Need help with the configuration of the Site with crossed on Cisco ASA5510 8.2 IPSec VPN Client (1)
Need urgent help in the configuration of the Client VPN IPSec Site with crossed on Cisco ASA5510 - 8.2 (1).
Here is the presentation:
There are two leased lines for Internet access - a route 1.1.1.1 and 2.2.2.2, the latter being the default Standard, old East for backup.
I was able to configure the Client VPN IPSec Site
(1) with access to the outside so that the internal network (172.16.0.0/24) behind the asa
(2) with Split tunnel with simultaneous assess internal LAN and Internet on the outside.
But I was not able to make the tradiotional model Hairpinng to work in this scenario.
I followed every possible suggestions made on this subject in many topics of Discussion but still no luck. Can someone help me here please?
Here is the race-Conf with Normal Client to Site IPSec VPN configured with no access boarding:
LIMITATION: Cannot boot into any other image ios for unavoidable reasons, must use 8.2 (1)
race-conf - Site VPN Customer normal work without internet access/split tunnel |
---|
: ASA Version 8.2 (1) ! ciscoasa hostname domain cisco.campus.com enable the encrypted password xxxxxxxxxxxxxx XXXXXXXXXXXXXX encrypted passwd names of ! interface GigabitEthernet0/0 nameif outside internet1 security-level 0 IP 1.1.1.1 255.255.255.240 ! interface GigabitEthernet0/1 nameif outside internet2 security-level 0 IP address 2.2.2.2 255.255.255.224 ! interface GigabitEthernet0/2 nameif dmz interface security-level 0 IP 10.0.1.1 255.255.255.0 ! interface GigabitEthernet0/3 nameif campus-lan security-level 0 IP 172.16.0.1 255.255.0.0 ! interface Management0/0 nameif CSC-MGMT security-level 100 the IP 10.0.0.4 address 255.255.255.0 ! boot system Disk0: / asa821 - k8.bin boot system Disk0: / asa843 - k8.bin passive FTP mode DNS server-group DefaultDNS domain cisco.campus.com permit same-security-traffic inter-interface permit same-security-traffic intra-interface object-group network cmps-lan the object-group CSC - ip network object-group network www-Interior object-group network www-outside object-group service tcp-80 object-group service udp-53 object-group service https object-group service pop3 object-group service smtp object-group service tcp80 object-group service http-s object-group service pop3-110 object-group service smtp25 object-group service udp53 object-group service ssh object-group service tcp-port port udp-object-group service object-group service ftp object-group service ftp - data object-group network csc1-ip object-group service all-tcp-udp access list INTERNET1-IN extended permit ip host 1.2.2.2 2.2.2.3 access-list extended SCC-OUT permit ip host 10.0.0.5 everything list of access CAMPUS-LAN extended permitted tcp 172.16.0.0 255.255.0.0 any eq www list of access CAMPUS-LAN extended permitted tcp 172.16.0.0 255.255.0.0 any https eq list of access CAMPUS-LAN extended permitted tcp 172.16.0.0 255.255.0.0 any eq ssh list of access CAMPUS-LAN extended permitted tcp 172.16.0.0 255.255.0.0 no matter what eq ftp list of access CAMPUS-LAN extended permitted udp 172.16.0.0 255.255.0.0 no matter what eq field list of access CAMPUS-LAN extended permitted tcp 172.16.0.0 255.255.0.0 any eq smtp list of access CAMPUS-LAN extended permitted tcp 172.16.0.0 255.255.0.0 any eq pop3 access CAMPUS-wide LAN ip allowed list a whole access-list CSC - acl note scan web and mail traffic access-list CSC - acl extended permit tcp any any eq smtp access-list CSC - acl extended permit tcp any any eq pop3 access-list CSC - acl note scan web and mail traffic access-list extended INTERNET2-IN permit tcp any host 1.1.1.2 eq 993 access-list extended INTERNET2-IN permit tcp any host 1.1.1.2 eq imap4 access-list extended INTERNET2-IN permit tcp any host 1.1.1.2 eq 465 |
access-list extended INTERNET2-IN permit tcp any host 1.1.1.2 eq www
access-list extended INTERNET2-IN permit tcp any host 1.1.1.2 eq https
access-list extended INTERNET2-IN permit tcp any host 1.1.1.2 eq smtp
