no tunnel-Group-map enable ike - id

why I don't receive any tunnel-Group-map enable ike - id when configuring site to site vpn. Did I miss something in the configuration?

You use certificate-based authentication?

Kind regards

Sandra

Tags: Cisco Security

Similar Questions

  • Enable ASA 9.1 problems with tunnel-group-list

    Hello!

    I try to get a working configuration where the Cisco VPN / DTLS phones VPN connect, while allowing access remotely via client AnyConnect of PCs.  I have two groups of tunnel and configured for this purpose of group policy and use Group-URL.

    Phones are connect very well, but I don't get the drop down menu to choose between the two groups of tunnel when connecting to a remote computer.

    An excerpt from the config.

    Moreover, I had the menu work previously when I used group instead of group-URL aliases.  However, the phones seem to require the URL group.  Now that I have those configured, the menu does not work.  If I get the full URL in the AnyConnect window, both URLs work, and I can connect.

    Thank you in advance for any suggestions you may have!

    Deb

    WebVPN

    allow outside

    AnyConnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1

    AnyConnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2

    AnyConnect image disk0:/anyconnect-linux-2.5.2014-k9.pkg 3

    AnyConnect enable

    tunnel-group-list activate

    ABC Group-Policy internal

    ABC Group Policy attributes

    value of server WINS 10.10.16.17 10.10.16.12

    value of 10.10.16.17 DNS server 10.10.16.12

    VPN - connections 3

    SSL VPN-tunnel-Protocol l2tp ipsec client ssl clientless

    Split-tunnel-policy tunnelall

    field default value abc.com

    the address value AnyConnectPool pools

    WebVPN

    activate AnyConnect ssl dtls

    AnyConnect Dungeon-Installer installed

    time to generate a new key ssl AnyConnect 1440

    AnyConnect ssl generate a new method ssl key

    AnyConnect client of dpd-interval 5

    dpd-interval gateway AnyConnect 30

    AnyConnect ask none

    internal strategy of group ABC - STG

    ABC - STG group policy attributes

    value of server DNS 8.8.8.8

    VPN - connections 3

    SSL VPN-tunnel-Protocol l2tp ipsec client ssl clientless

    Split-tunnel-policy tunnelspecified

    Split-tunnel-network-list value Split-Tunnel-encrypt-ACL

    field default value abc.com

    the address value AnyConnectPool pools

    WebVPN

    activate AnyConnect ssl dtls

    AnyConnect Dungeon-Installer installed

    time to generate a new key ssl AnyConnect 1440

    AnyConnect ssl generate a new method ssl key

    AnyConnect client of dpd-interval 5

    dpd-interval gateway AnyConnect 30

    AnyConnect ask none

    type tunnel-group Split-Tunnel-Group remote access

    attributes global-tunnel-group Split-Tunnel-Group

    address pool AnyConnectPool

    Group Policy - by default-ABC-STG

    tunnel-group Split-Tunnel-Group webvpn-attributes

    allow group-url https://asa.abc.com/ABC-STG

    tunnel-group ABC - Tunnel - type remote access Group

    attributes global-tunnel-group ABC - Tunnel - Group

    address pool AnyConnectPool

    Group-ACTIVE DIRECTORY authentication server

    Group Policy - by default-ABC

    password-management

    ABC - Tunnel tunnel-group - webvpn-attributes Group

    allow group-url https://asa.abc.com/ABC

    Hello

    You can have group-alias and group-url at the same time in the configuration so that the phones can connnect with Group-url and users can click on the drop down menu to select the right connection profile.

    tunnel-group webvpn-attributes
    Group-alias enable
    Group-url help

    Ref:- http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/98580-enable-group-dropdown.html

    Kind regards
    Dinesh Moudgil

    PS Please rate helpful messages.

  • How to match tunnel-group with auth ASA 8.2 and IPSec VPN Client using digital certificates with Microsoft CA

    Hello

    I set up a lab for RA VPN with a version of the ASA5510 8.2 and VPN Client 5 software using digital certificates with Microsoft CA on a Windows 2003 server. I did the configuration based on this document from Cisco's Web site:

    http://www.Cisco.com/en/us/partner/products/ps6120/products_configuration_example09186a0080930f21.shtml

    Now, the vpn works fine, but now I need to configure a tunnel-different groups so I can provide different services to different users. The problem I have now is that I don't know how to set it up for the certificate is the name of tunnel-group. If I do an ASA debug crypto isakmp I get this error message:

    % ASA-713906 7: IP = 165.98.139.12, trying to find the group through OR...
    % 3 ASA-713020: IP = 165.98.139.12, no group found by matching well payload ID: unknown
    % ASA-713906 7: IP = 165.98.139.12, trying to find the group via IKE ID...
    % 3 ASA-713020: IP = 165.98.139.12, no group found by matching well payload ID: unknown
    % ASA-713906 7: IP = 165.98.139.12, trying to find the group via IP ADDR...
    % ASA-713906 7: IP = 165.98.139.12, trying to find the group using default group...
    % ASA-713906 7: IP = 165.98.139.12, connection landed on tunnel_group DefaultRAGroup

    So, basically, when using certificates I connect always VPN RA only with the group default DefaultRAGroup. Do I have to use a model of different web registration for application for a certificate instead of the user model? How can I determine the OU on the user certificate so that match tunnel-group?

    Please help me!

    Kind regards

    Fernando Aguirre

    You can use the group certificate mapping feature to map to a specific group.

    This is the configuration for your reference guide:

    http://www.Cisco.com/en/us/partner/docs/security/ASA/asa82/configuration/guide/IKE.html#wp1053978

    And here is the command for "map of crypto ca certificate": reference

    http://www.Cisco.com/en/us/docs/security/ASA/asa80/command/reference/C5.html#wp2186685

    Hope that helps.

  • AnyConnect tunnel-group automatic assignment without selecting any group-tunnel-group-list alias and user-group strategy.

    Objective is that the anyconnect user must select group-alias, so that when a user enters his username and password he must go to his political group and tunnel-group specific. as I removed this command in webvpn 'no tunnel-group-list don't enable '. This I can not connect (user does not authenticate).

    1 - my question is why his past does not?

    Solution:

    If I keep only a single tunnel-group by default and make several group policies and assign to each user with his specific group policy that it works. in user attribute means I have only question following the commands it works, but if I put "group-lock value test-tunnel" that it did not identify.

    Please explain why.

    WebVPN

    allow outside

    limit the cache-fs 50

    SVC disk0:/anyconnect-win-3.0.10055-k9.pkg 1 image

    enable SVC

    internal strategy of group test-gp

    attributes of the strategy of group test-gp

    VPN-tunnel-Protocol svc webvpn

    the address value test-pool pools

    username, password test test

    username test attributes

    VPN-tunnel-Protocol svc

    group-lock value test-tunnel

    Strategy Group-VPN-test-gp

    tunnel-group test-tunnel type remote access

    attributes global-tunnel-group test-tunnel

    Group Policy - by default-test-gp

    tunnel-group test-tunnel webvpn-attributes

    allow group-url https://192.168.168.2/test

    Yes, you have the right solution. You only need to create 1 group of tunnel and multiple group policy. Under the attribute of the user, you re then group policy of vpn that you want the user assigned too.

    You can also authenticate users against AD and configure ldap attribute map to map the user to a specific group policy automatically.

    Here is an example of configuration if you happen to have the AD and will authenticate against AD:

    http://www.Cisco.com/en/us/products/ps6120/products_configuration_example09186a00808d1a7c.shtml

    Hope that helps.

  • Site to Site VPN. pick up DfltGrpPolicy instead of Tunnel-Group

    Hello

    Our ASA was set by a consultant some time ago to allow connectivity SSLVPN RSA backend. I am now trying to get a Site to Site VPN working but seem to get into a lot of difficulties. I get a load of the l2l VPN-related debugging messages which I believe is set up correctly. Here's what I think is of interest

    "January 24, 2009 12:13:01: % ASA-6-113009: AAA recovered in group policy by default (DfltGrpPolicy) to the user = x.x.x.x".

    The user specifies the IP address of the Cisco router remote that we try to get the VPN configuration.

    I have to admit that I haven't done a lot with the side things SSLVPN so this part of the config is out of my depth, that's why I post here.

    If anyone can help it would be really appreciated.

    Here are the relevant details (I can post more if there isn't enough). My question is, how do I get the l2l using the tunnel-group and not the default group policy?

    Thanks in advance for any help.

    dynamic-access-policy-registration

    DfltAccessPolicy

    WebVPN

    list of URLS no

    SVC request no svc default

    RADIUS protocol AAA-server VPNAUTH

    AAA-server VPNAUTH *. *. *

    interval before new attempt-5

    timeout 3

    key *.

    AAA authentication enable LOCAL console

    AAA authentication http LOCAL console

    LOCAL AAA authentication serial console

    the ssh LOCAL console AAA authentication

    AAA authentication LOCAL telnet console

    LOCAL AAA authorization command

    attributes of Group Policy DfltGrpPolicy

    value of DNS server! !. !. !

    VPN-idle-timeout no

    VPN-tunnel-Protocol webvpn

    enable IP-comp

    enable IPSec-udp

    field default value mondomaine.fr

    the address value vpnpool pools

    WebVPN

    enable http proxy

    SVC Dungeon - install any

    SVC keepalive 60

    SVC generate a new method ssl key

    SVC request no svc default

    disable ActiveX-relays

    disable file entry

    exploration of the disable files

    disable the input URL

    tunnel-group DefaultRAGroup webvpn-attributes

    message of rejection-RADIUS-

    IPSec-attributes tunnel-group DefaultRAGroup

    pre-shared-key *.

    tunnel-group DefaultRAGroup ppp-attributes

    PAP Authentication

    ms-chap-v2 authentication

    attributes global-tunnel-group DefaultWEBVPNGroup

    address vpnpool pool

    authentication-server-group VPNAUTH

    tunnel-group DefaultWEBVPNGroup webvpn-attributes

    message of rejection-RADIUS-

    tunnel-group x.x.x.x type ipsec-l2l

    tunnel-group ipsec-attributes x.x.x.x

    pre-shared-key *.

    Wayne

    Do "sh run all tunnel-group" you should see the strategy of group associated with it.

    for example:

    tunnel-group 1.1.1.1 type ipsec-l2l

    tunnel-group 1.1.1.1 General attributes

    no accounting server group

    Group Policy - by default-DfltGrpPolicy

    tunnel-group 1.1.1.1 ipsec-attributes

    pre-shared-key *.

    by the peer-id-validate req

    no chain

    no point of trust

    ISAKMP retry threshold 10 keepalive 2

    Let me know if it helps.

    See you soon,.

    Gilbert

  • Profile VPN (tunnel group) under the same IP pool

    Hello

    I have on my clients VPN from Cisco ASA 5510 works perfectly. The thing is that now I want to create a new profile or a tunnel in order to create the new cause of ACL I want to restrict only to certain hosts. But I don't know if I can do it under the same IP pool. If the answer is yes how could bind the new tunnel group to the correct ACL.

    This is my config:

    vpnxxxx list of allowed ip extended access all 192.168.125.0 255.255.255.0

    IP local pool ippool 192.168.125.10 - 192.168.125.254

    NAT (outside) 1 192.168.125.0 255.255.255.0

    NAT (inside) 0-list of access vpnxxxx

    RADIUS Protocol RADIUS AAA server

    RADIUS protocol AAA-server partnerauth

    AAA-server partnerauth (inside) host xxxx.xxxx.xxxx.xxxx

    key xxxx

    Crypto-map dynamic dynmap1 20 set transform-set Myset1

    lifespan 20 set security-association crypto dynamic-map dynmap1 seconds 28800

    Crypto-map dynamic dynmap1 20 kilobytes of life together - the association of safety 4608000

    a basic threat threat detection

    Statistics-list of access threat detection

    no statistical threat detection tcp-interception

    internal group RA - VPN strategy

    attributes of RA-VPN-group policy

    Server DNS 172.16.1.100 value

    VPN-idle-timeout 30

    Protocol-tunnel-VPN IPSec l2tp ipsec webvpn

    Split-tunnel-policy tunnelspecified

    type tunnel-group RA - VPN remote access

    General-attributes of RA - VPN Tunnel-group

    ippool address pool

    authentication-server-group (outside partnerauth)

    Group Policy - by default-RA-VPN

    tunnel-group RA - VPN ipsec-attributes

    pre-shared-key *.

    Thank you

    The command is "vpn-filter" in the Group Policy section.

    Define a group policy for each group of tunnel and select it with 'by default-group-policy' in the section of the tunnel.

  • What is the difference when the IP pool is placed under the group policy and SSL tunnel-group

    Hi usually ip address pool is placed under the group policy in Anyconnect VPN, but I noticed the ip address pool is also placed under the Anyconnect VPN tunnel-group in some ASA. What is the difference between both of them? Thank you

    Both are used for the same purpose, but that under group policy always takes preference.

    Kind regards

    Sandra

    If you find the answer useful, please mark it as correct while others can benefit from the discussion.

  • How to associate policies crypto with tunnel-group?

    Hi, when I review the configuration of the VPN from point to point, I have a question. The ASA has three peer-to-peer VPN configuration. So, there are also three groups of tunnel in there. My question is how each VPN to ensure encryption policy tunnel-group? In the anther Word, what encryption policy associated with tunnel-group? Thank you.

    This is the phase 1, they work from top to bottom.  When you try to negotiate the tunnel between two counterparts, in the background, they send all of your policies and according to which is first (from top to bottom) is used.

    For example.

    If your counterpart device uses (3des, md5, pre-shared key and group 2), it will not match the policy 1 and the rest of the policy will not be considered.

    Kind regards

    Sandra

  • ACS 4.2 Wired and wireless group mapping

    Hello

    User1 connects to the switch, it belongs to the Group AD Domain_user and are mapped to ACS Group1 wich send the radius attribute to change the VLAN, this part works fine.

    My problem is when the same user connects with its wifi card... He is still part of the domain_user and get still mapped to group1 on acs but now, RADIUS values are bad for the wireless.

    Wired production vlan = 20

    Prod wireless vlan = 120

    What I want to do, it is something like:

    ADGroupX Connect_type plus ACS Group1

    ADGroupX + Connect_type2 = ACS group2

    I tried to use the connection profile but the group mapping are not performed at this level. Ditto for NAR, my user must be able to log user wired or wireless and get the right vlan not get restricted by the NAR.

    Another way would be to set up a username/password wireless on the internal database and add it to the ACS group good but which involve password management and not all client 802 support auth password (without user intervention)

    Any idea?

    Hi... this scenario is exactly what network access profiles are designed to address. Essentially, NAP to create a complete configuration based on network service.

    So default ACS is a unique system of NAP (well I guess that 2 If you include RADIUS, and GANYMEDE) where any network service all RADIUS users would assume to use a single device type. NAP allows you to configure a service, the authentication, the mappings of groups and permissions Protocol.

    The first part of the PAN you have to differentiate requests for authentication for each network service. This could be as easy to use the ip address of the AAA Client or NDG. If this is not possible, you can start looking at the attributes in the RADIUS request to find the attribute values that are unique to the switch or wlan.

    Assuming you have managed to do is a matter of implementation of authenticattion and authorization policies-, but the main thing is that you will be able to send any returns RADIUS attributes to the device for the same user.

    The user interface can take a little usual, then read the docs online and stick to it!

    www.extraxi.com for all your reports ACS needs

  • Hide the tunnel-group in client anyconnect

    Hi all

    How to hide dropdown menu profiles that don't interest me not?

    see always all tunnel group set up on asa.

    in path of the cisco anyconnect client, I have preferences.xml.

    Thanks in advance for your help

    concerning

    If the group alias are configured on the SAA, no matter which user goes to the external interface to connect to the VPN will see the list.

    ASA administrator may eventually publish a URL shortcut using the "group-url" attribute when configuring the SSL VPN. Here is a link to the section of the configuration guide to do so. in this place you can browse (or point AnyConnect) directly to this URL and skip having to select from the drop-down list.

  • name of the tunnel-group

    Hello

    In the configuration below I put in place a tunnel-group name that is the same as the counterpart of VPN tunnel. Is that what you have to do, or could call you the tunnel-group what you want?

    part of pre authentication ISAKMP policy 1

    ISAKMP policy 1 3des encryption

    ISAKMP policy 1 sha hash

    Group of ISAKMP policy 1 2

    ISAKMP policy 1 life 43200

    ISAKMP allows outside

    Crypto ipsec transform-set esp-3des esp-md5-hmac FirstSet

    l2l_list to access extended list ip 192.168.100.0 allow 255.255.255.0 192.168.1.0 255.255.255.0

    tunnel-group 10.10.10.1 type ipsec-l2l

    tunnel-group 10.10.10.1 ipsec-attributes

    pre-shared key xxx

    card crypto abcmap 1 match address l2l_list

    card crypto abcmap 1 set counterpart 10.10.10.1

    card crypto abcmap 1 set of transformation-FirstSet

    abcmap interface card crypto outside

    Robert,

    The tunnekl group should be the IP address of the remote end - because it is used as ID. The only time where ever you need to use a specific name - is if you are certificate authentication.

    HTH.

  • Select the Tunnel-Group based on OS devices

    Hello

    having an ASA5512x is possible to have anyconnect-dial-in-PC-users asking their IDs AND also a one-time-password

    Whereas smartphone users only need to provide their username and a password without the need to manually select the profile?

    I've set up two groups of tunnel:

    (1) requires an LDAP server for authentication

    (2) is in contact with a RADIUS server running the software One Time Password.

    Is it possible to have the asa affect smartphone users (based on their OS) that it automatically uses the first profile (which has limited access to the resources of the intranet) and Anyconnect-PC-users pinned to the second category of tunnel? Dynamic access policies seem to be able to differentiate only ' in' a tunnel-group.

    Thank you very much!

    Kind regards

    David

    I never tried this way, but if it does not (as I suspect) there is a solution:

    1. Point your customers on the two different groups of tunnel with the help of tunnel-group-URL.
    2. Later in the DAP impose that the customer does not use the wrong tunnel-group.
  • ASA by the issue of authentication of the tunnel-group

    Is it possible to do so by the tunnel-group authentication on ASA 8.4.x?

    Here are the scenarios:

    (1) tunnel-group_A performs authentication using the digital certificate (PKI)

    (2) tunnel-group_B performs the authentication using AAA (RSA SecurID token)

    (3) tunnel-group_C performs authentication for LOCAL assistance (AAA user defined locally)

    Tunnel-group_A, B, and C are all using the same physical interface and outside the interface.

    I tested it, but it doesn't work the way I expected.  BTW, I have already disabled "interface authentication ssl certificate outside of port 443"

    Here are the results of the tests:

    If the tunnel group_A is configured with the certificate, then tunnel_group_B connection will fail, but connection tunnel-group_C works very well.

    It seems that tunnel-group_B trying to authenticate with certificate too, if she does not.  BTW, it seems to authenticate to the LOCAL help will still work.

    I understand that you can configure tunnel_group_A to "both" certificate and AAA, but that's not what I want.

    Anyone seen this before?  Is there a way to bypass?

    Thank you

    Joe,

    Yes, I would then use Group-url. And I would create and profile of XML with the specific URL in the list of servers.

    List of servers

    Let me know.

  • Exception: Cluster address must be defined when the grouping is enabled

    Hello

    I created a simple web service and deployed on a cluster. When I invoke the url of the WSDL (http://localhost/webservice/MyService?WSDL) through the browser, I get the closed exception (listed at the bottom)

    I can easily fix this by explicitly declaring a cluster address choices the administration console (environment-> cluster-> address Cluster :), but the documentation says I have is useless to do.) (http://edocs.bea.com/wls/docs100/webserv/setenv.html#wp220521)

    Can someone say that I indeed need to explicitly declare a Cluster address on the deployment and calling web services in a clustered environment.

    Thank you


    Such #-Exception as displayed in the browser-
    Error 500 - Internal server error

    java.lang.IllegalArgumentException: Cluster address must be defined when the grouping is enabled.
    at weblogic.wsee.server.ServerUtil.getClusterAddress(ServerUtil.java:439)
    at weblogic.wsee.server.ServerUtil.getHTTPServerURL(ServerUtil.java:130)
    at weblogic.wsee.server.servlet.WsdlRequestProcessor.getAddressInfo(WsdlRequestProcessor.java:161)
    at weblogic.wsee.server.servlet.WsdlRequestProcessor.process(WsdlRequestProcessor.java:76)
    to weblogic.wsee.server.servlet.BaseWSServlet$ AuthorizedInvoke.run (BaseWSServlet.java:257)
    at weblogic.wsee.server.servlet.BaseWSServlet.service(BaseWSServlet.java:156)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
    to weblogic.servlet.internal.StubSecurityHelper$ ServletServiceAction.run (StubSecurityHelper.java:226)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:124)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:283)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
    to weblogic.servlet.internal.WebAppServletContext$ ServletInvocationAction.run (WebAppServletContext.java:3395)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
    at weblogic.security.service.SecurityManager.runAs (unknown Source)
    at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2140)
    at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2046)
    at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1366)
    at weblogic.work.ExecuteThread.execute(ExecuteThread.java:200)
    at weblogic.work.ExecuteThread.run(ExecuteThread.java:172)

    Hello

    You must specify the address of the cluster get this working. This was done because if address cluster is not specified, he had other problems that have arisen.

    Its work as planned.

    :)

    Kind regards.

  • ACS 4.2 RSA Authentication and LDAP group mapping

    Hello

    I have a firewall, PaloAlto, with overall protection enabled (SSL - VPN) feature

    I use Cisco Secure ACS as a proxy for the RSA SecurID authentication.

    After authentication is try to map ad through LDAP query groups.

    The question I've found, is that the user I get with user authentication has no field:

    Show user ip-user-mapping all | mbm60380 game

    10.240.1.24 vsys1 UIA 2388 2388 domain\mbm60380

    10.240.1.1 vsys1 UIA 2101 2101 domain\mbm60380

    10.240.250.1 mbm60380 2590859 2590859 vsys2 GP

    But the list of users that I receive from the LDAP query includes the domain prefix:

    See the user group name domain\group1 property

    short name: domain\group1

    [1] domain\aag60368

    [2] domain\ced61081

    [3] domain\jas61669

    [4] domain\mbm60380

    [5] domain\pmc61693

    [6] domain\vcm60984

    I would like to create the user with the area of GBA but it must delete the domain before querying the RSA server, as it does not support field stripping.

    I tried to fix this on the Palo Alto firewall without success.

    I'm trying to run Cisco Secure ACS 4.2 changing, but it did not work either:

    RSA servers are configured as an external database.  They are not defined in the groups of network devices.

    Can I set up domain stripping for queries servers RSA?

    Thank you

    Hello

    I think it should work, but it is a bit awkward:

    Create an entry in the Distribution of Proxy in the Network Configuration.

    DOMAIN\\USER *.

    Prefix

    Before returning to the AAA server, from there to authenticate to the server RSA without the domain prefix.

    Make sense?

    Thank you

    Chris

Maybe you are looking for

  • Mac Mini pink Flash at startup

    MAc Mini 2012 i7 16 GB 1 TB (bought in may 2013) MY trusty old Mac Mini seems to have a problem. When I start up from the Mac Mini, I see a pink Flash on the screen (NO PINK LINES THAT FLASH, this rose arrives on a section of the screen) for just a s

  • Satellite C855-1GQ - recovery 10-FC06-00D error

    I have a Toshiba Satellite C855-1GQ part PSKC8E-09N005ENI used Toshiba Recovery and after 3 disk drives, I got the error code 10-FC06 - 00D and does not go more away someone can help please.

  • EA60 what someone knows something?

    Hi ALL, anyone has no information about the EA60-173, I have looked everwhere and can't seem to find the comments, news or reviews, good, bad or otherwise, for example is the dedicated graphics chip? was soon Fred

  • Add Server 2012 R2 Server Manager servers dialog box problem

    I have a problem in 2012 R2 Server when you add a remote server to all server management interface.   Using the dialog box add servers to add a workgroup server (no configured DNS server), I added the problem of server using the IP address.  A dialog

  • Ran Diagnostic Report/average line of the disc is 2

    About 2 weeks ago, I upgraded my Vista laptop to 1 GB. It works perfectly, but I ran a Diagnostic report and it showed in the information Section that average disk queue length was 1. I did a defragment disks and changed it to 2, but I still get the