The success, but AnyConnect VPN cannot remote desktop
Hi all
I have a problem when I am unable to remote desktop in any PC LAN when I am connected via VPN. I can ping all the nodes inside the network and I can open a web page from my local PC address inside, as well. So it seems like it was only the RDP (3389) is affected. Remote access for PCs are turned on, as I am able to get to them via a different method (SBS Remote Web Access).
I'm a bit new to ASAs, so any help is greatly appreciated. TIA
ASA 5505
ASA Version 8.2 (5)
!
host name asa
activate the encrypted password of IqUJj3NwPkd23LO9
2KFQnbNIdI.2KYOU encrypted passwd
names of
name 10.0.1.0 Net-10
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
switchport access vlan 3
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
nameif inside
security-level 100
192.168.1.98 IP address 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
11.11.11.11 IP address 255.255.255.0
!
interface Vlan3
No nameif
security-level 50
192.168.5.1 IP address 255.255.255.0
!
passive FTP mode
object-group service RDP - tcp
EQ port 3389 object
TSTGRP_splitTunnelAcl list standard access allowed 192.168.1.0 255.255.255.0
inside_nat0_outbound list extended access permits all ip Net-10 255.255.255.224
inside_nat0_outbound list of allowed ip extended access all 12.0.1.0 255.255.255.224
inside_nat0_outbound to access ip 192.168.1.0 scope list allow 255.255.255.0 12.0.1.0 255.255.255.224
inside_access_in of access allowed any ip an extended list
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
mask IP local pool SSLClientPool-10 10.0.1.1 - 10.0.1.20 255.255.255.128
12.0.1.1 mask - 12.0.1.20 local pool IPSec-12 IP 255.255.255.0
ICMP unreachable rate-limit 1 burst-size 1
don't allow no asdm history
ARP timeout 14400
Global 1 interface (outside)
NAT (inside) 0-list of access inside_nat0_outbound
NAT (inside) 1 0.0.0.0 0.0.0.0
inside_access_in access to the interface inside group
Route outside 0.0.0.0 0.0.0.0 11.11.11.11 1
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
AAA authentication enable LOCAL console
the ssh LOCAL console AAA authentication
LOCAL AAA authorization command
Enable http server
http 192.168.1.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 pfs Group1 set
Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5
outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
outside_map interface card crypto outside
Crypto ca trustpoint ASDM_TrustPoint0
registration auto
name of the object CN = not - asa .null
pasvpnkey key pair
Configure CRL
string encryption ca ASDM_TrustPoint0 certificates
certificate fecf8751
308202da 308201c 2 a0030201 020204fe cf875130 0d06092a 864886f7 0d 010105
31153013 06035504 03130c 70 61732d 61 73612e6e 756c6c31 16301406 0500302f
092a 8648 86f70d01 09021607 7061732d 61736130 33303530 36323134 1e170d31
3131365a 170d 3233 30353034 32313431 31365a 30 2f311530 13060355 0403130c
7061732d 6173612e 6e756c6c 01090216 07706173 4886f70d a 31163014 06092, 86
2D 617361 30820122 300 d 0609 2a 864886 f70d0101 01050003 82010f00 3082010 has
00dc6f5c 02820101 584be603 1219ad4a 43085 has 97 b8fd7e33 c887933d 1b46dbca
deada1da 7689ab5e 9b6fa20b d6f7e5e3 049285e7 65778c 15 a9447e1e 8ba749cb
61e0e985 9a90c09f b4c28af0 c6b5263c d2c13107 cce6c207 62f17cbe 99d9d5c2
25c035e4 86870084 ea9ab8ae 8b 664464 40305c4d e40dd774 506f6c0a 6f4ca4d1
0c81d2dd bcdc8393 3f4fbcba 1b477d45 af862bdf 50499615 7b9dac1b 502063b 8
67252db8 1473feec c39d9c32 9d9f3564 74fdf1bd e5ad6cba 999ae711 ca 71, 9310
c381347c a6508759 eb405cc0 a4adbe94 fb8204a2 382fad46 bc0fc43d 35df1b83
6379a 040 90469661 and 63868410 e16bf23b 05b724a3 edbd13e1 caa49238 ee6d1024
a32a1003 af020301 0001300d 4886f70d 01010505 00038201 010084b 1 a 06092, 86
c96aeec0 62698729 4e65cace e6f2e325 62909905 df31fbeb 8d767c74 395b 9053
434c5fde 6b76779f 278270e0 10905abc a8f1e78e f2ad2cd9 6980f0be 56acfe53
f1d715b9 89da338b f5ac9726 2de50629 34520055 55d1fcc5 f59c1271 ad14cd7e
14adc454 f9072744 bf66ffb5 20 c 04069 375b858c 723999f8 5cc2ae38 4bb4013a
2bdf51b3 1a36b7e6 2ffa3bb7 025527e1 e12cb2b2 f4fc624a 143ff416 d31135ff
6c57d226 7d5330c4 c2fa6d3f a1472abc a6bd4d4c be7380b8 6214caa5 78d53ef0
f08b2946 be8e04d7 9d15ef96 2e511fc5 804c402b 33987858 46a7b473 a 429, 1936
681a0caa b189d4f8 6cfe6332 8fc428df f07a21f8 acdb8594 0f57ffd4 376d
quit smoking
crypto ISAKMP allow outside
crypto ISAKMP policy 10
preshared authentication
3des encryption
sha hash
Group 2
life 86400
Telnet timeout 5
SSH 192.168.1.100 255.255.255.255 inside
SSH 10.0.1.1 255.255.255.255 outside
SSH timeout 5
Console timeout 0
dhcpd auto_config inside
!
