Problem of authenticating users on L2TP over IPSec tunnel
I have a client with an old PIX-515e firewall with firmware 7.2 (4), and due to certain circumstances, I'm trying to configure L2TP over IPSec. I'm stuck at a "Error 691: the remote connection has been deinied because the user name and password combination, you have provided is not recognized, or the selected authentication protocol is not permitted on the remote access server." I have local installation of authentication for this connection, and I tried to use ms-chap-v2, chap and pap, and give the same results. I have confirmed the username and the password, but I can't after that.
The PIX, I don't see "AAA user authenticaton rejected: reason = invalid password: local database: user = tetstuser". I can still see the password unencrypted on the screen, so I can copy and paste the username and password in the appropriate fields, and I still have this error.
Does anyone have an idea where the problem lies perhaps? Thank you.
Can you please change the user as described in the doc, I shared and as indicated by the Rohan peers and share the results of the tests?
Kind regards
Dinesh Moudgil
PS Please rate helpful messages.
Tags: Cisco Security
Similar Questions
-
L2TP over IPSEC VPN is supported in Cisco SRP 521w?
I now try to configure a Cisco Small Business Pro SRP 521w for a branch office router, I try to get the router to connect to a VPN L2TP server inside my data center, but it seems to me that the client VPN L2TP function is not supported within the SRP 521w router.
Can Cisco implementing in the future in the firmware for the router in SRP 521w client VPN L2TP?
Hello
This is correct, without L2TP over IPSec tunnels.
(L2TP only supported on the primary Ethernet WAN interfaces).
Kind regards
Andy
-
Microsoft L2TP over IPSEC client with AES encryption
I configured L2TP over IPSec Cisco VPN router with Hastings 3des encryption is sha1 with diffie hellman Group 2 and I can't connect with success of Microsoft customers.
but my question is why can I not connect when I am increasing the encryption with AES 256 and sha256 DH group 14, his looks that windows does not support advanced encryption.
is it possiple to activate encryption aes with the highest level...? and how?.
Hello
To ensure that you get the best response to your concerns, we suggest that publish this request via the Web to Microsoft Developer network site. To do this, visit this link.
Best regards.
-
GRE over IPSec tunnel cannot pass traffic through it
I am trying to configure a GRE over IPSec tunnel between sites, we use the router cisco 7613 SUP720 (IOS: s72033-advipservicesk9_wan - mz.122 - 18.SXF15a.bin) and 3845 router (IOS:c3845 - advsecurityk9 - mz.124 - 25c.bin), we are facing problems when we use the tunnel because traffic is not passing through it. the configuration was working when we were using two routers cisco 3845 (IOS:c3845 - advsecurityk9 - mz.124 - 25c.bin), but for some reason, it doesn't work anymore when I paste the configuration on the new 7613 router.
Head office
crypto ISAKMP policy 10
BA aes
preshared authentication
Group 5
ISAKMP crypto key T3ST001 address 0.0.0.0 0.0.0.0
!
!
Crypto ipsec transform-set IPSec_PLC aes - esp esp-sha-hmac
transport mode
!
map PLC - CUM 10 ipsec-isakmp crypto
defined by peer 167.134.216.89
game of transformation-IPSec_PLC
match address 100
!
!
!
Tunnel1 interface
bandwidth 1984
IP 167.134.216.94 255.255.255.252
Mtu 1476 IP
load-interval 30
source of tunnel Serial0/1/0:0
tunnel destination 167.134.216.89interface Serial0/1/0:0
IP 167.134.216.90 255.255.255.252
card crypto PLC - CUMaccess-list 100 permit gre 167.134.216.90 host 167.134.216.8
Router eigrp 100
network 167.134.216.92 0.0.0.3Directorate-General of the
crypto ISAKMP policy 10
BA aes
preshared authentication
Group 5
ISAKMP crypto key T3ST001 address 0.0.0.0 0.0.0.0
!
!
