Branch office setup with L3 switch and router with IOS security
Hello,
I am in the process of putting together a small branch office network and I am in need of some design advise. The network will support about 10-15 workstations/phones, 3-4 printers, and 4-5 servers. In addition we will eventually have up to 25-30 remote users connecting to the servers via remote access VPN, and there will also be 2-3 site-to-site IPSec tunnels to reach other branches.
I have a 2911 (security bundle) router and 3560 IP Base L3 switch to work with. I have attached a basic diagram of my topology. My initial design plan for the network was to setup separate VLANs for workstation, phone, printer, and server traffic. The 3560 would then be setup with SVIs to perform routing between VLANs. The port between the router and switch would be setup as a routed port, and static routes would be applied on the switch and router as necessary. The thought behind this was that I'd be utilizing the switch backplane for VLAN routing instead instead of doing router-on-a-stick.
Since there is no firewall between the switch and router my plan was to setup IOS firewalling on the router. From what I am reading ZBF is my best option for this. What I was hoping for was a way to set custom policies for each VLAN, but it seems that zones are applied per interface. Since the interface between the router and switch is a routed interface, not a trunk/subinterface(s), it doesn't seem like there would be a way for me to use ZBF to control traffic on different VLANs. From what I am gathering I would have to group all of my internal network into one zone, or I would have to scrap L3 switching all together and do router-on-a-stick if I want to be able to set separate policies for each VLAN. Am I correct in my thinking here?
I guess what I am getting at is that I really don't want to do router-on-a-stick if I have a nice switch backplane to do all of the internal routing. At the same time I obviously need some kind of firewalling done on the router, and since different VLANs have different security requirements the firewalling needs to be fairly granular.
If I am indeed correct in the above thinking what would be the best solution for my scenario? That is, how can I setup this network so that I am utilizing the switch to do L3 routing while also leveraging the firewall capabilities of IOS security?
Any input would be appreciated.
Thanks,
Austin
Thanks for the input.
1. I agree, since I have only three to four printers, they need not be in a separate VLAN. I simply was compartmentalizing VLANs by function when I initially came up with the design.
2. Here's a little more info on the phone situation. The phones are VoIP. The IP PBX is on premise, but they are currently on a completely separate ISP/network. The goal in the future is to converge the data and voice networks and setup PBR/route maps to route voice traffic out the voice ISP and data traffic out the other ISP. This leads up to #3.
3. The reason a router was purchased over a firewall was that ASA's cannot handle routing and dual ISPs very well. PBR is not supported at all on an ASA, and dual ISPs can only be setup in an active/standby state. Also, an ASA Sec+ does not have near the VPN capabilities that the 2911 security does. The ASA Sec+ would support only 25 concurrent IPSec connections while the 2911 security is capable of doing an upwards of 200 IPSec connections.
Your point about moving the SVI's to a firewall to perform filtering between VLANs makes sense, however, wouldn't this be the same thing as creating subinterfaces on a router? In both cases you are moving routing from the switch backplane to the firewall/routing device, which is what I am trying to avoid.
Similar Messages
-
Branch Office Setup Error.........
hi all,
when i try to do branch office setup from the webtogo server,the download hangs at one point and dislays this error........ this error does not appear when i do normal setup......
webtgo.exe bad image
"..............mysync_java.dll is not a valid windows image . please check against your installation diskette"
i use oracle 8i database and oracle 9i lite(with latest patchset for 9i lite).
i try to download on windows 2000 professional and 2000 server.....
can anyone provide solution for this???????
Thanks,
Ashok KumarHi again
This are my findings up to this moment
managed somehow to pass the authentication problem and reached this exception
Sync session exception stack trace:
java.sql.SQLException: ORA-01403: no data found
ORA-06512: at "MOBILEADMIN.CONS_EXT", line 216
ORA-06512: at line 1
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:166)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:318)
at oracle.jdbc.driver.T4CTTIoer.processError(T4CTTIoer.java:281)
at oracle.jdbc.driver.T4C8Oall.receive(T4C8Oall.java:636)
at oracle.jdbc.driver.T4CPreparedStatement.doOall8(T4CPreparedStatement.java:185)
at oracle.jdbc.driver.T4CPreparedStatement.execute_for_rows(T4CPreparedStatement.java:799)
at oracle.jdbc.driver.OracleStatement.doExecuteWithTimeout(OracleStatement.java:1211)
at oracle.jdbc.driver.OraclePreparedStatement.executeInternal(OraclePreparedStatement.java:3137)
at oracle.jdbc.driver.OraclePreparedStatement.executeUpdate(OraclePreparedStatement.java:3208)
at oracle.lite.sync.Subscription.executeAndClose(Unknown Source)
at oracle.lite.sync.HeliosSession.startSession(Unknown Source)
To reach this point:
- set the m_conn private member of the heliosSession class with reflection with value from Consolidator.getConnection()
- set the m_client_id public member with username
- set prviate m_passwd private member of heliosSession with reflection with the password.