dhcpd address 192.168.1.222 - 192.168.1.223 inside
dhcpd dns 11.11.11.12 11.11.12.12 interface inside
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
SSL-trust outside ASDM_TrustPoint0 point
WebVPN
allow outside
SVC disk0:/anyconnect-win-2.5.2014-k9.pkg 1 image
SVC disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2 image
enable SVC
tunnel-group-list activate
internal SSLClientPolicy group strategy
attributes of Group Policy SSLClientPolicy
VPN-tunnel-Protocol svc
attributes of Group Policy DfltGrpPolicy
value of 11.11.11.12 DNS server 11.11.12.12
Protocol-tunnel-VPN IPSec webvpn
username, password test 1w1. Encrypted F5oqiDOWdcll privilege 0
username test attributes
VPN-group-policy SSLClientPolicy
test1 lQ8frBN8p.5fQvth encrypted privilege 15 password username
username, password test2 w4USQXpU8Wj/RFt8 encrypted privilege 0
name of user test2 attributes
VPN-group-policy SSLClientPolicy
username password test3 SC8q/LweL74qU0Zu encrypted privilege 0
test3 username attributes
VPN-group-policy SSLClientPolicy
attributes global-tunnel-group DefaultRAGroup
address pool IPSec-12
IPSec-attributes tunnel-group DefaultRAGroup
pre-shared key *.
NO-SSL-VPN Tunnel-group type remote access
General-attributes of the NO-SSL-VPN Tunnel-group
address-pool SSLClientPool-10
Group Policy - by default-SSLClientPolicy
NO-SSL-VPN Tunnel - webvpn-attributes group
enable PAS_VPN group-alias
allow group-url https://11.11.11.11/PAS_VPN
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
!
global service-policy global_policy
privilege level 3 mode exec cmd command perfmon
privilege level 3 mode exec cmd ping command
mode privileged exec command cmd level 3
logging of the privilege level 3 mode exec cmd commands
privilege level 3 exec command failover mode cmd
privilege level 3 mode exec command packet cmd - draw
privilege show import at the level 5 exec mode command
privilege level 5 see fashion exec running-config command
order of privilege show level 3 exec mode reload
privilege level 3 exec mode control fashion show
privilege see the level 3 exec firewall command mode
privilege see the level 3 exec mode command ASP.
processor mode privileged exec command to see the level 3
privilege command shell see the level 3 exec mode
privilege show level 3 exec command clock mode
privilege exec mode level 3 dns-hosts command show
privilege see the level 3 exec command access-list mode
logging of orders privilege see the level 3 exec mode
privilege, level 3 see the exec command mode vlan
privilege show level 3 exec command ip mode
privilege, level 3 see fashion exec command ipv6
privilege, level 3 see the exec command failover mode
privilege, level 3 see fashion exec command asdm
exec mode privilege see the level 3 command arp
command routing privilege see the level 3 exec mode
privilege, level 3 see fashion exec command ospf
privilege, level 3 see the exec command in aaa-server mode
AAA mode privileged exec command to see the level 3
privilege, level 3 see fashion exec command eigrp
privilege see the level 3 exec mode command crypto
privilege, level 3 see fashion exec command vpn-sessiondb
privilege level 3 exec mode command ssh show
privilege, level 3 see fashion exec command dhcpd
privilege, level 3 see the vpnclient command exec mode
privilege, level 3 see fashion exec command vpn
privilege level see the 3 blocks from exec mode command
privilege, level 3 see fashion exec command wccp
privilege see the level 3 exec command mode dynamic filters
privilege, level 3 see the exec command in webvpn mode
privilege control module see the level 3 exec mode
privilege, level 3 see fashion exec command uauth
privilege see the level 3 exec command compression mode
level 3 for the show privilege mode configure the command interface
level 3 for the show privilege mode set clock command
level 3 for the show privilege mode configure the access-list command
level 3 for the show privilege mode set up the registration of the order
level 3 for the show privilege mode configure ip command
level 3 for the show privilege mode configure command failover
level 5 mode see the privilege set up command asdm
level 3 for the show privilege mode configure arp command
level 3 for the show privilege mode configure the command routing
level 3 for the show privilege mode configure aaa-order server
level mode 3 privilege see the command configure aaa
level 3 for the show privilege mode configure command crypto
level 3 for the show privilege mode configure ssh command
level 3 for the show privilege mode configure command dhcpd
level 5 mode see the privilege set privilege to command
privilege level clear 3 mode exec command dns host
logging of the privilege clear level 3 exec mode commands
clear level 3 arp command mode privileged exec
AAA-server of privilege clear level 3 exec mode command
privilege clear level 3 exec mode command crypto
privilege clear level 3 exec command mode dynamic filters
level 3 for the privilege cmd mode configure command failover
clear level 3 privilege mode set the logging of command
privilege mode clear level 3 Configure arp command
clear level 3 privilege mode configure command crypto
clear level 3 privilege mode configure aaa-order server
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:7f67d8c8b24bc533cf546b545aa33327
Looks like traffic is underway for RDP but there is no response packet
7: 22:24:58.824954 802. 1 q vlan P0 10.0.1.1.49162 #1 > 192.168.1.20.3389: S 3361152799:3361152799 (0) win 65535
8: 22:24:59.824740 802. 1 q vlan P0 10.0.1.1.49162 #1 > 192.168.1.20.3389: S 3361152799:3361152799 (0) win 65535
This can result from Neatgear (192.168.1.1), drop the packets. You can have solutions on SAA by tapping the traffic on the inside of the interface on the ASA. Here's what you need to do:
vpn_nat_inside 10.0.1.0 ip access list allow 255.255.255.0 192.168.1.0 255.255.255.0
NAT (10 vpn_nat_inside list of outdoor outdoor access)
Global interface (10 Interior)
This pat only vpn traffic entering the pool and will not have effect on anything else.