access-list extended INTERNET2-IN permit tcp any host 1.1.1.2 eq pop3
access-list extended INTERNET2-IN permit ip any host 1.1.1.2
access-list sheep extended ip 172.16.0.0 allow 255.255.0.0 172.16.0.0 255.255.0.0
access list DNS-inspect extended permit tcp any any eq field
access list DNS-inspect extended permit udp any any eq field
access-list extended capin permit ip host 172.16.1.234 all
access-list extended capin permit ip host 172.16.1.52 all
access-list extended capin permit ip any host 172.16.1.52
Capin list extended access permit ip host 172.16.0.82 172.16.0.61
Capin list extended access permit ip host 172.16.0.61 172.16.0.82
access-list extended capout permit ip host 2.2.2.2 everything
access-list extended capout permit ip any host 2.2.2.2
Access campus-lan_nat0_outbound extended ip 172.16.0.0 list allow 255.255.0.0 192.168.150.0 255.255.255.0
pager lines 24
Enable logging
debug logging in buffered memory
asdm of logging of information
Internet1-outside of MTU 1500
Internet2-outside of MTU 1500
interface-dmz MTU 1500
Campus-lan of MTU 1500
MTU 1500 CSC-MGMT
IP local pool 192.168.150.2 - 192.168.150.250 mask 255.255.255.0 vpnpool1
IP check path reverse interface internet2-outside
IP check path reverse interface interface-dmz
IP check path opposite campus-lan interface
IP check path reverse interface CSC-MGMT
no failover
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 621.bin
don't allow no asdm history
ARP timeout 14400
interface of global (internet1-outside) 1
interface of global (internet2-outside) 1
NAT (campus-lan) 0-campus-lan_nat0_outbound access list
NAT (campus-lan) 1 0.0.0.0 0.0.0.0
NAT (CSC-MGMT) 1 10.0.0.5 255.255.255.255
static (CSC-MGMT, internet2-outside) 2.2.2.3 10.0.0.5 netmask 255.255.255.255
Access-group INTERNET2-IN interface internet1-outside
group-access INTERNET1-IN interface internet2-outside
group-access CAMPUS-LAN in campus-lan interface
CSC-OUT access-group in SCC-MGMT interface
Internet2-outside route 0.0.0.0 0.0.0.0 2.2.2.5 1
Route internet1-outside 0.0.0.0 0.0.0.0 1.1.1.5 2
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-registration DfltAccessPolicy
the ssh LOCAL console AAA authentication
AAA authentication enable LOCAL console
Enable http server
http 10.0.0.2 255.255.255.255 CSC-MGMT
http 10.0.0.8 255.255.255.255 CSC-MGMT
HTTP 1.2.2.2 255.255.255.255 internet2-outside
HTTP 1.2.2.2 255.255.255.255 internet1-outside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 pfs set group5
Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
Crypto map internet2-outside_map 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
crypto internet2-outside_map outside internet2 network interface card
Crypto ca trustpoint _SmartCallHome_ServerCA
Configure CRL
Crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca xyzxyzxyzyxzxyzxyzxyzxxyzyxzyxzy
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as a67a897as
a67a897as a67a897as a67a897as a67a897as a67a897as
quit smoking
ISAKMP crypto enable internet2-outside
crypto ISAKMP policy 10
preshared authentication
aes encryption
md5 hash
Group 2
life 86400
Telnet 10.0.0.2 255.255.255.255 CSC-MGMT
Telnet 10.0.0.8 255.255.255.255 CSC-MGMT
Telnet timeout 5
SSH 1.2.3.3 255.255.255.240 internet1-outside
SSH 1.2.2.2 255.255.255.255 internet1-outside
SSH 1.2.2.2 255.255.255.255 internet2-outside
SSH timeout 5
Console timeout 0
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
WebVPN
internal VPN_TG_1 group policy
VPN_TG_1 group policy attributes
Protocol-tunnel-VPN IPSec
username ssochelpdesk encrypted password privilege 15 xxxxxxxxxxxxxx
privilege of encrypted password username administrator 15 xxxxxxxxxxxxxx
username vpnuser1 encrypted password privilege 0 xxxxxxxxxxxxxx
username vpnuser1 attributes
VPN-group-policy VPN_TG_1
type tunnel-group VPN_TG_1 remote access
attributes global-tunnel-group VPN_TG_1
address vpnpool1 pool
Group Policy - by default-VPN_TG_1
IPSec-attributes tunnel-group VPN_TG_1
pre-shared-key *.
