VPN site to Site and SSL VPN

Similar Questions

• ASA from Site to Site and SSL VPN stop working

  Thanks in advance for any advice

  We have an ASA 5510, users were able to connect via to all connect without any problems. We opened a new office with an ASA 5505 and decided to give VPN site-to-site on IPSec. We used the basic wizard and everything went smoothly at both ends. However, users who always used SSL VPN says so that they can connect to the original site, they are no longer in their RDP virtual machines or get anywhere on the network. I don't know why something like this can happen.

  You can change the SSL VPN DHCP scope to give a different subnet for IP addresses. Maybe try 192.168.10.0 255.255.255.0. Let me know if you can and if that corrects the issue.

  Sent by Cisco Support technique iPhone App

• Unable to connect to the site Web SSL VPN with firewall zone configured

  I recently updated my 2911 company and set up a firewall area.  This is my first experience with this and I used Cisco Configuration Professional to build the configuration of the firewall first and then edited the names to make it readable by humans.  The only problem I can't solve is to learn site Web SSL VPN from outside.  I can navigate the website and connect without problem from the inside, and even if it was useful to verify that the Routing and the site work properly it is really not what I.  I don't get anything on the syslog for drops because of the firewall server, or for any other reason but packet capture show that no response is received when you try to navigate to the outside Web site.  I am currently using a customer VPN IPSEC solution until I can get this to work and have no problem with it.  I have attached a sanitized with the included relevant lines configuration (deleted ~ 400 lines including logging, many inspections on the movement of the area to the area and the ipsec vpn, which I already mentioned).  I searched anything about this problem and no one has no problem connecting to their Web site, just to get other features to work correctly.  All thoughts are welcome.

  See the security box

  area to area

  Members of Interfaces:

  GigabitEthernet0/0.15

  GigabitEthernet0/0.30

  GigabitEthernet0/0.35

  GigabitEthernet0/0.45

  area outside zone

  Members of Interfaces:

  GigabitEthernet0/1

  sslvpn area area

  Members of Interfaces:

  Virtual-Template1

  SSLVPN-VIF0

  I tried to change the composition of the area on the interface virtual-Template1 to the outside the area nothing helps.

  See the pair area security

  Name of the pair area SSLVPN - AUX-in

  Source-Zone sslvpn-area-zone of Destination in the area

  Service-SSLVPN-AUX-IN-POLICY

  Name of the pair area IN SSLVPN

  Source-Zone in the Destination zone sslvpn-zone

  service-policy IN SSLVPN-POLICY

  Name of the pair area SELF SSLVPN

  Source-Zone sslvpn-area free-zone Destination schedule

  Service-SELF-to-SSLVPN-POLICY

  Zone-pair name IN-> AUTO

  Source-Zone in the Destination zone auto

  Service-IN-to-SELF-POLICY policy

  Name of the pair IN-> IN box

  In the Destination area source-Zone in the area

  service-policy IN IN-POLICY

  Zone-pair name SELF-> OUT

  Source-Zone auto zone of Destination outside the area

  Service-SELF-AUX-OUT-POLICY

  Name of the pair OUT zone-> AUTO

  Source-Zone out-area Destination-area auto

  Service-OUT-to-SELF-POLICY

  Zone-pair name IN-> OUT

  Source-Zone in the Destination area outside zone

  service-strategy ALLOW-ALL

  The pair OUT zone name-> IN

  Source-out-zone-time zone time Zone of Destination in the area

  Service-OUT-to-IN-POLICY

  Name of the pair area SSLVPN-to-SELF

  Source-Zone-Zone of sslvpn-area auto

  Service-SSLVPN-FOR-SELF-POLICY

  I also tried to add a pair of area for the outside zone sslvpn-zone passing all traffic and it doesn't change anything.

  The area of networks

  G0/0.15

  172.16.0.1 26

  G0/0.30

  172.16.0.65/26

  G0/0.35

  172.16.0.129/25

  G0/0.45

  172.18.0.1 28

  Pool of SSL VPN

  172.20.0.1 - 172.20.0.14

  Latest Version of IOS:

  Cisco IOS software, software C2900 (C2900-UNIVERSALK9-M), Version 15.0 (1) M10, RELEASE SOFTWARE (fc1)

  Glad works now. Weird question, no doubt.

  I guess that on the deployment guide said that the firewall will not support inspection of TCP to the free zone, however, class nested maps are used to accomplish this, to be completely honest, I think it's a mess and the best thing to do is action past to auto for the protocols that you want and then drop the rest.

  Let us know if you have any other problems.

  Mike

• ASA5505 VPN Site to site and limiting access - URGENT

  I'll admit knowledge limited to the front, so forgive me if I look like a fool.  The company that I work began recently to hosting our application for some of our customers. to do this, we are renting rack space, connections and equipment in a data center.  We must send data to our request for an application in the center of data of our customers.  They have an ASA 5505.

  Our data center will support VPN site-to-site and nothing else.  Our client find it unacceptable, citing security and the inability to restrict access to only the small number of servers, our application needs to access.  I have to be able to talk intelligently and with the facts (and, preferably, examples of configuration on hand) with their staff of the IOC and network in the next day or so.

  The ASA 5505 can be configured for a VPM from site to site with our data center which limits our application server to access a limited set of IP addresses within their network?  If so, this is quite easily possible?  Anyone done this?

  Thank you

  Leighton Wingerd

  Leighton,

  Sounds complicated problem - but are simple actuall.  Remember that a VPN ensures the transmission from site A to site B on a precarious environment - internet.  For example, you can DEFINE the traffic that goes through the VPN, you also DEFINE the traffic that will launch the VPN tunnel in the first place.  With these statements said - using your supposed information you would create valuable traffic as the exact traffic you want to allow through the vpn;

  access-list permits datacentre_2_client tcp host 1.2.3.4 host 192.168.1.2 eq 1521

  And you will use the same ACL to set which can cross traffic.  However, I know for a fact that an ODBC Oracle connection uses more than one TCP port!

  The confidentiality of data is something else - that your customer needs to define requirements.  An SSL connection is fine and dandy - you will just be to encrypt the traffic twice!

• VPN from Site to Site and easy 871W

  I have a problem with the configuration of Site to site and easy both together on the same router 871W

  Something is working, but not everything.

  x.x.x.x - address IP WAN
  a.a.a.a - gw for WAN IP address
  z.z.z.z - IP address of the VPN Site-to Site
  192.168.201.0/25 - LAN
  192.168.200.0/24 - easy VPN address
  192.168.151.0/24 - Site-Site LAN

  Site-to-site work properly, everythings fine, but no easy VPN.

  Configuration of Cisco VPN Client:

  Home - x.x.x.x, group auth name - RemoteGroup, pass *.
  user test, pass *.

  I have a successful connection of Cisco VPN Client (I see a closed lock - connected status)

  Connection gave me the address 192.168.200.5.

  But I can't see LAN or LAN from Site to Site.

  And I don't have any idea what may be wrong.

  Finalny config:

  Quote:

  Current configuration: 8860 bytes ! version 12.4 no service button horodateurs service debug datetime msec Log service timestamps datetime msec encryption password service sequence numbers service ! hostname moj-waw-rtr ! boot-start-marker boot-end-marker ! logging buffered debugging 52000 Select the secret *. ! AAA new-model ! ! AAA authentication login default local AAA authentication login local remoteusers AAA authorization exec default local AAA authorization RemoteGroup LAN ! AAA - the id of the joint session ! resources policy ! IP subnet zero IP cef ! ! no ip domain search IP domain name waw.moj.pl name of the IP-server 194.204.152.34 name of the IP-server 193.178.240.2 ! ! Crypto pki trustpoint TP - self - signed-*. enrollment selfsigned the object cn = IOS-Self-Signed - Certificate name- revocation checking no rsakeypair TP - self - signed-*. ! ! crypto TP - self - signed pki certificate chain-*. certificate self-signed 01 quit smoking privilege secret 15 user username username secret privilege test 4 *. ! ! ! crypto ISAKMP policy 1 BA 3des preshared authentication Group 2 ISAKMP crypto key * address y.y.y.y the local address TOVPNPOOL pool-crypto isakmp client configuration ! ISAKMP crypto client configuration group RemoteGroup key *. pool TOVPNPOOL ISAKMP crypto vpnclient profile RemoteGroup group identity match function identity address 192.168.201.111 255.255.255.255 client authentication list remoteusers ISAKMP authorization list RemoteGroup client configuration address respond ! ! Crypto ipsec transform-set esp-3des esp-sha-hmac vpntowaw Crypto ipsec transform-set esp-3des esp-md5-hmac vpnwaw ! Crypto dynamic-map DYNAMICS 10 Set transform-set vpnwaw vpnclient Set isakmp-profile market arriere-route ! ! vpn_wro_waw 1 ipsec-isakmp crypto map defined peer y.y.y.y Set transform-set vpntowaw PFS Group1 Set match address 104 vpn_wro_waw card crypto 65535-isakmp ipsec dynamic DYNAMICS ! Bridge IRB ! ! interface FastEthernet0 spanning tree portfast

