02-13-2023 05:31 AM - edited 02-13-2023 05:52 AM
Hello,
I am trying to make a site2site connection on the same firewall between 2 contexts.
One context is not sending, so no tx.....
IKEv2 SAs:
Session-id:114325, Status:UP-ACTIVE, IKE count:1, CHILD count:1
Tunnel-id Local Remote Status Role
1652825137 2xx.2xx.1xx.2x/500 2xx.2xx.2xx.1xx/500 READY RESPONDER
Encr: AES-CBC, keysize: 256, Hash: SHA96, DH Grp:5, Auth sign: PSK, Auth verify: PSK
Life/Active Time: 86400/1259 sec
Child sa: local selector 10.1.123.0/0 - 10.1.123.255/65535
remote selector 10.10.20.10/0 - 10.10.20.10/65535
ESP spi in/out: 0x36d99ac4/0x5c067522
Crypto map tag: outside_map3, seq num: 16, local addr: 2xx.2xx.1xx.2x
access-list outside_cryptomap_16 extended permit ip 10.1.123.0 255.255.255.0 host 10.10.20.10
local ident (addr/mask/prot/port): (10.1.123.0/255.255.255.0/0/0)
remote ident (addr/mask/prot/port): (10.10.20.10/255.255.255.255/0/0)
current_peer: 2xx.2xx.2xx.1xx
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 4191, #pkts decrypt: 4191, #pkts verify: 4191
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts comp failed: 0, #pkts decomp failed: 0
#pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
#PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
#TFC rcvd: 0, #TFC sent: 0
#Valid ICMP Errors rcvd: 0, #Invalid ICMP Errors rcvd: 0
#send errors: 0, #recv errors: 0
local crypto endpt.: 2xx.2xx.1xx.2x/500, remote crypto endpt.: 2xx.2xx.2xx.1xx/500
path mtu 1500, ipsec overhead 74(44), media mtu 1500
PMTU time remaining (sec): 0, DF policy: copy-df
ICMP error validation: disabled, TFC packets: disabled
current outbound spi: 5C067522
current inbound spi : 36D99AC4
inbound esp sas:
spi: 0x36D99AC4 (920230596)
transform: esp-aes-256 esp-sha-hmac no compression
in use settings ={L2L, Tunnel, IKEv2, }
slot: 0, conn_id: 2469888, crypto-map: outside_map3
sa timing: remaining key lifetime (kB/sec): (3916554/28634)
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0xFFFFFFFF 0xFFFFFFFF
outbound esp sas:
spi: 0x5C067522 (1543927074)
transform: esp-aes-256 esp-sha-hmac no compression
in use settings ={L2L, Tunnel, IKEv2, }
slot: 0, conn_id: 2469888, crypto-map: outside_map3
sa timing: remaining key lifetime (kB/sec): (4331520/28634)
IV size: 16 bytes
replay detection support: Y
Anti replay bitmap:
0x00000000 0x00000001
nat (insideServer,outside) source static ServerNetz ServerNetz destination static NOC NOC no-proxy-arp route-lookup
access-list outside_cryptomap_16 extended permit ip object ServerNetz object NOC
crypto map outside_map3 16 match address outside_cryptomap_16
crypto map outside_map3 16 set peer 2xx.2xx.2xx.1xx
crypto map outside_map3 16 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map3 16 set ikev2 ipsec-proposal DES 3DES AES AES192 AES256
tunnel-group 2xx.2xx.2xx.1xx type ipsec-l2l
tunnel-group 2xx.2xx.2xx.1xx general-attributes
default-group-policy GroupPolicy_2xx.2xx.2xx.1xx
tunnel-group 2xx.2xx.2xx.1xx ipsec-attributes
ikev1 pre-shared-key *****
ikev2 remote-authentication pre-shared-key *****
ikev2 local-authentication pre-shared-key *****
IKEv2-PROTO-5: (12610): Request has mess_id 248; expected 248 through 248
(12610):
IKEv2-PROTO-2: (12610): Received Packet [From 2xx.2xx.2xx.1xx:500/To 2xx.2xx.1xx.2x:500/VRF i0:f0]
(12610): Initiator SPI : 5F49DF85F1779DEA - Responder SPI : 0BDCE41C4D59BBF5 Message id: 248
(12610): IKEv2 INFORMATIONAL Exchange REQUESTIKEv2-PROTO-3: (12610): Next payload: ENCR, version: 2.0 (12610): Exchange type: INFORMATIONAL, flags: INITIATOR (12610): Message id: 248, length: 76(12610):
Payload contents:
(12610): REAL Decrypted packet:(12610): Data: 0 bytes
(12610):
(12610): Decrypted packet:(12610): Data: 76 bytes
IKEv2-PROTO-5: (12610): SM Trace-> SA: I_SPI=5F49DF85F1779DEA R_SPI=0BDCE41C4D59BBF5 (R) MsgID = 000000F8 CurState: READY Event: EV_RECV_INFO_REQ
IKEv2-PROTO-5: (12610): Action: Action_Null
IKEv2-PROTO-5: (12610): SM Trace-> SA: I_SPI=5F49DF85F1779DEA R_SPI=0BDCE41C4D59BBF5 (R) MsgID = 000000F8 CurState: INFO_R Event: EV_RECV_INFO_REQ
IKEv2-PROTO-2: (12610): Received DPD/liveness query
IKEv2-PROTO-2: (12610): Building packet for encryption.
IKEv2-PROTO-2: (12610): Sending ACK to informational exchange
(12610):
IKEv2-PROTO-2: (12610): Sending Packet [To 2xx.2xx.2xx.1xx:500/From 2xx.2xx.1xx.2x:500/VRF i0:f0]
(12610): Initiator SPI : 5F49DF85F1779DEA - Responder SPI : 0BDCE41C4D59BBF5 Message id: 248
(12610): IKEv2 INFORMATIONAL Exchange RESPONSEIKEv2-PROTO-3: (12610): Next payload: ENCR, version: 2.0 (12610): Exchange type: INFORMATIONAL, flags: RESPONDER MSG-RESPONSE (12610): Message id: 248, length: 76(12610):
Payload contents:
(12610): ENCR(12610): Next payload: NONE, reserved: 0x0, length: 48
(12610): Encrypted data: 44 bytes
(12610):
IKEv2-PROTO-5: (12610): SM Trace-> SA: I_SPI=5F49DF85F1779DEA R_SPI=0BDCE41C4D59BBF5 (R) MsgID = 000000F8 CurState: INFO_R Event: EV_CHK_INFO_TYPE
IKEv2-PROTO-5: (12610): SM Trace-> SA: I_SPI=5F49DF85F1779DEA R_SPI=0BDCE41C4D59BBF5 (R) MsgID = 000000F8 CurState: INFO_R Event: EV_START_DEL_NEG_TMR
IKEv2-PROTO-5: (12610): Action: Action_Null
IKEv2-PROTO-5: (12610): SM Trace-> SA: I_SPI=5F49DF85F1779DEA R_SPI=0BDCE41C4D59BBF5 (R) MsgID = 000000F8 CurState: EXIT Event: EV_CHK_PENDING
IKEv2-PROTO-5: (12610): Sent response with message id 248, Requests can be accepted from range 249 to 249
IKEv2-PROTO-5: (12610): SM Trace-> SA: I_SPI=5F49DF85F1779DEA R_SPI=0BDCE41C4D59BBF5 (R) MsgID = 000000F8 CurState: EXIT Event: EV_NO_EVENT
IKEv2-PROTO-5: (12610): SM Trace-> SA: I_SPI=5F49DF85F1779DEA R_SPI=0BDCE41C4D59BBF5 (R) MsgID = 000000F7 CurState: EXIT Event: EV_FREE_NEG
IKEv2-PROTO-5: (12610): Deleting negotiation context for peer message ID: 0xf7
Debug cryptop ipsec sa shoes nothing at all....
Thanks!
02-13-2023 05:37 AM
@sahara101 as there are decaps, but no encaps - the issue could be related to NAT or routing.
Run packet-tracer twice to simulate traffic over the VPN and provide the output for review.
02-13-2023 05:51 AM
From 10.1.123.99 as source
Phase: 1
Type: ACCESS-LIST
Subtype:
Result: ALLOW
Config:
Implicit Rule
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7ffdcbe58f50, priority=1, domain=permit, deny=false
hits=83749299, user_data=0x0, cs_id=0x0, l3_type=0x8
src mac=0000.0000.0000, mask=0000.0000.0000
dst mac=0000.0000.0000, mask=0100.0000.0000
input_ifc=insideServer, output_ifc=any
Phase: 2
Type: ROUTE-LOOKUP
Subtype: Resolve Egress Interface
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 via 2xx.2xx.1xx.x, outside
Phase: 3
Type: UN-NAT
Subtype: static
Result: ALLOW
Config:
nat (insideServer,outside) source static NETWORK_OBJ_10.1.123.0_24 NETWORK_OBJ_10.1.123.0_24 destination static NOCPRTG NOCPRTG no-proxy-arp route-lookup
Additional Information:
NAT divert to egress interface outside
Untranslate 10.10.20.10/80 to 10.10.20.10/80
Phase: 4
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group insideHausNetz_access_in in interface insideServer
access-list insideHausNetz_access_in extended permit ip object ServerNetz object NOC
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7ffdcebd6430, priority=13, domain=permit, deny=false
hits=2, user_data=0x7ffda0b87ac0, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip/id=10.1.123.0, mask=255.255.255.0, port=0, tag=0
dst ip/id=10.10.20.10, mask=255.255.255.255, port=0, tag=0, dscp=0x0
input_ifc=insideServer, output_ifc=any
Phase: 5
Type: NAT
Subtype:
Result: ALLOW
Config:
nat (insideServer,outside) source static NETWORK_OBJ_10.1.123.0_24 NETWORK_OBJ_10.1.123.0_24 destination static NOC NOC no-proxy-arp route-lookup
Additional Information:
Static translate 10.1.123.99/80 to 10.1.123.99/80
Forward Flow based lookup yields rule:
in id=0x7ffdcd860a60, priority=6, domain=nat, deny=false
hits=2, user_data=0x7ffdb9d1e860, cs_id=0x0, flags=0x0, protocol=0
src ip/id=10.1.123.0, mask=255.255.255.0, port=0, tag=0
dst ip/id=10.10.20.10, mask=255.255.255.255, port=0, tag=0, dscp=0x0
input_ifc=insideServer, output_ifc=outside
Phase: 6
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7ffdc734f800, priority=0, domain=nat-per-session, deny=false
hits=1304564, user_data=0x0, cs_id=0x0, reverse, use_real_addr, flags=0x0, protocol=6
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=any, output_ifc=any
Phase: 7
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7ffdcbe5f720, priority=0, domain=inspect-ip-options, deny=true
hits=2832933, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=insideServer, output_ifc=any
Phase: 8
Type: FOVER
Subtype: standby-update
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7ffdcbe573a0, priority=21, domain=lu, deny=true
hits=14543, user_data=0x0, cs_id=0x0, flags=0x0, protocol=6
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=80, tag=0, dscp=0x0
input_ifc=insideServer, output_ifc=any
Phase: 9
Type: VPN
Subtype: encrypt
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
out id=0x7ffdcd500090, priority=70, domain=encrypt, deny=false
hits=2, user_data=0x876f84, cs_id=0x7ffdcd6d4ea0, reverse, flags=0x0, protocol=0
src ip/id=10.1.123.0, mask=255.255.255.0, port=0, tag=0
dst ip/id=10.10.20.10, mask=255.255.255.255, port=0, tag=0, dscp=0x0
input_ifc=any, output_ifc=outside
Phase: 10
Type: NAT
Subtype: rpf-check
Result: ALLOW
Config:
nat (insideServer,outside) source static NETWORK_OBJ_10.1.123.0_24 NETWORK_OBJ_10.1.123.0_24 destination static NOCPRTG NOCPRTG no-proxy-arp route-lookup
Additional Information:
Forward Flow based lookup yields rule:
out id=0x7ffdcec7f950, priority=6, domain=nat-reverse, deny=false
hits=1, user_data=0x7ffdcd86b560, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip/id=10.1.123.0, mask=255.255.255.0, port=0, tag=0
dst ip/id=10.10.20.10, mask=255.255.255.255, port=0, tag=0, dscp=0x0
input_ifc=insideServer, output_ifc=outside
Phase: 11
Type: VPN
Subtype: ipsec-tunnel-flow
Result: ALLOW
Config:
Additional Information:
Reverse Flow based lookup yields rule:
in id=0x7ffdcd51bd20, priority=70, domain=ipsec-tunnel-flow, deny=false
hits=2, user_data=0x106e994, cs_id=0x7ffdcd6d4ea0, reverse, flags=0x0, protocol=0
src ip/id=10.10.20.10, mask=255.255.255.255, port=0, tag=0
dst ip/id=10.1.123.0, mask=255.255.255.0, port=0, tag=0, dscp=0x0
input_ifc=outside, output_ifc=any
Phase: 12
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Reverse Flow based lookup yields rule:
in id=0x7ffdc734f800, priority=0, domain=nat-per-session, deny=false
hits=1304566, user_data=0x0, cs_id=0x0, reverse, use_real_addr, flags=0x0, protocol=6
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=any, output_ifc=any
Phase: 13
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Reverse Flow based lookup yields rule:
in id=0x7ffdcbb9e2d0, priority=0, domain=inspect-ip-options, deny=true
hits=4433437, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=outside, output_ifc=any
Phase: 14
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 12177524, packet dispatched to next module
Module information for forward flow ...
snp_fp_tracer_drop
snp_fp_inspect_ip_options
snp_fp_tcp_normalizer
snp_fp_translate
snp_fp_adjacency
snp_fp_encrypt
snp_fp_fragment
snp_ifc_stat
Module information for reverse flow ...
snp_fp_tracer_drop
snp_fp_inspect_ip_options
snp_fp_ipsec_tunnel_flow
snp_fp_translate
snp_fp_tcp_normalizer
snp_fp_adjacency
snp_fp_fragment
snp_ifc_stat
Result:
input-interface: insideServer
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow
From 10.10.20.10 as source
Phase: 1
Type: ROUTE-LOOKUP
Subtype: Resolve Egress Interface
Result: ALLOW
Config:
Additional Information:
in 0.0.0.0 0.0.0.0 via 2xx.2xx.2xx.1xx, outside
Phase: 2
Type: UN-NAT
Subtype: static
Result: ALLOW
Config:
nat (inside120,outside) source static NOC NOC destination static NetzServer NetzServer no-proxy-arp route-lookup
Additional Information:
NAT divert to egress interface outside
Untranslate 10.1.123.99/80 to 10.1.123.99/80
Phase: 3
Type: ACCESS-LIST
Subtype: log
Result: ALLOW
Config:
access-group inside120_access_in_1 in interface inside120
access-list inside120_access_in_1 extended permit ip any any
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7ffdc489af20, priority=13, domain=permit, deny=false
hits=17781, user_data=0x7ffda0a6df40, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=inside120, output_ifc=any
Phase: 4
Type: NAT
Subtype:
Result: ALLOW
Config:
nat (inside120,outside) source static NOC NOC destination static NetzServer NetzServer no-proxy-arp route-lookup
Additional Information:
Static translate 10.10.20.10/80 to 10.10.20.10/80
Forward Flow based lookup yields rule:
in id=0x7ffdbb755920, priority=6, domain=nat, deny=false
hits=1313, user_data=0x7ffdcd4c07f0, cs_id=0x0, flags=0x0, protocol=0
src ip/id=10.10.20.10, mask=255.255.255.255, port=0, tag=0
dst ip/id=10.1.123.0, mask=255.255.255.0, port=0, tag=0, dscp=0x0
input_ifc=inside120, output_ifc=outside
Phase: 5
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7ffdc8837f20, priority=0, domain=nat-per-session, deny=false
hits=109306, user_data=0x0, cs_id=0x0, reverse, use_real_addr, flags=0x0, protocol=6
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=any, output_ifc=any
Phase: 6
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7ffdc36c8200, priority=0, domain=inspect-ip-options, deny=true
hits=18085, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=inside120, output_ifc=any
Phase: 7
Type: FOVER
Subtype: standby-update
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
in id=0x7ffdc36bf2e0, priority=21, domain=lu, deny=true
hits=1182, user_data=0x0, cs_id=0x0, flags=0x0, protocol=6
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=80, tag=0, dscp=0x0
input_ifc=inside120, output_ifc=any
Phase: 8
Type: VPN
Subtype: encrypt
Result: ALLOW
Config:
Additional Information:
Forward Flow based lookup yields rule:
out id=0x7ffdcd8c2a10, priority=70, domain=encrypt, deny=false
hits=99, user_data=0xc401b4c, cs_id=0x7ffdcd8e03c0, reverse, flags=0x0, protocol=0
src ip/id=10.10.20.10, mask=255.255.255.255, port=0, tag=0
dst ip/id=10.1.123.0, mask=255.255.255.0, port=0, tag=0, dscp=0x0
input_ifc=any, output_ifc=outside
Phase: 9
Type: NAT
Subtype: rpf-check
Result: ALLOW
Config:
nat (inside120,outside) source static NOC NOC destination static NetzServer NetzServer no-proxy-arp route-lookup
Additional Information:
Forward Flow based lookup yields rule:
out id=0x7ffdcec2e430, priority=6, domain=nat-reverse, deny=false
hits=1190, user_data=0x7ffdcb626f50, cs_id=0x0, use_real_addr, flags=0x0, protocol=0
src ip/id=10.10.20.10, mask=255.255.255.255, port=0, tag=0
dst ip/id=10.1.123.0, mask=255.255.255.0, port=0, tag=0, dscp=0x0
input_ifc=inside120, output_ifc=outside
Phase: 10
Type: VPN
Subtype: ipsec-tunnel-flow
Result: ALLOW
Config:
Additional Information:
Reverse Flow based lookup yields rule:
in id=0x7ffdce0e7db0, priority=70, domain=ipsec-tunnel-flow, deny=false
hits=50, user_data=0x1070cec, cs_id=0x7ffdcd8e03c0, reverse, flags=0x0, protocol=0
src ip/id=10.1.123.0, mask=255.255.255.0, port=0, tag=0
dst ip/id=10.10.20.10, mask=255.255.255.255, port=0, tag=0, dscp=0x0
input_ifc=outside, output_ifc=any
Phase: 11
Type: NAT
Subtype: per-session
Result: ALLOW
Config:
Additional Information:
Reverse Flow based lookup yields rule:
in id=0x7ffdc8837f20, priority=0, domain=nat-per-session, deny=false
hits=109308, user_data=0x0, cs_id=0x0, reverse, use_real_addr, flags=0x0, protocol=6
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=any, output_ifc=any
Phase: 12
Type: IP-OPTIONS
Subtype:
Result: ALLOW
Config:
Additional Information:
Reverse Flow based lookup yields rule:
in id=0x7ffdc47f8030, priority=0, domain=inspect-ip-options, deny=true
hits=116071, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0
src ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0
dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, tag=0, dscp=0x0
input_ifc=outside, output_ifc=any
Phase: 13
Type: FLOW-CREATION
Subtype:
Result: ALLOW
Config:
Additional Information:
New flow created with id 12185302, packet dispatched to next module
Module information for forward flow ...
snp_fp_tracer_drop
snp_fp_inspect_ip_options
snp_fp_tcp_normalizer
snp_fp_translate
snp_fp_adjacency
snp_fp_encrypt
snp_fp_fragment
snp_ifc_stat
Module information for reverse flow ...
snp_fp_tracer_drop
snp_fp_inspect_ip_options
snp_fp_ipsec_tunnel_flow
snp_fp_translate
snp_fp_tcp_normalizer
snp_fp_adjacency
snp_fp_fragment
snp_ifc_stat
Result:
input-interface: inside120
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow
02-13-2023 06:19 AM
Site-To-Site VPN Configuration on the Multiple Context ASA 9.x Receives Error Message (cisco.com)
check this link I think there issue with license in Multi Context and VPN.
02-13-2023 06:24 AM
But I do not see an error about license, also the tunnel comes up..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide