Solved

VPN Client connects but cant route between it and LAN

Posted on 2008-10-27
5
1,063 Views
Last Modified: 2012-05-05
We have an ASA5510 configured ok to acces the internet etc, users can access the portal ok and download the AnyConnect SSL client and get LAN access etc, but it only has the default 2 licenses.

They bought 250 IPSec licenses, so we set up IPSec VPN access, and have eventually got the client to connect to the VPN, but for the life of us we cant narrow down what is stopping access.

it looks like an ACL doing it, but we cant see which one could.

you can telnet the firewall and ping the LAN, and ping the VPN client, etc, but they cant access one another.

it continually logs

10.10.11.3      47070      UKDC01      53      Authorization denied (acl=DAP-ip-user-B0BF360E) for user 'administrator' from 10.10.11.3/47070 to UKDC01/53 on interface PublicINT using UDP

for all protocols from the VPN client.

Cheers
ASA Version 8.0(4) 
!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
!
interface Ethernet0/0
 nameif PublicINT
 security-level 0
 ip address PublicIP 255.255.255.240 
!
interface Ethernet0/1
 nameif DMZ
 security-level 0
 ip address 172.16.1.1 255.255.255.0 
!
interface Ethernet0/2
 nameif LAN
 security-level 100
 ip address 172.27.1.201 255.255.0.0 
!
interface Ethernet0/3
 nameif WLAN
 security-level 10
 ip address 10.0.0.1 255.255.255.0 
!
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0 
!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
access-list PublicINT_access_in remark VPN
access-list PublicINT_access_in extended permit udp any any eq isakmp 
access-list PublicINT_access_in remark any NTL provided IP can ping another for testing
access-list PublicINT_access_in extended permit icmp xxx.xxx.xxx.xxx 255.255.255.240 any log disable 
access-list PublicINT_access_in remark Allow LAN pinging
access-list PublicINT_access_in extended permit icmp 172.27.0.0 255.255.0.0 any log disable 
access-list PublicINT_access_in remark Allow PPTP Tunnel back in to LAN after initialisation
access-list PublicINT_access_in extended permit gre any 172.27.0.0 255.255.0.0 log disable 
access-list PublicINT_access_in remark Allow PPTP creation outbound
access-list PublicINT_access_in extended permit tcp any any eq pptp log disable 
access-list PublicINT_access_in remark any ping will dooo
access-list PublicINT_access_in extended permit icmp any any log disable 
access-list PublicINT_access_in remark for email inbound
access-list PublicINT_access_in extended permit tcp object-group DM_INLINE_NETWORK_1 any eq smtp log disable 
access-list PublicINT_access_in remark for OWA inbound to .91, includes this firewall too but that has a separate ACL
access-list PublicINT_access_in extended permit tcp any any eq https log disable 
access-list PublicINT_access_in remark support can RDP like a goodun
access-list PublicINT_access_in extended permit tcp supportFurlong 255.255.255.0 any object-group RDP log disable 
access-list PublicINT_access_in extended permit tcp 172.27.0.0 255.255.0.0 10.10.11.0 255.255.255.0 
access-list LAN_to_VPN_outbound remark Allow LAN route back to VPN users
access-list LAN_to_VPN_outbound extended permit ip 172.27.0.0 255.255.0.0 10.10.11.0 255.255.255.0 log disable 
access-list DefaultRAGroup_splitTunnelAcl_1 standard permit 172.27.0.0 255.255.0.0 
access-list LAN_access_in remark Allow LAN access other interfaces
access-list LAN_access_in extended permit ip 172.27.0.0 255.255.0.0 any log disable 
access-list DMZ_access_in remark DMZ allowed out
access-list DMZ_access_in extended permit ip any any log disable 
access-list DMZ_access_in remark Blocked from LAN
access-list DMZ_access_in extended deny ip any 172.27.0.0 255.255.0.0 log disable 
access-list DefaultRAGroup_splitTunnelAcl standard permit 172.27.0.0 255.255.0.0 
access-list DefaultRAGroup_splitTunnelAcl remark Access to LAN
