ASA 5505 getting dchp from the outside interface

Similar Messages

• Relay settings to get mail from the outside world

  Hello. First, let me say - I'm a mail newbie, so be gentle.
  I've just recently set up my mail server, and I am having an issue where I can receive mail from some people and not from others. Those who cannot send me mail get an error about the relay not accepting it. In server admin, I have checked accept SMTP relays only from these hosts and networks, and I have put in 127.0.0.1/32 and my server's ip/32 (at the advice of apple tech support when I was configuring mail). Is something missing here that would allow me to receive mail from anyone? Thanks in advance for any help.

  Here you go. Thank you.
  Admin$ postconf -n
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  content_filter =
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  enableserveroptions = yes
  html_directory = no
  inet_interfaces = all
  mail_owner = postfix
  mailboxsizelimit = 0
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  messagesizelimit = 10485760
  mydestination = $myhostname,localhost.$mydomain,localhost,brainart.biz,www.artsmiths.biz,artsmi ths.biz,www.brainart.biz,mail.artsmiths.biz,smtp.artsmiths.biz,mail.brainart.biz ,smtp.brainart.biz
  mydomain = artsmiths.biz
  mydomain_fallback = localhost
  myhostname = artsmiths.biz
  mynetworks = 127.0.0.1/32,70.90.83.165/32
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpdpw_server_securityoptions = none
  smtpdrecipientrestrictions = permitmynetworks,reject_unauthdestination,permit
  smtpdsasl_authenable = no
  smtpdtls_keyfile =
  smtpduse_pwserver = no
  unknownlocal_recipient_rejectcode = 550

• How do I block pings from the outside to the ASA 5505 outside interface?

  I was asked to block pings from the internet to the outside interface of our ASA-5505 firewall.  I found a post that said to enter "icmp deny any outside", however that does not do it.
  I created an ACL to try and do the trick, also to no avail:
  access-list outside_in extended permit icmp any any echo-reply
  access-list outside_in in interface outside
  access-group outside_in in interface outside
  Anyone have a clue what I'm doing wrong?  I'm not the firewall guy as you can tell.  :/
  Thanks in advance...
  Block / Deny ICMP Echo (Ping) on Cisco ASA Outside Interface
  Most networks that you protect with a Cisco ASA device, will probably want to deny ICMP (maybe not all ICMP types, but a lot of network admins will want to block ICMP Echo, etc.) on the outside interface. This will make the network harder to find through external enumeration, but not impossible.
  ASA5505(config)#icmp deny any outside
  You will deny ICMP on the outside interface, but if you include ICMP as a protocol in the default global policy map, you can ping from the inside to any host on the outside, and it will be permitted back through the ASA, as it knows about the previous ICMP “connection

  You are allowing echo-reply, thus it will reply to a ping
  try this ACL:
  icmp deny any echo-reply outside
  From: 
  https://supportforums.cisco.com/thread/223769
  Eric

• How can I periodicaly get data from a CAN interface that works in "Transmit by response" mode??

  Hello Again!
  I am a very new user of LabView, and last week I got the order to implement a Comunication with  a CAN interface.
  I am trying to get Information from a CAN interface, that works as a "slave", as it is said in the very short handbook. This means it only responds, when it is asked to.
  As i want to get the 20 different datas periodicaly it would be fine to do this in a kind of loop. This means:
  -tell the interface to send data1
  -read data 1
  -tell the interface to send  data 2
  Are there any examples or ideas, how to create similar loops? 
  As I am absolutely no expert in computing, it would be nice if you answer with very little technical terms...
  Thanks RT

  Hi RT,
  Try the attached example, which writes a remote frame to your slave and reads the response. It is doing this 20 times in a for loop and a specified timing.
  Hope that helps.
  DirkW
  Attachments:
  CAN Receive Periodic using Remote.vi ‏97 KB

• Get certificate from the browser

  Hi friends!,
  I am working with an application to get files from the client machine, to sign those files with the client's certificate and send those sign to the server.
  The application get the client's certificate from a key store, but I want the applet will get the certificate from the browser.
  Is that possible?.
  Thanks and sorry for my little english. Greetings from Venezuela.