!
class-map cmap-DNS
matches the access list DNS-inspect
CCS-class class-map
corresponds to the CSC - acl access list
!
!
type of policy-card inspect dns preset_dns_map
parameters
message-length maximum 512
Policy-map global_policy
CCS category
CSC help
cmap-DNS class
inspect the preset_dns_map dns
!
global service-policy global_policy
context of prompt hostname
Cryptochecksum: y0y0y0y0y0y0y0y0y0y0y0y0y0y
: end
Adding dynamic NAT for 192.168.150.0/24 on the external interface works, or works the sysopt connection permit VPN
Please tell what to do here, to pin all of the traffic Internet from VPN Clients.
That is, that I need clients connected via VPN tunnel, when connected to the internet, should have their addresses IP NAT'ted against the address of outside internet2 network 2.2.2.2 interface, as it happens for the customers of Campus (172.16.0.0/16)
I am well aware of all involved in here, so please be elaborative in your answers. Please let me know if you need more information about this configuration to respond to my request.
Thank you & best regards
MAXS
Hello
If possible, I'd like to see that a TCP connection attempt (e.g. http://www.google.com) in the ASDM logging of the VPN Client when you set up the dynamic NAT for the VPN Pool also.
I'll try also the command "packet - trace" on the SAA, while the VPN Client is connected to the ASA.
The command format is
packet-tracer intput tcp
That should tell what the SAA for this kind of package entering its "input" interface
Still can not see something wrong with the configuration (other than the statement of "nat" missing Dynamics PAT)
-Jouni
Tags: Cisco Security
Similar Questions
-
Try to incorporate html 5 in the apex... need help with cross-border
I was looking for in Roel Hartmans link on how to create html text items.
I had used a plugin to create the html text element. .
I did not understand how to get a border coloured as
email and url's for that link...
http://Apex.Oracle.com/pls/Apex/f?p=22115:2:0:no:
I guess it's something to do with the css... If anyone has any idea pls do let me know
I would also like my text objects to be rounded.E > >
I need to replicate in the same way as invalid so only when the e-mail is correctly entered it turns gray
And in telephone unit for the attribute of the form element I have I call class = "invalid."He gets the text with pink background color element, but it does not turn grey...
Browsers that support HTML5 of entry controls and CSS3 : invalid pseudo-class provide this out-of-the-box behavior. In browsers without this support, the control will be look and behave like an element of basic text. Using a standard class of invalid attribute is not somehow the same. Build this behavior yourself for browsers without HTML5 support is much more complicated. (It would be an idea looking for plug-ins which provide similar functionality).I'd be inclined to use these HTML5/CSS3 features like a form of progressive enhancement, their inclusion to the benefit of users with compatible browsers and enabling them to degrade gracefully to basic controls in older versions, where your standard APEX validation will go and indicate possible errors.
Note that there is an example of a phone number item in the section 'Find the boss' of the article linked.
-
Need help! The site reappears at the opening and then turns off!
I just finished doing the version phone for my site and returned to check the version of office and they are all gone. White pages.
I closed the app, reopened it and the same thing happens. A ton of work, two versions of desktop and tablet are gone, completely empty, but the version of phone is still there. I did not remove anything. Any suggestions?
Maybe Re: Muse problem - the content of pages are disappearing>?
-
Need help with the ip configuration on/etc/hosts for the installation of 11 GR 2 on linux vmware 6 on win7.
Let me know if you need more info... in fact I have a setting error while installation said
-(/ etc/hosts has no correct entry for the host name)
Host: 192.168.85.100
Win7 ip: 192.168.1.x
Thank you...
(host computer)
Win7 64 bit
(vmware)
Oracle Linux Server 6.3 version
Release of Red Hat Enterprise Linux Server 6.3 (Santiago)
Oracle Linux Server 6.3 version
-(/ etc/hosts has no correct entry for the host name)
Then post your/etc/hosts.
Host: 192.168.85.100
Win7 ip: 192.168.1.x
Why 85? have you tried 192.168.1.100?
