Skip to main content


Showing posts from April, 2014

How to fix “Reason 442: failed to enable Virtual Adapter” on Windows Server 2012?

I tried to install the IPSec VPN client on the Windows Server 2012 but I when I tried to run the client I got the error message:
"Reason 442: failed to enable Virtual Adapter"
I found one fix for Windows 7 (where you have to disable the “Internet Connection Sharing” on the services list) but it didn’t work for Windows Server 2012. To fix the issue on the server platform you have to find following registry key and change the field “DisplayName” for:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CvirtA  from:
@oem8.inf,%CVirtA_Desc%;CiscoSystems VPN Adapterfor64-bit Windows  to:
CiscoSystems VPN Adapterfor64-bit Windows

IPv6 security – DHCPv6 – part four.

Today I would like to do some tests with the DHCPv6. Like with IP version 4, we can run DHCP server on routers or switches.

Gi1/0/1Gi1/0/2/----\ \ -----/ /----\ | R1 |-------| sw1 |-------| R2 | \----/----- \----/ DHCP SERVER |\ |Gi1/0/3/----\ | R3 | \----/ DHCP CLIENT
In my example R1 will work as a DHCP Server and R3 as a client. First I will configure R3:

!interfaceFastEthernet0/0no ip address ipv6 address dhcp ipv6 enable no sh end!
Then R1:

!ipv6 dhcp pool DHCP-POOLeaddress prefix 2001::/64 link-address 2001::100/64 domain-name !!interfaceFastEthernet0/0no ip address ipv6 address 2001::100/64 ipv6 enableipv6 dhcp server DHCP-POOLend!
Now I configure SW1:

!ipv6 dhcp guard policy DHCP-POLICY device-role client !ipv6 dhcp guard policy DHCP-POLICY-SERVER device-role server !interfaceGigabitEthernet1/0/1 ipv6 nd inspection ipv…

IPv6 security – IPv6 First Hop Security – Binding Table – part three.

Similar to IPv4, where we can create a binding table with all hosts connected, for IPv6 we can enable the IPv6 Binding Table. The table is populated by ND, DHCP registration process or static entries.

Gi1/0/1Gi1/0/2/----\ \ -----/ /----\ | R4 |-------| sw1 |-------| R5 | \----/----- \----/|\ |Gi1/0/3/----\ | R6 | \----/
I enable IPv6 and apply ND policy with port role as a ‘router’. R4:

R4#sh ipv6 interface FastEthernet0/0is up, line protocol is up IPv6is enabled, link-local address is FE80::223:4FF:FE8E:5E08NoVirtual link-local address(es):Global unicast address(es):2001:10:10:10::4, subnet is2001:10:10:10::/64Joinedgroup address(es): FF02::1 FF02::1:FF00:4 FF02::1:FF8E:5E08 MTU is1500 bytes ICMP error messages limited to one every 100 milliseconds ICMP redirects are enabled ICMP unreachables are sent ND DAD is enabled, number of DAD attempts:1 ND rea…