Crypto ipsec transform-set IPSec_PLC aes - esp esp-sha-hmac
transport mode
!
map PLC - CUM 10 ipsec-isakmp crypto
defined by peer 167.134.216.90
game of transformation-IPSec_PLC
match address 100Tunnel1 interface
bandwidth 1984
IP 167.134.216.93 255.255.255.252
Mtu 1476 IP
load-interval 30
source of tunnel Serial1/0/0:1
tunnel destination 167.134.216.90interface Serial1/0/0:1
bandwidth 1984
IP 167.134.216.89 255.255.255.252
IP access-group 101 in
load-interval 30
no fair queue
card crypto PLC - CUMaccess-list 100 permit gre 167.134.216.89 host 167.134.216.90
ER-7600 #sh crypto isakmp his
conn-id State DST CBC slot
167.134.216.89 167.134.216.90 QM_IDLE 3 0ER-3845 #sh crypto isakmp his
status of DST CBC State conn-id slot
167.134.216.89 167.134.216.90 QM_IDLE 3 0 ACTIVEER-3845 #sh active cryptographic engine connections
Algorithm of address State IP Interface ID encrypt decrypt
3 Serial0/1/0: 167.134.216.90 0 HMAC_SHA + AES_CBC 0 0 value
3001 Serial0/1/0: 167.134.216.90 0 set AES + SHA 0 0
3002 Serial0/1/0: 167.134.216.90 0 set AES + SHA 61 0ER-7600 #sh active cryptographic engine connections
Algorithm of address State IP Interface ID encrypt decrypt
3 Serial1/0/0:1 167.134.216.89 set HMAC_SHA + AES_CBC 0 0
2000 Serial1/0/0:1 167.134.216.89 set HMAC_SHA + 0 66 AES_CBC
2001 Serial1/0/0:1 167.134.216.89 set HMAC_SHA + AES_CBC 0 0I had this error on the er-3845: % CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd package not an IPSEC packet and this one on the IPSEC (epa_des_crypt) UH-7600: decrypted packet has no control of his identity
Please help, it's so frustrating...
Thanks in advance
Oscar
Here is a document from cisco, mentioning clearly for a card encryption on the two physical as tunnel interface well.
http://www.Cisco.com/en/us/Tech/tk583/TK372/technologies_configuration_example09186a008009438e.shtml
It may be useful
Manish
-
Problem on the establishment of a GRE/IPsec tunnel between 2 cisco routers
Hello world
I am trying to establish a GRE IPsec tunnel between two cisco routers (2620XM and a 836).
I created a tunnel interfaces on both routers as follows.
2620XM
interface Tunnel0
IP 10.1.5.2 255.255.255.252
tunnel source x.x.x.x
tunnel destination y.y.y.y
end
836
interface Tunnel0
IP 10.1.5.1 255.255.255.252
tunnel source y.y.y.y
tunnel destination x.x.x.x
end
and configuration of isakmp/ipsec as follows,
2620XM
crypto ISAKMP policy 10
md5 hash
preshared authentication
ISAKMP crypto key {keys} address y.y.y.y no.-xauth
!
!
Crypto ipsec transform-set esp - esp-md5-hmac to_melissia
!
myvpn 9 ipsec-isakmp crypto map
defined peer y.y.y.y
Set transform-set to_melissia
match address 101
2620XM-router #sh ip access list 101
Expand the access IP 101 list
10 permit host x.x.x.x y.y.y.y host will
836
crypto ISAKMP policy 10
md5 hash
preshared authentication
ISAKMP crypto key {keys} address x.x.x.x No.-xauth
!
!
Crypto ipsec transform-set esp - esp-md5-hmac to_metamorfosi
!
myvpn 10 ipsec-isakmp crypto map
defined peer x.x.x.x
Set transform-set to_metamorfosi
match address 101
836-router #sh access list 101
Expand the access IP 101 list
10 licences will host host x.x.x.x y.y.y.y
Unfortunately I had no isakmp security associations at all and when I enter the debugging to this output.
CRYPTO: IPSEC (crypto_map_check_encrypt_core): CRYPTO: removed package as currently being created cryptomap.
Any ideas why I get this result? Any help will be a great help
Thank you!!!
I think it's possible. It seems to me that you are assuming that the address of the interface where goes the card encryption is peering address. While this is the default action, it is possible to configure it differently.
As you have discovered the card encryption must be on the physical output interface. If you want the peering address to have a different value of the physical interface address outgoing, then you can add this command to your crypto card:
card crypto-address
so if you put loopback0 as the id_interface then he would use loopback0 as peering address even if the card encryption may be affected on serial0/0 or another physical interface.
HTH
Rick
-
Setting KeepAlive on GRE over IPSEC tunnel
Hello world
Need to know if there are benefits of the KeepAlive on GRE over IPSEC implementation that goes over the Wan. ?
We currently have no KeepAlive on GRE tunnel.
If we config KeepAlive on both ends of the ACCORD it will cause any overload or the CPU load?
Thank you
MAhesh
If you use a routing on the GRE tunnel protocol you should use KeepAlive WILL not, but I would probably recommend use KeepAlive WILL anyway for the following reasons:
1. the overload caused by the GRE KeepAlive is quite small, it should not affect the ability to pass traffic
2. If you ever want to use tracking interface for roads or the static routes that you can interface WILL detect it descend as quickly as possible
I know that your IPSec device is separate, so I'd probably also enable KeepAlive on the IPSec tunnel as well.
-
Hello
I tried to set up the on ASA 5505-L2TP connection.
The phase 1 and Phase 2 are completed but Windows Client does not work.
This is the configuration:
Crypto ipsec transform-set L2TP-TS-SHA esp-3des esp-sha-hmac
Crypto ipsec transform-set transit mode L2TP-TS-SHADynamic crypto map VPNCLIENT 65535 value transform-set L2TP-TS-SHA
internal DefaultRAGroup group strategy
attributes of Group Policy DefaultRAGroup
value of server DNS 192.168.1.2 192.168.1.14
Protocol-tunnel-VPN IPSec l2tp ipsec
the address value VPNClient-pool poolsattributes global-tunnel-group DefaultRAGroup
address VPNClient-pool pool
Group Policy - by default-DefaultRAGroup
password-management
IPSec-attributes tunnel-group DefaultRAGroup
pre-shared-key *.
tunnel-group DefaultRAGroup ppp-attributes
ms-chap-v2 authenticationJournal:
dec 13 17:48:08 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, PHASE 2 COMPLETED (msgid = 00000002)
dec 13 17:48:08 [IKEv1]: rules of classification IKEQM_Active() Add L2TP: ip <195.234.233.126>mask <0xFFFFFFFF>port<15334>
dec 13 17:48:11 [IKEv1 DECODER]: IP = 195.234.233.126, IKE Responder starting QM: id msg = 00000003
dec 13 17:48:11 [IKEv1]: IP = 195.234.233.126, IKE_DECODE RECEIPT Message (msgid = 3) with payloads: HDR HASH (8) HIS (1) + (10) NUNCIO + ID (5) + ID (5) ++ NAT - OA (131) + NONE (0) overall length: 312
dec 13 17:48:11 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, processing hash payload
dec 13 17:48:11 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, SA payload processing
dec 13 17:48:11 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, nonce payload processing
dec 13 17:48:11 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, payload processing ID
dec 13 17:48:11 [IKEv1 DECODER]: Group = DefaultRAGroup, IP = 195.234.233.126, ID_IPV4_ADDR received ID
192.168.236.25
dec 13 17:48:11 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, data received in payload ID remote Proxy Host: address 195.234.233.126, Protocol 17, Port 0
dec 13 17:48:11 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, payload processing ID
dec 13 17:48:11 [IKEv1 DECODER]: Group = DefaultRAGroup, IP = 195.234.233.126, ID_IPV4_ADDR received ID
94.88.180.84
dec 13 17:48:11 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, data received in payload ID local Proxy Host: address 172.16.34.1, Protocol 17 Port 1701
dec 13 17:48:11 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, detected L2TP/IPSec session.
dec 13 17:48:11 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, payload NAT Original address of treatment
dec 13 17:48:11 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, QM IsRekeyed its already be regenerated
dec 13 17:48:11 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, error QM WSF (P2 struct & 0xd7f0b8d0, mess id 0x3)!
dec 13 17:48:11 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, case of mistaken IKE responder QM WSF (struct & 0xd7f0b8d0), 15334>0xFFFFFFFF>195.234.233.126>: QM_DONE EV_ERROR--> QM_BLD_MSG2 EV_IS_REKEY--> QM_BLD_MSG2, EV_CONFIRM_SA--> QM_BLD_MSG2, EV_PROC_MSG--> QM_BLD_MSG2, EV_HASH_OK--> QM_BLD_MSG2, NullEvent--> QM_BLD_MSG2, EV_COMP_HASH--> QM_BLD_MSG2, EV_VALIDATE_MSG
dec 13 17:48:11 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, sending clear/delete with the message of reason
dec 13 17:48:11 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, peer table correlator Removing failed, no match!
dec 13 17:48:12 [IKEv1 DECODER]: IP = 195.234.233.126, IKE Responder starting QM: id msg = 00000003
dec 13 17:48:12 [IKEv1]: IP = 195.234.233.126, IKE_DECODE RECEIPT Message (msgid = 3) with payloads: HDR HASH (8) HIS (1) + (10) NUNCIO + ID (5) + ID (5) ++ NAT - OA (131) + NONE (0) overall length: 312
dec 13 17:48:12 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, processing hash payload
dec 13 17:48:12 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, SA payload processing
dec 13 17:48:12 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, nonce payload processing
dec 13 17:48:12 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, payload processing ID
dec 13 17:48:12 [IKEv1 DECODER]: Group = DefaultRAGroup, IP = 195.234.233.126, ID_IPV4_ADDR received ID
192.168.236.25
dec 13 17:48:12 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, data received in payload ID remote Proxy Host: address 195.234.233.126, Protocol 17, Port 0
dec 13 17:48:12 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, payload processing ID
dec 13 17:48:12 [IKEv1 DECODER]: Group = DefaultRAGroup, IP = 195.234.233.126, ID_IPV4_ADDR received ID
94.88.180.84
dec 13 17:48:12 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, data received in payload ID local Proxy Host: address 172.16.34.1, Protocol 17 Port 1701
dec 13 17:48:12 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, detected L2TP/IPSec session.
dec 13 17:48:12 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, payload NAT Original address of treatment
dec 13 17:48:12 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, QM IsRekeyed its already be regenerated
dec 13 17:48:12 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, error QM WSF (P2 struct & 0xd8b55468, mess id 0x3)!
dec 13 17:48:12 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, case of mistaken IKE responder QM WSF (struct & 0xd8b55468), : QM_DONE EV_ERROR--> QM_BLD_MSG2 EV_IS_REKEY--> QM_BLD_MSG2, EV_CONFIRM_SA--> QM_BLD_MSG2, EV_PROC_MSG--> QM_BLD_MSG2, EV_HASH_OK--> QM_BLD_MSG2, NullEvent--> QM_BLD_MSG2, EV_COMP_HASH--> QM_BLD_MSG2, EV_VALIDATE_MSG
dec 13 17:48:12 [IKEv1 DEBUG]: Group = DefaultRAGroup, IP = 195.234.233.126, sending clear/delete with the message of reason
dec 13 17:48:12 [IKEv1]: Group = DefaultRAGroup, IP = 195.234.233.126, peer table correlator Removing failed, no match!Can someone help me pls?
Is behind a NAT device ASA? Also what version of the ASA are you running?
Also, make sure that the settings on the client are right according to this doc:
http://www.Cisco.com/en/us/products/ps6120/products_configuration_example09186a00807213a7.shtml
-
Intercept-dhcp works to tunnel L2TP through IPsec ASA?
Hello
Is there anyone in the world operating a tunnel L2TP through IPsec on Cisco ASA for the native Windows clients and a Tunnel Split Configuration fully functional?
I created a tunnel L2TP through IPsec on the ASA 5520 9.1 (6) Version of the software running. My configuration is:
mask 172.23.32.1 - 172.23.33.255 255.255.252.0 IP local pool VPN_Users
ROUTING_SPLIT list standard access allowed 192.168.0.0 255.255.0.0
ROUTING_SPLIT list standard access allowed 172.16.0.0 255.248.0.0Crypto ipsec transform-set esp-aes-256 WIN10, esp-sha-hmac ikev1
transport mode encryption ipsec transform-set WIN10 ikev1
Crypto ipsec transform-set esp-3des esp-sha-hmac WIN7 ikev1
Crypto ipsec transform-set transport WIN7 using ikev1
Dynamic crypto map DYNMAP 10 set transform-set WIN10 WIN7 ikev1
Crypto dynamic-map DYNMAP 10 the value reverse-road
card crypto CMAP 99-isakmp dynamic ipsec DYNMAP
CMAP interface ipsec crypto mapCrypto isakmp nat-traversal 29
crypto ISAKMP disconnect - notify
Ikev1 enable ipsec crypto
IKEv1 crypto policy 10
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
output
IKEv1 crypto policy 20
preshared authentication
3des encryption
sha hash
Group 2
life 86400
outputinternal EIK_USERS_RA group policy
EIK_USERS_RA group policy attributes
value of 12.34.56.7 DNS Server 12.34.56.8
VPN - connections 2
L2TP ipsec VPN-tunnel-Protocol ikev1
disable the password-storage
enable IP-comp
enable PFS
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list ROUTING_SPLIT
ad.NYME.Hu value by default-field
Intercept-dhcp enable
the authentication of the user activation
the address value VPN_Users pools
outputattributes global-tunnel-group DefaultRAGroup
authentication-server-group challenger
accounting-server-group challenger
Group Policy - by default-EIK_USERS_RA
IPSec-attributes tunnel-group DefaultRAGroup
IKEv1 pre-shared-key *.