Kind regards
Bad Boy
P.S. Please mark this message as 'Responded' If you find this information useful so that it brings goodness to other users of the community
Tags: Cisco Security
Similar Questions
-
I have a Windows 7 station on a local network that I am able to remote desktop, but not able to remote desktop for it?
Hello
Thanks for the reply.
I suggest you to refer to this article and check.
Connect to another computer using Remote Desktop connection: http://windows.microsoft.com/en-IN/windows7/Connect-to-another-computer-using-Remote-Desktop-Connection
Thank you.
-
- How to maximize the number of RDP session for Remote Desktop connections in windows 2008 server?
- By default, the system says 2. and to not change/increase.
- is everything permissible special necessary to buy?
HelloYour question of Windows is more complex than what is generally answered in the Microsoft Answers forums as it is related to maximize the number of RDP session for Office remote connections to the server. Appropriate in instances of Windows Server.
Please post your question in the Forums of Windows Server.
-
Original title: Windows Mail
Recently my messages in the Inbox are no longer visible. The command Find says that they are still in the Inbox but I juast cannot see them. What should I do to make them visible?
Thank you
Hello
Go to your Inbox > click on 'View' on the toolbar at the top > "Current view" > "Show all Messages" is checked.
See you soon.
-
PC may have the connection, but why MAC cannot have Anyconnect VPN?
Hi, we have MAC and PC users. Two users could reach inside the network through ASA and Anyconnect VPN. However, MAC users can not have connection (please see screenshot in attachment). The output of the show run webvpn command is below:
Act(config-WebVPN) # sh run webvpn
WebVPN
allow outside
allow inside
CSD image disk0:/csd_3.5.841-k9.pkg
AnyConnect image disk0:/anyconnect-win-3.1.04066-k9.pkg 1
AnyConnect enable
tunnel-group-list activate
Auto-signon allow ip 0.0.0.0 0.0.0.0 auth-type all theThe lack of configuration ""anyconnect image disk0: /anyconnect -macosx- i386 - 2.5.2014 - k9.pkg "all the time." We don't think that this is the reason why MAC users are unable to reach the inside of the network because we do not have this command for a long time. Any suggestions can give? Thank you.
> The question is that the command for MAC was not there for long. Why is it could work when the order wasn't there?
I don't know, but I remember that in versions, it was not necessary to have * all * images in flash. Perhaps this changed some time. , You upgrade your ASA recently before the problems began?
-
ASA 5512 Anyconnect VPN cannot connect inside the network 9.1 x
Hello
I'm new to ASA, can I please help with this. I managed to connect to the vpn through the mobility cisco anyconnect client, but I am unable to connect to the Internet. the allocated ip address was 172.16.1.60 and it seems OK, I thought my acl and nat is configured to allow and translate the given vpn ip pool but I'm not able to ping anything on the inside.
If anyone can share some light... There's got to be something escapes me...
Here's my sh run
Thank you
Raul
-------------------------------------------------------------------------------
DLSYD - ASA # sh run
: Saved
:
ASA 9.1 Version 2
!
hostname DLSYD - ASA
domain delo.local
activate the encrypted password of UszxwHyGcg.e6o4z
names of
mask 172.16.1.60 - 172.16.1.70 255.255.255.0 IP local pool DLVPN_Pool
!
interface GigabitEthernet0/0
Shutdown
No nameif
no level of security
no ip address
!
interface GigabitEthernet0/1
Shutdown
No nameif
no level of security
no ip address
!
interface GigabitEthernet0/2
Post description
10 speed
full duplex
nameif Ext
security-level 0
IP 125.255.160.54 255.255.255.252
!
interface GigabitEthernet0/3
Description Int
10 speed
full duplex
nameif Int
security-level 100
IP 192.168.255.2 255.255.255.252
!
interface GigabitEthernet0/4
Shutdown
No nameif
no level of security
no ip address
!
interface GigabitEthernet0/5
Shutdown
No nameif
no level of security
no ip address
!
interface Management0/0
management only
nameif management
security-level 100
IP 192.168.1.1 255.255.255.0
!
boot system Disk0: / asa912-smp - k8.bin
passive FTP mode
clock timezone IS 10
clock daylight saving time EDT recurring last Sun Oct 02:00 last Sun Mar 03:00
DNS lookup field inside
DNS domain-lookup Int
DNS server-group DefaultDNS
192.168.1.90 server name
192.168.1.202 server name
domain delo.local
permit same-security-traffic intra-interface
network dlau40 object
Home 192.168.1.209
network dlausyd02 object
host 192.168.1.202
network of the object 192.168.1.42
host 192.168.1.42
dlau-utm network object
host 192.168.1.50
network dlauxa6 object
Home 192.168.1.62
network of the 192.168.1.93 object
host 192.168.1.93
network dlau-ftp01 object
Home 192.168.1.112
dlau-dlau-ftp01 network object
network dlvpn_network object
subnet 172.16.1.0 255.255.255.0
the object-group Good-ICMP ICMP-type
echo ICMP-object
response to echo ICMP-object
ICMP-object has exceeded the time
Object-ICMP traceroute
ICMP-unreachable object
DLVPN_STAcl list standard access allowed 192.168.0.0 255.255.0.0
Standard access list DLVPN_STAcl allow 196.1.1.0 255.255.255.0
DLVPN_STAcl list standard access allowed 126.0.0.0 255.255.0.0
Ext_access_in access list extended icmp permitted any object-group Good-ICMP
Ext_access_in list extended access permitted tcp dlau-ftp01 eq ftp objects
Ext_access_in list extended access permit tcp any object dlausyd02 eq https
Ext_access_in list extended access permit tcp any object dlau-utm eq smtp
Ext_access_in list extended access permit tcp any object dlauxa6 eq 444
Ext_access_in access-list extended permitted ip object annete-home everything
pager lines 24
Enable logging
asdm of logging of information
MTU 1500 Ext
MTU 1500 Int
management of MTU 1500
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 713.bin
don't allow no asdm history
ARP timeout 14400
no permit-nonconnected arp
NAT (Int, Ext) static source any any destination static dlvpn_network dlvpn_network non-proxy-arp
!
network dlausyd02 object
NAT (Int, Ext) interface static tcp https https service
dlau-utm network object
NAT (Int, Ext) interface static tcp smtp smtp service
network dlauxa6 object
NAT (Int, Ext) interface static tcp 444 444 service
network dlau-ftp01 object
NAT (Int, Ext) interface static tcp ftp ftp service
Access-group Ext_access_in in Ext interface
Route Ext 0.0.0.0 0.0.0.0 125.255.160.53 1
Route Int 192.168.0.0 255.255.0.0 192.168.255.1 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
AAA authentication enable LOCAL console
AAA authentication LOCAL telnet console
AAA authentication http LOCAL console
LOCAL AAA authentication serial console
the ssh LOCAL console AAA authentication
http server enable 44310
http server idle-timeout 30
http 192.168.0.0 255.255.0.0 Int
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown warmstart of cold start
Crypto ipsec pmtu aging infinite - the security association
trustpool crypto ca policy
Telnet 192.168.1.0 255.255.255.0 management
Telnet timeout 30
SSH 192.168.0.0 255.255.0.0 Int
SSH timeout 30
SSH group dh-Group1-sha1 key exchange
Console timeout 0
No ipv6-vpn-addr-assign aaa
no local ipv6-vpn-addr-assign
management of 192.168.1.2 - dhcpd address 192.168.1.254
enable dhcpd management
!
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
NTP server 61.8.0.89 prefer external source
SSL encryption rc4-aes128-sha1 aes256-3des-sha1 sha1 sha1
WebVPN
port 44320
allow outside
Select Ext
AnyConnect essentials
AnyConnect image disk0:/anyconnect-win-3.1.05170-k9.pkg 1
AnyConnect enable
tunnel-group-list activate
internal GroupPolicy_DLVPN group strategy
attributes of Group Policy GroupPolicy_DLVPN
WINS server no
value of server DNS 192.168.1.90 192.168.1.202
client ssl-VPN-tunnel-Protocol
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list DLVPN_STAcl
delonghi.local value by default-field
WebVPN
AnyConnect Dungeon-Installer installed
time to generate a new key 30 AnyConnect ssl
AnyConnect ssl generate a new method ssl key
AnyConnect ask flawless anyconnect
encrypted vendor_ipfx pb6/6ZHhaPgDKSHn password username
vendor_pacnet mIHuYi1jcf9OqVN9 encrypted password username
username admin password encrypted tFU2y7Uo15ahFyt4
type tunnel-group DLVPN remote access
attributes global-tunnel-group DLVPN
address pool DLVPN_Pool
Group Policy - by default-GroupPolicy_DLVPN
tunnel-group DLVPN webvpn-attributes
enable DLVPN group-alias
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the netbios
Review the ip options
inspect the ftp
inspect the tftp
!
global service-policy global_policy
SMTPS
Server 192.168.1.50
Group Policy - by default-DfltGrpPolicy
context of prompt hostname
no remote anonymous reporting call
Cryptochecksum:67aa840d5cfff989bc045172b2d06212
: end
DLSYD - ASA #.Hello
Add just to be sure, the following configurations related to ICMP traffic
Policy-map global_policy
class inspection_default
inspect the icmp
inspect the icmp errorYour NAT0 configurations for traffic between LAN and VPN users seem to. Your Split Tunnel ACL seems fine too because it has included 192.168.0.0/16. I don't know what are the other.
I wonder if this is a test installation since you don't seem to have a dynamic PAT configured for your local network at all. Just a few static PAT and the NAT0 for VPN configurations. If it is a test configuration yet then confirmed that the device behind the ASA in the internal network has a default route pointing to the ASAs interface and if so is it properly configured?
Can you same ICMP the directly behind the ASA which is the gateway to LANs?
If you want to try ICMP interface internal to the VPN ASA then you can add this command and then try ICMP to the internal interface of the ASA
Int Management-access
As the post is a little confusing in the sense that the subject talk on the traffic doesn't work not internal to the network, while the message mentions the traffic to the Internet? I guess you meant only traffic to the local network because you use Split Tunnel VPN, which means that Internet traffic should use the VPN local Internet users while traffic to the networks specified in the ACL Tunnel Split list should be sent to the VPN.
-Jouni
-
Can Ping but not connect via Remote Desktop - how to change the settings of the outside LAN adapter
I have a Windows Server 2012 machine connected to a Windows 7 Pro machine via a switch.
Internet is shared on the Windows Server and the port sharing network has a static ip address. Similarly, the port connected to the Windows 7 Pro has a static ip address. I was able to desktop Windows 7 remotely from the server without any problem until very recently.
Recently, I had to change some properties of the LAN on the machines and I was changing the gateway by default for the Windows 7 Pro, when I was hunting from my remote desktop session and I was not able to reconnect since. I don't know if I accidentally blew the subnet or the default gateway, but I know for sure that I do not touch the part of the parameters ip address.
In addition, I can't ping the server computer but I am not able to connect via RDP. Please suggest any possible causes and solutions for this case. Both computers are remote and I can connect via the internet to the server computer.
As my title suggests, I'm trying to find out if there is a way to reset the settings of the adapter LAN from Windows 7 to my server and proceed from that.
Please let me know if you need more information.
Thank you.
RAM.
Hi Ram,
Please contact Microsoft Community.
Problems with Windows Server 2012 are supported in the TechNet Forums. I suggest you send the request in Windows Server 2012 general Forums TechNet.
http://social.technet.Microsoft.com/forums/WindowsServer/en-us/home?Forum=winserver8genHope this information helps.
-
Peer AnyConnect VPN cannot ping, RDP each other
I have an ASA5505 running ASA 8.3 (1) and ASDM 7.1 (1). I have a remote access VPN set up and remote access users are able to connect and access to network resources. I can ping the VPN peers between the Remote LAN. My problem counterparts VPN cannot ping (RDP, CDR) between them. Ping a VPN peer of reveals another the following error in the log of the SAA.
Asymmetrical NAT rules matched for flows forward and backward; Connection for icmp outside CBC: 10.10.10.8 outside dst: 10.10.10.9 (type 8, code 0) rejected due to the failure of reverse NAT.
Here's my ASA running-config:
ASA Version 8.3 (1)
!
ciscoasa hostname
domain dental.local
activate 9ddwXcOYB3k84G8Q encrypted password
2KFQnbNIdI.2KYOU encrypted passwd
names of
!
interface Vlan1
nameif inside
security-level 100
IP 192.168.1.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP address dhcp setroute
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
passive FTP mode
clock timezone CST - 6
clock to summer time recurring CDT
DNS lookup field inside
DNS server-group DefaultDNS
192.168.1.128 server name
domain dental.local
permit same-security-traffic inter-interface
permit same-security-traffic intra-interface
network obj_any object
subnet 0.0.0.0 0.0.0.0
network of the RAVPN object
10.10.10.0 subnet 255.255.255.0
network of the NETWORK_OBJ_10.10.10.0_28 object
subnet 10.10.10.0 255.255.255.240
network of the NETWORK_OBJ_192.168.1.0_24 object
subnet 192.168.1.0 255.255.255.0
access-list Local_LAN_Access note VPN Customer local LAN access
Local_LAN_Access list standard access allowed host 0.0.0.0
DefaultRAGroup_splitTunnelAcl list standard access allowed 192.168.1.0 255.255.255.0
Note VpnPeers access list allow peer vpn ping on the other
permit access list extended ip object NETWORK_OBJ_10.10.10.0_28 object NETWORK_OBJ_10.10.10.0_28 VpnPeers
pager lines 24
Enable logging
asdm of logging of information
logging of information letter
address record [email protected] / * /
exploitation forest-address recipient [email protected] / * / level of information
record level of 1 600 6 rate-limit
Outside 1500 MTU
Within 1500 MTU
mask 10.10.10.5 - 10.10.10.10 255.255.255.0 IP local pool VPNPool
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 711.bin
don't allow no asdm history
ARP timeout 14400
NAT (inside, all) static source all electricity static destination RAVPN RAVPN
NAT (inside, outside) static static source NETWORK_OBJ_10.10.10.0_28 destination NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_10.10.10.0_28
NAT (inside, outside) static source all all NETWORK_OBJ_10.10.10.0_28 of NETWORK_OBJ_10.10.10.0_28 static destination
!
network obj_any object
NAT dynamic interface (indoor, outdoor)
network of the RAVPN object
dynamic NAT (all, outside) interface
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-registration DfltAccessPolicy
Enable http server
http 192.168.1.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Community SNMP-server
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ESP-AES-128-SHA-TRANS-aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA-TRANS mode transit
Crypto ipsec transform-set ESP-DES-SHA-TRANS esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-SHA-TRANS mode transit
Crypto ipsec transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA-TRANS mode transit
Crypto ipsec transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-256-SHA-TRANS mode transit
Crypto ipsec transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
Crypto ipsec transform-set ESP-3DES-SHA-TRANS mode transit
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP ESP-AES-128-SHA ESP - AES - 192 - SHA ESP - AES - 256 - SHA ESP - 3DES - SHA - OF - SHA ESP - AES - 128 - SHA - TRANS ESP - AES - 192 - SHA - TRANS ESP - AES - 256 - SHA - ESP ESP - 3DES - SHA - TRANS TRANS-DES - SHA - TRANS
outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
outside_map interface card crypto outside
trustpoint crypto ca-CA-SERVER ROOM
LOCAL-CA-SERVER key pair
Configure CRL
Crypto ca trustpoint ASDM_TrustPoint0
registration auto
name of the object CN = ciscoasa
billvpnkey key pair
Proxy-loc-transmitter
Configure CRL
crypto ca server
CDP - url http://ciscoasa/+CSCOCA+/asa_ca.crl
name of the issuer CN = ciscoasa
SMTP address [email protected] / * /
crypto certificate chain ca-CA-SERVER ROOM
certificate ca 01
* hidden *.
quit smoking
string encryption ca ASDM_TrustPoint0 certificates
certificate 10bdec50
* hidden *.
quit smoking
crypto ISAKMP allow outside
crypto ISAKMP policy 10
authentication crack
aes-256 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 20
authentication rsa - sig
aes-256 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 30
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 40
authentication crack
aes-192 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 50
authentication rsa - sig
aes-192 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 60
preshared authentication
aes-192 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 70
authentication crack
aes encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 80
authentication rsa - sig
aes encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 90
preshared authentication
aes encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 100
authentication crack
3des encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 110
authentication rsa - sig
3des encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 120
preshared authentication
3des encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 130
authentication crack
the Encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 140
authentication rsa - sig
the Encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 150
preshared authentication
the Encryption
sha hash
Group 2
life 86400
enable client-implementation to date
Telnet 192.168.1.1 255.255.255.255 inside
Telnet timeout 5
SSH timeout 5
Console timeout 0
management-access inside
dhcpd outside auto_config
!
dhcpd address 192.168.1.50 - 192.168.1.99 inside
dhcpd allow inside
!
a basic threat threat detection
threat detection statistics
a statistical threat detection tcp-interception rate-interval 30 burst-400-rate average rate 200
SSL-trust outside ASDM_TrustPoint0 point
WebVPN
allow outside
SVC disk0:/anyconnect-win-3.1.04072-k9.pkg 1 image
SVC profiles DellStudioClientProfile disk0: / dellstudioclientprofile.xml
enable SVC
tunnel-group-list activate
internal-password enable
chip-tunnel list SmartTunnelList RDP mstsc.exe windows platform
internal DefaultRAGroup group strategy
attributes of Group Policy DefaultRAGroup
Server DNS 192.168.1.128 value
Protocol-tunnel-VPN l2tp ipsec
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list DefaultRAGroup_splitTunnelAcl
Dental.local value by default-field
WebVPN
SVC value vpngina modules
internal DefaultRAGroup_1 group strategy
attributes of Group Policy DefaultRAGroup_1
Server DNS 192.168.1.128 value
Protocol-tunnel-VPN l2tp ipsec
Dental.local value by default-field
attributes of Group Policy DfltGrpPolicy
Server DNS 192.168.1.128 value
VPN - 4 concurrent connections
Protocol-tunnel-VPN IPSec l2tp ipsec svc webvpn
value of group-lock RAVPN
value of Split-tunnel-network-list Local_LAN_Access
Dental.local value by default-field
WebVPN
the value of the URL - list DentalMarks
SVC value vpngina modules
SVC value dellstudio type user profiles
SVC request to enable default webvpn
chip-tunnel enable SmartTunnelList
wketchel1 5c5OoeNtCiX6lGih encrypted password username
username wketchel1 attributes
VPN-group-policy DfltGrpPolicy
WebVPN
SVC value DellStudioClientProfile type user profiles
username privilege 15 encrypted password 5c5OoeNtCiX6lGih wketchel
username wketchel attributes
VPN-group-policy DfltGrpPolicy
WebVPN
modules of SVC no
SVC value DellStudioClientProfile type user profiles
jenniferk 5.TcqIFN/4yw0Vq1 of encrypted password privilege 0 username
jenniferk username attributes
VPN-group-policy DfltGrpPolicy
WebVPN
SVC value DellStudioClientProfile type user profiles
attributes global-tunnel-group DefaultRAGroup
address pool VPNPool
LOCAL authority-server-group
IPSec-attributes tunnel-group DefaultRAGroup
pre-shared key *.
tunnel-group DefaultRAGroup ppp-attributes
PAP Authentication
ms-chap-v2 authentication
eap-proxy authentication
type tunnel-group RAVPN remote access
attributes global-tunnel-group RAVPN
address pool VPNPool
LOCAL authority-server-group
tunnel-group RAVPN webvpn-attributes
enable RAVPN group-alias
IPSec-attributes tunnel-group RAVPN
pre-shared key *.
tunnel-group RAVPN ppp-attributes
PAP Authentication
ms-chap-v2 authentication
eap-proxy authentication
type tunnel-group WebSSLVPN remote access
tunnel-group WebSSLVPN webvpn-attributes
enable WebSSLVPN group-alias
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
!
global service-policy global_policy
173.194.64.108 SMTP server
context of prompt hostname
HPM topN enable
Cryptochecksum:3304bf6dcf6af5804a21e9024da3a6f8
: end
Hello
Seems to me that you can clean the current NAT configuration a bit and make it a little clearer.
I suggest the following changes
network of the VPN-POOL object
10.10.10.0 subnet 255.255.255.0
the object of the LAN network
subnet 192.168.1.0 255.255.255.0
PAT-SOURCE network object-group
object-network 192.168.1.0 255.255.255.0
object-network 10.10.10.0 255.255.255.0
NAT static destination LAN LAN (indoor, outdoor) static source VPN-VPN-POOL
destination VPN VPN-POOL POOL static NAT (outside, outside) 1 static source VPN-VPN-POOL
NAT interface (it is, outside) the after-service automatic PAT-SOURCE dynamic source
The above should allow
- Dynamic PAT for LAN and VPN users
- NAT0 for traffic between the VPN and LAN
- NAT0 for traffic between the VPN users
You can then delete the previous NAT configurations. Naturally, please save the configuration before you make the change, if you want to revert to the original configuration.
no static source nat (inside, everything) all electricity static destination RAVPN RAVPN
No source (indoor, outdoor) nat static static NETWORK_OBJ_10.10.10.0_28 destination NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_10.10.10.0_28
No source (indoor, outdoor) nat static everything all NETWORK_OBJ_10.10.10.0_28 of NETWORK_OBJ_10.10.10.0_28 static destination
No network obj_any object
No network object RAVPN
In case you do not want to change the settings a lot you might be right by adding this
network of the VPN-POOL object
10.10.10.0 subnet 255.255.255.0
destination VPN VPN-POOL POOL static NAT (outside, outside) 1 static source VPN-VPN-POOL
But the other above configurations changes would make NAT configurations currently simpler and clearer to see every goal of "nat" configurations.
-Jouni
-
One can explain the value command Anyconnect VPN etc. "vpn-filter"?
Hello
In Anyconnect VPN, there are two commands that I pointed out wild "BOLD". I checked it with "?" behind the command. But I still don't understand it and why it should be used here. I hope someone can explain it to me. Thank you
Internal authority of group-policy
attributes of authority-group policy
VPN-filter Access_List value
clientless ssl VPN tunnel-Protocol
value of group-lock Third_Party
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list County_Access
-Here is what I checked:
Enter the name of an existing tunnel group for users to connect with group-lock
Enter the name of an ACL configured to apply to VPN-filter users
Vpn-filter adds an extra layer of security for VPN remote access by adding an access list to all traffic that comes from remote users.
For example, you can restrict to a subnet (which you can do in the tunnel-group) can still say that the HTTP servers, B and C (for which you would use the access list specified by the filter-vpn).
The group-lock prevents users defined to choose policies other group available in the drop-down list.
For example, you can restrict VPN users generally use a group without restriction for IT admins. Or allow only external suppliers to connect to a group designated to them that restricts access to a set of resources in the DMZ.
-
Phones AnyConnect VPN cannot connect to network ASA high-speed AT &; T uverse
Phones AnyConnect VPN are configured to connect to the ASA 5510 running 8.4 (4), and it uses the Active Directory credentials to connect. The connection is successful external ISP systems including Comcast and smaller independent service providers. However, when all of us at the AT & T uverse service take this phone 7965 even at home it networks fails to make any connection to the ASA at all. A capture of packets on the ASA shows no activity connection to the IP address of our uverse.
What's more, is that we can successfully authenticate the VPN of the phone when using the local account credentials (e.g. username admin password * priv 15) that are entered on the SAA. AT & T said that they are not blocking the ports. It is the confusion that this works for users to access local connection, but not with A/D.
So I guess the question is: what is the first handshake TCP/UDP composed when a Cisco IP phone links AnyConnect SSL to an ASA and negotiates the authentication of the number of A/D? For example, what are the port numbers used in this handshake? I couldn't find all the diagrams illustrating the HRT and the RFC for DTLS do not seem to have the answer either.
Thanks in advance.
-Athonia
Note: we have a TAC case open currently with subject ASA 5510 VPN Edition w / 250 annyconnect user - SSL VPN for phones. Configuration
I too ran on this issue and here is a description of what I found.
If you use automatic network detection first trys phone ping the TFTP server, he has learned from the DHCP server or manually set with the parameter of the alternate TFTP server. If the TFTP server is accessible the VPN will not connect and will not allow the user to connect manually.
ATT Uverse use DHCP option 150, the same option as Cisco UC uses to automatically set the TFTP servers, to locate the local home gateway so that the STB can join him. For this reason, you should notice that when you have a VPN phone on the network and view network settings the IP address of the TFTP server is the IP address of your default gatewat (The ATT router).
Because of the automatic detection of network works in ping the TFTP server that the phone will always think that it is connected to the local network. The workaround is to manually set the TFTP server on the phone * to the IP address that the TFTP server would have been if she had leared it from the DHCP server on your corporate network. The reason you should do this instead of just using a Bogon address, is that once the VPN is connected it tryes to register to the address that you specified.
Please let me know if this solves your problem as it did in our case.
* If you do not know how to set the TFTP replacement setting you must first select the "replacement" TFTP protocol and press on * #. This will allow you to change the default no to Yes. The below named parameter TFTP Server 1 will then allow you to manually specify the address.
-
access to the user account without password via Remote Desktop Conncetion
Hello, I have a question for remote desktop connection.
I have two computer, let's call them computer (XP pro) and computer B. And A computer user account has no password created.
If I activate the remote desktop on A computer (computer a user account has no password) and try to access it remotely from computer B, is it possible to connect? or I won't be able to connect? I have A computer user account password to allow remote access from any computer?
If anyone can help me with the answer, I would appreciate it!
Thank you
I'm sorry, but the user account must have a password to use the remote desktop connection. Boulder computer Maven
Most Microsoft Valuable Professional -
The mouse does not work in Remote Desktop
I have a Win 7 64 bit Pro computer desktop that I try to run Remote Desktop to connect to my server Windows Home Server 2011. When I log in, my server's desktop is visible and I can see and move my mouse but when I left click of the mouse, nothing happens. Then if I click right, menu contextual office does not, but it is in the lower left corner, whenever I do a right-click No matter where I click. When the context menu displays and I hover over an element, it is not derivative of blue as it should. So basically just mouse doesn't work at all on the remote desktop. However, the keyboard works. I can click on the Windows key to bring up the menu start and use the arrow keys to navigate in it.
Everything works fine on the server if I connect directly into it with the mouse and keyboard. I should also mention that exactly the same thing happens if I try to use remote desktop to connect to my Win 7 notebook Home Premium 64 - bit on my Windows 7 Pro Office above.
And finally, if I use remote desktop to connect from my laptop or desktop to my Win XP Pro system at work, everything works perfectly fine. So is this something with the connection to a system Win 7 or WHS 2011? Any help appreciated. Thank you.
I thought about it. I had this program that runs on the server that reverses the mouse. This is necessary, since I use a trackball turned 180 degrees for better comfort and "sakasa" mouse to use for the release of the mouse. But I didn't need on the server and the system office.
-
The security when you use hotels remote desktop?
I'm not sure where this investigation should go - maybe someone can correct me if needed.
We travel often. I take my Windows 7 laptop with me and hotel networks allows to connect to my computer via desktop remotely, so that I can continue to do banking online, documentation, etc. However, I am very concerned by the networks hotel being compromised, such that someone could be sniffing keyboard entries and looking for passwords and account information. I have considered two workaround solutions to hide what I do on my machine at home, but am not sure if they would actually work. One is to use the screen keyboard and the other is to have a copy of the text of the passwords I use available on my home computer and copy and paste passwords from secure documents / web pages, I want to access.
I guess that these two approaches would create only generic 'clicks' which don't contain any actual data which could be read through the network. Am I correct that?
Hello
Welcome to the Microsoft community.
There are a few additional steps you can take to limit access to the remote desktop.
1. you can specify that only certain users have access to this PC with remote desktop during installation.
2. you can also use another port to connect through.
a: you can find more information on these options here.
3. you can also see some good information in general on Remote Desktop here.
Regarding the overall security on your PC, you can configure the BitLocker Drive encryption. BitLocker allows you to avoid any documents to the more secure passwords by encrypting the entire drive which is Windows and your data. For more information on BitLocker and how to put in place, please check out the link here.
For more information about remote desktop, see Remote Desktop connection: frequently asked questions.
I hope this helps. If you need help with Windows, let us know and will be happy to help you.
-
HP 8600 - Document remains in the spooler after printing from a Remote Desktop server
I have a printer HP 8600 N911a . The printer prints a document on a Remote Desktop server, but the document will stay on the spool and held until the next documents aligned to print. It does this for all articles printed from the Remote Desktop server. It prints and receives faxes perfectly all the other times wireless.
Hi swmpthng88,
It is an indication that the problem is in the server operating system. To be sure, you can connect the printer to a different computer, and you don't have the issue, then, if the operating system on the server on which the problem of the queue. Let me know what you find?
-
Just around the beginning of July (2011) I started to have remote Office questions when connecting from home to work. If I minimize the connection for a while and come back later, it will be often does not. I'll have to hit the close X button several times before, he ends by abruptly disconnects. By the sudden I want to say that I don't get no dialogue usual warning that the session will be disconnected.
Also, sometimes when I connect I get a white screen instead of a connection window.
Anyone know if there was a Windows Update, or anything that can cause problems with RDP.
I used to be able to connect perfectly without any problems.
Thank you
original title: Remote Desktop problems for the months spent on XP
Hello
Your question of Windows is more complex than what is generally answered in the Microsoft Answers forums. It is better suited for the public on the TechNet site. Please post your question in the below link: http://social.technet.microsoft.com/Forums/en-US/itproxpsp/threads
Maybe you are looking for
-
Firefox Firefox 14.0.1 13.0.1 update
This isn't a question; This is a comment. Normally (for me at least), upgrades to new versions of Firefox smoothly. It is not. Firefox has been very slow in coming, he remember preferences, and he went in that State "no answer" frequently and for lon
-
Need graphics drivers for Tecra A7
Hello I'm trying to find the drivers for the monitor on tecra a7 (need to replace microsoft plug-and-play monitor drivers) When you plug in an external display (20 cm) we cannot go up to 1280 x 800) No file inf for tecra A7 to properly manage the res
-
Satellite L500 - error in Windows backup
Having a Satellite L500 Windows 7 32 bit. Windows backup on the external drive is not (LONGER) work. Message: Last backup failed. Error message 0 x 8007002. Can set the restore/recovery point and can back up restore/recovery points, but cannot save a
-
Video graphics problem Pavilion p7-1233w Check
Video check graphic error, the test does not run in this environment. Should I be concerned? No changes to the monitor or graphics settings that Im aware of my screen seems to work very well not noticed no problems with it, like I just live with it?
-
TestStand Menu (source control)
Is it possible to use Source code control for TestStand sequence and I don't use TestStand workspace