11.0.3 AR Patchset G / AutoAccounting Rules Restrictions
Recently applied patchset G for 11.0.3 and now having trouble
with AutoAccounting Rules when running AutoInvoice or creating
an Invoice manually. Getting messages 'Please correct the
receivable account assignment' and 'Please correct the revenue
account assignment'. AA is setup to pull the cost center
segment from the standard lines for revenue. Support is telling
me that they have restricted the cost center segment to only
accept 000's. The account segment is defined as an account type
of revenue. Problem 1. Problem 2, the receivables account AA
is setup for constants for everything but the company segment.
The account segment that is set as our constant has been defined
as an account type of Asset. Support is telling me we have to
put a revenue account type in there. My accounting department is
telling me that cannot be revenue. These setups worked fine
with patchset E but now cause a problem. Support has only been
able to provide technical answers and not explain functionality
reasons why this was done or what we're suppose to do now. Any
ideas/thoughts?
user130038 wrote:
Hi there
I have to build two new servers with following configuration:
Platform: RHEL 6.2 64bit
Oracle RDBMS: 11gR2 (10.2.0.3)
Grid Infra (ASM): 11gR2 (10.2.0.3)
I have downloaded the files for RDBMS 11.2.0.3 but I could only find Grid Infra 11.2.0.1 download. I have found an MOS doc (ID 1362393.1) which says to download patchset which contains the “Oracle Grid Infrastructure (includes Oracle ASM, Oracle Clusterware and Oracle Restart)”.
I have two questions:
If I am installing 11.2.0.3 for RDBMS, do I have to install 11.2.0.3 for Grid Infra as well OR can I also install 11.2.0.1? What is better approach?
Is this patchset (for Grid Infra from the above mentioned MOS) a complete installation OR I have to install 11.2.0.1 first and then patch it to 11.2.0.3?
Thank you so much!
Oracle RDBMS: 11gR2 (10.2.0.3)
Grid Infra (ASM): 11gR2 (10.2.0.3)
First thing you need to do is make up your mind about which version you want. 11gR2 is 11.2 -- Not 10.2
Similar Messages
-
Link an accounting workflow with autoaccounting rules?
Hello,
Is there a way to link the accounting generator workflows of requisition, purchase order, invoices, etc. to an autoaccounting rule defined in projects autoaccounting?
RegardsHi
There is no direct link between the two tools.
However, if you use a lookup set in AA you can refer to the same lookup set by the Account Generaor.
Dina -
Transport Rules - Restricting inbound Domains (How to allow subdomains?)
We have a transport rule that blocks all outside emails unless a user is in a security group then it will allow the domains that are in the "except when the from address contains" exception.
What we are finding is if we have contoso.com in the exception list and its abc.contoso.com the abc.contoso.com gets blocked. But we would need to allow both contoso.com and abc.contoso.com
I read somewhere (can't find it now) you could do contoso.com$ and it would allow subdomains but it does not seem to be working.
Any assistance would be great.Hi Ryan,
Agree with Jatin's opinion, you can use "*.contoso.com" instead of "contoso.com" as an exception.
The asterisk ( * ) character matches zero or more instances of the previous character. For example,
ab*c matches the following strings: ac, abc,
abbbbc.
More details refer to the following article:
Regular Expressions in Transport Rules
Best regards,
Niko Cheng
TechNet Community Support -
Rules - Restricted list configuration
Hi,
I would like to restrict the list of authors. Now i have in the list 2 users who start with prefix IPM. I don't want tu have there two users in the list. Now, I used Rules and "Has restricted list".
So I want to get all users without users with the prefix IPM.
I tried to use Java regular expressions, but i cannot find negation of expression.
^IPM - nothing
Can you write me the correct expression?
Thank you
MartinYes, yes, yes...... This is correct ;o))
Thank you very much.
Martin -
Open firewall Ports despite DENY- ALL access rule
Hi,
See below my firewall rules.
Despite the deny all, runnning nmap from outside still reveals open ports.
name 202.1.53.41 fw1.outside.irc.com
interface GigabitEthernet0/0
nameif inside
security-level 0
ip address fw1.inside.irc.com 255.255.252.0 standby 172.16.86.219
interface GigabitEthernet0/1
nameif SSN-DMZ
security-level 0
ip address 10.20.2.1 255.255.255.0 standby 10.20.2.2
interface GigabitEthernet0/2
nameif Outside
security-level 0
ip address fw1.outside.irc.com 255.255.255.248 standby NAT-202.1.53.45
interface GigabitEthernet0/3
description Internet Access for Wireless clients on the guest network
nameif GuestInternet
security-level 0
ip address 192.168.154.2 255.255.254.0
interface Management0/0
nameif management
security-level 10
ip address 10.10.200.14 255.255.255.0 standby 10.10.200.15
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_2 any host WWW.IRC.COM-PRIV
access-list inside_access_in remark Deny POP3, SSH, TELNET to Deny-Host-Group 172.16.86.246/249
access-list inside_access_in extended deny object-group DENY-HOST-GROUP object-group DENY-HOST-GROUP-1 any
access-list inside_access_in remark Allow SMTP external access to Mail Servers group
access-list inside_access_in extended permit tcp object-group MAIL-GW-GROUP any eq smtp
access-list inside_access_in remark Deny Any other Users from sending mails via smtp
access-list inside_access_in extended deny tcp any any eq smtp
access-list inside_access_in extended deny ip object-group Botnet_Blacklist any
access-list inside_access_in extended deny ip any SPAM_MACHINE 255.255.255.0
access-list inside_access_in extended deny ip any host SPAMIP
access-list inside_access_in extended permit ip object-group Socialsites_Allowed object-group Facebook
access-list inside_access_in extended deny object-group DM_INLINE_SERVICE_8 any object-group Facebook
access-list inside_access_in remark Rule to block Internal users from accessing youtube
access-list inside_access_in extended deny object-group DM_INLINE_SERVICE_9 any object-group YoutubeIPs
access-list inside_access_in remark Suspected Virus Ports
access-list inside_access_in extended deny tcp any any object-group DM_INLINE_TCP_17
access-list inside_access_in remark Ports Commonly used by Botnet and Malwares
access-list inside_access_in extended deny tcp any any object-group IRC
access-list inside_access_in remark Allow Access to External DNS to ALL
access-list inside_access_in extended permit object-group DNS-GROUP object-group DNS-SERVERS object-group External_DNS_Servers
access-list inside_access_in remark Allow Any to Any on Custom TCP/UDP services
access-list inside_access_in extended permit tcp any any object-group DM_INLINE_TCP_12
access-list inside_access_in remark Allow Any to Any VPN Protocols group
access-list inside_access_in extended permit object-group VPN-GROUP any any
access-list inside_access_in extended permit ip any host pomttdbsvr
access-list inside_access_in remark Allow Access to DMZ from Inside
access-list inside_access_in extended permit tcp any any object-group DM_INLINE_TCP_10
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_5 any 10.20.2.0 255.255.255.0
access-list inside_access_in extended permit tcp any any eq pop3
access-list inside_access_in extended permit object-group Web-Access-Group any any
access-list inside_access_in remark DNS RATING SERVICE FOR BLUECOAT SG510 PROXY
access-list inside_access_in extended permit tcp object-group DM_INLINE_NETWORK_11 object-group DM_INLINE_NETWORK_4 eq www inactive
access-list inside_access_in extended permit tcp any host 202.165.193.134 object-group DM_INLINE_TCP_3
access-list inside_access_in remark Yahoo Messenger Test