-
Need help with native VPN client for Mac to the Configuration of the VPN router RV082
Guys,
I am trying to set up router RV082 VPN Client with native Mac for my remote access. However, no matter what I did, I'm not able to make works. Can any give me an example of how to set my router RV082 and Mac Book Pro (Mountain Lion)?
Thank you
Hi Jixian, the native client MAC does not work. The IPSEC VPN client is the same as the 5.x Cisco VPN client is not supported on this device.
Your alternatives are to use PPTP or a 3rd party IPsec client such as ipsecuritas.
-Tom
Please evaluate the useful messages -
Need help with the settings of the firewall for Firefox
My wireless connection is fine, but all of a sudden my mozilla firefox browser cannot connect to Web sites. I can connect using another browser. Looks like I need to change the firewall settings, but I don't know how. How can I distribute my browser to work again? Don't know what happened to start blocking it, but it just happened some time this morning.
Hi Tara,
You can check the link and follow the steps and check if this may help;
Configure the firewall so that Firefox can access the Internet
http://support.Mozilla.org/en-us/KB/configure-firewalls-so-Firefox-can-access-Internet
Is has problems, I suggest you to contact the Mozilla Firefox support,.
http://support.Mozilla.org/en-us/products/Firefox
If you need help with Windows, please do not hesitate to post. We will be happy to help you.
-
Need help with the data storage store, local array and network connections
Need help with my ESXi 4.1 installation
My hardware:
I built a server with an Asus P6T whitebox, i7 920, 12 Gig RAM, NIC, Intel Pro1000 PT Quad, 3ware 9650SE-12ML with 8 1.5 TB SATA green in a raid 6 array gives me about 8 + TB with a spare drive all housed within a NORCO RPC-4220 4U Rackmount Server chassis. I also have a 500 GB SATA drive which will hold the ESXi and virtual machines.
The network includes a firewall, Netgear Prosafe FVS336G, GS724Tv of Netgear ProSafe 24 port Gigabit Managed Switch on a dhcp cable modem internet service provider.
I also have 2 old NetGear SC101T NAS disks (4to) I want to connect to the system how some - at a later date have... data on them and want to transfer to the new storage array. I always looking into the question of whether they will work with ESXi 4.1, or I might have to only access it through Windows XP.
My Situation:
I have already installed ESXi 4.1 and vsphere client with no problems and it is connected to a dhcp cable internet service. I've set up host via a dynamic DNS service name give me a static hostname on the internet. I installed three machines to virtual OS successfully at the moment and now want to first start by creating a multimedia storage server which will use some of this new 8 TB array, then separate data storage for use with a web server small overhead storage and a backup. It is a domestic installation.
Help with the data store and network:
I was doing some reading, because I'm new to this, and it looks like I'll probably want to set up my table via ESXi as a nfs disk format. Now, the data store is usually in another physical box from what I understand, but I put my readers and ESXi all in the same box. I'm not sure that the best way to put in place with grouped network cards, but I want to make this work.
I understand that in ESXi 4.1 using iSCSi LUN must be less than 2 TB, but nfs - I should be able to add a bigger partition then 2 TB (for my multimedia) in nfs, right? or should I still add it separately as a separate 2 TB drives and then extend them to get the biggest space.
Any suggestions or direct resources showing examples on how to actually add some parts of the table as data warehouses separate nfs. I know that to go to the configuration tab, and then select Add to storage, and then select nfs. I have not my picture, but it's here that I don't know what to do because ESXi 4.1 system already has an address, should I put the same thing to the new data store array also (will it work?), and what should I use for the name of the folder and the store of data... just do something to the top. I thought to later install Openfiler (for a multimedia storage using this table server) as a virtual machine, use the table with esxi so that I can access the same storage space with widows and linux-based systems.
I also know I have to find a way to better use my quad nic card... put in place of virtual switches, grouping, etc HELP?
Any direction, assistance, similar facilities to sample, suggestions or resources that would help would be great. I did a lot of hunting, but still a little confused on how to best to put in place.
You must think of VMDK files of large databases with records of random size guest go read some data (a DLL or an INI file), maybe write some data back, then go read other data. Some files are tiny, but certain DLLs are several megabytes. It's random i/o all and heavy on the search time. IO Opsys is small random operations that are often sequential (go read data, write data, go read other data,...) so that deadlines are critical to the overall performance. That's why people say OPS are / s of reference and forget the MBs flow. The only time where you bulk transfers are when you read media (ISO files).
