Ports for remote access
Anyone know what ports must be open on the firewall to make it work correctly?
This was DNS. I changed the DNS of device to the point 4.2.2.2 4.2.2.3
Tags: Linksys Media
Similar Questions
-
Hyperion Financial Reporting of ports for remote access
Hello
Can I know what are the ports should I open to allow remote access to the server Hyperion Financial Reporting for reporting via Hyperion Financial Reporting Studio home pc?
Thank youYou could also have a read of http://john-goodwin.blogspot.co.uk/2013/02/financial-reporting-studio-firewall-fun.html
See you soon
John
http://John-Goodwin.blogspot.com/ -
ASA 5510 VPN for remote access clients are asked to authenticate on box
Don't know what's the matter, but my remote access users are invited to join the ASA before connecting to the tunnel. How can I disable this? Config is attached. Thank you all -
For remote access connections, you can turn off the prompt xauth (user/pass) with the following:
Tunnel ipsec-attributes group
ISAKMP ikev1-user authentication no
-heather
-
How to use ACS 5.2 to create a static ip address user for remote access VPN
Hi all
I have the problem. Please help me.
Initially, I use ACS 4.2 to create the static ip address for VPN remote access user, it's easy, configuration simply to the user defined > address assignment IP Client > assign the static IP address, but when I use ACS 5.2 I don't ' t know how to do.
I'm trying to add the IPv4 address attribute to the user to read "how to use 5.2 ACS", it says this:
1Ajouter step to attribute a static IP address to the user attribute dictionary internal:
Step 2select System Administration > Configuration > dictionaries > identity > internal users.
Step 3click create.
Static IP attribute by step 4Ajouter.
5selectionnez users and identity of the stage stores > internal identity stores > users.
6Click step create.
Step 7Edit static IP attribute of the user.
I just did, but this isn't a job. When I use EasyVPN client to connect to ASA 5520, user could the success of authentication but will not get the static IP I set up on internal users, so the tunnel put in place failed. I'm trying to configure a pool of IP on ASA for ACS users get the IP and customer EasyVPN allows you to connect with ASA, everything is OK, the user authenticates successed.but when I kill IP pool coufigurations and use the "add a static IP address to the user 'configurations, EzVPN are omitted.
so, what should I do, if anyboby knows how to use ACS 5.2 to create a user for ip address static for remote access VPN, to say please.
Wait for you answer, no question right or not, please answer, thank you.
There are a few extra steps to ensure that the static address defined for the user is returned in the Access-Accept. See the instuctions in the two slides attached
-
AnyConnect 3.0 supports IPSec VPN for remote access?
Hello world
I've read about Cisco AnyConnect 3.0 issues that it supports IPSec VPN for remote access:
I downloaded and installed the Client AnyConnect Secure Mobility Client 3.0.0629, but I'm not able to get the IPSec VPN works. Also, it has no option to use the previous of Cisco IPSec VPN client PCF files.
Can someone point me in the right direction to get IPSec VPN AnyConnect 3.0 work?
Thank you in advance!
Hello
Takes AnyConnect support IPSEC from version 3.0, but only in combination with IKEv2.
There is no option to use a CPF file with it and the config should be pushed through a profile Anyconnect.
More information on this:
You should also change the ASA config so that it accepts negotiations IKE v2:
http://www.Cisco.com/en/us/docs/security/ASA/asa84/configuration/guide/vpn_ike.html#wp1144572
Kind regards
Nicolas
-
alternatives to LogMeIn Pro for remote access?
Greetings. Currently, we have systems in the United States, Switzerland and the Mexico that I supported via remote access using LogMeIn Pro. We paid for a subscription before free LMI Pro has been abandoned even to appreciate the characteristics of LMI Pro. But as LMI has eliminated this free service, it seems their subscription rate more than doubled each year. We currently need remote access to 3 Macs and 2 units of Windows (ew).
Last year, we paid $174. for the annual subscription in support of these 5 systems. I just checked on the price of renewal and it shows $349.00 for renewal. This is getting too expensive!
Last year, I invested in ARD to support my mother MacBook and the MacBook from an old friend, rather than pay LMI for a subscription in support of these systems. ARD was a good alternative for these systems, but it is not a realistic alternative to remote systems for charity I help support. Partly because of the PC, also because what it requires port forwarding in the router and finally because I have to be at my computer to use ARD to access those other systems. LMI offers the possibility to access systems through an iOS app and can be used by other members of the team of charity, anywhere in the world everyone is physically located. That's why we have maintained the LMI Pro subscriptions for a number of years.
But with the perennial increase rate of LMI ridiculous (I think they can take their pricing of Obamacare), I'm on my eternal quest for an alternative to remote access.
Can anyone offer advice?
Thank you very much for your review,
Dee Dee in Florida
There are:
-Apple Back to My Mac
Set up and use Back to My Mac - Apple Support
-Team Viewer free for non-commercial and paid for commercial use.
-GoToMyPC, it also works with Mac
-
NAR restriction for remote access clients
Hello
just a question how to limit access to users for some NAS servers remotely.
We have an AAA ACS2.6 servers and several 3640 based NAS server for remote user access. Users are gathered in a group to the ACS.
We have another group, called ISP. The user in this group can use the internet anywhere in the world, they must dial the local number of the given ISP NAS and all the NAS-you pass the authentication request to our CSA. So we can centrally manage direct RAS users and Internet users.
The problem is that a user to a certain group can use the other dialin facility since all dialin appemps will be authenticated on the same server.
How can I limit that an ISP group cannot use the SNS outside the company and that he can not numbering at our dedicated RAS server? And RAD regulars cannot use the internet (which is given to the users of the ISP)
I applied filters in the ACS on the group settings, but could find no ducuments how configure it exactly. Any help appreciated,
Kind regards
Balázs
Balázs,
Thanks for sharing your experience. I'm sure that it would be useful for others. Yes, browser is a problem for any management software ;-)
Thanks again,
Renault
-
How to configure VPN 3000 Concentrator for remote access
I have inherited a VPN concentrator and want to configure it to provide remote access to my internal laboratory network when I'm traveling. Private interface is configured as 192.168.1.240/24. Public interface is configured as one of my public IP addresses. I have a public IP pool on the back side of a cable modem Roadrunner. I created a pool of addresses for clients such as 192.168.1.200 by 192.168.1.205. I created all group configurations, group and user base.
In the IP Routing tab, I see a default route pointing to my IP address of public gateway - the IP address of my box of roadrunner cable modem gateway.
Since my VPN client, I am able to connect to the VPN concentrator. I get an address from the pool and check the details of the tunnel under the statistics section shows IP address correct pool for the customer and the correct public IP address of my VPN reorga
Jeff,
According to statistics, it seems that the client sends traffic to the hub, but his answer not get back.
We need check the hub settings itself.
I need check the hub settings and that it is a GUI based device so I can't even ask to see the technology and the only option available is to WebEx.
You're ok with webex, pls lemme session comfortable time id and e-mail to send the invitation, it takes no more time and we will carry it out
Thank you
Ankur
-
authentication 802. 1 x on cisco VPN for remote access
I'm on dial-up VPN (mobile VPN) on cisco ASA5510, now, I want to authenticate remote users via Microsoft IAS (Radius Standard) service. However, I couldn't get through the via protocol PEAP authentication process, and it seems that it only supports PAP that isn't safe.
Any suggestion on how to implement PEAP over VPN remote access?
Thank you
Hello
It may be useful.
Best regards.
Massimiliano.
-
How many group Supportepar ASA 5520 vpn for remote access
Hello
Howmany vpn group is supported on asa 5520 with configuraion vpn remote access.
Concerning
1 if nat-control is disabled and you do not have any other order NAT in your config file, you do not have it. Try to remove the existing "NAT 0" command and "clear xlate."
2. you must ensure that your network inside know they can go by ASA to access remote vpn client IP. You have any device layer 3 behind the ASA that does the routing. If so, please verify that this is the routing table.
-
How can I assign the static fixed IP for remote access VPN users
Hi team,
I have a requirement to assign a fixed static IP users VPN remote access in ASA, please help how I can achice this
Thanks in advance
Mikaelusername user1 attributes
VPN-framed-ip-address 10.200.115.78 255.255.0.0
-
Server ezvpn 887 router for remote access
Hello.
I'm having a problem with the implementation of remote access using easyvpn server on a router 887. I followed the tutorials and also used Assistant cisco configuration professional easyvpn server to the configuration but still having a problem.
I see, but Phase 1 finished, Phase 2 will fail with the following error...
09:43:26.515 Oct 10: ISAKMP: (2003): check IPSec proposal 8
09:43:26.515 Oct 10: ISAKMP: turn 1, ESP_AES
09:43:26.515 Oct 10: ISAKMP: attributes of transformation:
09:43:26.515 Oct 10: ISAKMP: authenticator is HMAC-SHA
09:43:26.515 Oct 10: ISAKMP: key length is 128
09:43:26.515 Oct 10: ISAKMP: program is 1 (Tunnel)
09:43:26.515 Oct 10: ISAKMP: type of life in seconds
09:43:26.515 Oct 10: ISAKMP: service life of SA (IPV) 0x0 0 x 20 0xC4 0x9B
09:43:26.515 Oct 10: ISAKMP: (2003): atts are acceptable.
09:43:26.515 Oct 10: IPSEC (validate_proposal_request): part #1 the proposal
09:43:26.515 Oct 10: IPSEC (validate_proposal_request): part #1 of the proposal
(Eng. msg key.) Local INCOMING = 88.xx.xxx.174:0, distance = 80.177.185.185:0,.
local_proxy = 0.0.0.0/0.0.0.0/0/0 (type = 4),
remote_proxy = 192.168.21.12/255.255.255.255/0/0 (type = 1),
Protocol = ESP, transform = NONE (Tunnel),
lifedur = 0 and 0kb in
SPI = 0 x 0 (0), id_conn = 0, keysize = 128, flags = 0 x 0
09:43:26.515 Oct 10: map_db_find_best found no corresponding card
09:43:26.515 Oct 10: IPSEC (ipsec_process_proposal): proxy unsupported identities
09:43:26.515 Oct 10: ISAKMP: (2003): IPSec policy invalidated proposal with error 32
'Proxy unsupported identities' research indicates a NAT problem maybe, but I don't see where this would be. In my view, the problem is elsewhere.
I use the VPN Client 5.0.07.0440 and using transparent tunneling IPSec (on TCP/10000) that the client is located behind a firewall/NAT device.
Does anyone know what may be the issue? Attached full config.
Hello Mick
Before that, one more try. .
Remote control the pfs as follows
Profile of crypto ipsec RemoteAccess
no set pfs group2
Remove and add the virtual model crypto back
type of interface virtual-Template1 tunnel
No ipsec protection RemoteAccess tunnel profile
Profile of tunnel RemoteAccess ipsec protection
I hope this will solve your problem
Henin,
-
ESXi 4 ports required to be open for remote access
Hi all
I recently setup an ESXi 4 on a customer site and need to access it remotely via the public Internet (ouch...). I need to know which ports need to be opened in the firewall, so I can take control of this host remotely from home.
Any information will be greatly appreciated!
See you soon!
Kevin
This link has all the ports/protocols required to get to the VMware services via a FW.
You might be better served by creating a virtual machine, and then connect to it against directly to the host. If you are using Windows, you can also configure RDP and only open this hole against 80, 443, 902, 903, etc.. Other options, as mentioned above would be a VPN; something like bridge W2K8 RDP.
Supported Community, community rewarded - do questions answered and allocation of points for the job of marking. It helps us all.
-
Scope of the wireless connection for remote access to TimeCapsule
I use my TimeCapsule as long wireless rather than "create a wireless network, as my ISP does not allow for the time capsule to use as my router.
I post this question because I would like to access my TimeCapsule remotely and the hard drive connected to it.
Now I'm Back to Mac enabled on TimeCapsule and what I believe is the appropriate port forwarded port to allow a connection outbound to it, but cannot be accessed remotely to the TimeCapsule. Any ideas?
Two problems here:
(1) the "extend a wireless network" is a defining Apple owner who is only used if the Capsule is wireless extension of the network from another router from Apple. It is not compatible with the wireless to a 3rd party router.
This parameter must be "create a wireless network" using the same wireless network name and the password of the wireless network FIOS with time Capsule of the FIOS router by a permanent connection, cable connection through an Ethernet cable.
(2) the time Capsule is configured to act as a router, when it should be configured to act as a "bridge"... Since you already have a FIOS router 'upstream' on the network. If the Capsule is configured as another router on the network, which creates an error Double NAT on the network, and it is unlikely that Back to My Mac would function at all in this type of installation. The setting for the time Capsule router Mode must therefore "Off (Bridge Mode).
Since the Capsule must be in Bridge Mode to work properly with the FIOS router, it's the FIOS router that must be set up for Port Forwarding. Then, in Bridge Mode time Capsule will cross the FIOS router to your network equipment settings.
-
Facebook scrambled after mcafee upgraded via IE for remote access
After access remote mcafee update via IE, my yahoo account works on IE but only partially support the e-mail on FF (no work of buttons and you can not meet the emials etc.). my Facebook screen is also blurred and I can't access anime players on Animecrazy.net etc, but some sites are still accessible. McAfee is on a mission to force people on IE?
Hi Cor - el - I checked that all these parameters are defined, but there was still this view strange interference on some screens up to that I tried your first suggestion re zoom reset which finally the problem for pages of problem... but how can I get the pages to remember the zoom settings? However, thank you much for this, but I would like to know how download mcAfee caused this glitch! Mitch
Maybe you are looking for
-
At least once a day my iphone 6 keep losing wifi and do not reconnect unless I have reset or switch back again comes in airplane mode. I have ios updated has and did a restore to iCloud. Thank you
-
New IPhone SE does not sync for Macbook Pro
My new that i Phone SE will not aync to my Macbook Pro. The States of error message that my phone can't synchronize on i tunes because it requires a new version of custom i. Currently, I have version 12.2.2 and tried to update, but the Mac says tha
-
Satellite Pro 4600 - wireless network
Hello I tried to install a Satellite Pro 4600. I have installed Windows 2 K and SP4, as well as to all the dirvers to Toshiba, but the operating system recognize that there all knind wireless attached to it, and the switch on the side does not seem t
-
Hi, I have two decimal strings, each of them contains the numbers change over time. I want to plot them on the graph XY, a string for each axis. Can you show me how do?
-
Remove the windows error message: pilot Sonic Solutions DLA blocked
Whenever I connect to my PC I get a Windows error message saying that the Sonic Solutions DLA driver is blocked due to compatibility issues. Apparently, it's an error message associated with Roxio Easy Media Creator. This program, I uninstalled it