Need help! ASA 5505 not PPTP passthrough to the Server internal
Hello:
Recently, I add a new Cisco ASA 5505 like Firewall of the company network. I found that the PPTP authentication has not obtained through internal Microsoft Server. Any help and answer are appriciated.
Please see my setup as below. Thank you!
ASA Version 8.4 (3)
!
names of
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
switchport access vlan 2
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
IP 172.29.8.254 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP 177.164.222.140 255.255.255.248
!
passive FTP mode
clock timezone GMT 0
DNS server-group DefaultDNS
domain ABCtech.com
permit same-security-traffic inter-interface
network obj_any object
172.29.8.0 subnet 255.255.255.0
service object RDP
source eq 3389 tcp service
Orange network object
Home 172.29.8.151
network of the WAN_173_164_222_138 object
Home 177.164.222.138
SMTP service object
tcp source eq smtp service
service object PPTP
tcp source eq pptp service
service of the JT_WWW object
tcp source eq www service
service of the JT_HTTPS object
tcp source eq https service
network obj_lex object
172.29.88.0 subnet 255.255.255.0
network of offices of Lexington Description
network obj_HQ object
172.29.8.0 subnet 255.255.255.0
guava network object
Home 172.29.8.3
service object L2TP
Service udp source 1701 eq
Standard access list VPN_Tunnel_User allow 172.29.8.0 255.255.255.0
Standard access list VPN_Tunnel_User allow 172.29.88.0 255.255.255.0
inside_access_in list extended access permit icmp any one
inside_access_in tcp extended access list deny any any eq 135
inside_access_in tcp extended access list refuse any eq 135 everything
inside_access_in list extended access deny udp any what eq 135 everything
inside_access_in list extended access deny udp any any eq 135
inside_access_in tcp extended access list deny any any eq 1591
inside_access_in tcp extended access list refuse any eq 1591 everything
inside_access_in list extended access deny udp any eq which 1591 everything
inside_access_in list extended access deny udp any any eq 1591
inside_access_in tcp extended access list deny any any eq 1214
inside_access_in tcp extended access list refuse any eq 1214 all
inside_access_in list extended access deny udp any any eq 1214
inside_access_in list extended access deny udp any what eq 1214 all
inside_access_in of access allowed any ip an extended list
inside_access_in list extended access permit tcp any any eq www
inside_access_in list extended access permit tcp any eq www everything
outside_access_in list extended access permit icmp any one
outside_access_in list extended access permit tcp any host 177.164.222.138 eq 3389
outside_access_in list extended access permit tcp any host 177.164.222.138 eq smtp
outside_access_in list extended access permit tcp any host 177.164.222.138 eq pptp
outside_access_in list extended access permit tcp any host 177.164.222.138 eq www
outside_access_in list extended access permit tcp any host 177.164.222.138 eq https
outside_access_in list extended access allowed grateful if any host 177.164.222.138
outside_access_in list extended access permit udp any host 177.164.222.138 eq 1701
outside_access_in of access allowed any ip an extended list
inside_access_out list extended access permit icmp any one
inside_access_out of access allowed any ip an extended list
access extensive list ip 172.29.8.0 outside_cryptomap allow 255.255.255.0 172.29.88.0 255.255.255.0
inside_in list extended access permit icmp any one
inside_in of access allowed any ip an extended list
inside_in list extended access udp allowed any any eq isakmp
inside_in list extended access udp allowed any isakmp eq everything
inside_in list extended access udp allowed a whole
inside_in list extended access permitted tcp a whole
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
local pool ABC_HQVPN_DHCP 172.29.8.210 - 172.29.8.230 255.255.255.0 IP mask
ICMP unreachable rate-limit 1 burst-size 1
enable ASDM history
ARP timeout 14400
NAT static orange interface (inside, outside) source RDP RDP service
NAT (inside, outside) source obj_HQ destination obj_HQ static static obj_lex obj_
Lex-route search
NAT guava Shared source (internal, external) WAN_173_164_222_138 service JT_WWW JT_WWW
NAT guava Shared source (internal, external) WAN_173_164_222_138 service JT_HTTPS JT_HTTPS
NAT guava Shared source (internal, external) WAN_173_164_222_138 service RDP RDP
NAT guava Shared source (internal, external) WAN_173_164_222_138 SMTP SMTP service
NAT guava Shared source (internal, external) WAN_173_164_222_138 PPTP PPTP service
NAT guava Shared source (internal, external) WAN_173_164_222_138 service L2TP L2TP
!
