UDP Ping
Dear Sirs,
As some of you may be aware, I have written an ICMP pinger using Java. For my report, I wish to add a small code example showing a UDP ping. Could someone either a) point me to a VERY SIMPLE example, or b) knock one up quickly for me. It doesn't have to compile or run, and is really just for cosmetic effect. I know this is a stupid request so please don't bother telling me how rediculous I am, if I don't get any responses i'll knock it on the head with no detrement to my mark (I'm a student by the way!)
Thanks for any help,
Windy
Geez... I've never been attacked before :)
Don't worry about it... I'm an new/old school hacker... I'm rude to get my point across. You should say you know how UDP ping works.. and that you just want a code example. Say exactly what you want... often you will get it...
import java.net.*;
import java.io.*;
import java.util.Random;
import timer.NanoTimer;
class Example {
void example() {
Nanotimer timer = new NanoTimer();
for (int i = 0; i < n; ++i) {
someComputationThatYouAreMeasuring();
long duration = timer.reset();
System.out.println("Duration: " + duration);
// To avoid contaminating timing with printing times,
// you could call reset again here.
long average = timer.getTimeSinceConstruction() / n;
System.out.println("Average: " + average);
public class SuperPing {
/** Whether or not to use a TCP Socket */
static boolean udp;
static int messageSize;
/** either "rt", "th", or "in" depending the type of test to execute.
"round-trip", "throughput", or "interact"
static String type;
static String destination;
Socket tcpSocket;
DatagramSocket udpSocket;
public SuperPing() {
if(type.equals("rt")) {
if(udp) {
roundTripUDP();
else {
roundTripTCP();
return;
if(type.equals("th")) {
if(udp) {
throughputUDP();
else {
throughputTCP();
return;
if(type.equals("in")) {
interactTCP();
public void roundTripUDP() {
try {
NanoTimer timer = new NanoTimer();
Random random = new Random();
long[] times = new long[12];
for(int i=0; i<12; i++) {
udpSocket = new DatagramSocket(1337);
//System.out.println("Connected rt udp");
byte[] data = new byte[messageSize];
random.nextBytes(data);
// ready the sending packet
DatagramPacket out = new DatagramPacket
(data,
data.length,
InetAddress.getByName(destination),
7);// echo port 7
// ready the receiving objects
byte[] dataGot = new byte[messageSize];
DatagramPacket got = new DatagramPacket(dataGot, dataGot.length);
timer.reset();
udpSocket.send(out);
udpSocket.receive(got); // blocks for input
long duration = timer.reset();
//System.out.println
// ("RoundTrip time for "+messageSize+" bytes is "+duration+"ns");
System.out.println(messageSize +" : "+duration);
times[i] = duration;
//System.out.println("Received data of size "+dataGot.length);
long avg = 0l;
for(int i=2; i<times.length; i++) {
avg += times;
System.out.println("Avg: "+(avg /= 10));
catch(IOException e) {
e.printStackTrace();
public void roundTripTCP() {
try {
NanoTimer timer = new NanoTimer();
Random random = new Random();
long[] times = new long[12];
for(int i=0; i<12; i++) {
tcpSocket = new Socket(destination,7);
//System.out.println("Connected rt tcp");
byte[] data = new byte[messageSize];
random.nextBytes(data);
// get the output stream for sending
OutputStream out = tcpSocket.getOutputStream();
// get the input stream for receiving
InputStream in = tcpSocket.getInputStream();
// ready the receiving objects
byte[] dataGot = new byte[messageSize];
timer.reset();
out.write(data);
out.flush();
in.read(dataGot); // blocks for input
long duration = timer.reset();
out.close();
in.close();
//System.out.println
// ("RoundTrip time for "+messageSize+" bytes is "+duration+"ns");
System.out.println(messageSize +" : "+duration);
times[i] = duration;
//System.out.println("Received data of size "+dataGot.length);
long avg = 0l;
for(int i=2; i<times.length; i++) {
avg += times[i];
System.out.println("Avg: "+(avg /= (times.length-2)));
catch(IOException e) {
e.printStackTrace();
public void throughputUDP() {
try {
Random random = new Random();
udpSocket = new DatagramSocket(1337);
//System.out.println("Connected rt udp");
byte[] data = new byte[messageSize];
random.nextBytes(data);
// ready the sending packet
DatagramPacket out = new DatagramPacket
(data,
data.length,
InetAddress.getByName(destination),
7);// echo port 7
// ready the receiving objects
byte[] dataGot = new byte[messageSize];
DatagramPacket got = new DatagramPacket(dataGot, dataGot.length);
NanoTimer timer = new NanoTimer();
timer.reset();
udpSocket.send(out);
udpSocket.receive(got); // blocks for input
long duration = timer.reset();
double dataPut = ( (double)duration / 2.0 ) / (1000000000.0);
dataPut = (double)(messageSize*8) / dataPut;
dataPut /= 1000000.0;
//System.out.println
// ("Throughput for "+messageSize+" bytes is "+dataPut+"Mbits");
System.out.println(messageSize +" : "+dataPut);
//System.out.println("Received data of size "+dataGot.length);
catch(IOException e) {
e.printStackTrace();
public void throughputTCP() {
try {
Random random = new Random();
tcpSocket = new Socket(destination,7);
//System.out.println("Connected rt tcp");
byte[] data = new byte[messageSize];
random.nextBytes(data);
// get the output stream for sending
OutputStream out = tcpSocket.getOutputStream();
// get the input stream for receiving
InputStream in = tcpSocket.getInputStream();
// ready the receiving objects
byte[] dataGot = new byte[messageSize];
NanoTimer timer = new NanoTimer();
timer.reset();
out.write(data);
out.flush();
in.read(dataGot); // blocks for input
long duration = timer.reset();
out.close();
in.close();
double dataPut = ( (double)duration / 2.0 ) / (1000000000.0);
dataPut = (double)(messageSize*8) / dataPut;
dataPut /= 1000000.0;
//System.out.println
// ("Throughput for "+messageSize+" bytes is "+dataPut+"Mbits");
System.out.println(messageSize +" : "+dataPut);
//System.out.println("Received data of size "+dataGot.length);
catch(IOException e) {
e.printStackTrace();
public void interactTCP() {
try {
Random random = new Random();
tcpSocket = new Socket(destination,1337);
System.out.println("Connected interact tcp");
if( 1024*1024 % messageSize != 0 ) {
System.out.println("1024 not / by "+messageSize+" evenly");
return;
int numberOfMessages = 1024*1024 / messageSize;
byte[][] data = new byte[numberOfMessages][messageSize];
for(int i=0; i<data.length; i++) {
random.nextBytes(data[i]);
// get the output stream for sending
OutputStream out = tcpSocket.getOutputStream();
// get the input stream for receiving
byte[] dataGot = new byte[1];
InputStream in = tcpSocket.getInputStream();
NanoTimer timer = new NanoTimer();
timer.reset();
for(int i=0; i<data.length; i++) {
out.write(data[i]);
in.read(dataGot);
long duration = timer.reset();
//System.out.println("completed sequence in "+duration+"ns");
System.out.println(numberOfMessages+" : "+messageSize +" : "+duration);
} catch(IOException e) {
e.printStackTrace();
public static void main(String[] args) {
// no args defaults to UDP roundTrip with message size of 1 byte
udp = true;
type = "rt";
messageSize = 1;
boolean typeSet = false;
boolean udpSet = false;
boolean messageSizeSet = false;
for( int i=0; i<args.length; i++) {
if(args[i].equals("-rt")) {
if(typeSet) { printUsage(); return; }
typeSet = true;
type = "rt";
if(args[i].equals("-th")) {
if(typeSet) { printUsage(); return; }
typeSet = true;
type = "th";
if(args[i].equals("-in")) {
if(typeSet) { printUsage(); return; }
typeSet = true;
type = "in";
if(args[i].equals("-mes")) {
if(messageSizeSet) { printUsage(); return; }
messageSizeSet = true;
String messageSizeAsString = args[++i];
messageSize = Integer.parseInt(messageSizeAsString);
if(args[i].equals("-udp")) {
if(udpSet) { printUsage(); return; }
udpSet = true;
udp = true;
if(args[i].equals("-tcp")) {
if(udpSet) { printUsage(); return; }
udpSet = true;
udp = false;
if(args[i].equals("-des")) {
if(destination != null) { printUsage(); return; }
String next = args[++i];
if(next.startsWith("-")) { printUsage(); return; }
destination = next;
if(destination == null || destination.length() == 0) {
System.out.println("Must supply a destination address.");
printUsage();
return;
new SuperPing();
static void printUsage() {
System.out.println
("java Ping -des destination [-udp|-tcp][-rt|-th|-in][-mes size]");
That code uses a nanosecond timer. You could implement one for whatever system you are running... if you are running solaris you can find that one here. http://gee.cs.oswego.edu/dl/csc445/ .. toward the bottom of the page.
I think for UDP ping this requires an echo server with udp enabled for it. That would be a simple matter to code. The other things it tests besides round trip times are throughput, and the interaction between throughput and message size. You need this little server running for that.import java.net.*;
import java.io.*;
public class PServer {
public static void main(String[] args) {
try {
ServerSocket ss = new ServerSocket(1337);
for(;;) {
Socket s = ss.accept();
System.out.println("accepted");
InputStream in = s.getInputStream();
OutputStream out = s.getOutputStream();
byte[] b = new byte[1024*1024];
int readSoFar = 0;
for(;;) {
int read = in.read(b);
if(read == -1) {
System.out.println("read failed");
System.exit(1);
readSoFar += read;
if(readSoFar >= 1024*1024) {
break;
out.write((byte)42);
} catch(IOException e) {
e.printStackTrace();
Enjoy
Similar Messages
-
Hi,
I am situated at XYZ location and want to access application on server at another location ABC. The application would be a UDP based application and I am not sure that all the hops have that UDP port open or not.
Since its a UPD not TCP so I cannot even check by telnet using that port no, also its not possible to coordinate with each of the site for this port number.
Its there any way to check UDP port being open at all the hops, and if its is blocked it is blocked at which end.
Thanks,
DeepakHi Deepak
I think you can use the NMAP application. NMAP has an option for UDP ping. That should solve your problem.
See the following link for more.
http://www.networkuptime.com/nmap/page4-6.shtml
Perhaps you can also use 'UDP ping' application.
Here is a link to one.
http://www.hotscripts.com/Detailed/23153.html
Hope it helps. Please rate the post. -
Open port issues with Direct Print functionality
Hi, I have been fighting with HP call support about the Photosmart 7525 printer.
Originally I setup and had performed all the functions to enable both web support and WIFI.
Within an hour the printer would not respond to wireless communication, though it had its wireless indecator showing it was connected.
I was told by HP support that the issue will be resolved in March, as there will be a firmware update to fix the issue.
Now that I had the printer install the new firmware I still get the issue.
Though I found through some sniffing, that there are a number of ports enabled and open that are over and beyond print requirements.
Funny thing I can send my printer into instant lockup with all lights flashing with a simple UDP ping sniff. I would think I can do this with other new HP printers using Eprint functions. I will find HP web based printers that are open for public printing and test my theory that HP Eprinters are open to hacking and denyal of service attempts. My Hp print app on andriod list three in my area, and one is at my local Walmart. This would be cool to find this, as I am usually not the first to point such matters out.
I assume some are for Apple devices to print.
Here is my sniffing report:
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-21 07:57 Central Daylight TimeNSE: Loaded 110 scripts for scanning.NSE: Script Pre-scanning.Initiating ARP Ping Scan at 07:57Scanning 192.168.223.1 [1 port]Completed ARP Ping Scan at 07:57, 0.23s elapsed (1 total hosts)Initiating Parallel DNS resolution of 1 host. at 07:57Completed Parallel DNS resolution of 1 host. at 07:58, 16.50s elapsedInitiating SYN Stealth Scan at 07:58Scanning 192.168.223.1 [1000 ports]Discovered open port 445/tcp on 192.168.223.1Discovered open port 139/tcp on 192.168.223.1Discovered open port 80/tcp on 192.168.223.1Discovered open port 443/tcp on 192.168.223.1Discovered open port 8080/tcp on 192.168.223.1Discovered open port 9220/tcp on 192.168.223.1Discovered open port 6839/tcp on 192.168.223.1Discovered open port 631/tcp on 192.168.223.1Discovered open port 7435/tcp on 192.168.223.1Discovered open port 8089/tcp on 192.168.223.1Discovered open port 9100/tcp on 192.168.223.1Completed SYN Stealth Scan at 07:58, 1.71s elapsed (1000 total ports)Initiating UDP Scan at 07:58Scanning 192.168.223.1 [1000 ports]Discovered open port 5353/udp on 192.168.223.1Completed UDP Scan at 07:58, 1.82s elapsed (1000 total ports)Initiating Service scan at 07:58Scanning 20 services on 192.168.223.1Discovered open port 161/udp on 192.168.223.1Discovered open|filtered port 161/udp on 192.168.223.1 is actually open
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-21 07:51 Central Daylight TimeNmap scan report for 192.168.223.1Host is up (0.0025s latency).Not shown: 93 closed portsPORT STATE SERVICE VERSION80/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)139/tcp open tcpwrapped443/tcp open ssl/http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)445/tcp open netbios-ssn631/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)8080/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)9100/tcp open jetdirect?MAC Address: A03:C1:BD:C8:34 (Unknown)Device type: printer|general purposeRunning: HP embedded, Wind River VxWorksOS CPE: cpe:/h:hp:laserjet_cm1415fnw cpe:/h:hp:laserjet_cp1525nw cpe:/h:hp:laserjet_1536dnf cpe:/o:windriver:vxworksOS details: HP LaserJet CM1415fnw, CP1525nw, or 1536dnf printer, VxWorksNetwork Distance: 1 hopService Info: Device: printer; CPE: cpe:/h:hphotosmart_7520OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .Nmap done: 1 IP address (1 host up) scanned in 34.11 secondsOK now I am able to run a full scan on TCP ports without causing a lock up of the printer.
I found that having the printer connect to a router that has been setup to use channel 5, 6 or 7 will cause port scanning issues with the printer.
It is obvious that there are 18 ports that are seen as open, whether they are used or not. Two of which are active but have no service connected to them. Some are just dead like port 25, but over half are active enough to recieve data and lock network connectivity within the printer.
As the firmware states some other laser jets may be affected depending on how the configuration can be set.
I moved my routers channel to channel 1 as it is the only other option I have in a highly congested location. It is not as good as channel 6, but the printer seems to have channel 6 locked in for direct printing.
Here is the latest full scan with UDP enabled, it is the furthest and most complete scan I am able to complete, with UDP ports enabled. The TCP port scan has a bit more and I have placed a simple list below the information given here:
Starting Nmap 6.40 ( http://nmap.org ) at 2014-03-21 13:27 Central Daylight Time
NSE: Loaded 110 scripts for scanning.
NSE: Script Pre-scanning.
Initiating ARP Ping Scan at 13:27
Scanning 192.168.1.211 [1 port]
Completed ARP Ping Scan at 13:27, 0.44s elapsed (1 total hosts)
Initiating Parallel DNS resolution of 1 host. at 13:27
Completed Parallel DNS resolution of 1 host. at 13:27, 0.03s elapsed
Initiating SYN Stealth Scan at 13:27
Scanning 192.168.1.211 [1000 ports]
Discovered open port 443/tcp on 192.168.1.211
Discovered open port 80/tcp on 192.168.1.211
Discovered open port 139/tcp on 192.168.1.211
Discovered open port 8080/tcp on 192.168.1.211
Discovered open port 445/tcp on 192.168.1.211
Discovered open port 631/tcp on 192.168.1.211
Discovered open port 9100/tcp on 192.168.1.211
Discovered open port 7435/tcp on 192.168.1.211
Discovered open port 9220/tcp on 192.168.1.211
Discovered open port 6839/tcp on 192.168.1.211
Completed SYN Stealth Scan at 13:27, 5.25s elapsed (1000 total ports)
Initiating UDP Scan at 13:27
Scanning 192.168.1.211 [1000 ports]
Discovered open port 137/udp on 192.168.1.211
Completed UDP Scan at 13:27, 4.46s elapsed (1000 total ports)
Initiating Service scan at 13:27
Scanning 16 services on 192.168.1.211
Discovered open port 161/udp on 192.168.1.211
Discovered open|filtered port 161/udp on 192.168.1.211 is actually open
Completed Service scan at 13:29, 82.51s elapsed (17 services on 1 host)
Initiating OS detection (try #1) against 192.168.1.211
NSE: Script scanning 192.168.1.211.
Initiating NSE at 13:29
Completed NSE at 13:30, 82.29s elapsed
Nmap scan report for 192.168.1.211
Host is up (0.023s latency).
Not shown: 1983 closed ports
PORT STATE SERVICE VERSION
80/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
|_http-favicon: Unknown favicon MD5: 76C6E492CB8CC73A2A50D62176F205C9
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Site doesn't have a title (text/html).
139/tcp open tcpwrapped
443/tcp open ssl/http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
|_http-favicon: Unknown favicon MD5: 76C6E492CB8CC73A2A50D62176F205C9
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Site doesn't have a title (text/html).
| ssl-cert: Subject: commonName=HPPS7525/organizationName=HP/stateOrProvinceName=Washington/countryName=US
| Issuer: commonName=HPPS7525/organizationName=HP/stateOrProvinceName=Washington/countryName=US
| Public Key type: rsa
| Public Key bits: 1024
| Not valid before: 2014-02-25T10:12:24+00:00
| Not valid after: 2034-02-20T10:12:24+00:00
| MD5: 9144 ca3b 557e 09cc aba0 8387 2732 2375
|_SHA-1: a6b2 95c0 b72a 7201 578c 32de 662a e6fe b082 48ca
|_ssl-date: 2014-03-21T13:30:09+00:00; -4h59m12s from local time.
445/tcp open netbios-ssn
631/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
6839/tcp open tcpwrapped
7435/tcp open tcpwrapped
8080/tcp open http HP Photosmart 7520 series printer http config (Serial TH3AS711XZ05YZ)
|_http-favicon: Unknown favicon MD5: 76C6E492CB8CC73A2A50D62176F205C9
| http-methods: GET POST PUT DELETE
| Potentially risky methods: PUT DELETE
|_See http://nmap.org/nsedoc/scripts/http-methods.html
|_http-title: Site doesn't have a title (text/html).
9100/tcp open jetdirect?
9220/tcp open hp-gsg HP Generic Scan Gateway 1.0
137/udp open netbios-ns Samba nmbd (workgroup: HPPS7525)
138/udp open|filtered netbios-dgm
161/udp open snmp SNMPv1 server (public)
| snmp-hh3c-logins:
|_ baseoid: 1.3.6.1.4.1.25506.2.12.1.1.1
| snmp-interfaces:
| Wifi0
| IP address: 192.168.1.211 Netmask: 255.255.255.0
| MAC address: a0:d3:c1:bd:c8:32 (Unknown)
| Type: ethernetCsmacd Speed: 10 Mbps
| Status: up
|_ Traffic stats: 6.16 Mb sent, 3.43 Mb received
| snmp-netstat:
| TCP 0.0.0.0:7435 0.0.0.0:0
| TCP 192.168.1.211:56076 15.201.145.52:5222
| UDP 0.0.0.0:3702 *:*
| UDP 127.0.0.1:666 *:*
|_ UDP 192.168.223.1:67 *:*
| snmp-sysdescr: HP ETHERNET MULTI-ENVIRONMENT
|_ System uptime: 0 days, 3:34:23.28 (1286328 timeticks)
| snmp-win32-shares:
|_ baseoid: 1.3.6.1.4.1.77.1.2.27
1022/udp open|filtered exp2
1023/udp open|filtered unknown
3702/udp open|filtered ws-discovery
5355/udp open|filtered llmnr
MAC Address: A03:C1:BD:C8:32 (Unknown)
Device type: general purpose
Running: Wind River VxWorks
OS CPE: cpe:/o:windriver:vxworks
OS details: VxWorks
Uptime guess: 0.150 days (since Fri Mar 21 09:55:04 2014)
Network Distance: 1 hop
TCP Sequence Prediction: Difficulty=255 (Good luck!)
IP ID Sequence Generation: Busy server or unknown class
Service Info: Hosts: HPA0D3C1BDC832, HPPS7525; Device: printer; CPE: cpe:/h:hphotosmart_7520
Host script results:
| nbstat:
| NetBIOS name: HPA0D3C1BDC832, NetBIOS user: <unknown>, NetBIOS MAC: <unknown>
| Names
| HPA0D3C1BDC832<00> Flags: <unique><active><permanent>
| MSHOME<00> Flags: <group><active><permanent>
| HPA0D3C1BDC832<20> Flags: <unique><active><permanent>
| HPPS7525<00> Flags: <unique><active><permanent>
|_ HPPS7525<20> Flags: <unique><active><permanent>
| smb-security-mode:
| Account that was used for smb scripts: guest
| User-level authentication
| SMB Security: Challenge/response passwords supported
|_ Message signing disabled (dangerous, but default)
TRACEROUTE
HOP RTT ADDRESS
1 23.26 ms 192.168.1.211
NSE: Script Post-scanning.
Read data files from: F:\Progs\Nmap
OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 180.90 seconds
Raw packets sent: 2030 (74.829KB) | Rcvd: 2921 (149.377KB)
+++++++++++++++++++++++++++++++++++++++++++++++++++++===
Full TCP port scan without UDP scanning of all ports, showing up as open... * designates open and active.
192.168.223.1Discovered open port 25/tcp on
*192.168.223.1Discovered open port 80/tcp on
*192.168.223.1Discovered open port 110/tcp on
*192.168.223.1Discovered open port 119/tcp on
*192.168.223.1Discovered open port 139/tcp on
192.168.223.1Discovered open port 143/tcp on
*192.168.223.1Discovered open port 443/tcp on
*192.168.223.1Discovered open port 445/tcp on
192.168.223.1Discovered open port 465/tcp on
192.168.223.1Discovered open port 563/tcp on
192.168.223.1Discovered open port 587/tcp on
*192.168.223.1Discovered open port 631/tcp on
192.168.223.1Discovered open port 993/tcp on
192.168.223.1Discovered open port 995/tcp on
*192.168.223.1Discovered open port 7435/tcp on
*192.168.223.1Discovered open port 6839/tcp on
*192.168.223.1Discovered open port 8080/tcp on
192.168.223.1Discovered open port 8089/tcp on
*192.168.223.1Discovered open port 9100/tcp on
*192.168.223.1Discovered open port 9220/tcp on -
Client/Server in one program (using multiple threads)?
Is there some examples out there of how to use a client and server in a single program using separate threads? Also, is it possible to start a third thread to control the packets, such as drop a random or specified number of packets (or match on specific data in a packet)?
Just trying to have a client send udp packets to a server (all on the same machine running from the same program) and want to be able to drop packets coming from the client side to the server side.
E.g.,
Here's an example that I found here: http://compnet.epfl.ch/tps/tp5.html
import java.io.<strong>;
import java.net.</strong>;
import java.util.<strong>;
/</strong>
* Server to process ping requests over UDP.
public class PingServer {
private static double lossRate = 0.3;
private static int averageDelay = 100; // milliseconds
private static int port;
private static DatagramSocket socket;
public static void main(String[] args) {
// Get command line arguments.
try {
if (args.length == 0) {
throw new Exception("Mandatory parameter missing");
port = Integer.parseInt(args[0]);
if (args.length > 1) {
lossRate = Double.parseDouble(args[1]);
if (args.length > 2) {
averageDelay = Integer.parseInt(args[2]);
} catch (Exception e) {
System.out.println("UDP Ping Server");
System.out.println("Usage: java PingServer port [loss rate] [average delay in miliseconds]");
return;
// Create random number generator for use in simulating
// packet loss and network delay.
Random random = new Random();
// Create a datagram socket for receiving and sending UDP packets
// through the port specified on the command line.
try {
socket = new DatagramSocket(port);
System.out.println("UDP PingSever awaiting echo requests");
} catch (SocketException e) {
System.out.println("Failed to create a socket");
System.out.println(e);
return;
// Processing loop.
while (true) {
// Create a datagram packet to hold incoming UDP packet.
DatagramPacket request = new DatagramPacket(new byte[1024], 1024);
// Block until the host receives a UDP packet.
try {
socket.receive(request);
} catch (IOException e) {
System.out.println("Error receiving from socket");
System.out.println(e);
break;
// Print the received data.
printData(request);
// Decide whether to reply, or simulate packet loss.
if (random.nextDouble() < lossRate) {
System.out.println(" Reply not sent.");
continue;
// Simulate network delay.
try {
Thread.sleep((int) (random.nextDouble() * 2 * averageDelay));
} catch (InterruptedException e) {}; // Ignore early awakenings.
// Send reply.
InetAddress clientHost = request.getAddress();
int clientPort = request.getPort();
byte[] buf = request.getData();
DatagramPacket reply = new DatagramPacket(buf, buf.length,
clientHost, clientPort);
try {
socket.send(reply);
} catch (IOException e) {
System.out.println("Error sending to a socket");
System.out.println(e);
break;
System.out.println(" Reply sent.");
* Print ping data to the standard output stream.
private static void printData(DatagramPacket request) {
// Obtain references to the packet's array of bytes.
byte[] buf = request.getData();
// Wrap the bytes in a byte array input stream,
// so that you can read the data as a stream of bytes.
ByteArrayInputStream bais = new ByteArrayInputStream(buf);
// Wrap the byte array output stream in an input stream reader,
// so you can read the data as a stream of characters.
InputStreamReader isr = new InputStreamReader(bais);
// Wrap the input stream reader in a buffered reader,
// so you can read the character data a line at a time.
// (A line is a sequence of chars terminated by any combination of \r
// and \n.)
BufferedReader br = new BufferedReader(isr);
// We will display the first line of the data.
String line = "";
try {
line = br.readLine();
} catch (IOException e) {
// Print host address and data received from it.
System.out.println("Received echo request from "
+ request.getAddress().getHostAddress() + ": " + line);
}I'm looking to do the "processing loop" in a separate thread, but I'd also like to do the client in a separate thread
So you're saying, just put the client code in a separate class and start the thread and that's it? As far as the packet rate loss thread, is this possible to do in another thread? -
I can login by hostname but can't by ip
Hi,
There is a strange problem. After some updates on DC and adding new Exchange server 2013 to domain I can't login with Remote Desktop Connetion (RDP) to another PC in local network by IP address and AD account and if remote PC is Win 7, 8.1 or Server 2012.
Error is:
Your credentials did not work
The credentials that were used to connect to 10.200.200.20 did not work.
Please enter new credentials.
The logon attempt failed
If I try RDP by hostname to the same remote PC with the same credential there is no problem.
Remote computers with old OS like XP and Server 2003 are not affected. Also when remote PC is logged to AD first by its local keyboard then I can RDP sometime by IP. But after restart its impossible by IP. Only by hostname.
Another issue: shared folders are accessed by hostname: \\servername\shared_folder\ But by IP \\10.200.200.20\shared_foder\ continuesly asking for username and password:
Enter network credentials
Enter your credentials to connect to: 10.200.200.20
The user name or password is incorrect.
I have test DNS and WINS - Forward and Reverse zones are OK.
IP6 is dissabled.
Another ting that I make a day before is from Active Directory Domains and Trusts I add a Alternative UPN suffixes, but I removed it after that. Is this may corrupted someting!?
This is log:
Log Name: Security
Source: Microsoft-Windows-Security-Auditing
Date: 17.3.2015 г. 15:36:59
Event ID: 4625
Task Category: Logon
Level: Information
Keywords: Audit Failure
User: N/A
Computer: ServerExchange1.mydomain.com
Description:
An account failed to log on.
Subject:
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: [email protected]
Account Domain:
Failure Information:
Failure Reason: An Error occured during Logon.
Status: 0xC000006D
Sub Status: 0x0
Process Information:
Caller Process ID: 0x0
Caller Process Name: -
Network Information:
Workstation Name: PC2
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: NtLmSsp
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon request fails. It is generated on the computer where access was attempted.
The Subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The Logon Type field indicates the kind of logon that was requested. The most common types are 2 (interactive) and 3 (network).
The Process Information fields indicate which account and process on the system requested the logon.
The Network Information fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-A5BA-3E3B0328C30D}" />
<EventID>4625</EventID>
<Version>0</Version>
<Level>0</Level>
<Task>12544</Task>
<Opcode>0</Opcode>
<Keywords>0x8010000000000000</Keywords>
<TimeCreated SystemTime="2015-03-17T13:36:59.119680200Z" />
<EventRecordID>788477</EventRecordID>
<Correlation />
<Execution ProcessID="628" ThreadID="1532" />
<Channel>Security</Channel>
<Computer>PolyExchange1.mydomain.com</Computer>
<Security />
</System>
<EventData>
<Data Name="SubjectUserSid">S-1-0-0</Data>
<Data Name="SubjectUserName">-</Data>
<Data Name="SubjectDomainName">-</Data>
<Data Name="SubjectLogonId">0x0</Data>
<Data Name="TargetUserSid">S-1-0-0</Data>
<Data Name="TargetUserName">[email protected]</Data>
<Data Name="TargetDomainName">
</Data>
<Data Name="Status">0xc000006d</Data>
<Data Name="FailureReason">%%2304</Data>
<Data Name="SubStatus">0x0</Data>
<Data Name="LogonType">3</Data>
<Data Name="LogonProcessName">NtLmSsp </Data>
<Data Name="AuthenticationPackageName">NTLM</Data>
<Data Name="WorkstationName">PC2</Data>
<Data Name="TransmittedServices">-</Data>
<Data Name="LmPackageName">-</Data>
<Data Name="KeyLength">0</Data>
<Data Name="ProcessId">0x0</Data>
<Data Name="ProcessName">-</Data>
<Data Name="IpAddress">-</Data>
<Data Name="IpPort">-</Data>
</EventData>
</Event>
This is the netlogon.log :
03/15 15:42:35 [MISC] [684] DbFlag is set to 2080ffff
03/15 15:42:37 [INIT] [1552] Group Policy is not defined for Netlogon
03/15 15:42:37 [INIT] [1552] Following are the effective values after parsing
03/15 15:43:04 [LOGON] [5048] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:43:04 [CRITICAL] [5048] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:43:04 [LOGON] [5048] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:43:09 [LOGON] [668] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:43:09 [CRITICAL] [668] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:43:09 [LOGON] [668] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:43:16 [MISC] [5048] DsGetDcName function called: client PID=992, Dom:(null) Acct:(null) Flags: PDC BACKGROUND RET_NETBIOS
03/15 15:43:16 [MISC] [5048] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c07ffff1
03/15 15:43:16 [MAILSLOT] [5048] NetpDcPingListIp: mydomain.local.: Sent UDP ping to 10.200.200.10
03/15 15:43:16 [MISC] [5048] NetpDcAllocateCacheEntry: new entry 0x0000006765B8A490 -> DC:SERVERDC1 DnsDomName:mydomain.local Flags:0x3fd
03/15 15:43:16 [MISC] [5048] NetpDcGetName: NetpDcGetNameIp for mydomain.local. returned 0
03/15 15:43:16 [MISC] [5048] DsGetDcName: results as follows: DCName:\\SERVERDC1 DCAddress:\\10.200.200.10 DCAddrType:0x1 DomainName:MYDOMAIN DnsForestName:mydomain.local Flags:0x800003fd DcSiteName:Polycomp-Sofia ClientSiteName:Polycomp-Sofia
03/15 15:43:16 [MISC] [5048] DsGetDcName function returns 0 (client PID=992): Dom:(null) Acct:(null) Flags: PDC BACKGROUND RET_NETBIOS
03/15 15:43:19 [MISC] [5048] DsGetDcName function called: client PID=992, Dom:(null) Acct:(null) Flags: PDC BACKGROUND RET_NETBIOS
03/15 15:43:19 [MISC] [5048] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c07ffff1
03/15 15:43:19 [MISC] [5048] NetpDcGetName: mydomain.local. using cached information ( NlDcCacheEntry = 0x0000006765B8A490 )
03/15 15:43:19 [MISC] [5048] DsGetDcName: results as follows: DCName:\\SERVERDC1 DCAddress:\\10.200.200.10 DCAddrType:0x1 DomainName:MYDOMAIN DnsForestName:mydomain.local Flags:0x800003fd DcSiteName:Polycomp-Sofia ClientSiteName:Polycomp-Sofia
03/15 15:43:19 [MISC] [5048] DsGetDcName function returns 0 (client PID=992): Dom:(null) Acct:(null) Flags: PDC BACKGROUND RET_NETBIOS
03/15 15:43:35 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:43:35 [CRITICAL] [684] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:43:35 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:44:05 [LOGON] [5048] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:44:05 [CRITICAL] [5048] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:44:05 [LOGON] [5048] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:44:22 [LOGON] [668] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:44:22 [CRITICAL] [668] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:44:22 [LOGON] [668] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:45:32 [SESSION] [668] I_NetLogonGetAuthData called: (null) mydomain.local (Flags 0x1)
03/15 15:46:16 [MISC] [684] DsGetDcName function called: client PID=1124, Dom:(null) Acct:(null) Flags: DS BACKGROUND
03/15 15:46:16 [MISC] [684] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c07ffff1
03/15 15:46:16 [MISC] [684] NetpDcGetName: mydomain.local. using cached information ( NlDcCacheEntry = 0x0000006764A97440 )
03/15 15:46:16 [MISC] [684] DsGetDcName: results as follows: DCName:\\SERVERDC2.mydomain.local DCAddress:\\10.200.200.15 DCAddrType:0x1 DomainName:mydomain.local DnsForestName:mydomain.local Flags:0xe00001fc DcSiteName:Polycomp-Sofia ClientSiteName:Polycomp-Sofia
03/15 15:46:16 [MISC] [684] DsGetDcName function returns 0 (client PID=1124): Dom:(null) Acct:(null) Flags: DS BACKGROUND
03/15 15:47:34 [SESSION] [1552] MYDOMAIN: NlTimeoutApiClientSession: Unbind from server \\SERVERDC2.mydomain.local (TCP) 0.
03/15 15:52:34 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:52:34 [CRITICAL] [684] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:52:34 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:52:35 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:52:35 [CRITICAL] [684] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:52:35 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:52:40 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:52:40 [CRITICAL] [684] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:52:40 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:52:46 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:52:46 [CRITICAL] [684] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:52:46 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:53:15 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Entered
03/15 15:53:15 [CRITICAL] [684] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:53:15 [LOGON] [684] SamLogon: Network logon of (null)\[email protected] from PC1 Returns 0xC000006D
03/15 15:53:38 [LOGON] [684] SamLogon: Network logon of MYDOMAIN\USER1 from PC1 Entered
03/15 15:53:38 [CRITICAL] [684] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:53:38 [LOGON] [684] SamLogon: Network logon of MYDOMAIN\USER1 from PC1 Returns 0xC000006D
03/15 15:53:40 [LOGON] [684] SamLogon: Network logon of MYDOMAIN\USER1 from PC1 Entered
03/15 15:53:40 [CRITICAL] [684] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonWithFlags: 1761 (may be legitimate for 0xc000006d)
03/15 15:53:40 [LOGON] [684] SamLogon: Network logon of MYDOMAIN\USER1 from PC1 Returns 0xC000006D
03/15 15:53:41 [MISC] [4288] DsGetDcName function called: client PID=1124, Dom:MYDOMAIN Acct:(null) Flags: RET_DNS
03/15 15:53:41 [MISC] [4288] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c07ffff1
03/15 15:53:41 [MISC] [4288] NetpDcGetName: mydomain.local. using cached information ( NlDcCacheEntry = 0x0000006764A97440 )
03/15 15:53:41 [MISC] [4288] DsGetDcName: results as follows: DCName:\\SERVERDC2.mydomain.local DCAddress:\\10.200.200.15 DCAddrType:0x1 DomainName:mydomain.local DnsForestName:mydomain.local Flags:0xe00001fc DcSiteName:Polycomp-Sofia ClientSiteName:Polycomp-Sofia
03/15 15:53:41 [MISC] [4288] DsGetDcName function returns 0 (client PID=1124): Dom:MYDOMAIN Acct:(null) Flags: RET_DNS
03/15 15:54:08 [MISC] [4564] DsGetDcName function called: client PID=992, Dom:mydomain.local Acct:(null) Flags: BACKGROUND DNS
03/15 15:54:08 [MISC] [4564] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c07ffff1
03/15 15:54:08 [MISC] [4564] NetpDcGetName: mydomain.local using cached information ( NlDcCacheEntry = 0x0000006764A97440 )
03/15 15:54:08 [MISC] [4564] DsGetDcName: results as follows: DCName:\\SERVERDC2.mydomain.local DCAddress:\\10.200.200.15 DCAddrType:0x1 DomainName:mydomain.local DnsForestName:mydomain.local Flags:0xe00001fc DcSiteName:Polycomp-Sofia ClientSiteName:Polycomp-Sofia
03/15 15:54:08 [MISC] [4564] DsGetDcName function returns 0 (client PID=992): Dom:mydomain.local Acct:(null) Flags: BACKGROUND DNS
03/15 15:54:56 [INIT] [1416] Group Policy is not defined for Netlogon> \\servername\shared_folder\ But by IP \\10.200.200.20\shared_foder\
> continuesly asking for username and password:
DCs running 2003? Then install the re-released KB3002657 on all your
2003 DCs.
Greetings/Grüße,
Martin
Mal ein
gutes Buch über GPOs lesen?
Good or bad GPOs? - my blog…
And if IT bothers me -
coke bottle design refreshment (-: -
Can't get networkmanager working with openvpn (using static key)
I'm trying to configure networkmanager to open up my VPN connection - using the static/preshared key method - but no dice. (Although I'm able to connect just fine using openvpn from the command line) Anyone been able to get this to work and/or have some suggestions?
I've installed the packages networkmanager, networkmanager-openvpn, and nm-applet. I run nm-applet, and configure the connection, but when I try to launch the connection, it fails. Log file reads as follows:
Oct 28 16:43:56 daroselin NetworkManager: <info> Starting VPN service 'org.freedesktop.NetworkManager.openvpn'...
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' started (org.freedesktop.NetworkManager.openvpn), PID 19131
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.openvpn' just appeared, activating connections
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin state changed: 1
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin state changed: 3
Oct 28 16:43:56 daroselin nm-openvpn[19133]: OpenVPN 2.1_rc20 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] built on Oct 18 2009
Oct 28 16:43:56 daroselin nm-openvpn[19133]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 28 16:43:56 daroselin nm-openvpn[19133]: LZO compression initialized
Oct 28 16:43:56 daroselin kernel: tun0: Disabled Privacy Extensions
Oct 28 16:43:56 daroselin nm-openvpn[19133]: TUN/TAP device tun0 opened
Oct 28 16:43:56 daroselin nm-openvpn[19133]: /sbin/ifconfig tun0 10.1.0.2 pointopoint 10.1.0.1 mtu 1500
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN connection 'DARSYS VPN' (Connect) reply received.
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin failed: 2
Oct 28 16:43:56 daroselin nm-openvpn[19133]: /usr/libexec/nm-openvpn-service-openvpn-helper tun0 1500 1545 10.1.0.2 10.1.0.1 init
Oct 28 16:43:56 daroselin nm-openvpn[19133]: Exiting
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin failed: 1
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin state changed: 6
Oct 28 16:43:56 daroselin NetworkManager: <info> VPN plugin state change reason: 0
Oct 28 16:43:56 daroselin NetworkManager: <WARN> connection_state_changed(): Could not process the request because no VPN connection was active.
Oct 28 16:43:56 daroselin NetworkManager: <info> Policy set 'Auto eth0' (eth0) as default for routing and DNS.
Suspiciously, it never seems to try to open a connection to the gateway. (Note that the gateway's IP address never appears in the log entries.)
I've configured the connection in nm-applet as follows:
Gateway: <internet IP address of the gateway/server I'm trying to VPN into>
Type: Static Key
Static Key: <the static key file>
Key direction: none
Remote IP address: 10.1.0.1
Local IP address: 10.1.0.2
When I launch openvpn from the command line, the conf file reads as follows:
[darose@daroselin ca]$ cat /etc/openvpn/static-client.conf
# Sample OpenVPN configuration file for
# office using a pre-shared static key.
# '#' or ';' may be used to delimit comments.
# Use a dynamic tun device.
# For Linux 2.2 or non-Linux OSes,
# you may want to use an explicit
# unit number such as "tun1".
# OpenVPN also supports virtual
# ethernet "tap" devices.
dev tun
remote <internet IP address of the gateway/server I'm trying to VPN into>
# 10.1.0.1 is our local VPN endpoint (office).
# 10.1.0.2 is our remote VPN endpoint (home).
ifconfig 10.1.0.2 10.1.0.1
# Our up script will establish routes
# once the VPN is alive.
; up ./office.up
#up ./client.up
route 10.0.0.0 255.255.255.0 10.1.0.1
# Our pre-shared static key
secret static.key
# OpenVPN 2.0 uses UDP port 1194 by default
# (official port assignment by iana.org 11/04).
# OpenVPN 1.x uses UDP port 5000 by default.
# Each OpenVPN tunnel must use
# a different port number.
# lport or rport can be used
# to denote different ports
# for local and remote.
; port 1194
# Downgrade UID and GID to
# "nobody" after initialization
# for extra security.
#user nobody
#group nobody
# If you built OpenVPN with
# LZO compression, uncomment
# out the following line.
comp-lzo
# Send a UDP ping to remote once
# every 15 seconds to keep
# stateful firewall connection
# alive. Uncomment this
# out if you are using a stateful
# firewall.
; ping 15
# Uncomment this section for a more reliable detection when a system
# loses its connection. For example, dial-ups or laptops that
# travel to other locations.
; ping 15
ping 10
; ping-restart 45
ping-restart 120
;keepalive 10 60
ping-timer-rem
persist-tun
persist-key
# Verbosity level.
# 0 -- quiet except for fatal errors.
# 1 -- mostly quiet, but display non-fatal network errors.
# 3 -- medium output, good for normal operation.
# 9 -- verbose, good for troubleshooting
verb 3
#verb 9
Anyone have any idea what the problem might be here?If anyone's curious, I opened an upstream bug about this:
https://bugzilla.gnome.org/show_bug.cgi?id=606998 -
Hello friends, I have
a customer who changed his core switch
network by another model,
Allied x900-24xs, after this change
some workstations are experiencing the problem
of authentication in the network,
the problem happens randomly, with
stations that are in same VLAN
and / or in different VLANs,
the problem for when the support technician
removes the seasons of the domain, but a few days
later happens again, the problem
is definitely solved only when
fixed IP put in the stations, only it is
not correct because they are many and we want to
continue using Windows DHCP Server 2012, the
client has two DC, one Windows
Server 2008 and other Windows Server 2012
FSMO holder.
Has anyone ever got this problem?
How to solve?
Annex am sending a picture of what happens
exactly, noting that the problem is
solved only when we put fixed IP
on the workstations.
Thank you!
Ivanildo Teixeira GalvãoHello Steven, gives a look at the text log, apparently do not see errors.
11/24 13:44:00 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
11/24 13:44:00 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: FORCE IP TIMESERV AVOIDSELF
11/24 13:44:00 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:44:00 [MAILSLOT] NetpDcPingListIp: pmtga.dom.: Sent UDP ping to 192.168.1.112
11/24 13:44:00 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
11/24 13:44:00 [MISC] LoadBalanceDebug (Flags: FORCE IP TIMESERV AVOIDSELF ): DC=AROEIRA, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0
11/24 13:44:00 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: FORCE IP TIMESERV AVOIDSELF
11/24 13:44:02 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
11/24 13:44:02 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
11/24 13:44:02 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:44:02 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:44:02 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
11/24 13:44:08 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS
11/24 13:44:08 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:44:08 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:44:08 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS
11/24 13:45:00 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:45:00 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: DS BACKGROUND RET_DNS
11/24 13:45:00 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:45:00 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:45:00 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:45:00 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:45:00 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:45:00 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: DS BACKGROUND RET_DNS
11/24 13:45:00 [MISC] DsGetDcName function called: Dom:AROEIRA.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:45:00 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:45:00 [CRITICAL] NetpDcGetNameIp: AROEIRA.pmtga.dom: No data returned from DnsQuery.
11/24 13:45:00 [MISC] NetpDcGetName: NetpDcGetNameIp returned 1355
11/24 13:45:00 [CRITICAL] NetpDcGetName: AROEIRA.pmtga.dom: IP and Netbios are both done.
11/24 13:45:00 [MISC] DsGetDcName function returns 1355: Dom:AROEIRA.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:45:00 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
11/24 13:45:00 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:45:00 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:45:00 [MISC] NetpDcGetName: pmtga.dom cache is too old. 11808106
11/24 13:45:00 [MAILSLOT] NetpDcPingListIp: pmtga.dom: Sent UDP ping to 192.168.1.112
11/24 13:45:00 [MISC] NlPingDcNameWithContext: Sent 1/1 ldap pings to AROEIRA.pmtga.dom
11/24 13:45:00 [MISC] NlPingDcNameWithContext: AROEIRA.pmtga.dom responded over IP.
11/24 13:45:00 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:45:00 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:45:02 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
11/24 13:45:02 [SESSION] PMTGA: NlSessionSetup: Try Session setup
11/24 13:45:02 [SESSION] PMTGA: NlDiscoverDc: Start Synchronous Discovery
11/24 13:45:02 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:45:02 [MAILSLOT] NetpDcPingListIp: pmtga.dom.: Sent UDP ping to 192.168.1.73
11/24 13:45:02 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
11/24 13:45:02 [MISC] LoadBalanceDebug (Flags: FORCE DSP AVOIDSELF ): DC=ANGICO, SrvCount=2, FailedAQueryCount=0, DcsPinged=1, LoopIndex=0
11/24 13:45:02 [PERF] NlSetServerClientSession: Not changing connection (000BB8E0): "\\ANGICO.pmtga.dom"
ClientSession: 00107510PMTGA: NlDiscoverDc: Found DC \\ANGICO.pmtga.dom
11/24 13:45:02 [SESSION] PMTGA: NlSessionSetup: Negotiated flags with server are 0x612fffff
11/24 13:45:02 [SESSION] PMTGA: NlSetStatusClientSession: Set connection status to 0
11/24 13:45:02 [DOMAIN] Setting LSA NetbiosDomain: PMTGA DnsDomain: pmtga.dom. DnsTree: pmtga.dom. DomainGuid:6b55e8fb-0687-4841-b1db-e7e33f01563e
11/24 13:45:02 [LOGON] NlSetForestTrustList: New trusted domain list:
11/24 13:45:02 [LOGON] 0: PMTGA pmtga.dom (NT 5) (Forest Tree Root) (Primary Domain) (Native)
11/24 13:45:02 [LOGON] Dom Guid: 6b55e8fb-0687-4841-b1db-e7e33f01563e
11/24 13:45:02 [LOGON] Dom Sid: S-1-5-21-2200738471-4180215613-1583774977
11/24 13:45:02 [SESSION] PMTGA: NlSetStatusClientSession: Set connection status to 0
11/24 13:45:02 [SESSION] PMTGA: NlSessionSetup: Session setup Succeeded
11/24 13:45:06 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS
11/24 13:45:06 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:45:06 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:45:06 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS
11/24 13:45:06 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DSP
11/24 13:45:06 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:45:06 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:45:06 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DSP
11/24 13:45:06 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:45:06 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:45:06 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:45:06 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:45:22 [SESSION] I_NetLogonGetAuthData called: (null) pmtga.dom (Flags 0x1)
11/24 13:46:01 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
11/24 13:46:01 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
11/24 13:46:01 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
11/24 13:46:01 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
11/24 13:46:01 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
11/24 13:46:01 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
11/24 13:46:26 [MISC] DsGetDcName function called: Dom:pmtga Acct:(null) Flags: IP KDC
11/24 13:46:26 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:46:26 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:46:26 [MISC] DsGetDcName function returns 0: Dom:pmtga Acct:(null) Flags: IP KDC
11/24 13:46:29 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:46:29 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:46:29 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:46:29 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:46:29 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x1
11/24 13:46:29 [MISC] DsrEnumerateDomainTrusts: returns: 0
11/24 13:46:29 [MISC] DsGetDcName function called: Dom:PMTGA.DOM Acct:(null) Flags: DS BACKGROUND RET_DNS
11/24 13:46:29 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:46:29 [MISC] NetpDcGetName: PMTGA.DOM using cached information
11/24 13:46:29 [MISC] DsGetDcName function returns 0: Dom:PMTGA.DOM Acct:(null) Flags: DS BACKGROUND RET_DNS
11/24 13:46:29 [MISC] DsGetDcName function called: Dom:ANGICO.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:46:29 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:46:29 [CRITICAL] NetpDcGetNameIp: ANGICO.pmtga.dom: No data returned from DnsQuery.
11/24 13:46:29 [MISC] NetpDcGetName: NetpDcGetNameIp returned 1355
11/24 13:46:29 [CRITICAL] NetpDcGetName: ANGICO.pmtga.dom: IP and Netbios are both done.
11/24 13:46:29 [MISC] DsGetDcName function returns 1355: Dom:ANGICO.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:46:29 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
11/24 13:46:29 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:46:29 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:46:29 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:46:29 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:46:31 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS RET_DNS
11/24 13:46:31 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:46:31 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:46:31 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS RET_DNS
11/24 13:46:31 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x1
11/24 13:46:31 [MISC] DsrEnumerateDomainTrusts: returns: 0
11/24 13:46:32 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:46:32 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:46:32 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:46:32 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:47:06 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:47:06 [MAILSLOT] NetpDcPingListIp: pmtga.dom.: Sent UDP ping to 192.168.1.73
11/24 13:47:06 [MISC] NlPingDcNameWithContext: Sent 1/1 ldap pings to ANGICO.pmtga.dom
11/24 13:47:06 [MISC] NlPingDcNameWithContext: ANGICO.pmtga.dom responded over IP.
11/24 13:47:06 [PERF] NlSetServerClientSession: Not changing connection (000BB8E0): "\\ANGICO.pmtga.dom"
ClientSession: 00107510PMTGA: NlTimeoutApiClientSession: Unbind from server \\ANGICO.pmtga.dom (TCP) 0.
11/24 13:48:14 [MISC] DsGetDcName function called: Dom:PMTGA.DOM Acct:(null) Flags: BACKGROUND DNS
11/24 13:48:14 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:48:14 [MISC] NetpDcGetName: PMTGA.DOM using cached information
11/24 13:48:14 [MISC] DsGetDcName function returns 0: Dom:PMTGA.DOM Acct:(null) Flags: BACKGROUND DNS
11/24 13:49:15 [INIT] Group Policy is not defined for Netlogon
11/24 13:49:15 [INIT] Following are the effective values after parsing
11/24 13:49:15 [INIT] Sysvol = C:\Windows\SYSVOL\SYSVOL
11/24 13:49:15 [INIT] Scripts = (null)
11/24 13:49:15 [INIT] RpcDacl = (null)
11/24 13:49:15 [INIT] SiteName (0) = Default-First-Site-Name
11/24 13:49:15 [INIT] Pulse = 300 (0x12c)
11/24 13:49:15 [INIT] Randomize = 1 (0x1)
11/24 13:49:15 [INIT] PulseMaximum = 7200 (0x1c20)
11/24 13:49:15 [INIT] PulseConcurrency = 10 (0xa)
11/24 13:49:15 [INIT] PulseTimeout1 = 10 (0xa)
11/24 13:49:15 [INIT] PulseTimeout2 = 300 (0x12c)
11/24 13:49:15 [INIT] MaximumMailslotMessages = 500 (0x1f4)
11/24 13:49:15 [INIT] MailslotMessageTimeout = 10 (0xa)
11/24 13:49:15 [INIT] MailslotDuplicateTimeout = 2 (0x2)
11/24 13:49:15 [INIT] ExpectedDialupDelay = 0 (0x0)
11/24 13:49:15 [INIT] ScavengeInterval = 900 (0x384)
11/24 13:49:15 [INIT] MaximumPasswordAge = 30 (0x1e)
11/24 13:49:15 [INIT] LdapSrvPriority = 0 (0x0)
11/24 13:49:15 [INIT] LdapSrvWeight = 100 (0x64)
11/24 13:49:15 [INIT] LdapSrvPort = 389 (0x185)
11/24 13:49:15 [INIT] LdapGcSrvPort = 3268 (0xcc4)
11/24 13:49:15 [INIT] KdcSrvPort = 88 (0x58)
11/24 13:49:15 [INIT] KerbIsDoneWithJoinDomainEntry = 0 (0x0)
11/24 13:49:15 [INIT] DnsTtl = 600 (0x258)
11/24 13:49:15 [INIT] DnsRefreshInterval = 3600 (0xe10)
11/24 13:49:15 [INIT] CloseSiteTimeout = 900 (0x384)
11/24 13:49:15 [INIT] SiteNameTimeout = 300 (0x12c)
11/24 13:49:15 [INIT] DuplicateEventlogTimeout = 14400 (0x3840)
11/24 13:49:15 [INIT] MaxConcurrentApi = 0 (0x0)
11/24 13:49:15 [INIT] NegativeCachePeriod = 45 (0x2d)
11/24 13:49:15 [INIT] BackgroundRetryInitialPeriod = 600 (0x258)
11/24 13:49:15 [INIT] BackgroundRetryMaximumPeriod = 3600 (0xe10)
11/24 13:49:15 [INIT] BackgroundRetryQuitTime = 0 (0x0)
11/24 13:49:15 [INIT] BackgroundSuccessfulRefreshPeriod = 4294967295 (0xffffffff)
11/24 13:49:15 [INIT] NonBackgroundSuccessfulRefreshPeriod = 1800 (0x708)
11/24 13:49:15 [INIT] DnsFailedDeregisterTimeout = 172800 (0x2a300)
11/24 13:49:15 [INIT] MaxLdapServersPinged = 55 (0x37)
11/24 13:49:15 [INIT] SiteCoverageRefreshInterval = 3600 (0xe10)
11/24 13:49:15 [INIT] FtInfoUpdateInterval = 86400 (0x15180)
11/24 13:49:15 [INIT] DBFlag = 545325055 (0x2080ffff)
11/24 13:49:15 [INIT] MaximumLogFileSize = 20000000 (0x1312d00)
11/24 13:49:15 [INIT] AddressTypeReturned = 1 (0x1)
11/24 13:49:15 [INIT] ForceRediscoveryInterval = 43200 (0xa8c0)
11/24 13:49:15 [INIT] RestrictNTLMInDomain = 0 (0x0)
11/24 13:49:15 [INIT] AuditNTLMInDomain = 0 (0x0)
11/24 13:49:15 [INIT] NextClosestSiteFilter = 2 (0x2)
11/24 13:49:15 [INIT] NextClosestSiteRefreshInterval = 10800 (0x2a30)
11/24 13:49:15 [INIT] RefusePasswordChange = FALSE
11/24 13:49:15 [INIT] AvoidSamRepl = TRUE
11/24 13:49:15 [INIT] AvoidLsaRepl = TRUE
11/24 13:49:15 [INIT] SignSecureChannel = TRUE
11/24 13:49:15 [INIT] SealSecureChannel = TRUE
11/24 13:49:15 [INIT] RequireSignOrSeal = TRUE
11/24 13:49:15 [INIT] RequireStrongKey = TRUE
11/24 13:49:15 [INIT] SysVolReady = TRUE
11/24 13:49:15 [INIT] UseDynamicDns = TRUE
11/24 13:49:15 [INIT] RegisterDnsARecords = TRUE
11/24 13:49:15 [INIT] AvoidPdcOnWan = FALSE
11/24 13:49:15 [INIT] AutoSiteCoverage = TRUE
11/24 13:49:15 [INIT] AvoidDnsDeregOnShutdown = TRUE
11/24 13:49:15 [INIT] DnsUpdateOnAllAdapters = FALSE
11/24 13:49:15 [INIT] Nt4Emulator = FALSE
11/24 13:49:15 [INIT] EnableChainSetClientAttributes = TRUE
11/24 13:49:15 [INIT] DisablePasswordChange = FALSE
11/24 13:49:15 [INIT] NeutralizeNt4Emulator = FALSE
11/24 13:49:15 [INIT] AllowSingleLabelDnsDomain = FALSE
11/24 13:49:15 [INIT] AllowExclusiveSysvolShareAccess = FALSE
11/24 13:49:15 [INIT] AllowExclusiveScriptsShareAccess = FALSE
11/24 13:49:15 [INIT] AvoidLocatorAccountLookup = FALSE
11/24 13:49:15 [INIT] NeverPing = FALSE
11/24 13:49:15 [INIT] RegisterSiteSpecificDnsRecordsOnly = FALSE
11/24 13:49:15 [INIT] TryNextClosestSite = FALSE
11/24 13:49:15 [INIT] AllowNT4Crypto = FALSE
11/24 13:49:15 [INIT] IgnoreIncomingMailslotMessages = FALSE
11/24 13:49:15 [INIT] RejectMd5Servers = FALSE
11/24 13:49:15 [INIT] RejectMd5Clients = FALSE
11/24 13:49:15 [INIT] Command line parsed successfully ...
11/24 13:49:15 [INIT] Netlogon.dll has been unloaded (recover from it).
11/24 13:49:15 [PERF] NlInit: New NlPcGlobalTotalInstance (0045E998): "_Total"
11/24 13:49:15 [SITE] Setting site name to 'Default-First-Site-Name'
11/24 13:49:15 [SESSION] \Device\NetBT_Tcpip_{F53C8A98-3C44-4BCA-BB57-C27E9669B895}: Transport Added (172.25.5.8)
11/24 13:49:15 [CRITICAL] IPV6SocketAddressList is too small 0.
11/24 13:49:15 [SESSION] Winsock Addrs: 172.25.5.8 (1)
11/24 13:49:15 [SESSION] V6 Winsock Addrs: (0)
11/24 13:49:15 [DNS] Set DnsForestName to: pmtga.dom
11/24 13:49:15 [DOMAIN] PMTGA: Adding new domain
11/24 13:49:15 [DOMAIN] Setting our computer name to JURIDICO19 JURIDICO19.pmtga.dom
11/24 13:49:15 [DOMAIN] Setting Netbios domain name to PMTGA
11/24 13:49:15 [DOMAIN] Setting DNS domain name to pmtga.dom.
11/24 13:49:15 [DOMAIN] Setting Domain GUID to 6b55e8fb-0687-4841-b1db-e7e33f01563e
11/24 13:49:15 [CRITICAL] C:\Windows\system32\config\netlogon.ftj: Unable to open. 2
11/24 13:49:15 [INIT] Getting cached trusted domain list from binary file.
11/24 13:49:15 [MISC] NlpInitializeTrace succeeded 0
11/24 13:49:15 [LOGON] NlSetForestTrustList: New trusted domain list:
11/24 13:49:15 [LOGON] 0: PMTGA pmtga.dom (NT 5) (Forest Tree Root) (Primary Domain) (Native)
11/24 13:49:15 [LOGON] Dom Guid: 6b55e8fb-0687-4841-b1db-e7e33f01563e
11/24 13:49:15 [LOGON] Dom Sid: S-1-5-21-2200738471-4180215613-1583774977
11/24 13:49:15 [INIT] Starting RPC server.
11/24 13:49:15 [SESSION] PMTGA: NlSessionSetup: Try Session setup
11/24 13:49:15 [SESSION] PMTGA: NlDiscoverDc: Start Synchronous Discovery
11/24 13:49:15 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:15 [MAILSLOT] NetpDcPingListIp: pmtga.dom.: Sent UDP ping to 192.168.1.73
11/24 13:49:15 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
11/24 13:49:15 [PERF] NlAllocateClientSession: New Perf Instance (0045BB68): "\\ANGICO.pmtga.dom"
ClientSession: 004A8448
11/24 13:49:15 [SESSION] PMTGA: NlDiscoverDc: Found DC \\ANGICO.pmtga.dom
11/24 13:49:15 [SESSION] PMTGA: NlSessionSetup: Negotiated flags with server are 0x612fffff
11/24 13:49:15 [SESSION] PMTGA: NlSetStatusClientSession: Set connection status to 0
11/24 13:49:15 [DOMAIN] Setting LSA NetbiosDomain: PMTGA DnsDomain: pmtga.dom. DnsTree: pmtga.dom. DomainGuid:6b55e8fb-0687-4841-b1db-e7e33f01563e
11/24 13:49:15 [LOGON] NlSetForestTrustList: New trusted domain list:
11/24 13:49:15 [LOGON] 0: PMTGA pmtga.dom (NT 5) (Forest Tree Root) (Primary Domain) (Native)
11/24 13:49:15 [LOGON] Dom Guid: 6b55e8fb-0687-4841-b1db-e7e33f01563e
11/24 13:49:15 [LOGON] Dom Sid: S-1-5-21-2200738471-4180215613-1583774977
11/24 13:49:15 [SESSION] PMTGA: NlSetStatusClientSession: Set connection status to 0
11/24 13:49:15 [SESSION] PMTGA: NlSessionSetup: Session setup Succeeded
11/24 13:49:15 [INIT] Started successfully
11/24 13:49:15 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags:
11/24 13:49:15 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:15 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:15 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags:
11/24 13:49:15 [MISC] DsGetDcName function called: Dom:PMTGA.DOM Acct:(null) Flags: IP KDC
11/24 13:49:15 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:15 [MISC] NetpDcGetName: PMTGA.DOM using cached information
11/24 13:49:15 [MISC] DsGetDcName function returns 0: Dom:PMTGA.DOM Acct:(null) Flags: IP KDC
11/24 13:49:15 [MISC] DsGetDcName function called: Dom:ForestDnsZones.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:15 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:15 [MAILSLOT] NetpDcPingListIp: ForestDnsZones.pmtga.dom: Sent UDP ping to 192.168.1.73
11/24 13:49:15 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
11/24 13:49:15 [MISC] DsGetDcName function returns 0: Dom:ForestDnsZones.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:15 [MISC] DsGetDcName function called: Dom:DomainDnsZones.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:15 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:15 [MAILSLOT] NetpDcPingListIp: DomainDnsZones.pmtga.dom: Sent UDP ping to 192.168.1.112
11/24 13:49:16 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
11/24 13:49:16 [MISC] DsGetDcName function returns 0: Dom:DomainDnsZones.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:16 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:16 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:16 [MAILSLOT] NetpDcPingListIp: pmtga.dom: Sent UDP ping to 192.168.1.73
11/24 13:49:16 [MISC] NetpDcGetName: NetpDcGetNameIp returned 0
11/24 13:49:16 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:16 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:16 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:16 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:49:16 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:16 [MISC] NlWksScavenger: Can be called again in 22 days (0x765fb49a)
11/24 13:49:17 [INIT] Group Policy is not defined for Netlogon
11/24 13:49:17 [INIT] Following are the effective values after parsing
11/24 13:49:18 [SESSION] \Device\NetBT_Tcpip_{F53C8A98-3C44-4BCA-BB57-C27E9669B895}: Transport Address is still (172.25.5.8)
11/24 13:49:20 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: RET_DNS
11/24 13:49:20 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:20 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:20 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: RET_DNS
11/24 13:49:20 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: DNS
11/24 13:49:20 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:20 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:49:20 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: DNS
11/24 13:49:20 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:20 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:20 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:20 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:20 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:20 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:20 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:49:20 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:20 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: FORCE LDAPONLY RET_DNS
11/24 13:49:20 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:20 [MAILSLOT] NetpDcPingListIp: pmtga.dom: Sent UDP ping to 192.168.1.73
11/24 13:49:20 [MAILSLOT] NetpDcPingListIp: pmtga.dom: Sent UDP ping to 192.168.1.112
11/24 13:49:21 [CRITICAL] NetpDcGetNameIp: pmtga.dom: site specific SRV records done.
11/24 13:49:21 [MISC] NetpDcGetName: NetpDcGetNameIp returned 121
11/24 13:49:27 [MAILSLOT] NetpDcPingListIp: pmtga.dom: Sent UDP ping to 192.168.1.73
11/24 13:49:28 [MAILSLOT] NetpDcPingListIp: pmtga.dom: Sent UDP ping to 192.168.1.112
11/24 13:49:28 [CRITICAL] NetpDcGetNameIp: pmtga.dom: site specific SRV records done.
11/24 13:49:28 [MISC] NetpDcGetName: NetpDcGetNameIp returned 121
11/24 13:49:31 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS
11/24 13:49:31 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:31 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:31 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS
11/24 13:49:31 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: FORCE DS
11/24 13:49:31 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:31 [MAILSLOT] NetpDcPingListIp: pmtga.dom.: Sent UDP ping to 192.168.1.73
11/24 13:49:31 [MAILSLOT] NetpDcPingListIp: pmtga.dom.: Sent UDP ping to 192.168.1.112
11/24 13:49:31 [CRITICAL] NetpDcGetNameIp: pmtga.dom.: site specific SRV records done.
11/24 13:49:32 [MISC] NetpDcGetName: NetpDcGetNameIp returned 121
11/24 13:49:32 [MAILSLOT] Sent 'Sam Logon' message to PMTGA[1C] on all transports.
11/24 13:49:32 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS
11/24 13:49:32 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:32 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:32 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS
11/24 13:49:32 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS
11/24 13:49:32 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:32 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:49:32 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS
11/24 13:49:32 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: FORCE LDAPONLY BACKGROUND RET_DNS
11/24 13:49:32 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:32 [MAILSLOT] NetpDcPingListIp: pmtga.dom: Sent UDP ping to 192.168.1.112
11/24 13:49:32 [MAILSLOT] NetpDcPingListIp: pmtga.dom: Sent UDP ping to 192.168.1.73
11/24 13:49:33 [CRITICAL] NetpDcGetNameIp: pmtga.dom: site specific SRV records done.
11/24 13:49:33 [MISC] NetpDcGetName: NetpDcGetNameIp returned 121
11/24 13:49:33 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
11/24 13:49:34 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
11/24 13:49:34 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:34 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:34 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
11/24 13:49:34 [CRITICAL] NetpDcGetNameNetbios: pmtga.dom.: Cannot NlBrowserSendDatagram. (1C) 53
11/24 13:49:34 [MISC] NetpDcGetName: NetpDcGetNameNetbios returned 1355
11/24 13:49:34 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:49:34 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:34 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:34 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:49:34 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:49:34 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:34 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:34 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:49:34 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS RET_DNS
11/24 13:49:34 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:34 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:34 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS RET_DNS
11/24 13:49:34 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS RET_DNS
11/24 13:49:34 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:34 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:34 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS RET_DNS
11/24 13:49:34 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: FORCE KDC
11/24 13:49:34 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:34 [MAILSLOT] NetpDcPingListIp: pmtga.dom.: Sent UDP ping to 192.168.1.73
11/24 13:49:34 [MAILSLOT] NetpDcPingListIp: pmtga.dom.: Sent UDP ping to 192.168.1.112
11/24 13:49:35 [MISC] DsGetDcName function returns 1355: Dom:pmtga.dom Acct:(null) Flags: FORCE LDAPONLY RET_DNS
11/24 13:49:35 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:35 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:35 [MISC] NetpDcGetName: pmtga.dom. similar query failed recently 0
11/24 13:49:35 [MISC] DsGetDcName function returns 1355: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:35 [CRITICAL] NetpDcGetNameIp: pmtga.dom.: site specific SRV records done.
11/24 13:49:35 [MISC] NetpDcGetName: NetpDcGetNameIp returned 121
11/24 13:49:35 [MAILSLOT] Sent 'Sam Logon' message to PMTGA[1C] on all transports.
11/24 13:49:35 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
11/24 13:49:35 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
11/24 13:49:35 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:35 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:35 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: IP TIMESERV AVOIDSELF BACKGROUND
11/24 13:49:36 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:36 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:36 [MISC] NetpDcGetName: pmtga.dom. similar query failed recently 1092
11/24 13:49:36 [MISC] DsGetDcName function returns 1355: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:36 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:49:36 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:36 [MISC] NetpDcGetName: pmtga.dom. similar query failed recently 1607
11/24 13:49:36 [MISC] DsGetDcName function returns 1355: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
FailedAQueryCount=0, DcsPinged=2, LoopIndex=1
11/24 13:49:42 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: FORCE KDC
11/24 13:49:42 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:49:42 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:42 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:42 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:49:42 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS WRITABLE NETBIOS RET_DNS
11/24 13:49:42 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:49:42 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:49:42 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS WRITABLE NETBIOS RET_DNS
11/24 13:50:10 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: DS BACKGROUND RET_DNS
11/24 13:50:10 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:10 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:50:10 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: DS BACKGROUND RET_DNS
11/24 13:50:11 [MISC] DsGetDcName function called: Dom:ANGICO.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:50:11 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:11 [CRITICAL] NetpDcGetNameIp: ANGICO.pmtga.dom: No data returned from DnsQuery.
11/24 13:50:11 [MISC] NetpDcGetName: NetpDcGetNameIp returned 1355
11/24 13:50:11 [CRITICAL] NetpDcGetName: ANGICO.pmtga.dom: IP and Netbios are both done.
11/24 13:50:11 [MISC] DsGetDcName function returns 1355: Dom:ANGICO.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:50:11 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
11/24 13:50:11 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:50:11 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:11 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:50:11 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:50:12 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
11/24 13:50:16 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS
11/24 13:50:16 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:16 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:50:16 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: LDAPONLY BACKGROUND RET_DNS
11/24 13:50:33 [SESSION] I_NetLogonGetAuthData called: (null) pmtga.dom (Flags 0x1)
11/24 13:50:38 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS
11/24 13:50:38 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:38 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:50:38 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS
11/24 13:50:42 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
11/24 13:50:56 [MISC] DsGetDcName function called: Dom:pmtga Acct:(null) Flags: IP KDC
11/24 13:50:56 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:56 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:50:56 [MISC] DsGetDcName function returns 0: Dom:pmtga Acct:(null) Flags: IP KDC
11/24 13:50:59 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:50:59 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:59 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:50:59 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS NETBIOS RET_DNS
11/24 13:50:59 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x1
11/24 13:50:59 [MISC] DsrEnumerateDomainTrusts: returns: 0
11/24 13:50:59 [MISC] DsGetDcName function called: Dom:PMTGA.DOM Acct:(null) Flags: DS BACKGROUND RET_DNS
11/24 13:50:59 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:59 [MISC] NetpDcGetName: PMTGA.DOM using cached information
11/24 13:50:59 [MISC] DsGetDcName function returns 0: Dom:PMTGA.DOM Acct:(null) Flags: DS BACKGROUND RET_DNS
11/24 13:50:59 [MISC] DsGetDcName function called: Dom:ANGICO.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:50:59 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:59 [CRITICAL] NetpDcGetNameIp: ANGICO.pmtga.dom: No data returned from DnsQuery.
11/24 13:50:59 [MISC] NetpDcGetName: NetpDcGetNameIp returned 1355
11/24 13:50:59 [CRITICAL] NetpDcGetName: ANGICO.pmtga.dom: IP and Netbios are both done.
11/24 13:50:59 [MISC] DsGetDcName function returns 1355: Dom:ANGICO.pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:50:59 [SITE] DsrGetSiteName: Returning site name 'Default-First-Site-Name' from local cache.
11/24 13:50:59 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:50:59 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:50:59 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:50:59 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:51:01 [MISC] DsGetDcName function called: Dom:PMTGA Acct:(null) Flags: DS RET_DNS
11/24 13:51:01 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:51:01 [MISC] NetpDcGetName: pmtga.dom. using cached information
11/24 13:51:01 [MISC] DsGetDcName function returns 0: Dom:PMTGA Acct:(null) Flags: DS RET_DNS
11/24 13:51:01 [MISC] DsrEnumerateDomainTrusts: Called, Flags = 0x1
11/24 13:51:01 [MISC] DsrEnumerateDomainTrusts: returns: 0
11/24 13:51:02 [MISC] DsGetDcName function called: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:51:02 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:51:02 [MISC] NetpDcGetName: pmtga.dom using cached information
11/24 13:51:02 [MISC] DsGetDcName function returns 0: Dom:pmtga.dom Acct:(null) Flags: LDAPONLY RET_DNS
11/24 13:51:38 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
11/24 13:51:38 [MAILSLOT] NetpDcPingListIp: pmtga.dom.: Sent UDP ping to 192.168.1.73
11/24 13:51:38 [MISC] NlPingDcNameWithContext: Sent 1/1 ldap pings to ANGICO.pmtga.dom
11/24 13:51:38 [MISC] NlPingDcNameWithContext: ANGICO.pmtga.dom responded over IP.
11/24 13:51:38 [PERF] NlSetServerClientSession: Not changing connection (0045BB68): "\\ANGICO.pmtga.dom"
ClientSession: 004A8448PMTGA: NlTimeoutApiClientSession: Unbind from server \\ANGICO.pmtga.dom (TCP) 0.
11/24 13:54:25 [SESSION] I_NetLogonGetAuthData called: (null) PMTGA (Flags 0x1)
Thanks !
Ivanildo Teixeira Galvão -
ASA max concurrent connections
If I have a thousand nodes from the public each perform a UDP ping to a server behind the ASA, does each count as a concurrent connection?
Hi,
I imagine it does.
Also I guess if we are talking about just some random UDP traffic it would also mean that the default timeout for a connection would be 2min. The most usual UDP traffic would probably be DNS querys. In those cases I presume though that the UDP connections dont stay on firewall for long as long as the firewall sees the DNS reply.
But as I said if we are talking about some random UDP traffic that is allowed through the firewall I would guess it stays in the connection table of the firewall for a couple of minutes. So you might be looking at 1000 concurrent connections or even more?
I have once witnessed a single server sending so much UDP traffic that it reached the connection limit of an ASA5540 which is 400 000 concurrent connections.
- Jouni -
RVS 4000 Email responses that need addressing
I have been bounced around between Cisco and Linksys for months….
I have two simple questions… One I know the answer on… the second, I haven’t a clue…
I have corresponded with 12-15 people at Linksys, and Cisco…
Their last answer is I should contact you…. So… Here goes…. The 16th person I’m requesting this information from….. (I can’t believe that Linksys/Cisco can’t answer these simple questions!)
Seeing that I've been checking for new firmware and IPS downloads from the Cisco site for months now, and not seeing any new downloads......
And Seeing that I'm getting nagging emails that my IPS Signature is too old, Please Update it!!!!
And Seeing that I'm still getting emails that I don't understand from the RVS 4000: -IPSEC EVENT: KLIPS device ipsec0 shut down
and I can't seem to understand How or Why it is happening, and have read manual cover to cover, and all the FAQ's, and can't upgrade it because there is no current software......
I sent the following email to [email protected] :
Hello. Have an RVS4000 Router, being used as a Gateway...
I have emails enabled, so that I'll be informed whenever there is greater than a set level of threats.... However...
If I check the logs, there are no threats... Yet....
I keep getting the following emails:
Your Signature Version is beyond 143 days. Please Update it!
I've also been getting the following emails:
-IPSEC EVENT: KLIPS device ipsec0 shut down
I'm using V1.40 IPS signature, and V1.2.11 firmware....
Yet I keep getting these emails...
I can't update the IPS Signature Version if you don't provide it!!! And you aren't!
Secondly, WHAT THE HECK DOES: "-IPSEC EVENT: KLIPS device ipsec0 shut down" MEAN????
May I suggest that the next version of firmware have options to disable the IPS "Nags" if you are not planning on writing any more code?
And, What the Heck does: "-IPSEC EVENT: KLIPS device ipsec0 shut down" mean?
Sincerely
Jan JanowskiV1.41 IPS file has been released!!!
Version: 1.41 Total Rules: 1098
In this signature, we addressed the exploits/vulnerabilities and applications
as below:
-EXPLOIT MS Video ActiveX Control Stack Buffer Overflow
A buffer overflow vulnerability exists in Microsoft DirectShow.
The flaw is due to the way Microsoft Video ActiveX Control parses image files.
An attacker can persuade the target user to open a malicious web page to exploit
this vulnerability.
-EXPLOIT Oracle Database Workspace Manager SQL Injection
Multiple SQL injection vulnerabilities exist in Oracle Database Server product.
The vulnerabilities are due to insufficient sanitization of input parameters
in the Oracle Workspace Manager component. A remote attacker with valid user
credentials may leverage these vulnerabilities to inject and execute SQL code
with escalated privilegesof SYS or WMSYS account.
Support P2P application named uTorrent up to version 1.7.2.
Signature content for 1.41
========================================================================
New Added signature(s):
1053635 EXPLOIT MS Video ActiveX Control Stack Buffer Overflow -1
1053636 EXPLOIT MS Video ActiveX Control Stack Buffer Overflow -2
1053632 EXPLOIT Oracle Database Workspace Manager SQL Injection -1
1053633 EXPLOIT Oracle Database Workspace Manager SQL Injection -2
1053634 EXPLOIT Oracle Database Workspace Manager SQL Injection -3
Modified signature(s):
1051783 P2P Gnutella Connect
1051212 P2P Gnutella Get file
1051785 P2P Gnutella UDP PING 2
1051997 P2P Gnutella Bearshare file transfer with UDP
1052039 P2P Gnutella OK
1052637 P2P Foxy Get file
Deleted signature(s):
1050521 Worm.Klez.E1 - 1
1050522 Worm.Klez.E1 - 2
1050523 Worm.Klez.E1 - 3
1050524 Worm.Klez.E2 - 1
1050525 Worm.Klez.E2 - 2
1050526 Worm.Klez.E2 ¡V 3
1050536 Worm.Blaster.B - 1
1050537 Worm.Blaster.B - 2
1050538 Worm.Blaster.B - 3
1050539 Worm.Blaster.C - 1
1050540 Worm.Blaster.C - 2
1050541 Worm.Blaster.C - 3
Number of rules in each category:
========================================================================
DoS/DDoS 51
Buffer Overflow: 241
Access Control: 92
Scan: 41
Trojan Horse: 62
Misc: 3
P2P: 40
Instant Messenger: 121
Vrus/Worm: 410
Web Attacks: 37
No Problem updating it, and the date reports Correctly!!!
THANK YOU!!! -
IPF is not allowing port 33439 to connect
Hi,
I'm using port 161(SNMP) and 33439 port as UDP ping for cacti, I noticed a strange behavior in some servers, even in ipf I allowed those ports, 33439 is failing to connect but the same is working on other servers, if I stop the IPF I'm able to connect the port 33439. Please helpme out on this
# monitor snmp and udp ping
pass in quick proto udp from 172.22.160.110/32 to any port=161
pass in quick proto udp from 172.22.160.110/32 to any port=33439
Thanks
Niranjan- Set the Radio Band to Standard-20MHz and change the Standard channel to 11-2.462GHz under Wireless tab
- Uncheck "Filter Anonymous Internet Requests" under Security tab
- Disable Fram Brust under Advance Wireless Settings
If the above option doesn't improve the performance then,try to reflash/upgrade the router's firmware,reset the router and reconfigure it from the scratch. -
I want to write a script using "fping" to monitor my network latency and packet loss. since on the server I am running the script don't have root permission I can't use ICMP the other option I have TCP or UDP depend on available open port on router/switch . my question is there any draw back using TCP or UDP ping in terms of result quality and traffic? I am really appreciate fyour feedback. thanks. paul
TCP and UDP "ping" typically rely on port 7 being open on the target devices. This is almost never the case these days. You can enable the UDP and TCP echo services on IOS devices with the command "service {udp|tcp}-small-services" but many consider them a security hole. What would be best is if you can convince your admin to setuid the fping executable to root (i.e. chmod 4555 fping). This way fping will be able to open raw sockets to produce ICMP traffic. You are certainly more likely to have this work than relying on the echo service being available.
Another alternative is to procure a small IOS device and run IP SLA on it. With IP SLA you can test simple ICMP echo, or use more advanced probes such as TCP, UDP, jitter, HTTP, DHCP, and DNS. -
Ping ICMP TCP UDP turn off service or overkill
WRT54G router I can block service of PING. Should I block ICMP, TCP, and UDP, all three? Is this overkill? The router has a firewall and the modem also has a route and firewall. aDSL. Westell 2200. I read that this is not a problem really because even with pinging, my IP is kept hidden? I saw that a TracerRoute cannot trace me because of this so there is some stealthiness. I went to GRC.com which said I was pingable but everything else was tight, which was unusual. Probably because I shut off File Sharing and did some UnBinding and even removed Client for Microsoft Network which was the NetBIOS? But PINGing. I called tech support but they were not really familiar with this. It seems simple to do but I would ask first. ICMP is the Internet protocol for all machines, servers and what not? TCP is the layer for our individual computers. Just asking
I think the westell modem is giving private IP address to router. So the public IP address from ISP would be on your modem. So settings regarding all this would be on modem's interface. Just go thru them, and check it.
-
Permit udp any any to allow ping ?!
Dear Community,
I am having problems understanding how ACL works through VPN. I have the following:
HQ is behind ASA 5510, site address is 192.168.1.0 /24
Remote site is behind Cisco 887 router, site addressing is 192.168.10.0 /24
IPSec VPN is set up and working between the two sites.
Now I have applied the following ACL inside int the public interface of the branch router:
Extended IP access list 102
10 permit tcp any any eq 22 (1321 matches)
This obviously blocks icmp (ping 192.168.1.1 source 192.168.10.1)
But what I am not understanding is that the only command that will allow ICMP is (on the ACL 102):
permit udp any any
substituting udp with icmp or ip does not allow pings
Could you please give me some guidance.It's not a supported method, but the views you create are stored on the LMS server as xml files (as shown below on soft appliance) in /opt/CSCOpx/campus/etc/users/. The xml files are mostly a listing of the node IDs with their map coordinates.
You could copy them manually into the other users' directories on the server and they should see the same thing you have labored to create for their viewing pleasure.
I have brought this up with Cisco as a nice to have supported feature in the past but it never went anywhere.
[SecLab-LMS/root-ade admin]# pwd
/opt/CSCOpx/campus/etc/users/admin
[SecLab-LMS/root-ade admin]# ls -al
total 28
drwxr-x--- 2 casuser casusers 4096 Dec 16 2012 .
drwxr-x--- 4 casuser casusers 4096 Feb 8 2013 ..
-rw-r----- 1 casuser casusers 7345 Aug 29 13:23 Layer~2~View.xml
-rw-r----- 1 casuser casusers 1807 Nov 8 2012 SwitchCloud-1.xml
-rw-r----- 1 casuser casusers 1540 Feb 27 2013 Unconnected~Device~View.xml
-rw-r----- 1 casuser casusers 351 Sep 25 15:59 user.preferences
[SecLab-LMS/root-ade admin]# -
ASA 5505 VPN clients can't ping router or other clients on network
I have a ASA5505 and it has a vpn set up. The VPN user connects using the Cisco VPN client. They can connect fine (the get an ip address from the ASA), but they can't ping the asa or any clients on the network. Here is the running config:
Result of the command: "show running-config"
: Saved
ASA Version 7.2(4)
hostname ASA
domain-name default.domain.invalid
enable password kdnFT44SJ1UFX5Us encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 10.0.0.4 Server
interface Vlan1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
clock timezone MST -7
clock summer-time MDT recurring
dns domain-lookup inside
dns domain-lookup outside
dns server-group DefaultDNS
domain-name default.domain.invalid
access-list vpn_splitTunnelAcl standard permit any
access-list inside_nat0_outbound extended permit ip any 10.0.0.192 255.255.255.192
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool VPNpool 10.0.0.220-10.0.0.240 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp interface smtp Server smtp netmask 255.255.255.255
static (inside,outside) tcp interface pop3 Server pop3 netmask 255.255.255.255
static (inside,outside) tcp interface www Server www netmask 255.255.255.255
static (inside,outside) tcp interface https Server https netmask 255.255.255.255
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable 480
http 10.0.0.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 set pfs group1
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
group-policy vpn internal
group-policy vpn attributes
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value vpn_splitTunnelAcl
username admin password wwYXKJulWcFrrhXN encrypted privilege 15
username VPNuser password fRPIQoKPyxym36g7 encrypted privilege 15
username VPNuser attributes
vpn-group-policy vpn
tunnel-group vpn type ipsec-ra
tunnel-group vpn general-attributes
address-pool VPNpool
default-group-policy vpn
tunnel-group vpn ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
service-policy global_policy global
prompt hostname context
Cryptochecksum:df7d1e4f34ee0e155cebe86465f367f5
: end
Any ideas what I need to add to get the vpn client to be able to ping the router and clients?
Thanks.I tried that and it didn't work. As for upgrading the ASA version, I'd like to but this is an old router and I don't have a support contract with Cisco anymore, so I can't access the latest firmware.
here is the runnign config again:
Result of the command: "show startup-config"
: Saved
: Written by enable_15 at 01:48:37.789 MDT Wed Jun 20 2012
ASA Version 7.2(4)
hostname ASA
domain-name default.domain.invalid
enable password kdnFT44SJ1UFX5Us encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 10.0.0.4 Server
interface Vlan1
nameif inside
security-level 100
ip address 10.0.0.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
ftp mode passive
clock timezone MST -7
clock summer-time MDT recurring
dns domain-lookup inside
dns domain-lookup outside
dns server-group DefaultDNS
domain-name default.domain.invalid
access-list vpn_splitTunnelAcl standard permit any
access-list inside_nat0_outbound extended permit ip any 10.0.0.192 255.255.255.192
pager lines 24
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool VPNpool 10.0.0.220-10.0.0.240 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
asdm location Server 255.255.255.255 inside
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp interface smtp Server smtp netmask 255.255.255.255
static (inside,outside) tcp interface pop3 Server pop3 netmask 255.255.255.255
static (inside,outside) tcp interface www Server www netmask 255.255.255.255
static (inside,outside) tcp interface https Server https netmask 255.255.255.255
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable 480
http 10.0.0.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 set pfs group1
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
group-policy vpn internal
group-policy vpn attributes
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value vpn_splitTunnelAcl
username admin password wwYXKJulWcFrrhXN encrypted privilege 15
username VPNuser password fRPIQoKPyxym36g7 encrypted privilege 15
username VPNuser attributes
vpn-group-policy vpn
tunnel-group vpn type ipsec-ra
tunnel-group vpn general-attributes
address-pool VPNpool
default-group-policy vpn
tunnel-group vpn ipsec-attributes
pre-shared-key *
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect icmp
service-policy global_policy global
prompt hostname context
Cryptochecksum:78864f4099f215f4ebdd710051bdb493 -
Why cant i ping any host/servers behing my Firewall Cisco 5505
Can anyone please help me to figure out what in my configuration of the Cisco asa 5505 is wrong or missing. I have multiple host behind my firewall these hosts run different websites on port 80. I am able to ping the server from one to another but I am not able to ping the servers from the internet. I am using static NAT. Is there a translation issue going on here. Please help me!
========
CISCOASACLOUD# show run
CISCOASACLOUD# show running-config
: Saved
ASA Version 9.0(1)
hostname CISCOASACLOUD
enable password ************* encrypted
passwd ************* encrypted
names
ip local pool VPN_IP_POOL 10.0.2.50-10.0.2.75 mask 255.255.255.0
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 10.0.2.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 82.94.XX.XX 255.255.255.0
ftp mode passive
clock timezone CEST 1
clock summer-time CEDT recurring last Sun Mar 2:00 last Sun Oct 3:00
dns domain-lookup inside
dns domain-lookup outside
dns server-group DefaultDNS
name-server 194.109.104.104
name-server 194.109.9.99
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network VPN_NETWORK
subnet 10.0.2.0 255.255.255.0
object network NETWORK_OBJ_10.0.2.0_24
subnet 10.0.2.0 255.255.255.0
object network NETWORK_OBJ_10.0.2.0_25
subnet 10.0.2.0 255.255.255.128
object network SERVER2003_HTTP
host 10.0.2.104
object network SERVER2003_HTTPS
host 10.0.2.104
object network SERVER2004_HTTP
host 10.0.2.105
object network SERVER2004_HTTPS
host 10.0.2.105
object network SERVER2002_HTTP
host 10.0.2.103
object network SERVER2002_HTTPS
host 10.0.2.103
object network SERVER2002_NAGIOS
host 10.0.2.103
object network SERVER2003_NAGIOS
host 10.0.2.104
object network SERVER2002_NAGIOS_NSCP
host 10.0.2.103
object network SERVER2003_NAGIOS_NSCP
host 10.0.2.104
object network SERVER2004_NAGIOS
host 10.0.2.105
object network SERVER3001_NAGIOS
host 10.0.2.202
object network SERVER2001_NAGIOS
host 10.0.2.102
object network SERVER3001_HTTP
host 10.0.2.202
object network SERVER3001_HTTPS
host 10.0.2.202
object network SERVER2004_FTP
host 10.0.2.105
object network SERVER2004_FTP_TCP
host 10.0.2.105
object network SERVER2004_FTP_SSL
host 10.0.2.105
object network SERVER2005_HTTP
host 10.0.2.106
object network SERVER2005_HTTPS
host 10.0.2.106
object network SERVER3001_ICMP
host 10.0.2.201
access-list Default_Tunnel_Group_Name_VPN_splitTunnelAcl standard permit 10.0.2.0 255.255.255.0
access-list OutsideToInside extended permit tcp any host 10.0.2.104 eq www
access-list OutsideToInside extended permit tcp any host 10.0.2.104 eq https
access-list OutsideToInside extended permit tcp any host 10.0.2.105 eq www
access-list OutsideToInside extended permit tcp any host 10.0.2.105 eq https
access-list OutsideToInside extended permit tcp any host 10.0.2.103 eq www
access-list OutsideToInside extended permit tcp any host 10.0.2.103 eq https
access-list OutsideToInside extended permit tcp any host 10.0.2.102 eq 12489
access-list OutsideToInside extended permit tcp any host 10.0.2.103 eq 12489
access-list OutsideToInside extended permit tcp any host 10.0.2.104 eq 12489
access-list OutsideToInside extended permit tcp any host 10.0.2.105 eq 12489
access-list OutsideToInside extended permit tcp any host 10.0.2.202 eq 12489
access-list OutsideToInside extended permit tcp any host 10.0.2.202 eq www
access-list OutsideToInside extended permit tcp any host 10.0.2.202 eq https
access-list OutsideToInside extended permit tcp any host 10.0.2.105 eq ftp
access-list OutsideToInside extended permit tcp any host 10.0.2.105 eq ftp-data
access-list OutsideToInside extended permit tcp any host 10.0.2.105 eq 990
access-list OutsideToInside extended permit tcp any host 10.0.2.106 eq www
access-list OutsideToInside extended permit tcp any host 10.0.2.106 eq https
access-list inside_access_in extended permit ip any any
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside) source static any any destination static VPN_NETWORK VPN_NETWORK route-lookup
nat (inside,outside) source static NETWORK_OBJ_10.0.2.0_24 NETWORK_OBJ_10.0.2.0_24 destination static NETWORK_OBJ_10.0.2.0_25 NETWORK_OBJ_10.0.2.0_25 no-proxy-arp route-lookup
object network obj_any
nat (inside,outside) dynamic interface
object network SERVER2003_HTTP
nat (inside,outside) static 82.94.XXX.XXX service tcp www www
object network SERVER2003_HTTPS
nat (inside,outside) static 82.94.XXX.XXX service tcp https https
object network SERVER2004_HTTP
nat (inside,outside) static 82.94.XXX.XXX service tcp www www
object network SERVER2004_HTTPS
nat (inside,outside) static 82.94.XXX.XXX service tcp https https
object network SERVER2002_HTTP
nat (inside,outside) static 82.94.XXX.XXX service tcp www www
object network SERVER2002_HTTPS
nat (inside,outside) static 82.94.XXX.XXX service tcp https https
object network SERVER2002_NAGIOS
nat (inside,outside) static 82.94.XXX.XXX service tcp 12489 12489
object network SERVER2003_NAGIOS
nat (inside,outside) static 82.94.XXX.XXX service tcp 12489 12489
object network SERVER2004_NAGIOS
nat (inside,outside) static 82.94.XXX.XXX service tcp 12489 12489
object network SERVER3001_NAGIOS
nat (inside,outside) static 82.94.XXX.XXX service tcp 12489 12489
object network SERVER2001_NAGIOS
nat (inside,outside) static 82.94.XXX.XXX service tcp 12489 12489
object network SERVER3001_HTTP
nat (inside,outside) static 82.94.XXX.XXX service tcp www www
object network SERVER3001_HTTPS
nat (inside,outside) static 82.94.XXX.XXX service tcp https https
object network SERVER2004_FTP
nat (inside,outside) static 82.94.XXX.XXX service tcp ftp ftp
object network SERVER2004_FTP_TCP
nat (inside,outside) static 82.94.XXX.XXX service tcp ftp-data ftp-data
object network SERVER2004_FTP_SSL
nat (inside,outside) static 82.94.XXX.XXX service tcp 990 990
object network SERVER2005_HTTP
nat (inside,outside) static 82.94.XXX.XXX service tcp www www
object network SERVER2005_HTTPS
nat (inside,outside) static 82.94.XXX.XXX service tcp https https
access-group inside_access_in in interface inside
access-group OutsideToInside in interface outside
route outside 0.0.0.0 0.0.0.0 82.94.XXX.XXX 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
user-identity default-domain LOCAL
aaa authentication serial console LOCAL
aaa authentication ssh console LOCAL
aaa authentication http console LOCAL
http server enable
http XXX.XXX.XXX.XXX 255.255.255.255 outside
http XXX.XXX.XXX.XXX 255.255.255.255 outside
http XXX.XXX.XXX.XXX 255.255.255.255 outside
http XXX.XXX.XXX.XXX 255.255.255.255 outside
http 10.0.2.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec security-association pmtu-aging infinite
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
crypto map outside_map interface outside
crypto ca trustpool policy
crypto ikev1 enable outside
crypto ikev1 policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 10.0.2.0 255.255.255.0 inside
ssh XXX.XXX.XXX.XXX 255.255.255.255 outside
ssh XXX.XXX.XXX.XXX 255.255.255.255 outside
ssh XXX.XXX.XXX.XXX 255.255.255.255 outside
ssh XXX.XXX.XXX.XXX 255.255.255.255 outside
ssh timeout 60
console timeout 0
management-access inside
dhcpd auto_config outside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 213.132.202.192 source outside
ntp server 72.251.252.11 source outside
ntp server 131.211.8.244 source outside
group-policy Default_Tunnel_Group_Name_VPN internal
group-policy Default_Tunnel_Group_Name_VPN attributes
dns-server value 194.109.104.104 194.109.9.99
vpn-tunnel-protocol ikev1
split-tunnel-policy tunnelspecified
split-tunnel-network-list value
Default_Tunnel_Group_Name_VPN_splitTunnelAcl
username ******* password ************* encrypted privilege 0
username ******* attributes
vpn-group-policy Default_Tunnel_Group_Name_VPN
username ******* password ************* encrypted privilege 15
username ******* password ************* encrypted privilege 0
username ******* attributes
vpn-group-policy Default_Tunnel_Group_Name_VPN
username ******* password ************* encrypted privilege 0
username ******* attributes
vpn-group-policy Default_Tunnel_Group_Name_VPN
tunnel-group Default_Tunnel_Group_Name_VPN type remote-access
tunnel-group Default_Tunnel_Group_Name_VPN general-attributes
address-pool VPN_IP_POOL
default-group-policy Default_Tunnel_Group_Name_VPN
tunnel-group Default_Tunnel_Group_Name_VPN ipsec-attributes
ikev1 pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
inspect icmp error
inspect ftp
inspect icmp
service-policy global_policy global
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:655f9d00d6ed1c593506cbf9a876cd49
: end
CISCOASACLOUD#Hi Ron,
I have found the solution!
Indeed I had to extend my access-list on my outside interface!!!
I have succeeded using ASDM.
First I created a NEW network object for each of my servers. When you create a new object you will be asked for the internal IP address and "this is where the magic happens" you have to set the NAT IP address (the external address) !!!
Secondly I extended my access-list on my outside interface by defining every server and the required service (echo, echo-reply) in the "Public server list". When I performed these 2 steps I was able to ping the server from the internet.
My access-list looks the following now:
access-list OutsideToInside extended permit icmp any4 object SERVER2003 object-group DM_INLINE_ICMP_2
access-list OutsideToInside extended permit icmp any4 object SERVER2002 object-group DM_INLINE_ICMP_1
access-list OutsideToInside extended permit icmp any4 object SERVER2004 object-group DM_INLINE_ICMP_0
object network SERVER2004
nat (inside,outside) static 82.94.xxx.xxx
object network SERVER2002
nat (inside,outside) static 82.94.xxx.xxx
object network SERVER2003
nat (inside,outside) static 82.94.xxx.xxx
Maybe you are looking for
-
Okay I'm having two problems that go with my everyday life, which started with the newest ios update but I'm not sure if its fix able. Now the first one I'm having is wifi, it can't find it/saying there is no wifi around me...I'm at home or any other
-
30GB iPod Video not being recognized by iTunes and low battery warning
This is without a USB connection to mu Vista machine 1. I hear a clicking sound (it comes from the HD) on start up. 2. A dark Apple icon appears 3. Then the back light comes on with the sad face iPod icon and exclamation point. 4. It then shuts down
-
I have all my videos on an external hd, and i used to stream everything (movies would be in shared movies, not my movies), but I synced my atv and it's been a nightmare, movies don't always appear on the list, they stop to buffer, or just stop comple
-
I'm looking at buying a used Macbook Pro. Warranty runs out in June. I am wondering if I can purchase Applecare as long as I do it before June & if I can, what I need/how I go about doing so? Thanks.
-
has anyone here been able to install 9i AS on Red Hat Linux 7.0? i can't even open the universal installer! all i get is a SIGSEGV error upon runnign runInstaller! anybody know how to solve this problem?