INFORM PEERS ARE RESPONCIPLE FOR MATCHING POLICIES?

    Hello

    It will be the device that initiates Phase I proceeded. He will check the remote peer on the corresponding policy. The remote peer, on the other hand, will also be verufy corresponding strategy.

    Rgds,

    AK

  • VPN - failure IKE Phase 1

    Hi all

    IM challenges with a site to site vpn where it cannot be initiated/based on one side of the VPN.

    For 1 side of the vpn, I could ping everywhere without problems and vpn tunnel is established successfully, but when I try it the other side of the vpn it never sets and the State is stuck in MM_KEY_EXCH.

    I have verfied configurations at both ends and everything seems to be going well (see below), also, please find an isakmp crypto debugging attached to the router that does not seem to establish the vpn - no idea why this is a failure?

    VPN is set up on a C837 to a C857.

    ***

    crypto ISAKMP policy 10

    the BA
    md5 hash
    preshared authentication
    Group 2
    secret key crypto ISAKMP address 81.140.73.140 No.-xauth
    !
    life 3000 seconds crypto ipsec security association
    !
    Crypto ipsec transform-set esp course - esp-md5-hmac
    !
    vpn 10 ipsec-isakmp crypto map
    defined by peer 81.140.73.140
    secure Set transform-set
    match address VPN-traffic

    ***

    Thank you very much

    That could very well be causing this problem.

    If you have the static configuration to the dynamic for IPsec between two routers, please make sure that you have this configuration:

    http://www.Cisco.com/en/us/Tech/tk583/TK372/technologies_configuration_example09186a0080093f86.shtml

    You see that the dynamic IP site has a normal static encryption card, but the side static IP has a dynamic encryption card.

    This example assumes that you do NAT too.

    With this configuration, the tunnel can only be started from the dynamic side.

    It will be useful.

    Federico.

  • Free trial expired immediately

    I just downloaded a free 30 day trial of Acrobat Pro. At the end of the download, I get a message that my free trial has expired. Please notify.

    Hi J Rose,

    Is it possible that the free trial version has been previously started on this computer and then expired? If so, you would not be able to start the trial again.

    This document describes the other causes a free trial may expire prematurely: software Adobe to trial has expired at the beginning

    Best,

    Sara

  • Illustrator of the trial was expired immediately after the download

    Help, please! I downloaded Illustrator demo today, but after downloading I can't use it: a trial has already expired

    Then please try the software on another computer.  Once a trial has expired there is not an available method to extend it.

Maybe you are looking for

  • Name of the user change folder

    How can I change the name of the folder of the user? I have the MacBook Pro (retina, 13-inch, early 2015) + OS X EL Capitan + a user (Administrator)

  • Satellite A100 (PSAA9): How to get to the Vista's HotStart buttons?

    BIOS: Recent v5.10 Problems:1 button launches Internet Explorer IE correctly when connected, but if you press on when the machine is off, the machine is powered and Vista starts normally, but IE is not launch as expected after the initialization is c

  • Tecra Z50 - utility of fingerprints can not connect on the sensor

    Although the latest version of the driver for validity sensor is installed the fingerprint utility cannot connect to the sensor. System: Win 8.1 64-bit

  • What is a network drive?

    I am running Windows XP Pro v.5.1.2600 SP3.0 32 bit... on your desktop... browser is Firefox latest version...I'll try to find out why my computer/browser is slow, & have met this term... So what is a network drive & how do I know if I have a...I am

  • No sound in movie maker

    importing an MP3 file in wondows movie maker and tho it's play I can not all sounds.  all other sounds are very good - media player, nero etc.