Hello, i have deployed Cisco Clientless Web VPN on my ASA5515. I'm having an issue when I try to browse a file server (access CIFS shares) from the WEB VPN portal. I am prompted for login, and after logging in I get the "Error contacting host" immediately. it's seem like a bug on ASA ? i saw that on Cisco Web site : bug CSCsl94183 I already DONE those things : 1- reload the ASA 2- upgrade to the latest software release 3- test different web browser ( Firefox, IE, Chrome) 1- ASA Platform is 5515 running latest software release (9.1.4) 2- File server running Windows 2008 R2 3- Clients is using Firefox. 4- When I establish SSL VPN connection using Cisco AnyConnect I have no problems accessing files or folders on the same server. NOTE : I have 2 other CIFS server running Window 2003 and there is no issue. the issue is happening ONLY with the server running Window 2008 R2
... View more
hello, does anyone has already configure ASA for two-factor authentication with WIKID system ( One time password) ? i want to aiuthentication VPN Users. the WIKID system is in the LAN. so soft token installed on users machines cannot talk directly with WIKID Server. WIKID Server is also configured as RADIUS Server, ASA is RADIUS Client thanks
... View more
Thanks So much Stephen, you right, my controller softaware version is 7.2 so to support this AP model, the only way is to downgrade the Controller Software. right ?
... View more
Hi all, i have configure VPN (see attached file) before upgrading ASA from 8.3 to 8.4, SPOKES was able to communicate between them and also remote VPN users was able to access spoke site. after upgrade ASA HUB, neither spoke-to-spoke nor remoteuser---to---spoke cannot communicate here is NAT exemption configuration on ASA HUB. only this ASA have been upgrade. nothing have been done on other site object network 172.17.8.0 subnet 172.17.8.0 255.255.255.0 object network 10.100.96.0 subnet 10.100.96.0 255.255.240.0 object network VPN-SUBNET subnet 172.20.1.0 255.255.255.0 nat (outside,outside) source static 172.17.8.0 172.17.8.0 destination static 10.100.96.0 10.100.96.0 nat (outside,outside) source static 10.100.96.0 10.100.96.0 destination static 172.17.8.0 172.17.8.0 nat (outside,outside) source static VPN-SUBNET VPN-SUBNET destination static 10.100.96.0 10.100.96.0 nat (outside,outside) source static VPN-SUBNET VPN-SUBNET destination static 172.17.8.0 172.17.8.0 same-security traffic permit intra-interface same-security traffic permit inter-interface Please do you know what can be the problem ? thanks so much for your help
... View more
hi all, i configured port redirection on ASA to allow external user access to Internal FTPS Server. but it's not working i use Filezilla client to access but i have this error. Statut : Connexion à x.x.x.x:21... Statut : Connexion établie, attente du message d'accueil... Réponse : 220-Microsoft FTP Service Réponse : 220 FTP-Server FTP Commande : AUTH TLS Réponse : 234 AUTH command ok. Expecting TLS Negotiation. Statut : Initialisation de TLS... Erreur : Délai d'attente expiré Erreur : Impossible d'établir une connexion au serveur please can somebody know what can cause this issue ? thanks for your help
... View more
hi, 1841 with c1841-ipbase-mz.124-3i.bin does not detect automatically an HWIC- 2T card, but there is no problem with WIC-2T, i thing HWIC-2T is support on 1841/2811, but why it not detect when i install it on the router ? is there any command to do this ? thanks
... View more
hi all, my AS is a multihomed non-transit ( connected to 2 differents AS). with 1 AS (PRIMARY) i used IP address of physical interface to peer EBGP session, with other AS (BACKUP), i used loopback address to peering EBGP session. when i bring BACKUP EGBP session up, this disturb the primary link and i have many trafic loss on the primary link, until i shutdown backup bgp session. i d'ont know why, ? ALL traffic (incoming and outgoing) pass through PRIMARY AS, BACKUP AS are use only when PRIMARY fail. also my AS is not transit, i have filter BGP update between these 2 AS and only localy generate route are advertise to these peer using neighbor <neighbor ip> route-map Permit_local_route out ip as-path access-list 13 permit ^$ route-map Permit_local_route permit 10 match as-path 13 . with primary AS bandwidth is 32M, with secondary AS bandwidth is 7M. problem is that when a bring up bgp session with secondary AS, PRIMARY link slow down at max 9M. this appen until i shutdown bgp session with seondary AS. i make bgp session with secondary AS using loopback, and this loopback is reacheble using static route through this AS.
... View more
hi i have a some catalyst 2960, in my core network, but sometime any management access to these devices is not possible ( telnet,ssh or console access). when i try physical access (console) i have this log message "low on memory, try later". my cpu usage is max 7% my IOS version is c2960-lanbasek9-mz.122-44.SE1.bin after reboot, all these acces are possible again, but this is not a best solution because this probleme is come 2 time already, i thinks it will come agains. before this event arrived , i saw (in sh memory output )processor free memory decrease to 0 after reboot the sh memory command give this and atually decrease again, i don't know why. 2960switch#sh memory Head Total(b) Used(b) Free(b) Lowest(b) Largest(b) Processor 1AA947C 34958212 12204056 22754156 22411220 22743292 I/O 3C00000 4186112 1641764 2544348 2471632 2542960 Driver te 1000000 1048576 44 1048532 1048532 1048532 what mean processor memory (because i know it is not RAM) ? what can cause processor memory to decrease? thank for your help
... View more
i solved my problem, all are up, now my cisco router receive ip address dynamically from my ISP ; to solved my problem, i have just reboot the cable modem which is before my device
... View more
hi, i have some problem with my cisco 2621 router. i want to configure my 2621 as a CPE PPPoE client. my device sit behing a cable modem. when i try to connect, wan interface (ethernet) and DIALER interface are up , but i don't receive dynamically an IP address from my ISP. i'm figuring out that the problem is ppp authentication but when i use debug ppp authentication and negociation to solve problem, i do not seen anything. debug ppp does not working. the problem can, be my IOS since i dont see any logging for ppp debugging. what is problem ? i muist upgrade my IOS ? thank for help
... View more