access-list inside_access_in extended permit tcp any any object-group YahooMessenger
access-list inside_access_in extended permit ip host AVIRUSMAN 192.168.254.0 255.255.255.0
access-list inside_access_in extended permit tcp any any object-group smile
access-list inside_access_in extended permit udp any host smile.telinet.com.pg object-group smile-udp
access-list inside_access_in remark testing access for mobile phones behind wireless router
access-list inside_access_in extended permit ip host Wireless-Router any inactive
access-list inside_access_in extended permit tcp any any object-group FTP-Service-Group inactive
access-list inside_access_in extended permit ip host mailgate.irc.com any
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 object-group DM_INLINE_NETWORK_2 any object-group NTP
access-list inside_access_in extended permit tcp any any object-group web-email-services
access-list inside_access_in remark Murray PC
access-list inside_access_in extended permit ip host 10.100.20.36 any
access-list inside_access_in extended permit tcp any any object-group Itec-Citrix
access-list inside_access_in extended permit ip host EP200 any
access-list inside_access_in extended permit tcp any any object-group TCP-SMTP
access-list inside_access_in extended permit tcp any host 202.165.193.134 eq 3391
access-list inside_access_in extended permit ip object-group IT-Servers any
access-list inside_access_in extended permit tcp any any object-group DM_INLINE_TCP_1
access-list inside_access_in extended permit ip object-group DM_INLINE_NETWORK_14 any inactive
access-list inside_access_in extended permit ip host 10.100.20.23 any
access-list inside_access_in extended permit tcp host NOC-NMS-CDMA host 202.165.193.134 object-group DM_INLINE_TCP_4
access-list inside_access_in extended permit tcp object-group DM_INLINE_NETWORK_12 object-group Bluecoat-DNS-Rating eq www
access-list inside_access_in extended permit ip object-group DM_INLINE_NETWORK_13 any
access-list inside_access_in extended permit udp host solarwinds-server any eq snmp
access-list inside_access_in extended permit tcp host kaikai any object-group test-u inactive
access-list inside_access_in extended permit tcp any host fw1.outside.irc.com object-group TCP-88
access-list inside_access_in extended permit udp host solarwinds-server any object-group DM_INLINE_UDP_1
access-list inside_access_in extended permit ip host IN-WEB-APP-SERVER any
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 host KMS-Server any object-group KMS
access-list inside_access_in extended permit tcp any any object-group TeamVIewer-TCP
access-list inside_access_in extended permit icmp any any traceroute
access-list inside_access_in extended permit ip host KMS-Server any
access-list inside_access_in extended deny ip any host 87.255.51.229
access-list inside_access_in extended deny ip any host 82.165.47.44
access-list inside_access_in extended permit ip host InterConnect-BillingBox any
access-list inside_access_in extended permit icmp any host fw1.outside.irc.com
access-list inside_access_in extended permit icmp any any
access-list inside_access_in remark For ACCESS MPLS team
access-list inside_access_in extended permit tcp any host 202.165.193.134 object-group RDP-MPLS-Huawei
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 host mailgate.irc.com any eq domain
access-list inside_access_in extended permit tcp any host 66.147.244.58 object-group SMTP-26
access-list inside_access_in extended deny object-group DM_INLINE_PROTOCOL_1 any any object-group Airfiji-SW
access-list inside_access_in extended permit tcp host chief.bula.irc.com any
access-list inside_access_in extended permit ip host Avabill86.181 any
access-list inside_access_in extended permit ip any object-group AVG
access-list inside_access_in extended permit ip host solarwinds-server any
access-list inside_access_in extended permit tcp host 172.16.87.219 any object-group TCP-4948
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_10 any host Avabill_Consultant_IP_Sri-Lanka
access-list inside_access_in extended permit tcp any host 69.164.201.123 eq smtp inactive
access-list inside_access_in extended permit tcp any any object-group GMAIL inactive
access-list inside_access_in extended permit tcp any any object-group NOC1
access-list inside_access_in extended permit ip host solarwinds-server 10.10.200.0 255.255.255.0
access-list inside_access_in extended permit tcp any host smile.telinet.com.fj object-group tcp-20080-30080
access-list inside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any any object-group SIP-5060-5062
access-list inside_access_in extended permit ip host LYNC-2013-SERVER any
access-list inside_access_in extended permit object-group DM_INLINE_SERVICE_7 object-group Lync_Servers any
access-list inside_access_in extended permit object-group VPN-GROUP host 10.100.20.94 any inactive
access-list inside_access_in remark Pocket Solutions -TEMP
access-list inside_access_in extended permit ip host 10.100.20.121 any
access-list inside_access_in extended permit tcp host John_sibunakau any object-group JohnTESTPort inactive
access-list inside_access_in extended permit ip host CiscoRadiusTestPC any
access-list inside_access_in extended permit ip any host HungaryServer inactive
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com eq ssh
access-list Outside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any host fw1.outside.irc.com object-group itec-support-tcp-udp
access-list Outside_access_in remark Allow All to NAT Address on SSL/SSH/SFTP(2222)
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group DM_INLINE_TCP_9
access-list Outside_access_in remark Allow All to Outside On Fujitsu and 777-7778 ports
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group DM_INLINE_TCP_8
access-list Outside_access_in remark Allow all to Outside on Custom ports
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group DM_INLINE_TCP_7
access-list Outside_access_in remark Allow Inbound HTTP to WWW.IRC.COM
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com eq www
access-list Outside_access_in extended permit icmp any host fw1.outside.irc.com
access-list Outside_access_in extended permit object-group TCPUDP any host fw1.outside.irc.com object-group BrouardsGroup
access-list Outside_access_in remark Allow ALL to RealVNC ports
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group RealVNC-TCP5900
access-list Outside_access_in remark Allow ALL access to 202.1.53.43 on RealVNC ports
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group RealVNC-TCP5900
access-list Outside_access_in remark Allow DNS queries from Internet to DNS server
access-list Outside_access_in extended permit object-group TCPUDP object-group ITEC-Group-Inbound host fw1.outside.irc.com object-group itec-sftp
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group DM_INLINE_TCP_14
access-list Outside_access_in extended permit object-group DM_INLINE_SERVICE_1 host SkyTel host fw1.outside.irc.com
access-list Outside_access_in remark Telinet/Inomial temp access to test machine M.Orshansky
access-list Outside_access_in extended permit tcp host 203.92.29.151 host fw1.outside.irc.com eq 3390
access-list Outside_access_in extended permit tcp any host NAT-202.58.130.43 object-group RDP
access-list Outside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 object-group ITEC-Group-Inbound host fw1.outside.telikompng.com.pg object-group INTEC-Service
access-list Outside_access_in extended permit tcp host 220.233.157.98 host fw1.outside.irc.com eq ssh inactive
access-list Outside_access_in extended permit ip any host fw1.outside.telikompng.com.pg
access-list Outside_access_in extended permit tcp any host fw1.outside.telikompng.com.pg object-group CRM
access-list Outside_access_in extended permit tcp any host fw1.outside.telikompng.com.pg object-group HTTP-8010-CRM