Well, now forget all this. Actually the disk activity will depend on the specific applications (database? mail server? machines compiler?), but the above is true for boots, and whenever applications are idle. You should see the profile to know.
RAID 10 is faster (and often more reliable) than RAID 5 or RAID-6 except in certain specific cases. In General RAID 10 is ideal for many random writes, since the calculation of parity for RAID-5 and - 6 adds to the overall latency between command and response - latency is cumulative if a little slow here and a little slow it adds up to a lot of overall slow synchronous especially with e/s on a network. OTOH RAID-5 and -6 can produce faster readings due to the number of heads, so you can use it for virtual machines that transfer bulk. Test. You may find that you need several different types subdashboards for best results.
You said 3ware, they have some good grades on their site, but don't believe it. With my 9650 that I found myself with only a couple of their recommendations-, I put the (simple) table for allocation size 256 k, nr_requests at 2 x the queue_depth and use the planner date limit. I had the habit for the Ext4 file system formatted with stride and stripe-width synced to the table and used the options large_files with fewer inodes (do not use the huge_files option unless you plan to have single VMDK files in the terabyte range). Use a cache of great reading in advance.
Virtual machines use VMDK files in all cases except raw iSCSI LUN that they treat native disks. VMDK is easier to manage - you can make a backup by copying the file, you can move it to a PC and load it into another flavour of VMware, etc. There could be some features iSCSI to your San as a transparent migration but nothing for me. NFS has less chatter of Protocol if latency lower times to complete an operation. NFS is good to read and write a block of data, that's all it boils down to.
UPS is good, but it won't help if something inside the machine explodes (UPS does nothing if the PC power supply goes down). If the RAID card has an option for a battery backup module, so it can contain some writings in memory and may end up the disk i/o after replacing the power supply. 3ware also limits the types of caching available if help is not installed, and you get just the right numbers with the module.
-
Hello
Need help with my Mail window. I can't export my message to the PST format. I keep getting the message error "an error occurred during initialization of MAPI". Y at - it solution or another method?
Hi ErikLee,
Do you have MS Outlook installed on your computer?
Windows mail import and export opportunities are limited to an Outlook .pst file or an Exchange Server mailbox. They are available only if MS Outlook is installed.
If MS Outlook is not installed and you start an import or export action, the necessary support files are not present for Windows mail complete the operation. Then I suggest you to install Outlook temporarily and see if the problem is resolved.Follow the instructions below and check if the problem is resolved.
1. reboot your computer, and then start Windows Mail.
2. on the Tools menu, click Options.
3. in the connection tab, click on edit to open the Internet Properties dialog box.
4. in the tab programs, click on an application other than Windows mail e-mail in the e-mail list. Click on apply and then click OK.
5. click OK again to close the Options dialog box.
6. exit Windows mail and restart Windows mail.If this does not work, I suggest you upgrade to Windows Live Mail to import or export messages that may help you resolve the issue.
To download Windows Live Mail, visit the following Microsoft Web site:
http://get.live.com/wlmail/overviewFor more information about Windows Live Mail, see the Microsoft Web site at the following address:
http://windowshelp.Microsoft.com/Windows/en-us/help/4b30d3d6-abe2-46d1-a5fd-4a1ba786a1381033.mspxCheck whether the problem is resolved.
Please post back and let us know if it helped to solve your problem.
Kind regards
KarthiK TP -
I'm on Acrobat 10 for mac and I need help with the distribution of shape feature. Is there a way to change the registration e-mail download addressed to the? Currently all forms I create and then distribute may only be subjected to my email account... I appreciate any help!
Do not use the feature distribute the form. Instead of this, just put up a button "submit" and configure it to send email using any email address you want. Just add a button and set the action of the mouse upward on "Submit a form" and use a type mailto URL and specify that you want to send the full PDF. Then activate the reader of the document: where "Advanced/extended features in Adobe Reader" is located in Acrobat XI?
If you really want to use distribute the form for some reason, change the e-mail address in your preferences: Edit > Preferences > identity > Email address
-
need help with the mac version of PES
need help with the mac version of PES
If you follow the 7 steps you can dl a trial via the links here: http://prodesigntools.com/tag/ddl
and activate it with your serial number.
