Lan2Lan problem

Similar Questions

• Strange problem of PIX Lan2Lan VPN!

  Hi, I set up my two firewalls pix for lan 2 lan vpn (ipsec) .This two firewalls connects directly with ethernet 0 and each has a local network on ethernet 1. When I try to ping SEARCH1 station2 after a period of and when ike phases are complete ping comes up with the answer, but when I try to ping station 1 station 2 I get no response. Why my vpn connection back in one direction and is not on the other side?

  (pix1)

  ethernet0 (outside): 20.20.20.1

  Ethernet1 (inside): 10.10.10.1

  research1 on inside: 10.10.10.20

  (pix2)

  ethernet0 (outside): 20.20.20.2

  Ethernet1 (inside): 15.15.15.1

  Station2 on Interior: 15.15.15.20

  pix1 config:

  interface Ethernet0

  nameif outside

  security-level 0

  IP 20.20.20.1 255.255.255.0

  !

  interface Ethernet1

  nameif inside

  security-level 100

  IP 10.10.10.1 255.255.255.0

  !

  Ping list extended access permit icmp any one

  Ping list extended access permit tcp any host 10.10.10.15 eq ftp

  access ip 10.10.10.0 extended list traffic allow 255.255.255.0 15.15.15.0 255.255.255.0

  NAT (inside), access list 0 traffic

  Access-group ping in external interface

  Route outside 15.15.15.0 255.255.255.0 20.20.20.2 1

  Crypto ipsec transform-set esp-3des esp-sha-hmac ipsec

  address traffic map crypto crymap 1 game

  peer set card crypto crymap 1 20.20.20.2

  crymap 1 transform-set ipsec crypto map

  crymap interface card crypto outside

  crypto isakmp identity address

  crypto ISAKMP allow outside

  crypto ISAKMP policy 1

  preshared authentication

  3des encryption

  sha hash

  Group 2

  life 1000

  tunnel-group 20.20.20.2 type ipsec-l2l

  IPSec-attributes tunnel-group 20.20.20.2

  pre-shared-key *.

  !!!!!!!! PIX 2 config

  interface Ethernet0

  nameif outside

  security-level 0

  IP 20.20.20.2 255.255.255.0

  !

  interface Ethernet1

  nameif inside

  security-level 100

  IP 15.15.15.1 255.255.255.0

  !

  Ping list extended access permit icmp any one

  Ping list extended access permit tcp any host 15.15.15.20 eq ftp

  ip 15.15.15.0 expanded list access traffic allow 255.255.255.0 10.10.10.0 255.255.255.0

  NAT (inside), access list 0 traffic

  Access-group ping in external interface

  Route outside 10.10.10.0 255.255.255.0 20.20.20.1 1

  Crypto ipsec transform-set esp-3des esp-sha-hmac ipsec

  address traffic map crypto crymap 1 game

  peer set card crypto crymap 1 20.20.20.2

  crymap 1 transform-set ipsec crypto map

  crymap interface card crypto outside

  crypto isakmp identity address

  crypto ISAKMP allow outside

  crypto ISAKMP policy 1

  preshared authentication

  3des encryption

  sha hash

  Group 2

  life 1000

  tunnel-group 20.20.20.1 type ipsec-l2l

  IPSec-attributes tunnel-group 20.20.20.1

  pre-shared-key *.

  Whe I get show crypto isakmp his every thing looks fine just when I ping station 2 St1, but after that if I erase isakmp its and trying them to ping station 1 ST 2 show crypto isakmp his returns with 'no active SA' why?

  Do 2 things:

  1. the life set up under the IKE policy is 1000. Bring to 86400. As the life of the Isakmp Security Association must be greater than the life of the Ipsec Security Association.

  2. make sure to separate for crypto ACL and the NAT ACL lists 0. you use same access-list "traffic." Create another identical access list and use it separately as Crypto ACL on both sides.

  For example on PIX2:

  ip 15.15.15.0 expanded list access traffic allow 255.255.255.0 10.10.10.0 255.255.255.0

  Access extensive list ip 15.15.15.0 VPNACL allow 255.255.255.0 10.10.10.0 255.255.255.0

  NAT (inside), access list 0 traffic

  crypto map crymap 1 corresponds to the address VPNACL

  Then check and validate the results.