network obj_any object
NAT dynamic interface (indoor, outdoor)
inside_in access to the interface inside group
Access-group outside_access_in in interface outside
Route outside 0.0.0.0 0.0.0.0 177.164.222.142 1
Route inside 172.29.168.0 255.255.255.0 172.29.8.253 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
AAA-server protocol nt guava
AAA-server host 172.29.8.3 guava (inside)
Timeout 15
guava auth - NT domain controller
identity of the user by default-domain LOCAL
Enable http server
http 172.29.8.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac
Crypto ipsec transform-set esp-3des esp-md5-hmac Remote_VPN_Set ikev1
Crypto ipsec transform-set esp-3des esp-md5-hmac Remote_vpn_set ikev1
Crypto ipsec ikev2 AES256 ipsec-proposal
Protocol esp encryption aes-256
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES192
Protocol esp encryption aes-192
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal AES
Esp aes encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 proposal ipsec 3DES
Esp 3des encryption protocol
Esp integrity sha - 1, md5 Protocol
Crypto ipsec ikev2 ipsec-proposal OF
encryption protocol esp
Esp integrity sha - 1, md5 Protocol
Crypto-map Dynamics 20 ikev1 transform-set Remote_VPN_Set set outside_dyn_map
Crypto-map dynamic outside_dyn_map 20 the value reverse-road
card crypto outside_map 1 match address outside_cryptomap
peer set card crypto outside_map 1 173.190.123.138
card crypto outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5
ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA'RE
P-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 1 set ikev2 AES256 AES192 AES 3DES ipsec-proposal OF
map outside_map 65535-isakmp ipsec crypto dynamic outside_dyn_map
outside_map interface card crypto outside
IKEv2 crypto policy 1
aes-256 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 10
aes-192 encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 20
aes encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 30
3des encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
IKEv2 crypto policy 40
the Encryption
integrity sha
Group 2 of 5
FRP sha
second life 86400
Crypto ikev2 allow outside
Crypto ikev1 allow outside
IKEv1 crypto policy 1
preshared authentication
3des encryption
sha hash
Group 2
life 43200
IKEv1 crypto policy 10
authentication crack
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 20
authentication rsa - sig
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 30
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 40
authentication crack
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 50
authentication rsa - sig
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 60
preshared authentication
aes-192 encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 70
authentication crack
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 80
authentication rsa - sig
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 90
preshared authentication
aes encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 100
authentication crack
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 110
authentication rsa - sig
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 120
preshared authentication
3des encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 130
authentication crack
the Encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 140
authentication rsa - sig
the Encryption
sha hash
Group 2
life 86400
IKEv1 crypto policy 150
preshared authentication
the Encryption
sha hash
Group 2
life 86400
Telnet 192.168.1.0 255.255.255.0 inside
Telnet 172.29.8.0 255.255.255.0 inside
Telnet timeout 5
SSH timeout 5
Console timeout 0
dhcpd auto_config off vpnclient-wins-override
!
dhcprelay Server 172.29.8.3 on the inside
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
WebVPN
allow outside
internal ABCtech_VPN group strategy
attributes of Group Policy ABCtech_VPN
value of server DNS 172.29.8.3
Ikev1 VPN-tunnel-Protocol
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list VPN_Tunnel_User
value by default-field ABCtech.local
internal GroupPolicy_10.8.8.1 group strategy
attributes of Group Policy GroupPolicy_10.8.8.1
VPN-tunnel-Protocol ikev1, ikev2
name of user who encrypted password eicyrfJBrqOaxQvS
tunnel-group 10.8.8.1 type ipsec-l2l
tunnel-group 10.8.8.1 General-attributes
Group - default policy - GroupPolicy_10.8.8.1
IPSec-attributes tunnel-group 10.8.8.1
IKEv1 pre-shared-key *.
remote control-IKEv2 pre-shared-key authentication *.
remotely IKEv2 authentication certificate
pre-shared-key authentication local IKEv2 *.
tunnel-group ABCtech type remote access
attributes global-tunnel-group ABCtech
address ABC_HQVPN_DHCP pool
authentication-server-group guava
Group Policy - by default-ABCtech_VPN
IPSec-attributes tunnel-group ABCtech
IKEv1 pre-shared-key *.
tunnel-group 173.190.123.138 type ipsec-l2l
tunnel-group 173.190.123.138 General-attributes
Group - default policy - GroupPolicy_10.8.8.1
IPSec-attributes tunnel-group 173.190.123.138
IKEv1 pre-shared-key *.
remote control-IKEv2 pre-shared-key authentication *.
remotely IKEv2 authentication certificate
pre-shared-key authentication local IKEv2 *.
!
class-map inspection_default
match default-inspection-traffic
!
!
Policy-map global_policy
class inspection_default
inspect the pptp
inspect the ftp
inspect the netbios
!
172.29.8.3 SMTP server
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:6a26676668b742900360f924b4bc80de
: end
Hello Wayne,
The first thing I noticed
In the ACL you are pointing to the broad public while it should be to the private sector (YOU HAVE A PERMIT IP ANY ANY to the end, so it's not bad. FYI, if you decide to take this one any allowed ip address then you should point to private servers ip addresses)
Now, the policy where the PPTP inspection, etc., will be used is not applied to any service-policy so add:
global service-policy global_policy
Don't forget not just for a PPTP connection to get established we should see 2 things:
-Trading is done on the TCP 1723 port and then traded on Appreciate data packets.
Follow my blog for more information on this topic:
http://laguiadelnetworking.com/2012/12/22/what-is-new-on-the-PPTP-inspection-on-the-ASA/
Try and let me know
Julio
Tags: Cisco Security
Similar Questions
-
Adobe muse work on a menu lighbox and need help I can not the box of active relaxation, even if I checked trigger on top anyone with a suggestion?
Thank you, it ends up being a superposition problem, thank you, but I can see where an invisible element could be a problem too. I use to select it all the trick to understand where I've been in Illustrator all time years ago I am so new Muse that I kept thinking can be as simple as I can go back to things I've done in other Adobe programs, but it is! and I'm an old school Print Designer who doesn't REALLY know the thing no coding thank once again
-
the friends hyii UA HUD need help how to make a backup of the files from his deleted with (shift + delete) memory card
Hello
It seems that you want to restore the files removed from the memory card.
I will definitely help you with this.
I would say you can search the Internet for data recovery software by using your favorite search engine.
Warning: Using third-party software, including hardware drivers can cause serious problems that may prevent your computer from starting properly. Microsoft cannot guarantee that problems resulting from the use of third-party software can be solved. Software using third party is at your own risk.
It will be useful. If you have any other questions, feel free to let us know. We will be happy to help you.
Thank you.
-
I need help to write a script that detects the first instance of a paragraph style and then change
I need help to write a script that detects the first instance of a paragraph style and then he goes to a different paragraph style. I don't necessarily need someone to write all this, by the biggest problem is to find how to find just the first instance of the paragraph style. Any help would be greatly appreciated, thank you!
Hello
then try this with your active doc:
....................
myDoc var = app.activeDocument;
mStyle var = myDoc.paragraphStyles.item ("PS_NameToFind"); change the name to paraStyle
var mStyle_1 = myDoc.paragraphStyles.item ("PS_NameToChange"); change the name to paraStyle
var mFrames = myDoc.pages.everyItem ().textFrames.everyItem () .getElements ();
app.findTextPreferences = null;
app.findTextPreferences.appliedParagraphStyle = mStyle;
for (var k = 0; k)< mframes.length;="">
{
currFound = mFrames [k] .findText ();
If (currFound.length > 0)
currFound [0] .paragraphs [0] .appliedParagraphStyle = mStyle_1;
}
app.findTextPreferences = null;
................