access-list VPN-Pool_tun remark Access to VPN Pool
access-list VPN-Pool_tun standard permit 10.10.11.0 255.255.255.0 
access-list VPN-Pool_tun remark Access to LAN
access-list VPN-Pool_tun standard permit 172.27.0.0 255.255.0.0 
access-list VPN_to_LAN_Inbound remark Access for VPN Users to LAN
access-list VPN_to_LAN_Inbound extended permit ip 10.10.11.0 255.255.255.0 172.27.0.0 255.255.0.0 log disable 
access-list management_nat_outbound remark for testing anywhere on management DHCP interface
access-list management_nat_outbound extended permit ip any any 
access-list LAN_nat_outbound remark allow LAN/NAT access
access-list LAN_nat_outbound extended permit ip any any 
access-list PublicINT_cryptomap extended permit ip 172.27.0.0 255.255.0.0 10.10.11.0 255.255.255.0 
access-list DefaultRAGroup_splitTunnelAcl_2 standard permit 172.27.0.0 255.255.0.0 
access-list CompanyVPN-Group_splitTunnelAcl standard permit 172.27.0.0 255.255.0.0 
access-list PublicINT_dyn_map extended permit ip any 10.10.11.0 255.255.255.0 
pager lines 24
logging enable
logging timestamp
logging list VPN-Log level debugging class vpn
logging buffer-size 50000
logging console informational
logging buffered informational
logging history informational
logging asdm informational
mtu PublicINT 1500
mtu DMZ 1500
mtu LAN 1500
mtu WLAN 1500
mtu management 1500
ip local pool AnyConnectPool 10.10.11.0-10.10.11.254 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-613.bin
no asdm history enable
arp timeout 14400
nat-control
global (PublicINT) 1 interface
nat (LAN) 0 access-list LAN_to_VPN_outbound
nat (LAN) 1 access-list LAN_nat_outbound
nat (management) 1 access-list management_nat_outbound
static (LAN,PublicINT) xxx.xxx.xxx.xxx ExchangeUK netmask 255.255.255.255 
access-group PublicINT_access_in in interface PublicINT
access-group DMZ_access_in in interface DMZ
access-group LAN_access_in in interface LAN
route PublicINT 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
 network-acl PublicINT_dyn_map
 webvpn
  url-list value CompanyBookmarks
  file-browsing enable
  file-entry enable
  url-entry enable
  svc ask enable default webvpn
aaa-server AD_RADIUS protocol radius
 max-failed-attempts 5
aaa-server AD_RADIUS (LAN) host UKDC01
 key c1sc0
 radius-common-pw c1sc0
 acl-netmask-convert auto-detect
aaa-server AD_RADIUS (LAN) host UKDC03
 key c1sc0
 radius-common-pw c1sc0
aaa authentication serial console AD_RADIUS LOCAL
aaa authentication http console LOCAL 
aaa authentication ssh console LOCAL 
aaa authentication telnet console LOCAL 
aaa authentication enable console LOCAL 
http server enable
http supportFurlong 255.255.255.0 PublicINT
http xxx.xxx.xxx.xxx 255.255.255.240 PublicINT
http 172.27.0.0 255.255.0.0 LAN
http 192.168.1.0 255.255.255.0 management
http xxx.xxx.xxx.xxx 255.255.252.0 PublicINT
http redirect management 81
http redirect LAN 81
http redirect PublicINT 81
snmp-server host PublicINT xx.xxx.167.6 community snmp version 2c udp-port 161
snmp-server location Abingdon
no snmp-server contact
snmp-server community snmp
snmp-server enable traps snmp authentication linkup linkdown coldstart
auth-prompt accept *** Welcome to Company Abingdon *** 
auth-prompt reject *** Please contact Support at support@wibble.net in the event of logon problems *** 
crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac 
crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac 
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac 
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac 
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac 
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac 
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac 
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac 
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac 
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac 
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map PublicINT_dyn_map 20 match address PublicINT_dyn_map
crypto dynamic-map PublicINT_dyn_map 20 set pfs 
crypto dynamic-map PublicINT_dyn_map 20 set transform-set ESP-3DES-SHA
crypto dynamic-map PublicINT_dyn_map 20 set security-association lifetime seconds 28800
crypto dynamic-map PublicINT_dyn_map 20 set security-association lifetime kilobytes 4608000
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime seconds 28800
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime kilobytes 4608000
crypto map PublicINT_map 65534 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map PublicINT_map 65535 ipsec-isakmp dynamic PublicINT_dyn_map
crypto map PublicINT_map interface PublicINT
crypto ca trustpoint CompanyASA
 enrollment self
 subject-name CN=Head Office FW,O=Company,C=UK,L=Abingdon
 crl configure
crypto ca trustpoint LOCAL-CA-SERVER
 keypair LOCAL-CA-SERVER
 crl configure
crypto ca server 
crypto ca certificate chain CompanyASA
 certificate 31
    xxxxxxxxxxxxxxx
  quit
crypto ca certificate chain LOCAL-CA-SERVER
 certificate ca 01
    xxxxxxxxxxxxxxx
  quit
crypto isakmp identity address 
crypto isakmp enable PublicINT
crypto isakmp policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 1
 lifetime 86400
crypto isakmp policy 30
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
no vpn-addr-assign aaa
no vpn-addr-assign dhcp
vpn-sessiondb max-webvpn-session-limit 2
~~~~~~~~~~~~~~~~~~~~~~~~~~
webvpn
 enable PublicINT
 enable LAN
 enable management
 csd image disk0:/images/securedesktop-asa-3.3.0.129-k9.pkg
 svc image disk0:/images/anyconnect-win-2.2.0140-k9.pkg 1 regex "Windows NT"
 svc image disk0:/images/anyconnect-linux-2.2.0140-k9.pkg 3 regex "Linux"
 svc image disk0:/images/anyconnect-macosx-i386-2.2.0140-k9.pkg 4 regex "PPC Mac OS X"
 svc enable
 port-forward test smtp 172.27.1.80 smtp 
 tunnel-group-list enable
 group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
 dns-server value 172.27.1.11 172.27.1.33
 vpn-tunnel-protocol l2tp-ipsec 
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value DefaultRAGroup_splitTunnelAcl_2
 default-domain value Company.com
group-policy DfltGrpPolicy attributes
 dns-server value 172.27.1.11 172.27.1.33
 vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
 ipsec-udp enable
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value VPN-Pool_tun
 default-domain value Company.com
 secure-unit-authentication enable
 address-pools value AnyConnectPool
 webvpn
  url-list value CompanyBookmarks
  svc ask enable default webvpn timeout 5
group-policy CompanyVPN-Group internal
group-policy CompanyVPN-Group attributes
 dns-server value 172.27.1.11 172.27.1.33
 vpn-tunnel-protocol IPSec 
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value PublicINT_cryptomap
 default-domain value Company.com
username supporttemp password xxxxxxxxxxxxxxxxx encrypted
username admin password xxxxxxxxxxxxxxxxxxx encrypted privilege 15
username admin attributes
 vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
 password-storage disable
 webvpn
  customization value DfltCustomization
  svc keep-installer none
username administrator password xxxxxxxxxxxxxxxxxx encrypted privilege 15
username Company password xxxxxxxxxxxxxxxxxxx encrypted
tunnel-group DefaultRAGroup general-attributes
 address-pool AnyConnectPool
 authentication-server-group AD_RADIUS
 authentication-server-group (PublicINT) AD_RADIUS LOCAL
 authorization-server-group LOCAL
 authorization-server-group (PublicINT) AD_RADIUS
 default-group-policy DefaultRAGroup
 authorization-required
tunnel-group DefaultRAGroup webvpn-attributes
 group-alias VPNClientWin32 disable
tunnel-group DefaultRAGroup ipsec-attributes
 pre-shared-key *
 peer-id-validate nocheck
tunnel-group DefaultRAGroup ppp-attributes
 authentication ms-chap-v2
tunnel-group DefaultWEBVPNGroup general-attributes
 authentication-server-group AD_RADIUS LOCAL
 authentication-server-group (LAN) AD_RADIUS LOCAL
 authorization-server-group AD_RADIUS
 authorization-server-group (LAN) AD_RADIUS
 authorization-required
tunnel-group DefaultWEBVPNGroup webvpn-attributes
 group-alias DefaultWEBVPNGroup disable
tunnel-group CompanyWebSSL type remote-access
tunnel-group CompanyWebSSL general-attributes
 address-pool AnyConnectPool
 authentication-server-group AD_RADIUS LOCAL
tunnel-group CompanyWebSSL webvpn-attributes
 group-alias Company enable
 dns-group InternalDNS
tunnel-group CompanyVPN-Group type remote-access
tunnel-group CompanyVPN-Group general-attributes
 address-pool AnyConnectPool
 authentication-server-group AD_RADIUS LOCAL
 default-group-policy CompanyVPN-Group
 authorization-required
tunnel-group CompanyVPN-Group ipsec-attributes
 pre-shared-key *
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns migrated_dns_map_1
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns migrated_dns_map_1 
  inspect ftp 
  inspect h323 h225 
  inspect h323 ras 
  inspect rsh 
  inspect rtsp 
  inspect sqlnet 
  inspect skinny  
  inspect sunrpc 
  inspect xdmcp 
  inspect sip  
  inspect netbios 
  inspect tftp 
  inspect pptp 
!
service-policy global_policy global
smtp-server xx.xxx.161.4
prompt hostname context

Open in new window

0
Comment
Question by:gurner78
  • 3
  • 2
5 Comments
 
LVL 2

Expert Comment

by:JimmyLarsson
ID: 22815202
Hello

Unless you have configured aaa authorization by porpose you should remove the "authorization-required" on each tunnel-group (including DefaulRAGroup).

Please not the difference between authentication and authorization. The most common use of AAA is for authentication (who is it?). Authorization (what is he allowed to do?) and accounting (what did he do?) are rarely used.

Br Jimmy
0
 

Author Comment

by:gurner78
ID: 22816247
Thanks, tried it but it still does the same thing, continuously logging that error with every ping/access attempt etc

i deleted every instance of it from each tunnel as requested, but wonder if it is still in effect somewhere?

Cheers
0
 
LVL 2

Expert Comment

by:JimmyLarsson
ID: 22816818
do some debugging. Like

logging on
logging monitor 4
term mon
deb aaa authen
deb aaa author

Br Jimmy
0
 

Author Comment

by:gurner78
ID: 22817162
logging on the terminal only showed when i logged off, but i relented on the ASDM and spun up the logging on that and caught this (from the bottom up) the logon, then the error about Authorization Denied (even with those lines taken out the tunnels)

as a quick thought, its uses a basic IAS/Radius pass through to a win2k server set with default policy settings, MS Chap v2, MS Chap, PAP, SPAP, all Encryption tick boxes picked, Grant Remote Access during 24hrs, etc.  that couldnt be having an effect? i wouldnt ave thought so, as it gets connected ok?

------------------------------------------
6|Oct 27 2008|21:17:05|109025|10.10.11.3|51381|UKDC03|53|Authorization denied (acl=DAP-ip-user-B0BF360E) for user 'administrator' from 10.10.11.3/51381 to UKDC03/53 on interface PublicINT using UDP
6|Oct 27 2008|21:17:05|109025|10.10.11.3|51381|UKDC01|53|Authorization denied (acl=DAP-ip-user-B0BF360E) for user 'administrator' from 10.10.11.3/51381 to UKDC01/53 on interface PublicINT using UDP
6|Oct 27 2008|21:17:03|109025|10.10.11.3|51381|UKDC03|53|Authorization denied (acl=DAP-ip-user-B0BF360E) for user 'administrator' from 10.10.11.3/51381 to UKDC03/53 on interface PublicINT using UDP
6|Oct 27 2008|21:17:02|109025|10.10.11.3|51381|UKDC01|53|Authorization denied (acl=DAP-ip-user-B0BF360E) for user 'administrator' from 10.10.11.3/51381 to UKDC01/53 on interface PublicINT using UDP

6|Oct 27 2008|21:16:58|305011|172.27.6.113|4687|PublicIP|34341|Built dynamic TCP translation from LAN:172.27.6.113/4687 to PublicINT(LAN_nat_outbound):PublicIP/34341
5|Oct 27 2008|21:16:53|713120|||||Group = CompanyVPN-Group, Username = administrator, IP = 62.xxx.xxx.xx, PHASE 2 COMPLETED (msgid=101949b5)
6|Oct 27 2008|21:16:53|602303|||||IPSEC: An inbound remote access SA (SPI= 0xD9EA32CA) between PublicIP and 62.xxx.xxx.xx (user= administrator) has been created.
5|Oct 27 2008|21:16:53|713049|||||Group = CompanyVPN-Group, Username = administrator, IP = 62.xxx.xxx.xx, Security negotiation complete for User (administrator)  Responder, Inbound SPI = 0xd9ea32ca, Outbound SPI = 0xe94c2c53
6|Oct 27 2008|21:16:53|602303|||||IPSEC: An outbound remote access SA (SPI= 0xE94C2C53) between PublicIP and 62.xxx.xxx.xx (user= administrator) has been created.
5|Oct 27 2008|21:16:53|713075|||||Group = CompanyVPN-Group, Username = administrator, IP = 62.xxx.xxx.xx, Overriding Initiator's IPSec rekeying duration from 2147483 to 28800 seconds
5|Oct 27 2008|21:16:53|713119|||||Group = CompanyVPN-Group, Username = administrator, IP = 62.xxx.xxx.xx, PHASE 1 COMPLETED
6|Oct 27 2008|21:16:53|713228|||||Group = CompanyVPN-Group, Username = administrator, IP = 62.xxx.xxx.xx, Assigned private IP address 10.10.11.3 to remote user
6|Oct 27 2008|21:16:53|737006|||||IPAA: Local pool request succeeded for tunnel-group 'CompanyVPN-Group'
6|Oct 27 2008|21:16:53|737026|||||IPAA: Client assigned 10.10.11.3 from local pool
6|Oct 27 2008|21:16:53|713184|||||Group = CompanyVPN-Group, Username = administrator, IP = 62.xxx.xxx.xx, Client Type: WinNT  Client Application Version: 5.0.04.0300
5|Oct 27 2008|21:16:53|713130|||||Group = CompanyVPN-Group, Username = administrator, IP = 62.xxx.xxx.xx, Received unsupported transaction mode attribute: 5
6|Oct 27 2008|21:16:53|734001|||||DAP: User administrator, Addr 62.xxx.xxx.xx, Connection IPSec: The following DAP records were selected for this connection: DfltAccessPolicy
6|Oct 27 2008|21:16:53|113008|||||AAA transaction status ACCEPT : user = administrator
6|Oct 27 2008|21:16:53|113009|||||AAA retrieved default group policy (CompanyVPN-Group) for user = administrator
6|Oct 27 2008|21:16:53|113004|||||AAA user authentication Successful : server =  UKDC01 : user = administrator
6|Oct 27 2008|21:16:53|713172|||||Group = CompanyVPN-Group, IP = 62.xxx.xxx.xx, Automatic NAT Detection Status:     Remote end is NOT behind a NAT device     This   end is NOT behind a NAT device
0
 

Accepted Solution

by:
gurner78 earned 0 total points
ID: 22820346
I figured it out at last this morning, it is connected to the vpn and I have a continuous ping running and am able to RDP internal servers ok

I changed this set of lines, from

dynamic-access-policy-record DfltAccessPolicy
 network-acl PublicINT_dyn_map

to

dynamic-access-policy-record DfltAccessPolicy
 network-acl LAN_nat_outbound

The old ACL 'PublicINT_dyn_map' is defined as 'access-list PublicINT_dyn_map extended permit ip any 10.10.11.0 255.255.255.0'

The one now currently being used, 'LAN_nat_outbound' was created for the outbound 'dynamic' NAT rule, and is just 'access-list LAN_nat_outbound extended permit ip any any' and when applied it just started working!

I changed the Split Tunnel used from VPN-Pool_tun to CompanyVPN-Group_splitTunnelAcl, but I think this was a coincidence, as they are the same except no 'permit 10.10.11.0...'

access-list VPN-Pool_tun standard permit 10.10.11.0 255.255.255.0
access-list VPN-Pool_tun standard permit 172.27.0.0 255.255.0.0

access-list CompanyVPN-Group_splitTunnelAcl standard permit 172.27.0.0 255.255.0.0


However, i swear ive tried this before, so think some condition on the firewall is different this time around, and it has a better impact.  what it is i cant really be sure, but wondered if your Authorization-required' removal helped, but either way im not going to add it to test again, ha.

so ive made multiple copies of the config and locked it all down so no one can change it (with out the main account)

Cheers

Gurner
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question