If you have a problem dl'g, you don't follow all 7 steps. the most common mistake is not meticulously follow the steps 1, 2, and/or 3 (which adds a cookie to your system, allowing you to download the correct version of the adobe.com site).
p.s. If you need a more direct link, you must specify the exact version you want.
-
Several uses for the final product, need help with Render &; output parameters
Aloha, this is my 1st time in this forum... posted this question in Premier Pro and has been mentioned here.
I created an effect straight project. I want to make four 4 very specific uses. Unfortunately, I don't know anything about these formats to be given options in AE - CS4. One of the many 'rendering settings' and 'output module' settings 'make model '. This seems the best option for me given my future use: 1) for the DVD; (2) for electronic mail; (3) for YouTube. (4) my web site. I read and reread the rendering and export options in the manual of use-AE CS4 without success in understanding what each option should be used for. I need help in the translation of pixelpicker-talk.
Can someone help me about these accurate "rendering settings" and "output module" parameters listed in AE in the option "make and model"?
Thanks a lot... come visit the watrer is warm and clear as always.
KonaDon
I understand - I think the article using After Effects is a very complete resource, explaining the various features and their purposes. But the real world is full of special cases that are very difficult to address in a manual. In addition, it is a moving target. Different best options today probably the best choice, next year.
Let's see if we can help here:
1-. DVD: on the technical side, it is always MPEG-2. A very specific taste of MPEG-2. But while After Effects will let you export a file of this type (choosing the MPEG - 2 DVD is predefined in the output Module), it is also true that most of the applications (such as Adobe Encore DVD) DVD authoring are very friendly in terms of letting you wear one (ideally, uncompressed) Quicktime or AVI (which in no way is compatible DVD) and do the encoding in MPEG-2 for you. So it is up to you: you can encode EI using the preset DVD MPEG-2, or you can use an application of coding specialized (such as Adobe Media Encoder in stand-alone mode) or simply let the DVD authoring application do the encoding for you. This should be very simple and in this case, you can simply render a Quicktime or AVI file without loss (there is a model of output Module called "Lossless" who will take care of everything. You can use the default value, the 'best' model to make settings in most cases).
2-. E-mail: on the one hand, you need something that is really light and as good quality as possible. In the other, you want something universal compatibility, which can be read in all or almost all computers. H264 (advanced version of MPEG-4) format is really good in terms of efficiency, but its ' adoption is perhaps not as widespread yet. Flash Video (FLV) is really good in this regard. In this case, you could choose Adobe Flash Video (FLV) as the format in the output Module and then choose preset FLV 'Flash 8 web small' for this purpose.
3 YouTube: it's not that simple. The ideal format for YouTube is not quite exist, they insist on the re-encoding each file that you download, even if your file is technically identical in every way to their versions. So what you want here is something that looks good and it isn't huge to download. This all spells 'H264', in my opinion. The details depend on the question of if your Composition is HD or SD, 4:3 or 16:9, etc. Strange as it may seem, the big "iPod" preset for the format H264 is a good starting point. You can customize it to increase the speed of transmission a little (maybe 2 or 2.5 Mbps, against 1.5 Mbps).
4 website: even once, you need something that most people already have in their computers. Flash Video is an excellent choice, since about 98 percent of users have the Flash plugin. But in this case, you can have more great heights and flow rates, so you can use the "Flash 8 big' defined by default as a starting point. Once the Flash 10 plugin (which now supports the H264 in addition FLV) spreads in the future, you could standardize on H264 in a delivery format, with different settings for each type of destination.
I hope this helps.
-
I need help with the control of two .swf in third.
Hi, thanks for reading!
I need help with the control of two .swf in third.
I have a problem when I need to use a .swf in a digital signage solution, but were advised by the Legal Department, it cannot be changed in any way, I can not also have the source file blah blah blah. I pulled the .swfs on their site and I decompiled to see what I was up against.
The main SWF that I need control is HCIC.swf and the problem is that it starts with a preloader, which, after the loading stops on a framework that requires user input to (button) on a play button, until the film will proceed and replay.
What I've done so far is to create a SWF container, HCIC_container.swf, which will serve as a target for the HCIC.swf and I would like to send actionscript in the file, I am not allowed to edit.
I managed to get done with help from someone on another forum. It is my hope that the following script just start HCIC.swf a framework after the preloader and button play and just play through.
var container: MovieClip = createEmptyMovieClip ("container", getNextHighestDepth());
var mcLoader:MovieClipLoader = new MovieClipLoader();
mcLoader.addListener (this);
mcLoader.loadClip ("MCIC.swf", container);
function onLoadInit(mc:MovieClip) {}
mc.gotoAndPlay (14);
}
But unfortunately it does not solve my problem. Because there is a media - controller.swf, which is charged by HCIC.swf who has orders, including the play button to start HCIC.swf.
Here is a link to a .zip with all 3 files .swf file and all 3 .fla files.
http://www.axiscc.com/temp/HCIC.zip
What I have to do is to automatically start the HCIC.swf file, bypassing the pre-loader and play button without having to edit it or in the media - controller.swf in any case. Thus, all scripts must be done in HCIC_container.swf.
I know it is confusing and it is difficult to explain, but if you look at the files it must make sense.
ActionScripting is far from my point hard, so I'm definitely over my head here.
Thanks for your help.Got my solution on another forum.
-
Need help with the installation of an adapter of graphics Super Palit GeForce 9500GT - 512 MB - DDR2 SDRAM in a M2N68 motherboard (narra6). Should I disable the onboard graphics in the bios? When the card is installed, no VGA work outs and the PC does not start. Checked and recontroler implementation of the card in the PCI slot. PC is a desktop HP G5200uk PC. Windows 7 operating system.
Hello
The link below is a guige to install a video card in your Pc. In particular, it seems that you will have to perhaps specify the location of the new card in the bios and save this change before you install the new card - see step 4 in the guide on the link below. If your new card fits into the PCI Express x 16 slot, you will need to define PCI Express in the bios and save the changes.
http://support.HP.com/us-en/document/c01700855
Kind regards
DP - K
-
Need help with the port forwarding for a XBox remote Streaming
I have a router R6200v2 and need help with port forwarding.
I came across this set of instructions for setting up stream port forwarding XBox remotely from anywhere
http://kinkeadtech.com/2015/07/how-to-stream-Xbox-one-to-Windows-10-from-anywhere-with-Internet/
I have no idea when it comes to such things and I want to make sure I do it correctly without messing up my existing home network.
Port Forwarding and triggering Port pages setup look very different from what the guy uses. Can someone walk me through what I do to set up please?
Hi @varxtis,
You must enter them in the field for a start external Port and external completion Port. You will need to send individually except for the range of 49000-65000. The steps are as follows.
1. create a Service name (it could be something else that you cannot use the same service name twice. Ex. XBOX1, XBOX2 and so forth.)
2. Select the type of service (TCP, UDP or both)
3 entry 5050 times a start external Port and external endpoints.
4. Select the IP address of your XBOX.
5. Select apply.
6 do the same for other port numbers. To the beach, use 49000 for the external departure Port and for the external completion Port 65000.
Kind regards
Dexter
The community team
-
I need help with the program of Photos on my macbook pro
I use a Macbook Pro with OS of Yosemite. I really need help with the Photo program. I never really got the hang of IPhoto and now that it's a new program, I'm really confused. Where can I go to learn this without waiting for the next workshop in a local store?
Hi, I'm fighting to open same mine, making a new software update
Maybe you are looking for
-
I upgraded to Elcapitan I can't enter my e-mail @ hotmail.co.uk
Why can't I enter my e-mail @ hotmail account
-
Error connecting to a remote database access violation
I have the software on my machine (written in-house by a company I work for) to connect to a remote database from home. I have connected several times without problem, but recently I immediately get an error message as follows: "Access violation at a
-
Short and long dashboard S.M.A.R.T. test result 27
When do the short or long test it shows that the test is performed and the result is: code 27. Note that I have more sandisk ssd drive and I just installed the dashboard. Also note that the dashboard still says that I did not no matter what S.M.A.R.T
-
Compaq Nc 6000: Device not complete Code 28
Dear Mr. Paul, I have a problem with pc portable compaq nc 6000. I had upgraded to windows 7 32 bit on the old XP Professional. Everything worked well. Then I reinstalled, ex novo: windows 7 32-bit, but now I have the problem. It says 2 BUS PCI Devic
-
Computer: HP Pavilion d4181.se with revision of BIOS 3.28 23/01/06 Where can I view/edit if the SATA controller is configured to AHCI? I can't find anything in the BIOS Setup. Thank you