  HTH

  Sangaré

  Pls rate helpful messages

• nat ASA 5520 problem

  Hi I have a Cisco Asa 5520 and I want to vpn site-to-site by using another interface with a carrier of lan to lan, the problem is when I try to pass traffic have the syslog error to follow:

  No translation not found for udp src lan2lan:10.5.50.63/44437 dst colo: biggiesmalls groups / 897
   
  LAN to LAN service interface is called: lan2lan
  one of the internal interfaces is called: colo
  
  I think that is problem with Nat on the SAA but I need help with this.
   
  Config:
   
  !
  interface GigabitEthernet0/0
  nameif outside
  security-level 0
  eve of fw - ext 255.255.255.0 address IP XXaaaNNaa
  OSPF cost 10
  OSPF network point-to-point non-broadcast
  !
  interface GigabitEthernet0/1
  No nameif
  no level of security
  no ip address
  !
  interface GigabitEthernet0/1.50
  VLAN 50
  nameif lb
  security-level 20
  IP 10.1.50.11 255.255.255.0
  OSPF cost 10
  !
  interface GigabitEthernet0/1,501
  VLAN 501
  nameif colo
  security-level 90
  eve of fw - int 255.255.255.0 172.16.2.253 IP address
  OSPF cost 10
  !
  !
  interface GigabitEthernet1/1
  Door-Lan2Lan description
  nameif lan2lan
  security-level 0
  IP 10.100.50.1 255.255.255.248
  !
  access extensive list ip 10.1.0.0 lan2lan_cryptomap_51 allow 255.255.0.0 object-group elo
  permit access list extended ip sfnet 255.255.255.0 lan2lan_cryptomap_51 object-group elo
  pager lines 24
  Enable logging
  host colo biggiesmalls record
  No message logging 313001
  External MTU 1500
  MTU 1500 lb
  MTU 1500 Colo
  lan2lan MTU 1500
  ICMP unreachable rate-limit 1 burst-size 1
  ARP timeout 14400
  NAT-control
  Global 1 interface (external)
  interface of global (lb) 1
  Global (colo) 1 interface
  NAT (lb) 1 10.1.50.0 255.255.255.0
  NAT (colo) - access list 0 colo_nat0_outbound
  NAT (colo) 1 10.1.13.0 255.255.255.0
  NAT (colo) 1 10.1.16.0 255.255.255.0
  NAT (colo) 1 0.0.0.0 0.0.0.0
  external_access_in access to the external interface group
  Access-group lb_access_in in lb interface
  Access-group colo_access_in in interface colo
  Access-group management_access_in in management of the interface
  Access-group interface lan2lan lan2lan
  !
  Service resetoutside
  card crypto match 51 lan2lan_map address lan2lan_cryptomap_51
  lan2lan_map 51 crypto map set peer 10.100.50.2
  card crypto lan2lan_map 51 game of transformation-ESP-3DES-SHA
  crypto lan2lan_map 51 set reverse-road map
  lan2lan_map interface lan2lan crypto card
  quit smoking
  ISAKMP crypto identity hostname
  ISAKMP crypto enable lan2lan
  crypto ISAKMP policy 10
  preshared authentication
  3des encryption
  sha hash
  Group 2
  life 86400
  Crypto isakmp nat-traversal 20
  enable client-implementation to date
  IPSec-attributes tunnel-group DefaultL2LGroup
  pre-shared-key xxXnnAA
  tunnel-group 10.100.50.2 type ipsec-l2l
  tunnel-group 10.100.50.2 General-attributes
  Group Policy - by default-site2site
  No vpn-addr-assign aaa
  No dhcp vpn-addr-assign
  Telnet timeout 5
  !
   

  The VPN is OK? ("' isakmp crypto to show his" should show a MM_Active tunnel to the peer address ")

  Normally exempt us VPN site-to-site of NAT traffic. This could be your problem. If you can share your configuration, we can have a look.

  p.s. you should affect the question of the security / VPN forum.

• Rays LAN2LAN remote access

  I have a portion of the SAA for most as a data center firewall and remote user access.  I recently added a LAN2LAN IPsec tunnel to a temporary office.  But I noticed that the remote IPsec tunnel cannot achieve speak it LAN.