access-list Outside_access_in extended permit tcp any host fw1.outside.telikompng.com.pg object-group HTTP-8005-CRM
access-list Outside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any any object-group NTP
access-list Outside_access_in extended permit object-group DM_INLINE_PROTOCOL_1 any host fw1.outside.irc.com object-group DNS
access-list Outside_access_in remark Ultra VNC connection to 172.16.84.34@nadi Exchange
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group UVNC
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group UVNC-HTTP
access-list Outside_access_in extended permit tcp any host fw1.outside.irc.com object-group POP3-SSL
access-list Outside_access_in extended permit object-group EMAIL-SMARTPHONES any host fw1.outside.irc.com
access-list Outside_access_in extended permit tcp any host fw1.outside.telikompng.com.pg object-group exchange-RPC
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group exchange-RPC
access-list Outside_access_in extended permit icmp any host NAT-202.1.53.43
access-list Outside_access_in remark Access to Solarwinds Management box
access-list Outside_access_in extended permit tcp any host NAT-202.1.53.43 object-group Solarwinds
access-list SSN-DMZ_access_in remark Permit DNS Quiries out of DMZ
access-list SSN-DMZ_access_in extended permit object-group TCPUDP any any eq domain
access-list SSN-DMZ_access_in remark Allow SQL ports out of DMZ to Host 172.16.86.70
access-list SSN-DMZ_access_in extended permit tcp any host HOST-172.16.86.70 object-group SQL-Group
access-list SSN-DMZ_access_in remark Allow Custom protocols out of DMZ to host 172.16.86.27
access-list SSN-DMZ_access_in extended permit tcp any host HOST-172.16.86.27 object-group DM_INLINE_TCP_2
access-list SSN-DMZ_access_in extended permit tcp host suva-vdc-int2.suva.irc.com host WWW.IRC.COM=PRIV eq 3389
access-list SSN-DMZ_access_in extended permit object-group Web-Access-Group host WWW.IRC.COM-PRIV any
access-list SSN-DMZ_access_in extended permit tcp any host WWW.IRC.COM.-PRIV object-group DMZ-WebAccess
access-list SSN-DMZ_access_in extended permit ip host pomlynedsvr01_access any
access-list SSN-DMZ_access_in extended permit ip host pomlynedsvr01_webcon any
access-list SSN-DMZ_access_in extended permit ip host pomlynedsvr01_AV any
access-list inside_nat0_outbound extended permit ip any 192.168.254.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip object-group DM_INLINE_NETWORK_6 host 10.10.200.1
access-list inside_nat0_outbound extended permit ip any host WWW.IRC.COM-PRIV
access-list inside_nat0_outbound extended permit ip host ns.irc.com any
access-list inside_nat0_outbound extended permit ip any 10.200.200.0 255.255.255.0
access-list Outside_nat0_outbound extended permit ip 192.168.254.0 255.255.255.0 any
access-list Outside_nat0_outbound extended permit ip mcr_Management 255.255.255.0 any
access-list alcatel-my remark Allow Alcatel-my access to TIRC(1)
access-list alcatel-my standard permit 172.16.24.0 255.255.252.0
access-list alcatel-my remark Allow Alcatel-my access to TIRC(2)
access-list alcatel-my standard permit 172.16.84.0 255.255.252.0
access-list 131 extended permit ip host MICHAEL any
access-list management_access_in extended permit ip 10.10.200.0 255.255.255.0 mcr_Management 255.255.255.0
access-list management_access_in extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_5
access-list management_access_in extended permit object-group Web-Access-Group host 10.10.200.1 any
access-list management_access_in extended permit ip host 10.10.200.1 host 172.16.87.47
access-list management_access_in extended permit ip host 10.10.200.1 host IN-WSC
access-list management_access_in extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_8
access-list management_access_in extended permit tcp host 10.10.200.1 object-group DM_INLINE_NETWORK_3 eq 3389
access-list management_access_in remark To BlueCaot Appliances
access-list management_access_in extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_1
access-list management_access_in extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_7
access-list management_access_in extended permit tcp 10.10.200.0 255.255.255.0 object-group Management_Hosts object-group RDP
access-list management_access_in extended permit icmp host 10.10.200.1 any traceroute
access-list management_access_in extended permit ip host 10.10.200.1 host NOC-NMS-CDMA
access-list management_access_in extended permit object-group DM_INLINE_SERVICE_3 host 10.10.200.1 any
access-list management_access_in extended permit tcp host 10.10.200.1 any eq ftp
access-list management_access_in extended permit tcp host bula host 10.10.200.1 object-group RDP inactive
access-list management_access_in extended permit tcp host 10.100.20.23 host 10.10.200.1 object-group RDP
access-list management_access_in extended permit ip host 10.10.200.1 any
access-list management_access_in extended permit ip host solarwinds-server 10.10.200.0 255.255.255.0
access-list management_access_in extended permit ip 10.10.200.0 255.255.255.0 host solarwinds-server
access-list management_access_in extended permit ip any any
access-list management_access_in extended permit ip host 10.10.200.1 host bula inactive
access-list management_access_in extended permit ip any host solarwinds-server
access-list management_access_in extended permit ip host solarwinds-server any
access-list management_access_in extended permit ip object-group PacketFence-Servers 10.10.200.0 255.255.255.0
access-list management_access_in extended permit ip 10.10.200.0 255.255.255.0 object-group PacketFence-Servers
access-list management_access_in extended permit ip object-group 3750-Switches host solarwinds-server
access-list management_access_in extended permit ip 10.10.200.0 255.255.255.0 host 10.10.200.1
access-list management_access_in extended permit ip host 10.10.200.1 10.10.200.0 255.255.255.0
access-list Outside_access_in_1 extended permit ip any any
access-list management_access_in_1 extended permit ip mcr_Management 255.255.255.0 any
access-list inside-networks remark internal tpng corporate subnetwork
access-list inside-networks standard permit 172.16.84.0 255.255.252.0
access-list inside-networks remark dms10
access-list inside-networks standard permit host 10.10.0.0
access-list 84-subnet remark 84 subnet
access-list 84-subnet standard permit 172.16.84.0 255.255.252.0
access-list 84-subnet remark 4 subnet
access-list 84-subnet standard permit inside-network-extra-subnet 255.255.252.0
access-list split-tunnel remark 84 subnet
access-list split-tunnel standard permit 172.16.84.0 255.255.252.0
access-list split-tunnel remark 4 subnet
access-list split-tunnel standard permit inside-network-extra-subnet 255.255.252.0
access-list split-tunnel remark Access to internal POP3 server
access-list split-tunnel standard permit host neptune.waigani.telikompng.com.pg
access-list split-tunnel remark Access to internal SMTP server
access-list split-tunnel standard permit host minerva.suva.irc.com
access-list split-tunnel remark Allow access to the 24 subnet
access-list split-tunnel standard permit 172.16.24.0 255.255.252.0
access-list split-tunnel standard permit Cisco-VLans 255.255.0.0
access-list inside_authentication extended permit tcp any object-group DM_INLINE_TCP_11 any object-group DM_INLINE_TCP_13 time-range WorkingHours inactive
access-list itsupport standard permit NOC 255.255.252.0
access-list itsupport standard permit 172.16.96.0 255.255.252.0
access-list itsupport standard permit 10.20.2.0 255.255.255.0
access-list itsupport standard permit 10.10.200.0 255.255.255.0
access-list itsupport standard permit 172.16.84.0 255.255.252.0
access-list itsupport standard permit inside-network-extra-subnet 255.255.252.0
access-list itsupport standard permit 10.2.1.0 255.255.255.0
access-list itsupport standard permit 172.16.88.0 255.255.252.0
access-list itsupport standard permit Cisco-VLans 255.255.0.0
access-list itsupport remark Access to IT-LAN-UPGRADE Network
access-list itsupport standard permit IT-NETWORK-NEW 255.255.0.0
access-list itsupport remark KWU Exchange subnet
access-list itsupport standard permit 172.16.188.0 255.255.252.0
access-list itsupport standard permit ATM-Network 255.255.0.0
access-list global_mpc extended permit ip any any
access-list management_nat0_outbound extended permit ip any inside-network-extra-subnet 255.255.252.0 inactive
access-list management_nat0_outbound extended permit ip mcr_Management 255.255.255.0 any
access-list management_nat0_outbound extended permit ip any object-group DM_INLINE_NETWORK_9
access-list management_nat0_outbound extended permit ip host 10.10.200.1 object-group Management_Hosts
access-list management_nat0_outbound extended permit ip any 172.16.84.0 255.255.252.0
access-list management_nat0_outbound extended permit ip any MCR_POM 255.255.255.0
access-list management_nat0_outbound extended permit ip host 10.10.200.1 object-group DM_INLINE_NETWORK_10
access-list management_nat0_outbound extended permit ip any Cisco-VLans 255.255.0.0
access-list management_nat0_outbound extended permit ip 10.10.200.0 255.255.255.0 host solarwinds-server
access-list management_nat0_outbound extended permit ip 10.10.200.0 255.255.255.0 object-group DM_INLINE_NETWORK_15
access-list Capture extended permit ip any host 192.118.82.140
access-list Capture extended permit ip host 192.118.82.140 any
access-list Capture extended permit ip host 192.118.82.160 any
access-list Capture extended permit ip any host 192.118.82.160
a
access-list inside-network-access-only remark Allow Maggie Talig access to the 84 subnet only
access-list inside-network-access-only standard permit 172.16.84.0 255.255.252.0
access-list inside-network-access-only remark Allow Maggie Talig access to the 4 subnet only
access-list inside-network-access-only standard permit inside-network-extra-subnet 255.255.252.0
access-list SSN-DMZ_nat0_outbound extended permit ip host WWW.IRC.COM-PRIV object-group Internal-Networks
access-list inside_nat0_outbound_1 extended permit ip host AVIRUSMAN 192.168.254.0 255.255.255.0
access-list NETFLOW extended permit tcp any any
access-list NETFLOW extended permit object-group DNS-GROUP any host fw1.outside.irc.com
access-list NETFLOW extended permit object-group DM_INLINE_SERVICE_6 any host fw1.outside.irc.com
access-list NETFLOW extended permit udp any host fw1.outside.irc.com
access-list NETFLOW extended permit tcp any host fw1.outside.irc.com eq smtp
access-list NETFLOW extended permit tcp any host fw1.outside.irc.com object-group DM_INLINE_TCP_5
access-list NETFLOW extended permit tcp any host fw1.outside.irc.com object-group TCP-8080
access-list NETFLOW extended permit object-group DM_INLINE_SERVICE_4 any host NAT-202.58.130.43
access-list NETFLOW remark Reverse Proxy Inbound Rules from Internet- Lync 2013 Project - Lync Simple URLs
access-list NETFLOW extended permit tcp any host 202.58.130.69 object-group DM_INLINE_TCP_6
access-list NETFLOW remark Lync Edge Access Inbound Rule - Restricting Inbound
access-list NETFLOW extended permit object-group pomlynedsvr01_access_Outside_to_DMZ any host 202.58.130.66
access-list NETFLOW remark Lync Edge Outside to Inside for AV Interface
access-list NETFLOW extended permit object-group pomlynedsvr01_webcon_outside_to_DMZ any host 202.58.130.67
access-list NETFLOW extended permit object-group pomlynedsvr01_AV_Outside_to_DMZ any host 202.58.130.68
access-list NETFLOW extended permit object-group DM_INLINE_SERVICE_11 any host NAT-fijiircdata
access-list NETFLOW extended deny ip host SPAMIP any
access-list NETFLOW extended deny ip SPAM_MACHINE 255.255.255.0 any
access-list NETFLOW extended deny ip host 220.233.157.99 any log debugging
access-list Huawei-Access-Networks remark HUawei-Network-Elements
access-list Huawei-Access-Networks standard permit 192.168.200.0 255.255.255.0
access-list Huawei-Access-Networks remark Access to Ela Beach MPLS network
access-list Huawei-Access-Networks standard permit 10.100.70.0 255.255.255.0
access-list Huawei-Access-Networks remark Huawei Network elements
access-list Huawei-Access-Networks standard permit 192.168.210.0 255.255.255.0
access-list Huawei-Access-Networks remark Huawei network elements
access-list Huawei-Access-Networks standard permit 192.168.213.0 255.255.255.0
access-list management_nat0_outbound_1 extended permit ip host solarwinds-server 10.10.200.0 255.255.255.0
access-list Alcatel-NMS-ACL remark Access allowed to Alcatel NMS devices in NOC
access-list Alcatel-NMS-ACL standard permit 10.2.1.0 255.255.255.0
access-list Business-Systems-Access remark Mail Server 1
access-list Business-Systems-Access standard permit host neptune.waigani.telikompng.com.pg
access-list Business-Systems-Access remark Mail Server 2
access-list Business-Systems-Access standard permit host minerva.waigani.telikompng.com.pg
access-list Business-Systems-Access remark SAP PROD
access-list Business-Systems-Access standard permit host SAP-SAPPROD
access-list Business-Systems-Access remark Avabill Application Server
access-list Business-Systems-Access standard permit host Avabill86.177
access-list Business-Systems-Access remark Backup Avabill Application Server
access-list Business-Systems-Access standard permit host Avabill84.170
access-list Business-Systems-Access remark HRSelfcare
access-list Business-Systems-Access standard permit host HOST-172.16.86.248
access-list Business-Systems-Access remark Intranet Server
access-list Business-Systems-Access standard permit host 172.16.85.32
access-list IT-Systems-Support remark Access to inside network
access-list IT-Systems-Support standard permit 172.16.84.0 255.255.252.0
access-list IT-Systems-Support remark Access to IN netwwork
access-list IT-Systems-Support standard permit 172.16.88.0 255.255.252.0
access-list IT-Systems-Support standard permit Cisco-VLans 255.255.0.0
access-list Systems-XS remark Access to 84 subnet
access-list Systems-XS standard permit 172.16.84.0 255.255.252.0
access-list Systems-XS remark Access to .4 subnet
access-list Systems-XS standard permit inside-network-extra-subnet 255.255.252.0
access-list Systems-XS remark Access to 10.100.x.x/24
access-list Systems-XS standard permit Cisco-VLans 255.255.0.0
access-list Huawei-NOC standard permit 172.16.84.0 255.255.252.0
access-list Huawei-NOC standard permit Cisco-VLans 255.255.0.0
access-list Huawei-NOC standard permit HASUT 255.255.255.0
access-list Huawei-NOC standard permit IT-NETWORK-NEW 255.255.0.0
access-list efdata remark Allow efdata access to above device as per request by chris mkao
access-list efdata standard permit 172.16.92.0 255.255.252.0
access-list test standard permit 172.16.92.0 255.255.252.0
access-list Ghu_ES_LAN remark Allow efdata access to fij ES LAN
access-list Ghu_ES_LAN extended permit ip any 172.16.92.0 255.255.252.0
access-list GuestInternet_access_in extended permit ip any any
global (inside) 1 interface
global (SSN-DMZ) 1 interface
global (Outside) 1 interface
global (management) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 0 access-list inside_nat0_outbound_1 outside
nat (inside) 1 0.0.0.0 0.0.0.0
nat (SSN-DMZ) 0 access-list SSN-DMZ_nat0_outbound
nat (SSN-DMZ) 1 WWW.IRC.COM-PRIV 255.255.255.255
nat (Outside) 0 access-list Outside_nat0_outbound
nat (GuestInternet) 1 0.0.0.0 0.0.0.0
nat (management) 0 access-list management_nat0_outbound
nat (management) 0 access-list management_nat0_outbound_1 outside
nat (management) 1 10.10.200.1 255.255.255.255
static (inside,Outside) tcp interface 10103 mailgate.irc.com 10103 netmask 255.255.255.255
static (SSN-DMZ,Outside) tcp interface www WWW.IRC.COM-PRIV www netmask 255.255.255.255
static (inside,Outside) tcp interface smtp mailgate.irc.com smtp netmask 255.255.255.255
static (inside,Outside) tcp interface telnet HOST-172.16.84.144 telnet netmask 255.255.255.255
static (inside,Outside) tcp interface pcanywhere-data HOST-192.168.1.14 pcanywhere-data netmask 255.255.255.255
static (inside,Outside) udp interface pcanywhere-status HOST-192.168.1.14 pcanywhere-status netmask 255.255.255.255
static (inside,Outside) tcp interface ssh InterConnect-BillingBox ssh netmask 255.255.255.255
static (inside,Outside) udp interface ntp confusious.suva.irc.com ntp netmask 255.255.255.255
static (inside,Outside) tcp interface 10002 HOST-172.16.200.121 10002 netmask 255.255.255.255
static (inside,Outside) tcp interface 10003 HOST-172.16.200.122 10003 netmask 255.255.255.255
static (inside,Outside) tcp interface 10004 HOST-172.16.41.26 10004 netmask 255.255.255.255
static (inside,Outside) tcp interface 10005 HOST-172.16.41.27 10005 netmask 255.255.255.255
static (inside,Outside) tcp interface https Avabill86.181 https netmask 255.255.255.255
static (inside,Outside) tcp interface 7778 Avabill86.181 7778 netmask 255.255.255.255
static (inside,Outside) tcp interface 8080 Avabill86.181 8080 netmask 255.255.255.255
static (inside,Outside) tcp interface 7777 Avabill86.181 7777 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.45 https Avabill86.177 https netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 2222 daywalker.suva.irc.com 2222 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 ftp waigani-pdc-int2.suva.irc.com ftp netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 www neptune.suva.irc.com www netmask 255.255.255.255
static (inside,Outside) tcp interface 5900 Primary1352CM 5900 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 5900 Backup1352CM 5900 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 https neptune.suva.irc.com https netmask 255.255.255.255
static (inside,Outside) tcp interface 24 HOST-172.16.86.87 24 netmask 255.255.255.255
static (inside,Outside) udp interface domain ns.irc.com domain netmask 255.255.255.255
static (inside,Outside) tcp interface pop3 neptune.suva.irc.com pop3 netmask 255.255.255.255
static (inside,Outside) tcp interface 7780 Apache-WebServer 7780 netmask 255.255.255.255
static (inside,Outside) tcp interface 8000 CRM-SERVER2 8000 netmask 255.255.255.255
static (inside,Outside) tcp interface 8010 CRM-SERVER4 8010 netmask 255.255.255.255
static (inside,Outside) tcp interface 8005 CRM-SERVER3 8005 netmask 255.255.255.255
static (inside,Outside) tcp interface 123 confusious.suva.irc.com 123 netmask 255.255.255.255
static (inside,Outside) tcp interface imap4 neptune.suva.irc.com imap4 netmask 255.255.255.255
static (inside,Outside) tcp interface domain ns.irc.com domain netmask 255.255.255.255
static (inside,Outside) tcp interface ftp telitgate.irc.com ftp netmask 255.255.255.255
static (inside,Outside) tcp interface 5901 uvnc-server 5901 netmask 255.255.255.255
static (inside,Outside) tcp interface 5801 uvnc-server 5801 netmask 255.255.255.255
static (inside,Outside) tcp interface 5902 172.16.84.200 5902 netmask 255.255.255.255
static (inside,Outside) tcp interface 5802 172.16.84.200 5802 netmask 255.255.255.255
static (inside,Outside) tcp interface 995 neptune.suva.irc.com 995 netmask 255.255.255.255
static (inside,Outside) tcp interface 993 neptune.suva.irc.com 993 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 6001 neptune.suva.irc.com 6001 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 6002 neptune.suva.irc.com 6002 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 6004 neptune.suva.irc.com 6004 netmask 255.255.255.255
static (inside,Outside) tcp interface 6001 minerva.suva.irc.com 6001 netmask 255.255.255.255
static (inside,Outside) tcp interface 6002 minerva.suva.irc.com 6002 netmask 255.255.255.255
static (inside,Outside) tcp interface 6004 minerva.suva.irc.com 6004 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 8720 solarwinds-server 8720 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 9000 solarwinds-server 9000 netmask 255.255.255.255
static (inside,Outside) tcp interface 2055 solarwinds-server 2055 netmask 255.255.255.255
static (inside,Outside) tcp interface 88 A-10.100.20.250 88 netmask 255.255.255.255
static (inside,Outside) tcp interface 10000 ns.irc.com 10000 netmask 255.255.255.255
static (inside,Outside) udp Ext-R2-Outside-Interface 2055 solarwinds-server 2055 netmask 255.255.255.255
static (inside,Outside) udp Ext-R2-Outside-Interface snmp solarwinds-server snmp netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 135 neptune.suva.irc.com 135 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 3389 BT-DesktopPC 3389 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.65 www IN-WSC www netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.65 https IN-WSC https netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 ssh Avabill86.176 ssh netmask 255.255.255.255
static (Outside,inside) tcp 10.100.20.36 5432 smile.telinet.com.pg 5432 netmask 255.255.255.255
static (inside,Outside) tcp interface 222 chief.suva.irc.com ssh netmask 255.255.255.255
static (inside,Outside) tcp interface 5061 LYNC-2013-SERVER 5061 netmask 255.255.255.255
static (inside,Outside) tcp interface 5432 10.100.20.36 5432 netmask 255.255.255.255
static (inside,Outside) tcp NAT-202.58.130.43 182 dadbsvr www netmask 255.255.255.255
static (SSN-DMZ,Outside) 202.58.130.69 pomlynrprx01 netmask 255.255.255.255
static (SSN-DMZ,Outside) 202.58.130.66 pomlynedsvr01_access netmask 255.255.255.255
static (SSN-DMZ,Outside) 202.58.130.67 pomlynedsvr01_webcon netmask 255.255.255.255
static (SSN-DMZ,Outside) 202.58.130.68 pomlynedsvr01_AV netmask 255.255.255.255
access-group inside_access_in in interface inside
access-group SSN-DMZ_access_in in interface SSN-DMZ
access-group Outside_access_in_1 in interface Outside control-plane
access-group NETFLOW in interface Outside
access-group GuestInternet_access_in in interface GuestInternet
access-group management_access_in_1 in interface management control-plane
access-group management_access_in in interface management
route Outside 0.0.0.0 0.0.0.0 Ext-R1-Inside-Interface 1
route inside 10.2.1.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.8.0.0 255.255.255.0 VPNGATE 1
route inside 10.9.254.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.1.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.2.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.3.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.4.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.5.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.10.10.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 10.15.100.0 255.255.255.0 fw1.outside.irc.com 1
route inside Cisco-VLans 255.255.0.0 Cisco7200 1
route inside VLan20-2F 255.255.255.0 Cisco7200 1
route inside 10.100.67.0 255.255.255.0 IPVPN-Router 1
route inside 10.100.74.0 255.255.255.0 172.16.86.0 1
route inside 10.100.75.0 255.255.255.0 172.16.86.0 1
route inside 10.100.76.0 255.255.255.0 172.16.86.0 1
route inside LAE 255.255.255.0 172.16.86.0 1
route inside 10.100.91.0 255.255.255.0 172.16.86.0 1
route inside 10.100.110.0 255.255.255.0 172.16.86.0 1
route inside 10.100.111.0 255.255.255.0 172.16.86.0 1
route inside 10.100.114.0 255.255.255.0 172.16.86.0 1
route inside 10.200.200.0 255.255.255.0 Cisco7200 1
route inside A-10.250.0.0 255.255.0.0 Cisco7200 1
route inside 10.254.2.0 255.255.255.252 IPVPN-Router 1
route inside 11.11.3.0 255.255.255.0 172.16.86.0 1
route inside 11.11.4.0 255.255.255.0 172.16.86.0 1
route inside 11.11.8.0 255.255.255.0 172.16.86.0 1
route inside 11.11.9.0 255.255.255.0 172.16.86.0 1
route inside 20.200.200.0 255.255.255.0 172.16.86.17 1
route inside inside-network-extra-subnet 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.8.0 255.255.252.0 Cisco7200 1
route inside 172.16.12.0 255.255.252.0 172.16.86.197 1
route inside 172.16.24.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside NOC 255.255.252.0 172.16.87.187 1
route inside 172.16.48.0 255.255.252.0 172.16.84.41 1
route inside 172.16.52.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.56.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.60.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.64.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.68.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.72.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.76.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.80.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.84.185 255.255.255.255 172.16.86.217 1
route inside CRM-SERVER1 255.255.255.255 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.88.0 255.255.252.0 Cisco7200 1
route inside 172.16.92.0 255.255.252.0 Cisco7200 1
route inside 172.16.96.0 255.255.252.0 172.16.87.172 1
route inside 172.16.104.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.108.0 255.255.252.0 IPVPN-Router 1
route inside 172.16.112.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.120.0 255.255.252.0 TFIJIG-CORE-INT-ROUTER 1
route inside 172.16.124.0 255.255.252.0 IPVPN-Router 1
route inside 172.16.128.0 255.255.252.0 172.16.86.185 1
route inside 172.16.132.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.136.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.140.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.144.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.148.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.152.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.156.0 255.255.252.0 IPVPN-Router 1
route inside 172.16.160.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.164.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.168.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.172.0 255.255.252.0 172.16.87.172 1
route inside 172.16.180.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.184.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.188.0 255.255.252.0 172.16.86.85 1
route inside 172.16.188.0 255.255.252.0 Cisco7200 1
route inside 172.16.192.0 255.255.252.0 172.16.86.194 1
route inside 172.16.200.0 255.255.252.0 172.16.87.11 1
route inside 172.16.204.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.208.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.212.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.220.0 255.255.252.0 IPVPN-Router 1
route inside 172.16.224.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.236.0 255.255.252.0 172.16.87.254 1
route inside 172.16.240.0 255.255.252.0 TFIJI-CORE-INT-ROUTER 1
route inside 172.16.248.0 255.255.252.0 IPVPN-Router 1
route inside 172.17.84.0 255.255.255.224 IPVPN-Router 1
route inside 172.18.252.0 255.255.252.0 172.16.84.15 1
route inside 172.20.0.0 255.255.252.0 172.16.87.11 1
route management 172.20.1.32 255.255.255.240 10.10.200.18 1
route inside 192.167.5.0 255.255.255.0 172.16.86.42 1
route inside 192.168.1.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.1.0 255.255.255.0 HOST-172.16.84.144 1
route inside 192.168.1.96 255.255.255.224 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.1.128 255.255.255.224 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.2.0 255.255.255.0 172.16.87.192 1
route inside 192.168.5.0 255.255.255.0 HOST-172.16.84.144 1
route inside 192.168.11.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.150.0 255.255.255.0 IPVPN-Router 1
route inside 192.168.200.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.201.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.202.0 255.255.255.0 TFIJI-CORE-INT-ROUTER 1
route inside 192.168.210.0 255.255.255.0 Cisco7200 1
route inside 192.168.213.0 255.255.255.0 Cisco7200 1
route inside 192.168.254.0 255.255.255.0 fw1.outside.irc.com 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
class-map inspection_default
match default-inspection-traffic
class-map flow_export_class
match access-list global_mpc
policy-map global_policy
class inspection_default
inspect dns
inspect esmtp
inspect h323 h225
inspect h323 ras
inspect icmp error
inspect ipsec-pass-thru
inspect mgcp
inspect rsh
inspect sip
inspect skinny
inspect snmp
inspect tftp
inspect ftp strict
inspect icmp
class flow_export_class
flow-export event-type all destination solarwinds-server
policy-map type inspect dns migrated_dns_map_1
parameters
message-length maximum 512
service-policy global_policy global
smtp-server 172.16.86.16
prompt hostname context
Cryptochecksum:24270eebd6c941fb7b302b034e32bba1
: endHi,
NMAP gives the report for the first firewall interface it hits. In your case you have allowed tcp any any where it allows all the ports. I have mentioned only one example.... There are many in your case....
Also NMAP results will be effective once when you directly connect to outside interface or directly on to the outside LAN.
Regards
Karthik -
Delete Rules between Logical Model and Relational Model are different
Relation Properties in Logical model has three Delete Rules: "RESTRICT", "NO_ACTION", "SET NULL".
1. "RESTRICT" and "NO_ACTION" are same
2. "CASCADE" is missing.
However, Foreign Key Properties in Physical model has three Delete Rules: "RESTRICT", "NO_ACTION", "CASCADE".
1. "RESTRICT" and "NO_ACTION" are same
2. "SET NULL" is missing in this case.
They are supposed to have "NO_ACTION or RESTRICT", "SET NULL", and "CASCADE".
Please fix this ASAP. It is really annoying in Engineering process. Modeler creates duplicate wrong relationships while it engineers.
Thanks.
Edited by: hayangae on Oct 9, 2012 1:01 PM
Edited by: hayangae on Apr 3, 2013 4:08 PMHi,
it seems you are not using the latest version 3.3. In earlier versions - delete rule set on relationship was used only in some cases to set delete rule on related foreign key. Now delete rule is transferred to FK as it's defined on relationship.
I assume you are using Oracle database - "Restrict" doesn't appear anymore for Oracle.
2. "SET NULL" is missing in this case.Most likely the foreign key is set as mandatory thus you cannot use "set null" as option.
Modeler creates duplicate wrong relationships while it engineers.Can you elaborate on that - example?
Philip -
Can VPD Virtual Private DB in 10g replace Oracle Apps security rules?
I read the recent article in Oracle Magazine called 'Testing Database Security', especially the section on Virtual Private Database (VPD), caught my attention. Can this feature of the 10g database be used by the Oracle Apps to restrict access to data through the apps login? We just moved to 10g.
Our current data security is enabled by leveraging security rules attached to responsibilities. Our security rules restrict by operating unit, of which there are 89. It would be great if VPD could be used, as it might replace the need to create 89 separate security rules. We would maintain just one set of policies.
Does anyone know if this can be used on the applications level? If anyone has done this, do you know of a documentation link that would help?
Thanks for your insight.Sebes,
Thanks for the link...it sounds like it may be part of the Oracle future landscape, but for now, we will have to live with security rules.
Sincerely,
Brenda -
Alternate way to implement Calendar Rules
Hi All,
We have a requirement to implement calendar rules for different regions. WE added dummy OU in our studio and tested. Since we have integrated with MSAD Microsoft Active Directory), we are unable to add OU.
Is there any other way to implement Calendar rule restriction using PBL code? or is there any other alternative available??
Kindly help me.
Thanks
Edited by: user12859640 on Sep 6, 2011 3:36 AMEnio,
Realize you're confounded and probably a bit upset but you didn't explain exactly what your problem is. Before you reply though, here are a couple of things to ponder: did any of Apple's techies suggest that you archive all the address books to your HD and delete the address book database, reopen Address Book and reimport the archived files? Also, did any of your discussions with Apple touch on the idea of resetting the synch history on any of your computers and "reseeding" the database on .ME? And I'd definitely like to hear what problems you're having with calendars - I could write a book . Stay in touch.
Mike -
Project Billing "write-off" options
I'm attempting to determine the best method of "writing off" transactions on direct projects that have been reported as billable, accrued revenue but will never be billed. Please consider the following narrative as an example:
A consultant (consultant x) charges April time and expense to project 10001 in a billable capacity (charged transactions to a billable task). The transactions are cost distributed, revenue distributed and an invoice is subsequently produced. All cost and revenue transactions are produced, interfaced and ultimately posted to the general ledger in April. The month of April is closed in PA and the invoices for the April billing cycle are produced. Project 10001's draft invoice includes those charges reported by consultant x and is distributed to the project manager for approval. The project manager reviews the invoice review and determines that consultant x's transactions will never be billed and instructs the accounting group to write off the transactions.
Challenge: we need a way to "write-off" (reduce revenue and change billing status) transactions that will allow for consistent reporting and measurement. Specifically, we need to be able to determine all write-off's (revenue/billing reductions) in a given period that relate to original transactions from an earlier or different period. In short, we want to establish a policy and procedure for consistently processing and reporting these types of conditions.
Proposed Options:
1) use the "special" non-billable adjustment option from either expenditure inquiry or invoice review to change the billing status from billable to non-billable.
Pros:
a) transactions will remain on the project in the capacity they were reported by the employee
b) an adjustment record will be created in the PA_Expend_Item_adj_Activities table which will include the adjustment activity code (i.e. Billable Reclass, Non-billable reclass, billing hold, billing hold release, etc.)
c) history of who created original transactions and adjustments is available (full audit trail)
d) a reversing revenue entry will be created in the PA_Cust_Rev_Dist_Lines_all table which will allow us to track the dates (gl period) of the revenue adjustment and compare it to the original transaction dates.
Cons:
a) to the average users the transaction on a billable task flagged as non-billable with no corresponding revenue may look unusual because there is no description explaining why the adjustment existed. the only way to determine that revenue existed and was subsequently reversed is to look at item details- revenue details.
b)The revenue write-off will be charged to the same accounts (revenue and inventory) that the original transaction was booked to but in reverse. we don't have the ability to deflect the "write-off" to a bad debt account versus a direct write-off of revenue.
c) The employee's utilization calculations will be impacted by changing the billing status of the transactions and reducing the corresponding revenue. we may need to update the utilization report to reflect these types of transactions differently.
2) use the "special" transfer adjustment option to transfer the transaction from the originating billable task to a non-billable destination task on the project in question.
Pros:
a) the average user will easily see that the transaction in question has been reversed and b) the revenue subsequently written off by the negative revenue on the reversal transaction
c) an adjustment record will be created in the PA_Expend_Item_adj_activities table which will include the applicable adjustment activity code(s) (Transfer Back-out, Transfer Originating, Transfer Destination).
d) history of who created original and adjustments is available.
a reversing revenue entry will be made via e) the negative reversal entry created in the PA_Cust_Rev_Dist_Lines_All table.
Cons:
a) the original transaction is being altered (transferred) by accounting. the integrity of the transaction as it was submitted by the source employee may be compromised.
b) there is no easy way for the average end user to know where the transaction was transferred to. the information is available via ad hoc reporting from database tables but looking at expenditure inquiry for a given project you will not be able to determine where the transaction went if it was transferred to another task and many tasks exist or if it was transferred to another project entirely.
c) The revenue write-off will be charged to the same accounts (revenue and inventory) that the original transaction was booked to but in reverse. we don't have the ability to deflect the "write-off" to a bad debt account versus a direct write-off of revenue.
d) The employee's utilization calculations will be impacted by changing the billing status of the transactions and reducing the corresponding revenue. we may need to update the utilization report to reflect these types of transactions differently.
e) As a common practice, each project will need at least one "non-billable" task to capture such write-off transfers.
3) use a write-off event (both revenue and billing) to reduce the project by the aggregate amount of all transactions in question.
Pros:
a) employee specific transactions and ultimately utilization results will not be impacted by the independent event transaction.
b) by modifying our autoaccounting rules we will be able to book the "write-off" to an account other than a revenue account. (I believe, more research necessary)
Cons:
a) No link back to actual transactions.
b) original transactions will remain untouched and will appear as though they were billed and will show up on the invoice and detail reports to the client along with an aggregated event for the total write-off amount.
Any thoughts or opinions you can provide about the best practice in Oracle will be greatly appreciated.
nullDiana,
Here's another response from a (very) senior Projects consultant. Her comments are in CAPS, so they can be dinstinguished from your comments:
"I recommend following the approach she outlines in Section 2, with the following additions:
SECTION 2) use the "special" transfer adjustment option to transfer the Transaction from the originating billable task to a non-billable Destination task on the project in question. CORRECT.
A) SET UP THE WBS TO HAVE A TOP LEVEL NON-BILLABLE TASK, ON EVERY PROJECT, WITH A TASK NUMBER OF :"WRITE-OFF".
B) WRITE AUTOACCOUNTING RULE , BASED ON TASK NUMBER, TO ENSURE THAT ANY TRANSACTIONS CHARGED (TRANSFERRED) TO "WRITE-OFF" TASK WILL BE POSTED TO A "WRITE-OFF/BAD DEBT" ACCT IN GENERAL LEDGER.
C) CREATE A DFF AT THE EXPENDITURE ITEM LEVEL WHICH CAN BE POPULATED AT THE TIME OF TRANSFER, TO INDICATE WHERE THE TRX IS BEING TRANSFERRED TO. IT IS TRUE THAT TRANSFER ACTIVITY REPORT WILL TELL YOU THIS AS WELL, BUT IF YOU
WANT TO SEE IT ONLINE DURING EXPEND. INQ, THEN DFF IS FINE.
D) AS TO CONCERNS ABOUT "THE INTEGRITY" OF THE TRANSACTION AS IT IS SUBMITTED BY THE EMPLOYEE BEING COMPROMISED, THIS IS CERTAINLY POSSIBLE, BUT IF THIS IS A SERIOUS BUSINESS CONCERN, THEN I WOULD CONSIDER CREATING AN ALERT TO THE EMPLOYEE WHO ENTERED THE ORIGINAL TRX, ADVISING THEM OF THE CHANGE AND REQUESTING THEIR REVIEW AND OR APPROVAL OF THE TRANSFERRED TRX. I CAN SEE THIS BECOMING QUITE CUMBERSOME THOUGH, AND, OVERALL, ACCOUNTING DEPARTMENTS MANIPULATE TRANSACTIONS FOR ACCOUNTING PURPOSES ALL THE TIME AS STANDARD PRACTICE, SO I'M NOT SURE WHY THIS IS AN ISSUE HERE.
E) AND LASTLY, IT IS TRUE THAT AS A COMMON PRACTICE, EACH PROJECT WILL NEED A
'WRITE-OFF" TASK AS A STANDARD PART OF IT'S WBS-- SO WHAT? IT'S JUST ONE MORE TASK IN YOUR WBS. BUILD IT INTO YOUR PROJECT TEMPLATES, AND MAKE IT NOT CHARGEABLE UNTIL WRITE OFFS BECOME NECESSARY. AS TO UTILIZATION, THERE IS NOT ENOUGH INFO IN THE CLIENT QUESTION TO ADDRESS THAT ISSUE PROPERLY.
THAT'S ABOUT IT. HOPE THIS HELPS.
BEST REGARDS, PAT"
null -
How to Get the Previous Transactional Data into Special Purpose Ledger
Hi,
1). We have implemented Special Purpose Ledger. After implementing SPL, we are generating documents and getting the postings into SPL. Now I need to bring the previous postings which were entered before Special Purpose Ledger Setup. Please Help me on how to bring the transacctional data into Special Purpose Ledger.
2). Is it possible to define A/R Aging by Customers? in Special Purpose Ledger by using Report Painter?
3). What is the use of Allocation Cycles like Assessment and Distribution in Special Purpose Ledger?
Please clarify me on above 3 points.
Thanks
Yadayya
Edited by: Dogdays on Aug 5, 2011 8:02 AM
Edited by: Dogdays on Aug 5, 2011 8:03 AMI have experience in intergrating project accounting to the general ledger in a data warehouse using discoverer to show the results.
The solution I developed for my compnay is to ensure all entries from all sub-ledgers including manual journal entries are moved to the data warehouse tables have project information based on PA autoaccounting rules.
The company I work for was interested in viewing reports that cubed cost centers (dept's.) to projects and to translate all entries (not just account balances) to USD for thier foriegn set of books. So, projects can be seen company wide in USD at lowest entry level. The solution I gave them solved the problem and they are able to view reports and evaluate costs by cost centers and projects on an enterprise wide application.
If this is what you are looking for let me know.
about my self : I have a B.S. in Computer Science (Theoretical Track) and 17 yrs of accounting and book keeping experience including consolidation and multi-currency sets of books. -
Freight Charges Accounting through SLA
Dear All
I have a requirement to hit different natural accounts in accounts receivable for different charges applied at order level. As all/ combine charge amount is booked in single natural account as given in autoaccounting rule - standard functionality.
Kindly help in this regard.
Thanks in Advance,
UmairHi,
Can you pls try by passing this parameter value too.
l_header_adj.adjusted_amount := 5;
Thanks,
Praveen -
Grants-Projects/Awards Reconciliation & GL
What are the main reasons for reconciliation problems between Projects and Awards, including summary and detailed information??
Grants and GL reconciliation-main problems? The project and award segments in GL are necessary? If not, how to reconciliate Grants with GL?
Thanks in advance
ACFI have experience in intergrating project accounting to the general ledger in a data warehouse using discoverer to show the results.
The solution I developed for my compnay is to ensure all entries from all sub-ledgers including manual journal entries are moved to the data warehouse tables have project information based on PA autoaccounting rules.
The company I work for was interested in viewing reports that cubed cost centers (dept's.) to projects and to translate all entries (not just account balances) to USD for thier foriegn set of books. So, projects can be seen company wide in USD at lowest entry level. The solution I gave them solved the problem and they are able to view reports and evaluate costs by cost centers and projects on an enterprise wide application.
If this is what you are looking for let me know.
about my self : I have a B.S. in Computer Science (Theoretical Track) and 17 yrs of accounting and book keeping experience including consolidation and multi-currency sets of books. -
Intercompany Implementation Options (in Projects) vs GIS
Our company is project based and we utilize the intercompany billing between OUs. We've defined our Provider and Receivers in our Project module Implementation Options. We don't import any other non-Oracle intercompany transactions via interfaces. We've defined our AutoAccounting rules and clearing accounts. Can you tell me what we are doing differently than in GIS? What is GIS ?
If these are full size images, you really don't need to go above 300 ppi. I would save as TIFF or PSD unless you have a compelling reason for not doing so. JPEG applies compression every time you save and close the image, so you'll want to convert to another format for working anyway, and storage is cheap now. (There's a difference between ppi and dpi, although scanner makers ignore it. You want the highest possible dpi when printing, but the human eye cannot distinguish much difference when you go above 300 ppi. If you want to make extra sure, go to 600, but that's not going to provide more useful information to a printer, really. Mostly just a much larger file size.)
I would also scan in color. When you scan in greyscale you are saving much less information, and you might want that someday. -
Opinions on how to keep Projects and GL in balance with each other
We have a custom process that takes an Excel spreadsheet and allows the users to enter a Project transaction and a GL journal. We then have a program that splits the data between projects and GL and ftps the to the appropriate interface table. Within that program that splits the data, it also creates a clearing transaction for the total of the Projects dollars to be sent to GL. When Projects runs the Interface to GL, it uses Autoaccounting rules to credit the clearing account that was sent with the original entry. This is their way of keeping these specific entries in Projects and GL 'in sync'. How would you do this with standard functionality in Projects and GL? Do you have a similar business need to make an entry in GL and a matching entry in Projects? If so, how do you make those entries?
Example:
Projects transaction
expenditure type 70100,
Project 1/task1 100
GL journal
Account 11000 100
Clearing account 15505 -100
Run Distribute in PA
AA Rule account is 15009 -100
Run interface to GL from PA
AA Rule account is 15505 100
15505 is the clearing account between GL and PA.Hi
If there is a logic that could be code using SQL statement, you may be able to use it to derive the AA credit cost clearing account.
If the clearing account is not based on any rules, then you might need to continue with existing process.
Dina -
1Z0-213 exam question clarification
Hello folks,
I am preparing exam for 1Z0-213.
I don't know the answer for the following oracle receivable question. Anybody can clarify the answer of this.
Thanks, Raghu.K
Question :-
Your company uses a three segment accounting flexfield to represent your chart of accounts
(Company-department-account) you are now defining your autoaccounting rules in oracle receivables. you decide
That the company segment will use a constant of 01, Department will use the transaction type on the invoice, and
account will use the item on the invoice. You enter an invoice containing a transaction type called consulting invoice
(Which has been set up with a revenue account of 02-110-4110), an item called ABC400 (which has been setup with a
revenue account of 02-110-4150), and a customer called XYZ Electronics (which has been setup up with a revenue
account of 10-120-4130). What will be the resulting revenue account created by auto accounting for this invoice?
Answer:-
A) 02-110-4110
B) 02-110-4150
C) 01-110-4110
D) 01-110-4150
E) 01-120-4130
Edited by: raghu_pathi_kr on Sep 4, 2008 11:41 AMWhere this question is coming from? Please note that the braindumps are a clear violation of the certification NDA (Non-Disclosure Agreement).
Maybe you are looking for
-
Space issue in Firefox related to Flash banner
I have a website with validated XHTML and CSS that displays an unwanted space only in Firefox under a Flash banner. The site has been tested in IE6/7/8, Firefox, Chrome, Safari, Opera, AOL, and Netscape. Firefox is the only problem. After posting
-
Can't sort out the following errors...
continued from routing system message..... *****CODE**** package routingSystem; public class Router { //attributes private Machine machineArray[]; //this array is of type Machine. the name // could be different. private Machine packingMachine; //The
-
IPhoto Library's Lost All Photos
OS 10.4.10 Ibook G4 1.5 GB Ram iPhoto 5.0.4 Hi, My first time on iPhoto group. I've been using iPhoto successfully since I got my mac, 2 years ago. I may not be using many of the features available. I download digital pictures, and I take pictures of
-
Hi I know in iTunes we can change the sort order of albums. But how do you do change the sort order of albums on the iPod when you are in the 'Cover Flow' menu? Sam
-
I am a new user of i-pad 2 and I find problem while trying to transfer some pdf file from my non apple laptop. Help me to inform How to do the same...