  If all you're looking for is Client SSL Authentication, then you don't need to access the digital certificates through an applet; just enable ClientAuth on your web-server and let the browser handle it for you. While I haven't tried this with Chrome, Safari or Opera, I know for a fact that this works on Firefox and IE.
  If you're trying to access the digital certificates/keys in the browser-keystore for digitally signing some content that the applet creates, you're going to have far more difficulty. About 10-12 years ago, Netscape provided an API that allowed you to digitally sign text-content through JavaScript. That died a quiet death, I think, since I don't know of anyone who used that capability (outside of test environments).
  Years later, Mozilla added the ability to digitally sign XML content using XForms; there is even an add-on for Thunderbird (which uses the same libraries as Firefox for PKCS work): https://addons.mozilla.org/en-US/thunderbird/addon/4522/.
  However, to the best of my knowledge, the only way you can get an applet to access the borwser's keystore today is to have the security policy on the client-machine modified to provide access to the local file-system, and the applet then pretty much deals with the keystore and its objects through JCE.
  But, if I'm reading your post correctly, I think all you're looking for is SSL ClientAuth, for which you don't need to do anything other than enable it on your web-server that hosts the applets, and let the browser do the heavy lifting.
  Arshad Noor
  StrongAuth, Inc.

• Do I need to get authorization from the software owner?

  I am using Captivate to do a software simulation. Do I have to get authorization from the software owner for sale my simulation of his software? Is the screencapture are copyrighted?
  Thank you.

  I'm actually trying to find out about using screenshots of Adobe software. I've done some Premiere Pro tutorials and I'd like to monetize them on YouTube but their conditions state "You can monetize videos showing software user interface only if you have a contract with the publisher or you have paid a licensing fee".
  I'm hoping that Adobe's Permissions and trademark guidelines (http://www.adobe.com/misc/permissions.html) would be enough but there's a problem there too. Adobe's conditions state "Your use must contain the entire screenshot. You may not use portions of the screenshots". That's hopelessly restrictive - obviously I want to be able to zoom in and show closeups of the interface. There's a form to apply for special permission (http://www.adobe.com/misc/pdfs/PermissionRequestForm.pdf) but it's not practical (e.g. every single usage must be renewed annually). I can't believe that all those tutorial producers on YouTube are jumping through these hoops to get the right permissions.
  So what is everyone doing? Just ignoring the whole permission thing and hoping for the best?

• Best Practices for configuring ICMP from the outside

  Question,
  Are there any best practices or best recommendations on how ICMP should be configured from the outside? I have been cleaning up the rules on our ASA as a lot were simply ported over years ago when we retired our PIX. I noticed that there is a rule to allow ICMP any any and began to wonder how this works when the rules above are specific IP addresses and specific ports. This in thurn started me looking to see if there was any documentation or anything to help me determine a best practice. Anyone know of anything?
  As a second part how does this flow on a firewall if all the addresses are natted? It the ICMP traffic simply passed through the NAT and the destiantion simply responds?
  Brent                   

  Here you go, bro!
  http://checkthenetwork.com/networksecurity%20Cisco%20ASA%20Firewall%20Best%20Practices%20for%20Firewall%20Deployment%201.asp#_Toc218778855
  access-list inside permit icmp any any echo
  access-list inside permit icmp any any echo-reply
  access-list inside permit icmp any any unreachable
  access-list inside permit icmp any any time-exceeded
  access-list inside permit icmp any any packets-too-big
  access-list inside permit udp any any eq 33434 33464
  access-list deny icmp any any log
  P/S: if you think this comment is useful, please do rate them nicely :-)

• Blocking unsolicited echo-reply from the outside of firewall

                     What is the easiest way to stop unsolicited icmp echo-reply packets coming from the outside of an Cisco ASA 5500 firewall?

  Hi,
  The firewall should now allow any ICMP Echo replys through the firewall if it hasnt seen a Echo for that same reply.
  Instead of allowing Inbound ICMP from the WAN with an ACL you should configure ICMP Inspection
  In a very default ASA configuration they would be added in the following way
  policy-map global_policy
  class inspection_default
    inspect icmp
    inspect icmp error
  Hope this helps
  - Jouni

• Recieving accordion event from the "outside"

  hi;
  i am using the accordion and need to keep track of events,
  specificaly, the only thing i need right now is to know the new
  currentPanelIndex of the accordion after someone clicked a panel.
  what is the best way to do this?
  i already tried hacking the spry.js(hacked into the openPAnel
  function), it worked but i do not want to touch the JS file (so i
  dont have to do this on every upgrade). i
  also tried doing it from the "outside" but i could not get
  it to work (after creating the accordion, i took the panels from
  the accordion, looped and got the tab from each panel and used
  addEventListener(tab,'click',myfunc,false) but in the first
  iteration after the call to addEventListener the loop did not
  continue ).
  any help is appreciated.
  thanks,

  You can extend it from the outside by defining a function
  that overrides openPanel() with a function that calls the original
  openPanel() and then executes whatever code you want. The function
  would look something like this:
  function ExtendOpenPanel(acc)
  var realFunc = acc.openPanel;
  acc.openPanel = function(panel) {
  realFunc.call(acc, panel);
  /* Add your code or function call here! */
  Then call the function after you create the widget:
  var acc1 = new Spry.Widget.Accordion("acc1");
  ExtendOpenPanel(acc1);
  --== Kin ==--

• Is there another way of getting apps from the appstore without putting your credit card number in, ive heard about the itunes gift card thing can anybody just give me more info about that and how i can buy free things free things from the appstorepls help

  Is there another way of getting apps from the appstore without putting your credit card number in, ive heard about the itunes gift card thing can anybody just give me more info about that and how i can buy free things free things from the appstore...pls help as im only a teenager and have no credit credit and my parents dont trust me with theres and they dont care about the fact that you can set up a password/.... PLEASE SOMEONE HELP I WILL BE SO GRATEFUL... And i would really like to get the iphone 4 but if there is no way of etting apps without your credit number then i would have to get a samsung galaxy s3 maybe ...

  You can set up an Apple ID without a credit card.
  Create iTunes Store account without credit card - Support - Apple - http://support.apple.com/kb/ht2534

• Powerpivot Error on Refresh -- "We couldn't get data from the data model..."

  I'm using Excel 2013 and Windows 8.1.  I have a spreadsheet I've been using for over a year, and I've just started getting this error message when I try to refresh the data.
  "We couldn't get data from the Data Model.  Here's the error message we got:
  The 'attributeRelationship' with 'AttributeID' - 'PuttDistCat9' doesn't exist in the collection"
  Any idea how I can fix this problem?  I haven't changed anything related to that particular attribute.  All the data is contained in separate sheets in the workbook, so there are no external sources of data.
  Thanks.
  Jean

  Thanks for all the suggestions.
  I found a slightly older version of the spreadsheet that still refreshes properly, so I don't think I have any issues with the version of Excel or Power Query.  (I've had this same error before, and I believe I applied the hotfix at that time.)
  I think this problem started after I updated a number of the date filters in the pivot tables.  I haven't made any changes to the data model, and the only updates I've made were to add data (which I do all the time), and to change the date filters on
  the pivot tables.
  As suggested, I added a new pivot table querying one table (the table with the attribute that shows up in the error message), and it worked fine.  I can also refresh this pivot table.
  Then I tried adding a pivot table which went against several tables in the data model (including the table in question).  The pivot table seemed to return that data properly.  However, when I tried to refresh it, I got the same error message ("we
  couldn't get data from the data model..."). 
  Dany also suggested running the queries one at a time to see which one is in error.  Without checking all the pivot tables, it appears that any which use the table "HolePlayedStrokes" generate the error (this is the table with the attribute
  mentioned in the error message).  Pivot Tables without that particular table seem to refresh OK.  Unfortunately, that is the main table in my data model, so most of the pivot tables use it.
  Any other suggestions?  I'd be happy to send a copy of the spreadsheet.
  Thanks for all the help.
  Jean

• My iphone won't allow me to get apps from the store i have changed my region but it says my postcode is wrong

  My iphone won't let me get apps from the store and it says my country is not valid I have changed it and it says my postcode o wrong

  Also see the link below.
  http://support.apple.com/kb/HT5018?viewlocale=en_US

• Could you please tell me why as a Brit resident in Japan therefore having a billing address that is Japanese is forced to only get service from the Japanese online store? Is there not some way of allowing me to select movies and music to buy and download

  Could you please tell me why as a Brit resident in Japan therefore having a billing address that is Japanese is forced to only get service from the Japanese online store? Is there not some way of allowing me to select movies and music to buy and download from other stores. Why do am i forced to try to nread Japanese when I have selected English as my language. The price for Downloads is no different and even if it was I am happy to pay. This also applies to Movie rental which is crazy and extremely restrictive. I a supposed GLOBAL community why does Apple do this.

  You can buy ONLY from the itunes store of your country of residence (As proven by valid billing address of credit card) and ONLY while inside the borders of that country.
  These are the terms of the itunes store.

• I've connected my ipad to my TV via hdmi but cannot get sound. Is there a way to get sound from the TV?

  I'd like to get sound from the tv for my keynote presentations. Is there a way to do this via the hdmi connection? Or do I need to connect an 'audio-out? Thanks in advance for your help

  the hdmi should transfer both sound and picture
  http://store.apple.com/us/product/HFQL2VC/A/moshi-mini-displayport-to-hdmi-adapt er-4k?fnode=a8e08a2bb3c16bf3cd606aecff68b12c10fe327cd7b063c9bbc492e57158bbfa0778 d5b941eb2a8c1c5f2e25e51cf7b82e193c9a722651b3fc2694996f7b5281b8bf4338c46284247b76 ccce6907fa6caee062d974158ee4d0336fca558384426e7a6c6cbf3ee58c8f53f8db53c9ef91
  Supports multi-channel digital audio output on compatible devices
  make sure your ipad is not muted
  make sure you volume is not all the way down
  make sure audio play out of the ipad when not connected to the hdmi adapter
  if you did and it don't work then it's likely an issue with the connetor
  or the tv or it's settings

• Open script cannot get connection from the brower helper after 15 seconds.

  Error:
  ===
  Open script cannot get connection from the brower helper after 15 seconds. Do you want to continue waiting for the browser to load?
  Please Note:
  ========
  1. I have tried this only on IE
  2. I am running OATS on a Remote desktop
  Situation:
  ======
  Trying to stop the recording
  Try to get xpath of an object using Inspect Path
  Setup details
  ========
  Windows XP 5.1 Service Pack 3, x86
  OpenScript 12.1.0.1.383
  Internet Explorer 8.0.6001.18702
  FireFox 13.0.1
  Mitigation steps done till now:
  ==================
  1. Disabled windows firewall
  2. Disable XSS filter setting
  3. Restarted the ATS services (3 of them)
  4. Run the Open Script Diagnosis Tool (PS: There are 3 errros even after running it. The 3 errros are listed in the workspace_log log file snippet below...)
  Error in worspace_log:
  =============
  To Change setting:
  Go to Tools > Internet Options and Choose Security Tab
  Select the Zone to modify and Press Custom level
  Find Enable XSS filter Setting - Select Disable and click Ok
  !ENTRY oracle.oats.scripting.diagnosisTool.api.DiagnosisExecutor 4 0 2012-07-09 17:08:52.594
  !MESSAGE Failure found when diagnosing Oracle EBS/Forms Load Testing Forms LT Diagnoser
  !ENTRY oracle.oats.scripting.diagnosisTool.api.DiagnosisExecutor 4 0 2012-07-09 17:08:52.594
  !MESSAGE Did not auto-fix the problem.
  !ENTRY oracle.oats.scripting.diagnosisTool.api.DiagnosisExecutor 4 0 2012-07-09 17:08:52.594
  !MESSAGE Suggestion for fixing: Please change your Java proxy setting to Use Browser Settings
  Aprreciate help on this.

  To resolve this, you need to reconfigure the "Oracle Application Testing Suite Helper Service" (OATSHelperSvr) to start as a user who has privledges to run open script tests rather than the default SYSTEM user.
  Reconfiguring the OATSHelperSvr Service:
  1. Open the services panel (Start > Run > services.msc)
  2. Find the Oracle Application Testing Suite Helper Service
  3. Right Click > Properties then select the Log On Tab
  4. Specify an interactive user that has rights to run OpenScript (test by logging in as that user and running tests):
  5. Click OK
  6. Restart the service after dialogs are closed by Right Click > Restart
  7. You should now repeat this process for the "Oracle Application Testing Suite Agent Service" (eLoadAgentMon) Service (Two services in
  total)
  You should now retry running the test in Oracle Test Manager