Solved

ASA remote access VPN can not access internet

Posted on 2011-02-12
12
848 Views
Last Modified: 2012-06-27
hello experts
i have a Cisco ASA firewall, soft version is 8.2(1), i did configure remote access VPN on it, i could connect it properly via Cisco VPN client and also access internal or DMZ network is fine, but i can't access internet with VPN connected, following is the configuration of ASA, so help me on this please.

access-list VPN-USER extended permit ip 10.0.0.0 255.0.0.0 10.140.5.0 255.255.255.0
access-list VPN-USER extended permit ip 192.168.0.0 255.255.0.0 10.140.5.0 255.255.255.0
access-list VPN-USER extended permit ip 172.16.0.0 255.240.0.0 10.140.5.0 255.255.255.0
access-list VPN-USER extended permit ip any 10.140.5.0 255.255.255.0

global (outside) 1 interface
nat (outside) 1 10.140.5.0 255.255.255.0
nat (inside) 0 access-list VPN-USER
nat (inside) 1 0.0.0.0 0.0.0.0
nat (DMZ) 0 access-list VPN-USER
nat (DMZ) 1 0.0.0.0 0.0.0.0

explanations: 10.140.5.0/24 is the network range for VPN clients, i have a another ASA anyway with the same configuration and everything works fine, the only different is that ASA is more higher soft version: 8.2(2)4.

i am really puzzled not sure whats wrong.

thanks very much
0
Comment
Question by:beardog1113
  • 6
  • 6
12 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34881582
Hi,


did you made 'clear xlate' after?
0
 

Author Comment

by:beardog1113
ID: 34881587
yes, i did try that after configure the ASA, but it doesn't help.

thx
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34881593
ok, please show the whole config
0
 