Rgds
-
can not display the webpage error something about the Server internal and 500 are down for maintenance? Yahoo search option and can get to Web site but trying to post comments online and get this message. tried to restart and got the same answer. Just set Windows to update when I logged on tonight.
Hi ginnypierson,
Thanks for posting in the Microsoft community.
I understand that you are facing the issue with can not display the webpage and you are wrong about 500 and internal server being down for maintenance.
Before you start the troubleshooting steps, I need the information required
1. what web browser do you use?
2. have you made any changes to the computer?
3. this problem occurs only with the particular website?
Method 1:
If you use Internet explorer, I suggest you to see link and check.
Get help with the Web site (HTTP error) error messages.
http://Windows.Microsoft.com/en-us/Windows-Vista/get-help-with-website-error-messages-HTTP-errors
Method 2:
I suggest you to see link and check.
How to optimize Internet Explorer
http://support.Microsoft.com/kb/936213/ro
WARNING: Reset Internet Explorer settings can reset security settings or privacy settings that you have added to the list of Trusted Sites. Reset the Internet Explorer settings can also reset parental control settings. We recommend that you note these sites before you use the reset Internet Explorer settings
Please follow these recommended steps, review the additional information provided and after back if you still experience the issue. I will be happy to provide you with additional options available that you can use to get this resolved.
-
JDeveloper is not able to find the server SOA
I am trying to deploy Hello World BPEL project in Jdeveloper 11.1.1.6.0 to 10.3.6 stand-alone Weblogic Server. JDeveloper is able to the list of managed servers running (admin server and soa-server). However, it is not able to find the server of the SOA. I checked that soa-infra is running.
While trying to find SOA server, it fails with the exception of Null pointer with the following stack trace:
java.lang.RuntimeException: java.lang.NullPointerException
at oracle.tip.tools.ide.fabric.asbrowser.WeblogicSOAServer.initPartitions(WeblogicSOAServer.java:89)
to oracle.tip.tools.ide.fabric.asbrowser.WeblogicSOAServer. < init > (WeblogicSOAServer.java:68)
at oracle.tip.tools.ide.fabric.asbrowser.ASBrowserHelper.listWeblogicSOAServers(ASBrowserHelper.java:275)
at oracle.tip.tools.ide.fabric.asbrowser.ASBrowserHelper.listSOAServers(ASBrowserHelper.java:201)
to oracle.tip.tools.ide.fabric.asbrowser.ASBrowserHelper$ RunnableListSOAServers.run (ASBrowserHelper.java:333)
at oracle.ide.dialogs.ProgressBar.run(ProgressBar.java:655)
at java.lang.Thread.run(Thread.java:662)
Caused by: java.lang.NullPointerException
at java.util.StringTokenizer. < init > (StringTokenizer.java:182)
at java.util.StringTokenizer. < init > (StringTokenizer.java:219)
at weblogic.utils.StringUtils.splitCompletely(StringUtils.java:119)
at weblogic.socket.utils.ProxyUtils.getProxySocket(ProxyUtils.java:178)
at weblogic.socket.utils.ProxyUtils.getSSLClientProxy(ProxyUtils.java:235)
at weblogic.socket.SocketMuxer.newSSLClientSocket(SocketMuxer.java:396)
at weblogic.socket.SocketMuxer.newSSLClientSocket(SocketMuxer.java:414)
at weblogic.socket.ChannelSSLSocketFactory.createSocket(ChannelSSLSocketFactory.java:82)
at weblogic.socket.ChannelSSLSocketFactory.createSocket(ChannelSSLSocketFactory.java:119)
at weblogic.socket.BaseAbstractMuxableSocket.createSocket(BaseAbstractMuxableSocket.java:133)
at weblogic.rjvm.t3.MuxableSocketT3.newSocketWithRetry(MuxableSocketT3.java:214)
at weblogic.rjvm.t3.MuxableSocketT3.connect(MuxableSocketT3.java:383)
at weblogic.rjvm.t3.ConnectionFactoryT3S.createConnection(ConnectionFactoryT3S.java:44)
at weblogic.rjvm.ConnectionManager.createConnection(ConnectionManager.java:1784)
