RV082 - cannot VPN over subnet 2

I enabled Multiple on a RV082 subnet option. VPN works on the subnet but not on subnet 2. I use the Shrew Soft VPN client.

Any help would be really appreciated.

Thank you

Hi Shaamcisco,

Please follow these steps:

Step 1: I guess you have already add subnet extra if not just add it in the Setup--> network and then add additional subnet and for better application for the subnet better having like this example if you have the default network 192.168.1.1/24 Add second subnet 192.168.2.1/24 in this case in the VPN setup we can make the summary of subnet and is 192.168.0.0/16 class B and all the PC connected to the router should have Gateway 192.168.1.1 or 192.168.2.1 in my example of course

Step 2: Under VPN--> Summary--> Edit the old configuration for VPN client and change of the LAN 192.168.0.0 mask 255.255.0.0

Step 3: on the Shrew VPN also under policy--> remote network resource change to 192.168.0.0 255.255.0.0

with this client configuration can have access to these two subnet and if you want to restrict certain client to access a subnet just change the policy on the ShrewVPN of one of the subnet

Please rate this post or marked as replied to help other customers of Cisco

Greetings

Mehdi

Tags: Cisco Support

Similar Questions

Site to Site VPN - cannot ping remote subnet

Hi all.

I have a site to site VPN IPSEC between a 5510 (HQ) and 5505 (Remote). Everything works on the tunnel. Crypto cards and ACL is symmetrical. I see that the tunnel is in place for the required subnets. However, I can not ping of internal subnets inside 5510 to Remote LAN inside 5505 and vice versa. I have other rays VPN 5510 where I can ping within remote LAN successfully x.x.x.x. Can figure out what I'm missing. I can ping internet points, but cannot ping HQ.

Any suggestions?

I'm also an instant learn the ASAs, so I'm not an expert. I know that I encouraged outside ICMP. My statement SHEEP and crypto are running off of the same group of objects that lists subnets of HQ.

Thanks in advance.

5505 lack the command:

management-access inside

Federico.

AnyConnect VPN users cannot access remote subnets?

I googled this until blue in the face without result. I don't understand why Cisco this so difficult? When clients connect to the anyconnect vpn, they can access the local subnet, but cannot access the resources in remote offices. What should I do to allow my anyconnect vpn clients access to my remote sites?

Cisco 5510 8.4

Hello

What are remote sites using as Internet gateway? Their default route here leads to the ASA or have their own Internet gateway? If they use this ASA for their Internet connection while they should already have a default route that leads traffic to the VPN to the pool, even if they had no specific route for the VPN itself pool. If they use their own local Internet gateway and the default route is not directed to this ASA then you would naturally have a route on the remote site (and anything in between) indicating the remote site where to join the pool of 10.10.224.0/24 VPN network.

In addition to routing, you must have configured for each remote site and the VPN pool NAT0

Just a simple example of NAT0 configuration for 4 networks behind the ASA and simple VPN field might look like this

object-group network to REMOTE SITES

object-network 10.10.10.0 255.255.255.0

object-network 10.10.20.0 255.255.255.0

object-network 10.10.30.0 255.255.255.0

object-network 10.10.40.0 255.255.255.0

network of the VPN-POOL object

10.10.224.0 subnet 255.255.255.0

NAT static destination DISTANCE-SITES SITES source (indoor, outdoor) REMOTE static VPN-VPN-POOL

The above of course assumes that the remote site are located behind the interface 'inside' (although some networks, MPLS) and naturally also the remote site networks are made for the sake of examples.

Since you are using Full Tunnel VPN should be no problem to the user VPN transfer traffic to this ASA in question.

My first things to check would be configuring NAT0 on the ASA and routing between remote sites and this ASA (regarding to reach the VPN pool, not the ASA network IP address)

Are you sure that the configuration above is related to this? Its my understanding that AnyConnect uses only IKEv2 and the foregoing is strictly defined for IKEv1?

