RA-tunnel upward, but can not access to remote resources
The VPN client connects successfully to the PIX, but it does not appear that all traffic through the tunnel. There is a tunnel from site to site, which works very well, it's just the stuff of RA that doesn't. He had worked at some point and then stopped. This is a sanitized config:
:
6.3 (3) version PIX
interface ethernet0 car
interface ethernet1 100full
ethernet0 nameif outside security0
nameif ethernet1 inside the security100
activate the password *.
passwd *.
name of host depot-pix
domain.local domain name
fixup protocol dns-length maximum 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol 2000 skinny
No fixup not protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names of
name 2.2.2.2 cottage-pix
Server1 name 192.168.0.3
name 192.168.0.4 Server2
vpn ip 192.168.0.0 access list permit 255.255.255.0 192.168.10.0 255.255.255.0
vpn access list allow icmp a whole
vpn ip 192.168.0.0 access list permit 192.168.30.0 255.255.255.0 255.255.255.0 sign
access list permit ip 192.168.0.0 split tunnel 255.255.255.0 192.168.30.0 255.255.255.0
access-list acl_out permit icmp any one
acl_out tcp allowed access list any interface outside eq https
acl_out tcp allowed access list any interface outside eq 9333
pager lines 24
opening of session
monitor debug logging
debug logging in buffered memory
ICMP allow any inaccessible outside
Outside 1500 MTU
Within 1500 MTU
IP 1.2.3.4 address outside 255.255.255.248
IP address inside 192.168.0.1 255.255.255.0
alarm action IP verification of information
alarm action attack IP audit
IP local pool vpnPool 192.168.30.10 - 192.168.30.20
PDM logging 100 information
history of PDM activate
ARP timeout 14400
Global 1 interface (outside)
NAT (inside) 0-list of access vpn
NAT (inside) 1 0.0.0.0 0.0.0.0 0 0
public static tcp (indoor, outdoor) interface smtp server1 smtp netmask 255.255.255.255 0 0
public static tcp (indoor, outdoor) interface 5989 192.168.0.2 5989 netmask 255.255.255.255 0 0
public static tcp (indoor, outdoor) interface https server1 https netmask 255.255.255.255 0 0
public static tcp (indoor, outdoor) interface 9333 server2 9333 netmask 255.255.255.255 0 0
Access-group acl_out in interface outside
Route outside 0.0.0.0 0.0.0.0 1.2.3.5 1
Timeout xlate 0:05:00
Timeout conn 01:00 half-closed 0:10:00 udp 0: CPP 02:00 0:10:00 01:00 h225
H323 timeout 0:05:00 mgcp 0: sip from 05:00 0:30:00 sip_media 0:02:00
Timeout, uauth 0:05:00 absolute
GANYMEDE + Protocol Ganymede + AAA-server
RADIUS Protocol RADIUS AAA server
AAA-server local LOCAL Protocol
RADIUS protocol AAA-server raAuth
raAuth AAA-server (host server1 secretkey timeout 5 inside)
RADIUS protocol local AAA server
Enable http server
http 192.168.0.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
SNMP-Server Community public
No trap to activate snmp Server
enable floodguard
Permitted connection ipsec sysopt
Crypto ipsec transform-set strong esp-3des esp-sha-hmac
Crypto-map Dynamics 20 set transformation-strong dynMap
map OutsideMap 10 ipsec-isakmp crypto
card crypto OutsideMap 10 is the vpn address
card crypto OutsideMap 10 set counterpart cottage-pix
map OutsideMap 10 game of transformation-strong crypto
map OutsideMap 20-isakmp ipsec crypto dynamic dynMap
card crypto client OutsideMap of authentication raAuth
OutsideMap interface card crypto outside
ISAKMP allows outside
ISAKMP key * address cottage-pix netmask 255.255.255.255
ISAKMP nat-traversal 20
part of pre authentication ISAKMP policy 9
ISAKMP policy 9 3des encryption
ISAKMP policy 9 sha hash
9 1 ISAKMP policy group
ISAKMP policy 9 life 86400
part of pre authentication ISAKMP policy 20
ISAKMP policy 20 3des encryption
ISAKMP policy 20 chopping sha
20 2 ISAKMP policy group
ISAKMP duration strategy of life 20 86400
vpngroup address vpnPool pool remoteAccess
vpngroup dns-server server1 remoteAccess
vpngroup remoteAccess wins-server server1
vpngroup remoteAccess by default-field domain.local
vpngroup split-tunnel remoteAccess split tunnel
vpngroup idle time 1800 remoteAccess
remoteAccess vpngroup password *.
management-access inside
Console timeout 0
dhcpd outside auto_config
Terminal width 80
Cryptochecksum:9f8a7e0796962279858931db84e4e14a
: end
Hello
Want to send traffic destined to remote clients, through the tunnel from Site to Site.
The recommendation is to use a different ACL for nat0 and crypto ACL.
Federico.
Tags: Cisco Security
Similar Questions
-
Cisco vpn client to connect but can not access to the internal network
Hi all
I have a VPN configured on cisco 5540. My vpn was working fine, but suddenly there is a question that the cisco vpn client to connect but can not access to the internal network
Any help would be much appreciated.
Hi Samir,
I suggest that you go to the ASA and check the configuration to make sure that it complies with the requirements according to the reference below link:
http://www.Cisco.com/en/us/products/ps6120/products_configuration_example09186a00805734ae.shtml
(The link above includes split tunneling, but this is just an option.
Please paste the output of "sh cry ipsec his" here so that we can check if phase 2 is properly trained. I would say as you go to IPSEC vpn client on your PC and check increment in packets sent and received in the window 'status '.
Let me know if this can help,
See you soon,.
Christian V
-
share external hard drive
I am able to access my desktop to my laptop as part of a homegroup, but can not access the external hard drive that is attached to my office. I want to be able to back up my laptop hard disk external. Advice please.
geraintjo
I do not use homegroups, but 'true' to share, so I don't know how this is supposed to work with homegroups. But usually he should share a drive or folder, first before you can access it from another machine. (for example, click on the drive/folder properties and go to the sharing tab)
-
I have a cc has photoshop & lightroom, but can not access the mobile app for my ipad, I get a free 30-day trial?
Hi Michael,
Please try the below mentioned steps to activate Mobile with Lightroom.
- Kindly sign out and sign back into creative cloud on your machine: https://helpx.adobe.com/creative-cloud/kb/sign-in-out-creative-cloud-desktop-app.html
- Please also synchronize lightroom desktop and mobile with the steps mentioned in the link: using Adobe Photoshop Lightroom | Lightroom - computer desktop and sync Mobile app
Thank you
Atul Saini
-
Data on the iMac, but can not access the files.
Hi all
I have a iMac Core 2 Duo (3.33, 21.5 inches) since end 2009, running 10.6.8 Snow Leopard and I'm trying to recover some files that seem to be there, but I can not access it due to an update of the unfinished software.
A few years back, I tried the Mavericks update using an external hard drive as the boot drive (at that time there I ran 10.6.7 Lion), installation is never ending and I accidentally deleted this file to start on the outside, so I ended up coming back to his moose BONE, 10.6.8 Snow Leopard.
He seems to resemble a new install of Snow Leopard, except my old files (about 350 GB) still live on this subject, but I can not access all of the files, or does not even appear in the Finder.
Would appreciate any advice or tips on how to do to recover my invisible files. Thank you!
Do you see the drive in disk utility?
- Connect the external drive
- If it has external power supply, make sure that that is connected
- If the external hard drive has a power button, make sure that it is set to
- Goto docking station
- Click on finder
- Goto menu bar
- Click the menu go
- Choose utility
- Double-click disk utility
The drive will appear in the left column of the disk utility?
If the answer is Yes, if you click on the drive, and then click on check, what disk utility say?
-
Help me please how I can access my hotmail Inbox & have XP as my home page! I had initially here xp & Windows live came. Now I can not use
Windows messenger to come when I turn the computer every day. I have yahoo also & it comes automatically to every time.
Please explain to me in words VERY EASILY how to get back my XP! I'm on seizure meds that caused the loss short term memory & I'm unable to understand, unless it is explained to me very clearly.
Is there someone who can help me with this? All of this has caused me to be too stressed.
Please help, someone!
Help me please how I can access my hotmail Inbox & have XP as my home page! I had initially here xp & Windows live came. Now I can not use
Windows messenger to come when I turn the computer every day. I have yahoo also & it comes automatically to every time.
Please explain to me in words VERY EASILY how to get back my XP! I'm on seizure meds that caused the loss short term memory & I'm unable to understand, unless it is explained to me very clearly.
Is there someone who can help me with this? All of this has caused me to be too stressed.
Please help, someone!
Windows XP is an operating system, Windows Live is a bunch of application programs; It is not an operating system and you can not run it * instead * of XP.