at weblogic.rjvm.ConnectionManager.findOrCreateConnection(ConnectionManager.java:1424)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:443)
at weblogic.rjvm.ConnectionManager.bootstrap(ConnectionManager.java:321)
at weblogic.rjvm.RJVMManager.findOrCreateRemoteInternal(RJVMManager.java:254)
at weblogic.rjvm.RJVMManager.findOrCreate(RJVMManager.java:197)
at weblogic.rjvm.RJVMFinder.findOrCreateRemoteServer(RJVMFinder.java:238)
at weblogic.rjvm.RJVMFinder.findOrCreateInternal(RJVMFinder.java:200)
at weblogic.rjvm.RJVMFinder.findOrCreate(RJVMFinder.java:170)
at weblogic.rjvm.ServerURL.findOrCreateRJVM(ServerURL.java:153)
at weblogic.jndi.WLInitialContextFactoryDelegate.getInitialContext(WLInitialContextFactoryDelegate.java:353)
at weblogic.jndi.Environment.getContext(Environment.java:315)
at weblogic.jndi.Environment.getContext(Environment.java:285)
at weblogic.jndi.WLInitialContextFactory.getInitialContext(WLInitialContextFactory.java:117)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
to javax.naming.InitialContext. < init > (InitialContext.java:197)
to oracle.soa.management.internal.facade.ServerManagerImpl. < init > (ServerManagerImpl.java:76)
at oracle.soa.management.internal.facade.ServerManagerFactoryImpl.createServerManager (ServerManagerFactoryImpl.java:28)
at oracle.tip.tools.ide.fabric.asbrowser.WeblogicSOAServer.initPartitions(WeblogicSOAServer.java:85)
... 6 more
On weblogic server I get rest of newspapers at the end after starting the server. Don't know if this is the problem:
< Opinion > < WebLogicServer > < BEA-000365 > < Server State has changed in the RACE >
< Opinion > < WebLogicServer > < BEA-000360 > < server started operation >
lookupEngineLocalBean using JNDI {java: comp/env/ejb/local/bpmn/CubeEngineBean} for engine type {bpmn}
lookupEngineLocalBean using JNDI {java: comp/env/ejb/local/bpel/CubeEngineBean} for engine type {bpel}
line 06:12 not match expected character "of folklore <>" "" "
SOA platform is running and is accepting applications
line 03:12 not match expected character "of folklore <>" "" "
I already tried to reinstall everthing from scratch... Any help is appreciated.
Thanks in advance.
Published by: 925432 on April 4, 2012 02:32Hello
It seems that your JDev is probably configured to use a proxy server, as in the stack trace, you see a line "weblogic.socket.utils.ProxyUtils.getProxySocket".
Please try to remove the proxy configuration in JDev.
Go to tools-> Preferences-> Web browser and Proxy-> uncheck "Use a Proxy HTTP Server" if it exists.
You may also need to restart JDeveloper.
I hope this helps.
-Cris
-
Satrtup admin server fails with the error user weblogic is not allowed to start the server
Hello
The server administrator is not come, his failure with the error below.
< 25 may 2014 10:28:35 PM PDT > < critical > < WebLogicServer > < BEA-000386 > < server subsystem failed. Reason: weblogic.security.SecurityInitializationException: weblogic user is not allowed to start the server; The server policy may have changed so that the user is no longer able to start the server. Restart the server with an administrative user account, or contact the system administrator to update the definitions of server policies.
weblogic.security.SecurityInitializationException: weblogic user is not allowed to start the server; The server policy may have changed so that the user is no longer able to start the server. Restart the server with an administrative user account, or contact the system administrator to update the definitions of server policies.
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:1010)
at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
at weblogic.security.SecurityService.start(SecurityService.java:141)
at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
Truncated. check the log file full stacktrace.
I tried to reset the password by link, below, it has not helped. Always face the question. Help, please
http://www.WebLogic-tips.com/WLS-security/
Thank you
Pradeep
Hi all
It worked after you run the java command in the Security directory. When setDomain.sh term, it redirects to DOMAIN_HOME. From there, go to the directory of securities and run the java command to reset the password.
Thank you
Pradeep
-
Help of LR is unable to find the server
I use Lightroom CC and when I select help Lightroom help... menu, Safari cannot find the server.
Shootistbond007 wrote:
Try a different web browser. Works fine here with Chrome.
Works fine on my Mac with Safari... so do not clog your Mac with unnecessary additional applications...
What version of the OS, Version of Safari and Lightroom is aware?
Did you restart the Mac?
Here is the link
-
Channel listen Email1.0 - configuration do not delete email from the server
Hello
When channel listen to B2B email bed, can it be configured (in B2B) to not not delete email from the server?
Thank you
GaneshHi Ganesh,
listener email from B2B will mark as deleted read mail
so no matter the imap/pop3. This is the behavior.as listener will only read if flag is not removed... just to avoid to read twice...
Thank you
Vijay -
Need help mouse Touchpad not working not properly (HP Pavilion g6-2005ax)
Problem: Mouse Touchpad doesn't work does not correctly (HP Pavilion g6-2005ax)
Product name: HP Pavilion g6-2005ax Notebook PC (Windows 7 home basic 64-bit)
Software: Synaptics Touchpad on PS/2 Port V7.51 week back I bought Pavilion g6-2005ax laptop since then my mouse touchpad is not working properly
Remains of structures between the two using the touchpad, this problem exists until the system needs restart again and again, just for this touchpad problem
If I really disappointed just for this problem
so please help me to answer how can I solve this problem.Awaiting your quick response
Thank you
Hello
Please find the link given below might help you solve your problem.
-
FlashDrive work just need help? can not open files
I need help read the files.
Hello
1 did you change on your computer before this problem?
2. this issue occurs when opening a particular file in a flash drive?
3. what happens when you try to open the files?
4 What is the flash player recognize in disk management and Device Manager?
5. which version of the operating system is installed on your computer?
6. what version of the operating system Windows am I running?
Post back with more information for you help in this matter.
Reference:
Open the Device Manager
http://Windows.Microsoft.com/en-us/Windows7/open-Device-Manager
Hardware devices do not work or are not detected in Windows
http://support.Microsoft.com/mats/hardware_device_problems/en-us
-
I have a Gateway with Windows 8 computer is installed. I installed Dreamweaver CS5 to manage my Web site, and it will remain not connected to the server. Also, it will not play flash and said I need a flash plug-in. Help, please
#1, try the FTP mode passive switching power in the definition of your remote server site.
#2 with the exception of a handful of gaming sites, Flash is a web technology dead. It is not taken care of by iPhone, iPad, iTouch, Android, etc... I don't recommend to use Flash for anything these days. Better to use HTML5, JavaScript, and CSS level 3.
Nancy O.
-
Need help - X1CT could not find a Bluetooth mouse
Hi all
I just bought a bluetooth mouse to use with my X1CT. The mouse is Microsoft sculpt mouse. However, my laptop can not find even if the bluetooth function seems to work well.
Can someone help me on this issue? Thank you.
Best,
viviparuz
Hello Viviparuz!
Welcome to the Support Forums! A mouse has been assigned to the pairing mode?
I think you'll find this Microsoft Article for useful Configuration mouse BT . Let me know if you have any other questions.
-
Cisco ASA 5505 remote VPN access to the local network
I have installed two ASA 5505 VPN site to site that works perfectly. Now, I also need to have 1 customer site to remote access VPN with Cisco VPN dialer. I can get the VPN dialer to connect the VPN and get a VPN IP address, but I do not have access to the remote network. can someone take a look and see what I'm missing? I have attached the ASA running config.
Apologize for the misunderstanding.
To access the remote vpn client 10.10.100.x subnet, the vpn-filter ACL is the opposite.