-Jouni

ASA VPN connection cannot see all subnets

I'm new to the ASA and I have a problem with our remote users. When people access vpn, they don't see a couple subnets on the network. I looked at the ASA and he can see and communicate with subnets, but when you vpn in them is not reachable. All these connections are connections from admin to admin privlages. Anyone know why the ASA can see subnets, but the admin vpn users cannot?

You compare your ACL split tunnel and your table routing, but only for networks that are relevant to you and you must have access to and are not outside the old configuration. You should also ensure that these networks can route traffic from the pool of vpn.

Can't access secondary VPN client subnet

Please can someone help with the following: I have an ASA 5510 performer v8.4 9 (3) and setup a remote user VPN using the v5.0.07.0410 of customer Cisco VPN which is working apart from the fact that I can not access resources on secondary subnet.

The configuration is the following:

ASA inside the interface on 192.168.10.240

VPN clients on 192.168.254.x

I can access reources on the 192.168.10 subnet but not no matter what other subnets internally, I need to specifically allow access to the 192.168.20 subnet, but I cannot figure out how to do advise please, the config is lower to: -.

Output from the command: 'show startup-config '.

!
ASA 3,0000 Version 9
!
blank host name
domain name

activate the encrypted password
encrypted passwd
names of
DNS-guard
!
interface Ethernet0/0
nameif outside
security-level 0
IP 255.255.255.224
!
interface Ethernet0/1
nameif inside
security-level 100
IP 192.168.10.240 255.255.255.0
!
interface Ethernet0/2
nameif DMZ
security-level 50
IP 10.10.10.253 255.255.255.0
!
interface Ethernet0/3
Shutdown
No nameif
no level of security
no ip address
!
interface Management0/0
nameif management
security-level 100
IP 192.168.1.1 255.255.255.0
management only
!
boot system Disk0: / asa843-9 - k8.bin
boot system Disk0: / asa823 - k8.bin
passive FTP mode
clock timezone GMT/UTC 0
summer time clock GMT/BDT recurring last Sun Mar 01:00 last Sun Oct 02:00
DNS domain-lookup outside
DNS lookup field inside
DNS server-group DefaultDNS
Server name 194.168.4.123
Server name 194.168.8.123
domain nifcoeu.com
network object obj - 192.168.0.0
192.168.0.0 subnet 255.255.255.0
network object obj - 192.168.5.0
192.168.5.0 subnet 255.255.255.0
network object obj - 192.168.10.0
192.168.10.0 subnet 255.255.255.0
network object obj - 192.168.100.0
255.255.255.0 subnet 192.168.100.0
network object obj - 192.168.254.0
192.168.254.0 subnet 255.255.255.0
network object obj - 192.168.20.1
Host 192.168.20.1
network obj_any object
subnet 0.0.0.0 0.0.0.0
network obj_any-01 object
subnet 0.0.0.0 0.0.0.0
network object obj - 0.0.0.0
host 0.0.0.0
object network obj_any-02
subnet 0.0.0.0 0.0.0.0
network object obj - 10.10.10.1
host 10.10.10.1
obj_any-03 network object
subnet 0.0.0.0 0.0.0.0
object network obj_any-04
subnet 0.0.0.0 0.0.0.0
object network obj_any-05
subnet 0.0.0.0 0.0.0.0
network of the NS1000_EXT object
Home 80.4.146.133
network of the NS1000_INT object
Host 192.168.20.1
network of the SIP_REGISTRAR object
Home 83.245.6.81
service of the SIP_INIT_TCP object
SIP, service tcp destination eq
service of the SIP_INIT_UDP object
SIP, service udp destination eq
network of the NS1000_DSP object
192.168.20.2 home
network of the SIP_VOICE_CHANNEL object
Home 83.245.6.82
service of the DSP_UDP object
destination udp 6000 40000 service range
service of the DSP_TCP object
destination tcp 6000 40000 service range
network 20_range_subnet object
subnet 192.168.20.0 255.255.255.0
subnet of voice Description
