Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x

VPN

23K

Solutions

22K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Share tech news, updates, or what's on your mind.

Sign up to Post

users reported that they cannot see the details on a particular user 's calendar either in the outlook desktop app or the web app

the user whose calendar is not visible, attempted to updated permissions but they would not save (see attached screenshot)

since she is on a mac, i checked all other mac users and am still able to see their calendar details

i am waiting to hear back if she is up to date on all her microsoft updates. i know she was still on el capitan due to VPN compatibility (though we should be able to upgrade her to sierra at this point)
0
Concerto's Cloud Advisory Services
LVL 4
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Hello
We have an IPSec VPN solution for a small number of sites.  Our users remote into two of the sites via IPSec VPN too.
We are going to move supplier and looking at moving from IPSec to MPLS.  We will look to migrate to AWS and/or move CRM out to other providers.  We also will moving from our on prem phone system to a cloud solution.
Has anyone got any recomendation around security, perfornance, limitation etc of each?
Thanks
0
What are the steps necessary to create a VPN on a SonicWALL TZ600 router?
0
I have a SonicWall setup to accept vpn connections. I am using the SonicWall App to connect to my network. No problems connecting, I get the app to connect. My issue is I want to be able to browse and open file shares from the server. I have been trying the File Browser Biz app. I am unable to get it to see any shares on the network. Anyone have any ideas on how to get this to work or another route to take to be able to browse and open files.
0
I have two Cisco ASA firewalls (5520 and 5506) that used to be connected by an ezvpn tunnel. Now I've set up a site to site, the tunnel connects, by machine name I can get from Site A (5520) to Site B (5506) but I cannot ping from a Site A vlan ip to a Site B vlan ip. Neither network appears in the other ASA's routing table.

The Site A firewall also has several ezvpn's running through it just fine. I need some help troubleshooting why I cannot ping from ip to ip.

Sanitized configs follow:

Site A-
ASA Version 9.1(3)
!
hostname SITE-A-FW
domain-name COMPANYNAME.com

interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address <SITE A OUTSIDE IP>

object network SITE-B-LAN
 subnet <SITE B NETWORK>

object-group network SITE-A-LAN
 network-object <SITE A NETWORKS>

access-list SITEA-2-SITEB extended permit ip object-group SITE-A-LAN object SITE-B-LAN 

nat (inside,outside) source static SITE-A-LAN SITE-A-LAN destination static SITE-B-LAN SITE-B-LAN no-proxy-arp route-lookup

crypto map VPN 80 match address SITEA-2-SITEB
crypto map VPN 80 set peer <SITE B INTERNET NEXT HOP> <SITE B OUTSIDE IP>
crypto map VPN 80 set ikev1 transform-set aes256set

tunnel-group <SITE B OUTSIDE IP> type ipsec-l2l
tunnel-group <SITE B OUTSIDE IP> ipsec-attributes
 ikev1 pre-shared-key *****

router eigrp <EIGRP NUMBER>
 no auto-summary
 <SITE A FW NETWORKS>
 redistribute static

Open in new window


Site B-
ASA Version 9.7(1)4
!
hostname SITE-B-FW
domain-name COMPANYNAME.com

Open in new window

0
Hello Experts,

Currently we have a RRAS VPN set up on our Microsoft Standard Server 2016 so connected users can use a published RemoteApp from our RDS .  We are unable to connect multiple users from the same public I.P. address simultaneously.  Any suggestions on how we can resolve this issue?

Thank you,

-GTS
0
Hello

we have a zywall 2 plus which needs to establish a site to site vpn to a remote office.  

the remote office is not under our control and i'm looking to learn how to establish nat translations to change the private ip addresses across the ipsec tunnel.

site local to the zywall is 10.0.0.1/24 on lan1 in the zywall
far side of the tunnel is 10.186.53.0/24

from the zywall side, traffic bound for 10.186.53.0/24 from 10.0.0.0/24, zywall needs to nat from 10.0.0.0/24 to 192.168.10.0/24 then send downt the tunnel

from the far side, traffic from 10.186.53.0/24 bound for 192.168.10.0/24 goes down the tunnel, the zywall needs to nat 192.168.10.0/24 back to 10.0.0.0/24 on the way back in

where do i set this nat in the zywall?

here's what i have so far, but something's off:

gateway policy:
my ip address:              static wan ip
remote gateway:          static remote peer wan ip
authentication:             PSK
local id type:                 ip
content:                          0.0.0.0  (defaults to static wan of zywall)
peer id type:                  ip
content:                        0.0.0.0  (defaults to remote gateway wan)
ike proposal:              main / AES128 / SHA1 / 28800 / DH2

network policy: (mostly just guessing at this)
virtual address mapping rule:        port forwarding rules
type:                                                   many one-to-one
private starting ip                            10.0.0.1
private ending ip        …
0
I have been trying to connect to a Watchguard XTM 330 L2TP vpn using the windows client, keep getting the message that it can't resolve the server name. Using a Windows 2012 Radius server that I can authenticate to from inside the network. DNS is configured on the policy for the watchguard etc. When we use the Watchguard SSLVPN client it works just fine. We use roaming profiles so the SSLVPN client won't work with them. Anyone have any suggestions?
0
We have HP 810 G3 laptops running Windows 7 and it previously connected fine to an Android phone hotspot, the user now has an iPhone 6s and the laptop see's the hotspot but will not connect. AnyConnect version is 3.1.14018

Any ideas?
0
Hello,

i have 2 ESX servers.

1st server is running ESX6.0 and is in the network 192.168.1.x
2nd server is running ESX6.0 and is in the network 192.168.0.x

both networks are on a different location. We have created a VPN tunnel between the 2 locations.

i have installed vcenter in the 1st host running in the 192.168.1.x network.

when i add the 2nd host in the vcenter than this works fine, i see the host and and can create vm's.

but when i Launch the Virtual Machine Console from a VM on the 192.168.0.x network then i get an error saying that it cannot connect to the MKS in server 192.168.0.x:902

When i Lauch the Virtual Machine Console from a VM on the 192.168.1.x network then all works fine.

what am i missing?
0
Concerto Cloud for Software Providers & ISVs
LVL 4
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Hi all,

I needassistance in deploying some config changes on a ikev2 site to site ipsec VPN on a cisco router. The VPN is currently setup with ipv4 addresses. i.e. peer ip and identity addresses are ipv4. I have been requested to change the remote ipv4 peer ip for a fqdn i.e. ipsec.abc.com. Should I just change the remote ip for the fqdn where ever it pops up? Or are there any other changes that need to me made in order to support this change. On my side we will continue to use ipv4 address.
If you have a template I can follow, that would be awesome.
Thanks and kind regards.
0
I have a new Windows 10 Prof. PC that will not VPN into our office. All other computers, Windows 7, 10 and Apple can VPN in just fine. When the user tries to connect I comes back with a Can't connect to
The VPN connection between your computer and the VPN server could not be completed. The most comman cause for this failure is that at least one internet device (for example, a firewall or a router) between your computer and the VPN server is not configured to all Generic routing encapsulation (GRE) protocol packets.
The setting I tried and works on all other Windows 10 except this one is
Type of VPN: Auto and PPTP (works on other PCs)
Please advise thanks
0
I have   setup  2 separate Labs ,  VPNV4 and AToM.
I found out that VPNV4 configuration is very complex compared to the configuration of AToM(Any Transport over MPLS) which is very simple.
Now, I am not sure if there is a catch behind this simplicity. I mean is VPNV4 capable of offering more services than AToM.
Thank you


VPNV4VPNV4 Lab:


AToM LabAToM Lab:
0
I was recently tasked with setting up a VPN for a client of ours for accessing files from home. We are able to successfully login however when we try to map drives or access resources we are unable to. Mapping drives errors as is we are not in that domain. Trying to access the drives through Explorer returns the same. Can anyone assist with this please?
0
Our company is going to be taking over a small satellite office.  This office's I.T. is basically setup as a home office... No firewall.. Slow internet.. etc..etc..

My Current office has a Cisco 5516-x and a 100mb/100mb fibre circuit from Allstream.

I was thinking of connecting the offices via VPN by purchasing a smaller cisco like a 5505-x and also putting in a 100mb/100mb fibre circuit at satellite office as Allstream also as that building lit.  The satellite office will need to access our accounting software , file shares and maybe even the ability to print over the vpn to a head office printer.

I want to be able to authenticate to my domain controller at the head office and access all resource here at head office.  There File server is going to be moved to head office.

Outside of the physically setup and the VPN configuration when else do I need to be thinking about that I may be missing.

Regards,

GoRaps!
0
Hi

I'm trying to establish ITSec VPN for my firewall with another vendor in remote site.

The tunnel is not getting UP. The remote vendor says they allowed UDP port 500 and 4500.

But I suspect there is some issue at their end on opening ports above.

1. How do I confirm the udp ports 500 and 4500 is opened above ? I tried using portquiry and it seems not accurate.
It says port is opened for any port I scan. How do I verify port 500 or 4500 is opened or closed at their end ?

2. Another thing is when VPN not getting UP, I want to run some debug in Cisco ASA.
Last time when I setup IPsec tunnel for Fortigate firewall, based on debug I can see where it is failing. Phase1 or Phase2.
In Cisco ASA, which debug commands will tell me where it is failing, how to see traffic comming in from remote end or not ?

Thanks
0
Whats the best free VPN services available in the market today ? My main concern is speed of the bandwith, are there anyone give me recomendation ?
0
What are some good VPN software or services that will allow me to use the same external IP address every time and also change to different external IP addresses around the world whenever I need to?

