[Webinar] Streamline your web hosting managementRegister Today

x

VPN

23K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Share tech news, updates, or what's on your mind.

Sign up to Post

Have the following:

Edgemax with Subnet of 10.0.10.0
USG with subnet of 10.0.1.0
I am trying to create a site to site VPN, but I am not very familiar with Ubiquiti hardware.

Followed the WIllie Howe video online, and I'm sure the addresses are correct, and I also checked the Ubiquiti KB page, and as far as I can tell, I have the correct settings, but no tunnel is made.

See the attached pics for set up.  

For the Edgemax, the local ip is what the external internet address is.  And the Peer is set to the USG external Internet address.
For the USG, the Peer and local WAN IP are reversed from what the Edgemax is set to.

I have also included the Edgemax firewall rules that I have added, but I have not made any rules on the USG yet as I am not sure what to add.

Any help is greatly appreciated.

WAN_INEdgemax SetupWAN_LOCALUSG
0
Free Tool: Port Scanner
LVL 11
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Ok can someone please explain how to get my VPN IP pool talking to my inside network. Everything works fine using any connect VPN client. Assigns IP address but I can not ping inside subnet and the firewall itself cannot ping the VPN IP pool address .

update: ok now the firewall can ping connected client in the VPN IP Pool address 192.168.10.1 and it can ping the internal (inside) network but the VPN client cannot ping the inside subnet.

My goal here is to be able to launch ASDM to administer the firewall from afar. Any help would be appreciated..
0
Is there away to change the Site to Site VPN Tunnel on a Cisco ASA to use a different non-standard VPN Port (ISAKMP 500/udp)?
0
I have a tz400. The Global VPN Client Allows me to map a network drive once connected.  NetExtender won't connect to Mapped drive. It just sits and tries to connect.
0
We have a local network with a 2008R2 Std Server as the Domain Controller and Print Server. We have no problem with printing within the local network. Each workstation has a VMWare Horizon VPN Client V4.6.1  installed connecting to the associated hospital.  With the VPN launched we can RDP to the Hospital server to run their application. WE can see all of the local network printers as redirected printers but when we try to print from the remote application we get nothing out of any of the printers. I have tried opening the print queues on the remote session, the print server and the local workstation to view the job but only ever see it appear on the RDP session print queue.

I am not sure if this a VPN client software configuration issue, a host side VPN software issue, a port blocking issue or what else it might be but am getting a bald spot where I continually scratch my head about this problem.
0
I support a client with two office which are connected with a site to site VPN. Office "A" has a Server 2008 R2 AD Domain, Office "B" has a Server 2012 AD Domain. I am looking for guidance how to create a trust between the domains and setup DNS domain at each site for the other to replicate DNS and be able to resolve by name resources on remote site. I have done some searches and reading but can't seem to find the correct solution, because the server names can non be resolved and are not trusted so can add to AD Domains and Trusts or DNS Zone for corresponding domain.
0
I have a Ubiquity EdgeMax firewall in front of my home network. It is currently configured with an L2TP/IpSec VPN server that I can access from outside. I would however like to move to a configuration where I have an IPSec site-to-site tunnel to a linux server in the cloud. My firewall supports that and I can put OpenSwan on the linux instance and connect site-to-site to that. I would like to use the linux endpoint as an internet gateway for my home network. What I can't figure out is how to set up the routing on the linux side so that all traffic to/from my home firewall travels first through the linux instance and then to the internet. Do I need 2 virtual NICs on the linux instance to do that?

If anyone can point me to a detailed OpenSwan config description that would support this I would be grateful.
0
On a PC we have installed a citrix receiver for a connection to a portal on the internet and everything is running fine.
However, if the worker connects to his PC in the evening via a RDP connection to his PC het can work fine with is PC at home, but doing the same thing on a IPAD het gets the error: this version of Citrix Receiver does not support selected encryption.

Does anyone reconize this behavior?
Hopefully there is a solution. Tried already much but no success.

Arjan
0
Access to on-prem file server, from a Azure only joined Win 10 E.
Hi.
Have a customer with onprem servers, set up as Domain controller, File server etc. Have Direct access set up and working.
Now they want to move towards a pure Azure solution but it will take long time because of many apps.
have startet rolling out new pc's with auto pilot and intune, connecting them to Azure AD only (Azure AD Prem lic, and Win 10 E)
Installing Citrix reciver giving access to on-prem apps.

But they also want acces to on-prem file shares from the new pc's that are not member of local domain.

As far as I know we can't use Direct Access, since the pc's are not member of local domain.
Guess we can roll out VPN with Intune, and map File share with bat files(...)

The big question than would be if the users wil lhave accessrights to the shares.
They are synced from local AD with AD Connect. So usernames and paswords are the same in AAD and local AD. (at least one of the UPN's)

Will that be enough? Have access over VPN and try to map file share and access it with the user logged in (wich is a Azure AD user. PC not in domain, but username match local AD username..

Sorry for the long question but trying to explain as best as I can.

Any thoughts?
Thanx
0
Hello All,

I'm in need of some guidance regarding a new project I'm about to start. To give you a little background I handle about 15 different clients. My larges client only has 3 servers and about 30 users. For the past 15 years I've handle very small business with one or two servers. The routine admin stuff for small domains.

This new project belongs to my oldest client that has started selling franchises thought out the united states.  They estimate about 30 new sites in the next 13 months. I have very little time to create a Network Operations Center. The company expect to add 30 sites a year or more to a total of about 300. so far 15 have been sold but contsturctions will not start for another few months, so I guess this is really happening.

As you can imagine I'm a little bit out of my comfort zone.

My main question is how to handle the data. Right now we have 4 centers with a PDC and a BDC out of corp office. All connecting through vpn to corp to access files (mostly excel and word). Each center has 6 computers and all centers have about 25 MB of bandwidth. No real problems from about 10 years with this setup.

My intent is to build the infrastructure for 200 sites with 6 computers in each site. I want to divide the country into time zones and create a domain in each time zone. I was thinking a PDC and BDC per zone and VPN from each site. I know I'm really behind the times on a lot of this stuff and there might be a better way to handle this.  All …
0
Get your problem seen by more experts
LVL 11
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Connect to VPN before Login.

I have remote users running Window 10 and need to establish a VPN connection to my network prior to them logging in. I have read a couple article in creating VPN PPTP on system and allowing all user access but I can not get icon to show up on login screen. Any assistant is greatly appreciated.
0
Hello,
i have asus andriod tab,i have a gsm sim , i have a data plan on it. when i try to establish a vpn connection. it's work fine. but when i try to use google map it's not work
anyway to force googlemap to work over my vpn connection ?
thanks.
0
Hi,

We have an Amazon Echo Dot device.

On our Amazon Alexa account, we have many skills installed.

With these skills, Alexa can connect to various devices such as SmartThings, Philips Hue, etc to control devices which are connected to these hubs.

This Alexa account is a UK based account so we have no accessibility to US based Alexa skills.

We are missing out on connectivity with devices we have and would like to find a way to use both UK and US based Alexa skills.

There is a VPN we have called NordVPN which we have that allows us to connect to other servers for accessing services, applications, etc in other countries.
https://nordvpn.com/

We would like to know:

1. If we could use NordVPN to access and use the US based Alexa skills
2. If we could use NordVPN to access both US and UK based Alexa skills at the same time
3. If there is an easy way to download a US based Alexa skill onto UK based Alexa account and use it on UK account for Alexa
4. Any alternative solution for issue; we would like to download a US based Alexa skill on a UK based Alexa account where we need to also access the UK based skills

Kind regards,
Robbie
0
I have an VPN trough 2 sites. but i can´t configure the printers through IP.

I open the cmd and ping the IP correctly... but when i try to configure a printer of the other site with the IP, it doen`t work.

For instance:

i can ping a printer in 192.168.0.200 but i can't install this printer on a server 2016 via this IP.

Any tips?
0
Hello everyone,

I set-up a VPN adapter connection on a customer's computer with no issue.
The problem is when they reboot the computer, the VPN is completely gone as in I never set one up

What can be the cause of this?

Running Windows 10
0
Watchguard to Draytek site to site VPN - 2 tunnels required.

WG side has local IP of 192.168.1.1/24 and this needs linking to the draytek which has 2 LAN 10.0.0.1/24 and 192.168.100.1/24

I need a tunnel for both

Now i can set this up with one tunnel no issue. but cant see anywhere to add a second tunnel on the draytek end. Ive herd GRE might be the answer my question but havnt used this before.

How do i add a second tunnel. I have also tried a second VPN with the other tunnel but this causes both VPNs to alternate and not work correctly. any help or questions welcome
0
OpenVPN Server crashing intermittently (1-2 times a day) on Centos 7

service openvpn@server status

● openvpn@server.service - OpenVPN Robust And Highly Flexible Tunneling Application On server
   Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; enabled; vendor preset: disabled)
   Active: failed (Result: signal) since Thu 2018-02-08 14:50:14 GMT; 1min 9s ago
  Process: 9037 ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/ --config %i.conf (code=killed, signal=KILL)
 Main PID: 9037 (code=killed, signal=KILL)
   Status: "Initialization Sequence Completed"



server.conf

port 1194
proto tcp
dev tun
mssfix 1450
reneg-sec 0
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh2048.pem
client-config-dir /etc/openvpn/staticclients
server 10.8.0.0 255.255.0.0
duplicate-cn
push "route 10.8.0.0 255.255.0.0"
push "ip-win32 dynamic 0 999999"
keepalive 5 30
persist-key
persist-tun
status status.log
status-version 2
verb 3


#enable log
log-append /var/log/openvpn/openvpn.log



tail /var/log/openvpn/openvpn.crash
Thu Feb  8 14:50:11 2018 TCP connection established with [AF_INET]94.118.12.142:1042
Thu Feb  8 14:50:11 2018 94.118.12.142:1042 TLS: Initial packet from [AF_INET]94.118.12.142:1042, sid=2c1aa04a 007d1ea0
Thu Feb  8 14:50:12 2018 94.118.12.142:1042 Connection reset, restarting [0]
Thu Feb …
0
Afternoon everyone,

Right now I have a site to site VPN going from our Datacenter's NSA 5600 to a TZ 215 at one of our remote sites. The remote site is currently setup as the following

Interfaces
____________

X1 = Fragmented T1 connection and showing as 100mb/s
X2 = Cox copper 1gbps with 100down/20up

Right now they are bundled together in a default load balance group

I have the site to site VPN pointing to the public of IP X1 and users are complaining of very slow and sometimes unusable for some applications that we have. Should I remove that X1 connection all together or will pointing my VPN to X2's IP be a better route?

I've been banging my head against the wall trying to get better perfomance but I wonder if this crappy link that has been there prior to me onboarding is holding back the true bandwidth of the VPN connection?

Thanks!
0
Greetings Experts,

I can't seem to figure out how to add the second backup tunnel for AWS on my Sonicwall.  All the directions I'm finding  just show how to create the first tunnel, which I did and the VPN is running.  
In the config file you get two sets of information with different wan IP's.  The Lan Gateways are the same.  
I went to create a second VPN on the Sonicwall with the second AWS gateway IP, but I can't due to the Lan networks being the same.  When I go to create a new network, with the same lan network it says they overlap and won't let me do it.  

I'm guessing I'm just missing something easy, but I'm new to sonicwall and this firmware is new as well.

Any help would be most appreciated.

Kacey
0
Hire Technology Freelancers with Gigs
LVL 11
Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

I have a Cisco ASA 5506 at a remote site connecting back to my home office firewall (ASA 5520) via EZ VPN site-to-site VPN. The tunnel is up, I can ssh into the 5506 fine, it can ping back across the tunnel to machines at my home office, however, I cannot ping the device plugged into the remote firewall from my home office. The remote firewall can ping into the device plugged into it fine.

I've double checked, the device has the correct gateway settings. I've attached a PC to the remote firewall with a different IP and I cannot ping that from home office either so it's not just the device. The packet tracer commands I've run show this should be allowed. What is blocking that device attached to my remote firewall from talking to my home network?

Configs and trace results below-

Home office config:
access-list <SITE B>_split extended permit ip object-group Internal_Networks object <SITE B>-remote_network 
 

group-policy <SITE B> internal
group-policy <SITE B> attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value <SITE B>_split
 nem enable


tunnel-group <SITE B> type remote-access
tunnel-group <SITE B> general-attributes
 default-group-policy <SITE B>
tunnel-group <SITE B> ipsec-attributes
 ikev1 pre-shared-key owezvpnP@55

crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set TRANS_ESP_3DES_SHA

crypto map VPN 65535 ipsec-isakmp dynamic vpn_dyn_map
crypto map VPN interface outside

crypto ikev1 enable outside

Open in new window

0
the VPN keeps dropping after a few minutes. I need stability in the connection
0
I have a company who is acquiring another for a possibly long time but is still unsure of whether that full on boarding will happen till after a year, basically a "dating" period have you. We use an application that is housed on prem within domainA and right now we are having the users utilize a RD Web App of the application during this period. In order for a better user experience and to install a thick client of the program on the workstations I would need to build a site to site VPN and do a domain trust. I've been reading through some of the technet articles and am still a little confused as the step process. If anyone can clarify and shed some light on this, I would gladly appreciate it.

TL:DR

Need to connect DomainA to Domain Z through two way trust by site to site VPN.


1, Set conditional forwarders on both sides pointing at each others primary DNS
2. Setup trust process on both sides through Active Directory domain trusts wizard

Couple of questions..

Do I need to be careful of anything?
What would a backout plan look like?
If I have a network share on DomainA, would I just add the new domain users to that share for access? e.g. on the share permission settings...add -> domainZ/users

Sorry im just super stressed out about this whole thing. The VPN connection has been rather slow with the application as I've been testing so I'm also working on either tweaking the MTU or possibly throwing in a better firewall for throughput.

Sincerely,

0
I have a new client with an Edgewater Router. I haven't ever used this brand before and I need to setup a site to site VPN to their warehouse for printing. I can establish the VPN connection. However I cant access any resources. I think its on the Edgewater side because if I do a network test to the remote network I get 100% loss. If I do the same test to a local resource it works. I have the same result on a test VPN tunnel to my office which I have control over the firewall and I'm sure its not blocking anything from the VPN
0
Hello,
i have exchange server 2016 i want to make mfa so when the user enter the user name and password the system will send an sms to thier mobiles with a code then the user will enter the code to login
can i do it ?
or is there any way to make the user authenticate through vpn to system through sms code ?
idont want the user to have usb token because it's not easy to get the usb token or cert because it;s a public mail system like gmail or live.
thanks.
0
Hi , All

I configured a clientless VPN on ASA5510 , and we could access webvpn , and login successful , and we also could open the intranet website . but a serious problem appeared.
our intranet website need to type account and password to login , but we couldn't click login , and there also a video in intranet website , and we also couldn't watch the video .

So I want to try another free VPN like cisco clientless VPN , use web to login without install vpn client .and access intranet website ,  who can give me some suggestion ?

Thanks,
Kai
0

VPN

23K

Solutions

23K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.