network 25_range_Subnet object
255.255.255.0 subnet 192.168.25.0
PC devices customer Description VLAN 25
the ISP_NAT object-group network
object-group Protocol TCPUDP
object-protocol udp
object-tcp protocol
object-group service SIP_INIT tcp - udp
port-object eq sip
object-group service DSP_TCP_UDP tcp - udp
6000-40000 object-port Beach
permit inside_nat0_outbound to access extended list ip 192.168.10.0 255.255.255.0 192.168.254.0 255.255.255.0
inside_nat0_outbound list extended access allowed object 20_range_subnet 192.168.254.0 ip 255.255.255.0
standard VPN_splitTunnelAcl-Remote Access-list allowed 192.168.10.0 255.255.255.0
standard VPN_splitTunnelAcl-Remote Access-list allowed 192.168.20.0 255.255.255.0
access-list 100 extended allow object object-group TCPUDP object SIP_REGISTRAR NS1000_INT SIP_INIT object-group
access-list 100 extended allow object object-group TCPUDP object SIP_VOICE_CHANNEL NS1000_DSP DSP_TCP_UDP object-group
access-list extended 100 permit ip 62.255.171.0 255.255.255.224 all
access-list 100 extended allow icmp from any echo-answer idle
access-list extended 100 permit icmp any one has exceeded the idle time
access-list extended 100 allow all unreachable icmp inactive
access-list extended 100 permit tcp any host 10.10.10.1 eq ftp
access-list extended 100 permit tcp any host 10.10.10.1 eq ftp - data
pager lines 24
Enable logging
asdm of logging of information
Outside 1500 MTU
Within 1500 MTU
MTU 1500 DMZ
management of MTU 1500
192.168.254.1 mask - local 192.168.254.254 pool Pool VPN IP 255.255.255.0
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 647.bin
enable ASDM history
ARP timeout 14400
NAT (inside, all) source static obj - 192.168.0.0 obj - 192.168.0.0 destination static obj - 192.168.5.0 obj - 192.168.5.0 non-proxy-arp-search to itinerary
NAT (inside, all) source static obj - 192.168.10.0 obj - 192.168.10.0 destination static obj - 192.168.100.0 obj - 192.168.100.0 non-proxy-arp-search to itinerary
NAT (inside, all) source static obj - 192.168.10.0 obj - 192.168.10.0 destination static obj - 192.168.254.0 obj - 192.168.254.0 no-proxy-arp-search to itinerary
NAT (exterior, Interior) static source SIP_REGISTRAR destination interface static NS1000_INT service SIP_INIT_TCP SIP_INIT_TCP SIP_REGISTRAR
NAT (exterior, Interior) static source SIP_REGISTRAR destination interface static NS1000_INT service SIP_INIT_UDP SIP_INIT_UDP SIP_REGISTRAR
!
network obj_any object
NAT dynamic interface (indoor, outdoor)
network obj_any-01 object
NAT (inside, outside) dynamic obj - 0.0.0.0
object network obj_any-02
NAT (inside DMZ) dynamic obj - 0.0.0.0
network object obj - 10.10.10.1
NAT (DMZ, outside) static 80.4.146.134
obj_any-03 network object
NAT (DMZ, outside) dynamic obj - 0.0.0.0
object network obj_any-04
NAT (management, outside) dynamic obj - 0.0.0.0
object network obj_any-05
NAT (management, DMZ) dynamic obj - 0.0.0.0
Access-group 100 in external interface
Route outside 0.0.0.0 0.0.0.0 80.4.146.129 1
Route inside 192.168.20.0 255.255.255.0 192.168.10.254 1
Route inside 192.168.25.0 255.255.255.0 192.168.10.254 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
the ssh LOCAL console AAA authentication
Enable http server
http 192.168.1.0 255.255.255.0 management
http 192.168.10.0 255.255.255.0 inside
http 192.168.25.0 255.255.255.0 inside
http 62.255.171.0 255.255.255.224 outside
http 192.168.254.0 255.255.255.0 outside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac
Dynamic crypto map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 define ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
outside_map interface card crypto outside
Crypto ca trustpoint ASDM_TrustPoint0
registration auto
name of the object CN =