- to advance, changed in table mobileclient.c$etc_passwd with userpassword instead of null. somehow seems that heliossSession class, in initconvis method is comparring password from the file with that one, that is null. I don't know all the implications of this.
Hope it helps
Florin -
Hello All.
I have a problem with a branch office setup, and I can't for the life of me think of what the problem is.
I have a remote office setup, using an ASA 5505 that is set up to establish an easy vpn connection to the central network. The connection at the branch office is a 20/5 cable modem, the central network has a 25/25 fiber connection.
The issue I have is this. Wired clients work fine at this branch office, at least 95% of the time. I have a lightweight AP there that can come up and join the controllers at the central network, no problem. I haven't done anything with H-REAP because there are really no resources locally they need that would allow them to do their work, so all traffic is tunneled back to the WLC.
Wireless clients can authenticate to the AP, and I can get 15-20ms ping responses from them all day. Latency never comes close to the 600ms proposed limit with CAPWAP. Yet, for some reason the performance of the clients is problematic. Webpages will frequently not load correctly, they experience some freezing, and with one application we use - it refuses to load completely.
If we bring these same computers to an AP connected to our central network, on the same SSID, they work flawlessly.
Something about this particular location is causing a lot of grief for our users.
For what it's worth, we are running WCS 7.0.230.0 and the WLCs are on 7.0.116.0. The ASA is running a pretty basic configuration, pretty much out of the box with the easy vpn configuration entered.
Any help on this would be appreciated, I am at my wit's end with this setup.Yes, 20/5 Download/Upload.
So I did as you suggested, here are the results with a 1400 byte packet:
Ping statistics for 172.16.253.50:
Packets: Sent = 100, Received = 99, Lost = 1 (1% loss),
Approximate round trip times in milli-seconds:
Minimum = 17ms, Maximum = 2208ms, Average = 42ms
That 2208ms response was an anomaly. I ran it again and got this:
Ping statistics for 172.16.253.50:
Packets: Sent = 100, Received = 100, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 16ms, Maximum = 93ms, Average = 21ms
With this one specific application we're testing with - it stops loading at a predictable point, every time. However, I can remain VNC'd to this machine the entire time, and do anything else on the machine, but the application will fail to load at the same point every time. But like I said, if I bring that client back to our main network, it works just fine, so it's not the application itself causing the problem, and we have other, smaller issues with other applications we have. It's really bizarre.
It's really not acting like interference. I just set up a new site with an identical configuration - but with a 3502i AP, and I can replicate the behavior at that location too. Unfortunately at this time we don't have anything to study the traffic with - I actually have a call on a solution for that this afternoon. -
Using another switch or router with TC???
Do you use another ethernet switch or router with an integrated ethernet switch with your TC??? How do you have things setup?
BTW: I'm running out of physical ethernet ports and I need to use Vonage...
RIf you're out of LAN ports then yes, you need a switch. Plug it into your TC and plug other stuff into the switch. Simple.
When buying a switch, remember one of its ports will be occupied by the connection to the TC. For example, if you're using all three TC LAN ports, buying a five port switch results in a net gain of only three ports: one of them is needed for the uplink, and the one you had to unplug from the TC must now be connected to the switch... three remain.
Fortunately they're not expensive. -
Which Switch and Router to choose?
I am interested in purchasing a Cisco Switch and Router, or possible a Cisco Switch Router.
However, I am not sure of what model to go with.
Currently, we have a network with about 200 Workstations and 30 Servers for our Corporation Infrastructure.
