We help IT Professionals succeed at work.

VPN

24K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

A limit of four simultaneous VPN connections was reported by my client.  I found they had overlooked the need to renewed licensing for AnyConnect.  The license key must be applied to the Cisco ASA 5505 and I have priv. level 15 credentials but cannot physically get to the server room due to the quarantine.  I can connect to a local management PC via RDP and utilize ASDM successfully.  Cisco
Adaptive Security Appliance Software Version 9.8(2)
Firepower Extensible Operating System Version 2.2(2.52)
Device Manager Version 7.8(2)
Question 1:  Aside from using a console cable, what other methods may I utilize to install the AnyConnect license on the ASA? My searches have all led back to VPN implementation instruction and the console cable method regardless of my attempts to make these results an ill fit through variations of the question.  I am grateful for any enlightenment.
0
Does anyone have any experience with pushing the server paths to the Cisco Anyconnect client? We are moving our gateways around and I cannot find anything online regarding Cisco admx files or the settings that I'm looking for.

Many thanks!
0
FORTINET Firewall 60c.

connection:

firitzbox--->Fortinet60c(port1 local)--->switch-->My laptop

I would like to configure VPN on FORTIGATE Firewall 60c. Can someone help me please?

Thanks
0
Does anyone by chance have a step by step install documentation created for a Cisco ASA 5508 for anyconnect?  We had a firewall die and installed this one as new.   They were IPSEC now on SSL.  We need to deploy anyconnect to everyone and just need to tweak the document to fit our clients config.  Any help would be greatly appreciated.   No one can tunnel in without setting this up.   This is pretty high priority.
0
Hi

I am trying to help someone who has access to their office via a VPN connection. Even though they stay connected the drives keep disappearing in Windows explorer.

What might cause this?
0
Mobile VPN to Cisco ASA 55xx-
I'm not as Cisco user until recently and I have a question that I think a Cisco admin can answer- Where do I configure the policies for accessing local LAN resources via mobile device connected to the ASA 55xx VPN ?  Any help would be greatly appreciated.  Thanks!
0
Hi, I have a Cisco RV340, I enabled the PPTP server like I have with the old RV042's setup the users and passwords and from the client I get the following error.

The remote connection was denied because the user name and password combination you provided is not recognized or the selected authentication protocol is not permitted on the remote access server

I have checked MSChap v2 and all.

Thanks all.
0
I have a customer who has a TP-Link Archer C1200 router - which does not appear to support Port Forwarding.  I'm trying to set up Remote Desktop so that they can work from home.  The C1200 router does support OpenVPN.  I set up and was successfully able to connect from my office in IL to their office in MI via the OpenVPN client using the Certificate that their router software created.  Now that I am "connected" I have tried to connect directly to the server - which has an internal IP address inside their LAN of 192.168.1.145.  The VPN connection has assigned my computer inside my office as 10.8.0.6.  When I use the Windows 10 Remote Desktop Connection software with the 192.168.1.145 address - I'm getting the standard "Remote Desktop Cannot Connect" for one of the following three reasons message.  I am sure that I'm missing a couple of steps.  Please offer any and all suggestions!  Thank you in advance for your time!
0
I have a remote user who I need to add his domain loigin to the local administrators group. I connected via VPN using my credentials but each time I try to add his user, the domain could not be contacted. What do I need to do to allow me to connect him to the domain and then add his user to the admin group on the computer....or even user group so he can login with that domain login?
0
A small challenge has come with the Coronapocolypse.  

Everyone is working from home.  We have good connectivity and between a solid VPN, Slack, Hangouts and gotomeeting I figured everything would be covered, but we all know how the rest of that story goes.

The challenge is the Operations group has weekly training where they used to all take a lunch in the conference room and participate in an online training class.  

Now that we are all out of the office, we still want to share the class, hopefully through an online meeting.  The problem we encounter is that while the video is shared to all participants, the audio portion is not.  All the PCs involved have the Stereo Mix icon in the recording devices, and it is enabled.  The box is checked to listen to this device, the level has been adjusted up.

