gogi100

Forum Replies Created

Viewing 30 posts - 31 through 60 (of 94 total)
  • Author
    Posts
  • Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334959

    Re: site to site vpn with internet connection in same time

    Quote:
    You can use “wildcard” preshared keys on the other end with a dynamic crypto map or initiate aggressive mode on the device behind nat and then use fqdn’s as your IKE id. Either way since this device is behind nat it will always be the initiator of the tunnel. NAT-T will be negotiated between the peers.

    how configure this option pls?
    thanks

    Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334958

    Re: site to site vpn with internet connection in same time

    local crypto endpt.: 10.15.100.8/4500

    ip 10.15.100.10.8 is ip address outside interface of asa5505 which natted on public ip address

    Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334957

    Re: site to site vpn with internet connection in same time

    i tested site to site vpn but site to site doesn’t work. i can’t ping lan bihind asa5510 but not bihind asa5505. when i put command
    sh crypto isakmp sa

    There are no IKEv1 SAs

    IKEv2 SAs:

    Session-id:2, Status:UP-ACTIVE, IKE count:1, CHILD count:1

    Tunnel-id Local Remote Status Role
    159733105 10.15.100.8/4500 x.x.x.x/4500 READY INITIATOR
    Encr: AES-CBC, keysize: 256, Hash: SHA96, DH Grp:5, Auth sign: PSK, Auth verify: PSK
    Life/Active Time: 86400/113 sec
    Child sa: local selector 192.168.5.0/0 – 192.168.5.255/65535
    remote selector 192.168.0.0/0 – 192.168.0.255/65535
    ESP spi in/out: 0x8825e2c3/0x86e50a36

    when i put
    asa-siv(config)# show crypto ip sa
    interface: outside
    Crypto map tag: outside_map, seq num: 1, local addr: 10.15.100.8

    access-list outside_cryptomap extended permit ip 192.168.5.0 255.255.255.0 192.168.0.0 255.255.255.0
    local ident (addr/mask/prot/port): (192.168.5.0/255.255.255.0/0/0)
    remote ident (addr/mask/prot/port): (192.168.0.0/255.255.255.0/0/0)
    current_peer: x.x.x.x

    #pkts encaps: 78, #pkts encrypt: 78, #pkts digest: 78
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 78, #pkts comp failed: 0, #pkts decomp failed: 0
    #pre-frag successes: 0, #pre-frag failures: 0, #fragments created: 0
    #PMTUs sent: 0, #PMTUs rcvd: 0, #decapsulated frgs needing reassembly: 0
    #send errors: 0, #recv errors: 0

    local crypto endpt.: 10.15.100.8/4500, remote crypto endpt.: 178.254.133.178/4500
    path mtu 1500, ipsec overhead 82, media mtu 1500
    current outbound spi: 86E50A36
    current inbound spi : 8825E2C3

    inbound esp sas:
    spi: 0x8825E2C3 (2284184259)
    transform: esp-aes-256 esp-sha-hmac no compression
    in use settings ={L2L, Tunnel, NAT-T-Encaps, }
    slot: 0, conn_id: 8192, crypto-map: outside_map
    sa timing: remaining key lifetime (kB/sec): (4331520/28524)
    IV size: 16 bytes
    replay detection support: Y
    Anti replay bitmap:
    0x00000000 0x00000001
    outbound esp sas:
    spi: 0x86E50A36 (2263157302)
    transform: esp-aes-256 esp-sha-hmac no compression
    in use settings ={L2L, Tunnel, NAT-T-Encaps, }
    slot: 0, conn_id: 8192, crypto-map: outside_map
    sa timing: remaining key lifetime (kB/sec): (4101111/28524)
    IV size: 16 bytes
    replay detection support: Y
    Anti replay bitmap:
    0x00000000 0x00000001

    asa-siv(config)#

    when i put
    debug cry isa

    debug cry isa
    debug cry ipsec

    i don’t receive nothing

    what ido?

    Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334956

    Re: site to site vpn with internet connection in same time

    i think that split tunneling work in remote access vpn. i think that filtering vpn traffic work acces-list crypto. i have access-list outside_cryptomap extended permit ip 192.168.2.0 255.255.255.0 192.168.0.0 255.255.255.0

    Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334955

    Re: site to site vpn with internet connection in same time

    what do you think about this:

    VPN Traffic
    ========

    VPN traffic will check the inside_to_outside acl and then it comes to crypto acl and it goes out…..

    Internet traffic
    ==========
    all other traffic you mentioned other than vpn will get away as internet traffic…

    access-list inside_to_outside extended permit ip 192.168.2.0 255.255.255.0 192.168.0.0 255.255.255.0 (VPN)
    access-list inside_to_outside extended permit internet filtered traffic permits
    access-list inside_to_outside extended deny ip any any
    !
    access-group inside_to_outside in interface inside
    !

    Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334954

    Re: site to site vpn with internet connection in same time

    i can’t move my public ip space onto the 5505 because of my provider has such a policy. i need that my users behind asa5505 have access Lan behind asa5510. it does not matter who initiates the tunnel but the access to lan behind asa5510 and the access to internet of the users bihind the asa 5505

    Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334953

    Re: site to site vpn with internet connection in same time

    yes, provider router is doing nat

    Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334952

    Re: site to site vpn with internet connection in same time

    yes provider gateway, router i don’t know on address 10.15.100.1. outside interface of asa5505 is natted in public ip

    Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334951

    Re: site to site vpn with internet connection in same time

    my config file is on asa 5505

    Quote:
    ASA Version 8.4(2)
    !
    hostname ciscoasa
    enable password csq7sfr0bQJqMGET encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    !
    interface Ethernet0/0
    switchport access vlan 2
    !
    interface Ethernet0/1
    !
    interface Ethernet0/2
    !
    interface Ethernet0/3
    !
    interface Ethernet0/4
    !
    interface Ethernet0/5
    !
    interface Ethernet0/6
    !
    interface Ethernet0/7
    !
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.2.1 255.255.255.0
    !
    interface Vlan2
    nameif outside
    security-level 0
    ip address 10.15.100.8 255.255.255.0
    !
    ftp mode passive
    object service ParagrafLex1
    service tcp source eq 6190
    description Odlazni
    object service paragraf
    service tcp destination eq 6190
    description dolazni
    object network server
    host 192.168.0.2
    object network NETWORK_OBJ_192.168.0.0_24
    subnet 192.168.0.0 255.255.255.0
    object network NETWORK_OBJ_192.168.2.0_24
    subnet 192.168.2.0 255.255.255.0
    object-group service DM_INLINE_SERVICE_1
    service-object ip
    service-object tcp
    service-object icmp echo-reply
    service-object tcp destination eq domain
    service-object tcp destination eq echo
    service-object tcp destination eq ldap
    object-group protocol DM_INLINE_PROTOCOL_2
    protocol-object udp
    protocol-object tcp
    object-group protocol TCPUDP
    protocol-object udp
    protocol-object tcp
    object-group service DM_INLINE_SERVICE_5
    service-object ip
    service-object icmp echo-reply
    access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any any
    access-list outside_cryptomap extended permit ip 192.168.2.0 255.255.255.0 192.168.0.0 255.255.255.0
    pager lines 24
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp outside 10.13.74.1 000d.bd64.a8e2
    arp timeout 14400
    nat (inside,outside) source static NETWORK_OBJ_192.168.2.0_24 NETWORK_OBJ_192.168.2.0_24 destination static NETWORK_OBJ_192.168.0.0_24 NETWORK_OBJ_192.168.0.0_24 no-proxy-arp route-lookup
    access-group outside_access_in in interface outside
    route outside 0.0.0.0 0.0.0.0 10.15.100.1 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    user-identity default-domain LOCAL
    http server enable
    http 10.15.100.0 255.255.255.0 outside
    http 192.168.2.0 255.255.255.0 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
    crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
    crypto ipsec ikev2 ipsec-proposal AES256
    protocol esp encryption aes-256
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES192
    protocol esp encryption aes-192
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal AES
    protocol esp encryption aes
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal 3DES
    protocol esp encryption 3des
    protocol esp integrity sha-1 md5
    crypto ipsec ikev2 ipsec-proposal DES
    protocol esp encryption des
    protocol esp integrity sha-1 md5
    crypto map outside_map 1 match address outside_cryptomap
    crypto map outside_map 1 set peer 178.254.133.178
    crypto map outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
    crypto map outside_map 1 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
    crypto map outside_map interface outside
    crypto ikev2 policy 1
    encryption aes-256
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 10
    encryption aes-192
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 20
    encryption aes
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 30
    encryption 3des
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 policy 40
    encryption des
    integrity sha
    group 5 2
    prf sha
    lifetime seconds 86400
    crypto ikev2 enable outside
    crypto ikev1 enable outside
    crypto ikev1 policy 10
    authentication crack
    encryption aes-256
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 20
    authentication rsa-sig
    encryption aes-256
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 30
    authentication pre-share
    encryption aes-256
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 40
    authentication crack
    encryption aes-192
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 50
    authentication rsa-sig
    encryption aes-192
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 60
    authentication pre-share
    encryption aes-192
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 70
    authentication crack
    encryption aes
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 80
    authentication rsa-sig
    encryption aes
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 90
    authentication pre-share
    encryption aes
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 100
    authentication crack
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 110
    authentication rsa-sig
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 120
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 130
    authentication crack
    encryption des
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 140
    authentication rsa-sig
    encryption des
    hash sha
    group 2
    lifetime 86400
    crypto ikev1 policy 150
    authentication pre-share
    encryption des
    hash sha
    group 2
    lifetime 86400
    telnet timeout 5
    ssh timeout 5
    console timeout 0

    dhcpd auto_config outside
    !
    dhcpd address 192.168.2.2-192.168.2.128 inside
    dhcpd auto_config outside interface inside
    dhcpd enable inside
    !
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    group-policy GroupPolicy_x.x.x.x internal
    group-policy GroupPolicy_x.x.x.x attributes
    vpn-tunnel-protocol ikev1 ikev2
    tunnel-group x.x.x.x type ipsec-l2l
    tunnel-group x.x.x.x general-attributes
    default-group-policy GroupPolicy_x.x.x.x
    tunnel-group x.x.x.x ipsec-attributes
    ikev1 pre-shared-key *****
    ikev2 remote-authentication pre-shared-key *****
    ikev2 local-authentication pre-shared-key *****
    !
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map type inspect dns preset_dns_map
    parameters
    message-length maximum client auto
    message-length maximum 512
    policy-map type inspect ftp paragraf
    parameters
    policy-map global_policy
    class inspection_default
    inspect dns
    inspect icmp
    inspect ip-options
    inspect netbios
    inspect tftp
    inspect h323 h225
    inspect h323 ras
    inspect ftp
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    !
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:b6f6c923f233ac9974a733f82ad17fea
    : end

    Avatar
    gogi100
    Member
    in reply to: site to site vpn with internet connection in same time #334950

    Re: site to site vpn with internet connection in same time

    i configured site to site vpn on asa5505 over the site to site wizard. I have not change the settings.no, outside interface of asa5505 will be natted out to internet.

    Avatar
    gogi100
    Member
    in reply to: migration from asa 5505 to asa 5510 #334949

    Re: migration from asa 5505 to asa 5510

    thank’s problem is solved

    Avatar
    gogi100
    Member
    in reply to: migration from asa 5505 to asa 5510 #334948

    Re: migration from asa 5505 to asa 5510

    i changed my configuration at direction but again i can’t access my resources on local lan
    my configuration is:

    Quote:
    Result of the command: “show runn”

    : Saved
    :
    ASA Version 8.4(2)
    !
    hostname asa5510
    domain-name dri.local
    enable password 8Ry2YjIyt7RRXU24 encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    !
    interface Ethernet0/0
    nameif outside
    security-level 0
    ip address 178.x.x.178 255.255.255.248
    !
    interface Ethernet0/1
    nameif inside
    security-level 100
    ip address 192.168.0.10 255.255.255.0
    management-only
    !
    interface Ethernet0/2
    shutdown
    no nameif
    no security-level
    no ip address
    !
    interface Ethernet0/3
    shutdown
    no nameif
    no security-level
    no ip address
    !
    interface Management0/0
    nameif management
    security-level 100
    ip address 192.168.1.1 255.255.255.0
    management-only
    !
    ftp mode passive
    clock timezone CEST 1
    clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
    dns server-group DefaultDNS
    domain-name dri.local
    object network VPN-POOL
    subnet 192.168.50.0 255.255.255.0
    description VPN Client pool
    object network LAN-NETWORK
    subnet 192.168.0.0 255.255.255.0
    description LAN Network
    object-group network PAT-SOURCE-NETWORKS
    description Source networks for PAT
    network-object 192.168.0.0 255.255.255.0
    access-list INSIDE-IN remark Allow traffic from LAN
    access-list INSIDE-IN extended permit ip 192.168.0.0 255.255.255.0 any
    access-list Split_Tunnel_List extended permit ip 192.168.0.0 255.255.255.0 any
    pager lines 24
    logging asdm informational
    mtu outside 1500
    mtu inside 1500
    mtu management 1500
    ip local pool vpnadrese 192.168.50.1-192.168.50.100 mask 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    !
    nat (inside,outside) after-auto source dynamic PAT-SOURCE-NETWORKS interface
    access-group INSIDE-IN in interface inside
    route outside 0.0.0.0 0.0.0.0 178.x.x.177 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    action terminate
    dynamic-access-policy-record dripolisa
    aaa-server DRI protocol ldap
    aaa-server DRI (inside) host 192.168.0.20
    ldap-base-dn DC=dri,DC=local
    ldap-scope subtree
    ldap-naming-attribute sAMAccountName
    ldap-login-password *****
    ldap-login-dn CN=dragan urukalo,OU=novisad,OU=sektor2,OU=REVIZIJA,DC=dri,DC=local
    server-type microsoft
    user-identity default-domain LOCAL
    aaa authentication enable console LOCAL
    aaa authentication http console LOCAL
    aaa authentication serial console LOCAL
    aaa authorization command LOCAL
    http server enable
    http 192.168.1.0 255.255.255.0 management
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
    crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
    crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map interface outside
    crypto ikev1 enable outside
    crypto ikev1 policy 10
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    dhcpd auto_config outside
    !
    dhcpd address 192.168.0.14-192.168.0.45 inside
    !
    dhcpd address 192.168.1.2-192.168.1.254 management
    dhcpd enable management
    !
    threat-detection basic-threat
    threat-detection statistics port
    threat-detection statistics protocol
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    group-policy drivpn internal
    group-policy drivpn attributes
    dns-server value 192.168.0.20 192.168.0.254
    vpn-simultaneous-logins 10
    vpn-idle-timeout 30
    vpn-tunnel-protocol ikev1
    split-tunnel-network-list value Split_Tunnel_List
    default-domain value dri.local
    username driadmin password AojCAMO/soZo8W.W encrypted privilege 15
    tunnel-group drivpn type remote-access
    tunnel-group drivpn general-attributes
    address-pool vpnadrese
    authentication-server-group DRI
    default-group-policy drivpn
    tunnel-group drivpn ipsec-attributes
    ikev1 pre-shared-key *****
    !
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map type inspect dns preset_dns_map
    parameters
    message-length maximum client auto
    message-length maximum 512
    policy-map global_policy
    class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect http
    !
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:d21cbb210b1c058e9111d50920190159
    : end

    wha can i do?

    Avatar
    gogi100
    Member
    in reply to: migration from asa 5505 to asa 5510 #334947

    Re: migration from asa 5505 to asa 5510

    i tryed that i use vpn client for connecting on my asa5510. i can logon but i can’t access my resource on local network 192.168.0.0/24. my configuration on asa5510 is:

    Quote:
    Result of the command: “show runn”

    : Saved
    :
    ASA Version 8.4(2)
    !
    hostname asa5510
    domain-name dri.local
    enable password 8Ry2YjIyt7RRXU24 encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    !
    interface Ethernet0/0
    nameif outside
    security-level 0
    ip address 178.x.x.178 255.255.255.248
    !
    interface Ethernet0/1
    nameif inside
    security-level 100
    ip address 192.168.0.10 255.255.255.0
    !
    interface Ethernet0/2
    shutdown
    no nameif
    no security-level
    no ip address
    !
    interface Ethernet0/3
    shutdown
    no nameif
    no security-level
    no ip address
    !
    interface Management0/0
    nameif management
    security-level 100
    ip address 192.168.1.1 255.255.255.0
    management-only
    !
    ftp mode passive
    clock timezone CEST 1
    clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
    dns server-group DefaultDNS
    domain-name dri.local
    object network VPN-POOL
    subnet 192.168.50.0 255.255.255.0
    description VPN Client pool
    object network LAN-NETWORK
    subnet 192.168.0.0 255.255.255.0
    description LAN Network
    object-group network PAT-SOURCE-NETWORKS
    description Source networks for PAT
    network-object 192.168.0.0 255.255.255.0
    access-list INSIDE-IN remark Allow traffic from LAN
    access-list INSIDE-IN extended permit tcp 192.168.0.0 255.255.255.0 any
    access-list INSIDE-IN extended permit ip object VPN-POOL object LAN-NETWORK
    access-list inside_access_out extended permit icmp object VPN-POOL object LAN-NETWORK echo-reply
    pager lines 24
    logging asdm informational
    mtu outside 1500
    mtu inside 1500
    mtu management 1500
    ip local pool vpnadrese 192.168.50.1-192.168.50.100 mask 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    !
    nat (inside,outside) after-auto source dynamic PAT-SOURCE-NETWORKS interface
    access-group INSIDE-IN in interface inside
    access-group inside_access_out out interface inside
    route outside 0.0.0.0 0.0.0.0 178.x.x.177 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    action terminate
    dynamic-access-policy-record dripolisa
    aaa-server DRI protocol ldap
    aaa-server DRI (inside) host 192.168.0.20
    ldap-base-dn DC=dri,DC=local
    ldap-scope subtree
    ldap-naming-attribute sAMAccountName
    ldap-login-password *****
    ldap-login-dn CN=dragan urukalo,OU=novisad,OU=sektor2,OU=REVIZIJA,DC=dri,DC=local
    server-type microsoft
    user-identity default-domain LOCAL
    aaa authentication enable console LOCAL
    aaa authentication http console LOCAL
    aaa authentication serial console LOCAL
    aaa authorization command LOCAL
    http server enable
    http 192.168.1.0 255.255.255.0 management
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
    crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
    crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map interface outside
    crypto ikev1 enable outside
    crypto ikev1 policy 10
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    dhcpd auto_config outside
    !
    dhcpd address 192.168.0.14-192.168.0.45 inside
    !
    dhcpd address 192.168.1.2-192.168.1.254 management
    dhcpd enable management
    !
    threat-detection basic-threat
    threat-detection statistics port
    threat-detection statistics protocol
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    group-policy drivpn internal
    group-policy drivpn attributes
    dns-server value 192.168.0.20 192.168.0.254
    vpn-simultaneous-logins 10
    vpn-idle-timeout 30
    vpn-tunnel-protocol ikev1 l2tp-ipsec
    default-domain value dri.local
    username driadmin password AojCAMO/soZo8W.W encrypted privilege 15
    tunnel-group drivpn type remote-access
    tunnel-group drivpn general-attributes
    address-pool vpnadrese
    authentication-server-group DRI
    authentication-server-group (inside) DRI
    authentication-server-group (outside) DRI
    authorization-server-group DRI
    default-group-policy drivpn
    tunnel-group drivpn ipsec-attributes
    ikev1 pre-shared-key *****
    !
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map type inspect dns preset_dns_map
    parameters
    message-length maximum client auto
    message-length maximum 512
    policy-map global_policy
    class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect http
    !
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:38c7540e27ed313b9f3387ca49371753
    : end

    what i do? how i can access from my vpn client to local resources. i changed access rules but nothing

    Avatar
    gogi100
    Member
    in reply to: migration from asa 5505 to asa 5510 #334946

    Re: migration from asa 5505 to asa 5510

    my remote access VPN should work with this configuration? how i should put nat exemption?
    thanks

    Avatar
    gogi100
    Member
    in reply to: migration from asa 5505 to asa 5510 #334945

    Re: migration from asa 5505 to asa 5510

    i import configuration in asa and my running confiruation is

    Quote:
    ASA Version 8.4(2)
    !
    hostname asa5510
    domain-name dri.local
    enable password 8Ry2YjIyt7RRXU24 encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    names
    !
    interface Ethernet0/0
    nameif outside
    security-level 0
    ip address 178.x.x.x 255.255.255.248
    !
    interface Ethernet0/1
    nameif inside
    security-level 100
    ip address 192.168.0.10 255.255.255.0
    management-only
    !
    interface Ethernet0/2
    shutdown
    no nameif
    no security-level
    no ip address
    !
    interface Ethernet0/3
    shutdown
    no nameif
    no security-level
    no ip address
    !
    interface Management0/0
    nameif management
    security-level 100
    ip address 192.168.1.1 255.255.255.0
    management-only
    !
    ftp mode passive
    clock timezone CEST 1
    clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
    dns server-group DefaultDNS
    domain-name dri.local
    object network VPN-POOL
    subnet 192.168.50.0 255.255.255.0
    description VPN Client pool
    object network LAN-NETWORK
    subnet 192.168.0.0 255.255.255.0
    description LAN Network
    object-group network PAT-SOURCE-NETWORKS
    description Source networks for PAT
    network-object 192.168.0.0 255.255.255.0
    access-list INSIDE-IN remark Allow traffic from LAN
    access-list INSIDE-IN extended permit ip 192.168.0.0 255.255.255.0 any
    pager lines 24
    logging asdm informational
    mtu outside 1500
    mtu inside 1500
    mtu management 1500
    ip local pool vpnadrese 192.168.50.1-192.168.50.100 mask 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    no asdm history enable
    arp timeout 14400
    !
    nat (inside,outside) after-auto source dynamic PAT-SOURCE-NETWORKS interface
    access-group INSIDE-IN in interface inside
    route outside 0.0.0.0 0.0.0.0 178.x.x.178 1
    route outside 0.0.0.0 0.0.0.0 178.x.x.177 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    timeout tcp-proxy-reassembly 0:01:00
    timeout floating-conn 0:00:00
    dynamic-access-policy-record DfltAccessPolicy
    action terminate
    dynamic-access-policy-record dripolisa
    aaa-server DRI protocol ldap
    aaa-server DRI (inside) host 192.168.0.20
    ldap-base-dn DC=dri,DC=local
    ldap-scope subtree
    ldap-naming-attribute sAMAccountName
    ldap-login-password *****
    ldap-login-dn CN=dragan urukalo,OU=novisad,OU=sektor2,OU=REVIZIJA,DC=dri,DC=local
    server-type microsoft
    user-identity default-domain LOCAL
    aaa authentication enable console LOCAL
    aaa authentication http console LOCAL
    aaa authentication serial console LOCAL
    aaa authorization command LOCAL
    http server enable
    http 192.168.1.0 255.255.255.0 management
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
    crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
    crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
    crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
    crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
    crypto map outside_map interface outside
    crypto ikev1 enable outside
    crypto ikev1 policy 10
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    lifetime 86400
    telnet timeout 5
    ssh timeout 5
    console timeout 0
    dhcpd auto_config outside
    !
    dhcpd address 192.168.0.14-192.168.0.45 inside
    !
    dhcpd address 192.168.1.2-192.168.1.254 management
    dhcpd enable management
    !
    threat-detection basic-threat
    threat-detection statistics port
    threat-detection statistics protocol
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    webvpn
    group-policy drivpn internal
    group-policy drivpn attributes
    dns-server value 192.168.0.20 192.168.0.254
    vpn-simultaneous-logins 10
    vpn-idle-timeout 30
    vpn-tunnel-protocol ikev1
    default-domain value dri.local
    username driadmin password AojCAMO/soZo8W.W encrypted privilege 15
    tunnel-group drivpn type remote-access
    tunnel-group drivpn general-attributes
    address-pool vpnadrese
    authentication-server-group DRI
    default-group-policy drivpn
    tunnel-group drivpn ipsec-attributes
    ikev1 pre-shared-key *****
    !
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map type inspect dns preset_dns_map
    parameters
    message-length maximum client auto
    message-length maximum 512
    policy-map global_policy
    class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect ip-options
    inspect http
    !
    service-policy global_policy global
    prompt hostname context
    no call-home reporting anonymous
    Cryptochecksum:4d4577afbf90588f7378df22c4d2d225
    : end

    what do you think?

    Avatar
    gogi100
    Member
    in reply to: migration from asa 5505 to asa 5510 #334944

    Re: migration from asa 5505 to asa 5510

    accordingly i need copy

    Quote:
    object network INSIDE_HOSTS
    subnet 0.0.0.0 0.0.0.0
    nat (inside,outside) dynamic interface
    object network RA_VPN_HOSTS
    subnet 192.168.50.0 255.255.255.128
    nat (inside,outside) 1 source static INSIDE_HOST INSIDE_HOSTS destination static RA_VPN_HOSTS RA_VPN_HOSTS

    in my asa5510 configuration file and i import this configuration file in asa5510? that’s all?

    Avatar
    gogi100
    Member
    in reply to: ntbackup problem #334943

    Re: ntbackup problem

    the next 2 pictures

    Avatar
    gogi100
    Member
    in reply to: ntbackup problem #334942

    Re: ntbackup problem

    the next 5 pictures

    Avatar
    gogi100
    Member
    in reply to: ntbackup problem #334941

    Re: ntbackup problem

    i will show process of backup in pictures which i attached. the pictures show make backup for normal backup, the same process i used for incremental backup. i used the one file ‘data 21022011’ for normal and incremental backup. this replay have 5 images, the next replay have 5 pictures

    Avatar
    gogi100
    Member
    in reply to: ntbackup problem #334940

    Re: ntbackup problem

    i backup just word and excel files.

    Ossian;232176 wrote:
    Have you reviewed the backup logs?
    Basically, create two scheduled tasks in NTBackup, one for the incrementals (btw, differential is better, IMHO) and one for full. Check the file sizes for each and do test restores to make sure all is OK, recreating the tasks if problems.

    What are you backing up TO?

    Avatar
    gogi100
    Member
    in reply to: problem with office 2007 #334939

    Re: problem with office 2007

    yes, i do but the problem is same

    Avatar
    gogi100
    Member
    in reply to: copy file in system 32 #334938

    Re: copy file in system 32

    i install free version avira on workstation. 35 workstations, i install 35 avira free edition and every workstation uses his version, nothing other.

    gogi100;199232 wrote:
    echo off @
    \server01particijaantivirpec.exe

    but script doesn’t work. share folder have share and ntfs permission authenticated user modify. domain user have right local administrator that i could install avira.

    Avatar
    gogi100
    Member
    in reply to: copy file in system 32 #334937

    Re: copy file in system 32

    i install free version avira on workstation. 35 workstations, i install 35 avira free edition and every workstation uses his version, nothing other.

    Avatar
    gogi100
    Member
    in reply to: copy file in system 32 #334936

    Re: copy file in system 32

    i have solution for this situation but there’s one more problem. how start this installation file antivirpec.exe with startup script. i made antivir.bat script for start installation with start computer

    @echo off
    \server01partitionantivirpec.exe[/CODE]

    i puted this script in gpo/computer configuration/windowssettings/startup

    but the script doesn’t work
    why?
    the permissions on share folder partition are: share permission change and ntfs modify for authenticated user[CODE]@echo off
    \server01partitionantivirpec.exe[/CODE]

    i puted this script in gpo/computer configuration/windowssettings/startup

    but the script doesn’t work
    why?
    the permissions on share folder partition are: share permission change and ntfs modify for authenticated user

    Avatar
    gogi100
    Member
    in reply to: copy file in system 32 #334935

    Re: copy file in system 32

    i’m trying silent installation of avira personal free 10. in the guide there’s file cwnd.exe which must to be in system 32. the guide is in address
    LINK REMOVED BY MODERATOR
    i want to copy this file to every workstation in domain. OS is windows xp pro on workstations

    Avatar
    gogi100
    Member
    in reply to: copy file in system 32 #334934

    Re: copy file in system 32

    i would use the gpo, but i don’t know how?

    Avatar
    gogi100
    Member
    in reply to: problem with system monitor #334933

    Re: problem with system monitor

    i fixed my problem with the exctrlst.exe “windows extensible performance counter utility”. When i started this tool i found that some dll files like perfproc.dll, perf os etc have not started. i enabled them and basic objects are showed in system monitor. thnks for help

    Avatar
    gogi100
    Member
    in reply to: problem with system monitor #334932

    Re: problem with system monitor

    i tried to load some counters of some objects and syste monitor work, but i don’t see basic objects: memory, processor, hdd, network adapter. where are they?

    Avatar
    gogi100
    Member
    in reply to: problem with system monitor #334931

    Re: problem with system monitor

    there’are erorr messages in the event viewer
    Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “MSSQL$MICROSOFT##SSEE” in DLL “C:WINDOWSsystem32sqlctr90.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: f3 03 00 00 00 00 00 00 ó…….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “aspnet_state” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “ASP.NET_64_2.0.50727” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “ASP.NET_64” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “.NETFramework” in DLL “C:WINDOWSsystem32mscoree.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 02 00 00 00 00 00 00 00 ……..[/CODE]
    [CODE]Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1090
    Date: 15.3.2010
    Time: 14:32:18
    User: NT AUTHORITYSYSTEM
    Computer: my server
    Description:
    Windows couldn’t log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.%5B/CODE%5D
    Also, I forgot to say, on my server there’re the iis 6.0 and wsus 3.0.
    I do not know how to run System Monitor?[CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “MSSQL$MICROSOFT##SSEE” in DLL “C:WINDOWSsystem32sqlctr90.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: f3 03 00 00 00 00 00 00 ó…….[/CODE]
    Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “aspnet_state” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “ASP.NET_64_2.0.50727” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “ASP.NET_64” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “.NETFramework” in DLL “C:WINDOWSsystem32mscoree.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 02 00 00 00 00 00 00 00 ……..[/CODE]
    [CODE]Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1090
    Date: 15.3.2010
    Time: 14:32:18
    User: NT AUTHORITYSYSTEM
    Computer: my server
    Description:
    Windows couldn’t log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.%5B/CODE%5D
    Also, I forgot to say, on my server there’re the iis 6.0 and wsus 3.0.
    I do not know how to run System Monitor?[CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “aspnet_state” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “ASP.NET_64_2.0.50727” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “ASP.NET_64” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “.NETFramework” in DLL “C:WINDOWSsystem32mscoree.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 02 00 00 00 00 00 00 00 ……..[/CODE]
    [CODE]Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1090
    Date: 15.3.2010
    Time: 14:32:18
    User: NT AUTHORITYSYSTEM
    Computer: my server
    Description:
    Windows couldn’t log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.%5B/CODE%5D
    Also, I forgot to say, on my server there’re the iis 6.0 and wsus 3.0.
    I do not know how to run System Monitor?[CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “ASP.NET_64_2.0.50727” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “ASP.NET_64” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    [CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “.NETFramework” in DLL “C:WINDOWSsystem32mscoree.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 02 00 00 00 00 00 00 00 ……..[/CODE]
    [CODE]Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1090
    Date: 15.3.2010
    Time: 14:32:18
    User: NT AUTHORITYSYSTEM
    Computer: my server
    Description:
    Windows couldn’t log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.%5B/CODE%5D
    Also, I forgot to say, on my server there’re the iis 6.0 and wsus 3.0.
    I do not know how to run System Monitor?[CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “ASP.NET_64” in DLL “c:WINDOWSMicrosoft.NETFramework64v2.0.50727aspnet_perf.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 05 40 00 80 00 00 00 00 [email protected]€….[/CODE]
    Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “.NETFramework” in DLL “C:WINDOWSsystem32mscoree.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 02 00 00 00 00 00 00 00 ……..[/CODE]
    [CODE]Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1090
    Date: 15.3.2010
    Time: 14:32:18
    User: NT AUTHORITYSYSTEM
    Computer: my server
    Description:
    Windows couldn’t log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.%5B/CODE%5D
    Also, I forgot to say, on my server there’re the iis 6.0 and wsus 3.0.
    I do not know how to run System Monitor?[CODE]Event Type: Error
    Event Source: Perflib
    Event Category: None
    Event ID: 1008
    Date: 15.3.2010
    Time: 14:33:27
    User: N/A
    Computer: my server
    Description:
    The Open Procedure for service “.NETFramework” in DLL “C:WINDOWSsystem32mscoree.dll” failed. Performance data for this service will not be available. The Status code returned is the first DWORD in the attached data.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
    Data:
    0000: 02 00 00 00 00 00 00 00 ……..[/CODE]
    Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1090
    Date: 15.3.2010
    Time: 14:32:18
    User: NT AUTHORITYSYSTEM
    Computer: my server
    Description:
    Windows couldn’t log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.%5B/CODE%5D
    Also, I forgot to say, on my server there’re the iis 6.0 and wsus 3.0.
    I do not know how to run System Monitor?[CODE]Event Type: Error
    Event Source: Userenv
    Event Category: None
    Event ID: 1090
    Date: 15.3.2010
    Time: 14:32:18
    User: NT AUTHORITYSYSTEM
    Computer: my server
    Description:
    Windows couldn’t log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

    For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.%5B/CODE%5D
    Also, I forgot to say, on my server there’re the iis 6.0 and wsus 3.0.
    I do not know how to run System Monitor?

    Avatar
    gogi100
    Member
    in reply to: problem with remote desktop for administration #334930

    Re: problem with remote desktop for administration

    I returned everything and everything is fine. How to disable local administrators on workstations to access the remote win server 2003 where is the domain controller?

Viewing 30 posts - 31 through 60 (of 94 total)

Register for this Petri Webinar!

Want to Make Your Backup Storage Unlimited & Ready for the Cloud? – Free Thurrott Premium Account with Webinar Registration!

Tuesday, August 27, 2019 @ 1:00 pm EDT

A Scale-Out Backup storage infrastructure is a must-have technology for your backups. In this webinar, join expert Rick Vanover for a look on what real-world problems are solved by the Scale-Out Backup Repository.

Register Now

Sponsored By