Need help for ACL and NAT

Similar Messages

• Need help for ACL and NAT for VoIP

  Dear experts
  I configure my PBX server to work with one VoIP provider. When I put the server in blank network, mean that without VLANs.
  The IP PBX server can register to the VoIP provider system normally and I can make call out and receive calls normally.
  However, when I put the PBX behind the Cisco router with some configuration. The PBX cannot register with the VoIP provider system.
  Eventhough I can receive calls from outside but can not make a call from inside to outside, because of the PBX cannot register.
  Could you please help me to point out what is wrong with my Cisco router configuration.
  Thanks a lot
  Building configuration...
  Current configuration : 1982 bytes
  ! Last configuration change at 17:18:27 UTC Mon Feb 24 2014
  version 15.1
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname Router
  boot-start-marker
  boot-end-marker
  enable secret 5 $1$ZJEF$8np0QvQTD1nTaOosa9yGW1
  no aaa new-model
  memory-size iomem 20
  no ipv6 cef
  ip source-route
  ip cef
  multilink bundle-name authenticated
  crypto pki token default removal timeout 0
  license udi pid CISCO2911/K9 sn FTX1603AH9C
  interface Embedded-Service-Engine0/0
  no ip address
  interface GigabitEthernet0/0
  description internal-LAN
  ip address x.x.x.4 255.255.0.0
  ip nat inside
  ip virtual-reassembly in
  duplex auto
  speed auto
  interface GigabitEthernet0/1
  no ip address
  duplex auto
  speed auto
  interface GigabitEthernet0/1.1
  encapsulation dot1Q 11
  ip address 172.x.x.1 255.255.240.0
  interface GigabitEthernet0/2
  description internet
  ip address 50.x.x.93 255.255.x.x
  ip nat outside
  ip virtual-reassembly in
  duplex auto
  speed auto
  ip forward-protocol nd
  no ip http server
  no ip http secure-server
  ip nat inside source list 100 interface GigabitEthernet0/2 overload
  ip nat inside source static udp x.x.x.8 5060 50.x.x.93 5060 extendable
  ip route profile
  ip route 0.0.0.0 0.0.0.0 50.x.x.94
  ip route 172.16.240.0 255.255.x.0 x.x.x.5
  ip route 172.16.242.0 255.255.x.0 x.x.x.5
  access-list 100 permit ip x.x.0.0 0.0.255.255 any
  access-list 100 permit ip 172.16.240.0 0.0.0.255 any
  access-list 100 permit ip 172.16.242.0 0.0.0.255 any
  access-list 100 permit udp any any range 5004 5090
  access-list 100 permit udp any any range 10000 20000
  control-plane
  line con 0

  You really don't want to use NAT with SIP. Odds are it won't work. This is because SIP embeds hostnames/IP Addresses inside the packets, and standard NAT does not look inside packets.
  If you want a NAT-type functionality for SIP, you need something called a session border controller. Look up Cisco CUBE
  http://www.cisco.com/c/en/us/products/unified-communications/unified-border-element/index.html
  https://supportforums.cisco.com/docs/DOC-17964
  http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-border-element/99863-cube-config.html
  GTG
  Please rate all helpful posts.

• Need help for Update and cancel SalesOrder

  Hi All,
  I  written java code for create sales order based on salesquotation,now i want to update and cancel sales order ,i need help to update and cancel salesorder.
  can give any related links for update and cancel salesorder.
  Thanks and Regards,
  Srinivas

  Hi srinivas.L
  It is simple, here is some sample code. You must use getbykey to get the document. Then once you got it you can make whatever changes you need. Then update it. where i have oOrder.Update() you can have oOrder.cancel
  Dim oOrder As SAPbobsCOM.Documents
          oOrder = oCompany.GetBusinessObject(SAPbobsCOM.BoObjectTypes.oOrders)
          If oOrder.GetByKey(530) Then
              oOrder.Lines.SetCurrentLine(1)
              oOrder.Lines.WarehouseCode = "01"
              If oOrder.Update() <> 0 Then
                  MsgBox(oCompany.GetLastErrorDescription)
              End If
          Else
              MsgBox("Nothing found")
          End If
  Hope this helps

• I need help for cloud and ios5

  Help me for cloud and ios5

  Sounds like I have a similar problem.  I just updated iPad, and iPhone to iOS5.   I synced these devices with my iMac on iCloud.  Calendars and contacts synced just fine.   However for some strange reason I can no longer sync any music on my 32 GB iPhone.  iTunes is telling me that I am beyond the phone's capacity with an "Other" item that is nearly as large as my music collection.  Am I missing something here?  Your help will be greatly appreciated.

• Need help with ACLs and propagating permissions

  I'm currently setting up our new server, for which we're moving away from Windows entirely (both on the server and user workstation ends), and I'm currently having some questions about permissions. I've been scouring the OS X Server Advanced Admin pdf, but there are numerous holes in the exposition of permissions from the ACLs down to the proper way to propagate permissions when a manual touch is required. What I'm trying to do is allow one group to have read access only until they get to a certain subdirectory, at which point they can then write to that level; then for the second group, they only need read access for a specific folder down the line from the starting directory. I'll include some example images with a test folder I've created so that it may be a little easier to understand what my goals are with the Server app's permissions. Thank you in advance for all your help.

  You need the advanced permissions editor.  You are trying to convert inherited permissions to explicit.  If I understand what you want, you would go about it like this.
  You have two groups; GroupA and GroupB.  GroupA is the limited group.  You want them to be able to read everything and write to limited locations.  GroupB can read and write everywhere.  So based on your example, you would do this to start:
  At the parent folder level, you are defining GroupA to be able to read and GroupB to read and write.
  Now to drill down.  In Server.app select your server.  This is the first item in the side bar.  On the right, choose Storage.  Drill down to where your shared folder is located and select it.  From the Gear menu, chose Edit Permissions as shown here:
  You will note that GroupA and GroupB are both gray.  This denotes that they are inherited entries at this level.  You must break the inheritance and start over.  To do this, press the small gear icon on the edit permissions sheet and choose "Make Inherited Entries Explicit."  GroupA and GroupB will turn black, allowing you to edit them.  Change GroupA from Read to Read Write.  Press OK to close the sheet.
  Now, if you already have data inside the folder, you can use the large gear menu and choose Propagate Permissions.  This will ensure that your data will reset with the new ACL.
  Reid
  Apple Consultants Network
  Author "Mavericks Server – Foundation Services" :: Exclusively available in Apple's iBooks Store
  Author "Mavericks Server – Control and Collaboration" :: Exclusively available in Apple's iBooks Store

• Need help for email and BBM

  Hi i'm Alex and im having problems setting up my email and bbm on my blackberry curve 8520. i'm with orange as a dolphin plan and just wondering if any one can help set up my bbm and enterprise Activation Password.

  Hello !
  It seems you dont have BlackBerry Internet Service (BIS) Plan activated on your device.
  Please contact your Service Provider for activating it.
  Hope this resolves your Problem!
  If your problem has been resolved then would request you to Click on "Like" and accept as "Solution" so that other Advisors doesnt invest their time on this Message anymore.
  Thanks.

• Need help for coding and designing

  Hi All,
  Problem Statement
  A financial institution is in the verge of automating their existing “customer data management” system. Currently they are maintaining their
  customer data in a comma separated file (CSV) format. You, as a software consultant have been requested to create a system that is flexible,
  extensible and maintainable. Your proposed system should also take care of moving the data from the old system to the new one.
  Customer has following specific requirements
  1.This is an internal offline application and need not be a web based solution
  2.The new application should be cost effective
  3.The application should have good response time as compared to the ones suggested by other vendors
  4.Phase 1 work should concentrate mainly on building a simple system which moves the data from CSV to the new one and display the
  moved data on the screen.
  Sample CSV file containing customer data
  <first name>, <age>, <pan number>, <date of registration>
  Ramesh, 28, JWSLP1987, 30/01/2006
  Rajesh, 32, POCVT2087, 23/10/2005
  Shankar, 39, TRYUP3945, 24/7/2003
  Shyam, 45 BLIWP5612, 15/3/2004
  Requirements for coding DOJO
  •Ensure that your solution is built around open source frameworks and tools to avoid licensing issues. (Ex: Eclipse, MySQL, etc)
  •Please give me any idea to write code for this issue.
  Thank you.
  Edited by: user636482 on Oct 28, 2008 2:03 AM

  The first requirement is to NOT use software like "Oracle".
  The specifications are to use a CSV file as the "data source". The case asks you to "move" the data from CSV to "the new one" and display the moved data.
  So this sounds more like a data load routine -- but not to load into Oracle.
  You are in the wrong forum.

• Need Help for Itunes and quicktime

  Hi there,
  I just formated my computer and my os is windows 2003 server. When I installed itunes, everything is fine however when I installed quicktime I got an error code : -3. What's going on? and after I done with the installation, I couldn't open an itunes as well I got an error message said : The exception Privileged instruction. (0xc0000096) occurred in the application at location 0x7ca2af84. I don't know what happened I did install itunes and quick time under windows 2003 before and it works fine, but now I got an error. I appreciate the answer, Thanks in advance.

  by any chance, did you try downloading the QT Player
  from the "QuickTime 7.1 with iTunes 6 for Windows
  2000/XP" link on the QT download page? that one
  actually leads to an itunes/QT installer bundle.
  I did it this way
  let's try a careful standalone QT 7.1 reinstall.
  download and save a copy of the QT 7.1 standalone
  installer to your hard drive. (we'll run the install
  from there rather than online.) switch off
  antivirus and antispyware applications prior to the
  install.
  Quicktime 7.1 Standalone Installer
  if that install goes through okay, does your itunes
  launch properly again?
  I did like you said and I can not even uninstall quicktime from my computer. When I double click the installation package: It shows
  Unhandled Exception
  Error Number : 0x80040707
  Description : DLL function call crashed : QTInstallCode.QuickTimeUninstallProc
  Setup will now terminate
  Also, itunes does not launch properly. I think there is something wrong because when I install the windows from the cd I can install and run these two programs(itunes and quicktime). They work fine and no problem at all. However, after I update windows by using windows update web site, I couldn't use these programs since then. I have no idea what is going on? Before I reinstall my os, I also use windows server 2003 with sp1 and I could run these two programs. I think may be the new version of itunes and quicktime that they put on the web site have some issues with the windows server 2003, not sure about that.
  Thanks.
  (if you get an error message on the QT standalone
  reinstall, let us know what it says. include error
  message numbers if you're getting any.)
  love, b

• I need help for install and configure password sync from AD to OID

  Hi guys!
  I need to sync passwords from AD to OID, first all, ¿What software do I need? I read some docs and don't find the good config.
  I'm trying with:
  -Database 11g
  -Weblogic 11g
  -SOA 11g
  -IDM 11g
  -IAM 11g
  First I install the Database and load the schemas with RCU, next install Weblogic without domian, next install SOA, next install IDM (OID and DIP) in a new Weblogic Domain, next install IAM, next configure IAM in the domain created before, next configure SSL, check the config by using ldapbind, next configure DIP.
  It's that ok?
  ¿What I am doing wrong?
  Thank you all.

  If all you need is AD & OID then OIM is not required. DIP alone can handle this
  Password sync should work using DIP. if this is not working then check synchronization mapping and verify that password attribute is also part of this AD-OID sync. Enable debug in synchronization profile or raise an Service Request with Oracle support.
  Check
  http://docs.oracle.com/cd/E23943_01/oid.1111/e10031/odip_actdir.htm#CHDIGDEH
  and
  http://docs.oracle.com/cd/E23943_01/oid.1111/e10031/odip_config_integration.htm#BABBFAAJ
  and
  http://docs.oracle.com/cd/E23943_01/oid.1111/e10031/odip_adpasswordsync.htm#CHDBIIJC
  Atul Kumar

• Need help for java and linux

  Hi, guys,
  I am being involved in a project.My current task is to build an interface using java. This interface will obtain some information from a linux-based software called NistNet, which is done by C and has GUI as well. My question is, can I use this java-based interface to obtain some information that is typed in this NistNet'GUI? If I can, how can I do that?
  Any hint available?
  Thanks!

  You can bridge between Java and C using the "Java Native Interface" (JNI). There used to be a good tutorial on this site but it vanished for no apparent reason in some resent update, so try a websearch.
  See also
  http://java.sun.com/j2se/1.4/docs/guide/jni/
  http://java.sun.com/j2se/1.5.0/docs/guide/jni/

• Please help me!--rendering makes the images or video blurry (very pixelated) deteriorates the image  Adobe Premier Elements 13  need help!  .jpg and mpeg images,  but I have never "rendered" before since I got APE 13 about 6 weeks ago.  I am desperate for

  Please help me!--rendering makes the images or video blurry (very pixelated) deteriorates the image  Adobe Premier Elements 13  need help!  .jpg and mpeg images,  but I have never "rendered" before since I got APE 13 about 6 weeks ago.  I am desperate for assistance!

  That's going to be a ridiculous waste of money and energy.
  First of all, the current ATI drivers don't support multiple GPUs, so at the moment even a single 4870X2 would be only a 'normal' 4870 (which is quite a speed beast already). GFX drivers evolve rapidly, so things might look different next month, but when it comes to Linux and hardware there's one Golden Rule: stay away from the newest stuff and wait for proper support to get coded.
  I also wonder what power supply could possibly cope with the differences between idle and full load; that's way beyond 400W. But then, I'm one of those "quiet&green" types where >100W idle is already a bit much.
  I kind of understand that you want to get it done and not worry about hardware for the next 10 years or so, but that's simply not how the hardware world works and never did. At least not for the average consumer.

• Hello i need help for adobe creative cloud...when i launch application adobe  cc 2014  for photoshop or illustrator.....the apps launch and i can see the workspace and menu bar  for a while and  suddenly this application close automatic

  hello i need help for adobe creative cloud...when i launch application adobe  cc 2014  for photoshop or illustrator.....the apps launch and i can see the workspace and menu bar  for a while and  suddenly this application close automatic

  Sign in, activation, or connection errors | CS5.5 and later
  Mylenium

• Hi, I need help for my notebook Macbook Pro - I turned on the notebook and the screen look like start but did not start nothing, the screen froze and continuing load, load and never stop.

  Hi, I need help for my notebook Macbook Pro - I turned on the notebook and the screen look like start but did not start nothing, the screen froze and continuing load, load and never stop

  screen look on

• I created an account but haven't yet purchase any products yet! I'm a publisher launching  a magazine so i need something for design and making a layout for magazine! Please help is there a number i can talk to someone ?

  created an account but haven't yet purchase any products yet! I'm a publisher launching  a magazine so i need something for design and making a layout for magazine! Please help is there a number i can talk to someone ?

  Adobe Connect Support phone numbers
  or
  Cloud Plans https://www.adobe.com/products/creativecloud/buying-guide.html

• Need help for access list problem

  Cisco 2901 ISR
  I need help for my configuration.... although it is working fine but it is not secured cause everybody can access the internet
  I want to deny this IP range and permit only TMG server to have internet connection. My DHCP server is the 4500 switch.
  Anybody can help?
           DENY       10.25.0.1 – 10.25.0.255
                            10.25.1.1 – 10.25.1.255
  Permit only 1 host for Internet
                  10.25.7.136  255.255.255.192 ------ TMG Server
  Using access-list.
  ( Current configuration  )
  object-group network IP
  description Block_IP
  range 10.25.0.2 10.25.0.255
  range 10.25.1.2 10.25.1.255
  interface GigabitEthernet0/0
  ip address 192.168.2.3 255.255.255.0
  ip nat inside
  ip virtual-reassembly in max-fragments 64 max-reassemblies 256
  duplex auto
  speed auto
  interface GigabitEthernet0/1
  description ### ADSL WAN Interface ###
  no ip address
  pppoe enable group global
  pppoe-client dial-pool-number 1
  interface ATM0/0/0
  no ip address
  no atm ilmi-keepalive
  interface Dialer1
  description ### ADSL WAN Dialer ###
  ip address negotiated
  ip mtu 1492
  ip nat outside
  no ip virtual-reassembly in
  encapsulation ppp
  dialer pool 1
  dialer-group 1
  ppp authentication pap callin
  ppp pap sent-username xxxxxxx password 7 xxxxxxxxx
  ip nat inside source list 101 interface Dialer1 overload
  ip route 0.0.0.0 0.0.0.0 Dialer1
  ip route 10.25.0.0 255.255.0.0 192.168.2.1
  access-list 101 permit ip 10.25.0.0 0.0.255.255 any
  access-list 105 deny   ip object-group IP any
  From the 4500 Catalyst switch
  ( Current Configuration )
  interface GigabitEthernet0/48
  no switchport
  ip address 192.168.2.1 255.255.255.0 interface GigabitEthernet2/42
  ip route 0.0.0.0 0.0.0.0 192.168.2.3

  Hello,
  Host will can't get internet connection
  I remove this configuration......         access-list 101 permit ip 10.25.0.0 0.0.255.255 any
  and change the configuration ....      ip access-list extended 101
                                                              5 permit ip host 10.25.7.136 any
  In this case I will allow only host 10.25.7.136 but it isn't work.
  No internet connection from the TMG Server.