I need to be able to use this both within Windows 10 and the latest Mac OS X software.
0
I am trying to bring up my second of four tunnels. The first one was easy, but adding on from there is where things get gamey for me. After configuring the routers identically, and adding the appropriate peer list entries and tunnel groups to the ASA,

Here is all information pertinent to the L2Ls:
!!!!THE ENTRIES WHICH BRING ME SANITY!!!!
name 2.2.2.2 BLDG2EX
name 1.1.1.1 BLDG1EX

!!!!NETWORK OBJECTS!!!!
object-group network MYORGNET
 network-object 10.10.0.0 255.255.252.0
object-group network BLDG1NET
 network-object 192.168.253.0 255.255.255.0
object-group network BLDG2NET
 network-object 192.168.251.0 255.255.255.0

!!!!ACLs!!!! 
access-list 101 extended permit ip object-group MYORGNET object-group BLDG1NET
access-list 101 extended permit ip object-group MYORGNET object-group VPNNET
access-list 101 extended permit ip object-group MYORGNET object-group BLDG2NET
access-list split_tunnel standard permit 10.10.0.0 255.255.252.0
access-list split_tunnel standard permit 192.168.253.0 255.255.255.0
access-list L2LSITES extended permit ip object-group MYORGNET object-group BLDG1NET
access-list L2LSITES extended permit ip object-group MYORGNET object-group BLDG2NET

!!!!NAT!!!!
nat (inside) 0 access-list 101

!!!!CRYPTO!!!!
crypto ipsec transform-set MYORGSET esp-3des esp-md5-hmac
crypto ipsec transform-set L2LSET esp-aes esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map 

Open in new window

0
Technology Partners: We Want Your Opinion!
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

When my iPad is connected to my corporate VPN, I do not have access to the internet. On a Windows laptop, I can remove the check under "use remote gateway" and I can still access the internet locally.  How can this be accomplished on my iPad?

Thanks, Jon
0
My company has a vendor who is connected to one of our servers via a VPN. The vendor had a certificate on their servers for the SSL/TLS LDAP connection to our servers. The certificate was SHA1. The connection had been up and working for a long time when suddenly, the server on our side presented a new certificate for the connection and invalidated the current certificate. The current certificate was good until 2042 and should still have been used for the connection. The server registered event ID 36887 with fatal error 46 and suddenly invalidated the connection. It repeated this error for 5 hours about every couple minutes. The vendor did not have an interactive application on their end so had never seen the presentation of the new certificate and just saw repeated failed connections.

I am trying to figure out why a Windows Server already using the connection fine several times over and over for months would suddenly present a new certificate. I don't see any reason why with a valid certificate it would fail to connect suddenly and present a new certificate. All parties involved are worried this will happen again and I am saying it shouldn't have happened in the first place. Any thoughts?
0
When a remote client is connected via SonicWall NetExtender VPN, sometimes (about 50/50) can't connect to that remote workstation via VNC.
0
Good day guys ,
i have two fortigate one in the HQ and other one in Brench
in the first stage i have wan 1 and wan 2 in both side " speicified link and ADSL for internet " 
after that i made wan 3 ADSL also on fortigate of HQ and i make VPN ipsec between two sides
probleme is ADSL 1 of wan 1 and ADSL 2 of wan 3 in fortigate of HQ  don't work when the IP gateway is different , knowing that two adresses of ADSL found in same plage of my ISP ,
if two adresses have same gateway ip adress work very well
really  i found that peculiar
Fortigate 60 E
version 5.6.2
0
Hi there, i have this situation.
company with 1 big site  (we call site A) and 6 branch office sites  (we call B1 to B6), they have multiple wan connection on every 7 sites.
Now they're planning to link 7 sites with firewall vpn site to site because 6 branch office need services hosted by principal A big site; this is really simple, because is enough to realize site to site vpn (redundant on two wan) from:
A big site -> 1st branch office B1
A big site -> 2nd branch office B2
A big site -> 3rd branch office B3

and so on...

Problem is this:
B2 need to "see" private lan addressing of B4 , B5 same thing to B3 ...
All branch office have to be connected to A and also to other branch office, and this connection (i think) has to be direct from two branch office in order to not speed down site A network performance.

Solution:
Every appliance in 7 sites (A and B1,B2,B3,B4,B5,B6) has to establish 6 different vpn site to site redundant connection?
Or i can ask to connectivity provider (same for all 7 sites) to manage public addressing in some way?

I hope i was clear, sorry form my english, please ask me for details

Really Thanks
Nanoweb
0
Hello Experts,

We have two VPNs with our branch offices.

The First Site to Site VPN is between the Main Office and Data Center
The Second Site to Site VPN is between the Data Center and the branch office.

The Data Center Internet line bandwidth is 100 mbps

I wanted to limit the bandwidth of each site to site vpn tunnel to 20 mbps.

Preferably, I wanted to see if we schedule this where we can limit the bandwidth during the day and after 5pm and weekends remove that limit.

Thank you
0

VPN

23K

Solutions

22K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.