tunnel-group DefaultRAGroup ppp-attributes
No chap authentication
no authentication ms-chap-v1
ms-chap-v2 authentication
outputNow, the native Windows clients can connect using this group of tunnel:
our - asa # show remote vpn-sessiondb
Session type: IKEv1 IPsec
User name: w10vpn Index: 1
Assigned IP: 172.23.32.2 public IP address: 12.34.56.9
Protocol: IKEv1 IPsecOverNatT L2TPOverIPsecOverNatT
License: Another VPN
Encryption: IKEv1: (1) 3DES IPsecOverNatT: (1) L2TPOverIPsecOverNatT AES256: (1) no
Hash: IKEv1: (1) IPsecOverNatT SHA1: (1) L2TPOverIPsecOverNatT SHA1: (1) no
TX Bytes: 1233 bytes Rx: 10698
Group Policy: Group EIK_USERS_RA Tunnel: DefaultRAGroup
Connect time: 15:12:29 UTC Friday, April 8, 2016
Duration: 0: 00: 01:00
Inactivity: 0 h: 00 m: 00s
Result of the NAC: unknown
Map VLANS: VLAN n/a: noHowever, real communication takes place above the tunnel if I 'Gateway on remote network use default'. If I disable this option among the preferences of the IPv4 of the virtual interface of VPN in Control Panel as described in the section 'Configuration of Tunnel of Split' of This DOCUMENT then Windows sends all packets through the channel, because it fails to extract from the ASA routing table. Split routing works perfectly when using legacy Cisco VPN Client with the same group policy, but does not work with L2TP over IPsec.
As far as I can see, the 'intercept-dhcp' option is inefficient somehow. I even managed to intercept packets of the PPP virtual machine Windows XP interface, and I saw that windows sends its DHCP INFORM requests, but the ASA does not. My question is why?
-J' made a mistake in the above configuration?
-Can there be one option somewhere else in my config running that defuses intercept-dhcp?
- Or is there a software bug in my version of firmware ASA? (BTW, I tried with several versions of different software without success?
Hi, I have the same problem you have, but I was lucky enough to be able to install version 9.2 (4) on which this feature works very well. I'm suspecting that it is a bug, but I need to dig a little deeper. If I find something interesting I'll share it here.
-
Hi all
I am setting up IPSEC tunnel GRE... I am able to get neighbors OSPF looked through the GRE tunnel, but when traffic is sent through the gre tunnel it does not encrypt and transmit through plaintext despite she buy from loopback interfaces
Here is my config
Config of R1
crypto ISAKMP policy 10
BA aes
preshared authentication
Group 5
test key crypto isakmp 192.168.1.2 addressCrypto ipsec transform-set test aes - esp esp-sha-hmac
test card crypto-address Ethernet0/0
test 10 map ipsec-isakmp crypto
defined peer 192.168.1.2
Set transform-set test
match address WILLGRE extended IP access list
allow gre 10.0.10.0 0.0.0.255 10.0.20.0 0.0.0.255interface Ethernet0/0
No switchport
IP 192.168.1.1 255.255.255.0
crypto map testinterface Loopback0
IP 10.0.10.1 255.255.255.0
IP ospf 1 zone 0Tunnel1 interface
10.0.100.2 IP address 255.255.255.0
IP ospf 1 zone 0
source of tunnel Ethernet0/0
tunnel destination 192.168.1.1
end-----------------------------------------------------------
R2 configcrypto ISAKMP policy 10
BA aes
preshared authentication
Group 5
test key crypto isakmp 192.168.1.1 address
!
!
Crypto ipsec transform-set test aes - esp esp-sha-hmac
!
!
!
test card crypto-address Ethernet0/0
test 10 map ipsec-isakmp crypto
defined peer 192.168.1.1
Set transform-set test
match address GR
!GR extended IP access list
allow gre 10.0.20.0 0.0.0.255 10.0.10.0 0.0.0.255interface Ethernet0/0
No switchport
IP 192.168.1.2 255.255.255.0
crypto map testinterface Loopback0
IP 10.0.20.1 255.255.255.0
IP ospf 1 zone 0Tunnel1 interface
10.0.100.1 IP address 255.255.255.0
IP ospf 1 zone 0
source of tunnel Ethernet0/0
tunnel destination 192.168.1.2
end-------------------------------------------
Hello
With p2p GRE over IPsec solution, all traffic between sites is encapsulated in a GRE p2p package before the process of encryption.
More info on this link:
http://www.Cisco.com/c/en/us/TD/docs/solutions/Enterprise/WAN_and_MAN/P2...
Kind regards
Aditya
Please evaluate the useful messages and mark the correct answers.
-
RunDLL - there was a problem starting c:\users\%USERNAME%
Former title: error
RunDLL - there was a problem starting c:\users\%USERNAME%\appdata\roaming\newnext.me\nengine.dll. The specified module could not be found.
This error always appears after I start my pc... Please helpHello
Here is the updated Windows 7 answer,
Google has little information about this file other than to suggest malicious software, so it's probably a left over Malware boot entry that was removed from your security programs.
Download, install, update and scan your system with the free version of Malwarebytes AntiMalware:
http://www.Malwarebytes.org/products/malwarebytes_free
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
If the problem persists after scanning, take these startup entries:
«How to use MSCONFIG in Windows 7»
http://netsquirrel.com/Msconfig/msconfig_win7.html
You can also use this free program to do, too:
"Autoruns for Windows V11.32"
http://TechNet.Microsoft.com/en-us/sysinternals/bb963902.aspx
See you soon.
-
How to solve a problem with my user account in Windows 7
I recently downloaded several drivers for Windows XP and I installed one or more of these factors so that I could transfer to a USB key to install on an XP laptop. I think that this may have damaged my user accounts. When I click on the images and music files, has more listed files. In addition, a second HARD drive installed on my Windows 7 CPU is no longer accessible after that I tried to fix. 2nd HARD drive was accessible in Windows Explorer, but my music application (iTunes) could not read the music library file (content in 1 disk HARD music folder) or he could access the music files and media.
After doing some research on this forum, I've decided that I have can I have inadvertently installed a trogan horse or a virus who disguised himself as a windows driver. I was downloading several drivers for an old laptop which comes, I reinstalled Windows XP and some I THINK drivers came from unofficial or Microsoft Web sites. I found under the credentials manager that a new profile has been created the day this problem is product called "virtualapp/didlogical" I'm obviously very concerned by this and not be able to access my music and photo files in my user profile. I can access the files (music, photos) if I do a search, but they are more related to my user account (i.e. the folder to see the music and pictures empty).Here's what I did: 1) I have done a full using Microsoft Security Essentials scan and the latest version of McAfee and no problems were detected, 2) I tried to change the permissions on the 2nd HARD drive and I don't even now to access the disk in Windows Explorer, 3) that I deleted the account virtualapp/didlogical in the credentials manager (4) I changed the password for my user account, which is default and administrator privileges.In my list of user account, there are 4 accounts or groups: authenticated users (I don't remember why it's here), SYSTEM ("'"), (MyUserName\Administrators) administrators, users (MyUserName\Users). I am running Windows 7 Home Premium SP1.(My questions are 1) what is the best way to correct the user account so that my music and photos are in the user accounts, files and 2) what happens if another remedy would be the community suggests to determine if I have a horse trogan or installed virus.Before you remove user or group accounts, or any other changes, I thought I'd see if anyone else has had this problem and what should I do if all the remedies have been used to solve problems.Any guidance or advice would be most appreciated. Thanks in advance!Hello
Thanks for posting to the wealth of information you did. To answer your questions, I recommend a person as follows:
(1) create a new user account, set up exactly as you wish. Then compare it to the existing and corrupt user account, the user account corrupted attachment according to the article: http://windows.microsoft.com/en-us/windows7/Fix-a-corrupted-user-profile.
(2) for the removal of malicious software that is not catch an antivirus application, I recommend two malware scanners:
Malwarebytes': http://www.softpedia.com/get/Antivirus/Malwarebytes-Anti-Malware.shtml ; and,
SuperAntiSpyware: http://download.cnet.com/SuperAntiSpyware-Free-Edition/3000-8022_4-10523889.html (use the link Direct download only).
Followed by two "second opinions" on the antivirus application (both are online scanners):
ESET Online Scanner: http://www.eset.com/us/online-scanner/ ; and,
TrendMicro: http://housecall.trendmicro.com/us/ .
Finally, if you think that there is participation of any browser that avast: http://download.cnet.com/Avast-Browser-Cleanup/3000-2144_4-75872295.html (only use the Direct download link).
These may be "canned" responses, but are they the measures legitimate, I take a poster through. Post your results here and let me know how you fare.
Kind regards
BearPup
-
Problem with IPSEC tunnel between Cisco PIX and Cisco ASA
Hi all!
Have a strange problem with one of our tunnel ipsec for one of our customers, we can open the tunnel of the customers of the site, but not from our site, don't understand what's wrong, if it would be a configuration problem should can we not all up the tunnel.
On our side as initiator:
Jan 14 13:53:26 172.27.1.254% PIX-7-702208: ISAKMP Phase 1 Exchange started (local 1.1.1.1 (initiator), remote 2.2.2.2)
Jan 14 13:53:26 172.27.1.254% PIX-7-702210: Exchange of ISAKMP Phase 1 is complete (local 1.1.1.1 (initiator), remote 2.2.2.2)
Jan 14 13:53:26 172.27.1.254% 6-PIX-602202: ISAKMP connected session (local 1.1.1.1 (initiator), remote 2.2.2.2)
Jan 14 13:53:26 172.27.1.254% PIX-6-602201: Phase 1 ISAKMP Security Association created (local 1.1.1.1/500 (initiator), 2.2.2.2/500 remotely, authentication = pre-action, encryption = 3DES-CBC, hash = SHA, group = 2, life = 86400 s)
Jan 14 13:53:26 172.27.1.254% PIX-7-702209: ISAKMP Phase 2 Exchange started (local 1.1.1.1 (initiator), remote 2.2.2.2)
Jan 14 13:53:26 172.27.1.254% PIX-7-702201: ISAKMP Phase 1 delete received (local 1.1.1.1 (initiator), remote 2.2.2.2)
Jan 14 13:53:26 172.27.1.254% PIX-6-602203: ISAKMP disconnected session (local 1.1.1.1 (initiator), remote 2.2.2.2)
Jan 14 13:53:56 172.27.1.254% PIX-7-702303: sa_request, CBC (MSG key in English) = 1.1.1.1, dest = 2.2.2.2, src_proxy = 172.27.1.10/255.255.255.255/0/0 (type = 1), dest_proxy = 192.168.100.18/255.255.255.255/0/0 (type = 1), Protocol is ESP transform = lifedur hmac-sha-esp, esp-3des 28800 = s and 4608000 Ko, spi = 0 x 0 (0), id_conn = 0, keysize = 0, flags = 0 x 4004
The site of the customer like an answering machine:
14 jan 11:58:23 172.27.1.254% PIX-7-702208: ISAKMP Phase 1 Exchange started (local 1.1.1.1 (answering machine), 2.2.2.2 remote)
14 jan 11:58:23 172.27.1.254% PIX-7-702210: Exchange of ISAKMP Phase 1 is complete (local 1.1.1.1 (answering machine), 2.2.2.2 remote)
14 jan 11:58:23 172.27.1.254% 6-PIX-602202: ISAKMP connected session (local 1.1.1.1 (answering machine), 2.2.2.2 remote)
14 jan 11:58:23 172.27.1.254% PIX-6-602201: Phase 1 ISAKMP Security Association created (local 1.1.1.1/500 (answering machine), distance 2.2.2.2/500, authentication = pre-action, encryption = 3DES-CBC, hash = MD5, group = 1, life = 86400 s)
14 jan 11:58:23 172.27.1.254% PIX-7-702209: ISAKMP Phase 2 Exchange started (local 1.1.1.1 (answering machine), 2.2.2.2 remote)
14 jan 11:58:23 172.27.1.254% PIX-6-602301: its created, (his) sa_dest = 2.2.2.2, sa_prot = 50, sa_spi = 0x9de820bd (2649235645) sa_trans = sa_conn_id of hmac-sha-esp, esp-3des = 116
14 jan 11:58:23 172.27.1.254% PIX-7-702211: Exchange of ISAKMP Phase 2 is complete (local 1.1.1.1 (answering machine), 2.2.2.2 remote)
Jan 14 12:28:54 172.27.1.254% PIX-6-602302: SA deletion, (his) sa_dest = 2.2.2.2, sa_prot = 50, sa_spi = 0x9de820bd (2649235645), sa_trans = esp-3desesp-sha-hmac, sa_conn_id = 116
Kind regards
Johan
From my experience when a tunnel is launched on one side, but it is not on the other hand, that the problem is with an inconsistency of the isakmp and ipsec policies, mainly as ipsec policies change sets and corresponding address with ASA platform when a tunnel is not a statically defined encryption card he sometimes use the dynamic tag to allocate this vpn connection. To check if this is the case go ahead and make a "crypto ipsec to show his" when the tunnel is active on both sides, see on the SAA if the corresponding tunnel is the static encryption card set or if it presents the dynamic encryption card.