Please please share the following ACL:
FROM: / * Style Definitions * / table. MsoNormalTable {mso-style-name : « Table Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ; mso-bidi-font-family : « Times New Roman » ; mso-bidi-theme-font : minor-bidi ;}
outside_cryptomapVPN list of allowed ip extended access any 10.10.20.0 255.255.255.224
TO:
/ * Style definitions * / table. MsoNormalTable {mso-style-name : « Table Normal » ; mso-tstyle-rowband-taille : 0 ; mso-tstyle-colband-taille : 0 ; mso-style-noshow:yes ; mso-style-priorité : 99 ; mso-style-qformat:yes ; mso-style-parent : » « ;" mso-rembourrage-alt : 0 cm 5.4pt cm 0 5.4pt ; mso-para-marge-haut : 0 cm ; mso-para-marge-droit : 0 cm ; mso-para-marge-bas : 10.0pt ; mso-para-marge-gauche : 0 cm ; ligne-hauteur : 115 % ; mso-pagination : widow-orphelin ; police-taille : 11.0pt ; famille de police : « Calibri », « sans-serif » ; mso-ascii-font-family : Calibri ; mso-ascii-theme-font : minor-latin ; mso-hansi-font-family : Calibri ; mso-hansi-theme-font : minor-latin ; mso-bidi-font-family : « Times New Roman » ; mso-bidi-theme-font : minor-bidi ;}
outside_cryptomapVPN to access extended list ip 10.10.20.0 allow 255.255.255.224 all
Hope that helps.
-
ASA 5505 - remote access VPN to access various internal networks
Hi all
A customer has an ASA 5505 with a remote access vpn. They are moving their internal network to a new regime and that you would be the users who come on the vpn to access the existing and new networks. Currently can only access the existing. When users connect to access remote vpn, the asa gave them the address 192.168.199.x. The current internal network is 200.190.1.x and that they would reach their new network of 10.120.110.x.
Here is the config:
:
ASA Version 8.2 (5)
!
ciscoasa hostname
enable encrypted password xxx
XXX encrypted passwd
names of
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
IP 200.190.1.15 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP address 255.255.255.0 xxxxxxx
!
exec banner the ACCESS NOT AUTHORIZED IS STRICTLY PROHIBITED
connection of the banner the ACCESS NOT AUTHORIZED IS STRICTLY PROHIBITED
banner asdm the ACCESS NOT AUTHORIZED IS STRICTLY PROHIBITED
passive FTP mode
access extensive list ip 200.190.1.0 inside_access_in allow 255.255.255.0 any
outside_access_in list extended access permit icmp any external interface
access extensive list ip 192.168.199.0 outside_access_in allow 255.255.255.192 host 10.120.110.0
Standard access list MD_IPSEC_Tun_Gp_splitTunnelAcl allow 200.190.1.0 255.255.255.0
MD_IPSEC_Tun_Gp_splitTunnelAcl list standard access allowed host 10.120.110.0
access extensive list ip 200.190.1.0 inside_nat0_outbound allow 255.255.255.0 192.168.199.0 255.255.255.192
inside_nat0_outbound list extended access allowed host ip 10.120.110.0 192.168.199.0 255.255.255.192
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
mask 192.168.199.10 - 192.168.199.50 255.255.255.0 IP local pool Remote_IPSEC_VPN_Pool
IP verify reverse path to the outside interface
ICMP unreachable rate-limit 1 burst-size 1
ICMP allow any inside
ICMP allow all outside
don't allow no asdm history
ARP timeout 14400
Global 1 interface (outside)
NAT (inside) 0-list of access inside_nat0_outbound
NAT (inside) 1 200.190.1.0 255.255.255.0
inside_access_in access to the interface inside group
Access-group outside_access_in in interface outside
Route outside 0.0.0.0 0.0.0.0 190.213.43.1 1
Route inside 10.120.110.0 255.255.255.0 200.190.1.50 1
Route inside 192.168.50.0 255.255.255.0 200.190.1.56 1
Route inside 192.168.60.0 255.255.255.0 200.190.1.56 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
http server enable 10443
http server idle-timeout 5
Server of http session-timeout 30
HTTP 200.190.1.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
Dynamic crypto map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
outside_map interface card crypto outside
Crypto ca trustpoint _SmartCallHome_ServerCA
Configure CRL
Crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca 6ecc7aa5a7032009b8cebcf4e952d491
(omitted)
quit smoking
crypto ISAKMP allow outside
crypto ISAKMP policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
Crypto isakmp nat-traversal 3600
Telnet timeout 5
SSH 200.190.1.0 255.255.255.0 inside
SSH timeout 5
SSH version 2
Console timeout 5
dhcpd outside auto_config
!
a basic threat threat detection
scanning-threat shun threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
WebVPN
allow outside
internal MD_SSL_Gp_Pol group strategy
attributes of Group Policy MD_SSL_Gp_Pol
VPN-tunnel-Protocol webvpn
WebVPN
list of URLS no
disable the port forward
hidden actions no
disable file entry
exploration of the disable files
disable the input URL
internal MD_IPSEC_Tun_Gp group strategy
attributes of Group Policy MD_IPSEC_Tun_Gp
value of banner welcome to remote VPN
VPN - connections 1
VPN-idle-timeout 5
Protocol-tunnel-VPN IPSec webvpn
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list MD_IPSEC_Tun_Gp_splitTunnelAcl
the address value Remote_IPSEC_VPN_Pool pools
WebVPN
value of the RDP URL-list
attributes of username (omitted)
VPN-group-policy MD_IPSEC_Tun_Gp
type of remote access service
type tunnel-group MD_SSL_Profile remote access
attributes global-tunnel-group MD_SSL_Profile
Group Policy - by default-MD_SSL_Gp_Pol
type tunnel-group MD_IPSEC_Tun_Gp remote access
attributes global-tunnel-group MD_IPSEC_Tun_Gp
address pool Remote_IPSEC_VPN_Pool
Group Policy - by default-MD_IPSEC_Tun_Gp
IPSec-attributes tunnel-group MD_IPSEC_Tun_Gp
pre-shared key *.
!
!
context of prompt hostname
: end
The following ACL and NAT exemption ACL split tunnel is incorrect:
MD_IPSEC_Tun_Gp_splitTunnelAcl list standard access allowed host 10.120.110.0
inside_nat0_outbound list extended access allowed host ip 10.120.110.0 192.168.199.0 255.255.255.192
It should have been:
Standard access list MD_IPSEC_Tun_Gp_splitTunnelAcl allow 10.120.110.0 255.255.255.0
access extensive list ip 10.120.110.0 inside_nat0_outbound allow 255.255.255.0 192.168.199.0 255.255.255.192
Then 'clear xlate' and reconnect with the VPN Client.
Hope that helps.
Maybe you are looking for
-
Don't load your Firefox profile. May be missing or inaccessible.
Don't load your Firefox profile. May be missing or inaccessible.
-
Firefox 4.0b1Learn minimize/maximize/close buttons in Menu modeNo menu mode, only the Firefox button is available. This has happened Each time Firefox opened is Firefox 4.0b1
-
What happened to all the drivers (HP Envy m6-n010dx)?
Hello. I have recently reinstalled Windows 8.1 and wanted to get some of the drivers on the HP site that generally I found nowhere else. I noticed that the driver HP Web site has more all the drivers for my laptop? http://h10025.www1.HP.com/ewfrf/wc/
-
NI-VISA DURATION 5.4.1 questions about the installer.
All, I have a question that I hope you can help me with. I have a user that I am trying to run an installer for Labview 2012 with Runtime OR 5.4.1. When I run the installer with the driver NI-VISA of Runtime 5.4.1 checked, I get an error that says th
-
HP 8620: by default, assistant hp printer connected instead of opening on laptop
The Printer Wizard does not more open on my desk so I can't start analyses unless you use Panel on the 8620. Instead of opening, it brings me on the HPConnected site online. Nothing helps to solve this problem. I uninstalled and reinstalled the p