Also, for our lab, we have about 50 Linux Based Servers, and 30 Solaris Based Servers, that are part of our Network. We are a Research and Development Company, and we have had issues with the Lab machines bringing down our network, as well as our corporate network adversely affecting the lab machines. What we would like to do is segment the network so that the different areas will be isolated. However, we also would like to have a lot of control over the traffic that will be able to cross from our network into the lab so that users will still be able to run their tests.
Security is also an issue, and it would be great to have more control, and a better view of what kind of traffic is running through our network.
Currently, we have about 8 Gigabyte Switches which are unmanaged (Linksys and NetGear). Our idea was to get a 1 or 2 Cisco Switch Routers, and then split them up into VLANS and cascade our current switches so that we can still make use of them. The other ideas was to just get a Cisco Switch and use our CheckPoint Router/Firewall to do the routing.
Can you give me any advice as to what model of Cisco Product you would recommend?
Is it better to go with a Switch Router, or simply get a separate Switch and Router?
Please note that all of our Machines have 10/100/1000 NICs, so the device will need to be Gigabyte.
Thanks you so much!You have two choices. Either to use a chassis based solution or to use stacable switches such as a 3750. Are all the cat 5(or 5e,6) runs coming into one centralized location ? Or are there separate wiring closets that you plan to put. If then we need to put separate switches at those locations and run fiber back to the central location which has a chassis based or stackable switch.
If using a chassis based solution, you can get a 4506 (4507 for redundancy, with a redundant supervisor engine). Supervisor engine is nothing but the CPU of the switch. 4506 is a 6 slot modular switch with 2 power supplies for redundancy. You cannot add two Supervisor engines on a 4506 (4507 can).
Slot 1 is always for supervisor engine, the remaining 5 slots you can fill using 48 port 10/100/1000 modules.(48 * 5 = 240). So your maximum port density is 240 ports on a 4506. (Note that there are 4507, 4510 which are similar models with more slots)
If using 3750, you can stack upto 9 switches in a stack using stacking cables on the back side of the switch. Each switch will have 48 ports (10/100/1000) and you can stack 5 switches to get 240 ports.
For the firewall I would recommend using a PIX 515E, (Why go for Checkpoint firewall when you can use all Cisco). For routing between the vlans, the switches that I recommended above are all Layer 3 switches. They will route between the different vlans. You can also configure ACLs to restrict traffic between multiple vlans.
HTH -
Not Working-central web-authentication with a switch and Identity Service Engine
on the followup the document "Configuration example : central web-authentication with a switch and Identity Service Engine" by Nicolas Darchis, since the redirection on the switch is not working, i'm asking for your help...
I'm using ISE Version : 1.0.4.573 and WS-C2960-24PC-L w/software 12.2(55)SE1 and image C2960-LANBASEK9-M for the access.
The interface configuration looks like this:
interface FastEthernet0/24
switchport access vlan 6
switchport mode access
switchport voice vlan 20
ip access-group webauth in
authentication event fail action next-method
authentication event server dead action authorize
authentication event server alive action reinitialize
authentication order mab
authentication priority mab
authentication port-control auto
authentication periodic
authentication timer reauthenticate server
authentication violation restrict
mab
spanning-tree portfast
end
The ACL's
Extended IP access list webauth
10 permit ip any any
Extended IP access list redirect
10 deny ip any host 172.22.2.38
20 permit tcp any any eq www
30 permit tcp any any eq 443
The ISE side configuration I follow it step by step...
When I conect the XP client, e see the following Autenthication session...
swlx0x0x#show authentication sessions interface fastEthernet 0/24
Interface: FastEthernet0/24
MAC Address: 0015.c549.5c99
IP Address: 172.22.3.184
User-Name: 00-15-C5-49-5C-99
Status: Authz Success
Domain: DATA
Oper host mode: single-host
Oper control dir: both
Authorized By: Authentication Server
Vlan Group: N/A
URL Redirect ACL: redirect
URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
Session timeout: N/A
Idle timeout: N/A
Common Session ID: AC16011F000000490AC1A9E2
Acct Session ID: 0x00000077
Handle: 0xB7000049
Runnable methods list:
Method State
mab Authc Success
But there is no redirection, and I get the the following message on switch console:
756005: Mar 28 11:40:30: epm-redirect:IP=172.22.3.184: No redirection policy for this host
756006: Mar 28 11:40:30: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
I have to mention I'm using an http proxy on port 8080...
Any Ideas on what is going wrong?
Regards
NunoOK, so I upgraded the IOS to version
SW Version: 12.2(55)SE5, SW Image: C2960-LANBASEK9-M
I tweak with ACL's to the following:
Extended IP access list redirect
10 permit ip any any (13 matches)
and created a DACL that is downloaded along with the authentication
Extended IP access list xACSACLx-IP-redirect-4f743d58 (per-user)
10 permit ip any any
I can see the epm session
swlx0x0x#show epm session ip 172.22.3.74
Admission feature: DOT1X
ACS ACL: xACSACLx-IP-redirect-4f743d58
URL Redirect ACL: redirect
URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
And authentication
swlx0x0x#show authentication sessions interface fastEthernet 0/24
Interface: FastEthernet0/24
MAC Address: 0015.c549.5c99
IP Address: 172.22.3.74
User-Name: 00-15-C5-49-5C-99
Status: Authz Success
Domain: DATA
Oper host mode: multi-auth
Oper control dir: both
Authorized By: Authentication Server
Vlan Group: N/A
ACS ACL: xACSACLx-IP-redirect-4f743d58
URL Redirect ACL: redirect
URL Redirect: https://ISE-ip:8443/guestportal/gateway?sessionId=AC16011F000000510B44FBD2&action=cwa
Session timeout: N/A
Idle timeout: N/A
Common Session ID: AC16011F000000160042BD98
Acct Session ID: 0x0000001B
Handle: 0x90000016
Runnable methods list:
Method State
mab Authc Success
on the logging, I get the following messages...
017857: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_qualify ...
017858: Mar 29 11:27:04: epm-redirect:epm_redirect_cache_gen_hash: IP=172.22.3.74 Hash=271
017859: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: CacheEntryGet Success
017860: Mar 29 11:27:04: epm-redirect:IP=172.22.3.74: Ingress packet on [idb= FastEthernet0/24] matched with [acl=redirect]
017861: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Enqueue the packet with if_input=FastEthernet0/24
017862: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: In epm_host_ingress_traffic_process ...
017863: Mar 29 11:27:04: epm-redirect:IDB=FastEthernet0/24: Not an HTTP(s) packet
What I'm I missing? -
Has anyone deployed converged access with 3850 switches and 5760 WLCs?
Has anyone deployed a converged access network architecture with 3850 switches and 5760 WLCs? I have done lots of projects with the 5508 WLCs In a centralized deployment. Basically with this design, I manage 2 logical networks as the wireless network is an overlay over the wired network. I can design firewall to segregate traffic between the wired and wireless hence I can carry both staff and guest traffic.
Now Cisco is telling us that there is new design such that the dats plane traffic can be dropped locally through the 3850 switched. I am not sold on this and have not found any recommended best practices on when should we use a converged access architecture.
Pros
With converged access, data traffic is terminated at the MA which is on the switches, hence the WLC will not be a bottleneck? This is to prepare adoption for 802.11ac?
Less hops for voice calls from user A to user B as data control traffic is dropped locally.
Cons
Now how do I segregate guest and staff traffic if my security folks say I need a firewall?
Troubleshooting wireless client mobility will be a nightmare as the 3850 switches are MA.
Pushing and upgrading code for the Code will mean upgrading the stack of switches in the LAN riser. This will be painful in a huge campus environment like an university.
Can someone convince me why would a customer choose converged access?
Sent from Cisco Technical Support iPad AppThey choose CA because of the capwap termination at the switch. You can still use a 5508 and tunnel guest to a DMZ segment if you wish. You will need a 5508 though is you want to tunnel traffic to an anchor WLC.
Sent from Cisco Technical Support iPhone App -
Trouble with CCME 4 and VIC2-2FXO; IOS 12.4(9)T
Trouble with CCME 4 and VIC2-2FXO; IOS 12.4(9)T
I am having trouble making outgoing call or answering incoming call.
When I try to call out from my IP 7961 phone, it fails with the message "unknown number".
For incoming call, it rings but when I pick up the call nothing happens,
Put the receiver back on hook, the phone carries on ringing. I am in UK
and just trying to set up test system with one analogue line. Any help will
be most appreciated. My config of the 2811 router is posted below. All calls ineternally works fine.
Thank you for your help.
hostname Test-CME
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1 10.10.10.10
ip dhcp excluded-address 10.139.139.1 10.139.139.10
ip dhcp pool host
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
option 150 ip 10.10.10.1
ip dhcp pool data
network 10.139.139.0 255.255.255.0
default-router 10.139.139.1
dns-server 10.139.139.5
voice-card 0
no dspfarm
voice service voip
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
supplementary-service h450.12
h323
sip
header-passing
registrar server expires max 3600 min 3600
interface FastEthernet0/1
no ip address
no ip mroute-cache
duplex auto
speed auto
no shut
interface FastEthernet0/1.2
description ** Data VLAN **
encapsulation dot1Q 2
ip address 10.139.139.1 255.255.255.0
interface FastEthernet0/1.3
description ** Voice VLAN **
encapsulation dot1Q 3
ip address 10.10.10.1 255.255.255.0
ip http server
ip http authentication local
no ip http secure-server
ip http path flash:
tftp-server flash:S00104000100.sbn
tftp-server flash:TERM41.7-0-3-0S.loads
tftp-server flash:term61.default.loads
tftp-server flash:term41.default.loads
tftp-server flash:CVM41.2-0-2-26.sbn
tftp-server flash:cnu41.2-7-6-26.sbn
tftp-server flash:Jar41.2-9-2-26.sbn
tftp-server flash:term70.default.loads
tftp-server flash:term71.default.loads
tftp-server flash:cnu70.2-7-6-26.sbn
tftp-server flash:Jar70.2-9-2-26.sbn
tftp-server flash:TERM70.7-0-3-0S.loads
tftp-server flash:CVM70.2-0-2-26.sbn
control-plane
voice-port 0/3/0
connection plar opx 202
caller-id enable
dial-peer voice 1 pots
incoming called-number .
destination-pattern 9T
port 0/3/0
telephony-service
load 7914 S00104000100
load 7941 TERM41.7-0-3-0S
load 7961 TERM41.7-0-3-0S
load 7970 TERM70.7-0-3-0S
max-ephones 20
max-dn 40
ip source-address 10.10.10.1 port 2000
calling-number initiator
service phone videoCapability 1
system message MKC CME
url services http://10.10.10.1/voiceview/common/login.do
url authentication
http://10.10.10.1/voiceview/authentication/authenticate.do
time-zone 21
date-format dd-mm-yy
voicemail 600
max-conferences 8 gain -6
call-forward pattern .T
call-forward system redirecting-expanded
moh music-on-hold.au
web admin system name admin secret 0 test
dn-webedit
time-webedit
transfer-system full-consult dss
transfer-pattern 9.T
secondary-dialtone 9
create cnf-files
ephone-dn 1 dual-line
number 201
label 201
description Sarah
name Sarah
ephone-dn 2 dual-line
number 202
label 202
description Vitthal
name User2 Vitthal
ephone-dn 3 dual-line
number 203 secondary
label 203
description Neil
name User3 Neil
ephone 1
video
username "user1" password 201
mac-address 0018.18EE.947F
type 7961 addon 1 7914
button 1:1
ephone 2
video
username "user2" password 202
mac-address 0018.18BB.B973
type 7941
button 1:2
ephone 3
video
username "user3" password 203
mac-address 0018.1885.6BA2
type 7970
button 1:3Hi
Please find enclosed debug attachment for voice ccapi and ephone. First, I called from outside. Extension 202 rings but when I answered on extension 202 nothing happens. Replace the rceiever and the pone starts ringing again.Second step. I tried to call out by dialing 9 and then number but after a while phone displays unknown number.
Thank you for your help.
Vitthal -
I have a Macbook Pro running Leopard 10.5.8. I had a problem with my my operating system (my fault, I moved a file I shoudnt have) couldnt boot up but was able to boot up from a backup. I managed to repair my original system except now all the system folders, including hidden folders are littered with duplicate folders and files with the suffix (from old Mac). For the most part the dupes are an exact copy, but not always. I want to remove them to free up space and cant imagine duplicate folders in the /system/library are not hindering my computer. But I dont know where to start and am afraid of doing irreparable damage. Any ideas
pacull,
Use iCal>View>Show Notifications to choose what to do with the notification. -
I can't install ADE on my PC, because as I try to open it a message of error appears to me: The application will be closed. I've already try with different browsers and also with the manual installation, but nothing..
1
Close all iWork applications
2
Uninstall Keynote; this must be done with an application remover tool to delete the installation properly. Appcleaner is known to work correctly for this purpose, it is free and can be downloaded from here: Appcleaner Download
3
empty the trash
4
shutdown the Mac and restart. After the start up chime, hold down the shift key until the apple logo appears
let the Mac complete the start up procedure completely, it will take longer than usual as the hard drive is being repaired
5
Reinstall Keynote by logging into the Mac App Store using download / install -
APPLE DOCKING STATION NO LONGER WORKS WITH TOUCH 3G and 4G after ios 4.2.1
APPLE DOCKING STATION NO LONGER WORKS WITH TOUCH 3G and 4G after ios 4.2.1 update.
I have both of these touches. I updated both 3g and 4g to ios 4.2.1 and poof...no docking station support other than charging, no audio and no remote function. My av/cable works with the tv, and the headphone jack still outputs audio, just no auido through the Apple dock and hte remote is dead. I purchased the dock from the apple store last year and it was working with both ipod 3g and 4g grrrrr...
Is Apple now in the bug trade business?, trade one for another....
Anyone else have this problem?My iPod Touch 3G running 4.2.1 works fine with the Apple docking station.
Perhaps you have a loose cable somewhere and/or a dead battery in your controller? -
Why my MacBook pro with Maverick, when I'm connected with internet key and connect with usb cable my HTC One the Mac restat with error?
Solution may be found if you search in the "More Like This" section over in the right column.
-
What is mechanism to integrate with the rdf and Rtf with concurrent manger
hi
what is mechanism to integrate with the rdf and Rtf with concurrent manger in oracle apps .
can any one help me
Thanks in advance1. Create executable for Oracle Reports.
2. Create a concurrent program based on this executable with output type as xml.
3. Now from XMLP responsibility, create a data definition with data definition short code = concurrent program short code
4. Create template definition choosing the data definition created above. Upload RTF/other template format created.
Now run the concurrent program and test it.
Step by step guide is available here http://www.oracle.com/technetwork/middleware/bi-publisher/overview/xmlebsrep-132947.pdf -
I do a movie whith iMovie. I finalize the project and I pass it to iDvd. Then I do a little menu and I burn my DVD. When I play my DVD on a computer or in my TV it ALWAYS begins directly with the movie and not with the menu... PLEASE HELP!!!!
Go to the Map mode in your iDVD project and make sure the blue bin at the left is empty. That's where you drag slideshows to if you want the DVD to open immediately to that slideshow and bypass the menu.
Click to view full size
If there is an item in there drag it out.
OT -
when i open my emails with outlook first and then with my ipad 4, the ipad does not show me that i have new mail despite that it actually downloads them. iphone 3g and 4s used to show them as new emails. any suggestions?
1. Open iTunes.
2. Click the View option in the iTunes menu.
3. Select the Show Sidebar option.
Connect your phone, select it in the Sidebar...the various tabs will now show as before.
Maybe you are looking for
-
Need help in creating virtual server
Hi I have configured the sun ONE portal server to run on a domain p1.test.com. A default virtual server with the listen socket is existing for this virtual server. But now I need to access the portal with another domain name p1.test.co.in. I have tri
-
Importing into iPhoto, edited RAW photos from Photoshop CS3
I edit all my photos in Photoshop CS3. Sometimes I just batch edit many of them. But when I import these edited images, iPhoto only shows them in unedited form. How do I import these edited images into iPhoto, and yet maintain the edits. I am a profe
-
Sales Order - How to make Delivery Date default to Lead Time?
My scenario is this: - We have items that go thru several production stages before it is a finished item that can be sold. - Each production item has its lead time loaded. - I would like the delivery date of a finished item to equal the sum of the pr
-
Anyone have a pointer to relevant documentation to let me modify the font.properties font file mappings under PJ?
-
Exception triggering Commit work.
Hi , I need to update a seris of tables and they must be transactional, i.e. all the data must be updated or not. I have the following code. *Fetch and Update Reference Profile Data me->process_rp_data( ). *Fetch and Update Request Data me->proce