  So imagine a home user with laptop 192.168.1.100 and it creates a split in the ASA IPsec tunnel by which 10.0.0.0/8 is encrypted / tunnel.

  Not out of the ASA is a tunnel from LAN to LAN to an office with IP Block 10.10.70.0/24.  How the home user could reach a device on the remote site on the 10.10.70.0 network?  Is this possible?

  There are even several examples on the forums here.

  First of all, you must allow back on the same interface of ASA (if you cancel crypto on an interface only).

  same level of perm intra-interface security

  As a result, you will need access remote subnet go to the lan-to-lan of remote subnets.

  I also suggest to add reverse road injection to avoid problems of routing on the SAA.

  Don't forget that also this device remote l2l should be adjusted (possibly adjustments of nat, routing and access-list).

  Example of doc:

  http://www.Cisco.com/en/us/products/ps6120/products_configuration_example09186a00805734ae.shtml

• Unable to Scan to the computer after downloading macOS Sierra. Is this a software problem?

  How can I scan from HP Envy 4500 to computer after downloading macOS Sierra?

  Hello wdemetris,

  Thanks for asking for scanning helps here in the Apple Support communities. I understand how it is important to have access to your scanner and am happy to offer help for this.

  As a precaution, we always recommend that you have backups to make sure that all your data is safe. You can perform a backup using Time Machine and an external hard drive. Use this article to help make a backup of your Mac: use Time Machine to back up or restore your Mac.

  Then, in accordance with article help: printer and scanner for Sierra, El Capitan, Yosemite, and the Mavericks macOS software, the HP Envy 4500 e-all-in-one is supported for printing and scanning. The drivers must be installed, but if not, if it please go to the App Store and check the updates tab to see if there are updates for HP. If there is, please install.

  If you have only general questions about how to get your updated scanner in place or how to scan pictures, please check out these two articles: macOS Sierra: implement a scanner & macOS Sierra: scan images or documents. If everything is configured correctly and you still have problems scanning, please visit this help article: macOS Sierra: scanning troubleshooting.

  Thanks again and have a great rest of your day.

• My iPhone 6 installed 10.0.2 stops when it gets to 40% of autonomy.  In addition, it seems to pass power WAY to fast with the new software.  Does anyone else have this problem?

  My iPhone 6 installed 10.0.2 stops when it gets to 40% of autonomy.  In addition, it seems to pass power WAY to fast with the new software.  Does anyone else have this problem?

  Hello brooksm549,
  Thank you for using communities of Apple Support.

  I got your message which, since updating your iPhone 6 to iOS 10.0.2 your iPhone stops when it is 40% and the power to empty very quickly. I understand your concern with the iPhone turn off and drains the battery. I recommend you to review the use of the battery to see what app contributes more to the battery drain. The following article will provide you with steps on how to check the use of the battery:

  On the use of the battery on your iPhone, iPad and iPod touch

  When you know about the soft uses more battery, you can change your settings in order to optimize the battery life:

  Maximize the life of the battery and battery life

  Best regards.

• MacBook Pro display problem

  Hello members of the community.

  As of recently, I have noticed some glitches when feeding on my MacBook or awakened from his sleep.

  The colors are distorted, usually with pink, green, or yellow blobs. Blobs cannot entirely replace the colors, they appear to be contained in a element would normally be. For example. the menu bar will be partially pink and white, but pink does not leave the menu bar in this area, and the Office has green lines on it.

  I tried to take a screenshot, but the problem resolves in about 20 seconds, but it's a recurring problem.

  It happens when I wake up, connection or not. I had also certain powers serious and problems of performance, such that my MagSafe LED would not illuminate when plugged on rare occasions, fan could turn unnecessarily, graphics performance were SUPER slow, and the health of my battery was running out quickly. I actually ran a report on the system at 2 different times and my quality of full load is depleting of 1.2% per charge cycle, which is very worrying. I went from 6281 mAh mAh 6138 maximum capacity after two cycles of load. I'm tracking closely it because at this rate, my battery will survive only at load cycles about 150 instead of the 1000 expected, gives me the idea that this could very well be a bad battery. The computer is also warm to the touch while you sleep, not connected to the power supply. I NAP active but even taking into account should not be hotter my iPhone did the same thing.

  I have reset the SMC, and it solved a couple of problems. The charger works fine now and my performance improved considerably (which made me feel better, either it is a high-performance laptop, a 11-inch MacBook Air should not he surpass), and battery life has improved. I feel even if it uses a lot of power in his sleep. Maybe I need to turn off the NAP and see if that makes a difference. The graphic bug still persists however, and I don't have enough time to see if the max battery is depleting again.

  In regards to the bug, is there something that can be done? Basically, I want to assure you that I took all appropriate measures or if someone else has this problem to see if it can be software related instead of my computer.

  I have the entry level MacBook Pro with the retina, last generation.

  Any constructive contribution welcome!

  See you soon.

  -adreaux

  Hello bernardn753,

  After reviewing your post, it seems that you are having problems with the screen showing strange things on it. Looks like you already have a troubleshooting. I recommend you read this article, as reset NVRAM would be to reset your screen resolution settings that should help.

  How to reset the NVRAM on your Mac.

  Thank you for using communities of Apple Support. Good day.

• with IOS 10.0.2 - 5s iphone Bluetooth problems

  Since upgrading ISO 10.0.2 my M50 from PLT Plantronics (helmet unique headset) do not reliably connects with my iPhone 5 more. I have to go to the settings, activate bluetooth turned off/turned on, touch the device on the bluetooth page, etc. Once it connects successfully, it will reconnect (if I turn off the headset and turn it back on) for a short period. The next day he does not connect itself but I play with bluetooth on the iPhone again.

  It has always worked perfectly before the 10th of IOS.

  And, as I noticed others mentioning, the volume is much lower with IOS 10. The maximum volume is much lower. I can barely hear it now, more normal background noise, while driving.

  I did:

  Forget this device for the PLT M50 and paired again (several times)

  I did a Reset Network Settings

  I don't know what else to do - but it's a 10.0.2 IOS issue.

  Hello AppleUser2k,

  Please ask questions about your problems of connection between your iPhone and your Plantronics headset since you upgraded to iOS 10. I understand how important it is to have your Bluetooth devices connect with your iPhone with reliability. Here's what I recommend.

  The first thing we want to make sure is that all your data is safe. You can perform a backup in iCloud or iTunes using this article: backing up your iPhone, iPad, and iPod touch.

  Once your data is safe, try the troubleshooting steps in this article to help: get help to connect a Bluetooth accessory with your iPhone, iPad or iPod touch device should also check with the manufacturer that the device has all the drivers and firmware to work with the new version of iOS.

  If you have checked everything and that you have installed the latest firmware or driver and always are problems, please be aware of your surroundings when you encounter these problems. If you can isolate the time or location, you see the problems, you can isolate the cause. You can even see this help article to ensure that you are not affected by outside interference: the potential sources of Wi-Fi and Bluetooth.

  Thanks again and have a great rest of your day.

• Problem after update 10.0.2 iOS iPhone touchscreen

  After I have updated to iOS 10.0.2, I noticed a problem with the touch screen. Using the position of the image on the right side, near the corner, the toushscreen does not work.
  For example: when you use the keyboard, I can't type the letter 'P', have trouble typing BACKSPACE. Using the Contacts app, I can't scroll through using the alphabet bar.

  Do what idea of the problem?

  Kind regards!

  Hi fabriciorela,

  Thanks for the upgrade to iOS 10! I understand that the right of your screen is unresponsive to the touch. You can try the steps in this link to fix the problem. If the screen of your iPhone, iPad or iPod touch does not respond to touch

  If it does not help the problem, try to restore the device to factory settings. I would like to backup your important data first.

  The backup of your iPhone, iPad and iPod touch

  Use iTunes on your Mac or PC to restore your iPhone, iPad or iPod to factory settings

  Please use the Apple Support communities to post your question. Let us know how it turns out. Have a great day.

• Bluetooth connection problem iPhone - audio system Nissan after upgrade iOS10

  After iOS10.0.2 iOS9 on iPhone upgrade, I got a cordially problem receive calls raise Nissan car audio.

  I can make a call without any problem. Bluetooth connection is stable. I can download address book e.t.c. But I can't receive a call. I see the incoming call on the radio shows. After pressing the button "answer" on the car Audio System, audio between iPhone and Audio streams car breaks down.

  But the cellular connection remains active. I need to rotate the audio output on the screen of the iPhone car for iPhone and back to the car. After that, I can continue my call via the car radio.

  Thanks in advance

  Hello StasV,

  Thank you for using communities Support from Apple. I know having a problem with calls on your iPhone in your car, it's not what you expect. The good news is that these steps will be useful for your problem of phone calls while using the bluetooth in your car. Go to settings > general > accessibility > routing of Audio calls and the value headset/Bluetooth Headset and retest your question.

  Audio routing call - the iPhone user Guide
  Help to connect your iPhone, iPad or iPod touch with your car radio

  See you soon!

• 2 iphones on one iTunes, problem of photo icloud account

  OK, my brother-in-law just updated its OS on his Iphone. He shared an Apple ID with his wife, who has his own iPhone. They all have two backup only in iCloud. His problem is that his wife photos are now on his phone. How can he fix it?

  Get its own identifier Apple- create and start using a Apple - Apple Support ID

• Problem activation ISO 10 September 2016

  After my Ipad iOS 10.0.2 update I could not activate because it says I am not access with the original Apple journal. Makes no sense. I bought the new Ipad in seven of 2013 Dabs.com. She has been linked to my Apple account 10 days ago (I deleted my profile by own Apple support Web site suggestion as a way to fix my problem, the other restoration/upgrade to the Ipad with ITunes update). I contacted the support of Apple (I have two numbers in case Apple). Asked Apple support to provide a proof of purchase I made. Told me now the reception that I provided does not correspond to my Ipad, but Apple isn't going to help with all the details to help to regularize the situation. The Ipad is mine and well was linked to my account from the date of purchase in September of 2013 until I removed it at the suggestion of site specific help from Apple. I now do not have access to my ipad £460 for more than 10 days and have lost money and time talking to 4 different cooperatives of Apple, after 6 calls and none seem able to deal with a ridiculous situation. Alexandre Vitorino (Apple) seems to have the best handle on weird how this situation is. Please can someone fix this? A software update on an Ipad that I own shouldn't stop me using it and then force me to prove that I admit actually before I use it again! I'm a professional businessman who uses it for meetings of the Council. I have a receipt for my camera and get treated like a kind of criminal.

  My sincere sympathy for those who can't find their original receipt or forget their original log-in Ipad because Apple does not help, you and your Ipad will be also useless mine is currently!

  If you are in the same situation please confirm to this post. I can't be alone, if she feels like it!

  Post edited by: cibble10

  Lock activation occurs when the ID of original Apple blocking it does not match with your current Apple ID.

  Until you can bring a receipt valid from an Apple reseller or authorized, it's nothing you can do.

  BTW, the polling stations in this Apple-owned forums is prohibited. You can review the terms of use.

• Anyone know how to solve my problem? I can't import my photos from Iphone to computer. Sign says: Photos in the camera cannot be imported because the IPhone is locked with a password or read. My phone is unlocked. I've tried everything

  Anyone know how to solve my problem? I can't import my photos from Iphone to computer. Sign says: Photos in the camera cannot be imported because the IPhone is locked with a password or read. My phone is unlocked. I tried everything, every single idea. Without success! Any other idea?

  For example, you specify that the device does not display the lock screen, correct? Do you use Touch IDS? If so, try to put your finger on the device to see if it's what he wants.

  See you soon,.

  GB

• icloud in the iPhone activation problem 6 more

  IM someone buy iphone 6plus they don't sign Apple ID and icloud, I reset my phone and now I'm still icloud activation problem.how can I do?

  You can not. The only way is if the previous owner release form their iCloud account. If they will not do for you, it means nothing to you.

• Phot of problem analysis

  Hello

  I have a problem with the app photo with Sierra.

  I 107755 pictures. the analysis of people started

  but he remains arrested with 519 photos

  I tried to fix the bookstore. restart analysis but still stuck to 519 phoos.

  Does anyone have the same problem and a solution?

  Thank you

  Thomas

  How long it has been blocked? You have a very large library so I keep the Mac awake and fed and the Photos doesn't work does not and give him a few days - usually messing slows it rather than speeding it and is a 'restart Yvert"command

  lN