Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Search results for query: *

  1. professorguy

    Cisco VPN client loses hostname, group in connection entry

    Thank you. This workaround makes perfect sense and I am going to at least have the config file available so I can apply it more quickly on demand. I also appreciate your input so I don't think that I'm going crazy. Everyone I've described this to has looked at me like I'm nuts. Thank...
  2. professorguy

    Cisco VPN client loses hostname, group in connection entry

    Typing in the info immediately restores function and clients can then connect. They can connect forever afterwards and usually work for weeks or months until the 'bad thing' happens and it is lost again. This happens on both laptops and home desktop units. This has happened on machines which...
  3. professorguy

    Cisco VPN client loses hostname, group in connection entry

    The client configurations were installed individually (this takes less than 2 minutes). The systems do not have the same updates applied (we run heterogeneous so one event cannot take down all equipment). This problem has been occurring for many months, so it was not caused by a new update...
  4. professorguy

    Cisco VPN client loses hostname, group in connection entry

    I've been getting many corporate laptops into the help desk with damaged VPN client entries. Every one I've seen still has a line for the connection entry (it was not deleted). However, the Host address (or IP), the group name, and the group password (and confirmation) are all gone. The...
  5. professorguy

    Logging RA vpn connection

    If you are getting authentication from an active directory, I'd look there for logging. We have an ASA 5520 and use IAS (Internet Authentication Service) on a win2k3 server with Active Directory for authentication. You can simply look through the event viewer on the AD server and look for IAS...
  6. professorguy

    Multicasting on 2960 and 3750

    Looks like the application in question is using IGMPv3, the JOINS of which do not work on current Cisco switches. The vendor of the app assures me that it runs AS EXPECTED at 100 other places. However, I think he's lying and it works AS A BROADCAST OVER THE VLAN at those places, and every...
  7. professorguy

    Multicasting on 2960 and 3750

    I have a package called MCHammer which can act as an mcast server or client. The server pushes packets, the client joins then listens, then reports all the packets. I put the server on a machine on an access port of my 2960 in vlan 99. I put the client on a machine on a different port also in...
  8. professorguy

    Setting up a 3750 as an mrouter

    I have a few multicast sources and clients sprinkled around the campus. I have Cisco switches (2950s & 3550s) for access all talking to the core 3750 stack. The IGMP snooping is enabled (this is the default) on all the access switches. No switch has been designated as the multicast router...
  9. professorguy

    Setting up a 3750 as an mrouter

    I have a few multicast sources and clients sprinkled around the campus. I have Cisco switches (2950s & 3550s) for access all talking to the core 3750 stack. The IGMP snooping is enabled (this is the default) on all the access switches. No switch has been designated as the multicast router...
  10. professorguy

    Why is my L2L tunnel using RA tunnel settings?

    Yes, there are. They all use the same transform-set (ESP-3DES-MD5) and each have their own ACL for match addresses. Some of these are simple (one host to one host) while some are quite complicated (many hosts to many hosts in various combinations). And the peers are specific to those tunnels...
  11. professorguy

    SSH problems - PLEASE HELP

    Configuring the firewall to let SSH connections...." is ambiguous. If you mean you modified the access control lists, then that should work. But if you mean 'allow ssh connections,' that probably only allows you to establish a management connection *to* the firewall itself (not through it)...
  12. professorguy

    Why is my L2L tunnel using RA tunnel settings?

    I just assumed because they have successful L2L tunnels to many, many client sites they have a configuration that works correctly. If they are prompting for xauth, I can't see how any L2L tunnel will work for them. If it's my side incorrectly prompting, then I need to cut that out.
  13. professorguy

    Why is my L2L tunnel using RA tunnel settings?

    Here's what the cisco site says: "If a LAN-to-LAN tunnel and a Remote Access VPN tunnel are configured on the same crypto map, the LAN-to-LAN peer is prompted for XAUTH information, and the LAN-to-LAN tunnel fails. "Note: This issue only applies to Cisco IOS and PIX 6.x. Because it uses...
  14. professorguy

    Why is my L2L tunnel using RA tunnel settings?

    The tunnel is being established between our Cisco ASA 5520 and their Cisco PIX 525. In the case above it is our ASA which is trying to establish the tunnel (notice the 'initiator' in the isakmp output). It tries (and fails) to come up when I try to hit their hosts from the servers here.
  15. professorguy

    Why is my L2L tunnel using RA tunnel settings?

    I am trying to add another L2L tunnel to the many we already have working correctly. The settings for this tunnel are identical to the settings for all our other L2L tunnels, but I get this from a 'show isakmp sa detail' during an attempted telnet: ... 6 IKE Peer: 208.x.y.33 Type : L2L...
  16. professorguy

    DHCP through a Cisco 4400 interface / AP group

    SOLVED! I had trunked only 2 of the vlans from the core to the controller. I added the other 2 vlans to the trunk (actually I use LAG to run 2 etherchannel trunks from different switches in the core stack so I actually added them to the port-channel which added them to the trunks). I can now...
  17. professorguy

    DHCP through a Cisco 4400 interface / AP group

    I have 4 dynamic interfaces on my Cisco 4400 controller. Each interface IP address is on a different subnet. For example: interface one (Int1) on VLAN 201 at 10.10.201.200 interface two (Int2) on VLAN 202 at 10.10.202.200 interface three (Int3) on VLAN 203 at 10.10.203.200 interface four...
  18. professorguy

    Roaming mulitple VLANs using a 4400?

    OK, I see how it is supposed to work: You create the interfaces for the vlans. Then you make only ONE wlan with ONE SSID. Then you go to "WLANS > AP Groups VLAN" and make 4 different AP Groups. Each of these groups can be set (use "Detail" link) to use the ONE SSID and use the correct...
  19. professorguy

    Whats my best option other than Certs

    I have also gone back and forth on this issue. There is a lot to be said for WPA-PSK, that is, WPA with a preshared key. It is very simple conceptually. As long as you use a long random key, offline dictionary cracking is just wasting your attacker's time. You'd still have to touch every...
  20. professorguy

    Roaming mulitple VLANs using a 4400?

    All the APs report to our one and only WLC. We don't use WCS. Ideally I'd like a data SSID and a voice SSID on each and every AP. The 4 different subnets (with 3 or 4 APs per) must have different SSIDs (so it seems from the WLC configuration) so that means 8 different SSIDs? And how would...

Part and Inventory Search

Back
Top