IKEv2 with NAT - T and VRF (FlexVPN)
Hello
I'm trying to get it works and the IOS debugging commands show nothing.
Spoke1
======
Keyring cryptographic ikev2 LAN-to-LAN
peer HUB
address of the identity 93.174.221.254
pre-shared key local TEST
pre-shared key remote TSET
!
Profile of ikev2 crypto IPSEC_IKEv2
match one address remote identity 93.174.221.254 255.255.255.255
identity local fqdn spoke1.domain.com
sharing front of remote authentication
sharing of local meadow of authentication
door-key local LAN-to-LAN
!
Crypto ipsec transform-set ESP-TUNNEL esp - aes esp-sha-hmac
tunnel mode
!
Crypto ipsec IPSEC profile
game of transformation-ESP-TUNNEL
IPSEC_IKEv2 Set ikev2-profile
!
interface tunnels2
Description VTI2 | CUSTOMER2
VRF forwarding CUSTOMER2
Unnumbered IP Loopback2
source of Dialer1 tunnel
ipv4 ipsec tunnel mode
tunnel destination 93.174.221.254
tunnel path-mtu-discovery
Ipsec IPSEC protection tunnel profile
!
interface Loopback2
VRF forwarding CUSTOMER2
10.47.255.1 the IP 255.255.255.255
!
interface Dialer1
IP address negotiated
!
HUB
====
Keyring cryptographic ikev2 LAN-to-LAN
spoke1.domain.com peer
identity domain name full spoke1.domain.com
pre-shared key local TSET
Remote pre-shared key TEST
!
Profile of ikev2 crypto IPSEC_IKEv2
match identity fqdn remote spoke1.domain.com
address local identity 93.174.221.254
sharing front of remote authentication
sharing of local meadow of authentication
door-key local LAN-to-LAN
virtual-model 2
!
Crypto ipsec transform-set ESP-TUNNEL esp - aes esp-sha-hmac
tunnel mode
!
Crypto ipsec IPSEC profile
game of transformation-ESP-TUNNEL
IPSEC_IKEv2 Set ikev2-profile
!
tunnel type of interface virtual-Template2
Description VTI2 | CUSTOMER2
VRF forwarding CUSTOMER2
Unnumbered IP Loopback2
source of Loopback254 tunnel
ipv4 ipsec tunnel mode
tunnel path-mtu-discovery
Ipsec IPSEC protection tunnel profile
!
interface Loopback2
VRF forwarding CUSTOMER2
10.47.255.252 the IP 255.255.255.255
!
interface Loopback254
93.174.221.254 the IP 255.255.255.255
!
-----
The ray can do anything on the internet, including the face address public hub 93.174.221.254 ping, but the tunnel is not started. Each end is running RIPv2 under the context of 'CUSTOMER2' with 'network 10.0.0.0' and no Auto-resume. Static routes do not seem to kick in life either. Any help would be appreciated, thanks.
[Cool!;]
Don't forget that a similar logic applies to the talk of talk communication. know what address IP/identity should I put as the identity of the peer in the Keyring? :-)
Tags: Cisco Security
Similar Questions
-
IPSec Tunnel between Cisco 2801 and Netscren 50 with NAT and static
Hello
My problem isn't really the IPSec connection between two devices (it is already done...) But my problem is that I have a mail server on the site of Cisco, who have a static NAT from inside to outside. Due to the static NAT, I do not see the server in the VPN tunnel. I found a document that almost describes the problem:
"Configuration of a router IPSEC Tunnel private-to-private network with NAT and static" (Document ID 14144)
NAT takes place before the encryption verification!
In this document, the solution is 'routing policy' using the loopback interface. But, how can I handle this with the Netscreen firewall. Someone has an idea?
Thanks for any help
Best regards
Heiko
Hello
Try to change your static NAT with static NAT based policy.
That is to say the static NAT should not be applicable for VPN traffic
permissible static route map 1
corresponds to the IP 104
access-list 104 refuse host ip 10.1.110.10 10.1.0.0 255.255.0.0
access-list 104 allow the host ip 10.1.110.10 all
IP nat inside source static 10.1.110.10 81.222.33.90 map of static route
HTH
Kind regards
GE.
-
VPN site to Site with NAT and Port forwarding on a 871
Hello
Could someone please look at the config 871 router attached and tell me where I'm wrong!
VPNs all work, work, BUT anyone trying to connect to a port that is sent through the VPN port forwarding fails.
In the config attached Port 3389 (RDP) is sent to an internal server, if you connect to the external interface Internet connection is made and it works well, but if someone tries to connect to the IP address internal to that same server through VPN, it does not.
We've added commands to stop working on the lines VPN NAT, but these do not seem to work.
What Miss me?
Thank you in advance and I will adjudicate all useful responses.
It is a common problem. Yes you added controls to prevent NAT to work above the tunnel, but your static nat port to port 3389 takes precedence over the generic nat command, and there not all orders top to prevent it is nat would be above the tunnel.
I wrote an example configuration for this some time, see here for more details:
http://www.Cisco.com/en/us/Tech/tk583/TK372/technologies_configuration_example09186a0080094634.shtml
If all goes well, he explains everything. Note that it is for a general order static host, not a static port that you have, but the concept is exactly the same. Just add a statement roadmap on the end of your static command of the port, and this route map - will reference an ACL that denies are used when going up above the tunnel.
-
Cisco VPN Site to Site with a static and dynamic does not
Hello
I have ASA 5510 in Headquarters with static, IP and ASA 5505 in the remote site behind ADSL router trying to establish VPN, but its failure in phase 1
Config of the headquarters
interface Ethernet0/0
Description link to router LeaseLine
nameif outside
security-level 0
IP x.x.x.x 255.255.255.248
!
interface Ethernet0/1
Description link to LAN internal
nameif inside
security-level 100
IP 172.17.1.15 255.255.255.0
access extensive list ip 172.17.1.0 inside_nat0_outbound_1 allow 255.255.255.0 172.20.1.0 255.255.255.0
access extensive list ip 172.17.1.0 inside_nat0_outbound_1 allow 255.255.255.0 172.19.1.0 255.255.255.0
access extensive list ip 172.17.1.0 vpn_to_remote allow 255.255.255.0 172.19.1.0 255.255.255.0
extended VPN ip 172.17.1.0 access list allow 255.255.255.0 172.20.1.0 255.255.255.0
Global 1 interface (outside)
NAT (inside) 0-list of access inside_nat0_outbound_1
NAT (inside) 1 0.0.0.0 0.0.0.0
Route outside 0.0.0.0 0.0.0.0 x.x.x.x 1
Crypto ipsec transform-set esp-aes-256-md5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
correspondence address 1 crypto dynamic-map cisco VPN
Crypto dynamic-map cisco 1 set of transformation-ESP-AES-256-SHA
card crypto outside_map 10 correspondence address vpn_to_remote
card crypto outside_map 10 set pfs
card crypto outside_map 10 peers set y.y.y.y
card crypto outside_map 10 transform-set esp-aes-256-md5
outside_map crypto 10 card value reverse-road
dynamic outside_map 30-isakmp ipsec crypto map Cisco
outside_map interface card crypto outside
crypto isakmp identity address
crypto ISAKMP allow outside
crypto ISAKMP policy 10
preshared authentication
aes-256 encryption
md5 hash
Group 5
life 86400
crypto ISAKMP policy 20
preshared authentication
aes encryption
md5 hash
Group 2
life 86400
crypto ISAKMP policy 30
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
Crypto isakmp nat-traversal 20
tunnel-group y.y.y.y type ipsec-l2l
tunnel-group ipsec-attributes y.y.y.y
pre-shared-key *.
tunnel-group parkplace type ipsec-l2l
tunnel-group ipsec-attributes parkplace
pre-shared-key *.
