VPN

23K

Solutions

23

Articles & Videos

22K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.

Share tech news, updates, or what's on your mind.

Sign up to Post

New install of Essentials 2012. Configured router to forward 443 to server. Companyname.remotewebaccess.com all works OK. I didn't install a cert and now can't seem to get vpn working. I'm happy to go back and purchase a cert - how do I get back to the wizard. Is it true that vpn won't work on a windows 7 PC or 10 PC without a cert? Sorry - new to essentials :-(
0
Is your NGFW recommended by NSS Labs?
Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

Getting very confused - cant get VPN to work. Have manually port forwarded 443 to the server. I ran Anywhere Access with the manual router config and all run OK for remote access and VPN. I have recreated the connection on the laptop and still get the remote connection was not made because the attempted vpn tunnels failed - please help.
0
Hi, just wanted to ask a bit of advice about changing IP addresses of a Server 2011 SBS network.  To cut a long story short I have to create some VPN connections between 2 networks that are on the same subnet and I need to change one network to be on a different subnet.

Both networks are on 192.168.101.x

2 questions really, if I change the second network to 192.168.102.x will that be enough to stop any VPN issues?

Secondly, the network I'm going to change consists of a Watchguard Firewall, Windows 2011 SBS Server and a network printer.  I have local physical access to the Firewall and Printer but not the server.  I'd just like a bit of advice on what device IP I should change first as I don't want to end up losing connection (will be doing this all over a remote connection).

Many thanks

Adam
0
Similar to other posts we have to run Virtual Machines to accommodate Checkpoint VPN client just because all traffic passes through. We RDP to client jump boxes once connected. Forcibly setting route all to false doesn't change the outcome. Strangely, if we use the windows store checkpoint and win 10 Vpn it's ok. This is only with the client install, but the win store Vpn drops frequently and not desirable. Any help appreciated, doubtful client will change settings as we are 1 of many connecting.
0
I setup OpenVPN Access Server using the public AMI available on Amazon about a year ago.

Part of this includes the ability for Users to sign-in to an OpenVPN Connect webpage. On this page the Users can download the a client to run on their local systems.

The client the Users download is OpenVPN Connect Client 2.1.1.102.

The latest version is 2.4.2 that is available on the OpenVPN Downloads page.

How can I replace the older client on my Server with the newer client so that Users are getting the latest version?

Thanks in advance for your assistance.



...
0
We have a VPN tunnel that gives us access to an network shared folder on a remote server.  I have mapped that drive on our domain file server.  I was curious if there is a way that a domain client could remotely access the mapped drive on that particular server without having to add firewall rules for the vpn so it can directly map the drive?

Server A  
z:\ = \\1.1.1.1\FileShare

Client A = Gain access to the files on the Z: mapped server drive without mapping the drive locally iteself?  

A little bit unorthodox, but working with the remote ends Network Team is a bit cumbersome.
0
Server is domain controller in cloud, connected via VPN
Server is recently migrated - 2008 on premise to 2012 in cloud.

DHCP is running on local Cyberoam router
0
The VPN Connection has been giving us issues the last 2 days.
When connected, we are able to access the shared folder and edit/add/delete files. Sometimes an error comes up that says: There is a problem accessing \\servername\SharedFolder.
This has only been happening when using the VPN connection. This error will display a few times and will go away but will come back. I have been pinging the server at the same time as the error so I don't think the server is losing connection.

Any help is appreciated.
0
I feel like this is a simple fix but I'm kind of tearing my hair out here.

Scenario:
Client has 2 sites A & B

Site A: remote office, no AD server on site but existing ASA 5505 with anyconnect  licenses
Site B: cloud hosted servers including AD with ASA 5585 with anyconnect licenses.

The users can connect to either, depending on what resources they need and the availability of licenses, and they both authenticate with LDAP.

Site B network:
10.10.0.0/24
ldap server 10.10.0.10

LDAP auth works fine here. No worries.