I advise you to go to the settings on both sides and ensure that they are both in the opposite direction.
-
remote users access site ipsec tunnel
How to configure the ACL and the road to allow remote users access to site ipsec as local users?
Current scenario is
1. distance users (192.168.2.0/24) ipsec <->Cisco 870 (192.168.0.0/24)
(2 cisco 870(192.168.0.0/24) ipsec tunnel <->cisco 1811 (10.0.0.0/24)
Now remote users can access the 192.168.0.0 network, no problem, but how they can access 10.0.0.0 network?
I guess I can do like this:
1. in cisco 870, site to site ip 192.168.0.0 tunnel allow 0.0.0.255 10.0.0.0 0.0.0.255
(add) permit ip 192.168.2.0 0.0.0.255 10.0.0.0 0.0.0.255
2. in the site-to-site vpn cisco 1811
(add) permit ip 10.0.0.0 0.0.0.255 192.168.2.0 0.0.0.255
3. in settings vpn split cisco870 add the 10.0.0.0/24 network
Is this fair?
Thank you.
You must configure the interesting traffic that an ACL contains the source is remote destination as local LAN and LAN.
->-> -
Problems of IPSEC Tunnel &; Port fowarding
Hello
I have a couple of 837 routers connecting two sites using an IPSEC tunnel.
In one of the sites, I'm redirected to static NAT port to an internal IP address
That is to say.
IP nat inside source static tcp 192.168.57.100 3389 3389 Dialer0 interface
transmit to RDP from the internet to internal computer.
The user can access his computer when you use the public IP address, but if it attempts to access the other site using the internal LAN IP he can't
Any suggestions
Hello
Your config NAT 192.168.57.100 over the VPN tunnel as well. Two options for access to this IP address via VPN would be.
1.) use the IP NAT itself on the VPN tunnel working currently for you.
2.) use NAT policy so that the VPN tunnel traffic is exempt from NAT. In this case your NAT statement should look like this.
IP nat inside source static tcp 192.168.57.100 3389 3389 Dialer0 interface - card route
access-list 101 deny host ip 192.168.57.100
access-list 101 permit ip 192.168.57.100 host everything
permitted route map 10
corresponds to the IP 101
HTH
Kind regards
GE.
-
. On each startup, I get this message.
"There was a problem starting C:\Users\bulldog2u\AppData\Local\callBuilder\xBin\CallBuilder.dll.
Can someone tell me where to find this file?
Thank you - BULLDOG2U
BULLDOG2U wrote:
. On each startup, I get this message.
"There was a problem starting C:\Users\bulldog2u\AppData\Local\callBuilder\xBin\CallBuilder.dll.
Can someone tell me where to find this file?
Thank you - BULLDOG2U
You don't want in this file. Ads by Call Builder is malware that opens the ads on your computer. If you encounter this error, then it is likely that you have an antivirus/antimalware program which was removed from your computer, but left the startup item. More information on Call Builder, and how to remove can be found here.
To remove this item from your startup list, follow these steps:
System (Windows 7) Configuration utility
- In the start search box, type MSCONFIG and press ENTER.
- Click the Startup tab.
- Uncheck the items you want to run at startup.
- When you have finished your selections, click OK.
- In the box that appears, click on restart to restart your computer.
Maybe you are looking for
-
I'm in a loop - I open Firefox Home and click on addons and get a pop-up telling me I have to install Firefox. By clicking on this link gives me a link to download Firefox Home. That is what it is?
-
Ink Advantaje Deskjet 3545: printer does not detect the computer
When I try to scan something, the printer displays a message saying: "No found computer." Make sure that the printer software is installed on your computer, and that 'send to the computer' is enabled. But it is set up correctly, and when I print from
-
HO NEED DI SAPER SE POSSO AUSWECHSELN ALL'INTERNO DI a RAID5 UN HD SAS 2.5 GRIPS 10 k CON ONE ALTRO DA 15 K SENZA AVERE PROBLEMI. DELL T710 FYTHY4J SERVER HD ST9146803SS URGENTISSIMO
-
Access denied when accessing Windows 7 Windows XP share
I have a Windows 7 system that is in a workgroup. I shared the root of C with a share name of called CDrive. I am trying to access the share with a Windows XP system that is part of a domain. On the XP system command prompt, I call net use z: \\win
-
A user in domain local group administrators is not administrator rights
Trying to figure out what the problem is with the computer of a friend at work. When you connect as long as domain user that is part of the local Administrators group, the user looks like he doesn't have administrator rights. For example, they are un