So if you run Windows Live, it is running * under * Windeows XP operating system. You can't get XP back because he has not disappeared.
You say that you have uninstalled Windows Live, but it doesn't sound like you did. Please tell us exactly how you did.
-
Can see, but can not access, photos of iPhotos migrate Photos for Mac
Hello
I transferred my my former (white) mac's iPhoto library to my new Macbook Air. I now see my iPhotos on Photos of Mac, but I'm unable to export or share (nothing happens if I click on these options), or even copy and paste. If I try to contact by e-mail or page that they do not appear on my photos via the Finder (but I can see more recent pictures no iPhotos initially). So basically I can see them, but can do something with them.
Everyone knows about this problem?
If this does not occur, my only thought as to what this may be the case is due to an error in the migration? I have now installed Library upgrade on my new Mac (I think I was already use when migrating on the old Mac but don't remember the details), but so that he can see my iPhotos library, it is grayed out, so I can't try and apply the upgrade to the library via new Mac. So I'm stuck again. (if it's the solution, I'm not sure it's..)
Does anyone have any ideas what is the problem and how to fix? Where is possible it's just a failure of Apple/iphotos old photos have no Photos for Mac features?
Thank you!!
It certainly has the feature.
Have you tried to repair the library: back to the top and then press the command and option (or alt) keys all by launching Photos. The dialog that allows you to rebuild.
-
All the USB key drive and thumb may be to detect but can not access.
The thumb drive and USB key can be detected and shown in my computer window but I can't access the drive. He continues to show access is denied, I try to run the troubleshooting and saying "hardware changes would have been unable to detect. Can someone help me find a solution to this problem?
Hello Lawrence,.
Please keep us informed of the issue and I apologize for the inconvenience you encountered in the link. Please refer to the link below and check if it works:
Thank you. -
Windows xp starts, but can not access to all programs
I have 4 users with admin capabilities on my Winows XP system. I am the main user/administrator. Windows XP will start and open, but on my side of the score of 'user', some Windows applications don't open with icons appearing on the taskbar of lower start-up. By clicking on any of my desktop icons "shortcut" to open the box with "Choose the program you want to use to open this program" no response, when you select the applicable program. Open the control panel and clicking on an icon brings up the tab: "C:\Windows\System32\rundll.exe application not found. When I open one of the other 3 users, I have windows total access to applications. Why this problem only happening with my score "user"?
You will appreciate all the advice. I have Windows XP Professional Service Pack 3. Thank you very much.
You can spend a lot of time trying to find and fix the problem, but since it only affects a single user, then that narrows it down to a problem of user profile. The fastest way to recover is simply to create a new user and copy your old stuff to the new user profile. Just follow the instructions below, claiming that your current connection is damaged...
"How to recover damaged Windows XP user profile"
<>http://support.Microsoft.com/kb/555473 >HTH,
JW -
Buy Windows 7 from MS Store, but can not access account with gmail login
Buy Windows 7 from MS Store - used my gmail account. Received my acknowledgement in the gmail account. Download link takes me to store - does not login gmail, my live ID says I have not bought anything, so I can't download. I am tempted to cancel order - but of course he can't find it! I knew I should have bought clips!
* original title - bought windows 7 using a gmail account, cannot access download - MS strikes again *.
So, how did you make the purchase in the first place with a Gmail account? I suggest that you try to contact the Microsoft Store for assistance:
Microsoft Store: contact us -
I want to delete my browsing history, but can not access to the Firefox window.
My Firefox has been implemented by a COMPUTER technician to take me directly to ATT/Yahoo email. I can't clear the history, or access a Firefox screen to define who, according to the tutorial.
How do I do that in my configuration? What I'm trying to takes me to Att/Yahoo.
Make sure that you are not Firefox running in permanent private browsing mode (don't remember history).
- Tools > Options > privacy > Firefox will be: "use the custom settings for history".
- Uncheck the box: [] "always use the navigation mode private.
- Press the F10 key or press the Alt key to bring up the hidden menu bar.
You can attach a screenshot?
- http://en.Wikipedia.org/wiki/screenshot
- https://support.Mozilla.org/KB/how-do-i-create-screenshot-my-problem
Use a type of compressed as PNG or JPG image to save the screenshot.
-
Receipt used iPhone 5 as a gift, but can not access iCloud account to clear the phone.
