Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

VPN

23K

Solutions

22K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Share tech news, updates, or what's on your mind.

Sign up to Post

Hi
Weird issue here.  Saving changes to a pptx file over a VPN are not working.  
The file is showing as being saved on screen, thereafter it creates a tmp file and then shows the original pptx file prior to saving the changes.
It seems to work fine locally on same LAN.
Ideas?
0
Flexible connectivity for any environment
Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

I've got a 5545x that I'm configuring for remote access VPN.  I've done a few 5506's but this is my first 5545.

I initially started with AnyConnect. I could get the client connected, but I couldn't get a ping response.  The client statistics showed control data was being exchanged.  Client data was being sent, but not received.

I wiped and reconfigured and got the exact same results.   Then I tried configuring IPSec for the legacy VPN Client because I can always get that to work. :-)

Exact same results.  Client connects fine but no data.  "show cry ipsec sa" shows pkts decap are increasing but pkts encaps are not.  

I figure that I'm just missing something and I've been looking at it for so long that I'm just not seeing it. Hoping someone can look at this and see a typo or a missing statement that I'm missing.

I've stripped out all the non-essentials and sanitized the output.  If I got overzealous with the stripping and cleaning, let me know and I'll repost.

Thanks.

Don

P.S.  I've added a bunch of... junk that I don't usually have while throwing things at this to see if something sticks.


ip local pool RA_VPN_POOL 192.168.255.1-192.168.255.62 mask 255.255.255.192
ip local pool AnyConnect_VPN_Pool 192.168.255.129-192.168.255.254 mask 255.255.255.192
!
object network VPN-Nets
 subnet 192.168.255.0 255.255.255.0
!
object-group network Inside-Networks
  network-object 10.10.0.0 255.255.0.0
 network-object 192.168.0.0 255.255.0.0
!

Open in new window

0
we are trying to use dropbox in china on Macs and PCs.  does anyone have this working currently?  we are looking at sonicwall VPN - but can consider any solution that works.
0
I need to create a user login to a company vpn. the VPN is set up on a CISCO router (I dont know model number) and I need to access it via SSH (done) and then add a new user to it that can then connect to the VPN. what is the SSH command to see what users are already created and then to add the new user via SSH commands. or alternatively to all that can I install some sort of web gui control panel type thing that i can administer the router from?
0
Hi
I have to enable TLS 1.0, 1.1 and 1.2 in Internet Explorer on my laptop before a VPN can connect? how can I change this settings so I don't have to enable these in IE?

Thanks
0
if a users has a VPN connection on my ASA device then potentially he can use those credentials to connect on any computer.  Whilst i can restrict the connection to certain IP addresses and ranges, can I restrict the connection to an individual computer NAT'd behind that public IP address or range.

The risk comes in that i may not  know the patch or AV state of a computer that connects to my internal network.
0
Hi,

The majority of my consulting is for individual UK Based home users and one/two - man band businesses. I have seen the recent rise in VPN services available given the need for increased privacy. I have been wondering whether these services would be of any use to my clients in the sense that if they value privacy, would it be a relevant service to offer them? A lot of these clients may not necessarily be visiting P2P sites or grayer areas of the Internet but can it still be effective in typical day to day activities.
I guess there will be trade offs in performance but  before trialing out a service myself more thoroughly i wanted to see what the EE community have to say,

thanks
D
0
Store has 2 locations.
Each has a Sonicwall with a VPN connecting them.
Want to map a drive on a PC from one store to the server at other store.
It is not a domain network. Only a File Server.
I can successfully map the drive using the Server IP, but not using the Server host name.
The software I'm trying to install requires the mapped drive to be mapped using host name instead of IP address.

I can ping the server across the VPN, As said I can map the drive using IP address only.
I have enabled NetBIOS in the Sonicwall VPN setting on both Sonicwalls.
Enabled NetBIOS over TCP/IP on PC on the WINS tab of the Network Connection dialog box.
Also input the local IP of each Sonicwall in the DNS settings of other Sonicwall.

Please help.
0
I have installed a valid certificate on my 5505, used the wizard to create an Anyconnect solution, everything works until the connection is established. At that point the connecting machine cannot reach local network or VPN'd network.  I have compared the code to other Anyconnect ASA's and they look the same but I must be missing something I'm looking right at (I hope).  
Group policy is set.
Local IP pool is set (different from all networks involved) and no IP conflicts.
Local database is set and user(s) assigned.
Users connect and immediately, no Internet.  You can ping the IP assigned to the VPN adapter, but nothing else.  Please advise any thoughts.
dave

inside is 192.168.16.0/24
IP Pool for VPN 192.168.17.10-25 /24
ssl trust-point TrustPoint inside
ssl trust-point TrustPoint outside
webvpn
 port 444
 enable outside
 anyconnect image disk0:/anyconnect-win-3.1.05170-k9.pkg 1
 anyconnect profiles MyAnyconnect_client_profile disk0:/MyAnyconnect_client_profile.xml
 anyconnect enable
 tunnel-group-list enable
group-policy GroupPolicy_MyAnyconnect internal
group-policy GroupPolicy_MyAnyconnect attributes
 wins-server none
 dns-server value 192.168.16.x 8.8.8.8
 vpn-tunnel-protocol ikev2 ssl-client ssl-clientless
 split-tunnel-policy excludespecified
 split-tunnel-network-list value Split-ACL
 default-domain value MyDomain.com
 webvpn
  anyconnect profiles value MyAnyconnect_client_profile type user
tunnel-group MyAnyconnect type remote-access
0
I´m having problem with cisco vpn. I try with quickvpn and cisco VPN cient both on windows 10 and windows 7. But still nothing.
Getting sometimes DEL_REASON_PEER_NOT_RESPONDING and Error 412.
0
Looking for the Wi-Fi vendor that's right for you?
Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Hi Experts, having an issue adding servers to domain over site to site vpn. One end is at Azure and the other end is Meraki firewall. When I try to add a 2012R2 machine to domain in Azure I get "semaphore timeout period has expired".

Does anyone know how to get around this?

thanks
0
I can't display any logs.   I can't enable logging. logging enable and logging console x commands are not available

show logging command shows only: syslog logging:  enable. the other loggings are all disabled.
0
Hello,

I have basic cisco route quetion, I  got the following output from  sh ip route.

Does it mean all those 4 IPs traffic will be forwarded to 192.168.0.1 ?

      65.0.0.0/32 is subnetted, 4 subnets
S        65.110.1.47 [5/0] via 192.168.0.1, FastEthernet4
S        65.110.1.48 [5/0] via 192.168.0.1, FastEthernet4
S        65.110.1.58 [5/0] via 192.168.0.1, FastEthernet4
S        65.110.1.62 [5/0] via 192.168.0.1, FastEthernet4
0
MY company use mpls tunnel between site offices and HO, one switch (Cisco CAT 3560 8 port ) in our site office connected to the service provider mpls device (it use IP/MPLS microwave solutions) to connect HO through Service Provider MPLS network.

the issue is the switch (Cat 3560) port LED connect with MPLS device blinking green and amber, the tunnel is also down.

so what might be the cause for this issue?
0
I have multiple scripts to push out to users through GPO, but VPN users seem not receiving at all.
I don't think firewall issue, but rather think that GPO logon script, its own characteristic, tries to run before VPN tunnel is established.

The script doesn't have to be run at logon time, but needs to be run while the user is connected with VPN and once before they disconnect.

We have limited communication with VPN operator and they won't deploy the script.

Is there any way to run a script through GPO except log on/off event while users are connected, maybe accessing share folders, AD authorization kicks in, so any way to catch the event and run script against user laptops?
0
Hello Team,

I used to have my vpn tunnels using sonicwall to sonicwall. Some of my remote offices are hiding behind a natted static public ip address and the wan interface of the sonicwall has a private ip address assigned. When using sonicwall to sonicwall a public vpn tunnel can still be accomplished in this scenario when specifying the PEER IKE IP (private ip of the wan interface) on the sonicwall on the other site along with the public ip. This is refereed to as NAT Traversal.

Now we're moving to Checkpoint in our primary site where all our remote offices connect to, so we need to have a checkpoint to sonicwall VPN and so far it works fine except on the sites that are using NAT Traversal. How can we apply this same PEER IKE IP concept in the checkpoint connecting to the sonicwall with a private ip address in the WAN interface.

Thank you.
0
Hi Experts.
I have a situation where I need a VPN between 2 offices.
I have in the past used the Netgear FVS318 line and the SRX line and they worked well.  But Netgear has discontinued that line.
I know they have discontinued  the SRX line and I am having trouble finding the FVS318N one too.   These were affordable and easy to configure.
I need an "always on vpn"  between 2 sites.    It can't be a VPN on one end and you have to connect to it with a client.  Can't be that.

So I am looking for something along that same line that is affordable.
Each office is only like 2 people.  No server involved.

Any help would be appreciated.
0
I have a problem with my android tablet users being able to quickly identify if they are on our network with the vpn connection when they are at mcdonalds or wherever the heck they are.

is there some sort of app/icon  that i can load on the tablet, the user clicks it, and then the icon will tell them if they are on the network or not
0
hi all,

We have a Cisco ISR 4431 that we want to block the internet for so firstly can i simply enter a new access list such as:
access-list 101 deny tcp host 192.168.0.8 any eq 80    (as we currently only have access-list 100 on the router)
and then attach it to the outbound (or inbound) interface for the router ?
Second part of this is that there is a lan to lan VPN from the router to a paris datacentre that i stilll need it to access so this won't affect that will it ? or will i need to put in an exception to allow 80 to that certain ip range ?
Thanks
0
Independent Software Vendors: We Want Your Opinion
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

I have a windows 10 PC, on which I use TunnelBear as my VPN. For sandboxing reasons, I do all my Internet for sites that I don't know in a VMware Windows 10 box. Do I need a separate VPN for the VMWare box, or does the Host PC VPN do the job for me?

Thanks!
0
I have a site to site VPN mith my Sonicwall TZ205 and all hard wires PCs are working OK accessing resources on both ends, however I have some laptops using the wireless network (it is bridge to X0), however the laptops cannot access any LAN resources on the other side of the VPN tunnel, only on the local subnet.

All other PCs hard wired can access resources on the other side of the VPN, but not the laptops. The laptops are getting a DHCP and they are on the same subnet as other PCs on the local LAN.

Is there any configuration I am missing in the sonicwall, or the laptop?
0
Have PHP website on an ubuntu server.  The site is not SSL.  It is accessed via HTTP.  In the .conf file I have require ip x.x.x.x.

I am trying to figure out all the security concerns.

This site is supposed to be accessed via VPN.  OpenVPN is what is being utilized to connect to the network.  However, the VPN is NOT forcing the traffic over it.  VPN was set up to not force all traffic through VPN only the traffic to and from the site.  The network engineers stated that that was done because of speed.

Because the site is HTTP removing require ip x.x.x.x and utilizing require ip all allows me to access the site outside of the network so this is an issue.

I don't know when the latest patches were installed or how to install them or where to get them.  Any suggestions?

Any other issues?
0
Hello everyone,

Normally pretty good at figuring out these things, but this one has me stumped....

We have a SBS 2011 at our office behind an older (not supported anymore) Sonic Wall router. We use the Global VPN Client to connect to our network from our homes, but for some reason I never got the NetBios names to pass through the VPN connection, so we use the IP address \\192.168.16.10\sharedfile (thats the server with the shares). So this works for all users on all computers from many different locations, except for a newly updated box now running Windows 10. So I install the global VPN client just like I have 100 times in the past and connect to the VPN and type in the share, but now I get the follwing error in the Windows 10 machine:
Windows cannot access \\192.168.16.10
Error code 0x80004005

I can ping the server IP and get a response, just cant access anything.
One thing I did notice is that I never get a popup login form when I initially try to connect to the server shares where I put in my DOMAIN\USER and password. On other computers, that first time I connect to the share, that login form pops up and I have to login to the domain to get access to the shares.... now that I think about it that is probably where the issue lies.

The ONLY computer that I am having an issue with is the Windows 10 computer (all others are Windows 7).
I have a feeling it is some random setting in windows 10, but I cannot figure it out.

Thanks for the help!
1
I have some servers that i connect to over VPN. Does the Windows Server Manager allow connection to servers over VPN. When opening Server Manager on my Win 10 PC, it is unable to locate any of the servers, or AD. Hoever, normal AD tools are able to connect as well as DNS tools.
0
The user is a photographer and presently has an 8 TB RAID, which is physically carried between two locations every few months.

They now have a decent cable modem connection in the remote connection they use, with an upload speed of 10-15 mbs

Their activity consists of loading in 2-15 gigabytes every week or so, cataloging and adjusting the photos with Adobe Lightroom.  Computers are MacOS X, maintained to the latest version of the operating system that supports Lightroom.  

What's the best way to keep two copies of the RAID in sync over the Internet?  I can set up a VPN.

Thanks
0

VPN

23K

Solutions

22K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.