The Remote Site configuration
interface Vlan1
nameif inside
security-level 100
address 172.20.1.1 IP 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP 192.168.1.2 255.255.255.0
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
ICMP list extended access permit icmp any one
access-list SHEEP extended ip 172.20.1.0 allow 255.255.255.0 172.17.1.0 255.255.255.0
extended VPN 172.20.1.0 ip access list allow 255.255.255.0 172.17.1.0 255.255.255.0
Global 1 interface (outside)
NAT (inside) 0 access-list SHEEP
NAT (inside) 1 0.0.0.0 0.0.0.0 outdoors
Access-group ICMP in interface outside
Route outside 0.0.0.0 0.0.0.0 192.168.1.1 1
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
crypto map outside_map 1 is the VPN address
peer set card crypto outside_map 1 83.111.252.242
card crypto outside_map 1 set of transformation-ESP-AES-256-SHA
outside_map interface card crypto outside
crypto ISAKMP allow outside
crypto ISAKMP policy 10
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
Crypto isakmp nat-traversal 20
tunnel-group fairmount type ipsec-l2l
tunnel-group fairmount ipsec-attributes
pre-shared-key *.
Best regards / Asfar
Hello
Have you tried to replace the names of 'tunnel-group' entry with Ip address on both ends... ?
Thank you
MS
-
Anyone know of any compatibility issues with Windows 8 and RV series routers?
I have a small network with a laptop computer, Windows 8, Windows XP desktop computer and a network MyBookLiveDuo storage device. I have sharing enabled between these devices. Everything worked well on a network switch. I replaced the switch with the RV110W VPN Firewall Router to add better security to my network before I have expand it. Since then, I have a laptop Windows 8 intermittent connectivity while the connectivity of the XP desktop computer shows no problem.
On the laptop Windows 8 I ran network troubleshooting, and he complained that two devices on the network are (NAT) network address translation and the symptoms he describes is what I see. Problem is that I don't have a network Analyzer to look at the network in more depth. I looked online for the RV110W documentation and if NAT is listed as one of the characteristics, there is no discussion in the documentation on how to manage this feature in the router.
I can connect to the Windows 8 laptop from Office XP and access shared content. I can connect to the Duo since Office XP without difficulty. However, except when they reappear periodically under the heading of my network in Explorer on the laptop Windows 8, I can't access the Office XP or the Duo of the laptop Windows 8. Curiously, however, I have a part of the Duo mapped as a network drive on the laptop Windows 8 and I can access it even when everything else has gone. Also, the interface of management for the Duo appears on the laptop Windows 8 and I can access the Duo to manage. Only, I can't access the shares on the Duo. Then all of a sudden they reappear under network in the file Explorer and I can then access. I think it must have to do with NAT, but I can't find anything out about it.
If it's something I can turn on the router long enough to see if the problem goes away I would like to try, but I can't find it in the documentation, and I can't find it when I look aroiund in the management interface.
The fact that I am not having the form of the XP desktop computer problem makes me think that a compatibility issue with Windows 8. Does anyone know if Windows 8 did anything with NAT? I try to get help from Microsoft Technical Support, but their level 1 tech told me to call Tech Support Pro when they open later this morning. Support cat Cisco won't open until Monday at 09:00.
Also, throughout this connection problem Internet from the laptop through the router is never interrupted. It's strictly connectivity with other devices on the internal network that comes and goes.
Hi Gregg,
NAT must not play unless your applications on the internet. The "port Internet" or "WAN port" is a NAT port that converts your public IP address from ISP to your LAN subnet addresses. NAT allows multiple computers on a network to use 1 public IP address.
If your devices are connected to the Ether "LAN ports" they are not affected by NAT unless they are Web applications. 4 'LAN ports"are 2 layer switch ports. This means that all local requests are forwarded by the switch ports.
This device did replace exactly? The XP computers, DUET and window 8, make these products using the static IP address or you allow the RV110 to assign an IP address automatically? What IP address you are using on the LAN of the RV110?
-Tom
Please mark replied messages useful -
Application of VPN S2S (with NAT)
Hello experts,
ASA (8.2) and standard Site 2 Site Internet access related configs.
Outside: 1.1.1.1/24-> peer IP VPN S2S.
Inside: Pvt subnets
Standard "Nat 0' orders and crypto ACL for our remote offices, local networks with IP whp program.
Requirement:
Need to connect the PC to external clients (3.3.3.3 & 4.4.4.4) on tcp/443 via vpn S2S on our LAN. Client only accepts only the host with public IPs.
I need NAT to my internal IP to the public IP say 1.1.1.2 and establish the VPN tunnel between 1.1.1.1-> PRi Client-side & secondary IPs (Cisco router).
(without losing connectivity to remote offices). No policy NAT work here?
ex:
My Intern: 10.0.0.0/8 and 192.168.0.0/16
Assigned IP available for NAT (some time to connect to the client only): 1.1.1.5External client LAN IPs: 3.3.3.3 & 4.4.4.4
PAT: permit TOCLIENT object-group MYLAN object-group CUSTOMER LAN ip extended access-list
NAT (inside) 5-list of access TOCLIENT
5 1.1.1.5 (outside) global
Crypto: tcp host 1.1.1.5 allowed extended CRYPTO access list object-group CUSTOMER LAN eq 443Outsidemap 1 crypto card matches the address CRYPTO
Customer will undertake to peer with IP 1.1.1.1 only.Do I need a ' Nat 0' configs here?
Also, for the specifications of the phase 2, it is not transform-set options gives. Info given was
Phase2: AH: people with mobility reduced, life: 3 600 s, PFS: disabled, LZS Compression: disabled.
This works with options of the phase 2?Thanks in advance
MS
Hello
«Existing NAT (inside) 1
& global (outside) does not interfere with NAT 5 when users try to reach the ClientLAN.» Your inside nat index is '1', while the dynamic policy-nat is index '5 '.
"" For the phase 2 in general, we define Crypto ipsec transform-set TEST
". Sure, the remote tunnel peers even accept transform set, everything you put up with the example below and distant homologous put the same tunnel.
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
"In this scenario, no need to define any what
and just add empty transform don't set statement under card crypto? No you need a defined transformation.
"3. If we want to limit the destination port 443, I need to use separate VPN filters?
That's right, use a vpn-filter.
"4. we have several phase 1 configs, but wanted to use AES256 & DH5 (new policy)"... for s2s, these options work fine. ""
Of course, you have set the phase 1, as required.
Thank you
Rizwan James
-
Public static political static NAT in conflict with NAT VPN
I have a situation where I need to create a VPN site-to site between an ASA 5505 using IOS 7.2 and a Sonicwall NSA4500. The problem arises where the LAN behind the Cisco ASA has the same subnet an existing VPN currently created on the Sonicwall. Since the Sonicwall cannot have two VPN both run on the same subnet, the solution is to use policy NAT on the SAA as well as for the Sonicwall, the new VPN seems to have a different subnet.
The current subnet behind the ASA is 192.168.10.0/24 (The Sonicwall already has a private network virtual created for another customer with the same subnet). I try to translate it to 192.168.24.0/24. The peer LAN (behind the Sonicwall) is 10.159.0.0/24. The ASA relevant configuration is:
interface Vlan1
IP 192.168.10.1 255.255.255.0
access extensive list ip 192.168.24.0 outside_1_cryptomap allow 255.255.255.0 10.159.0.0 255.255.255.0
list of access VPN extended permit ip 192.168.10.0 255.255.255.0 10.159.0.0 255.255.255.0
public static 192.168.24.0 (inside, outside) - list of VPN access
card crypto outside_map 1 match address outside_1_cryptomap
In addition, there are other static NAT instructions and their associated ACLs that allow certain traffic through the firewall on the server, for example:
public static tcp (indoor, outdoor) interface smtp SERVER smtp netmask 255.255.255.255
The problem is this: when I enter the static strategy statement NAT, I get the message ' WARNING: real-address conflict with existing static "and then it refers to each of the static NAT statements reflecting the external address to the server. I've thought about it, and it seemed to me that the problem was that policy NAT statement must be the first statement of NAT (it is the last one) so that it is run first and all traffic destined to the VPN to the Sonicwall (destination 10.159.0.0/24) tunnel would be properly treated. If I left him as the last statement, then the other static NAT statements would prevent a part of the 10.159.0.0/24 network-bound traffic to be correctly routed through the VPN.
So, I tried first to my stated policy NAT upward in the ASDM GUI interface. However, moving the declaration was not allowed. Then I tried to delete the five static NAT statements that point to the server (an example is above) and then recreate them, hoping that would then move up the policy statement NAT. This also failed.
What Miss me?
Hello
I assumed that we could have changed the order of the 'static' , the original orders, but as it did not work for some reason any then it seems to me that you suggested or change, that I proposed should work.
I guess that your purpose was to set up static political PAT for the VPN for some these services, then static PAT of public network access, then static NAT to policy for the rest of the network in-house.
I guess you could choose any way seems best for you.
Let me know if get you it working. I always find it strange that the original configuration did not work.
Remember to mark a reply as the answer if it answered your question.
Feel free to ask more if necessary
-Jouni
-
Identity firewall does not work with NAT
We implement an environment that restrict access to Internet with rules based on users and groups to Active Directory.
There were many difficulties, but the current state is:
-The 'Test' of the firewall server-> identity Options results GOOD group
-The 'Test' of Agent of Active Directory on Windows-> identity Options GOOD results
-The rules we applied on the inside Firewall identity-based Interface are no "respected".
The environment:
-We have two ASA 5520 to failover.
-There are four contexts in this pair of ASA.
-Now we are activating the firewall of identity in a context.
-Of course, the AD are in one of the inside of this context, networks.
On the Configuration Guide of the identity of Firewall, to
We have seen that there are a lot of features that are not supported:
...
The following features of ASA do not support the use of the object based on the identity and the FULL domain name:
Route-map
-Crypto card
-WCCP
-NAT
-Group (except filter VPN) policy
-DAP
...
When using NAT does not, just remove NAT.
How to configure this feature? Identity with NAT work?
This is the reason why you have not any user ip in ASA mappings.
Domain configured in ASA name must be the netbios domain name and it must be matched with one that you see 'adacfg dc list' output, otherwise ASA will drop all user agent AD ip report.
You can have a try with the following new configs.
field of the identity of the user TEST4 aaa-Server AD-TEST4
identity of the user by default-field TEST4
inside_access_in list extended access deny the user ip TEST4\rodrigo a whole
-
Cisco Asa vpn site-to-site with nat
Hi all
I need help
I want to make a site from the site with nat vpn
Site A = 10.0.0.0/24
Site B = 10.1.252.0/24I want when site A to site B, either by ip 172.26.0.0/24
Here is my configuration
inside_nat_outbound to access ip 10.0.0.0 scope list allow 255.255.255.0 10.1.252.0 255.255.255.0
tunnel-group x.x.x.x type ipsec-l2l
tunnel-group ipsec-attributes x.x.x.x
pre-shared-key!ISAKMP retry threshold 10 keepalive 2
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
card crypto outside_map 2 match address inside_nat_outboundcard crypto outside_map 2 pfs set group5
card crypto outside_map 2 peers set x.x.x.xcard crypto outside_map 2 game of transformation-ESP-AES-256-SHA
NAT (inside) 10 inside_nat_outbound
Global 172.26.0.1 - 172.26.0.254 10 (outside)
but do not work.
Can you help me?
Concerning
Frédéric
You must ensure that there is no NAT 0 ACL statement because it will take precedence over the static NAT.