Site A network:
10.10.100.0/24
ldap server 10.10.0.10

LDAP is not working. Traffic works between these 2 networks just fine, everything is up and running, all devices can see the ldap server (windows, btw) BUT the ASA cannot connect to the 10.10.0.10 server when testing.

[-2147483634] New request Session, context 0x00007fff2a7fdfe8, reqType = Authentication
[-2147483634] Fiber started
[-2147483634] Creating LDAP context with uri=ldap://10.10.0.10:389
[-2147483634] Connect to LDAP server: ldap://10.10.0.10:389, status = Failed
[-2147483634] Unable to read rootDSE. Can't contact LDAP server.
[-2147483634] Fiber exit Tx=0 bytes Rx=0 bytes, status=-2
[-2147483634] Session End

I just can't seem to figure out why? ASA ping tests and packet trackers work fine from 10.10.100.0 to 10.10.0.10 and visa versa unless I use the source ip as the inside interface ip of the ASA itself. This seems like normal behavior?

I'm more of a …
0
I suspect this is all about DNS. I have two sites linked by a VPN. VPN is formed by two Netgear ProSafe routers over NBN connections and works fine.

Site A LAN is 192.168.3.0 / 255.255.255.0

Site B LAN is 192.168.2.0 / 255.255.255.0

Site A has a Windows Server 2012 R2 box running AD for the domain

Site B also has a Windows Server 2012 R2 box running AD for the domain

Here's where the problem started:

Site A was up & running and everything was peachy. I should note that I have lots of experience with single site, multiple servers, but this is my first branch office interconnect job.

Weekend job was to set up the network at the branch office, Site B. I had the server ready to go as a standalone and connected it on Site B, then went to join it to the domain over the VPN. I established that I could ping the server on Site A by IP address. I set the DNS server on Site B's server NIC to point to the DC on Site A and put theirdomain.local as the DNS Suffix in Advanced TCP/IP Settings.

Went to join the domain via the usual method (Computer | Properties | Change Settings | Change etc..) and it could not find the domain cotroller. Stuffed around with LMHOSTS but I was eating time, so I decided, as the two sites were less than an hour apart, to take Site B server to Site A and join it on the LAN.

This I did, AD Users & Computers got all populated, then I took Site B server back to its home and I could join clients to the domain. All seemed fine, until I …
0
[Webinar] Learn How Hackers Steal Your Credentials
LVL 8
[Webinar] Learn How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Hello,

I need to update/upgrade end users Anyconnect SSL client. I've read that I need to download the "webdeploy.pkg" version of client and upload it to ASA.

Doing this, will end users clients update once they connect to the ASA? Also, there a 2 other versions on the ASA. Do I need to remove those versions so that it forces the clients to download the new version?

Thank you in advance.
0
Hi, we are having Router Cisco 3925 between LAN and WAN, however it seems like the money is required for AnyConnect VPN on Cisco 3925. We found that pfSense (Free) can be deployed to serve VPN connections however we need to understand its pros and cons.
-So can anyone explain please?
-Should we deploy it or purchase license for AnyConnect?
-Do you know any free Cisco VPN solution that we can configure inside our C3925?

Our priority is:
- Compatible with current environment with minimum impacts to about 400 users
- Easy to configure and troubleshoot
- Price  

Many thanks in advance,
0
Dear All

Background:
1. I set up an L2TP over IPsec VPN Server in China.
2. I am using Mac Air (L2TP VPN) to connect to the VPN Server in china.
3. The Client to Server connection is successful.

However, I noticed that when the L2TP VPN connection is on, all my web requests (http/https) is routed to china and from there it tried to get to the URL.
(The problem is china disallow visiting Facebook/google/youtube ..etc).

Therefore, the ideal situation for me is that
A. When I request internet access (not china domain / IP), it is not using the VPN.
B. When I request China IP internet access, it is using the VPN.