Configure CRL
Crypto ca trustpoint _SmartCallHome_ServerCA
Configure CRL
string encryption ca ASDM_TrustPoint0 certificates
certificate 2f0e024d

quit smoking
Crypto ca certificate chain _SmartCallHome_ServerCA
certificate ca 6ecc7aa5a7032009b8cebcf4e952d491

quit smoking
crypto isakmp identity address
Crypto ikev1 allow outside
IKEv1 crypto policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
Telnet 192.168.1.0 255.255.255.0 management
Telnet timeout 5
SSH 62.255.171.0 255.255.255.224 outside
SSH 192.168.254.0 255.255.255.0 outside
SSH 192.168.10.0 255.255.255.0 inside
SSH 192.168.25.0 255.255.255.0 inside
SSH timeout 5
SSH version 2
Console timeout 0
VPN-sessiondb max-other-vpn-limit 250
VPN-sessiondb 2 max-anyconnect-premium-or-essentials-limit
management of 192.168.1.2 - dhcpd address 192.168.1.254
enable dhcpd management
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
prefer NTP server 192.168.10.6 source inside
WebVPN
internal group to distance-VPN strategy
attributes of group to VPN remote policy
value of server WINS 192.168.10.21 192.168.10.22
value of server DNS 192.168.10.21 192.168.10.22
Ikev1 VPN-tunnel-Protocol
Split-tunnel-policy tunnelspecified
Split-tunnel-network-list value Remote-VPN_splitTunnelAcl
value by default-field
username empty empty encrypted password privilege 0
user name empty attributes
VPN-VPN-remote group policy
username empty encrypted password privilege 0
user name empty attributes
VPN-VPN-remote group policy
type tunnel-group to distance-VPN remote access
global-tunnel-group attributes to remote VPN
address pool VPN-pool
strategy of group - by default - remote-VPN
remote VPN-ipsec-attributes tunnel-group
IKEv1 pre-shared-key *.
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the netbios
inspect the tftp
Review the ip options
inspect the sip
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
call-home
contact-email-addr

Profile of CiscoTAC-1
http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address
email address of destination [email protected] / * /
destination-mode http transport
Subscribe to alert-group diagnosis
Subscribe to alert-group environment
Subscribe to alert-group monthly periodic inventory
monthly periodicals to subscribe to alert-group configuration
daily periodic subscribe to alert-group telemetry
Cryptochecksum:b8263c5aa7a6a4d9cb08368c042ea236

Hi Simon,.

Please try this and let me know.

NAT (inside, all) source 20_range_subnet destination 20_range_subnet static static obj - 192.168.254.0 obj - 192.168.254.0

Let me know, if this can help.

Thank you

Rizwan James

LaserJet professional M1217 nf: cannot scan over network with a printer laserjet 1217 on a Mac

Hello

My set up:

Mac with Yosemite

LaserJet M1217 more wireless

Description of the problem:

I can't scan. Preview, the control panel or image capture, I get the same error saying "cannot open a session.

I have installed and reinstalled the drivers/printer about 100 times.

I tried to add the printer/scanner like airprint, or with the name of the printer as a proposed post.

Just what causes the same error.

I have the 2.0 version of the driver installed right now. Tried with 1.7, same result.

I can print without problem since my Mac and my iPad.

Tried it with an ethernet cable and have the same problem in case someone ask.

I looked all over google and doesn't seem like someone else has the same problem? Many people have problems printing over wireless, but it's ok for me. Is the scan, I can't go to work.

Pages of HP does not offer any other driver which has of the Yosemite. HP offers no additional program for Mac and scan.

Don't know what else to try.

Little help? Anyone?

Thanks Geminy02,

Unfortunately, your suggestions did not help, and I have a few comments about them.
First of all, your suggestion about the router was the problem is quite impossible, as you will need to check if the ports are open only in the case we're talking about two different network segments. If you have your printer and your computer in the same segment you will have problems of ports.
Second: if I would have chosen IP protocol to add my printer, I wouldn't take the option scan, as you said, which means I could not done any tests that I mentioned in my original post, and I would never have had to the point of getting the error message.
Thirdly: the drivers that you MENTION for download are exactly the same as you get with yosemite, so, this could help to reinstall the driver, it's kind of a long shot (and yes I tried).

In fact, I managed to solve my problem by doing a factory reset of the printer, any sign of a printer in my computer, cleaning and reinstall the printer using the airprint driver suggested by yosemite where to find my bounjur printer.

I tried ro think what could be the reason, or to see all what I had changed, and the only thing I've seen different in the configuration before and after he started to work was the name of the printer. When it did not work my printer was called simply "printer", when he was working he was the full name that comes by default. It would be very strange, that this is the reason, but I just mention it here just in case someone read. I believe that the factory reset was the difficulty, not the configuration itself.

Just for the other readers, I can confirm that this unit can print and scan over my wiresless and cable network on yosemite, with the help of preview, capture image or scan property in the control panel. It took me several hours to make it work, but it does, and my best friend was all the time the printers web page, where you can change the configuration of the printer.

Cannot VPN in the network through PIX501

I have a pix 501 at home. When I try to VPN in our network via the VPN client I get authenticated but can't seem to our internal network. When I use my router netgear instead of the PIX I can VPN in and outside the internal network. Do I have to open some ports (if if ports) on the PIX or I have to change some configuration on the VPN client.

The problem is the PIX does not support IPSec, and PAT up 6.3 code coming out next year. Your VPN tunnel is based on UDP port 500 packets, which the PIX can PAT correctly. After that, all your packages are packages ESP, which is the IP 50 protocol which the PIX cannot PAT. If you have a second IP address from your ISP, you can create a static NAT translation in the PIX for your home PC and it works correctly.

Alternatively, if your VPN client supports IPSec encapsulation somehow in the TCP or UDP packets, then use it and it will work very well also.

Cannot access the subnet

Hello, new to ASA

On a v7.2 (4) ASA5505, trying to allow traffic between two LANs.

I have the local network 192.168.1.0 and 192.168.2.0 subnet behind another router. I also VPN IPsec on the safety device.

When I connect a computer to the internet in the first network (192.168.1.0) using the ASA, this computer lost connection to the subnet (192.168.2.0). The ASA blocks all traffic through the network.

I applied the same-security-traffic permit intra-interface command. I also applied the command

inside_nat0_outbound to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.2.0 255.255.255.0 and added the static route: route inside 192.168.2.0 255.255.255.0 192.168.1.254 1, but nothing works.

When I ICMP echo, the Nat is declining the package requested.

The output of packet tracer is as follows:

Flow-Lookup enabled

Authorized route search

Authorized access list

IP-Options allowed

Inspect the permit

NAT-free license

NAT enabled

NAT enabled

Home-limit

NAT denied

The package was abandoned by NAT, and the same goes for the port 3389 (remote desktop).

Thank you in advance.

If you try to ping hair traffic inside the interface?

In general, it is not advisable. If the traffic must be routed before the ASA please make sure the router RTR traffic on one subnet to another. The ASA has no need to see the traffic that goes from inside to inside.

Now if you still insist on the fact that you can try to put in the translations for the CBC and the destination. In other words you need identity convert the 192.168.1.0/24 and 192.168.2.0/24. Are you nat exempting a sense but not the back.

You can try

inside_nat0_outbound to access ip 192.168.1.0 scope list allow 255.255.255.0 192.168.2.0 255.255.255.0

inside_nat0_outbound to access extended list ip 192.168.2.0 allow 255.255.255.0 192.168.1.0 255.255.255.0

And then you can run a trace of package again to see if it fails or not.