Hey Apple community. I recently got old iPhone to my uncle 5 as a replacement for mine, but he still all of its data on this subject. The email associated with the account is no longer active, he does not remember the password or the answers to security questions. I have no way to remove the phone bill, or in any case to disable find my iPhone so that I can factory restore. What should I do? Is there anyway to use my new iPhone? I would like to give any info that I can to be able to use my new phone. Thank you!
Tell him to contact the account of Apple security team or with her and his original receipt to a physical Store. If none of these methods work, you will not be able to use the iPhone.
(139031)
-
I see my file, but can not access!
All sorting photos in Windows 7 Pro, file my images suddenly disappeared. Found in the sites indexed, click ok, but it did not reappear in the Explorer.
How can I get that file back where it belongs?
Thank you.
I'm not sure what you mean by the box "indexed locations", but if you mean that box "search programs and files" that appears when you click the ORB start, enter "My pictures" it will not be what you want.
Click the start ORB, look at the right column. Different people have different items here, so you will have all of the following characteristics - or you can have others who are not displayed:
If 'Images' will appear in your Start menu, what happens when you click on it?
If 'Pictures' do not appear in your Start menu, but 'Computer' is the case, click on "Computer" and you should see something like this:
You see "libraries"? Assuming that you do not see 'Libraries' If you do not see the list below (as above), click on the small arrow to the left of "libraries". Is 'Photos' in this list?
If not, right-click 'Libraries' and select 'Restore default libraries'.
-
Database to the top, but can not access Enterprise Manager or APEX Login
Newbie here so sorry if it's simple.
I have already searched the forums and tried to do what is recommended and still have a problem.
I am running Enterprise 10.2 on a virtual machine from windows XP. It has been working well for some time.
I restarted the VM without stopping the DB. When it has restarted the database is in place and I can run queries using SQLplus. However I can't load all services via a web page, for example. Enterprise Manager, APEX connection... Also, I can't make a connection using SQL Developer. These were all working well before.
I already searched these forums and some people have had similar problems when running 10.2 on a virtual machine and it's the listener who has a problem...
I deleted and reinstalled the listener with Net Configuration Wizard and restarted the DB, but that did not help.
Here are the results when I use tnsping. Any advice would be really appreciated! Thank you!
C:\Documents and Settings\XPMUser > tnsping orcl
AMT Ping Utility for 32-bit Windows: Version 10.2.0.3.0 - Production 18-APR-2
010 01:07:18
Copyright (c) 1997, 2006, Oracle. All rights reserved.
Use settings files:
C:\oracle\product\10.2.0\db_1\network\admin\sqlnet.ora
TNSNAMES adapter used to resolve the alias
Try to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = localhos)
(t) (PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = orcl)))
OK (20 ms)>
I set the ORACLE_HOME, but I still get the same error 3 when I try to start the DBconsole.I don't know what you mean by which OS is the owner of the tree of Oracle software. It's a virtual machine with a single user XPMuser.
Thanks for the help underway...
>Maybe it's time that you re-set up DB control.
emca -config dbcontrol db -repos recreateKind regards
Phiri -
I downloaded Google Editor to help me transfer the code on my site, but can not access Google Editor
I am trying to transfer the code HTML in Google Editor (which suggests Google) to insert the Adsense code in my Web site. I went through all the instructions from Google, I then downloaded Google Editor and he tells you to go to file, then preview, then publish, but it doesn't have a preview or publish button under FILE? What I am doing wrong?
Thank you.
D wood
Hello
The question you have posted is better suited in the Google Support Forums. Please visit the link below for any further assistance.
Maybe you are looking for
-
I have an iMac (early 2013 21.5 inch 8 GB) which stops and then restarts unexpectedly often more than once a day. I ran the diagnostics of material, check the permissions and disk. All are no problem. Any suggestions? I bought this machine this June
-
How to transfer apps from an iPhone 4 on the iPhone 6?
Can I sync with my iPhone 4 with my MacBook Air, then sync them to iPhone 6 thereafter?
-
Question about updating drivers for Tecra A9
Hello I noticed that support Toshiba updates drivers for Tecra A9 very slowly even if they introduce important features. For example, the display driver for 965 graphics worm 15 is much better than 14 worm distributed by Toshiba. I know that pilots a
-
I recently got new hardware,Radeon HD 6950 video cardCorsair Dominator GT DDR3 4 GB to PC15000MSI P67A-GD65 MotherboardIntel i5 processor I installed everything on the disk, but when I went into my browser I instantly BSOD Multiple_IRP_REQUESTS_COMPL
-
I need a help I want a sound driver for my desktop OPTIPLEX 780 - 8-64-bit operating system windows. Thank you