  
  !
  interface FastEthernet1
  spanning tree portfast
  !
  interface FastEthernet2
  spanning tree portfast
  !
  interface FastEthernet3
  spanning tree portfast
  !
  interface FastEthernet4
  Description $ETH - LAN$
  IP x.x.x.x 255.255.255.0
  IP access-group 102 to
  Check IP unicast reverse path
  no ip redirection
  no ip unreachable
  no ip proxy-arp
  NAT outside IP
  IP virtual-reassembly
  route IP cache flow
  automatic duplex
  automatic speed
  vpn_wro_waw card crypto
  !
  interface Dot11Radio0
  no ip address
  no ip redirection
  no ip unreachable
  no ip proxy-arp
  route IP cache flow
  !
  algorithms for encryption tkip encryption mode
  !
  encryption vlan 1 tkip encryption mode
  !
  SSID TO - WAW
  VLAN 1
  open authentication
  authentication wpa key management
  Comments-mode
  WPA - psk ascii *.
  !
  base speed - 1.0 2.0 basic basic-5, 5 6.0 9.0 basic-11, 0 12.0 18.0 24.0 36.0 48.0 54.0
  root of station-role
  No dot11 extensions aironet
  !
  interface Dot11Radio0.1
  encapsulation dot1Q 1 native
  no link-status of snmp trap
  No cdp enable
  Bridge-Group 1
  Bridge-group subscriber-loop-control 1
  Bridge-Group 1 covering-disabled people
  Bridge-Group 1 block-unknown-source
  No source of bridge-Group 1-learning
  unicast bridge-Group 1-floods
  !
  interface Vlan1
  Description $ETH - SW - LAUNCH, INTF-INFO-HWIC $$ $4ESW
  no ip address
  no ip redirection
  no ip unreachable
  no ip proxy-arp
  IP virtual-reassembly
  route IP cache flow
  IP tcp adjust-mss 1452
  Bridge-Group 1
  !
  interface BVI1
  IP 192.168.201.1 255.255.255.128
  IP access-group 101 in
  IP nat inside
  IP virtual-reassembly
  !
  local IP TOVPNPOOL 192.168.200.2 pool 192.168.200.101
  IP classless
  IP route 0.0.0.0 0.0.0.0 a.a.a.a
  !
  IP http server
  1 class IP http access
  local IP http authentication
  IP http secure server
  IP http timeout policy slowed down 60 life 86400 request 10000
  IP nat inside source static tcp 192.168.201.3 80 80 FastEthernet4 interface
  IP nat inside source overload map route SDM_RMAP_1 interface FastEthernet4
  !
  Remark SDM_ACL category of access list 1 = 1
  access-list 1 permit 192.168.201.0 0.0.0.127
  access-list 1 permit 192.168.151.0 0.0.0.255
  access-list 1 deny all
  Access-list 100 category SDM_ACL = 2 Note
  Note access-list 100 IPSec rule
  access-list 100 deny ip 192.168.201.0 0.0.0.127 192.168.3.0 0.0.0.255
  access-list 100 deny ip 192.168.201.0 0.0.0.127 192.168.2.0 0.0.0.255
  access-list 100 deny ip 192.168.201.0 0.0.0.127 192.168.151.0 0.0.0.255
  access-list 100 deny ip 192.168.201.0 0.0.0.127 192.168.200.0 0.0.0.255
  access-list 100 permit ip 192.168.201.0 0.0.0.127 all
  access list 101 remark self-generated by the configuration of the firewall SDM
  Note access-list 101 = 1 SDM_ACL category
  access-list 101 deny ip x.x.x.x 0.0.0.255 everything
  access-list 101 deny ip 255.255.255.255 host everything
  access-list 101 deny ip 127.0.0.0 0.255.255.255 everything
  access list 101 ip allow a whole
  Allow Access - list 101 tcp a whole
  access list 101 allow udp a whole
  access-list 101 permit icmp any one
  access-list 102 permit icmp any host x.x.x.x
  access-list 102 permit udp host 194.204.152.34 eq field host x.x.x.x
  access-list 102 permit udp host 193.178.240.2 eq field host x.x.x.x
  access-list 102 permit udp host host eq non500-isakmp x.x.x.x y.y.y.y
  access-list 102 permit udp host host eq isakmp x.x.x.x y.y.y.y
  access-list 102 permit esp host host x.x.x.x y.y.y.y
  access-list 102 permit ahp host host x.x.x.x y.y.y.y
  access-list 102 permit ip 192.168.151.0 0.0.0.255 192.168.201.0 0.0.0.127
  access-list 102 permit ip 192.168.200.0 0.0.0.255 192.168.201.0 0.0.0.127
  access-list 102 permit ip 192.168.2.0 0.0.0.255 192.168.201.0 0.0.0.127
  access-list 102 permit ip 192.168.3.0 0.0.0.255 192.168.201.0 0.0.0.127
  access-list 102 permit ip 192.168.201.0 0.0.0.127 all
  access-list 102 deny ip 10.0.0.0 0.255.255.255 everything
  access-list 102 deny ip 172.16.0.0 0.15.255.255 all
  access-list 102 deny ip 192.168.0.0 0.0.255.255 everything
  access-list 102 deny ip 127.0.0.0 0.255.255.255 everything
  access-list 102 deny ip 192.168.201.0 0.0.0.127 all
  access-list 102 refuse host ip 255.255.255.255 everything
  access-list 102 refuse host ip 0.0.0.0 everything
  access ip-list 102 permit a whole
  access-list 103 allow ip 192.168.200.0 0.0.0.255 any
  access-list 103 allow ip 192.168.151.0 0.0.0.255 any
  access-list 103 allow ip 192.168.201.0 0.0.0.127 all
  access-list 103 permit ip 192.168.2.0 0.0.0.255 any
  access-list 103 allow ip 192.168.3.0 0.0.0.255 any
  access-list 103 allow y.y.y.y ip 0.0.0.7 one
  access-list 103 deny ip any one
  Remark SDM_ACL category from the list of access-104 = 4
  Note access-list 104 IPSec rule
  access-list 104. allow ip 192.168.201.0 0.0.0.127 192.168.151.0 0.0.0.255
  access-list 104 allow 192.168.201.0 ip 0.0.0.127 192.168.2.0 0.0.0.255
  access-list 104 allow 192.168.201.0 ip 0.0.0.127 192.168.3.0 0.0.0.255
  access-list 104 allow 192.168.201.0 ip 0.0.0.127 192.168.200.0 0.0.0.255
  not run cdp
  allowed SDM_RMAP_1 1 route map
  corresponds to the IP 100
  !
  !
  control plan
  !
  Bridge Protocol ieee 1
  1 channel ip bridge
  !
  Line con 0
  no activation of the modem
  line to 0
  line vty 0 4
  access-series 103 in
  privilege level 15
  entry ssh transport
  !
  max-task-time 5000 Planner
  end

  Bartosz,

  If you want to ping on the other side of the IPsec-L2L tunnel system you must change your 104 ACL.

  to read

  IP RA_VPN_POOL subnet REMOTE_SUBNET_MASK to allow REMOTE_SUBNET.

  access-list 104 allow 192.168.201.0 ip 0.0.0.127 192.168.200.0 0.0.0.255<---- this="" means="" ..="" put="" into="" the="" static="" l2l ="" tunnel="" traffic="" from="" my="" local="" subnet="" going="" to="" my="" remote="" access="" vpn="" ...="" seems="">

  Marcin

• Impossible to connect to the gateway SSL of the company site and program database after that upgraded 10.0

  Dear All/Admin/Tech,
  After the upgrade to Firefox 10.0 staff of my company in Indonesia can not rained access gateway SSL for the web of our company and therefore cannot log on to our web database program.

  In my tests, in Singapore (with the same ISP fiber broadband), I have the same problem.

  Both Chrome and IE have no problem, but Firefox stops on error "the connection was reset".

  Firefox is now super sensitive to the shift of site Web, allows no ports or y at - there some problem in which Firefox to reject Web page or program?

  So far, that seems to happen on Firefox 10.0 and our SSL https web portal. What is good on all other browsers.

  Help, please.

  Thank you and best regards,
  Joel Li

  I also have problems with 10 FF and Fortinet VPN.

  It helped me a little... http://social.technet.Microsoft.com/forums/en-us/w7itprosecurity/thread/e6e8ada8-BC12-4f6f-8de3-1d3fd2ff4931

  The problems seems to be in the Microsoft Security Update KB2585542, that TLS and SSL fixes. Apparently some websites that use SSL do not work properly because of this.

  I had to disable the update of security KB2585542, then downgrade to FF 9.0.1.

  BUT I don't want to remain unpatched and with an older version of FF. A way around this problem without downgrading?

  EDIT: Just to be clear, even after I disabled the patch MS that I kept getting "the connection was reset" in FF10. Everything worked great until I upgraded to FF10 even with the patch on.

• ASR1K and SSL VPN

  I'm having trouble finding information on SSL VPN for ASR1K, when we bought the boxes told us that SSL VPN was on the roadmap of the software, but that was back in 2010 and now I can not find anything nor can I get the right information.

  Does anyone have a recommendation on what to do or who to ask?

  PLS, contact your Cisco account manager as he or she would be able to provide additional information.

  There is normally a long list of features to add to the product, and SSL VPN is one of them who was asked to appear on the ASR. However, depending on the needs, it might be on the top of the list of the road map, or to the bottom of the list. Your Cisco AM should be able to get information from the product team.

• AnyConnect and SSL - VPN without client

  Are there problems in running Cisco AnyConnect and SSL - VPN without client side by side?

  I am currently looking into adding features for an ASA AnyConnect who currently set up to operate without SSL - VPN client. The system without client is not removed. I don't know how to set it up, I wonder if someone has already set up this or if there is no problem with this Setup?

  Hi Daniel

  It's a little complicated if you want a granular authentication and authorization, but it works.

  I'm running an ASA with IPSec, SSL Client and clientless SSL.

  Each of these virtual private networks with user/one-time-password name and certificate based authentic.

  The main challenge is to put in place its own structure of profile cards, connection profiles, group policies and dynamic access policies.

  Feel free to ask questions...

  Stephan

• Windows IPSEC and SSL VPN client on the same machine

  Matches (coexistence) installation of IPSEC and SSL vpn clients that are supported on the same computer, windows (XP and Win7)?

  As mentioned by Patricia and Jennifer (5 stars), you can install two clients on the same machine without any problem.

  The tricky part comes when you are trying to connect two clients at the same time, that's when you may encounter unexpected problems.

  However, if your intention is to install both clients and connect them individually and not at the same time, you'll be fine.

  If you have any other questions, please mark this question as answered and note all messages that you have found useful.

  Thank you.

  Portu.

  Post edited by: Javier Portuguez

• When I connect to secure Web sites (that is to say the National Bank aust) it says not a trusted site and certificate not valid?

  When I connect to secure Web sites (that is to say the National Bank aust) a message pops up saying not approved Web site and the security certificate is not valid? I can also book flights on qantas and Virgin site? Help, please. I could do all this 24 hours but now can not do something like this.

  Try to upgrade to a newer version of Firefox 3.6.x or 6.0.x.
  
  Your current version of Firefox 3.0.19 can exceeded SSL certificate expired.
  
  Also check the date and time of the clock on your computer: (double) click on the clock icon in the Windows taskbar.

  • Firefox 6.0.x: http://www.mozilla.com/en-US/firefox/all.html
  • Firefox 3.6.x: http://www.mozilla.com/en-US/firefox/all-older.html

• I work in a wbe site and it say Blocker is on when I show it is off - why?

  I followed the instructions via the menu to activate the pop-up blockers out of a particular web site, and the system shows they are now closed but the site continues to block what I try to do and said pop up blocks are on. Why and what I can do to remove them from this site. This is a corporate site and I really need to have access to it as soon as possible.
  Thank you

  You see special icons as an icon of the pop-up block to the left or to the right end of the address bar?

  Start Firefox in Safe Mode to check if one of the extensions (Firefox, Tools/menu key > Modules > Extensions) or if hardware acceleration is the cause of the problem.

  • Put yourself in the DEFAULT theme: Firefox, Tools/menu key > Modules > appearance
  • Do NOT click on the reset button on the startup window Mode safe
  • https://support.Mozilla.org/KB/safe+mode
  • https://support.Mozilla.org/KB/troubleshooting+extensions+and+themes

  Try to delete the permissions.sqlite to reset all the permissions.
  You can use this button to go to the current Firefox profile folder:

  • Help > troubleshooting information > profile directory: see file (Linux: open the directory;) Mac: View in the Finder)
  • http://KB.mozillazine.org/Profile_folder_-_Firefox

  Your security software might also block pop-ups.

  Start the computer in Mode safe mode with network support Windows (on the startup screen, press F8) to see if that helps.

  • http://www.bleepingcomputer.com/tutorials/how-to-start-Windows-in-safe-mode/
  • http://www.7tutorials.com/4-ways-boot-safe-mode-Windows-10

• We have site and only works with Firefox 3.0 Setup. so, can we have this version Offline Installer?

  We have site and only works with Firefox 3.0 Setup. so, can we have this version Offline Installer?

  Why is your site, not be able to be consulted in current Firefox?

  Firefox 3.0 is now rather old and vulnerable.

  If you must use a version of Firefox 3.0.x for that one site then try the portable version of Firefox 3.0.12. English is near the bottom of the list.
  http://sourceforge.NET/projects/PortableApps/files/Mozilla Firefox 2% C Portable ed. / Mozilla Firefox Portable edition 3.0.12 %2C.

  ^ copy + paste the url above.

  Installs it portable Firefox is autonomous, that it does not touch your version of Firefox or normal profiles for her.

• Hello I have problem with my site, and mozilla. Google chrome, safari, explorer, opera work ok. Mozilla Heve problem with images?

  Hello I have problem with my site, and mozilla. Google chrome, safari, explorer, opera work ok. I have Sobipro for both the company and the logos and images without work!
  When I try to open the url is this:http://www.athens-dayandnight.gr/images/sobipro/entries/288/587_img.jpg

  whith mozilla is the following: /images/sobipro/entries\288\587_img.jpg when ichange it------with this / work.

  any idea?

  Thank you

  Hello, the URLS that contain-in their path are not valid. Firefox is less tolerant to errors in this respect than other browsers.
  Correct the path to http://www.athens-dayandnight.gr/images/sobipro/entries/288/587_img.jpg in the source code of this site or if you don't control the contact of the site their webadmin to do...

• In the new window of the tab, I get a full screen of a site, and I do not see the gear of NEW CONTROLS TAB

  In a new tab (+) window, I get a full screen of the Bing site, and I do not see the gear of NEW CONTROLS TAB.
  I tried dragging one bookmark in this window and then had this site full-screen. But when I exit Firefox and restart it, it is by default to the Site of Bing - I HATE BING
  I do not see the gear for new tab controls, and so I can't put it: 'display your top sites '.
  I uninstalled Firefox and installed the latest version - I found myself with the same thing, I had - including my homepage and exactly the same problem - your help would be appreciated

  What do you see on the page, just nothing?

  Could you come back: config, filter using newtab again once and if browser.newtab.url is bold claims to be 'set of users", right click and click Reset in the menu bit

  If you open a new tab, which solve this problem?

  Edit: sorry for typo's fault: browser.newtab.url

• When I try to open CompuServe, which I used for several years on Firefox, a screen appears saying: this isn't a trusted site and it wont let me.

  When I try to open CompuServe, which I used for several years on Firefox, a screen appears saying: this isn't a trusted site and it wont let me.
  Here's what's on the screen that appears when I try to open CompuServe and AOL CompuServe of owner:
  ___________________________________________________________
  This connection is Untrusted
  You asked Firefox to connect safely to my.screenname.aol.com, but we cannot confirm that your connection is secure.
  Normally, when you try to connect safely, sites will present a reliable identification to prove that you're in the right place. However, the identity of this site cannot be verified.
  _____________________________________________________________

  There was a security of Firefox auto update on Friday, August 7, 2015 after which this problem started to occur. On my other computer, I use very often and on which I also use Firefox, I can easily open CompuServe.

  You allowed the information to be included in the details of your system more when you posted. Look to the right of your original post, where it is said more details of the system.