Ideas?
0
I have a weird issue with my AD. We have a mix of 2008R2 and 2016 AD servers. We have a global security group for VPN users. If you are not part of that group VPN access is denied. For some reason users get removed from that global security group. It is different users effected. I checked my default domain policy and there are no restricted access. What could cause this behavior?
0
I run Untangle as a NGFW and have the OpenVPN component on it.  I also set up a client on it for my iPhone 7 and have OpenVPN on that as well.  
Downloaded the files from UT's OpenVPN to my laptop.  How do I get the files from there to the iPhone and configured?

Thanks!

--Ben
0
Good day all! I am trying to figure out why a work at home user has access to all internet sites but not our VPN sites, which normally everyone has access to. If they go back to the office those sites open up fine. Once off the corporate network they no longer can access them, they get page cannot be displayed. I just gave the user a loaner laptop and that works fine off the network and they can access the VPN sites and VPN.
0
I have a customer that is going to 300Mbps internet soon. Needs a router that will keep up with it. Don't need wireless, VPN. Content Filtering or any bells and whistles. Just a good, solid internet router.
0
I would like to VPN into my company's Windows 2016 Server (just like my co-workers do), so that I can access documents while working on my Windows 10 laptop from home.  .  The office IT person has provided the VPN IP address that I need to connect to the Server.  I just need to set up a connection to the Server.

I have Spectrum internet in my home, which as a Sagemcom RAC2V1S router connected to a Spectrum cable modem.

My question is:  What ports do I have to enable/disable on my home router / firewall, in order to gain access to the Windows 2016 Server?
0
I have a PPTP VPN setup on Windows Server 2012 R2 STD.
How many VPN connections will I be able to run concurrently?
0
Hi all can someone show me where I can confirm for sure how many concurrent licenses a Cyberoam CR25iNG - 10.6.6 MR-2 firewall can hold?  I found the licensing and it doesn't tell me squat.  If I click on system then maintenance and licensing it gives me the model CR25iNG (C06615145344-9YTFZU).  If I click synchronize it syncs however does not show how many licenses there are.   If I add a user to the VPN it lets me but doesn't tell me what the concurrent limit is at.   Any help is appreciated.
0
Hi Experts,

I am planning to install MS RAS server on W2019 server.  I have several questions:

1. What is maximum users to login VPN sessions at the same time?
2. Could you please let us know which article is the best for us to follow?  
3. Is PPTP (Point to Point) secure enough or we have to use SSTP?

Thanks,

Ted
0
Hi

My FortiGate WAN is at 192.168.3.10 - this port is connected to my router which has public IP and LAN IP - 192.168.3.1...

I set DMZ on the router to 192.168.3.10.

I'm stuck on the configuration  -
SSL-VPN Settings - Listen on Port - set to 10444forti.pngand I get  :
Web mode access will be listening at
https://192.168.3.10:10444

but it doesn't show my public IP... as I see in tutorials ...
and for that reason, I can't get to my portal from other networks..
What am I missing?
0
If I wanted to just add a PAN firewall to a DMVPN spoke site with an ISR, would it be fine for the ISR to sit NATted behind the firewall?

{INTERNET}-----[public IP]{PAN}[private IP}------[private IP]{ISR DMVPN}{private site IPs}-----{switch}

Currently the ISR has the public IP at its outside interface. The idea would be to give the public IP to the PAN and NAT to a new private IP on the outside of the DMVPN router. Would DMVPN work in that scenario?

Or would I be better off to configure the PAN as a virtual wire and retain the public IP address at the router?
0
My CIO came to me and suggested we investigate moving our domain controller to the cloud.  His rational is that we use it for authentication from all of our devices.  We have several sites that have their own internet connection, but we have a VPN connection from each of the sites for authentication.  He thinks that when people log in it slows down our internet, so with that said he wants us to look into it.