I hope it helps.

PK

Access VPN DMZ subnet

I need allow users of our subnet VPN access to a Web server on our DMZ.

Both the inbound ACL is correct, but I'm not sure of what would be the translation.

Our VPN subnet is 172.16.140.0/24 and our DMZ is 172.16.110.0/24

Any help would be appreciated. BTW, it's an ASA5510

access-list no.-NAT-DMZ scope ip 172.16.110.0 allow 255.255.255.0 172.16.140.0 255.255.255.0

NAT (DMZ) access-list no.-Nat-DMZ

You had the acl above in your acl No. - Nat, but is exonerated for the inside interface nat. The LCD will never match. If you simply need to create an exemption for the DMZ with the acl nat appropriate.

CISCO easy VPN & local subnets

Easyvpn Installer based on http://www.cisco.com/en/US/products/sw/secursw/ps5318/products_configuration_example09186a00806ad10e.shtml

core1 #sh passage int fa0/0

Building configuration...

Current configuration: 303 bytes

!

interface FastEthernet0/0

Description _WAN_INTERFACE_

004f.620a.8771 Mac address

IP 10.74.17.254 255.255.240.0

no ip redirection

no ip unreachable

no ip proxy-arp

NAT outside IP

IP virtual-reassembly

route IP cache flow

automatic duplex

automatic speed

No cdp enable

card crypto VPNMAP1

end

#sh core1 run int fa0/1.1

Building configuration...

Current configuration: 294 bytes

!

interface FastEthernet0/1.1

Description Native_VLAN_1

encapsulation dot1Q 1 native

IP 192.168.40.101 255.255.255.0

IP helper 192.168.40.210

NBAR IP protocol discovery

IP nat inside

IP virtual-reassembly

no ip mroute-cache

entry of service-policy DROP_ONLINE_MOVIES

end

#sh core1 run int fa0/1.50

Building configuration...

Current configuration: 137 bytes

!

interface FastEthernet0/1.50

encapsulation dot1Q 50

192.168.50.1 IP address 255.255.255.0

IP nat inside

IP virtual-reassembly

end

core1 #sh ip int br | UNAs Exc

Interface IP-Address OK? Method State Protocol

FastEthernet0/0 10.74.17.254 YES NVRAM up up

FastEthernet0/1.1 192.168.40.101 YES NVRAM up up

FastEthernet0/1.20 192.168.20.1 YES NVRAM up up

FastEthernet0/1.50 192.168.50.1 YES NVRAM up up

FastEthernet0/1.82 192.168.82.1 YES NVRAM up up

Gateway of last resort is 10.74.16.254 to network 0.0.0.0

C 192.168.40.0/24 is directly connected, FastEthernet0/1.1

192.168.80.0/32 is divided into subnets, subnets 1

S 192.168.80.5 [1/0] via 195.212.29.188

C 192.168.20.0 is directly connected, FastEthernet0/1.20

10.0.0.0/8 is variably divided into subnets, 3 subnets, 3 masks

S 10.10.1.0/31 is directly connected, FastEthernet0/1.1

C 10.10.10.0/24 is directly connected, FastEthernet0/1.10

C 10.74.16.0/20 is directly connected, FastEthernet0/0

S 192.168.0.0/24 is directly connected, FastEthernet0/1.1

C 192.168.50.0/24 is directly connected, FastEthernet0/1.50

S * 0.0.0.0/0 [1/0] via 10.74.16.254

VPNPOOL1 192.168.80.1 192.168.80.5

CUSTOMER

Linux machine using vpnc

cat /etc/vpnc/e_vpn.conf

Xxxxxx gateway IPSec

VPN IPSec ID

IPSec secret xxxxx

IKE psk Authmode

Xauth username yyyyy

Xauth password xxxxx

Target 192.168.50.0/24 192.168.40.0/24 networks

Route - n

Kernel IP routing table

Destination Gateway Genmask Flags metric Ref use Iface

192.168.40.101 0.0.0.0 255.255.255.255 UH 0 0 0 tun0

_VPN_ 9.158.166.129 UGH 255.255.255.255 0 0 0 eth0

9.158.166.129 0.0.0.0 255.255.255.255 UH 0 0 0 eth0

9.0.136.50 9.158.166.129 UGH 255.255.255.255 0 0 0 eth0

192.168.220.0 0.0.0.0 255.255.255.240 U 0 0 0 virbr4

192.100.100.0 0.0.0.0 255.255.255.128 U 0 0 0 virbr5

9.158.166.128 0.0.0.0 255.255.255.128 U 0 0 0 eth0

192.168.80.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0

192.168.40.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0

192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0

0.0.0.0 9.158.166.129 0.0.0.0 UG 0 0 0 eth0

Ping - c1 192.168.50.1

PING 192.168.50.1 (192.168.50.1) 56 (84) bytes of data.

-ping 192.168.50.1 - statistics

1 packets transmitted, 0 received, 100% packet loss, time 0ms s

Did I miss something in the config... or something is wrong?

Follow these steps:

101 extended IP access list

1 deny ip any 192.168.80.0 0.0.0.255

!

Renumber list of access IP 101 10 10

Thank you.

Please note all useful posts

Cannot print over a network with Vista home

Hello I try to connecto my new laptop to my network wireless of office to share files and printers. The new laptop is Vista Home 64 bit. The printer is connectet to a PC with Windows xp and according to a person who does our netwirking the printer cannot talk to the 32-bit and 64-bit and tells me that I have to change for windows XP. It does not sound right. Apparently there is no driver for canon iR 1510-1670, which runs on a 64-bit processor. Any help...

Thank you

Guillermo

If there is no Vista 64-bit drivers available for this Canon printer, you will need to spend the XP Canon printer to a compatible printer Vista 64 bit if you want to print from it.

Canon has written drivers for their products, not Microsoft.

Check yourself on the Canon Website driver as to what drivers are available for this printer:

http://www.USA.Canon.com/OPD/controller?Act=OPDDownloadIndexAct

See you soon.

Mick Murphy - Microsoft partner

LinuxMint17 comments with NAT cannot reach a subnet, why?

I improved my VMWare to WS12PRO and built a new virtual machine containing a Linux Mint 17 machine. It uses the NAT networking.
WS is running on my Win7 X 64 computer laptop, which is connected by wire to the 192.168.0.0 network and via VPN to the 10.0.0.0 network.
In earlier versions of workstation when I had this setup I could connect to resources on the 10.0.0.0 network so that the host had the VPN channel open.
But now for some reason is more, why?
I enter ping 10.0.0.7 on my host and he responds very well, but when I do the same thing within the host is not responding.
If I come home instead of ping 192.168.0.152 I get an immediate response from this unit.
Even if I ping an Internet address.
For some reason any resolution to the VPN does not work on the system of WS12PRO when it has worked very well in WS7.
Is there a setting I can change to the client to do this work?
.

Problem solved!

It was located in Windows7 "Internet sharing" network configuration when enabled on the VPN connection to a network of WiFi access points.

The Access Point was not started, but in any case the presence of the layout sharing blocked the normal use of the other networks VPN channel.

Once sharing withdrew the connectoid that everything started working like before.

Cannot change the subnet mask of eCard in 7.1.3 (opensuse 11.4)

Had this problem before with 7.0 on suse 11.2, but I forget how I "fixed it". This is quite irritating considering I found nothing on google about this topic. I hope it's just my ignorance with the software and not a real problem, but when I try to change a vmnet as Host-only adapter, I have no option to change the subnet mask. I've seen tutorials where you just have this option, but I did not.

I use a very simple script to make changes to the Infrastructure virtual VMware which are not available on Linux hosts via the virtual network editor in Linux in VMware Workstation version. Note that there may be other ways, but this is what worked for me. Also note that changes to the value of a parameter that is not a correct value will cause failures, and that's why I have the scrip, run the commands with the talkative and check the ifconfig and VMware Network Status before and after you made the changes and you will see that in the attached script.