You don't need:
Global 172.26.0.1 - 172.26.0.254 10 (outside)
NAT (inside) 10 access-list nattoyr
Because it will be replaced by the static NAT.
In a Word is enough:
nattoyr to access ip 10.0.0.0 scope list allow 255.255.255.0 10.1.252.0 255.255.255.0
access extensive list ip 172.26.0.0 vpntoyr allow 255.255.255.0 10.1.252.0 255.255.255.0
public static 172.26.0.0 (inside, outside) - nattoyr access list
card crypto outside_map 2 match address vpntoyr
card crypto outside_map 2 pfs set group5
card crypto outside_map 2 defined peer "public ip".
card crypto outside_map 2 game of transformation-ESP-AES-256-SHA
outside_map interface card crypto outside
tunnel-group "public ip" type ipsec-l2l
tunnel-group "public ip" ipsec-attributes
pre-shared key *.
-Make sure that it not there no NAT ACL 0 including the above statements and check if NAT happening (sh xlate) and the
traffic is being encryption (sh cry ips its)
Federico.
-
Hello
I am trying to set up a VPN between a VLAN I have defined and another office. I have been using nat on the interface for internet access with a NAT pool.
I created the VPN with crypto card and the VPN is successfully registered.
The problem I encounter is that with NAT is enabled, internet access is working but I can ping through the VPN.
If I disable NAT, VPN works perfectly, but then him VLAN cannot access the internet.
What should I do differently?
Here is the config:
Feature: 2911 with security package
Local network: 10.10.104.0/24
Remote network: 192.168.1.0/24
Public beach: 65.49.46.68/28
crypto ISAKMP policy 104
BA 3des
preshared authentication
Group 2
lifetime 28800
ISAKMP crypto key REDACTED address 75.76.102.50
Crypto ipsec transform-set esp-3des esp-sha-hmac strongsha
OFFICE 104 ipsec-isakmp crypto map
defined by peer 75.76.102.50
Set transform-set strongsha
match address 104
interface GigabitEthernet0/0
IP 65.49.46.68 255.255.255.240
penetration of the IP stream
NAT outside IP
IP virtual-reassembly
full duplex
Speed 100
standby mode 0 ip 65.49.46.70
0 6 2 sleep timers
standby 0 preempt
card crypto OFFICE WAN redundancy
interface GigabitEthernet0/2.104
encapsulation dot1Q 104
IP 10.10.104.254 255.255.255.0
IP nat pool wan_access 65.49.46.70 65.49.46.70 prefix length 28
overload of IP nat inside source list 99 pool wan_access
access-list 99 permit 10.10.104.0 0.0.0.255
access-list 104. allow ip 10.10.104.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 104. allow ip 192.168.1.0 0.0.0.255 10.10.104.0 0.0.0.255
access-list 104 allow icmp 10.10.104.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 104 allow icmp 192.168.1.0 0.0.0.255 10.10.104.0 0.0.0.255
ISAKMP crypto #sh her
IPv4 Crypto ISAKMP Security Association
DST CBC conn-State id
65.49.46.70 75.76.102.50 QM_IDLE 1299 ACTIVE
Hello!
Please, make these changes:
extended Internet-NAT IP access list
deny ip 10.10.104.0 0.0.0.255 192.168.1.0 0.0.0.255
IP 10.10.104.0 allow 0.0.0.255 any
IP nat inside source list Internet-NAT pool access-wan overload
* Please do not remove the old NAT instance until you add that above.
Please hold me.
Thank you!
Sent by Cisco Support technique Android app
-
Assign a static IP to guest with NAT Virt network adapter?
I'll put up a * nix VM that I want to give out-bound network connectivity, but I want to make its services available only on my local machine (for example MySQL). VMWare Player with NAT assigned a DHCP address, but because it is not update my host name resolution, to access a service on the client, I need to use the IP address.
I would like to assign a static IP address on the guest, so I can add an easy to use in the host of my host file. I can update my guest network interface file to not assign no problem. I'm worried that I can use an IP address that overlaps the VMWare DHCP pool (and may occur a conflict of address when I turn on a new virtual machine), or outside the range of the virtual switch.
Is this possible with VMWare Player, and is there something in the configuration files, that I might be able to change this?
Default 192.168.x.1 address is used for the adapter to the virtual host, 192.168.x.2 as the address of the NAT gateway and 192.168.x.128... 254 for DHCP, which means that you can assign static IP addresses between 192.168.x.3 and... 127.
However, you can configure rather a reserve in the vmnetdhcp.conf file by adding for example
host LuckyLuke {}
Hardware ethernet 00: 0C: 29:23:b6:12;
fixed-address 192.168.156.77;
}just in front of the brand ' # end ' . Please replace "156" by your own subnet. In the example above, the VMS with MAC address "00: 0C: 29:23:b6:12" will receive the IP "192.168.156.77". BTW. hostname (in this case "LuckyLuke") does not matter, it must just be unique in the file.
André
-
I have an iMac 27' 2012 with macOS Sierra and Apple Watch with watch OS 3, I can use the function "Log?" in Apple Watch
Hi John 2078 Tito.
I understand that you have updated your iMac and Apple Watch and now you're curious about unlock your iMac using your Apple Watch. I know that it is a nice feature to be able to quickly and safely unlock your computer, so I'm happy to help you.
This feature is available on 2013 iMacs and later versions, which means that your iMac won't be compatible. You can see more info on this feature here:
Unlock your Mac with Apple Watch - Apple Watch user's GuideThank you for using communities Support from Apple. See you soon!
-
Hi, I bought a new Apple MacBook Air yesterday of FNAC in Geneva, and when I got it home I couldn't go beyond the black bar. In the end, I got a white circle with a slash and a black screen. Please tell us what to do. Thank you.
Bring her back. It's new, it's at the shop for sorting or replace it, not you to try to fix it.
-
Try to add a page to a pages document. It worked until now but just finished page 13 with text and photos and cannot add another page, using macbook pro with El Capitan and the most recent version of the Pages.
You have placed your beam to insert at the end of your text on page 13 and then apply Insert menu: Page Break? In the v5.6.2, Pages I just add a new page to a section of four pages to this approach.
-
How can implement you not with Tim Capsule and AirPort their simulation on the iMac?
Hello
How can implement you not with Time Capsule and AirPort their simulation on the iMac?
I don't know what you're asking.
AirPort Extreme is a wireless router.
A Time Capsule airport is an AirPort Extreme with a built-in hard drive for data storage.
An iMac is a Mac computer.
An iMac is not a wireless router, so he is unable to perform the functions of a wireless router.
Maybe you are looking for
-
When I send an e-mail message, the attachment is automatically added to the new e-mail message. It is ok. However when I answer, the attachment does not come and sometimes I need to have the current attachment. So I need an option like "reply with at
-
EliteBook 8730w: no bluetooth EliteBook8730w in windows 10
L.S. My computer is a device for bluetooth connection, although I do seem to find in Windows 10. I checked the forum, updates and tried some drivers that are specifically for Windows 7. Is there a solution? Thanks for the reply. Jacob
-
Microsoft Vista update not finished
While on my computer, I received a pop-up to restart my computer for Windows updates. I fact and 2 of the 3 downloaded. For the 3rd, my computer restarts, the vista logo appears and the screen is blue saying 'configuration update 3 of 3 0% complete
-
KB2675157 of a security update cumulative for Internet Explorer 8 for Windows Vista fails to install
Maintains a security update cumulative for Internet Explorer 8 for Windows Vista (KB2675157) do not install - tried "fix it" and that did not work - any ideas?
-
I think that she has damaged its registry to the Windows Activation. Error 0xC004E003
Recently, I changed the hard drive in my Dell bosses. I know that Windows is trying to re - validate after a few hardware changes, but he never asked for this info so I guess he didn't need to. Other day windows has been updated and kept 3 restarts b