I have done some research and everyone says AWS or Microsoft Azure AD Services, but I have no clue where to start.  I also understand that this migration does not take into affect the GPO's which we rely on.  Our domain server houses not only our AD, but our DHCP and DNS.  Can someone point me in the right direction so I can at least start to make some sense out of this project.
0
I need to upgrade netscaler firmware to address CVE-2019-19781.
Citrix have following 2 links for firmware download:-
https://www.citrix.com/downloads/citrix-adc/
https://www.citrix.com/downloads/citrix-gateway/
Which link should I use to download the package?
These are virtual appliance on ESXi.

1. One Netscaler current firmware is NS10.5: Build 55.8007.e.nc.
It has following features enabled:-        
 Feature                        Acronym              Status
-------                        -------              ------
 Load Balancing                 LB                   ON
 Content Switching              CS                   ON
 SSL Offloading                 SSL                  ON
 Rewrite                        REWRITE              ON
 Responder                      RESPONDER            ON
 AppFlow                        AppFlow              ON
Shoudl I download the "Netscaler Gateway 10.5.e" frimware for it from the https://www.citrix.com/downloads/citrix-gateway/ URL?
If I choose this one then the latest one is from Sep 25, 2017 which won't cover this CVE.

If I choose the "Netscaler Gateway 10.5" frimware then the latest is Jan 24, 2020 which shoudl cover this CVE.

If I choose the "Netscaler ADC release 10.5" frimware/virtual appliance for it from the https://www.citrix.com/downloads/citrix-adc/ URL then the latest is from Jan 24, 2020 which should cover this CVE.
Which one shoudl I choose?

2. Another netscaler has firmware - NS12.1: Build …
0
I have a client that currently has a local server with approx 150GB of data.  It is running Server 2016 and has VPN access.  They wish to make access to the data easier, but need to maintain user right control.  They are ideally wanting:

1. Different users to have create / modify / read only access to various folders.
2. Be able to access the data with above permissions from Laptop / Tablet / Phone with as they put it, similar to onedrive as possible.
3. Total users are about 60
4. Accessible anywhere they have internet.

Essentially they have had issued with VPN's from the laptop and are happy to either move the data to a cloud host or keep the data local and add something to the setup to enable this type of access.  Everything I can see so far seems to be more about syncing data, so the data will sync on the devices rather than them just getting access to it.  I wondered if anyone had advice on the best solution to this.  they do have a 1Gbs connection at their current server so its not a bandwidth issue, their aim is ease of access to data while maintaining the security.
0
Below is a snippet of sho crypto session on a DMVPN router. Altho the status of the session is down I can't get these entries to disappear from the router. I've tried "clear crypto session 16.19.250.27" and "clear crypto sa peer 16.19.250.27". Yet these keep showing up like a zombie. What's going on with this?

Interface: GigabitEthernet0/0
Session status: DOWN
Peer: 16.19.250.27 port 500
  IPSEC FLOW: permit ip 10.1.48.0/255.255.254.0 10.5.127.0/255.255.255.0
        Active SAs: 0, origin: crypto map
  IPSEC FLOW: permit ip 10.1.42.0/255.255.254.0 10.5.127.0/255.255.255.0
        Active SAs: 0, origin: crypto map
  IPSEC FLOW: permit ip 10.1.40.0/255.255.254.0 10.5.127.0/255.255.255.0
        Active SAs: 0, origin: crypto map
0
Main sever: Windows Server 2012R2 with 20 open usercals, and 3 RDS cals. (domain controller / AD / RDP)
Second Server: Windows Server 2008R2 (terminal server)

We have a client that wants to remote desktop into quickbooks from home, and will use a second server at the office as terminal server.
Users will connect to VPN, RDP into terminal server with their domain creds, and access quickbooks resources from the main server.
.
Client claims there shouldn't be any more than 5 users remoted in at a time.

Will all of the RDS licences including the 2 built-in admin ones be available to the terminal server (total of 5) or do we need to purchase
5 more and load them on main server?
Can any domain user in administrator's group pull from the 2 built in ones?
0

VPN

24K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.