If you do not have what it takes to use the attached script then in a Terminal root or with sudo:
```
sudo /usr/bin/vmware-networks --stop -v
sudo cp -p /etc/vmware/networking /etc/vmware/networking.backup
sudo cp -p /etc/vmware/vmnet1/dhcpd/dhcpd.conf /etc/vmware/vmnet1/dhcpd/dhcpd.conf.backup
sudo cp -p /etc/vmware/vmnet8/dhcpd/dhcpd.conf /etc/vmware/vmnet8/dhcpd/dhcpd.conf.backup
sudo nano /etc/vmware/networking
sudo nano /etc/vmware/vmnet1/dhcpd/dhcpd.conf
sudo nano /etc/vmware/vmnet8/dhcpd/dhcpd.conf
sudo /usr/bin/vmware-networks --start -v
sudo /usr/bin/vmware-netcfg
sudo /usr/bin/vmware-networks --start -v
```
In the attached script, you will see the following note about the use of writing, or why this is done manually:
```
    # NOTE: Load the VMware Virtual Network Editor and then click the OK button.
    #    This is being done for two reasons, one is to validate the settings
    #    and the other is to create a new DHCP_CFG_HASH in the networking file.
    #
    #    Be sure to review the 'Current Status after editing...' for any errors.

echo
echo  Starting VMware Virtual Network Editor...
echo
sudo /usr/bin/vmware-netcfg
```
As I said there may be other ways and VMware is unfortunately very tight secretive about what they do the document to be disclosed to the public, which is unfortunately very little. It is so absurd that the version of Windows is not this limitation but I guess I would really be surprised since removed altogether VMware VMware Player for Linux virtual network editor and does not install it for the VMware Player for Windows even if it's in the Windows Installer Package. Go figure!

Skype cannot connect over 3g but connects over wifi

I recently had problems on my galaxy tab 2 every time I want to log in to Skype on 3 g network. It never connects, but it works well when am on wifi network. AV checked all the limitations of parameters and the data, but nothing seems to work. Someone has an idea?

I have found 2 alternative. I downloaded hotspot protect the phone and every time I want 2 connect on Skype on mobile data network 3 g, I launch the hotspot to protect first and make sure that it is connected, so my ip address will change before my Skype is able 2 connect.
Yes it works that way at the moment and I don't see any harm using d hotspot shield.

I get weird horizontal lines on startup each time more serial number not showing - cannot diagnose over 'AHT' [photos + attached vid] [rMBP mid-2014]

I have some strange lines when I start my rMBP mid 2014

I tried the resets of Landau and SCM, tried to make a new user and once again reset.

Nothing works, somethings wrong with the /gpu of the motherboard?

Is there something I can do?

It will still cause problems in the future?

Is this a problem maybe?

For another case maybe it's related - I tried to make a diagnosis using the new "AHT" of new Mac (by pressing D on startup)

It won't let me in because suddenly the serial number is missing from here and 'a way'

What, then, is everything, it is linked, may be problem?

Photos:

Video:

https://www.YouTube.com/watch?v=-AkTCpbX1dw

Post edited by: SuperBik3
videos added

The logic board need to be replaced.

Do a 'genius' one appointment at an Apple Store, or select another authorized service provider. You may need to leave the machine there for several days.

Back up the data on the internal disks before you turn on your computer to anyone. There are ways to back up a computer that is not fully functional - ask if you need advice.

If privacy is a concern, delete the partitions of data with the ability to write zeros * (do it only if you have at least two backups complete, independent, and you know how to restore on a blank disc from any one of them.) Do not delete the recovery partition, if it is present.

Keep your confidential data safe during the repair of the equipment

Apple recommends that you remove permission to a device in the iTunes store before serving.

* One SSD has no need to be set to zero.

RV082 - cannot VPN over subnet 2

Similar Questions

Maybe you are looking for