How am I able to achieve the above?
Experts, please kindly provide some smart ideas?
0
I had this question after viewing Setting up Network using VMware 12 Pro Workstation without using AD or a Domain.
This is somewhat related. If I setup a NAT LAN how can I use static IP's on one of the machines? I want one machine to always have the same address on the network but when I tried to do this I lost internet connection.
0
Hi, if my router showed this when hit "show lic", how many VPN user can we have?

Index 2 Feature: securityk9
        Period left: Life time
        License Type: Permanent
        License State: Active, In Use
        License Count: Non-Counted
        License Priority: Medium
Index 3 Feature: uck9
        Period left: 8  weeks 4  days

        License Type: Evaluation
        License State: Active, Not in Use, EULA not accepted
        License Count: Non-Counted
        License Priority: None
Index 4 Feature: datak9
        Period left: 8  weeks 4  days

        License Type: Evaluation
        License State: Active, Not in Use, EULA not accepted

What are the Index3 and Index4 licenses? If I understand correctly, I did activate the trial license of 60 days, so what will happen after this period? Do I have to pay any fee after that? And how can I stop the trial period?

Many thanks as always!
0
We have customers all over that have Kiosk type machines. These machines run Windows 7 Pro. They auto-logon to a lower privileged user account where the kiosk application runs. The application runs in a full screen type and there is no way to call on Windows or anything.

Instead of installing a VPN device at each location, we thought we could install some type of alway on VPN client. We have an OpenVPN Access Server that is deployed, but if this isn't the answer, we could use something else.

Anyone have an idea of not only a VPN client that starts on logon, but also if the VPN is dropped, it reconnects? I have used LogMeIn Hamachi in the past for different reasons and almost something like that would work. LMI Hamachi looks to be for gamers and I might want something a little more commercial focused.
0
We have an Amazon EC2 instance that has Windows Server 2016 Database center OS on it.

I need to vpn to a customes system.

On my Win10 PC I can connect to the other VPN with no problem using SonicWALL

No matter what I do on the EC2 server I cannot connect.

Any ideas?
0
Hi,

Having an issue with Fortigate 60D using IPsec vpn and 2FA (FortiToken or email).

Vpn is configured for split tunnel.
When dialing the vpn using the FortiClient, I'm asked for username and password.
After supplying the credentials I'm asked for the FortiToken code (or code sent by email).
The problem is that from the moment it asks for the 2FA code and until I supply it, all networks are disconnected in the dialing computer,
and are restored only after supplying the code.
Is this a normal behavior or something wrong in my config ?


Thanks.
0
Hi All, need some EE advice!

Scenario first, then question after. Please read through - although it may appear to be, this is not a printing question, it is a DNS setting question for assigning primary DNS domains on the VPN connection/ certificate.

Scenario:
I manage a VPN connection with a .pcf. connecting to a Cisco 5510 ASA
Users in a non-connected, non-trusted network on Domain B access a RDS on Domain A to run a particular application.
This access and use of the program is required all day as part of their job. It cannot be connected and disconnected frequently.
Static IPs are used for all connections via VPN.
I did not build the VPN connections but do have a little knowledge on modifying .PCF files etc. Configuring the Cisco 5510 ASA is not my strong suit.

- Connection path:
Users in Domain B Log onto their local PC with Domain B credentials.
They then launch Cisco VPN client v. 5.0.0.9 and log onto Domain A with Domain A credentials.
Next, they use a pre-configured RDP connection to RDP to the RDS in Domain A, using the same Domain A credentials.
Once on the RDS, TerminalWorks TS Print is used to print documents fro the application launched from the RDS.  
They have had ZERO problems for 2 years.

Problem:
- The IT guy at Domain B replaced the print server and purchased all new printers.
- Now, whenever these Users attempt to print it can take upwards to 20 minutes for the print dialogue to appear.
- Attempting to …
0
On Demand Webinar - Networking for the Cloud Era
LVL 8
On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

I need to do a site to site IPSec VPN with an outside vendor so they can access a server on my network. On my end I am using a Cisco RV320 Small Business VPN Router. RV320 Manual.