Author Comment

by:beardog1113
ID: 34881660
ASA-001# sh run
: Saved
:
ASA Version 8.2(1)
!
hostname ASA-001
enable password oJXexQk.vUwCf1TY encrypted
passwd oJXexQk.vUwCf1TY encrypted
names
name 10.140.7.5 server1
name 10.140.7.6 server2
name 10.140.7.7 VIP
name 10.140.7.3 PHPWEB
name 10.140.7.2 WEB05
name 10.160.229.128 POWER
name 10.160.217.126 POWER_1
name 10.140.7.10 SFTP
name 10.140.7.4 server3
name 10.140.7.13 monline5
name 10.140.7.12 server4
name 10.140.0.45 sql2
name 10.140.1.14 backup
name 10.140.0.10 MAIL1
name 10.140.3.27 EPO1
name 10.140.3.28 WSUS1
name 10.140.3.11 DC1
!            
interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address x.x.x.196 255.255.255.192 standby x.x.x.197
!
interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address 10.140.0.3 255.255.255.128 standby 10.140.0.4
!
interface GigabitEthernet0/2
 nameif DMZ
 security-level 50
 ip address 10.140.7.1 255.255.255.0 standby 10.140.7.254
!
interface GigabitEthernet0/3
 description LAN Failover Interface
!
interface Management0/0
 description STATE Failover Interface
!
ftp mode passive
object-group network Mail-Servers-Inside
 network-object 10.140.0.17 255.255.255.255
 network-object MAIL1 255.255.255.255
 network-object 10.140.1.127 255.255.255.255
object-group service Dim-ports
 service-object icmp echo-reply
 service-object icmp echo
 service-object tcp eq www
 service-object tcp eq https
 service-object tcp eq 1433
 service-object tcp eq 1759
 service-object tcp eq 65100
 service-object tcp eq 445
 service-object tcp eq 3177
 service-object tcp eq netbios-ssn
 service-object udp eq 1434
 service-object udp eq 5093
 service-object udp eq netbios-ns
object-group network MS-Servers-DMZ
 network-object WEB05 255.255.255.255
 network-object PHPWEB 255.255.255.255
 network-object server1 255.255.255.255
 network-object server2 255.255.255.255
 network-object VIP 255.255.255.255
object-group network D-Servers
 network-object VIP 255.255.255.255
 network-object host server2
 network-object host server3
 network-object host server1
object-group network Backup
 network-object WEB05 255.255.255.255
 network-object PHPWEB 255.255.255.255
 network-object server1 255.255.255.255
 network-object VIP 255.255.255.255
object-group network EPO
 network-object WEB05 255.255.255.255
 network-object PHPWEB 255.255.255.255
 network-object server1 255.255.255.255
 network-object VIP 255.255.255.255
object-group network SNMP
 network-object WEB05 255.255.255.255
 network-object PHPWEB 255.255.255.255
 network-object server1 255.255.255.255
 network-object VIP 255.255.255.255
object-group service EPO-ports
 service-object tcp eq 8081
 service-object udp eq 8081
 service-object tcp eq 8082
 service-object udp eq 8082
 service-object tcp eq 8444
 service-object udp eq 8444
object-group service Backup-ports
 service-object tcp eq 10000
object-group service snmp
 service-object tcp eq 161
 service-object udp eq snmp
 service-object udp eq snmptrap
object-group network Internal-Network
 network-object 10.0.0.0 255.0.0.0
 network-object 172.16.0.0 255.240.0.0
 network-object 192.168.0.0 255.255.0.0
object-group service wsus-ports
 service-object tcp eq 8530
 service-object tcp eq www
 service-object tcp eq https
 service-object tcp eq 8531
object-group protocol TCPUDP
 protocol-object udp
 protocol-object tcp
object-group network Dim-Internal
 network-object host 10.140.0.37
 network-object host 10.140.0.38
 network-object host 10.140.0.39
 network-object host 10.140.0.40
object-group network DM_INLINE_NETWORK_1
 network-object host server4
 network-object host monline5
object-group network DM_INLINE_NETWORK_2
 network-object host EPO1
 network-object host WSUS1
object-group network DM_INLINE_NETWORK_3
 network-object host server4
 network-object host monline5
object-group service DM_INLINE_TCP_1 tcp
 port-object eq www
 port-object eq https
object-group network DM_INLINE_NETWORK_4
 network-object host server4
 network-object host monline5
object-group service Fileshare
 service-object tcp-udp eq 137
 service-object tcp-udp eq 138
 service-object tcp-udp eq 139
 service-object tcp eq 445
object-group service SQL
 service-object tcp eq 1433
 service-object tcp eq 2483
 service-object tcp eq 1434
 service-object tcp eq 137
 service-object tcp
 service-object tcp eq netbios-ssn
 service-object tcp eq 0
 service-object tcp eq 445
 service-object tcp eq exec
 service-object udp
object-group service DM_INLINE_SERVICE_1
 group-object Fileshare
 group-object SQL
object-group service SQL-Ports
 service-object tcp range 1024 5000
object-group network SMTP_SO
 network-object host server4
 network-object host monline5
 network-object host WEB05
 network-object host SFTP
 network-object host server3
 network-object host server1
 network-object host server2
object-group network SMTP_DE
 network-object host POWER_1
 network-object host 10.137.8.23
object-group network CAST
 network-object 135.196.24.192 255.255.255.240
 network-object 213.235.63.64 255.255.255.192
 network-object 94.185.244.0 255.255.255.0
 network-object 212.2.3.128 255.255.255.192
 network-object 94.185.240.0 255.255.255.0
 network-object 212.188.232.144 255.255.255.248
 network-object 195.130.217.0 255.255.255.0
access-list dmz extended permit icmp any any
access-list dmz extended permit object-group TCPUDP 10.140.7.0 255.255.255.128 host DC1 eq domain
access-list dmz extended permit tcp 10.140.7.0 255.255.255.128 host DC1 eq 3389
access-list dmz extended permit tcp 10.140.7.0 255.255.255.128 host backup eq 10000
access-list dmz extended permit object-group EPO-ports 10.140.7.0 255.255.255.128 host EPO1
access-list dmz extended permit object-group wsus-ports 10.140.7.0 255.255.255.128 host WSUS1
access-list dmz extended permit object-group snmp 10.140.7.0 255.255.255.128 host 10.11.2.97
access-list dmz extended permit object-group snmp 10.140.7.0 255.255.255.128 host 10.140.0.14
access-list dmz extended permit tcp host WEB05 host 10.140.0.16 eq 1433
access-list dmz extended permit tcp host WEB05 host 203.23.136.46 eq 990
access-list dmz extended permit tcp host WEB05 host 203.23.136.46 eq ftp
access-list dmz extended permit tcp host WEB05 host 203.23.136.46 range 4900 4920
access-list dmz extended permit tcp host WEB05 host 10.140.0.18 eq 1433
access-list dmz extended permit tcp host WEB05 host POWER eq smtp
access-list dmz extended permit tcp object-group MS-Servers-DMZ host POWER eq smtp
access-list dmz extended permit tcp object-group MS-Servers-DMZ host 10.160.217.216 eq smtp
access-list dmz extended permit tcp host 10.140.7.14 host 10.167.101.1 eq 7000
access-list dmz extended permit tcp host monline5 host 10.167.101.1 eq 7000
access-list dmz extended permit tcp host server4 host 10.167.101.1 eq 7000
access-list dmz extended permit tcp object-group MS-Servers-DMZ host POWER_1 eq smtp
access-list dmz extended permit tcp 10.140.7.0 255.255.255.128 host backup eq 6101
access-list dmz extended permit tcp 10.140.7.0 255.255.255.128 host backup eq 6103
access-list dmz extended permit tcp 10.140.7.0 255.255.255.128 host backup eq 441
access-list dmz extended permit tcp host SFTP any eq www
access-list dmz extended permit tcp host SFTP host MAIL1 eq smtp
access-list dmz extended permit tcp host SFTP any eq https
access-list dmz extended permit tcp host server2 any eq www
access-list dmz extended permit tcp host server2 host 203.29.78.90 eq ftp
access-list dmz extended permit tcp host WEB05 any eq domain
access-list dmz extended permit tcp host server3 host 10.140.0.41 eq 2074
access-list dmz extended deny ip host WEB05 192.168.0.0 255.255.0.0
access-list dmz extended deny ip host WEB05 10.0.0.0 255.0.0.0
access-list dmz extended deny ip host WEB05 172.16.0.0 255.240.0.0
access-list dmz extended permit ip host WEB05 any
access-list dmz extended permit ip object-group D-Servers host 10.140.0.41 log
access-list dmz extended permit tcp object-group D-Servers host 10.140.0.41 eq 1433
access-list dmz extended permit tcp object-group D-Servers host 10.140.0.41 eq 3177
access-list dmz extended permit tcp object-group D-Servers host 10.140.0.41 eq 2074
access-list dmz extended permit udp host monline5 host 10.140.3.12 eq 5093
access-list dmz extended permit udp object-group D-Servers host 10.140.3.12 eq 5093
access-list dmz extended permit tcp object-group SMTP_SO object-group SMTP_DE eq smtp
access-list dmz extended deny ip object-group D-Servers 192.168.0.0 255.255.0.0
access-list dmz extended deny ip object-group D-Servers 172.16.0.0 255.240.0.0
access-list dmz extended deny ip object-group D-Servers 10.0.0.0 255.0.0.0
access-list dmz extended permit ip object-group D-Servers any
access-list dmz extended permit ip object-group DM_INLINE_NETWORK_1 object-group DM_INLINE_NETWORK_2
access-list dmz extended permit object-group SQL object-group DM_INLINE_NETWORK_4 host sql2
access-list dmz extended permit ip object-group DM_INLINE_NETWORK_4 host sql2
access-list dmz extended permit tcp object-group DM_INLINE_NETWORK_3 any object-group DM_INLINE_TCP_1
access-list dmz extended deny ip any any
access-list inside extended permit icmp any any
access-list inside extended permit ip any any
access-list outside extended permit icmp any any
access-list outside extended permit tcp any host x.x.x.199 eq www
access-list outside extended permit tcp any host x.x.x.199 eq https
access-list outside extended permit tcp any host x.x.x.199 eq ftp
access-list outside extended permit tcp any host x.x.x.199 eq ssh
access-list outside extended permit tcp any host x.x.x.199 eq 55
access-list outside extended permit tcp any host x.x.x.200 eq 1433
access-list outside extended permit tcp any host x.x.x.199 eq 81
access-list outside extended permit ip host 121.223.202.97 host x.x.x.200
access-list outside extended permit ip host 59.151.57.251 host x.x.x.200
access-list outside extended permit tcp any host x.x.x.201 eq ssh
access-list outside extended permit tcp host 203.23.136.46 host x.x.x.199 eq 990
access-list outside extended permit tcp any host x.x.x.205 eq www
access-list outside extended permit tcp any host x.x.x.205 eq https
access-list outside extended permit tcp any host x.x.x.206 eq https
access-list outside extended permit tcp any host x.x.x.206 eq www
access-list outside extended permit tcp any host x.x.x.202 eq www
access-list outside extended permit tcp any host x.x.x.202 eq https
access-list outside extended permit tcp any host x.x.x.203 eq www
access-list outside extended permit tcp any host x.x.x.203 eq https
access-list outside extended permit tcp any host x.x.x.204 eq www
access-list outside extended permit tcp any host x.x.x.204 eq https
access-list outside extended permit tcp any host x.x.x.207 eq www
access-list outside extended permit tcp any host x.x.x.207 eq https
access-list outside extended permit tcp any host x.x.x.209 eq www
access-list outside extended permit tcp any host x.x.x.209 eq https
access-list outside extended permit tcp any host x.x.x.210 eq https
access-list outside extended permit tcp any host x.x.x.210 eq www
access-list outside extended permit tcp any host x.x.x.208 eq www
access-list outside extended permit tcp any host x.x.x.208 eq https
access-list outside extended permit ip host 202.5.96.181 host x.x.x.200
access-list VPN-USER extended permit ip 10.0.0.0 255.0.0.0 10.140.5.0 255.255.255.0
access-list VPN-USER extended permit ip 192.168.0.0 255.255.0.0 10.140.5.0 255.255.255.0
access-list VPN-USER extended permit ip 172.16.0.0 255.255.0.0 10.140.5.0 255.255.255.0
access-list VPN-USER extended permit ip any 10.140.5.0 255.255.255.0
pager lines 24
logging asdm informational
mtu outside 1500
mtu inside 1500
mtu DMZ 1500
ip local pool RM-VPN-POOL 10.140.5.1-10.140.5.254 mask 255.255.255.0
failover
failover lan unit primary
failover lan interface failover GigabitEthernet0/3
failover key *****
failover link state Management0/0
failover interface ip failover 10.140.16.213 255.255.255.252 standby 10.140.16.214
failover interface ip state 10.140.16.209 255.255.255.252 standby 10.140.16.210
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (outside) 1 10.140.5.0 255.255.255.0
nat (inside) 0 access-list VPN-USER
nat (inside) 1 0.0.0.0 0.0.0.0
nat (DMZ) 0 access-list VPN-USER
nat (DMZ) 1 0.0.0.0 0.0.0.0
static (DMZ,outside) tcp x.x.x.199 81 PHPWEB 81 netmask 255.255.255.255
static (DMZ,outside) tcp x.x.x.199 www WEB05 www netmask 255.255.255.255
static (DMZ,outside) tcp x.x.x.199 ftp WEB05 ftp netmask 255.255.255.255
static (inside,DMZ) 10.0.0.0 10.0.0.0 netmask 255.0.0.0
static (inside,DMZ) 192.168.0.0 192.168.0.0 netmask 255.255.0.0
static (inside,DMZ) 172.16.0.0 172.16.0.0 netmask 255.240.0.0
static (DMZ,outside) x.x.x.202 VIP netmask 255.255.255.255
static (DMZ,outside) x.x.x.203 server1 netmask 255.255.255.255
static (DMZ,outside) x.x.x.205 10.140.7.8 netmask 255.255.255.255
static (DMZ,outside) x.x.x.206 10.140.7.9 netmask 255.255.255.255
static (inside,outside) x.x.x.200 10.140.0.16 netmask 255.255.255.255
static (DMZ,outside) x.x.x.204 server2 netmask 255.255.255.255
static (DMZ,outside) x.x.x.201 SFTP netmask 255.255.255.255
static (DMZ,outside) x.x.x.207 server3 netmask 255.255.255.255
static (DMZ,outside) x.x.x.209 server4 netmask 255.255.255.255
static (DMZ,outside) x.x.x.210 monline5 netmask 255.255.255.255
static (DMZ,outside) x.x.x.208 10.140.7.14 netmask 255.255.255.255
access-group outside in interface outside
access-group inside in interface inside
access-group dmz in interface DMZ
route outside 0.0.0.0 0.0.0.0 x.x.x.193 1
route inside 10.0.0.0 255.0.0.0 10.140.0.1 1
route inside 172.16.0.0 255.240.0.0 10.140.0.1 1
route inside 192.168.0.0 255.255.0.0 10.140.0.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server ACS-Group protocol radius
aaa-server ACS-Group (inside) host 10.11.2.33
 timeout 15
 key *****
aaa-server ACS-Group (inside) host 10.11.2.34
 timeout 15
 key *****
aaa-server ACS-Group (inside) host 192.168.1.240
 timeout 15
 key *****
aaa authentication enable console LOCAL
aaa authentication http console LOCAL
aaa authentication ssh console LOCAL
http server enable
http server idle-timeout 60
http server session-timeout 60
http 10.0.0.0 255.0.0.0 inside
http 192.168.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
sysopt noproxyarp DMZ
service resetoutside
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set DM-MAP esp-3des esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map DM-MAP 10 set pfs
crypto dynamic-map DM-MAP 10 set transform-set ESP-3DES-SHA ESP-3DES-MD5 DM-MAP
crypto dynamic-map DM-MAP 65535 set pfs
crypto dynamic-map DM-MAP 65535 set transform-set ESP-3DES-SHA ESP-3DES-MD5 DM-MAP
crypto map DM-MAP 65535 ipsec-isakmp dynamic DM-MAP
crypto map DM-MAP interface outside
crypto isakmp identity address
crypto isakmp enable outside
crypto isakmp policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
crypto isakmp policy 20
 authentication pre-share
 encryption 3des
 hash md5
 group 2
 lifetime 86400
crypto isakmp policy 65535
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
vpn-addr-assign local reuse-delay 60
telnet 10.0.0.0 255.0.0.0 inside
telnet timeout 30
ssh 10.0.0.0 255.0.0.0 inside
ssh 192.168.0.0 255.255.0.0 inside
ssh timeout 60
ssh version 2
console timeout 0
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy DM-MAP internal
group-policy DM-MAP attributes
 dns-server value 10.140.3.11 10.137.8.26
 vpn-tunnel-protocol IPSec
 default-domain value ap.ipsos
 address-pools value RM-VPN-POOL
 ipv6-address-pools none
username admin password oD4GyTosDcH1utla encrypted privilege 15
tunnel-group DM-MAP type remote-access
tunnel-group DM-MAP general-attributes
 address-pool RM-VPN-POOL
 authentication-server-group ACS-Group
 default-group-policy DM-MAP
tunnel-group DM-MAP ipsec-attributes
 pre-shared-key *
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:ea5e04f553ab6c11232ec55ddae4ff9b
: end
ASA-001#
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34881670
Hi,

you use same pool with the routed address to inside:

route inside 10.0.0.0 255.0.0.0 10.140.0.1 1
route inside 172.16.0.0 255.240.0.0 10.140.0.1 1
route inside 192.168.0.0 255.255.0.0 10.140.0.1 1

you need all address to route?
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34881681
you need to create an acl for VPN

access-list VPN_REMOTE_ACL standard permit 10.0.0.0 255.0.0.0
access-list VPN_REMOTE_ACL standard permit 172.16.0.0 255.240.0.0
access-list VPN_REMOTE_ACL standard permit 192.168.0.0 255.255.0.0

and you need to use it in the group policy:

group-policy DM-MAP attributes
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value VPN_REMOTE_ACL
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:beardog1113
ID: 34881770
hi expert
as i said, with my current configuration, access internal network is fine with VPN connected, my problem is i can't access internet with VPN connected.

thanks
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 500 total points
ID: 34881773
ok, in this case you need to create Split tunnel:


access-list VPN_REMOTE_ACL standard permit 10.0.0.0 255.0.0.0
access-list VPN_REMOTE_ACL standard permit 172.16.0.0 255.240.0.0
access-list VPN_REMOTE_ACL standard permit 192.168.0.0 255.255.0.0

and you need to use it in the group policy:

group-policy DM-MAP attributes
 split-tunnel-policy tunnelspecified
 split-tunnel-network-list value VPN_REMOTE_ACL
0
 

Author Comment

by:beardog1113
ID: 34882125
hi expert
finally i understand your solution, i can say that should be fine, you split the tunnel for only internal access and for internet using the circuit of laptop's self.

but usually with my configuration once VPN connected, internet access should be go out through ASA NAT, maybe in the future for security reason i need that.

at least you help me fix this issue, thank you, for the comments of mine, do you have any idea or suggestion? i guess this soft version not support.

thanks again
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34882145
oh, I see....

But it seems the config good, because you configured nat for VPN clients!

global (outside) 1 interface
nat (outside) 1 10.140.5.0 255.255.255.0

I am using same configuration with:
System image file is "disk0:/asa822-k8.bin"
and it is working.... I advise to reload the asa, and retry to connect to internet via VPN...
Are the DNS servers working well?
0
 

Author Comment

by:beardog1113
ID: 34882165
hi expert
as i said, i am also have higher version ASA with similar configuration, that one works fine, so that i think upgrade the ASA will support that.
anyway with this question you teach the "split" command to extend my knowledge about ASA.

thanks
0
 

Author Closing Comment

by:beardog1113
ID: 34882169
my problem solved
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

In every aspect, security is essential for your business, and for that matter you need to always keep an eye on it. The same can be said about your computer network system too. Your computer network is prone to various malware and security threats t…
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now