The vendor and I both use the same subnet 10.1.10.0. Neither of us can change our subnet.

My office is pretty small so all network devices were on the default VLAN. No other VLANS were defined.

To try to work around the subnet problem:
  • I created a second VLAN - 10.1.12.0.

  • I setup the VPN to connect to that VLAN
  • I wired the server to LAN3 on the Cisco.

  • I used Port Management > VLAN Membership and set Inter VLAN Routing to Disabled for both VLANS.
  • For VLAN1 (10.1.10.0) I set LAN1 and LAN2 to untagged / LAN3 and LAN4 to excluded
  • For VLAN2 (10.1.12.0) I set LAN1 and LAN2 to excluded / LAN3 and LAN4 to untagged
  • For VLAN2 (10.1.12.0_ I set Device Management to disabled

The outside vendor can connect, access the GUI for router (which they shouldn't be able to) but not access the server on port 80.

The way it is setup, it should connect the vendor to my network, and they should just be accessing the 10.1.12.0 subnet. The server they need to access is 10.1.12.13 (static address, the only …
0
I have a website on our Production LAN, that needs to bee accessed by a external company. I set up a portal on our Cisco ASA. I can see the startpage of the website, so far so good, but when I click on the next link, a window pops up saying I need to install a CSCO-3H-JAVASCRIPT module. Anyone run into this and knows a better solution to solve this?
0
hello EE
so here is my issue, i am trying to send a 15 gig file from our network to our cloud network via a site to site tunnel but it does around 75% of the way. i have a cisco asa 5510 the other side uses check point(no access to this appliance). is there a way i can boost the amount of traffic ?
thanks again
0
Hello everyone.

I setup this ASA 5505 and for some reason, I can't connect to it via Anyconnect. Your help will be much appreciated I have been dealing with this for a month and now I need your help maybe some of you have figured this out.

Here's the ASA running config:

ASA Version 8.4(7)
!
hostname ciscoasa
enable password 7RR%$#@^&* encrypted
passwd 2KFQOU encrypted
names
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
 shutdown
!
interface Ethernet0/5
 shutdown
!
interface Ethernet0/6
 shutdown
!
interface Ethernet0/7
 shutdown
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 0
 ip address 172.16.1.2 255.255.255.0
!
ftp mode passive
object network obj_any
 subnet 0.0.0.0 0.0.0.0
object network InsideHosts
 subnet 192.168.1.0 255.255.255.0
object network NETWORK_OBJ_192.168.20.96_29
 subnet 192.168.20.96 255.255.255.248
object-group network DM_INLINE_NETWORK_1
 network-object 192.168.1.0 255.255.255.0
 network-object object InsideHosts
access-list inside_access_in extended permit ip 192.168.1.0 255.255.255.0 172.16.1.0 255.255.255.0
access-list inside_access_in extended permit ip any any
access-list mynetname_splitTunnelAcl standard permit 192.168.1.0 255.255.255.0
pager lines 24
mtu inside 1500
mtu outside 1500
ip …
0
The SSL Certificate for Mobile VPN users is expiring on the firewall and I need to renew the certificate and get it replaced.  I don't have much experience with the GAIA operating system or Linux based systems.  I have CP sk69660 but do not know where the files they reference are located on the system.
0
Hello experts,

I need to VPN with my Linux Mint laptop to SonicWall firewalls.

I have tried a few VPN clients and I am not able to fire up the tunnels. I was successful in the past with Cisco firewalls. Not sure why not with Sonicwalls.

Any recommendations you know of?

Thank you
0

VPN

23K

Solutions

23

Articles & Videos

22K

Contributors

A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or travelling users access to a central organizational network securely. VPNs encapsulate data transfers using secure cryptographic methods and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted.